}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000804}, 0x0) (async)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[], 0x48}, 0x1, 0x0, 0x0, 0x44000}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0x800, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r4, @ANYBLOB="00000077657200000c0002"], 0x3c}}, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r8, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)

[ 2836.339497][ T1211] ieee802154 phy0 wpan0: encryption failed: -22
[ 2836.345906][ T1211] ieee802154 phy1 wpan1: encryption failed: -22
[ 2836.381623][T22718] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2836.394335][T22718] CPU: 1 PID: 22718 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2836.404795][T22718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2836.414890][T22718] Call Trace:
[ 2836.418199][T22718]  <TASK>
[ 2836.421154][T22718]  dump_stack_lvl+0x136/0x150
[ 2836.425874][T22718]  dump_header+0x10a/0xd70
[ 2836.430333][T22718]  oom_kill_process+0x25d/0x600
[ 2836.435219][T22718]  out_of_memory+0x35c/0x1660
[ 2836.439942][T22718]  ? find_held_lock+0x2d/0x110
[ 2836.444744][T22718]  ? oom_killer_disable+0x2b0/0x2b0
[ 2836.449996][T22718]  ? rcu_read_unlock+0x9/0x60
[ 2836.454700][T22718]  ? find_held_lock+0x2d/0x110
[ 2836.459504][T22718]  mem_cgroup_out_of_memory+0x206/0x270
[ 2836.465106][T22718]  ? mem_cgroup_margin+0x130/0x130
[ 2836.470262][T22718]  ? lock_downgrade+0x690/0x690
[ 2836.475154][T22718]  try_charge_memcg+0xf99/0x13a0
[ 2836.480140][T22718]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2836.486183][T22718]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2836.491957][T22718]  ? lock_downgrade+0x690/0x690
[ 2836.496906][T22718]  ? lock_downgrade+0x690/0x690
[ 2836.501824][T22718]  __memcg_kmem_charge_page+0x16e/0x3c0
[ 2836.507437][T22718]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2836.513656][T22718]  copy_process+0x4f9/0x75c0
[ 2836.518323][T22718]  ? __lock_acquire+0xc17/0x5f30
[ 2836.523317][T22718]  ? pidfd_prepare+0x80/0x80
[ 2836.527944][T22718]  ? psi_memstall_leave+0x174/0x250
[ 2836.533170][T22718]  ? lock_downgrade+0x690/0x690
[ 2836.538166][T22718]  kernel_clone+0xeb/0x890
[ 2836.542635][T22718]  ? create_io_thread+0xe0/0xe0
[ 2836.547529][T22718]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2836.553802][T22718]  ? lock_downgrade+0x690/0x690
[ 2836.558714][T22718]  __do_sys_clone+0xba/0x100
[ 2836.563354][T22718]  ? kernel_clone+0x890/0x890
[ 2836.568099][T22718]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2836.574037][T22718]  do_syscall_64+0x39/0xb0
[ 2836.578508][T22718]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2836.584450][T22718] RIP: 0033:0x7f403688d591
[ 2836.588906][T22718] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2836.608555][T22718] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2836.617020][T22718] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2836.625020][T22718] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2836.633024][T22718] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2836.641034][T22718] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2836.649034][T22718] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2836.657053][T22718]  </TASK>
13:48:11 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
r3 = socket(0x26, 0x4, 0x8e71) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="ff00000035002b0f008f41000000000000000200", @ANYRES32=r2, @ANYBLOB="00000000ffffffff000000000800010071667100"], 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r4)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r4, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r5, 0x200, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x8, 0x71}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x34}]}, 0x34}, 0x1, 0x0, 0x0, 0x40070}, 0x20040801) (async)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r9=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r11=>0x0}) (async)
r12 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r11}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
r13 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r14=>0x0})
r15 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r15, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r14}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000400)={&(0x7f0000000500)=@bridge_delneigh={0x5c, 0x1d, 0x20, 0x70bd27, 0x25dfdbff, {0x7, 0x0, 0x0, r11, 0x10, 0x80, 0x7}, [@NDA_NH_ID={0x8, 0xd, 0x5}, @NDA_PROBES={0x8, 0x4, 0x6e}, @NDA_IFINDEX={0x8, 0x8, r14}, @NDA_SRC_VNI={0x8, 0xb, 0x81}, @NDA_FLAGS_EXT={0x8, 0xf, 0x1}, @NDA_SRC_VNI={0x8, 0xb, 0x3}, @NDA_DST_IPV4={0x8, 0x1, @remote}, @NDA_LINK_NETNSID={0x8, 0xa, 0x28d66804}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8090}, 0x40000)
r16 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r16, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r9}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)
ioctl$BTRFS_IOC_BALANCE_CTL(r16, 0x40049421, 0x1)

[ 2836.677526][T22718] memory: usage 307200kB, limit 307200kB, failcnt 15758
[ 2836.690769][T22718] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2836.715331][T22718] Memory cgroup stats for /syz4:
[ 2836.715565][T22718] anon 114688
[ 2836.715565][T22718] file 8380416
[ 2836.715565][T22718] kernel 306061312
[ 2836.715565][T22718] kernel_stack 32768
[ 2836.715565][T22718] pagetables 77824
[ 2836.715565][T22718] sec_pagetables 0
[ 2836.715565][T22718] percpu 5477376
[ 2836.715565][T22718] sock 0
[ 2836.715565][T22718] vmalloc 0
[ 2836.715565][T22718] shmem 8380416
[ 2836.715565][T22718] zswap 0
[ 2836.715565][T22718] zswapped 0
[ 2836.715565][T22718] file_mapped 405504
[ 2836.715565][T22718] file_dirty 0
[ 2836.715565][T22718] file_writeback 0
[ 2836.715565][T22718] swapcached 0
[ 2836.715565][T22718] anon_thp 0
[ 2836.715565][T22718] file_thp 0
[ 2836.715565][T22718] shmem_thp 0
[ 2836.715565][T22718] inactive_anon 4096
[ 2836.715565][T22718] active_anon 8491008
[ 2836.715565][T22718] inactive_file 0
[ 2836.715565][T22718] active_file 0
[ 2836.715565][T22718] unevictable 0
[ 2836.715565][T22718] slab_reclaimable 38216
[ 2836.715565][T22718] slab_unreclaimable 300379584
[ 2836.715565][T22718] slab 300417800
[ 2836.715565][T22718] workingset_refault_anon 0
[ 2836.715565][T22718] workingset_refault_file 0
[ 2836.715565][T22718] workingset_activate_anon 0
[ 2836.715565][T22718] workingset_activate_file 0
[ 2836.715565][T22718] workingset_restore_anon 0
[ 2836.715565][T22718] workingset_restore_file 0
[ 2836.715565][T22718] workingset_nodereclaim 0
[ 2836.715565][T22718] pgscan 0
[ 2836.715565][T22718] pgsteal 0
[ 2836.715565][T22718] pgscan_kswapd 0
[ 2836.715565][T22718] pgscan_direct 0
[ 2836.715565][T22718] pgscan_khugepaged 0
[ 2836.715565][T22718] pgsteal_kswapd 0
[ 2836.715565][T22718] pgsteal_direct 0
[ 2836.715565][T22718] pgsteal_khugepaged 0
[ 2836.715565][T22718] pgfault 385761
[ 2836.715565][T22718] pgmajfault 0
[ 2836.715565][T22718] pgrefill 0
[ 2836.715565][T22718] pgactivate 0
[ 2836.715565][T22718] pgdeactivate 0
[ 2836.715565][T22718] pglazyfree 0
[ 2836.715565][T22718] pglazyfreed 0
[ 2836.715565][T22718] zswpin 0
[ 2836.715565][T22718] zswpout 0
[ 2836.715565][T22718] thp_fault_alloc 0
[ 2836.928235][T22718] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=22718,uid=0
13:48:11 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:11 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xa9)

13:48:11 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x5e00000000000000)

[ 2836.969655][T22717] bridge0: port 1(bridge_slave_0) entered disabled state
13:48:11 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='autogroup\x00')
setsockopt$MRT_DONE(r3, 0x0, 0xc9, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:11 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:11 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88) (async)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) (async)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) (async)
vmsplice(r2, &(0x7f0000000880)=[{&(0x7f0000000380)="765a423db9309005fc80a76a49165711b9ac9f485606d40601ae16c318f36bb03963714642eb1678b42bb9f3d55729d7e11afa0133bf85be58f12390bb60ed2a4a5447b0e94b39011e75d3c3eb2a7a96ab0ea703d1b6f445b26aa8848617484e2e36a970d2d8d69a476f03253f7675920d1cd4f3283773c6ee03e3a0ba660a4cd67b412c2879b8ec2bfa38690b2573269aa7e81b1a0f99b7a79891e84210f02200ced56049", 0xa5}, {&(0x7f0000000440)="438541b450431990405ffedf09807a779ba1ee8a56c7e2aea35800db59232cc0991d41bfb08c059442c112d491737431cddd268b1901dad3819f8e1cec46468818fa09a3faad2a762128cd043ebec4cf0956c6931dd88cbbe74366bc9cf8d585eddf6f9fcb668844600c47f222a68a0bb579c29d95254fbaa7f155328d28a060e59ca2a33621c4d14421e8b35f6fde9a673f5b42bf8a02957ff2ab8a10f1d4c4c5949a2ff601594fdbd2f9613a336f8b1a83c51faa17", 0xb6}, {&(0x7f0000000500)="3fa00d4842884a1f4c16d14a117949af6916046fd9160074e008c3f6c02cf7943d5d15f86bd206f61a49466da118327f45", 0x31}, {&(0x7f0000000540)="ac85e3e7154b9336eb4801df3f25380ece246e4cda0693bf309fd412e9b15371219ffe57901b2405c52bf63978458e7c81fea8ea7d8194c757ed1f20665ff009ab8d4e0134c8d693160710d7e893c778578951aa81a613226a3bf5c22d7c04896d954491e12af5444e8088fe39d3bda2b91f3e575bb2e555b539e3c0216509c9b6fb20637faa12566bc8ddaca84df45157188f9ac2c01d8fcb1d47ef3145c7923db0d9a60b47ee50c6d35e45249462f66a8222bfeeb958526b95ad233853b2621d4df0bf3c4d1dc568a6d0aa1d0fb292ca396c0cc1ed0f360229c0e7d088f6141d488af8360f", 0xe6}, {&(0x7f0000000640)="c2b3ad21af59ef8651ca2c2ed4dd1b20980e118e3e90d57e2a2bf71aab04a75acc6387c6f6dd521faea459bbd836bdb182f4108742f6ee0314d7d8f45e8daa087ecd0abb5a832c48bbe66d5bb65a9b7a5839120d6c6ec6f048edabce1e3bfad2a4c49b62938769c198b949399ed4fc073da1b8bf03add7110f30e93c6ae824138d3bc4978dc64cb523d9cad3957b385ddec0e8fc18dd3d1d31bbe046e608ac3763dd3cc0fdbf2df577943ea53e5b9f5c000a9fbe7d", 0xb5}, {&(0x7f0000000700)="88e56cc14dda1f699f9ee77e4d310ed9c6c8d4b0af429c7a3cf5861229d220ba398b798681d631df277cf18af4f0aa38a23ad02edc18844dac06dcf11032591cd5eee5ce5f833486bcd0b13c03151eb57d2e269bd94651898706d495d50ec8ce20b80a877093681db61701bd194e81aa42f0bf9149a10500aaa73680283011c2abc8271eda824ec4ecb334b1948b39774d3324efc5a89e24522e3621c0ca5d424830c6751eac1bc871ec76702365d998f63e07f5148bdd130524098f6a7934efa47fce94cd", 0xc5}, {&(0x7f0000000800)="091ce1ddf7127cfc7f5b0bf0cf2a19c3e89f2576ebffe7ecb37b69e5f89b41645417392e8b955f3cc51b3962daae609a5784449bb1066abb4479c9077bd271a66dd7f232", 0x44}], 0x7, 0xa) (async)
finit_module(r1, &(0x7f0000000000)='@!\x00', 0x3) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r3=>0x0}) (async, rerun: 64)
r4 = socket(0x10, 0x80002, 0x0) (async, rerun: 64)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) (async)
setsockopt$IP_VS_SO_SET_EDIT(r6, 0x0, 0x483, &(0x7f0000000300)={0x6, @rand_addr=0x64010100, 0x4e24, 0x1, 'wrr\x00', 0x22, 0xfffffffb, 0x76}, 0x2c)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000100)={0x7, &(0x7f00000000c0)=[{0x800, 0x54, 0x9c, 0x800}, {0x3, 0x1, 0x0, 0x1}, {0x7, 0x40, 0x0, 0x9}, {0x3ff, 0x81, 0x8, 0x1}, {0x5, 0x24, 0x0, 0x7fff}, {0x1, 0x0, 0x80, 0x10001}, {0x1bc, 0x9, 0x4, 0x8}]}, 0x10) (async)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r3, @ANYBLOB="00000000000000001c001a8004000280030005000801000000000000080000000000000008000c000000000053eee4018a34aad0132ee7321355dcbba6844bf64be54d19e78a660161e12e1f2c1926f6572cfa97d8765931e426136d2a3149d096af5ae736c8d0b7915512376b7a7564ef9f8b04b517cd20d30eedd6caf9b1ccea9708815419e8b44ff82b6b63e2e7c1196ec50bd92591fabc7af419aea21f6b21e2f229670159fd9c8b97684a9798750d3b5cd3041a40a6abf2a6b05fa3c9f0374cf371400db1ea6ab543cb0fe77ee902fb5f3cdefe9db60000000000000000a81132823773a2df27e86eac8708d09d78ff94af084b2d144c5678d0899fd4345f01f77a766318338edc8fd73a72bef26d5633a150cf98f2074210c1168b0be21e2317d014f6cd8e1b6af40bb045fd51d817a2cd86208cc35ba30cf99e72ad7c62f58dc6a69404b07300f5137111c4bd7f14ef43028a814ac3e1d095d5cd35005d866090c6"], 0x44}}, 0x0) (async)
setsockopt$inet_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000140)=@gcm_128={{0x303}, "73c5adf7a5d13a7e", "76d847c7dbd87ff5a3e74353a03b408b", "dcd5e90e", "b1a1f76355cea4b9"}, 0x28)

[ 2837.232356][T22718] Memory cgroup out of memory: Killed process 22718 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:11 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r6=>0x0})
r7 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r6}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$nl_route(r7, &(0x7f00000008c0)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000880)={&(0x7f00000009c0)=ANY=[@ANYBLOB="e80000001800000025bd7000fedbdf2580100094fe01c8020008000006001d004e21000008001000040000000800060001000000a3000880c428e77bc8bb0ecfedef461f0ccf865b2fd35afc47b5c1be08279d31b4b96bcbe13b5682028a3fd3ae80ccb68040287e688baff308ed51e715356840198eb43b0fc6767bc226e537957588c64988d11fda2cfa4ebf1094687220bba4939ff6e0b32a1e9329886903bb7f24508beba1eccac9030a5f5af9aa08a72829576a4d4848a8adf46953b53d9de47e6adce5c31c149f138489f2eca0e5bb64f5e9c87c89e000080006001f00000008001000ffffffff879da25e338fcbdf1fa78d420f2db2"], 0xe8}, 0x1, 0x0, 0x0, 0x85}, 0x20040041)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r8=>0x0})
r9 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r8}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r9, 0x89e2, &(0x7f0000000640)={<r10=>r1})
getsockopt$IP_SET_OP_GET_BYNAME(r10, 0x1, 0x53, &(0x7f00000006c0)={0x6, 0x7, 'syz2\x00'}, &(0x7f0000000700)=0x28)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000100)={'syztnl0\x00', &(0x7f0000000240)={'ip6_vti0\x00', <r11=>r2, 0x4, 0x5, 0x20, 0xb3, 0xa, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x23}}, @empty, 0x20, 0x20, 0x243a8ab0, 0x3}})
r12 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r13=>0x0})
r14 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r14, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r13}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
r15 = syz_genetlink_get_family_id$tipc(&(0x7f0000000540), r0)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r14, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x28, r15, 0x10, 0x70bd27, 0x25dfdbfb, {{}, {}, {0xc, 0x14, 'syz1\x00'}}, ["", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x2010}, 0x10)
sendmsg$nl_route(r9, &(0x7f0000000400)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={&(0x7f0000000380)=@setlink={0x50, 0x13, 0x400, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r11, 0x0, 0x18002}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'macvtap0\x00'}, @IFLA_TARGET_NETNSID={0x8, 0x2e, 0x2}, @IFLA_IFALIASn={0x4}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x8}, @IFLA_EVENT={0x8, 0x2c, 0x1}]}, 0x50}, 0x1, 0x0, 0x0, 0x8040}, 0x840)
r16 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r16, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:11 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xaa)

13:48:11 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88) (async)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) (async, rerun: 32)
r2 = socket$inet_udplite(0x2, 0x2, 0x88) (rerun: 32)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) (async, rerun: 32)
vmsplice(r2, &(0x7f0000000880)=[{&(0x7f0000000380)="765a423db9309005fc80a76a49165711b9ac9f485606d40601ae16c318f36bb03963714642eb1678b42bb9f3d55729d7e11afa0133bf85be58f12390bb60ed2a4a5447b0e94b39011e75d3c3eb2a7a96ab0ea703d1b6f445b26aa8848617484e2e36a970d2d8d69a476f03253f7675920d1cd4f3283773c6ee03e3a0ba660a4cd67b412c2879b8ec2bfa38690b2573269aa7e81b1a0f99b7a79891e84210f02200ced56049", 0xa5}, {&(0x7f0000000440)="438541b450431990405ffedf09807a779ba1ee8a56c7e2aea35800db59232cc0991d41bfb08c059442c112d491737431cddd268b1901dad3819f8e1cec46468818fa09a3faad2a762128cd043ebec4cf0956c6931dd88cbbe74366bc9cf8d585eddf6f9fcb668844600c47f222a68a0bb579c29d95254fbaa7f155328d28a060e59ca2a33621c4d14421e8b35f6fde9a673f5b42bf8a02957ff2ab8a10f1d4c4c5949a2ff601594fdbd2f9613a336f8b1a83c51faa17", 0xb6}, {&(0x7f0000000500)="3fa00d4842884a1f4c16d14a117949af6916046fd9160074e008c3f6c02cf7943d5d15f86bd206f61a49466da118327f45", 0x31}, {&(0x7f0000000540)="ac85e3e7154b9336eb4801df3f25380ece246e4cda0693bf309fd412e9b15371219ffe57901b2405c52bf63978458e7c81fea8ea7d8194c757ed1f20665ff009ab8d4e0134c8d693160710d7e893c778578951aa81a613226a3bf5c22d7c04896d954491e12af5444e8088fe39d3bda2b91f3e575bb2e555b539e3c0216509c9b6fb20637faa12566bc8ddaca84df45157188f9ac2c01d8fcb1d47ef3145c7923db0d9a60b47ee50c6d35e45249462f66a8222bfeeb958526b95ad233853b2621d4df0bf3c4d1dc568a6d0aa1d0fb292ca396c0cc1ed0f360229c0e7d088f6141d488af8360f", 0xe6}, {&(0x7f0000000640)="c2b3ad21af59ef8651ca2c2ed4dd1b20980e118e3e90d57e2a2bf71aab04a75acc6387c6f6dd521faea459bbd836bdb182f4108742f6ee0314d7d8f45e8daa087ecd0abb5a832c48bbe66d5bb65a9b7a5839120d6c6ec6f048edabce1e3bfad2a4c49b62938769c198b949399ed4fc073da1b8bf03add7110f30e93c6ae824138d3bc4978dc64cb523d9cad3957b385ddec0e8fc18dd3d1d31bbe046e608ac3763dd3cc0fdbf2df577943ea53e5b9f5c000a9fbe7d", 0xb5}, {&(0x7f0000000700)="88e56cc14dda1f699f9ee77e4d310ed9c6c8d4b0af429c7a3cf5861229d220ba398b798681d631df277cf18af4f0aa38a23ad02edc18844dac06dcf11032591cd5eee5ce5f833486bcd0b13c03151eb57d2e269bd94651898706d495d50ec8ce20b80a877093681db61701bd194e81aa42f0bf9149a10500aaa73680283011c2abc8271eda824ec4ecb334b1948b39774d3324efc5a89e24522e3621c0ca5d424830c6751eac1bc871ec76702365d998f63e07f5148bdd130524098f6a7934efa47fce94cd", 0xc5}, {&(0x7f0000000800)="091ce1ddf7127cfc7f5b0bf0cf2a19c3e89f2576ebffe7ecb37b69e5f89b41645417392e8b955f3cc51b3962daae609a5784449bb1066abb4479c9077bd271a66dd7f232", 0x44}], 0x7, 0xa) (async, rerun: 32)
finit_module(r1, &(0x7f0000000000)='@!\x00', 0x3) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r3=>0x0}) (async)
r4 = socket(0x10, 0x80002, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) (async, rerun: 32)
setsockopt$IP_VS_SO_SET_EDIT(r6, 0x0, 0x483, &(0x7f0000000300)={0x6, @rand_addr=0x64010100, 0x4e24, 0x1, 'wrr\x00', 0x22, 0xfffffffb, 0x76}, 0x2c) (rerun: 32)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000100)={0x7, &(0x7f00000000c0)=[{0x800, 0x54, 0x9c, 0x800}, {0x3, 0x1, 0x0, 0x1}, {0x7, 0x40, 0x0, 0x9}, {0x3ff, 0x81, 0x8, 0x1}, {0x5, 0x24, 0x0, 0x7fff}, {0x1, 0x0, 0x80, 0x10001}, {0x1bc, 0x9, 0x4, 0x8}]}, 0x10)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r3, @ANYBLOB="00000000000000001c001a8004000280030005000801000000000000080000000000000008000c000000000053eee4018a34aad0132ee7321355dcbba6844bf64be54d19e78a660161e12e1f2c1926f6572cfa97d8765931e426136d2a3149d096af5ae736c8d0b7915512376b7a7564ef9f8b04b517cd20d30eedd6caf9b1ccea9708815419e8b44ff82b6b63e2e7c1196ec50bd92591fabc7af419aea21f6b21e2f229670159fd9c8b97684a9798750d3b5cd3041a40a6abf2a6b05fa3c9f0374cf371400db1ea6ab543cb0fe77ee902fb5f3cdefe9db60000000000000000a81132823773a2df27e86eac8708d09d78ff94af084b2d144c5678d0899fd4345f01f77a766318338edc8fd73a72bef26d5633a150cf98f2074210c1168b0be21e2317d014f6cd8e1b6af40bb045fd51d817a2cd86208cc35ba30cf99e72ad7c62f58dc6a69404b07300f5137111c4bd7f14ef43028a814ac3e1d095d5cd35005d866090c6"], 0x44}}, 0x0) (async)
setsockopt$inet_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000140)=@gcm_128={{0x303}, "73c5adf7a5d13a7e", "76d847c7dbd87ff5a3e74353a03b408b", "dcd5e90e", "b1a1f76355cea4b9"}, 0x28)

[ 2837.422998][T22746] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2837.443977][T22746] CPU: 0 PID: 22746 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2837.454448][T22746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2837.464622][T22746] Call Trace:
[ 2837.467925][T22746]  <TASK>
[ 2837.470872][T22746]  dump_stack_lvl+0x136/0x150
[ 2837.475581][T22746]  dump_header+0x10a/0xd70
[ 2837.480034][T22746]  oom_kill_process+0x25d/0x600
[ 2837.485027][T22746]  out_of_memory+0x35c/0x1660
[ 2837.489896][T22746]  ? find_held_lock+0x2d/0x110
[ 2837.494679][T22746]  ? oom_killer_disable+0x2b0/0x2b0
[ 2837.499920][T22746]  ? rcu_read_unlock+0x9/0x60
[ 2837.504630][T22746]  ? find_held_lock+0x2d/0x110
[ 2837.509435][T22746]  mem_cgroup_out_of_memory+0x206/0x270
[ 2837.515105][T22746]  ? mem_cgroup_margin+0x130/0x130
[ 2837.520239][T22746]  ? lock_downgrade+0x690/0x690
[ 2837.525221][T22746]  try_charge_memcg+0xf99/0x13a0
[ 2837.530189][T22746]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2837.536206][T22746]  ? rcu_read_unlock+0x9/0x60
[ 2837.540898][T22746]  ? lock_downgrade+0x690/0x690
[ 2837.545776][T22746]  charge_memcg+0x90/0x3b0
[ 2837.550218][T22746]  __mem_cgroup_charge+0x2b/0x90
[ 2837.555162][T22746]  ? copy_mc_to_kernel+0x3e/0x90
[ 2837.560119][T22746]  do_wp_page+0x8ea/0x33c0
[ 2837.564635][T22746]  ? lock_sync+0x190/0x190
[ 2837.569096][T22746]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2837.574483][T22746]  ? do_raw_spin_lock+0x124/0x2b0
[ 2837.579528][T22746]  ? spin_bug+0x1c0/0x1c0
[ 2837.583885][T22746]  __handle_mm_fault+0x1635/0x41c0
[ 2837.589050][T22746]  ? vm_iomap_memory+0x190/0x190
[ 2837.594002][T22746]  ? mas_walk+0x58f/0x730
[ 2837.598362][T22746]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2837.603503][T22746]  handle_mm_fault+0x2af/0x9f0
[ 2837.608373][T22746]  do_user_addr_fault+0x2ca/0x1210
[ 2837.613588][T22746]  ? rcu_is_watching+0x12/0xb0
[ 2837.618472][T22746]  exc_page_fault+0x98/0x170
[ 2837.623082][T22746]  asm_exc_page_fault+0x26/0x30
[ 2837.627956][T22746] RIP: 0033:0x7f4036836f7e
[ 2837.632638][T22746] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2837.652257][T22746] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2837.658338][T22746] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2837.666316][T22746] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2837.674299][T22746] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2837.682281][T22746] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2837.690267][T22746] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2837.698275][T22746]  </TASK>
[ 2837.785034][T22736] __nla_validate_parse: 22 callbacks suppressed
[ 2837.785053][T22736] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2837.821425][T22746] memory: usage 307200kB, limit 307200kB, failcnt 15872
13:48:12 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)

[ 2837.833403][T22746] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2837.852734][T22746] Memory cgroup stats for /syz4:
[ 2837.853047][T22746] anon 114688
[ 2837.853047][T22746] file 8380416
[ 2837.853047][T22746] kernel 306077696
[ 2837.853047][T22746] kernel_stack 65536
[ 2837.853047][T22746] pagetables 77824
[ 2837.853047][T22746] sec_pagetables 0
[ 2837.853047][T22746] percpu 5477376
[ 2837.853047][T22746] sock 0
[ 2837.853047][T22746] vmalloc 0
[ 2837.853047][T22746] shmem 8380416
[ 2837.853047][T22746] zswap 0
[ 2837.853047][T22746] zswapped 0
[ 2837.853047][T22746] file_mapped 405504
[ 2837.853047][T22746] file_dirty 0
[ 2837.853047][T22746] file_writeback 0
[ 2837.853047][T22746] swapcached 0
[ 2837.853047][T22746] anon_thp 0
[ 2837.853047][T22746] file_thp 0
[ 2837.853047][T22746] shmem_thp 0
[ 2837.853047][T22746] inactive_anon 4096
[ 2837.853047][T22746] active_anon 8491008
[ 2837.853047][T22746] inactive_file 0
[ 2837.853047][T22746] active_file 0
[ 2837.853047][T22746] unevictable 0
[ 2837.853047][T22746] slab_reclaimable 38216
[ 2837.853047][T22746] slab_unreclaimable 300379744
[ 2837.853047][T22746] slab 300417960
[ 2837.853047][T22746] workingset_refault_anon 0
[ 2837.853047][T22746] workingset_refault_file 0
[ 2837.853047][T22746] workingset_activate_anon 0
[ 2837.853047][T22746] workingset_activate_file 0
[ 2837.853047][T22746] workingset_restore_anon 0
[ 2837.853047][T22746] workingset_restore_file 0
[ 2837.853047][T22746] workingset_nodereclaim 0
[ 2837.853047][T22746] pgscan 0
[ 2837.853047][T22746] pgsteal 0
[ 2837.853047][T22746] pgscan_kswapd 0
[ 2837.853047][T22746] pgscan_direct 0
[ 2837.853047][T22746] pgscan_khugepaged 0
[ 2837.853047][T22746] pgsteal_kswapd 0
[ 2837.853047][T22746] pgsteal_direct 0
[ 2837.853047][T22746] pgsteal_khugepaged 0
[ 2837.853047][T22746] pgfault 385796
[ 2837.853047][T22746] pgmajfault 0
[ 2837.853047][T22746] pgrefill 0
[ 2837.853047][T22746] pgactivate 0
[ 2837.853047][T22746] pgdeactivate 0
[ 2837.853047][T22746] pglazyfree 0
[ 2837.853047][T22746] pglazyfreed 0
[ 2837.853047][T22746] zswpin 0
[ 2837.853047][T22746] zswpout 0
[ 2837.853047][T22746] thp_fault_alloc 0
13:48:12 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:12 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='autogroup\x00')
setsockopt$MRT_DONE(r3, 0x0, 0xc9, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
socket(0x10, 0x803, 0x0) (async)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
syz_open_procfs(0x0, &(0x7f0000000080)='autogroup\x00') (async)
setsockopt$MRT_DONE(r3, 0x0, 0xc9, 0x0, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)

[ 2838.110821][T22737] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2838.140324][T22748] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2838.221893][T22759] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2838.222724][T22746] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=22746,uid=0
[ 2838.245762][T22746] Memory cgroup out of memory: Killed process 22746 (syz-executor.4) total-vm:54548kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:12 executing program 4:
socket$netlink(0x10, 0x3, 0x0) (async)
r0 = socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r6=>0x0})
socket(0x10, 0x80002, 0x0) (async)
r7 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r6}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$nl_route(r7, &(0x7f00000008c0)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000880)={&(0x7f00000009c0)=ANY=[@ANYBLOB="e80000001800000025bd7000fedbdf2580100094fe01c8020008000006001d004e21000008001000040000000800060001000000a3000880c428e77bc8bb0ecfedef461f0ccf865b2fd35afc47b5c1be08279d31b4b96bcbe13b5682028a3fd3ae80ccb68040287e688baff308ed51e715356840198eb43b0fc6767bc226e537957588c64988d11fda2cfa4ebf1094687220bba4939ff6e0b32a1e9329886903bb7f24508beba1eccac9030a5f5af9aa08a72829576a4d4848a8adf46953b53d9de47e6adce5c31c149f138489f2eca0e5bb64f5e9c87c89e000080006001f00000008001000ffffffff879da25e338fcbdf1fa78d420f2db2"], 0xe8}, 0x1, 0x0, 0x0, 0x85}, 0x20040041)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r8=>0x0})
r9 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r8}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r9, 0x89e2, &(0x7f0000000640)={<r10=>r1})
getsockopt$IP_SET_OP_GET_BYNAME(r10, 0x1, 0x53, &(0x7f00000006c0)={0x6, 0x7, 'syz2\x00'}, &(0x7f0000000700)=0x28) (async)
getsockopt$IP_SET_OP_GET_BYNAME(r10, 0x1, 0x53, &(0x7f00000006c0)={0x6, 0x7, 'syz2\x00'}, &(0x7f0000000700)=0x28)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000100)={'syztnl0\x00', &(0x7f0000000240)={'ip6_vti0\x00', <r11=>r2, 0x4, 0x5, 0x20, 0xb3, 0xa, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x23}}, @empty, 0x20, 0x20, 0x243a8ab0, 0x3}})
r12 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r13=>0x0})
r14 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r14, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r13}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)
sendmsg$nl_route(r14, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r13}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
r15 = syz_genetlink_get_family_id$tipc(&(0x7f0000000540), r0)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r14, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x28, r15, 0x10, 0x70bd27, 0x25dfdbfb, {{}, {}, {0xc, 0x14, 'syz1\x00'}}, ["", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x2010}, 0x10)
sendmsg$nl_route(r9, &(0x7f0000000400)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={&(0x7f0000000380)=@setlink={0x50, 0x13, 0x400, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r11, 0x0, 0x18002}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'macvtap0\x00'}, @IFLA_TARGET_NETNSID={0x8, 0x2e, 0x2}, @IFLA_IFALIASn={0x4}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x8}, @IFLA_EVENT={0x8, 0x2c, 0x1}]}, 0x50}, 0x1, 0x0, 0x0, 0x8040}, 0x840)
r16 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r16, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:12 executing program 2:
socket$inet_udplite(0x2, 0x2, 0x88) (async)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)

[ 2838.250658][T22743] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
13:48:12 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x5e01000000000000)

[ 2838.322246][T22763] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2838.391386][T22766] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2838.409947][T22766] CPU: 1 PID: 22766 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2838.420428][T22766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2838.430505][T22766] Call Trace:
[ 2838.433817][T22766]  <TASK>
[ 2838.436786][T22766]  dump_stack_lvl+0x136/0x150
[ 2838.441488][T22766]  dump_header+0x10a/0xd70
[ 2838.445918][T22766]  oom_kill_process+0x25d/0x600
[ 2838.450778][T22766]  out_of_memory+0x35c/0x1660
[ 2838.455465][T22766]  ? find_held_lock+0x2d/0x110
[ 2838.460246][T22766]  ? oom_killer_disable+0x2b0/0x2b0
[ 2838.465462][T22766]  ? rcu_read_unlock+0x9/0x60
[ 2838.470161][T22766]  ? find_held_lock+0x2d/0x110
[ 2838.475027][T22766]  mem_cgroup_out_of_memory+0x206/0x270
[ 2838.480590][T22766]  ? mem_cgroup_margin+0x130/0x130
[ 2838.485722][T22766]  ? lock_downgrade+0x690/0x690
[ 2838.490603][T22766]  try_charge_memcg+0xf99/0x13a0
[ 2838.495570][T22766]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2838.501578][T22766]  ? rcu_read_unlock+0x9/0x60
[ 2838.506441][T22766]  ? lock_downgrade+0x690/0x690
[ 2838.511318][T22766]  charge_memcg+0x90/0x3b0
[ 2838.515761][T22766]  __mem_cgroup_charge+0x2b/0x90
[ 2838.520707][T22766]  ? copy_mc_to_kernel+0x3e/0x90
[ 2838.525665][T22766]  do_wp_page+0x8ea/0x33c0
[ 2838.530183][T22766]  ? lock_sync+0x190/0x190
[ 2838.534709][T22766]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2838.540112][T22766]  ? do_raw_spin_lock+0x124/0x2b0
[ 2838.545187][T22766]  ? spin_bug+0x1c0/0x1c0
[ 2838.549571][T22766]  __handle_mm_fault+0x1635/0x41c0
[ 2838.554741][T22766]  ? vm_iomap_memory+0x190/0x190
[ 2838.559721][T22766]  ? mas_walk+0x58f/0x730
[ 2838.564198][T22766]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2838.569352][T22766]  handle_mm_fault+0x2af/0x9f0
[ 2838.574145][T22766]  do_user_addr_fault+0x2ca/0x1210
[ 2838.579274][T22766]  ? rcu_is_watching+0x12/0xb0
[ 2838.584063][T22766]  exc_page_fault+0x98/0x170
[ 2838.588668][T22766]  asm_exc_page_fault+0x26/0x30
[ 2838.593547][T22766] RIP: 0033:0x7f4036836f7e
[ 2838.597974][T22766] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2838.617693][T22766] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2838.623807][T22766] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000001
[ 2838.631795][T22766] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2838.639775][T22766] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2838.647753][T22766] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2838.655736][T22766] R13: 00007f4036400080 R14: 00007f40369abf80 R15: 0000000000000000
[ 2838.663752][T22766]  </TASK>
[ 2838.705483][T22766] memory: usage 307200kB, limit 307200kB, failcnt 15937
[ 2838.716897][T22766] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2838.726551][T22766] Memory cgroup stats for /syz4:
[ 2838.726814][T22766] anon 114688
[ 2838.726814][T22766] file 8380416
[ 2838.726814][T22766] kernel 306077696
[ 2838.726814][T22766] kernel_stack 65536
[ 2838.726814][T22766] pagetables 77824
[ 2838.726814][T22766] sec_pagetables 0
[ 2838.726814][T22766] percpu 5477376
[ 2838.726814][T22766] sock 0
[ 2838.726814][T22766] vmalloc 0
[ 2838.726814][T22766] shmem 8380416
[ 2838.726814][T22766] zswap 0
[ 2838.726814][T22766] zswapped 0
[ 2838.726814][T22766] file_mapped 405504
[ 2838.726814][T22766] file_dirty 0
[ 2838.726814][T22766] file_writeback 0
[ 2838.726814][T22766] swapcached 0
[ 2838.726814][T22766] anon_thp 0
[ 2838.726814][T22766] file_thp 0
[ 2838.726814][T22766] shmem_thp 0
[ 2838.726814][T22766] inactive_anon 4096
[ 2838.726814][T22766] active_anon 8491008
[ 2838.726814][T22766] inactive_file 0
[ 2838.726814][T22766] active_file 0
[ 2838.726814][T22766] unevictable 0
[ 2838.726814][T22766] slab_reclaimable 38216
[ 2838.726814][T22766] slab_unreclaimable 300379744
[ 2838.726814][T22766] slab 300417960
[ 2838.726814][T22766] workingset_refault_anon 0
[ 2838.726814][T22766] workingset_refault_file 0
[ 2838.726814][T22766] workingset_activate_anon 0
[ 2838.726814][T22766] workingset_activate_file 0
[ 2838.726814][T22766] workingset_restore_anon 0
[ 2838.726814][T22766] workingset_restore_file 0
[ 2838.726814][T22766] workingset_nodereclaim 0
[ 2838.726814][T22766] pgscan 0
[ 2838.726814][T22766] pgsteal 0
[ 2838.726814][T22766] pgscan_kswapd 0
[ 2838.726814][T22766] pgscan_direct 0
[ 2838.726814][T22766] pgscan_khugepaged 0
[ 2838.726814][T22766] pgsteal_kswapd 0
[ 2838.726814][T22766] pgsteal_direct 0
[ 2838.726814][T22766] pgsteal_khugepaged 0
[ 2838.726814][T22766] pgfault 385835
[ 2838.726814][T22766] pgmajfault 0
[ 2838.726814][T22766] pgrefill 0
[ 2838.726814][T22766] pgactivate 0
[ 2838.726814][T22766] pgdeactivate 0
[ 2838.726814][T22766] pglazyfree 0
[ 2838.726814][T22766] pglazyfreed 0
[ 2838.726814][T22766] zswpin 0
[ 2838.726814][T22766] zswpout 0
[ 2838.726814][T22766] thp_fault_alloc 0
[ 2838.922550][T22750] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
13:48:13 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2838.955701][T22751] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2838.998242][T22765] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2839.017691][T22766] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=22766,uid=0
13:48:13 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xab)

[ 2839.039690][T22768] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
13:48:13 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='autogroup\x00')
setsockopt$MRT_DONE(r3, 0x0, 0xc9, 0x0, 0x0) (async)
setsockopt$MRT_DONE(r3, 0x0, 0xc9, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:13 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)

[ 2839.088379][T22775] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2839.116475][T22778] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2839.213199][T22766] Memory cgroup out of memory: Killed process 22766 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:13 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r4 = socket$inet_udplite(0x2, 0x2, 0x88) (async)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r6=>0x0}) (async)
r7 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r6}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)
sendmsg$nl_route(r7, &(0x7f00000008c0)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000880)={&(0x7f00000009c0)=ANY=[@ANYBLOB="e80000001800000025bd7000fedbdf2580100094fe01c8020008000006001d004e21000008001000040000000800060001000000a3000880c428e77bc8bb0ecfedef461f0ccf865b2fd35afc47b5c1be08279d31b4b96bcbe13b5682028a3fd3ae80ccb68040287e688baff308ed51e715356840198eb43b0fc6767bc226e537957588c64988d11fda2cfa4ebf1094687220bba4939ff6e0b32a1e9329886903bb7f24508beba1eccac9030a5f5af9aa08a72829576a4d4848a8adf46953b53d9de47e6adce5c31c149f138489f2eca0e5bb64f5e9c87c89e000080006001f00000008001000ffffffff879da25e338fcbdf1fa78d420f2db2"], 0xe8}, 0x1, 0x0, 0x0, 0x85}, 0x20040041) (async)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r8=>0x0}) (async)
r9 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r8}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)
ioctl$sock_kcm_SIOCKCMCLONE(r9, 0x89e2, &(0x7f0000000640)={<r10=>r1})
getsockopt$IP_SET_OP_GET_BYNAME(r10, 0x1, 0x53, &(0x7f00000006c0)={0x6, 0x7, 'syz2\x00'}, &(0x7f0000000700)=0x28)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000100)={'syztnl0\x00', &(0x7f0000000240)={'ip6_vti0\x00', <r11=>r2, 0x4, 0x5, 0x20, 0xb3, 0xa, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x23}}, @empty, 0x20, 0x20, 0x243a8ab0, 0x3}}) (async)
r12 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r13=>0x0}) (async)
r14 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r14, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r13}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
r15 = syz_genetlink_get_family_id$tipc(&(0x7f0000000540), r0)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r14, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x28, r15, 0x10, 0x70bd27, 0x25dfdbfb, {{}, {}, {0xc, 0x14, 'syz1\x00'}}, ["", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x2010}, 0x10) (async)
sendmsg$nl_route(r9, &(0x7f0000000400)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={&(0x7f0000000380)=@setlink={0x50, 0x13, 0x400, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r11, 0x0, 0x18002}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'macvtap0\x00'}, @IFLA_TARGET_NETNSID={0x8, 0x2e, 0x2}, @IFLA_IFALIASn={0x4}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x8}, @IFLA_EVENT={0x8, 0x2c, 0x1}]}, 0x50}, 0x1, 0x0, 0x0, 0x8040}, 0x840) (async)
r16 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r16, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:13 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2839.427848][T22795] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2839.450506][T22795] CPU: 0 PID: 22795 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2839.461429][T22795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2839.471620][T22795] Call Trace:
[ 2839.475013][T22795]  <TASK>
[ 2839.477972][T22795]  dump_stack_lvl+0x136/0x150
[ 2839.482701][T22795]  dump_header+0x10a/0xd70
[ 2839.487158][T22795]  oom_kill_process+0x25d/0x600
[ 2839.492056][T22795]  out_of_memory+0x35c/0x1660
[ 2839.496776][T22795]  ? find_held_lock+0x2d/0x110
[ 2839.501579][T22795]  ? oom_killer_disable+0x2b0/0x2b0
[ 2839.506814][T22795]  ? rcu_read_unlock+0x9/0x60
[ 2839.511523][T22795]  ? find_held_lock+0x2d/0x110
[ 2839.516327][T22795]  mem_cgroup_out_of_memory+0x206/0x270
[ 2839.521912][T22795]  ? mem_cgroup_margin+0x130/0x130
[ 2839.527054][T22795]  ? lock_downgrade+0x690/0x690
[ 2839.531956][T22795]  try_charge_memcg+0xf99/0x13a0
[ 2839.537016][T22795]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2839.543018][T22795]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2839.548768][T22795]  ? lock_downgrade+0x690/0x690
[ 2839.553829][T22795]  ? lock_downgrade+0x690/0x690
[ 2839.558720][T22795]  __memcg_kmem_charge_page+0x16e/0x3c0
[ 2839.564312][T22795]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2839.570672][T22795]  copy_process+0x1442/0x75c0
[ 2839.575380][T22795]  ? __lock_acquire+0xc17/0x5f30
[ 2839.580343][T22795]  ? pidfd_prepare+0x80/0x80
[ 2839.584957][T22795]  ? psi_memstall_leave+0x174/0x250
[ 2839.590162][T22795]  ? lock_downgrade+0x690/0x690
[ 2839.595034][T22795]  kernel_clone+0xeb/0x890
[ 2839.599466][T22795]  ? create_io_thread+0xe0/0xe0
[ 2839.604333][T22795]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2839.610592][T22795]  ? lock_downgrade+0x690/0x690
[ 2839.615488][T22795]  __do_sys_clone+0xba/0x100
[ 2839.620095][T22795]  ? kernel_clone+0x890/0x890
[ 2839.624807][T22795]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2839.630724][T22795]  do_syscall_64+0x39/0xb0
[ 2839.635163][T22795]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2839.641072][T22795] RIP: 0033:0x7f403688d591
[ 2839.645505][T22795] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2839.665254][T22795] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2839.673806][T22795] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2839.681885][T22795] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2839.689863][T22795] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2839.698097][T22795] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2839.706069][T22795] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2839.714067][T22795]  </TASK>
13:48:14 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x5f00000000000000)

[ 2839.808446][T22795] memory: usage 307196kB, limit 307200kB, failcnt 16008
[ 2839.815689][T22795] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2839.830357][T22795] Memory cgroup stats for /syz4:
[ 2839.830837][T22795] anon 114688
[ 2839.830837][T22795] file 8380416
[ 2839.830837][T22795] kernel 306073600
[ 2839.830837][T22795] kernel_stack 32768
[ 2839.830837][T22795] pagetables 77824
[ 2839.830837][T22795] sec_pagetables 0
[ 2839.830837][T22795] percpu 5477376
[ 2839.830837][T22795] sock 0
[ 2839.830837][T22795] vmalloc 0
[ 2839.830837][T22795] shmem 8380416
[ 2839.830837][T22795] zswap 0
[ 2839.830837][T22795] zswapped 0
[ 2839.830837][T22795] file_mapped 405504
[ 2839.830837][T22795] file_dirty 0
[ 2839.830837][T22795] file_writeback 0
[ 2839.830837][T22795] swapcached 0
[ 2839.830837][T22795] anon_thp 0
[ 2839.830837][T22795] file_thp 0
[ 2839.830837][T22795] shmem_thp 0
[ 2839.830837][T22795] inactive_anon 4096
[ 2839.830837][T22795] active_anon 8491008
[ 2839.830837][T22795] inactive_file 0
[ 2839.830837][T22795] active_file 0
[ 2839.830837][T22795] unevictable 0
[ 2839.830837][T22795] slab_reclaimable 38216
[ 2839.830837][T22795] slab_unreclaimable 300379280
[ 2839.830837][T22795] slab 300417496
[ 2839.830837][T22795] workingset_refault_anon 0
[ 2839.830837][T22795] workingset_refault_file 0
[ 2839.830837][T22795] workingset_activate_anon 0
[ 2839.830837][T22795] workingset_activate_file 0
[ 2839.830837][T22795] workingset_restore_anon 0
[ 2839.830837][T22795] workingset_restore_file 0
[ 2839.830837][T22795] workingset_nodereclaim 0
[ 2839.830837][T22795] pgscan 0
[ 2839.830837][T22795] pgsteal 0
[ 2839.830837][T22795] pgscan_kswapd 0
[ 2839.830837][T22795] pgscan_direct 0
[ 2839.830837][T22795] pgscan_khugepaged 0
[ 2839.830837][T22795] pgsteal_kswapd 0
[ 2839.830837][T22795] pgsteal_direct 0
[ 2839.830837][T22795] pgsteal_khugepaged 0
[ 2839.830837][T22795] pgfault 385874
[ 2839.830837][T22795] pgmajfault 0
[ 2839.830837][T22795] pgrefill 0
[ 2839.830837][T22795] pgactivate 0
[ 2839.830837][T22795] pgdeactivate 0
[ 2839.830837][T22795] pglazyfree 0
[ 2839.830837][T22795] pglazyfreed 0
13:48:14 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xac)

13:48:14 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2839.830837][T22795] zswpin 0
[ 2839.830837][T22795] zswpout 0
[ 2839.830837][T22795] thp_fault_alloc 0
[ 2840.031766][T22793] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2840.042722][T22795] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=22795,uid=0
13:48:14 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
getpeername(r0, &(0x7f00000000c0)=@rc={0x1f, @none}, &(0x7f0000000000)=0x80)
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)

[ 2840.107374][T22795] Memory cgroup out of memory: Killed process 22795 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:14 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="20000000c76f4ff9b61300290a000000000000000007000000", @ANYRES32=r4, @ANYBLOB="0000030000000000"], 0x20}, 0x1, 0x0, 0x0, 0x2000001c}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="8200"/14, @ANYRESHEX=r5, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = accept4$vsock_stream(r5, &(0x7f0000000380)={0x28, 0x0, 0x2711, @my=0x1}, 0x10, 0x800)
getsockopt$inet6_mreq(r5, 0x29, 0x1b, &(0x7f00000003c0)={@private2, <r9=>0x0}, &(0x7f0000000400)=0x14)
sendmsg(r8, &(0x7f0000000780)={&(0x7f0000000500)=@ll={0x11, 0xeb, r9, 0x1, 0xfd, 0x6, @multicast}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000480)="4a4b11bef2f2459927ad544dea4d29c5962ab542ad0fbad49e482b15247ba9b6410e205f98f25ca4bf62d04b3ea21eec92145d", 0x33}, {&(0x7f0000000580)="758e7b63ca959db611f21fea2ddbe55bb5ce31d0aa5a2986222d2939114417a94317ccd39e3d55ea3e4b54f09b9c8010c2f40f4b153dc5f7a95c1fd1d143592cf6f8dfc22bed787115ddcc73dc49cd017009ea16d352ea1edc287fc67f7909535e283560c10301490211a62cba30cf28f62ade29c6338ac3208574039e5c4b398ce26e3ac6ebd827b2c662cad60bc3d09a492ede8106aaf3f6513d53a4459b84d9decee1889e12bab0ad53b5172032089489c17fad7c3a796533ab9c40c883223622522456e5bb55566dfc9472f1beafbc7b176ef7c56b84afe2faaa221a3590b00640a242", 0xe5}, {&(0x7f00000006c0)="4c4d9468465353057325a70f5cc08a133060f5773887fa69d8261957b0eac9ee2d8f4a04459e694f397178cab1198379e579e874f3af1bffe983df7dbdb36a19eeedac24d4e007bba366492700c1833f8f374636c8446fa2", 0x58}], 0x3}, 0x4)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:14 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="2c00000024000b0f0000fb3b6819d26f9d61760086060bf48d41a65df0cbe49d1222901da3cf2e0595144a6be9b279d5141c6f02fd8226f42be08ad598c6c11fab01dedced4fe62029152c7a168fb7b57a0c7842f6dc2534c6766a6a886c1e83e20ea5d59a83f9a050f9f68280d878cc30ac350f52f94823b5e91c0700d7f2457787cf5edbb2b61917f6d557e130365bd97ae02303c78788004af3320e21869b9b61d4519c58634b4b38fcf5cc20fb4481a9d1c26d369116ac8a247b8bd315b77a5e1d96b9913de3c3f16bda09170926bd6d71c55a0a9471eb5d136d667a325ab7cf79176b7de3a72d1dc3", @ANYRES32=r2, @ANYBLOB="040000716671000000000000000000000000000024fbc431436dca9684d920e12a6a042e345c46ebdb8857704fbf1d3757da4531bd8991fd30b3fd407c40bc7cb4cc024b4d72ce7ecf783c34883ef52729aed116239fa3e87a4a36726fce9aa225e62d96deb3eabd1b90d6cb231a261273092cd0d1b63ea7c39586a728a06280a976d7effee0d510927b5f731465c1f8930291ed502edda1efc9805d09a377d3a5a9585717d2bcbf145dfe22ff19cfd80737cacf5633b68cd5ee723e5050ca6fcb0503a2359e607806411d5e6db97720f9e602b653c9391aab5f9ac874ee44db49e1984c9c8fec71b9f58164952ff47cd3e89917d45fba285d4adfb294d1eb"], 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2840.430300][T22812] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2840.446596][T22812] CPU: 0 PID: 22812 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2840.457167][T22812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2840.467260][T22812] Call Trace:
[ 2840.470554][T22812]  <TASK>
[ 2840.473501][T22812]  dump_stack_lvl+0x136/0x150
[ 2840.478225][T22812]  dump_header+0x10a/0xd70
[ 2840.482691][T22812]  oom_kill_process+0x25d/0x600
[ 2840.487926][T22812]  out_of_memory+0x35c/0x1660
[ 2840.492652][T22812]  ? find_held_lock+0x2d/0x110
[ 2840.497469][T22812]  ? oom_killer_disable+0x2b0/0x2b0
[ 2840.502791][T22812]  ? rcu_read_unlock+0x9/0x60
[ 2840.507512][T22812]  ? find_held_lock+0x2d/0x110
[ 2840.512325][T22812]  mem_cgroup_out_of_memory+0x206/0x270
[ 2840.517929][T22812]  ? mem_cgroup_margin+0x130/0x130
[ 2840.523079][T22812]  ? lock_downgrade+0x690/0x690
[ 2840.528255][T22812]  try_charge_memcg+0xf99/0x13a0
[ 2840.533252][T22812]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2840.539297][T22812]  ? rcu_read_unlock+0x9/0x60
[ 2840.544015][T22812]  ? lock_downgrade+0x690/0x690
[ 2840.548937][T22812]  charge_memcg+0x90/0x3b0
[ 2840.553412][T22812]  __mem_cgroup_charge+0x2b/0x90
[ 2840.558390][T22812]  ? copy_mc_to_kernel+0x3e/0x90
[ 2840.563379][T22812]  do_wp_page+0x8ea/0x33c0
[ 2840.567835][T22812]  ? lock_sync+0x190/0x190
[ 2840.572295][T22812]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2840.577708][T22812]  ? do_raw_spin_lock+0x124/0x2b0
[ 2840.582786][T22812]  ? spin_bug+0x1c0/0x1c0
[ 2840.587175][T22812]  __handle_mm_fault+0x1635/0x41c0
[ 2840.592332][T22812]  ? vm_iomap_memory+0x190/0x190
[ 2840.597301][T22812]  ? mas_walk+0x58f/0x730
[ 2840.601683][T22812]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2840.606849][T22812]  handle_mm_fault+0x2af/0x9f0
[ 2840.611659][T22812]  do_user_addr_fault+0x2ca/0x1210
[ 2840.617252][T22812]  ? rcu_is_watching+0x12/0xb0
[ 2840.622080][T22812]  exc_page_fault+0x98/0x170
[ 2840.626820][T22812]  asm_exc_page_fault+0x26/0x30
[ 2840.631724][T22812] RIP: 0033:0x7f4036836f7e
[ 2840.636168][T22812] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2840.655899][T22812] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2840.661997][T22812] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2840.670014][T22812] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2840.678223][T22812] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2840.686488][T22812] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2840.694581][T22812] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2840.702607][T22812]  </TASK>
[ 2840.720103][T22812] memory: usage 307200kB, limit 307200kB, failcnt 16126
[ 2840.732029][T22812] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2840.740093][T22812] Memory cgroup stats for /syz4:
[ 2840.740621][T22812] anon 114688
[ 2840.740621][T22812] file 8380416
[ 2840.740621][T22812] kernel 306077696
[ 2840.740621][T22812] kernel_stack 65536
[ 2840.740621][T22812] pagetables 77824
[ 2840.740621][T22812] sec_pagetables 0
[ 2840.740621][T22812] percpu 5477376
[ 2840.740621][T22812] sock 0
[ 2840.740621][T22812] vmalloc 0
[ 2840.740621][T22812] shmem 8380416
[ 2840.740621][T22812] zswap 0
[ 2840.740621][T22812] zswapped 0
[ 2840.740621][T22812] file_mapped 405504
[ 2840.740621][T22812] file_dirty 0
[ 2840.740621][T22812] file_writeback 0
[ 2840.740621][T22812] swapcached 0
[ 2840.740621][T22812] anon_thp 0
[ 2840.740621][T22812] file_thp 0
[ 2840.740621][T22812] shmem_thp 0
[ 2840.740621][T22812] inactive_anon 4096
[ 2840.740621][T22812] active_anon 8491008
[ 2840.740621][T22812] inactive_file 0
[ 2840.740621][T22812] active_file 0
[ 2840.740621][T22812] unevictable 0
[ 2840.740621][T22812] slab_reclaimable 38216
[ 2840.740621][T22812] slab_unreclaimable 300379744
[ 2840.740621][T22812] slab 300417960
[ 2840.740621][T22812] workingset_refault_anon 0
[ 2840.740621][T22812] workingset_refault_file 0
[ 2840.740621][T22812] workingset_activate_anon 0
[ 2840.740621][T22812] workingset_activate_file 0
[ 2840.740621][T22812] workingset_restore_anon 0
[ 2840.740621][T22812] workingset_restore_file 0
[ 2840.740621][T22812] workingset_nodereclaim 0
[ 2840.740621][T22812] pgscan 0
[ 2840.740621][T22812] pgsteal 0
[ 2840.740621][T22812] pgscan_kswapd 0
[ 2840.740621][T22812] pgscan_direct 0
[ 2840.740621][T22812] pgscan_khugepaged 0
[ 2840.740621][T22812] pgsteal_kswapd 0
[ 2840.740621][T22812] pgsteal_direct 0
[ 2840.740621][T22812] pgsteal_khugepaged 0
[ 2840.740621][T22812] pgfault 385910
[ 2840.740621][T22812] pgmajfault 0
[ 2840.740621][T22812] pgrefill 0
[ 2840.740621][T22812] pgactivate 0
[ 2840.740621][T22812] pgdeactivate 0
[ 2840.740621][T22812] pglazyfree 0
[ 2840.740621][T22812] pglazyfreed 0
[ 2840.740621][T22812] zswpin 0
[ 2840.740621][T22812] zswpout 0
[ 2840.740621][T22812] thp_fault_alloc 0
13:48:15 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="48000000100001070000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2840.932342][T22808] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2840.945590][T22812] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=22812,uid=0
13:48:15 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x5f01000000000000)

13:48:15 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xad)

13:48:15 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
getpeername(r0, &(0x7f00000000c0)=@rc={0x1f, @none}, &(0x7f0000000000)=0x80)
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)

[ 2841.041976][T22812] Memory cgroup out of memory: Killed process 22812 (syz-executor.4) total-vm:54548kB, anon-rss:360kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:15 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="2c00000024000b0f0000fb3b6819d26f9d61760086060bf48d41a65df0cbe49d1222901da3cf2e0595144a6be9b279d5141c6f02fd8226f42be08ad598c6c11fab01dedced4fe62029152c7a168fb7b57a0c7842f6dc2534c6766a6a886c1e83e20ea5d59a83f9a050f9f68280d878cc30ac350f52f94823b5e91c0700d7f2457787cf5edbb2b61917f6d557e130365bd97ae02303c78788004af3320e21869b9b61d4519c58634b4b38fcf5cc20fb4481a9d1c26d369116ac8a247b8bd315b77a5e1d96b9913de3c3f16bda09170926bd6d71c55a0a9471eb5d136d667a325ab7cf79176b7de3a72d1dc3", @ANYRES32=r2, @ANYBLOB="040000716671000000000000000000000000000024fbc431436dca9684d920e12a6a042e345c46ebdb8857704fbf1d3757da4531bd8991fd30b3fd407c40bc7cb4cc024b4d72ce7ecf783c34883ef52729aed116239fa3e87a4a36726fce9aa225e62d96deb3eabd1b90d6cb231a261273092cd0d1b63ea7c39586a728a06280a976d7effee0d510927b5f731465c1f8930291ed502edda1efc9805d09a377d3a5a9585717d2bcbf145dfe22ff19cfd80737cacf5633b68cd5ee723e5050ca6fcb0503a2359e607806411d5e6db97720f9e602b653c9391aab5f9ac874ee44db49e1984c9c8fec71b9f58164952ff47cd3e89917d45fba285d4adfb294d1eb"], 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:15 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0}) (async)
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="20000000c76f4ff9b61300290a000000000000000007000000", @ANYRES32=r4, @ANYBLOB="0000030000000000"], 0x20}, 0x1, 0x0, 0x0, 0x2000001c}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="8200"/14, @ANYRESHEX=r5, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0) (async)
r8 = accept4$vsock_stream(r5, &(0x7f0000000380)={0x28, 0x0, 0x2711, @my=0x1}, 0x10, 0x800)
getsockopt$inet6_mreq(r5, 0x29, 0x1b, &(0x7f00000003c0)={@private2, <r9=>0x0}, &(0x7f0000000400)=0x14)
sendmsg(r8, &(0x7f0000000780)={&(0x7f0000000500)=@ll={0x11, 0xeb, r9, 0x1, 0xfd, 0x6, @multicast}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000480)="4a4b11bef2f2459927ad544dea4d29c5962ab542ad0fbad49e482b15247ba9b6410e205f98f25ca4bf62d04b3ea21eec92145d", 0x33}, {&(0x7f0000000580)="758e7b63ca959db611f21fea2ddbe55bb5ce31d0aa5a2986222d2939114417a94317ccd39e3d55ea3e4b54f09b9c8010c2f40f4b153dc5f7a95c1fd1d143592cf6f8dfc22bed787115ddcc73dc49cd017009ea16d352ea1edc287fc67f7909535e283560c10301490211a62cba30cf28f62ade29c6338ac3208574039e5c4b398ce26e3ac6ebd827b2c662cad60bc3d09a492ede8106aaf3f6513d53a4459b84d9decee1889e12bab0ad53b5172032089489c17fad7c3a796533ab9c40c883223622522456e5bb55566dfc9472f1beafbc7b176ef7c56b84afe2faaa221a3590b00640a242", 0xe5}, {&(0x7f00000006c0)="4c4d9468465353057325a70f5cc08a133060f5773887fa69d8261957b0eac9ee2d8f4a04459e694f397178cab1198379e579e874f3af1bffe983df7dbdb36a19eeedac24d4e007bba366492700c1833f8f374636c8446fa2", 0x58}], 0x3}, 0x4) (async)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2841.372952][T22834] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2841.396263][T22834] CPU: 1 PID: 22834 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2841.406743][T22834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2841.416858][T22834] Call Trace:
[ 2841.420156][T22834]  <TASK>
[ 2841.423112][T22834]  dump_stack_lvl+0x136/0x150
[ 2841.427834][T22834]  dump_header+0x10a/0xd70
[ 2841.432285][T22834]  oom_kill_process+0x25d/0x600
[ 2841.437171][T22834]  out_of_memory+0x35c/0x1660
[ 2841.441901][T22834]  ? find_held_lock+0x2d/0x110
[ 2841.446791][T22834]  ? oom_killer_disable+0x2b0/0x2b0
[ 2841.452028][T22834]  ? rcu_read_unlock+0x9/0x60
[ 2841.456751][T22834]  ? find_held_lock+0x2d/0x110
[ 2841.461662][T22834]  mem_cgroup_out_of_memory+0x206/0x270
[ 2841.467351][T22834]  ? mem_cgroup_margin+0x130/0x130
[ 2841.472515][T22834]  ? lock_downgrade+0x690/0x690
[ 2841.478066][T22834]  try_charge_memcg+0xf99/0x13a0
[ 2841.483081][T22834]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2841.489346][T22834]  ? rcu_read_unlock+0x9/0x60
[ 2841.494095][T22834]  ? lock_downgrade+0x690/0x690
[ 2841.499015][T22834]  charge_memcg+0x90/0x3b0
[ 2841.503484][T22834]  __mem_cgroup_charge+0x2b/0x90
[ 2841.508442][T22834]  ? copy_mc_to_kernel+0x3e/0x90
[ 2841.513470][T22834]  do_wp_page+0x8ea/0x33c0
[ 2841.517926][T22834]  ? lock_sync+0x190/0x190
[ 2841.522366][T22834]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2841.527749][T22834]  ? do_raw_spin_lock+0x124/0x2b0
[ 2841.532789][T22834]  ? spin_bug+0x1c0/0x1c0
[ 2841.537142][T22834]  __handle_mm_fault+0x1635/0x41c0
[ 2841.542267][T22834]  ? vm_iomap_memory+0x190/0x190
[ 2841.547214][T22834]  ? mas_walk+0x58f/0x730
[ 2841.551571][T22834]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2841.556696][T22834]  handle_mm_fault+0x2af/0x9f0
[ 2841.561474][T22834]  do_user_addr_fault+0x2ca/0x1210
[ 2841.566691][T22834]  ? rcu_is_watching+0x12/0xb0
[ 2841.571485][T22834]  exc_page_fault+0x98/0x170
[ 2841.576090][T22834]  asm_exc_page_fault+0x26/0x30
[ 2841.580959][T22834] RIP: 0033:0x7f4036836f7e
[ 2841.585377][T22834] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2841.605005][T22834] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2841.611093][T22834] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000001
[ 2841.619243][T22834] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2841.627234][T22834] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2841.635348][T22834] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2841.643330][T22834] R13: 00007f4036400080 R14: 00007f40369abf80 R15: 0000000000000000
[ 2841.651411][T22834]  </TASK>
[ 2841.737331][T22834] memory: usage 307200kB, limit 307200kB, failcnt 16215
[ 2841.747559][T22834] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2841.765978][T22834] Memory cgroup stats for /syz4:
[ 2841.766265][T22834] anon 114688
[ 2841.766265][T22834] file 8380416
[ 2841.766265][T22834] kernel 306077696
[ 2841.766265][T22834] kernel_stack 65536
[ 2841.766265][T22834] pagetables 77824
[ 2841.766265][T22834] sec_pagetables 0
[ 2841.766265][T22834] percpu 5477376
[ 2841.766265][T22834] sock 0
[ 2841.766265][T22834] vmalloc 0
[ 2841.766265][T22834] shmem 8380416
[ 2841.766265][T22834] zswap 0
[ 2841.766265][T22834] zswapped 0
[ 2841.766265][T22834] file_mapped 405504
[ 2841.766265][T22834] file_dirty 0
[ 2841.766265][T22834] file_writeback 0
[ 2841.766265][T22834] swapcached 0
[ 2841.766265][T22834] anon_thp 0
[ 2841.766265][T22834] file_thp 0
[ 2841.766265][T22834] shmem_thp 0
[ 2841.766265][T22834] inactive_anon 4096
[ 2841.766265][T22834] active_anon 8491008
[ 2841.766265][T22834] inactive_file 0
[ 2841.766265][T22834] active_file 0
[ 2841.766265][T22834] unevictable 0
[ 2841.766265][T22834] slab_reclaimable 38216
[ 2841.766265][T22834] slab_unreclaimable 300379744
[ 2841.766265][T22834] slab 300417960
[ 2841.766265][T22834] workingset_refault_anon 0
[ 2841.766265][T22834] workingset_refault_file 0
[ 2841.766265][T22834] workingset_activate_anon 0
[ 2841.766265][T22834] workingset_activate_file 0
[ 2841.766265][T22834] workingset_restore_anon 0
[ 2841.766265][T22834] workingset_restore_file 0
[ 2841.766265][T22834] workingset_nodereclaim 0
[ 2841.766265][T22834] pgscan 0
[ 2841.766265][T22834] pgsteal 0
[ 2841.766265][T22834] pgscan_kswapd 0
[ 2841.766265][T22834] pgscan_direct 0
[ 2841.766265][T22834] pgscan_khugepaged 0
[ 2841.766265][T22834] pgsteal_kswapd 0
[ 2841.766265][T22834] pgsteal_direct 0
[ 2841.766265][T22834] pgsteal_khugepaged 0
[ 2841.766265][T22834] pgfault 385949
[ 2841.766265][T22834] pgmajfault 0
[ 2841.766265][T22834] pgrefill 0
[ 2841.766265][T22834] pgactivate 0
[ 2841.766265][T22834] pgdeactivate 0
[ 2841.766265][T22834] pglazyfree 0
[ 2841.766265][T22834] pglazyfreed 0
[ 2841.766265][T22834] zswpin 0
[ 2841.766265][T22834] zswpout 0
[ 2841.766265][T22834] thp_fault_alloc 0
13:48:16 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="48000000100001070000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:16 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
getpeername(r0, &(0x7f00000000c0)=@rc={0x1f, @none}, &(0x7f0000000000)=0x80)
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) (async)
getpeername(r0, &(0x7f00000000c0)=@rc={0x1f, @none}, &(0x7f0000000000)=0x80) (async)
socket(0x10, 0x80002, 0x0) (async)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)

[ 2842.003565][T22826] bridge0: port 1(bridge_slave_0) entered disabled state
13:48:16 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xae)

13:48:16 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6000000000000000)

13:48:16 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="2c00000024000b0f0000fb3b6819d26f9d61760086060bf48d41a65df0cbe49d1222901da3cf2e0595144a6be9b279d5141c6f02fd8226f42be08ad598c6c11fab01dedced4fe62029152c7a168fb7b57a0c7842f6dc2534c6766a6a886c1e83e20ea5d59a83f9a050f9f68280d878cc30ac350f52f94823b5e91c0700d7f2457787cf5edbb2b61917f6d557e130365bd97ae02303c78788004af3320e21869b9b61d4519c58634b4b38fcf5cc20fb4481a9d1c26d369116ac8a247b8bd315b77a5e1d96b9913de3c3f16bda09170926bd6d71c55a0a9471eb5d136d667a325ab7cf79176b7de3a72d1dc3", @ANYRES32=r2, @ANYBLOB="040000716671000000000000000000000000000024fbc431436dca9684d920e12a6a042e345c46ebdb8857704fbf1d3757da4531bd8991fd30b3fd407c40bc7cb4cc024b4d72ce7ecf783c34883ef52729aed116239fa3e87a4a36726fce9aa225e62d96deb3eabd1b90d6cb231a261273092cd0d1b63ea7c39586a728a06280a976d7effee0d510927b5f731465c1f8930291ed502edda1efc9805d09a377d3a5a9585717d2bcbf145dfe22ff19cfd80737cacf5633b68cd5ee723e5050ca6fcb0503a2359e607806411d5e6db97720f9e602b653c9391aab5f9ac874ee44db49e1984c9c8fec71b9f58164952ff47cd3e89917d45fba285d4adfb294d1eb"], 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2842.334601][T22843] bridge0: port 1(bridge_slave_0) entered disabled state
13:48:16 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="48000000100001070000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:16 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x5201000000000000)

[ 2842.422804][T22834] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=22834,uid=0
[ 2842.469271][T22834] Memory cgroup out of memory: Killed process 22834 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:16 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0}) (async)
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="20000000c76f4ff9b61300290a000000000000000007000000", @ANYRES32=r4, @ANYBLOB="0000030000000000"], 0x20}, 0x1, 0x0, 0x0, 0x2000001c}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="8200"/14, @ANYRESHEX=r5, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) (async)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = accept4$vsock_stream(r5, &(0x7f0000000380)={0x28, 0x0, 0x2711, @my=0x1}, 0x10, 0x800) (async)
getsockopt$inet6_mreq(r5, 0x29, 0x1b, &(0x7f00000003c0)={@private2, <r9=>0x0}, &(0x7f0000000400)=0x14)
sendmsg(r8, &(0x7f0000000780)={&(0x7f0000000500)=@ll={0x11, 0xeb, r9, 0x1, 0xfd, 0x6, @multicast}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000480)="4a4b11bef2f2459927ad544dea4d29c5962ab542ad0fbad49e482b15247ba9b6410e205f98f25ca4bf62d04b3ea21eec92145d", 0x33}, {&(0x7f0000000580)="758e7b63ca959db611f21fea2ddbe55bb5ce31d0aa5a2986222d2939114417a94317ccd39e3d55ea3e4b54f09b9c8010c2f40f4b153dc5f7a95c1fd1d143592cf6f8dfc22bed787115ddcc73dc49cd017009ea16d352ea1edc287fc67f7909535e283560c10301490211a62cba30cf28f62ade29c6338ac3208574039e5c4b398ce26e3ac6ebd827b2c662cad60bc3d09a492ede8106aaf3f6513d53a4459b84d9decee1889e12bab0ad53b5172032089489c17fad7c3a796533ab9c40c883223622522456e5bb55566dfc9472f1beafbc7b176ef7c56b84afe2faaa221a3590b00640a242", 0xe5}, {&(0x7f00000006c0)="4c4d9468465353057325a70f5cc08a133060f5773887fa69d8261957b0eac9ee2d8f4a04459e694f397178cab1198379e579e874f3af1bffe983df7dbdb36a19eeedac24d4e007bba366492700c1833f8f374636c8446fa2", 0x58}], 0x3}, 0x4) (async)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:17 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xaf)

13:48:17 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x13)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280009000100766574680000"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000540)={&(0x7f0000000380), 0xc, &(0x7f0000000500)={&(0x7f00000003c0)=@delnexthop={0x58, 0x69, 0x2, 0x70bd27, 0x25dfdbff, {}, [{0x8}, {0x8, 0x1, 0x1}, {0x8, 0x1, 0x2}, {0x8}, {0x8}, {0x8, 0x1, 0x2}, {0x8, 0x1, 0x1}, {0x8, 0x1, 0x2}]}, 0x58}, 0x1, 0x0, 0x0, 0xe2eb3808880623ab}, 0x1)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_ADD_TX_TS(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80200000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x40, 0x0, 0x2, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x40}, 0x1, 0x0, 0x0, 0x48840}, 0x800)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[], 0x3c}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2842.710477][T22865] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2842.762342][T22865] CPU: 0 PID: 22865 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2842.772902][T22865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2842.783010][T22865] Call Trace:
[ 2842.786316][T22865]  <TASK>
[ 2842.789269][T22865]  dump_stack_lvl+0x136/0x150
[ 2842.794087][T22865]  dump_header+0x10a/0xd70
[ 2842.798546][T22865]  oom_kill_process+0x25d/0x600
[ 2842.803437][T22865]  out_of_memory+0x35c/0x1660
[ 2842.808162][T22865]  ? find_held_lock+0x2d/0x110
[ 2842.812970][T22865]  ? oom_killer_disable+0x2b0/0x2b0
[ 2842.818197][T22865]  ? rcu_read_unlock+0x9/0x60
[ 2842.823020][T22865]  ? find_held_lock+0x2d/0x110
[ 2842.827843][T22865]  mem_cgroup_out_of_memory+0x206/0x270
[ 2842.833450][T22865]  ? mem_cgroup_margin+0x130/0x130
[ 2842.838639][T22865]  ? lock_downgrade+0x690/0x690
[ 2842.843555][T22865]  try_charge_memcg+0xf99/0x13a0
[ 2842.848556][T22865]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2842.854600][T22865]  ? rcu_read_unlock+0x9/0x60
[ 2842.859362][T22865]  ? lock_downgrade+0x690/0x690
[ 2842.864370][T22865]  charge_memcg+0x90/0x3b0
[ 2842.868851][T22865]  __mem_cgroup_charge+0x2b/0x90
[ 2842.873843][T22865]  ? copy_mc_to_kernel+0x3e/0x90
[ 2842.878933][T22865]  do_wp_page+0x8ea/0x33c0
[ 2842.883417][T22865]  ? lock_sync+0x190/0x190
[ 2842.887981][T22865]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2842.893405][T22865]  ? do_raw_spin_lock+0x124/0x2b0
[ 2842.898517][T22865]  ? spin_bug+0x1c0/0x1c0
[ 2842.902914][T22865]  __handle_mm_fault+0x1635/0x41c0
[ 2842.908072][T22865]  ? vm_iomap_memory+0x190/0x190
[ 2842.913050][T22865]  ? mas_walk+0x58f/0x730
[ 2842.917432][T22865]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2842.922592][T22865]  handle_mm_fault+0x2af/0x9f0
[ 2842.927400][T22865]  do_user_addr_fault+0x2ca/0x1210
[ 2842.932558][T22865]  ? rcu_is_watching+0x12/0xb0
[ 2842.937374][T22865]  exc_page_fault+0x98/0x170
[ 2842.942440][T22865]  asm_exc_page_fault+0x26/0x30
[ 2842.947331][T22865] RIP: 0033:0x7f4036836f7e
[ 2842.951777][T22865] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2842.971428][T22865] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2842.977523][T22865] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2842.985531][T22865] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2842.993542][T22865] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2843.001549][T22865] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2843.009554][T22865] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2843.017571][T22865]  </TASK>
[ 2843.057932][T22861] __nla_validate_parse: 33 callbacks suppressed
[ 2843.057953][T22861] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2843.085676][T22862] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
13:48:17 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="480000001000010700000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2843.160661][T22867] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2843.289567][T22871] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2843.392180][T22869] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2843.416947][T22859] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
13:48:17 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x13)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280009000100766574680000"], 0x48}}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280009000100766574680000"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000540)={&(0x7f0000000380), 0xc, &(0x7f0000000500)={&(0x7f00000003c0)=@delnexthop={0x58, 0x69, 0x2, 0x70bd27, 0x25dfdbff, {}, [{0x8}, {0x8, 0x1, 0x1}, {0x8, 0x1, 0x2}, {0x8}, {0x8}, {0x8, 0x1, 0x2}, {0x8, 0x1, 0x1}, {0x8, 0x1, 0x2}]}, 0x58}, 0x1, 0x0, 0x0, 0xe2eb3808880623ab}, 0x1)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_ADD_TX_TS(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80200000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x40, 0x0, 0x2, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x40}, 0x1, 0x0, 0x0, 0x48840}, 0x800)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[], 0x3c}}, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2843.437811][T22865] memory: usage 307184kB, limit 307200kB, failcnt 16291
[ 2843.448791][T22881] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2843.467227][T22865] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2843.480094][T22875] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2843.491797][T22873] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2843.507642][T22865] Memory cgroup stats for /syz4:
[ 2843.507926][T22865] anon 114688
[ 2843.507926][T22865] file 8380416
[ 2843.507926][T22865] kernel 306061312
[ 2843.507926][T22865] kernel_stack 65536
[ 2843.507926][T22865] pagetables 77824
[ 2843.507926][T22865] sec_pagetables 0
[ 2843.507926][T22865] percpu 5477312
[ 2843.507926][T22865] sock 0
[ 2843.507926][T22865] vmalloc 0
[ 2843.507926][T22865] shmem 8380416
[ 2843.507926][T22865] zswap 0
[ 2843.507926][T22865] zswapped 0
[ 2843.507926][T22865] file_mapped 405504
[ 2843.507926][T22865] file_dirty 0
[ 2843.507926][T22865] file_writeback 0
[ 2843.507926][T22865] swapcached 0
[ 2843.507926][T22865] anon_thp 0
[ 2843.507926][T22865] file_thp 0
[ 2843.507926][T22865] shmem_thp 0
[ 2843.507926][T22865] inactive_anon 4096
[ 2843.507926][T22865] active_anon 8491008
[ 2843.507926][T22865] inactive_file 0
[ 2843.507926][T22865] active_file 0
[ 2843.507926][T22865] unevictable 0
[ 2843.507926][T22865] slab_reclaimable 38216
[ 2843.507926][T22865] slab_unreclaimable 300367768
[ 2843.507926][T22865] slab 300405984
[ 2843.507926][T22865] workingset_refault_anon 0
[ 2843.507926][T22865] workingset_refault_file 0
[ 2843.507926][T22865] workingset_activate_anon 0
[ 2843.507926][T22865] workingset_activate_file 0
[ 2843.507926][T22865] workingset_restore_anon 0
[ 2843.507926][T22865] workingset_restore_file 0
[ 2843.507926][T22865] workingset_nodereclaim 0
[ 2843.507926][T22865] pgscan 0
[ 2843.507926][T22865] pgsteal 0
[ 2843.507926][T22865] pgscan_kswapd 0
[ 2843.507926][T22865] pgscan_direct 0
[ 2843.507926][T22865] pgscan_khugepaged 0
[ 2843.507926][T22865] pgsteal_kswapd 0
[ 2843.507926][T22865] pgsteal_direct 0
[ 2843.507926][T22865] pgsteal_khugepaged 0
[ 2843.507926][T22865] pgfault 385988
[ 2843.507926][T22865] pgmajfault 0
[ 2843.507926][T22865] pgrefill 0
[ 2843.507926][T22865] pgactivate 0
[ 2843.507926][T22865] pgdeactivate 0
[ 2843.507926][T22865] pglazyfree 0
[ 2843.507926][T22865] pglazyfreed 0
[ 2843.507926][T22865] zswpin 0
[ 2843.507926][T22865] zswpout 0
13:48:17 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6001000000000000)

13:48:18 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="480000001000010700000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:18 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xb0)

[ 2843.507926][T22865] thp_fault_alloc 0
13:48:18 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000bc0)=@bpf_lsm={0x1d, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="181b0000", @ANYRES32, @ANYBLOB="015e", @ANYRES32=0x1, @ANYBLOB="00000000050004481002000006000000"], &(0x7f0000000080)='syzkaller\x00', 0x1, 0xc4, &(0x7f0000000140)=""/196, 0x40f00, 0x19, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x6, 0x4}, 0x8, 0x10, &(0x7f0000000100)={0x4, 0xd, 0x299, 0x8}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000400)=[0x1, 0xffffffffffffffff]}, 0x80)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000), 0x4)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xe, 0xa, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4a4, 0x0, 0x0, 0x0, 0x1}, [@map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2}, @map_val={0x18, 0xb, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x20}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x1000}, @call={0x85, 0x0, 0x0, 0x19}]}, &(0x7f00000000c0)='syzkaller\x00', 0x7, 0x58, &(0x7f0000000100)=""/88, 0x41000, 0x2, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000002c0)={0x4, 0x5, 0x101, 0x200}, 0x10, 0x0, r3}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x9, 0x11, &(0x7f0000001380)=ANY=[@ANYBLOB="180000000010000000000000080000001800000000000000000000004d5fffff1d20010010000000182a0000", @ANYRES32, @ANYBLOB="000000000300000018540000060000000000000000000000d54bed5ecc56c91ead87020008ffffff4506fcff080000001868000002000043e300000000000800000018130000", @ANYRESOCT, @ANYRES16], &(0x7f0000000100)='GPL\x00', 0x7ffffffc, 0x75, &(0x7f0000000140)=""/117, 0x41100, 0x2, '\x00', 0x0, 0x16, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x6, 0x9}, 0x8, 0x10, &(0x7f0000000280)={0x5, 0x4, 0x1, 0x80}, 0x10}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000000008000bfa3000000000000070300000dfeffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e64000000000000450404000100edff1604000001000a00b7040000000100006a0af2fe00000000850000001a000000b70000000000000095000000000000009e17890efeee5e2b7ff8a8cdc218e784909b849d5550ad855dab54d8877a6db61d69f2ffcaa17f82e11cb97c8adf1b831f422543e78461e57b2798779207c9a0c4eeff9674c7fcffffff971e43405d621ffbc9a4fd39b0b56bfe6508ebb3c4631f6dde53b9a53608c10556e5c1e2b840497661826c36c5c1df1451ce540ca12e2d9f8004e26b7fcc059c065012828d872b36388b595f6dba87b8031106fb0289ce67a66afd9ac3d09e29a9d542ca9d85b5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee41f5b2e7b91c61ced1eb57ad000000000000e8122a79c3e40000b59b0fc4937de6b0316dec3c080a802a000001000000000031b6a076555125aaffffa7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d4524847d337ac976376d5074ce1d2638da3261c8362bb7c785d9b7c45218b100ee122040e11e3bdcb9d287ec31cd985841fe91212ee4a38af074c7e2ce006000000dc7777bfae5884e4ba1e9cc44846153ba0dec51a8e4abf07df09312ac2c3bc4a59f22e46295a2d89a355bb9bba44f83fed3b2f96520100000040f1a8cde1fc1a1ef36c66880c8351cb06187641ed2f02835a8545a2374c9e8d06d3724ce0323c4e7b6d1a323c41a5d740b95d9317ff00000000000000f9db4a9a840000000033fbf7e9fa4f27245ca051d61c32bc3189af4ead1fca58746120fa0da48604000000000000003a6d794a7649c31576b3b69bd13f5a14c19790e24baf047fe3be299318f86ebb3094756894b2d1a4ff2fb76fed59c97ac9314408399485e659765d8e0000002000000000818d125c58a22151fabaaa7dc9eb40707927d240c6d29508fea81204e41040000000583ef12318bf8b2661f0df85a488f4b18d95b59ec07e5aa144dbae3df0000000000000000035d764eef4ee870807942cbd6a28384f6ba7c5fccca601000000e4e9fd18460296d89cc847973955daae01bd99ea1862fdb38410145ade0cf000000055a5efc9ff92e6eb37c3922c8aa02b2dcb4c977a61d989cf088e5c45009d27e1744d9cf4dd50bef1609c13975833c038aee18ed0dcbe865de50c5a2ed4cc3748672b7cd25067340a37475e0879fe9b3886dd054b43e7c485b2a43c3707d4c686bc5dea5bb9be9e4b25adfb068e75b54c09481c8393e94053d99d0f7d67f7ed49b1c744d9f5b19c257136e6b2110000b5480a31359185c89956c2237e4c59d09b4f3701c5190f2687fa9aad7e404b225aaab87f0e82802468398ffaac2fa66bb9afae6d449342aa30e443023f0554a756218077d418cf148af56491f0fa5b48582f1b13461fdf9fb9367f44d93d6ece0abe3e84b3279ab1b3f27d4afac67cf28594dd8ef1104c498e7bc63e2f6d3779c70d81c040b88451770eb988e9477d2de85be3d0880acd1c636dd3abff16db16594581d94dad70cc94c689707106000801a5cfad936253d110ca2aa3f13840b34ff956ee55602cad9bbf364bed22f32edea7a51515c03097a185fc4a64686e397d9c35e55b31c91aeea878a8d51b4ce7c2bf9023b867ba3f450799"], &(0x7f0000000100)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x16, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340)={0x0, 0x0, 0xfffffffe, 0xfffffffc}, 0x10}, 0x80)
r4 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x1)
openat$cgroup_ro(r5, &(0x7f0000000100)='blkio.throttle.io_serviced_recursive\x00', 0xf0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xb, 0x8, &(0x7f0000000040)=@raw=[@exit, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3ff}, @alu={0x7, 0x0, 0x0, 0x2, 0xa, 0x10, 0xfffffffffffffffc}, @alu={0x4, 0x1, 0x4, 0x6, 0x8, 0x6, 0x1a905cc5ccbde0cb}, @map_fd={0x18, 0x5}, @call={0x85, 0x0, 0x0, 0x61}], &(0x7f0000000140)='syzkaller\x00', 0x8, 0x0, 0x0, 0x40f00, 0x7, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000001c0)={0x2, 0x1, 0x2a1, 0x4}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000280)=[r5]}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000001480)={0x4, 0x3, &(0x7f0000001100)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x7}, @ldst={0x2, 0x1, 0x6, 0x6, 0x3, 0x100, 0xfffffffffffffff4}], &(0x7f0000001240)='GPL\x00', 0xfffffffe, 0x75, &(0x7f0000001280)=""/117, 0x40f00, 0x0, '\x00', 0x0, 0xc, 0xffffffffffffffff, 0x8, &(0x7f0000001400)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000001440)={0x3, 0xa, 0xeb, 0x1}, 0x10}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xe, 0xa, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x2f}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x3}, @alu={0x7, 0x1, 0x9, 0x7, 0x4, 0x18, 0x8}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x5}]}, &(0x7f0000000040)='syzkaller\x00', 0xcd7e, 0x6, &(0x7f0000000280)=""/6, 0x41000, 0x10, '\x00', 0x0, 0x22, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x6, 0x3}, 0x8, 0x10, &(0x7f0000000300)={0x4, 0x6, 0xffffffff, 0x5eb}, 0x10}, 0x80)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f00000001c0)={<r6=>r0, 0x1f, 0x0, 0xf8a})
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@bloom_filter={0x1e, 0x1f, 0x7fffffff, 0x8484, 0x4, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5, 0x1, 0x3}, 0x48)
r8 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r9 = dup(r8)
write$6lowpan_enable(r9, &(0x7f0000000000)='0', 0xfffffd2c)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x15, 0xd, &(0x7f0000000240)=@raw=[@map_val={0x18, 0x6, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x20}, @cb_func={0x18, 0xa, 0x4, 0x0, 0x2}, @map_idx={0x18, 0xa, 0x5, 0x0, 0xf}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0x7, 0x6, 0x6, 0x2023, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}], &(0x7f0000000080)='syzkaller\x00', 0x20, 0x8b, &(0x7f0000000380)=""/139, 0x40f00, 0x4, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x3, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000580)=[0x1, r6, 0x1, r7, 0xffffffffffffffff, r9, 0xffffffffffffffff]}, 0x80)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r10, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r11 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r11, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2843.765367][T22888] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
13:48:18 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff})
sendmmsg(r5, &(0x7f00000001c0)=[{{&(0x7f0000000240)=@un=@file={0x0, './file0\x00'}, 0x80, &(0x7f0000000100)=[{&(0x7f0000000500)="edc68f1099bd242f666408f1dcf56eea9d5ceb08ceed1b73446cc9e98af6e67e8c0936fd20f368e601cc038e410e539f0597533ec3ca6a6abccb37370f63af187dd831752bf4d8c38aaa1345e9ef88b51e7df89a32c4bafb38c65b8bb0ac0089c646e93a8d39680ad3a812cc6209c90fdec9ee3087cf3ea2c471bcfcdaf0e782dab1afc2ab5d8cf9c51021370c91a7684052c6d22b9e4a8ef5ac2fc4f933e5a26198113134cba80093df8517616781efc19042ae753d243d2cf5d04567966037cb4661579bbcaf7bdad9a1af0f7e03a4c146333b3d961e08d8cca3f42c3589e043f63ce55231804ded85ccdd06998169b6a2347176", 0xf5}, {&(0x7f0000000380)="4bdbad89be65314988bdc59206dcc57068cd36f1184006c8ebe6a6523c8735964444307bcd26c26f5ba74602db20d839506dec906903ff3addb53e96be23f4b1e912722f4971dd7b962f767d04f655", 0x4f}, {&(0x7f0000000600)="3f3bd66bafe9a45f476c3c16cdff75510ddd1cf5b3594f67acd71c396fadf18a03ae30f6488462a515cbc32c4c22ba80fcc7e4833cd1a3678b6edd0309b707f71c", 0x41}, {&(0x7f00000006c0)="740ab8fc03d4199118e150330db6aafd505725bb6935c9f00acf3ed7a7dae71469755367d8b374642e004ce173ed5eb5ba8763e738510a36c8386d8deb477eee90c90ff25fb80785859da86a23a5f5aee752dd33befded571998ed51b417e8dc5188cac7d6baa2069b9a3cda31f0b2e7a13d0d1cec5c72379773de8222e45203d4d3ea7c883603df98b17f0380d315d78cbd81c458a6d38e4e0f194f438a1f52b4ea7b", 0xa3}], 0x4, &(0x7f0000000780)=[{0x40, 0x3a, 0x3, "768aa17b8c15742230850b82363ae08237a631dc1f157c7db5c743a9883ce872619db03370e029604534"}, {0xd8, 0x84, 0x0, "38adb41aba748ea41674d48e99a235be2b124deebe0f3ed538234169f7a54f39476dc5823f2f2bbcebbbf1e2ea712fc9f254a38c6378f7a632b36ed51e569bfa83ec439599635887e79e30bc3da266eddc6e02a95faed6f627c499515217bf2149d88ca92989c63866706a7bbfb40b16937f4aaecaa12f379d1627a4a405ea9c37e60e451d16ae4acd7eb220dbf80a854a062e79c1f2935734d763cd50cb61999774c469aec8897ab23ba01a4bd423f2b25a738a20b38f51187b4e04b400963cf29626dbbc"}, {0x60, 0x10a, 0x0, "daf0d9b6a8d268da7a932c2dd6ec022aa8717c60b80bf5a011ccbf63f66f26f242ee1d957a9ba17dee3b4d835686ac685ff68a7894fa100f95fa3bf8fb3c4b9c9e72fd21074add92a3515189cc30"}, {0xc8, 0x88, 0x8000, "b970e074aa458e74f807c27b05976bd560512957ae4596f1caf5994194ed598b02d681f673d46a31ddcd9947934ecf6c01d5d208659239ff2883a626925a33f96800dcc0f5c22a00e084c681c56aad7029677e93ce9c2e75cf7ebb814b2d87f43ce30edacfdaa60724e6ecf8fdc3b343d219f98f6c6eb44b5310edae504812bb3a4a05a2d69761cfe15255f647770b7c4b927a04dba9784f03ddaec6a93e396a5981c2b2eded568a847890d42c4b1130febfb7"}], 0x240}}], 0x1, 0x4091)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2843.957500][T22865] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=22865,uid=0
[ 2843.973775][T22865] Memory cgroup out of memory: Killed process 22865 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 2844.116770][T22906] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[ 2844.185157][T22906] CPU: 0 PID: 22906 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2844.195650][T22906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2844.205741][T22906] Call Trace:
[ 2844.209046][T22906]  <TASK>
[ 2844.212003][T22906]  dump_stack_lvl+0x136/0x150
[ 2844.216728][T22906]  dump_header+0x10a/0xd70
[ 2844.221194][T22906]  oom_kill_process+0x25d/0x600
[ 2844.226084][T22906]  out_of_memory+0x35c/0x1660
[ 2844.230801][T22906]  ? find_held_lock+0x2d/0x110
[ 2844.235611][T22906]  ? oom_killer_disable+0x2b0/0x2b0
[ 2844.240842][T22906]  ? rcu_read_unlock+0x9/0x60
[ 2844.245555][T22906]  ? find_held_lock+0x2d/0x110
[ 2844.250359][T22906]  mem_cgroup_out_of_memory+0x206/0x270
[ 2844.255951][T22906]  ? mem_cgroup_margin+0x130/0x130
[ 2844.261099][T22906]  ? lock_downgrade+0x690/0x690
[ 2844.266005][T22906]  try_charge_memcg+0xf99/0x13a0
[ 2844.271006][T22906]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2844.277031][T22906]  ? get_mem_cgroup_from_objcg+0xa1/0x280
13:48:18 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x13) (async)
socket$netlink(0x10, 0x3, 0x13)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280009000100766574680000"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000540)={&(0x7f0000000380), 0xc, &(0x7f0000000500)={&(0x7f00000003c0)=@delnexthop={0x58, 0x69, 0x2, 0x70bd27, 0x25dfdbff, {}, [{0x8}, {0x8, 0x1, 0x1}, {0x8, 0x1, 0x2}, {0x8}, {0x8}, {0x8, 0x1, 0x2}, {0x8, 0x1, 0x1}, {0x8, 0x1, 0x2}]}, 0x58}, 0x1, 0x0, 0x0, 0xe2eb3808880623ab}, 0x1)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_ADD_TX_TS(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80200000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x40, 0x0, 0x2, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x40}, 0x1, 0x0, 0x0, 0x48840}, 0x800) (async)
sendmsg$NL80211_CMD_ADD_TX_TS(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80200000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x40, 0x0, 0x2, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x40}, 0x1, 0x0, 0x0, 0x48840}, 0x800)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[], 0x3c}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2844.282809][T22906]  ? lock_downgrade+0x690/0x690
[ 2844.287714][T22906]  ? lock_downgrade+0x690/0x690
[ 2844.292602][T22906]  ? rcu_read_unlock+0x9/0x60
[ 2844.297321][T22906]  obj_cgroup_charge+0x2af/0x5e0
[ 2844.302304][T22906]  __kmem_cache_alloc_node+0xa3/0x320
[ 2844.307719][T22906]  ? copy_semundo+0x18b/0x300
[ 2844.312440][T22906]  kmalloc_trace+0x26/0xe0
[ 2844.316918][T22906]  copy_semundo+0x18b/0x300
[ 2844.321466][T22906]  copy_process+0x2557/0x75c0
[ 2844.326187][T22906]  ? pidfd_prepare+0x80/0x80
[ 2844.330828][T22906]  ? psi_memstall_leave+0x174/0x250
[ 2844.336063][T22906]  ? lock_downgrade+0x690/0x690
[ 2844.340988][T22906]  kernel_clone+0xeb/0x890
[ 2844.345450][T22906]  ? create_io_thread+0xe0/0xe0
[ 2844.350362][T22906]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2844.356663][T22906]  ? lock_downgrade+0x690/0x690
[ 2844.361583][T22906]  __do_sys_clone+0xba/0x100
[ 2844.366262][T22906]  ? kernel_clone+0x890/0x890
[ 2844.371013][T22906]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2844.376964][T22906]  do_syscall_64+0x39/0xb0
[ 2844.381444][T22906]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2844.387389][T22906] RIP: 0033:0x7f403688d591
[ 2844.391825][T22906] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2844.411487][T22906] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2844.420304][T22906] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2844.428307][T22906] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2844.436314][T22906] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2844.444427][T22906] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2844.452430][T22906] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2844.460453][T22906]  </TASK>
13:48:18 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="480000001000010700000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:18 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xb1)

13:48:18 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6100000000000000)

[ 2844.657509][T22906] memory: usage 307184kB, limit 307200kB, failcnt 16355
[ 2844.664673][T22906] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2844.716650][T22906] Memory cgroup stats for /syz4:
[ 2844.716917][T22906] anon 114688
[ 2844.716917][T22906] file 8380416
[ 2844.716917][T22906] kernel 306061312
[ 2844.716917][T22906] kernel_stack 65536
[ 2844.716917][T22906] pagetables 77824
[ 2844.716917][T22906] sec_pagetables 0
[ 2844.716917][T22906] percpu 5477312
[ 2844.716917][T22906] sock 0
[ 2844.716917][T22906] vmalloc 0
[ 2844.716917][T22906] shmem 8380416
[ 2844.716917][T22906] zswap 0
[ 2844.716917][T22906] zswapped 0
[ 2844.716917][T22906] file_mapped 405504
[ 2844.716917][T22906] file_dirty 0
[ 2844.716917][T22906] file_writeback 0
[ 2844.716917][T22906] swapcached 0
[ 2844.716917][T22906] anon_thp 0
[ 2844.716917][T22906] file_thp 0
[ 2844.716917][T22906] shmem_thp 0
[ 2844.716917][T22906] inactive_anon 4096
[ 2844.716917][T22906] active_anon 8491008
[ 2844.716917][T22906] inactive_file 0
[ 2844.716917][T22906] active_file 0
[ 2844.716917][T22906] unevictable 0
[ 2844.716917][T22906] slab_reclaimable 38216
[ 2844.716917][T22906] slab_unreclaimable 300367304
[ 2844.716917][T22906] slab 300405520
[ 2844.716917][T22906] workingset_refault_anon 0
[ 2844.716917][T22906] workingset_refault_file 0
[ 2844.716917][T22906] workingset_activate_anon 0
[ 2844.716917][T22906] workingset_activate_file 0
[ 2844.716917][T22906] workingset_restore_anon 0
[ 2844.716917][T22906] workingset_restore_file 0
[ 2844.716917][T22906] workingset_nodereclaim 0
[ 2844.716917][T22906] pgscan 0
[ 2844.716917][T22906] pgsteal 0
[ 2844.716917][T22906] pgscan_kswapd 0
[ 2844.716917][T22906] pgscan_direct 0
[ 2844.716917][T22906] pgscan_khugepaged 0
[ 2844.716917][T22906] pgsteal_kswapd 0
[ 2844.716917][T22906] pgsteal_direct 0
[ 2844.716917][T22906] pgsteal_khugepaged 0
[ 2844.716917][T22906] pgfault 386027
[ 2844.716917][T22906] pgmajfault 0
[ 2844.716917][T22906] pgrefill 0
[ 2844.716917][T22906] pgactivate 0
[ 2844.716917][T22906] pgdeactivate 0
[ 2844.716917][T22906] pglazyfree 0
[ 2844.716917][T22906] pglazyfreed 0
[ 2844.716917][T22906] zswpin 0
[ 2844.716917][T22906] zswpout 0
[ 2844.716917][T22906] thp_fault_alloc 0
[ 2844.939895][T22906] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=22906,uid=0
13:48:19 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000001c0), 0x240800, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2844.985661][T22906] Memory cgroup out of memory: Killed process 22906 (syz-executor.4) total-vm:54548kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:19 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff})
sendmmsg(r5, &(0x7f00000001c0)=[{{&(0x7f0000000240)=@un=@file={0x0, './file0\x00'}, 0x80, &(0x7f0000000100)=[{&(0x7f0000000500)="edc68f1099bd242f666408f1dcf56eea9d5ceb08ceed1b73446cc9e98af6e67e8c0936fd20f368e601cc038e410e539f0597533ec3ca6a6abccb37370f63af187dd831752bf4d8c38aaa1345e9ef88b51e7df89a32c4bafb38c65b8bb0ac0089c646e93a8d39680ad3a812cc6209c90fdec9ee3087cf3ea2c471bcfcdaf0e782dab1afc2ab5d8cf9c51021370c91a7684052c6d22b9e4a8ef5ac2fc4f933e5a26198113134cba80093df8517616781efc19042ae753d243d2cf5d04567966037cb4661579bbcaf7bdad9a1af0f7e03a4c146333b3d961e08d8cca3f42c3589e043f63ce55231804ded85ccdd06998169b6a2347176", 0xf5}, {&(0x7f0000000380)="4bdbad89be65314988bdc59206dcc57068cd36f1184006c8ebe6a6523c8735964444307bcd26c26f5ba74602db20d839506dec906903ff3addb53e96be23f4b1e912722f4971dd7b962f767d04f655", 0x4f}, {&(0x7f0000000600)="3f3bd66bafe9a45f476c3c16cdff75510ddd1cf5b3594f67acd71c396fadf18a03ae30f6488462a515cbc32c4c22ba80fcc7e4833cd1a3678b6edd0309b707f71c", 0x41}, {&(0x7f00000006c0)="740ab8fc03d4199118e150330db6aafd505725bb6935c9f00acf3ed7a7dae71469755367d8b374642e004ce173ed5eb5ba8763e738510a36c8386d8deb477eee90c90ff25fb80785859da86a23a5f5aee752dd33befded571998ed51b417e8dc5188cac7d6baa2069b9a3cda31f0b2e7a13d0d1cec5c72379773de8222e45203d4d3ea7c883603df98b17f0380d315d78cbd81c458a6d38e4e0f194f438a1f52b4ea7b", 0xa3}], 0x4, &(0x7f0000000780)=[{0x40, 0x3a, 0x3, "768aa17b8c15742230850b82363ae08237a631dc1f157c7db5c743a9883ce872619db03370e029604534"}, {0xd8, 0x84, 0x0, "38adb41aba748ea41674d48e99a235be2b124deebe0f3ed538234169f7a54f39476dc5823f2f2bbcebbbf1e2ea712fc9f254a38c6378f7a632b36ed51e569bfa83ec439599635887e79e30bc3da266eddc6e02a95faed6f627c499515217bf2149d88ca92989c63866706a7bbfb40b16937f4aaecaa12f379d1627a4a405ea9c37e60e451d16ae4acd7eb220dbf80a854a062e79c1f2935734d763cd50cb61999774c469aec8897ab23ba01a4bd423f2b25a738a20b38f51187b4e04b400963cf29626dbbc"}, {0x60, 0x10a, 0x0, "daf0d9b6a8d268da7a932c2dd6ec022aa8717c60b80bf5a011ccbf63f66f26f242ee1d957a9ba17dee3b4d835686ac685ff68a7894fa100f95fa3bf8fb3c4b9c9e72fd21074add92a3515189cc30"}, {0xc8, 0x88, 0x8000, "b970e074aa458e74f807c27b05976bd560512957ae4596f1caf5994194ed598b02d681f673d46a31ddcd9947934ecf6c01d5d208659239ff2883a626925a33f96800dcc0f5c22a00e084c681c56aad7029677e93ce9c2e75cf7ebb814b2d87f43ce30edacfdaa60724e6ecf8fdc3b343d219f98f6c6eb44b5310edae504812bb3a4a05a2d69761cfe15255f647770b7c4b927a04dba9784f03ddaec6a93e396a5981c2b2eded568a847890d42c4b1130febfb7"}], 0x240}}], 0x1, 0x4091)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
socket(0x10, 0x803, 0x0) (async)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)) (async)
sendmmsg(r5, &(0x7f00000001c0)=[{{&(0x7f0000000240)=@un=@file={0x0, './file0\x00'}, 0x80, &(0x7f0000000100)=[{&(0x7f0000000500)="edc68f1099bd242f666408f1dcf56eea9d5ceb08ceed1b73446cc9e98af6e67e8c0936fd20f368e601cc038e410e539f0597533ec3ca6a6abccb37370f63af187dd831752bf4d8c38aaa1345e9ef88b51e7df89a32c4bafb38c65b8bb0ac0089c646e93a8d39680ad3a812cc6209c90fdec9ee3087cf3ea2c471bcfcdaf0e782dab1afc2ab5d8cf9c51021370c91a7684052c6d22b9e4a8ef5ac2fc4f933e5a26198113134cba80093df8517616781efc19042ae753d243d2cf5d04567966037cb4661579bbcaf7bdad9a1af0f7e03a4c146333b3d961e08d8cca3f42c3589e043f63ce55231804ded85ccdd06998169b6a2347176", 0xf5}, {&(0x7f0000000380)="4bdbad89be65314988bdc59206dcc57068cd36f1184006c8ebe6a6523c8735964444307bcd26c26f5ba74602db20d839506dec906903ff3addb53e96be23f4b1e912722f4971dd7b962f767d04f655", 0x4f}, {&(0x7f0000000600)="3f3bd66bafe9a45f476c3c16cdff75510ddd1cf5b3594f67acd71c396fadf18a03ae30f6488462a515cbc32c4c22ba80fcc7e4833cd1a3678b6edd0309b707f71c", 0x41}, {&(0x7f00000006c0)="740ab8fc03d4199118e150330db6aafd505725bb6935c9f00acf3ed7a7dae71469755367d8b374642e004ce173ed5eb5ba8763e738510a36c8386d8deb477eee90c90ff25fb80785859da86a23a5f5aee752dd33befded571998ed51b417e8dc5188cac7d6baa2069b9a3cda31f0b2e7a13d0d1cec5c72379773de8222e45203d4d3ea7c883603df98b17f0380d315d78cbd81c458a6d38e4e0f194f438a1f52b4ea7b", 0xa3}], 0x4, &(0x7f0000000780)=[{0x40, 0x3a, 0x3, "768aa17b8c15742230850b82363ae08237a631dc1f157c7db5c743a9883ce872619db03370e029604534"}, {0xd8, 0x84, 0x0, "38adb41aba748ea41674d48e99a235be2b124deebe0f3ed538234169f7a54f39476dc5823f2f2bbcebbbf1e2ea712fc9f254a38c6378f7a632b36ed51e569bfa83ec439599635887e79e30bc3da266eddc6e02a95faed6f627c499515217bf2149d88ca92989c63866706a7bbfb40b16937f4aaecaa12f379d1627a4a405ea9c37e60e451d16ae4acd7eb220dbf80a854a062e79c1f2935734d763cd50cb61999774c469aec8897ab23ba01a4bd423f2b25a738a20b38f51187b4e04b400963cf29626dbbc"}, {0x60, 0x10a, 0x0, "daf0d9b6a8d268da7a932c2dd6ec022aa8717c60b80bf5a011ccbf63f66f26f242ee1d957a9ba17dee3b4d835686ac685ff68a7894fa100f95fa3bf8fb3c4b9c9e72fd21074add92a3515189cc30"}, {0xc8, 0x88, 0x8000, "b970e074aa458e74f807c27b05976bd560512957ae4596f1caf5994194ed598b02d681f673d46a31ddcd9947934ecf6c01d5d208659239ff2883a626925a33f96800dcc0f5c22a00e084c681c56aad7029677e93ce9c2e75cf7ebb814b2d87f43ce30edacfdaa60724e6ecf8fdc3b343d219f98f6c6eb44b5310edae504812bb3a4a05a2d69761cfe15255f647770b7c4b927a04dba9784f03ddaec6a93e396a5981c2b2eded568a847890d42c4b1130febfb7"}], 0x240}}], 0x1, 0x4091) (async)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)

13:48:19 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6001000000000000)

13:48:19 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="480000001000010700000000000000000004", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2845.275887][T22932] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2845.308462][T22932] CPU: 0 PID: 22932 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2845.318941][T22932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2845.329221][T22932] Call Trace:
[ 2845.332526][T22932]  <TASK>
[ 2845.335478][T22932]  dump_stack_lvl+0x136/0x150
[ 2845.340197][T22932]  dump_header+0x10a/0xd70
[ 2845.344656][T22932]  oom_kill_process+0x25d/0x600
[ 2845.349548][T22932]  out_of_memory+0x35c/0x1660
[ 2845.354354][T22932]  ? find_held_lock+0x2d/0x110
[ 2845.359266][T22932]  ? oom_killer_disable+0x2b0/0x2b0
[ 2845.364526][T22932]  ? rcu_read_unlock+0x9/0x60
[ 2845.369252][T22932]  ? find_held_lock+0x2d/0x110
[ 2845.374092][T22932]  mem_cgroup_out_of_memory+0x206/0x270
[ 2845.379707][T22932]  ? mem_cgroup_margin+0x130/0x130
[ 2845.384862][T22932]  ? lock_downgrade+0x690/0x690
[ 2845.389783][T22932]  try_charge_memcg+0xf99/0x13a0
[ 2845.394792][T22932]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2845.400916][T22932]  ? rcu_read_unlock+0x9/0x60
[ 2845.405634][T22932]  ? lock_downgrade+0x690/0x690
[ 2845.410540][T22932]  charge_memcg+0x90/0x3b0
[ 2845.415008][T22932]  __mem_cgroup_charge+0x2b/0x90
[ 2845.419986][T22932]  ? copy_mc_to_kernel+0x3e/0x90
[ 2845.424979][T22932]  do_wp_page+0x8ea/0x33c0
[ 2845.429456][T22932]  ? lock_sync+0x190/0x190
[ 2845.433924][T22932]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2845.439337][T22932]  ? do_raw_spin_lock+0x124/0x2b0
[ 2845.444428][T22932]  ? spin_bug+0x1c0/0x1c0
[ 2845.448818][T22932]  __handle_mm_fault+0x1635/0x41c0
[ 2845.453976][T22932]  ? vm_iomap_memory+0x190/0x190
[ 2845.459031][T22932]  ? mas_walk+0x58f/0x730
[ 2845.463428][T22932]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2845.468592][T22932]  handle_mm_fault+0x2af/0x9f0
[ 2845.473412][T22932]  do_user_addr_fault+0x2ca/0x1210
[ 2845.478566][T22932]  ? rcu_is_watching+0x12/0xb0
[ 2845.483380][T22932]  exc_page_fault+0x98/0x170
[ 2845.488020][T22932]  asm_exc_page_fault+0x26/0x30
[ 2845.492923][T22932] RIP: 0033:0x7f4036836f7e
[ 2845.497369][T22932] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2845.517120][T22932] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2845.523314][T22932] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2845.531326][T22932] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2845.539341][T22932] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2845.547347][T22932] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2845.555344][T22932] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2845.563463][T22932]  </TASK>
[ 2845.612736][T22932] memory: usage 307200kB, limit 307200kB, failcnt 16431
[ 2845.627643][T22932] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2845.643091][T22932] Memory cgroup stats for /syz4:
[ 2845.643320][T22932] anon 114688
[ 2845.643320][T22932] file 8380416
[ 2845.643320][T22932] kernel 306077696
[ 2845.643320][T22932] kernel_stack 65536
[ 2845.643320][T22932] pagetables 77824
[ 2845.643320][T22932] sec_pagetables 0
[ 2845.643320][T22932] percpu 5477376
[ 2845.643320][T22932] sock 0
[ 2845.643320][T22932] vmalloc 0
[ 2845.643320][T22932] shmem 8380416
[ 2845.643320][T22932] zswap 0
[ 2845.643320][T22932] zswapped 0
[ 2845.643320][T22932] file_mapped 405504
[ 2845.643320][T22932] file_dirty 0
[ 2845.643320][T22932] file_writeback 0
[ 2845.643320][T22932] swapcached 0
[ 2845.643320][T22932] anon_thp 0
[ 2845.643320][T22932] file_thp 0
[ 2845.643320][T22932] shmem_thp 0
[ 2845.643320][T22932] inactive_anon 4096
[ 2845.643320][T22932] active_anon 8491008
[ 2845.643320][T22932] inactive_file 0
[ 2845.643320][T22932] active_file 0
[ 2845.643320][T22932] unevictable 0
[ 2845.643320][T22932] slab_reclaimable 38216
[ 2845.643320][T22932] slab_unreclaimable 300379744
[ 2845.643320][T22932] slab 300417960
[ 2845.643320][T22932] workingset_refault_anon 0
[ 2845.643320][T22932] workingset_refault_file 0
[ 2845.643320][T22932] workingset_activate_anon 0
[ 2845.643320][T22932] workingset_activate_file 0
[ 2845.643320][T22932] workingset_restore_anon 0
[ 2845.643320][T22932] workingset_restore_file 0
[ 2845.643320][T22932] workingset_nodereclaim 0
[ 2845.643320][T22932] pgscan 0
[ 2845.643320][T22932] pgsteal 0
[ 2845.643320][T22932] pgscan_kswapd 0
[ 2845.643320][T22932] pgscan_direct 0
[ 2845.643320][T22932] pgscan_khugepaged 0
[ 2845.643320][T22932] pgsteal_kswapd 0
[ 2845.643320][T22932] pgsteal_direct 0
[ 2845.643320][T22932] pgsteal_khugepaged 0
[ 2845.643320][T22932] pgfault 386065
[ 2845.643320][T22932] pgmajfault 0
[ 2845.643320][T22932] pgrefill 0
[ 2845.643320][T22932] pgactivate 0
[ 2845.643320][T22932] pgdeactivate 0
[ 2845.643320][T22932] pglazyfree 0
[ 2845.643320][T22932] pglazyfreed 0
[ 2845.643320][T22932] zswpin 0
[ 2845.643320][T22932] zswpout 0
[ 2845.643320][T22932] thp_fault_alloc 0
[ 2845.836835][T22932] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=22932,uid=0
13:48:20 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff})
sendmmsg(r5, &(0x7f00000001c0)=[{{&(0x7f0000000240)=@un=@file={0x0, './file0\x00'}, 0x80, &(0x7f0000000100)=[{&(0x7f0000000500)="edc68f1099bd242f666408f1dcf56eea9d5ceb08ceed1b73446cc9e98af6e67e8c0936fd20f368e601cc038e410e539f0597533ec3ca6a6abccb37370f63af187dd831752bf4d8c38aaa1345e9ef88b51e7df89a32c4bafb38c65b8bb0ac0089c646e93a8d39680ad3a812cc6209c90fdec9ee3087cf3ea2c471bcfcdaf0e782dab1afc2ab5d8cf9c51021370c91a7684052c6d22b9e4a8ef5ac2fc4f933e5a26198113134cba80093df8517616781efc19042ae753d243d2cf5d04567966037cb4661579bbcaf7bdad9a1af0f7e03a4c146333b3d961e08d8cca3f42c3589e043f63ce55231804ded85ccdd06998169b6a2347176", 0xf5}, {&(0x7f0000000380)="4bdbad89be65314988bdc59206dcc57068cd36f1184006c8ebe6a6523c8735964444307bcd26c26f5ba74602db20d839506dec906903ff3addb53e96be23f4b1e912722f4971dd7b962f767d04f655", 0x4f}, {&(0x7f0000000600)="3f3bd66bafe9a45f476c3c16cdff75510ddd1cf5b3594f67acd71c396fadf18a03ae30f6488462a515cbc32c4c22ba80fcc7e4833cd1a3678b6edd0309b707f71c", 0x41}, {&(0x7f00000006c0)="740ab8fc03d4199118e150330db6aafd505725bb6935c9f00acf3ed7a7dae71469755367d8b374642e004ce173ed5eb5ba8763e738510a36c8386d8deb477eee90c90ff25fb80785859da86a23a5f5aee752dd33befded571998ed51b417e8dc5188cac7d6baa2069b9a3cda31f0b2e7a13d0d1cec5c72379773de8222e45203d4d3ea7c883603df98b17f0380d315d78cbd81c458a6d38e4e0f194f438a1f52b4ea7b", 0xa3}], 0x4, &(0x7f0000000780)=[{0x40, 0x3a, 0x3, "768aa17b8c15742230850b82363ae08237a631dc1f157c7db5c743a9883ce872619db03370e029604534"}, {0xd8, 0x84, 0x0, "38adb41aba748ea41674d48e99a235be2b124deebe0f3ed538234169f7a54f39476dc5823f2f2bbcebbbf1e2ea712fc9f254a38c6378f7a632b36ed51e569bfa83ec439599635887e79e30bc3da266eddc6e02a95faed6f627c499515217bf2149d88ca92989c63866706a7bbfb40b16937f4aaecaa12f379d1627a4a405ea9c37e60e451d16ae4acd7eb220dbf80a854a062e79c1f2935734d763cd50cb61999774c469aec8897ab23ba01a4bd423f2b25a738a20b38f51187b4e04b400963cf29626dbbc"}, {0x60, 0x10a, 0x0, "daf0d9b6a8d268da7a932c2dd6ec022aa8717c60b80bf5a011ccbf63f66f26f242ee1d957a9ba17dee3b4d835686ac685ff68a7894fa100f95fa3bf8fb3c4b9c9e72fd21074add92a3515189cc30"}, {0xc8, 0x88, 0x8000, "b970e074aa458e74f807c27b05976bd560512957ae4596f1caf5994194ed598b02d681f673d46a31ddcd9947934ecf6c01d5d208659239ff2883a626925a33f96800dcc0f5c22a00e084c681c56aad7029677e93ce9c2e75cf7ebb814b2d87f43ce30edacfdaa60724e6ecf8fdc3b343d219f98f6c6eb44b5310edae504812bb3a4a05a2d69761cfe15255f647770b7c4b927a04dba9784f03ddaec6a93e396a5981c2b2eded568a847890d42c4b1130febfb7"}], 0x240}}], 0x1, 0x4091) (async)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2845.852701][T22932] Memory cgroup out of memory: Killed process 22932 (syz-executor.4) total-vm:50708kB, anon-rss:460kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 2845.952516][T22943] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000
[ 2845.969830][T22943] CPU: 0 PID: 22943 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2845.980379][T22943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2845.990500][T22943] Call Trace:
[ 2845.993787][T22943]  <TASK>
[ 2845.996721][T22943]  dump_stack_lvl+0x136/0x150
[ 2846.001430][T22943]  dump_header+0x10a/0xd70
[ 2846.006225][T22943]  oom_kill_process+0x25d/0x600
[ 2846.011098][T22943]  out_of_memory+0x35c/0x1660
[ 2846.015793][T22943]  ? find_held_lock+0x2d/0x110
[ 2846.020728][T22943]  ? oom_killer_disable+0x2b0/0x2b0
[ 2846.026027][T22943]  ? rcu_read_unlock+0x9/0x60
[ 2846.030739][T22943]  ? find_held_lock+0x2d/0x110
[ 2846.035719][T22943]  mem_cgroup_out_of_memory+0x206/0x270
[ 2846.041297][T22943]  ? mem_cgroup_margin+0x130/0x130
[ 2846.046425][T22943]  ? lock_downgrade+0x690/0x690
[ 2846.051306][T22943]  try_charge_memcg+0xf99/0x13a0
[ 2846.056285][T22943]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2846.062377][T22943]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2846.068226][T22943]  ? lock_downgrade+0x690/0x690
[ 2846.073119][T22943]  ? lock_downgrade+0x690/0x690
[ 2846.077986][T22943]  ? rcu_read_unlock+0x9/0x60
[ 2846.082687][T22943]  obj_cgroup_charge+0x2af/0x5e0
[ 2846.087652][T22943]  ? copy_process+0x3c0/0x75c0
[ 2846.092431][T22943]  kmem_cache_alloc_node+0xa8/0x3e0
[ 2846.097655][T22943]  copy_process+0x3c0/0x75c0
[ 2846.102284][T22943]  ? __lock_acquire+0xc17/0x5f30
[ 2846.107295][T22943]  ? pidfd_prepare+0x80/0x80
[ 2846.113684][T22943]  ? psi_memstall_leave+0x174/0x250
[ 2846.118920][T22943]  ? lock_downgrade+0x690/0x690
[ 2846.123823][T22943]  kernel_clone+0xeb/0x890
[ 2846.128298][T22943]  ? create_io_thread+0xe0/0xe0
[ 2846.133174][T22943]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2846.139471][T22943]  ? lock_downgrade+0x690/0x690
[ 2846.144379][T22943]  __do_sys_clone+0xba/0x100
[ 2846.149043][T22943]  ? kernel_clone+0x890/0x890
[ 2846.153782][T22943]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2846.159728][T22943]  do_syscall_64+0x39/0xb0
[ 2846.164217][T22943]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2846.170146][T22943] RIP: 0033:0x7f403688d591
[ 2846.174575][T22943] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2846.194212][T22943] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2846.202645][T22943] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2846.210626][T22943] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2846.218670][T22943] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2846.226659][T22943] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2846.234694][T22943] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2846.242718][T22943]  </TASK>
[ 2846.253648][T22943] memory: usage 307172kB, limit 307200kB, failcnt 16482
[ 2846.270840][T22943] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2846.288329][T22943] Memory cgroup stats for /syz4:
[ 2846.288567][T22943] anon 114688
[ 2846.288567][T22943] file 8380416
[ 2846.288567][T22943] kernel 306040832
[ 2846.288567][T22943] kernel_stack 32768
[ 2846.288567][T22943] pagetables 77824
[ 2846.288567][T22943] sec_pagetables 0
[ 2846.288567][T22943] percpu 5477376
[ 2846.288567][T22943] sock 0
[ 2846.288567][T22943] vmalloc 0
[ 2846.288567][T22943] shmem 8380416
[ 2846.288567][T22943] zswap 0
[ 2846.288567][T22943] zswapped 0
[ 2846.288567][T22943] file_mapped 405504
[ 2846.288567][T22943] file_dirty 0
[ 2846.288567][T22943] file_writeback 0
[ 2846.288567][T22943] swapcached 0
[ 2846.288567][T22943] anon_thp 0
[ 2846.288567][T22943] file_thp 0
[ 2846.288567][T22943] shmem_thp 0
[ 2846.288567][T22943] inactive_anon 4096
[ 2846.288567][T22943] active_anon 8491008
[ 2846.288567][T22943] inactive_file 0
[ 2846.288567][T22943] active_file 0
[ 2846.288567][T22943] unevictable 0
[ 2846.288567][T22943] slab_reclaimable 38216
[ 2846.288567][T22943] slab_unreclaimable 300371656
[ 2846.288567][T22943] slab 300409872
[ 2846.288567][T22943] workingset_refault_anon 0
[ 2846.288567][T22943] workingset_refault_file 0
[ 2846.288567][T22943] workingset_activate_anon 0
[ 2846.288567][T22943] workingset_activate_file 0
[ 2846.288567][T22943] workingset_restore_anon 0
[ 2846.288567][T22943] workingset_restore_file 0
[ 2846.288567][T22943] workingset_nodereclaim 0
[ 2846.288567][T22943] pgscan 0
[ 2846.288567][T22943] pgsteal 0
[ 2846.288567][T22943] pgscan_kswapd 0
[ 2846.288567][T22943] pgscan_direct 0
[ 2846.288567][T22943] pgscan_khugepaged 0
[ 2846.288567][T22943] pgsteal_kswapd 0
[ 2846.288567][T22943] pgsteal_direct 0
[ 2846.288567][T22943] pgsteal_khugepaged 0
[ 2846.288567][T22943] pgfault 386101
[ 2846.288567][T22943] pgmajfault 0
[ 2846.288567][T22943] pgrefill 0
[ 2846.288567][T22943] pgactivate 0
[ 2846.288567][T22943] pgdeactivate 0
[ 2846.288567][T22943] pglazyfree 0
[ 2846.288567][T22943] pglazyfreed 0
[ 2846.288567][T22943] zswpin 0
[ 2846.288567][T22943] zswpout 0
[ 2846.288567][T22943] thp_fault_alloc 0
13:48:20 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xb2)

13:48:21 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="480000001000010700000000000000000004", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:21 executing program 5:
socket$netlink(0x10, 0x3, 0x0) (async)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000001c0), 0x240800, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2846.656196][T22943] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=22943,uid=0
13:48:21 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6101000000000000)

13:48:21 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6001000000000000)

[ 2846.737484][T22943] Memory cgroup out of memory: Killed process 22943 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:21 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r4=>r0, {0x80000001}}, './file0\x00'})
sendmsg$AUDIT_SET_FEATURE(r4, &(0x7f0000000280)={&(0x7f0000000100), 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x20, 0x3fa, 0x400, 0x70bd27, 0x25dfdbff, {0x1, 0x0, 0x0, 0x1}, ["", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x8}, 0x1)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:21 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xb3)

13:48:21 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="480000001000010700000000000000000004", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2847.002380][T22958] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2847.049905][T22958] CPU: 0 PID: 22958 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2847.060452][T22958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2847.070555][T22958] Call Trace:
[ 2847.073858][T22958]  <TASK>
[ 2847.076816][T22958]  dump_stack_lvl+0x136/0x150
[ 2847.081555][T22958]  dump_header+0x10a/0xd70
[ 2847.086029][T22958]  oom_kill_process+0x25d/0x600
[ 2847.091022][T22958]  out_of_memory+0x35c/0x1660
[ 2847.095747][T22958]  ? find_held_lock+0x2d/0x110
[ 2847.100556][T22958]  ? oom_killer_disable+0x2b0/0x2b0
[ 2847.105802][T22958]  ? rcu_read_unlock+0x9/0x60
[ 2847.110626][T22958]  ? find_held_lock+0x2d/0x110
[ 2847.115446][T22958]  mem_cgroup_out_of_memory+0x206/0x270
[ 2847.121076][T22958]  ? mem_cgroup_margin+0x130/0x130
[ 2847.126410][T22958]  ? lock_downgrade+0x690/0x690
[ 2847.131342][T22958]  try_charge_memcg+0xf99/0x13a0
[ 2847.136358][T22958]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2847.142491][T22958]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2847.148273][T22958]  ? lock_downgrade+0x690/0x690
[ 2847.153283][T22958]  ? lock_downgrade+0x690/0x690
[ 2847.158196][T22958]  __memcg_kmem_charge_page+0x16e/0x3c0
[ 2847.163811][T22958]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2847.170024][T22958]  copy_process+0x1442/0x75c0
[ 2847.174758][T22958]  ? __lock_acquire+0xc17/0x5f30
[ 2847.179754][T22958]  ? pidfd_prepare+0x80/0x80
[ 2847.184395][T22958]  ? psi_memstall_leave+0x174/0x250
[ 2847.189632][T22958]  ? lock_downgrade+0x690/0x690
[ 2847.194534][T22958]  kernel_clone+0xeb/0x890
[ 2847.198989][T22958]  ? create_io_thread+0xe0/0xe0
[ 2847.203891][T22958]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2847.210273][T22958]  ? lock_downgrade+0x690/0x690
[ 2847.215794][T22958]  __do_sys_clone+0xba/0x100
[ 2847.220439][T22958]  ? kernel_clone+0x890/0x890
[ 2847.225183][T22958]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2847.231128][T22958]  do_syscall_64+0x39/0xb0
[ 2847.235591][T22958]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2847.241529][T22958] RIP: 0033:0x7f403688d591
[ 2847.245986][T22958] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2847.265638][T22958] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2847.274098][T22958] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2847.282113][T22958] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2847.290115][T22958] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2847.298136][T22958] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2847.306147][T22958] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2847.314200][T22958]  </TASK>
[ 2847.443631][T22958] memory: usage 307184kB, limit 307200kB, failcnt 16559
[ 2847.455709][T22958] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2847.465228][T22958] Memory cgroup stats for /syz4:
[ 2847.465405][T22958] anon 114688
[ 2847.465405][T22958] file 8380416
[ 2847.465405][T22958] kernel 306061312
[ 2847.465405][T22958] kernel_stack 32768
[ 2847.465405][T22958] pagetables 77824
[ 2847.465405][T22958] sec_pagetables 0
[ 2847.465405][T22958] percpu 5477376
[ 2847.465405][T22958] sock 0
[ 2847.465405][T22958] vmalloc 0
[ 2847.465405][T22958] shmem 8380416
[ 2847.465405][T22958] zswap 0
[ 2847.465405][T22958] zswapped 0
[ 2847.465405][T22958] file_mapped 405504
[ 2847.465405][T22958] file_dirty 0
[ 2847.465405][T22958] file_writeback 0
[ 2847.465405][T22958] swapcached 0
[ 2847.465405][T22958] anon_thp 0
[ 2847.465405][T22958] file_thp 0
[ 2847.465405][T22958] shmem_thp 0
[ 2847.465405][T22958] inactive_anon 4096
[ 2847.465405][T22958] active_anon 8491008
[ 2847.465405][T22958] inactive_file 0
[ 2847.465405][T22958] active_file 0
[ 2847.465405][T22958] unevictable 0
[ 2847.465405][T22958] slab_reclaimable 38216
[ 2847.465405][T22958] slab_unreclaimable 300379280
[ 2847.465405][T22958] slab 300417496
[ 2847.465405][T22958] workingset_refault_anon 0
[ 2847.465405][T22958] workingset_refault_file 0
[ 2847.465405][T22958] workingset_activate_anon 0
[ 2847.465405][T22958] workingset_activate_file 0
[ 2847.465405][T22958] workingset_restore_anon 0
[ 2847.465405][T22958] workingset_restore_file 0
[ 2847.465405][T22958] workingset_nodereclaim 0
[ 2847.465405][T22958] pgscan 0
[ 2847.465405][T22958] pgsteal 0
[ 2847.465405][T22958] pgscan_kswapd 0
[ 2847.465405][T22958] pgscan_direct 0
[ 2847.465405][T22958] pgscan_khugepaged 0
[ 2847.465405][T22958] pgsteal_kswapd 0
[ 2847.465405][T22958] pgsteal_direct 0
[ 2847.465405][T22958] pgsteal_khugepaged 0
[ 2847.465405][T22958] pgfault 386139
[ 2847.465405][T22958] pgmajfault 0
[ 2847.465405][T22958] pgrefill 0
[ 2847.465405][T22958] pgactivate 0
[ 2847.465405][T22958] pgdeactivate 0
[ 2847.465405][T22958] pglazyfree 0
[ 2847.465405][T22958] pglazyfreed 0
13:48:22 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000001c0), 0x240800, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async, rerun: 64)
r3 = socket$netlink(0x10, 0x3, 0x0) (rerun: 64)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2847.465405][T22958] zswpin 0
[ 2847.465405][T22958] zswpout 0
[ 2847.465405][T22958] thp_fault_alloc 0
[ 2847.667465][T22958] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=22958,uid=0
13:48:22 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="48000000100001070000000000000000000400", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:22 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xb4)

13:48:22 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6001000000000000)

[ 2847.738176][T22958] Memory cgroup out of memory: Killed process 22958 (syz-executor.4) total-vm:54548kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:22 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6200000000000000)

13:48:22 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r4=>r0, {0x80000001}}, './file0\x00'})
sendmsg$AUDIT_SET_FEATURE(r4, &(0x7f0000000280)={&(0x7f0000000100), 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x20, 0x3fa, 0x400, 0x70bd27, 0x25dfdbff, {0x1, 0x0, 0x0, 0x1}, ["", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x8}, 0x1)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:22 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x3, 0x6, 0xa)
sendto$inet(r1, &(0x7f0000000240)="a9f7fc04a9eaf3ea3807f60167a51b6694dced1b82dce808fcb29e4e05aeecb7802a6085cb4ccf331143797c7f690c85e198a5298268b5fb94421c19deda5e1ad0750cf4628ee59d1e0b4c0c10ea9b6ea9866f2ac29427dcd9bb9f275331ec0a816118fa0b102094a1d602c253a4960b159c6320b8e8fab3d25a93f8f6b5", 0x7e, 0x80, &(0x7f0000000080)={0x2, 0x4e20, @empty}, 0x10)
r2 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000100), 0x80, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r2, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0, {0x8}}, './file0\x00'})
r3 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r4, @ANYBLOB="00000000000000000500000104666c6f77657200000c0002000000"], 0x3c}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
write$binfmt_elf64(r3, &(0x7f00000006c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3, 0x9, 0x9, 0x7, 0x4, 0x3, 0x6, 0x3, 0x251, 0x40, 0x199, 0x7, 0x30, 0x38, 0x2, 0x8, 0x0, 0xfffa}, [{0x6, 0x1, 0x7fffffffffffffff, 0x7, 0x3f, 0x8, 0x1, 0x4002}], "2ae1f1e0ac576984450a3bc60ebbb553cceb801a628f161873e98fb1e8ae26", ['\x00']}, 0x197)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r5)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_FRAME(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0x44, r9, 0x7562f43b63fde81f, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_FRAME={0x27, 0x33, @action={@with_ht={{{}, {}, @device_a, @device_b}}, @channel_switch={0x0, 0x4, {{0x25, 0x3}, @void, @void}}}}]}, 0x44}}, 0x0)
sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r0, &(0x7f0000000540)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000400)={0x40, r7, 0x4, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x8000, 0x4}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x31}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x29}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x4044004)

[ 2848.084325][T22978] __nla_validate_parse: 35 callbacks suppressed
[ 2848.084349][T22978] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2848.170720][T22995] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[ 2848.209751][T22995] CPU: 0 PID: 22995 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2848.220235][T22995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2848.230332][T22995] Call Trace:
[ 2848.233644][T22995]  <TASK>
[ 2848.236605][T22995]  dump_stack_lvl+0x136/0x150
[ 2848.241677][T22995]  dump_header+0x10a/0xd70
[ 2848.246119][T22995]  oom_kill_process+0x25d/0x600
[ 2848.250988][T22995]  out_of_memory+0x35c/0x1660
[ 2848.255724][T22995]  ? find_held_lock+0x2d/0x110
[ 2848.260513][T22995]  ? oom_killer_disable+0x2b0/0x2b0
[ 2848.265728][T22995]  ? rcu_read_unlock+0x9/0x60
[ 2848.270422][T22995]  ? find_held_lock+0x2d/0x110
[ 2848.275206][T22995]  mem_cgroup_out_of_memory+0x206/0x270
[ 2848.280780][T22995]  ? mem_cgroup_margin+0x130/0x130
[ 2848.285912][T22995]  ? lock_downgrade+0x690/0x690
[ 2848.290820][T22995]  try_charge_memcg+0xf99/0x13a0
[ 2848.295793][T22995]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2848.301800][T22995]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2848.307538][T22995]  ? lock_downgrade+0x690/0x690
[ 2848.312410][T22995]  ? lock_downgrade+0x690/0x690
[ 2848.317368][T22995]  ? rcu_read_unlock+0x9/0x60
[ 2848.322099][T22995]  obj_cgroup_charge+0x2af/0x5e0
[ 2848.327063][T22995]  __kmem_cache_alloc_node+0xa3/0x320
[ 2848.332454][T22995]  ? copy_semundo+0x18b/0x300
[ 2848.337153][T22995]  kmalloc_trace+0x26/0xe0
[ 2848.341595][T22995]  copy_semundo+0x18b/0x300
[ 2848.346114][T22995]  copy_process+0x2557/0x75c0
[ 2848.350826][T22995]  ? pidfd_prepare+0x80/0x80
[ 2848.355525][T22995]  ? psi_memstall_leave+0x174/0x250
[ 2848.360735][T22995]  ? lock_downgrade+0x690/0x690
[ 2848.365635][T22995]  kernel_clone+0xeb/0x890
[ 2848.370105][T22995]  ? create_io_thread+0xe0/0xe0
[ 2848.374987][T22995]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2848.381252][T22995]  ? lock_downgrade+0x690/0x690
[ 2848.386137][T22995]  __do_sys_clone+0xba/0x100
[ 2848.390743][T22995]  ? kernel_clone+0x890/0x890
[ 2848.395452][T22995]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2848.401369][T22995]  do_syscall_64+0x39/0xb0
[ 2848.405807][T22995]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2848.411726][T22995] RIP: 0033:0x7f403688d591
[ 2848.416158][T22995] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2848.435867][T22995] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2848.444304][T22995] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2848.452282][T22995] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2848.460263][T22995] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2848.468255][T22995] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2848.476318][T22995] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2848.484312][T22995]  </TASK>
[ 2848.515599][T22980] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2848.541995][T22985] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2848.575027][T22984] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2848.796825][T22987] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2848.911101][T22995] memory: usage 307184kB, limit 307200kB, failcnt 16677
[ 2848.923186][T22995] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2848.944690][T22995] Memory cgroup stats for /syz4:
[ 2848.944970][T22995] anon 114688
[ 2848.944970][T22995] file 8380416
[ 2848.944970][T22995] kernel 306061312
[ 2848.944970][T22995] kernel_stack 65536
[ 2848.944970][T22995] pagetables 77824
[ 2848.944970][T22995] sec_pagetables 0
[ 2848.944970][T22995] percpu 5477312
[ 2848.944970][T22995] sock 0
[ 2848.944970][T22995] vmalloc 0
[ 2848.944970][T22995] shmem 8380416
[ 2848.944970][T22995] zswap 0
[ 2848.944970][T22995] zswapped 0
[ 2848.944970][T22995] file_mapped 405504
[ 2848.944970][T22995] file_dirty 0
[ 2848.944970][T22995] file_writeback 0
[ 2848.944970][T22995] swapcached 0
[ 2848.944970][T22995] anon_thp 0
[ 2848.944970][T22995] file_thp 0
[ 2848.944970][T22995] shmem_thp 0
[ 2848.944970][T22995] inactive_anon 4096
[ 2848.944970][T22995] active_anon 8491008
[ 2848.944970][T22995] inactive_file 0
[ 2848.944970][T22995] active_file 0
[ 2848.944970][T22995] unevictable 0
[ 2848.944970][T22995] slab_reclaimable 38216
[ 2848.944970][T22995] slab_unreclaimable 300367608
[ 2848.944970][T22995] slab 300405824
[ 2848.944970][T22995] workingset_refault_anon 0
[ 2848.944970][T22995] workingset_refault_file 0
[ 2848.944970][T22995] workingset_activate_anon 0
[ 2848.944970][T22995] workingset_activate_file 0
[ 2848.944970][T22995] workingset_restore_anon 0
[ 2848.944970][T22995] workingset_restore_file 0
[ 2848.944970][T22995] workingset_nodereclaim 0
[ 2848.944970][T22995] pgscan 0
[ 2848.944970][T22995] pgsteal 0
[ 2848.944970][T22995] pgscan_kswapd 0
[ 2848.944970][T22995] pgscan_direct 0
[ 2848.944970][T22995] pgscan_khugepaged 0
[ 2848.944970][T22995] pgsteal_kswapd 0
[ 2848.944970][T22995] pgsteal_direct 0
[ 2848.944970][T22995] pgsteal_khugepaged 0
[ 2848.944970][T22995] pgfault 386177
[ 2848.944970][T22995] pgmajfault 0
[ 2848.944970][T22995] pgrefill 0
[ 2848.944970][T22995] pgactivate 0
[ 2848.944970][T22995] pgdeactivate 0
[ 2848.944970][T22995] pglazyfree 0
[ 2848.944970][T22995] pglazyfreed 0
[ 2848.944970][T22995] zswpin 0
[ 2848.944970][T22995] zswpout 0
[ 2848.944970][T22995] thp_fault_alloc 0
[ 2849.153524][T22995] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=22995,uid=0
[ 2849.171282][T22990] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2849.194752][T22989] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
13:48:23 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="48000000100001070000000000000000000400", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:23 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xb5)

[ 2849.216464][T22995] Memory cgroup out of memory: Killed process 22995 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:23 executing program 4:
socket$netlink(0x10, 0x3, 0x0) (async)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0x80000001}}, './file0\x00'}) (async)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r4=>r0, {0x80000001}}, './file0\x00'})
sendmsg$AUDIT_SET_FEATURE(r4, &(0x7f0000000280)={&(0x7f0000000100), 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x20, 0x3fa, 0x400, 0x70bd27, 0x25dfdbff, {0x1, 0x0, 0x0, 0x1}, ["", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x8}, 0x1)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2849.263167][T22992] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2849.323609][T22993] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2849.385057][T22997] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'.
13:48:23 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xb4)

[ 2849.456754][T23010] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2849.496538][T23010] CPU: 1 PID: 23010 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2849.507034][T23010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2849.517134][T23010] Call Trace:
[ 2849.520443][T23010]  <TASK>
[ 2849.523394][T23010]  dump_stack_lvl+0x136/0x150
[ 2849.528113][T23010]  dump_header+0x10a/0xd70
[ 2849.532571][T23010]  oom_kill_process+0x25d/0x600
[ 2849.537452][T23010]  out_of_memory+0x35c/0x1660
[ 2849.542183][T23010]  ? find_held_lock+0x2d/0x110
[ 2849.547002][T23010]  ? oom_killer_disable+0x2b0/0x2b0
[ 2849.552222][T23010]  ? rcu_read_unlock+0x9/0x60
[ 2849.556933][T23010]  ? find_held_lock+0x2d/0x110
[ 2849.561755][T23010]  mem_cgroup_out_of_memory+0x206/0x270
[ 2849.567345][T23010]  ? mem_cgroup_margin+0x130/0x130
[ 2849.572499][T23010]  ? lock_downgrade+0x690/0x690
[ 2849.577416][T23010]  try_charge_memcg+0xf99/0x13a0
[ 2849.582420][T23010]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2849.588460][T23010]  ? rcu_read_unlock+0x9/0x60
[ 2849.593185][T23010]  ? lock_downgrade+0x690/0x690
[ 2849.598104][T23010]  charge_memcg+0x90/0x3b0
[ 2849.602578][T23010]  __mem_cgroup_charge+0x2b/0x90
[ 2849.607552][T23010]  ? copy_mc_to_kernel+0x3e/0x90
[ 2849.612538][T23010]  do_wp_page+0x8ea/0x33c0
[ 2849.617001][T23010]  ? lock_sync+0x190/0x190
[ 2849.621463][T23010]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2849.626872][T23010]  ? do_raw_spin_lock+0x124/0x2b0
[ 2849.631945][T23010]  ? spin_bug+0x1c0/0x1c0
[ 2849.636322][T23010]  __handle_mm_fault+0x1635/0x41c0
[ 2849.641478][T23010]  ? vm_iomap_memory+0x190/0x190
[ 2849.646459][T23010]  ? mas_walk+0x58f/0x730
[ 2849.650846][T23010]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2849.656007][T23010]  handle_mm_fault+0x2af/0x9f0
[ 2849.660897][T23010]  do_user_addr_fault+0x2ca/0x1210
[ 2849.666054][T23010]  ? rcu_is_watching+0x12/0xb0
[ 2849.670872][T23010]  exc_page_fault+0x98/0x170
[ 2849.675504][T23010]  asm_exc_page_fault+0x26/0x30
[ 2849.680407][T23010] RIP: 0033:0x7f4036836f7e
[ 2849.684859][T23010] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2849.704523][T23010] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2849.710628][T23010] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000001
[ 2849.718638][T23010] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2849.726643][T23010] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2849.734660][T23010] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2849.742681][T23010] R13: 00007f4036400080 R14: 00007f40369abf80 R15: 0000000000000000
[ 2849.750741][T23010]  </TASK>
13:48:24 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x3, 0x6, 0xa)
sendto$inet(r1, &(0x7f0000000240)="a9f7fc04a9eaf3ea3807f60167a51b6694dced1b82dce808fcb29e4e05aeecb7802a6085cb4ccf331143797c7f690c85e198a5298268b5fb94421c19deda5e1ad0750cf4628ee59d1e0b4c0c10ea9b6ea9866f2ac29427dcd9bb9f275331ec0a816118fa0b102094a1d602c253a4960b159c6320b8e8fab3d25a93f8f6b5", 0x7e, 0x80, &(0x7f0000000080)={0x2, 0x4e20, @empty}, 0x10) (async)
r2 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000100), 0x80, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r2, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0, {0x8}}, './file0\x00'})
r3 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r4, @ANYBLOB="00000000000000000500000104666c6f77657200000c0002000000"], 0x3c}}, 0x0) (async)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
write$binfmt_elf64(r3, &(0x7f00000006c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3, 0x9, 0x9, 0x7, 0x4, 0x3, 0x6, 0x3, 0x251, 0x40, 0x199, 0x7, 0x30, 0x38, 0x2, 0x8, 0x0, 0xfffa}, [{0x6, 0x1, 0x7fffffffffffffff, 0x7, 0x3f, 0x8, 0x1, 0x4002}], "2ae1f1e0ac576984450a3bc60ebbb553cceb801a628f161873e98fb1e8ae26", ['\x00']}, 0x197) (async)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r5)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_FRAME(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0x44, r9, 0x7562f43b63fde81f, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_FRAME={0x27, 0x33, @action={@with_ht={{{}, {}, @device_a, @device_b}}, @channel_switch={0x0, 0x4, {{0x25, 0x3}, @void, @void}}}}]}, 0x44}}, 0x0) (async)
sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r0, &(0x7f0000000540)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000400)={0x40, r7, 0x4, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x8000, 0x4}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x31}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x29}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x4044004)

[ 2849.788769][T18883] wlan0: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
13:48:24 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="48000000100001070000000000000000000400", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:24 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xb6)

13:48:24 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6201000000000000)

[ 2849.877470][T18883] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2849.908362][T18883] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2850.006721][T23010] memory: usage 307184kB, limit 307200kB, failcnt 16754
[ 2850.019089][T23010] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2850.026189][T23010] Memory cgroup stats for /syz4:
[ 2850.026418][T23010] anon 114688
[ 2850.026418][T23010] file 8380416
[ 2850.026418][T23010] kernel 306061312
[ 2850.026418][T23010] kernel_stack 65536
[ 2850.026418][T23010] pagetables 77824
[ 2850.026418][T23010] sec_pagetables 0
[ 2850.026418][T23010] percpu 5477312
[ 2850.026418][T23010] sock 0
[ 2850.026418][T23010] vmalloc 0
[ 2850.026418][T23010] shmem 8380416
[ 2850.026418][T23010] zswap 0
[ 2850.026418][T23010] zswapped 0
[ 2850.026418][T23010] file_mapped 405504
[ 2850.026418][T23010] file_dirty 0
[ 2850.026418][T23010] file_writeback 0
[ 2850.026418][T23010] swapcached 0
[ 2850.026418][T23010] anon_thp 0
[ 2850.026418][T23010] file_thp 0
[ 2850.026418][T23010] shmem_thp 0
[ 2850.026418][T23010] inactive_anon 4096
[ 2850.026418][T23010] active_anon 8491008
[ 2850.026418][T23010] inactive_file 0
[ 2850.026418][T23010] active_file 0
[ 2850.026418][T23010] unevictable 0
[ 2850.026418][T23010] slab_reclaimable 38216
[ 2850.026418][T23010] slab_unreclaimable 300367768
[ 2850.026418][T23010] slab 300405984
[ 2850.026418][T23010] workingset_refault_anon 0
[ 2850.026418][T23010] workingset_refault_file 0
[ 2850.026418][T23010] workingset_activate_anon 0
[ 2850.026418][T23010] workingset_activate_file 0
[ 2850.026418][T23010] workingset_restore_anon 0
[ 2850.026418][T23010] workingset_restore_file 0
[ 2850.026418][T23010] workingset_nodereclaim 0
[ 2850.026418][T23010] pgscan 0
[ 2850.026418][T23010] pgsteal 0
[ 2850.026418][T23010] pgscan_kswapd 0
[ 2850.026418][T23010] pgscan_direct 0
[ 2850.026418][T23010] pgscan_khugepaged 0
[ 2850.026418][T23010] pgsteal_kswapd 0
[ 2850.026418][T23010] pgsteal_direct 0
[ 2850.026418][T23010] pgsteal_khugepaged 0
[ 2850.026418][T23010] pgfault 386215
[ 2850.026418][T23010] pgmajfault 0
[ 2850.026418][T23010] pgrefill 0
[ 2850.026418][T23010] pgactivate 0
[ 2850.026418][T23010] pgdeactivate 0
[ 2850.026418][T23010] pglazyfree 0
[ 2850.026418][T23010] pglazyfreed 0
[ 2850.026418][T23010] zswpin 0
[ 2850.026418][T23010] zswpout 0
[ 2850.026418][T23010] thp_fault_alloc 0
[ 2850.225554][T23010] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23010,uid=0
13:48:24 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$NL80211_CMD_GET_REG(r5, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f00000006c0)={0x29c, 0x0, 0xc04, 0x70bd25, 0x25dfdbfb, {}, [@NL80211_ATTR_REG_RULES={0x94, 0x22, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x379}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x7fff}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xb8e}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x8}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x1000}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x6}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x8}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_DFS_CAC_TIME={0x8}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0xbdf2}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x4}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x3f}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x2}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x1}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x4}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x6}]}]}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_REG_RULES={0x30, 0x22, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x97}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7}, @NL80211_ATTR_FREQ_RANGE_START={0x8}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x5}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xbf}]}]}, @NL80211_ATTR_REG_RULES={0x70, 0x22, 0x0, 0x1, [{0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x8}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x7}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x7}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x4}, @NL80211_ATTR_FREQ_RANGE_START={0x8}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0xf8000000}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x81}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x9f77}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xc00}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x6}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x4}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x1}]}]}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x11}, @NL80211_ATTR_REG_RULES={0xa0, 0x22, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0xc}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x8000}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x7}]}, {0x44, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x3}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x7}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x5}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x3}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x2b9c7db3}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x1}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x9}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x4}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xffffffc1}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7ff}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x400}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xf3}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x236324b4}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x7ad2}]}]}, @NL80211_ATTR_REG_RULES={0xa4, 0x22, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x6}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xffffffff}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xff6}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x6}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x800}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x1}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x41a4}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x3}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x1}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x1ab}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x401}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x5}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x4}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xffff}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0xffff0001}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xfffffff9}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x1}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x11}]}]}]}, 0x29c}, 0x1, 0x0, 0x0, 0x40}, 0x80)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000af2662090000050000000b000100666c6f77657200000c00024731f1422b7add5a8eb074985826180c9849c4d816a0a2b6899b45e912485f67fa3849549644b75ec33ec4f129390874b3188fdb9cc6727be64369a8369ecfc5357fa28c4baca3ad2befe2c908b34650eb1c"], 0x3c}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2850.254519][T23010] Memory cgroup out of memory: Killed process 23010 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 2850.441276][T23035] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2850.459219][T23035] CPU: 1 PID: 23035 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2850.469771][T23035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2850.479875][T23035] Call Trace:
[ 2850.483184][T23035]  <TASK>
[ 2850.486140][T23035]  dump_stack_lvl+0x136/0x150
[ 2850.490859][T23035]  dump_header+0x10a/0xd70
[ 2850.495315][T23035]  oom_kill_process+0x25d/0x600
[ 2850.500200][T23035]  out_of_memory+0x35c/0x1660
[ 2850.504914][T23035]  ? find_held_lock+0x2d/0x110
[ 2850.509807][T23035]  ? oom_killer_disable+0x2b0/0x2b0
[ 2850.515053][T23035]  ? rcu_read_unlock+0x9/0x60
[ 2850.519778][T23035]  ? find_held_lock+0x2d/0x110
[ 2850.524601][T23035]  mem_cgroup_out_of_memory+0x206/0x270
[ 2850.530187][T23035]  ? mem_cgroup_margin+0x130/0x130
[ 2850.535598][T23035]  ? lock_downgrade+0x690/0x690
[ 2850.540772][T23035]  try_charge_memcg+0xf99/0x13a0
[ 2850.545798][T23035]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2850.551862][T23035]  ? rcu_read_unlock+0x9/0x60
[ 2850.556579][T23035]  ? lock_downgrade+0x690/0x690
[ 2850.561482][T23035]  charge_memcg+0x90/0x3b0
[ 2850.565951][T23035]  __mem_cgroup_charge+0x2b/0x90
[ 2850.570924][T23035]  ? copy_mc_to_kernel+0x3e/0x90
[ 2850.575919][T23035]  do_wp_page+0x8ea/0x33c0
[ 2850.580383][T23035]  ? lock_sync+0x190/0x190
[ 2850.584849][T23035]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2850.590261][T23035]  ? do_raw_spin_lock+0x124/0x2b0
[ 2850.595332][T23035]  ? spin_bug+0x1c0/0x1c0
[ 2850.599716][T23035]  __handle_mm_fault+0x1635/0x41c0
[ 2850.604871][T23035]  ? vm_iomap_memory+0x190/0x190
[ 2850.609855][T23035]  ? mas_walk+0x58f/0x730
[ 2850.614252][T23035]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2850.619422][T23035]  handle_mm_fault+0x2af/0x9f0
[ 2850.624238][T23035]  do_user_addr_fault+0x2ca/0x1210
[ 2850.629407][T23035]  ? rcu_is_watching+0x12/0xb0
[ 2850.634232][T23035]  exc_page_fault+0x98/0x170
[ 2850.638866][T23035]  asm_exc_page_fault+0x26/0x30
[ 2850.643771][T23035] RIP: 0033:0x7f4036836f7e
[ 2850.648214][T23035] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2850.667860][T23035] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2850.673964][T23035] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2850.682049][T23035] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2850.690043][T23035] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2850.698141][T23035] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2850.706232][T23035] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2850.714349][T23035]  </TASK>
[ 2850.736305][T23035] memory: usage 307200kB, limit 307200kB, failcnt 16827
[ 2850.749258][T23035] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2850.761483][T23035] Memory cgroup stats for /syz4:
[ 2850.761774][T23035] anon 114688
[ 2850.761774][T23035] file 8380416
[ 2850.761774][T23035] kernel 306077696
[ 2850.761774][T23035] kernel_stack 65536
[ 2850.761774][T23035] pagetables 77824
[ 2850.761774][T23035] sec_pagetables 0
[ 2850.761774][T23035] percpu 5477376
[ 2850.761774][T23035] sock 0
[ 2850.761774][T23035] vmalloc 0
[ 2850.761774][T23035] shmem 8380416
[ 2850.761774][T23035] zswap 0
[ 2850.761774][T23035] zswapped 0
[ 2850.761774][T23035] file_mapped 405504
[ 2850.761774][T23035] file_dirty 0
[ 2850.761774][T23035] file_writeback 0
[ 2850.761774][T23035] swapcached 0
[ 2850.761774][T23035] anon_thp 0
[ 2850.761774][T23035] file_thp 0
[ 2850.761774][T23035] shmem_thp 0
[ 2850.761774][T23035] inactive_anon 4096
[ 2850.761774][T23035] active_anon 8491008
[ 2850.761774][T23035] inactive_file 0
[ 2850.761774][T23035] active_file 0
[ 2850.761774][T23035] unevictable 0
[ 2850.761774][T23035] slab_reclaimable 38216
[ 2850.761774][T23035] slab_unreclaimable 300379744
[ 2850.761774][T23035] slab 300417960
[ 2850.761774][T23035] workingset_refault_anon 0
[ 2850.761774][T23035] workingset_refault_file 0
[ 2850.761774][T23035] workingset_activate_anon 0
[ 2850.761774][T23035] workingset_activate_file 0
[ 2850.761774][T23035] workingset_restore_anon 0
[ 2850.761774][T23035] workingset_restore_file 0
[ 2850.761774][T23035] workingset_nodereclaim 0
[ 2850.761774][T23035] pgscan 0
[ 2850.761774][T23035] pgsteal 0
[ 2850.761774][T23035] pgscan_kswapd 0
[ 2850.761774][T23035] pgscan_direct 0
[ 2850.761774][T23035] pgscan_khugepaged 0
[ 2850.761774][T23035] pgsteal_kswapd 0
[ 2850.761774][T23035] pgsteal_direct 0
[ 2850.761774][T23035] pgsteal_khugepaged 0
[ 2850.761774][T23035] pgfault 386254
[ 2850.761774][T23035] pgmajfault 0
[ 2850.761774][T23035] pgrefill 0
[ 2850.761774][T23035] pgactivate 0
[ 2850.761774][T23035] pgdeactivate 0
[ 2850.761774][T23035] pglazyfree 0
[ 2850.761774][T23035] pglazyfreed 0
[ 2850.761774][T23035] zswpin 0
[ 2850.761774][T23035] zswpout 0
[ 2850.761774][T23035] thp_fault_alloc 0
[ 2850.953129][T23035] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23035,uid=0
13:48:25 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$NL80211_CMD_GET_REG(r5, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f00000006c0)={0x29c, 0x0, 0xc04, 0x70bd25, 0x25dfdbfb, {}, [@NL80211_ATTR_REG_RULES={0x94, 0x22, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x379}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x7fff}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xb8e}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x8}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x1000}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x6}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x8}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_DFS_CAC_TIME={0x8}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0xbdf2}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x4}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x3f}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x2}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x1}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x4}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x6}]}]}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_REG_RULES={0x30, 0x22, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x97}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7}, @NL80211_ATTR_FREQ_RANGE_START={0x8}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x5}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xbf}]}]}, @NL80211_ATTR_REG_RULES={0x70, 0x22, 0x0, 0x1, [{0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x8}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x7}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x7}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x4}, @NL80211_ATTR_FREQ_RANGE_START={0x8}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0xf8000000}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x81}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x9f77}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xc00}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x6}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x4}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x1}]}]}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x11}, @NL80211_ATTR_REG_RULES={0xa0, 0x22, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0xc}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x8000}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x7}]}, {0x44, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x3}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x7}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x5}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x3}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x2b9c7db3}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x1}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x9}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x4}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xffffffc1}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7ff}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x400}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xf3}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x236324b4}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x7ad2}]}]}, @NL80211_ATTR_REG_RULES={0xa4, 0x22, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x6}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xffffffff}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xff6}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x6}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x800}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x1}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x41a4}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x3}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x1}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x1ab}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x401}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x5}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x4}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xffff}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0xffff0001}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xfffffff9}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x1}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x11}]}]}]}, 0x29c}, 0x1, 0x0, 0x0, 0x40}, 0x80)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000af2662090000050000000b000100666c6f77657200000c00024731f1422b7add5a8eb074985826180c9849c4d816a0a2b6899b45e912485f67fa3849549644b75ec33ec4f129390874b3188fdb9cc6727be64369a8369ecfc5357fa28c4baca3ad2befe2c908b34650eb1c"], 0x3c}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
socket(0x10, 0x803, 0x0) (async)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) (async)
socket(0x10, 0x80002, 0x0) (async)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)
sendmsg$NL80211_CMD_GET_REG(r5, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f00000006c0)={0x29c, 0x0, 0xc04, 0x70bd25, 0x25dfdbfb, {}, [@NL80211_ATTR_REG_RULES={0x94, 0x22, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x379}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x7fff}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xb8e}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x8}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x1000}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x6}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x8}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_DFS_CAC_TIME={0x8}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0xbdf2}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x4}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x3f}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x2}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x1}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x4}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x6}]}]}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_REG_RULES={0x30, 0x22, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x97}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7}, @NL80211_ATTR_FREQ_RANGE_START={0x8}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x5}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xbf}]}]}, @NL80211_ATTR_REG_RULES={0x70, 0x22, 0x0, 0x1, [{0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x8}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x7}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x7}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x4}, @NL80211_ATTR_FREQ_RANGE_START={0x8}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0xf8000000}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x81}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x9f77}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xc00}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x6}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x4}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x1}]}]}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x11}, @NL80211_ATTR_REG_RULES={0xa0, 0x22, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0xc}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x8000}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x7}]}, {0x44, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x3}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x7}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x5}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x3}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x2b9c7db3}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x1}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x9}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x4}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xffffffc1}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7ff}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x400}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xf3}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x236324b4}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x7ad2}]}]}, @NL80211_ATTR_REG_RULES={0xa4, 0x22, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x6}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xffffffff}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xff6}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x6}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x800}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x1}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x41a4}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x3}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x1}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x1ab}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x401}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x5}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x4}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xffff}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0xffff0001}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xfffffff9}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x1}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x11}]}]}]}, 0x29c}, 0x1, 0x0, 0x0, 0x40}, 0x80) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000af2662090000050000000b000100666c6f77657200000c00024731f1422b7add5a8eb074985826180c9849c4d816a0a2b6899b45e912485f67fa3849549644b75ec33ec4f129390874b3188fdb9cc6727be64369a8369ecfc5357fa28c4baca3ad2befe2c908b34650eb1c"], 0x3c}}, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)

[ 2850.973369][T23035] Memory cgroup out of memory: Killed process 23035 (syz-executor.4) total-vm:54548kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:25 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:25 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xb7)

13:48:25 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x3, 0x6, 0xa)
sendto$inet(r1, &(0x7f0000000240)="a9f7fc04a9eaf3ea3807f60167a51b6694dced1b82dce808fcb29e4e05aeecb7802a6085cb4ccf331143797c7f690c85e198a5298268b5fb94421c19deda5e1ad0750cf4628ee59d1e0b4c0c10ea9b6ea9866f2ac29427dcd9bb9f275331ec0a816118fa0b102094a1d602c253a4960b159c6320b8e8fab3d25a93f8f6b5", 0x7e, 0x80, &(0x7f0000000080)={0x2, 0x4e20, @empty}, 0x10) (async)
r2 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000100), 0x80, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r2, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0, {0x8}}, './file0\x00'}) (async)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r4, @ANYBLOB="00000000000000000500000104666c6f77657200000c0002000000"], 0x3c}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
write$binfmt_elf64(r3, &(0x7f00000006c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3, 0x9, 0x9, 0x7, 0x4, 0x3, 0x6, 0x3, 0x251, 0x40, 0x199, 0x7, 0x30, 0x38, 0x2, 0x8, 0x0, 0xfffa}, [{0x6, 0x1, 0x7fffffffffffffff, 0x7, 0x3f, 0x8, 0x1, 0x4002}], "2ae1f1e0ac576984450a3bc60ebbb553cceb801a628f161873e98fb1e8ae26", ['\x00']}, 0x197) (async, rerun: 32)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r5) (rerun: 32)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) (async, rerun: 32)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r10=>0x0}) (rerun: 32)
sendmsg$NL80211_CMD_FRAME(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0x44, r9, 0x7562f43b63fde81f, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_FRAME={0x27, 0x33, @action={@with_ht={{{}, {}, @device_a, @device_b}}, @channel_switch={0x0, 0x4, {{0x25, 0x3}, @void, @void}}}}]}, 0x44}}, 0x0) (async)
sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r0, &(0x7f0000000540)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000400)={0x40, r7, 0x4, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x8000, 0x4}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x31}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x29}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x4044004)

13:48:25 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xb4)

[ 2851.159986][T23037] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2851.178933][T23037] CPU: 0 PID: 23037 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2851.189421][T23037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2851.199484][T23037] Call Trace:
[ 2851.202769][T23037]  <TASK>
[ 2851.205701][T23037]  dump_stack_lvl+0x136/0x150
[ 2851.210392][T23037]  dump_header+0x10a/0xd70
[ 2851.214824][T23037]  oom_kill_process+0x25d/0x600
[ 2851.219685][T23037]  out_of_memory+0x35c/0x1660
[ 2851.224381][T23037]  ? find_held_lock+0x2d/0x110
[ 2851.229175][T23037]  ? oom_killer_disable+0x2b0/0x2b0
[ 2851.234384][T23037]  ? rcu_read_unlock+0x9/0x60
[ 2851.239091][T23037]  ? find_held_lock+0x2d/0x110
[ 2851.243869][T23037]  mem_cgroup_out_of_memory+0x206/0x270
[ 2851.249447][T23037]  ? mem_cgroup_margin+0x130/0x130
[ 2851.254591][T23037]  ? lock_downgrade+0x690/0x690
[ 2851.259477][T23037]  try_charge_memcg+0xf99/0x13a0
[ 2851.264454][T23037]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2851.270463][T23037]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2851.276204][T23037]  ? lock_downgrade+0x690/0x690
[ 2851.281071][T23037]  ? lock_downgrade+0x690/0x690
[ 2851.285945][T23037]  __memcg_kmem_charge_page+0x16e/0x3c0
[ 2851.291519][T23037]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2851.297696][T23037]  copy_process+0x4f9/0x75c0
[ 2851.302305][T23037]  ? __lock_acquire+0xc17/0x5f30
[ 2851.307267][T23037]  ? pidfd_prepare+0x80/0x80
[ 2851.311882][T23037]  ? psi_memstall_leave+0x174/0x250
[ 2851.317087][T23037]  ? lock_downgrade+0x690/0x690
[ 2851.321958][T23037]  kernel_clone+0xeb/0x890
[ 2851.326476][T23037]  ? create_io_thread+0xe0/0xe0
[ 2851.331348][T23037]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2851.337605][T23037]  ? lock_downgrade+0x690/0x690
[ 2851.342478][T23037]  __do_sys_clone+0xba/0x100
[ 2851.347084][T23037]  ? kernel_clone+0x890/0x890
[ 2851.351787][T23037]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2851.357699][T23037]  do_syscall_64+0x39/0xb0
[ 2851.362137][T23037]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2851.368051][T23037] RIP: 0033:0x7f403688d591
[ 2851.372471][T23037] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2851.392101][T23037] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2851.400984][T23037] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
13:48:25 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6300000000000000)

[ 2851.409064][T23037] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2851.417041][T23037] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2851.425209][T23037] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2851.433208][T23037] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2851.441224][T23037]  </TASK>
13:48:26 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2851.730369][T23037] memory: usage 307184kB, limit 307200kB, failcnt 16886
[ 2851.754165][T23037] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2851.774282][T23037] Memory cgroup stats for /syz4:
[ 2851.774573][T23037] anon 114688
[ 2851.774573][T23037] file 8380416
[ 2851.774573][T23037] kernel 306061312
[ 2851.774573][T23037] kernel_stack 32768
[ 2851.774573][T23037] pagetables 77824
[ 2851.774573][T23037] sec_pagetables 0
[ 2851.774573][T23037] percpu 5477376
[ 2851.774573][T23037] sock 0
[ 2851.774573][T23037] vmalloc 0
[ 2851.774573][T23037] shmem 8380416
[ 2851.774573][T23037] zswap 0
[ 2851.774573][T23037] zswapped 0
[ 2851.774573][T23037] file_mapped 405504
[ 2851.774573][T23037] file_dirty 0
[ 2851.774573][T23037] file_writeback 0
[ 2851.774573][T23037] swapcached 0
[ 2851.774573][T23037] anon_thp 0
[ 2851.774573][T23037] file_thp 0
[ 2851.774573][T23037] shmem_thp 0
[ 2851.774573][T23037] inactive_anon 4096
[ 2851.774573][T23037] active_anon 8491008
[ 2851.774573][T23037] inactive_file 0
[ 2851.774573][T23037] active_file 0
[ 2851.774573][T23037] unevictable 0
[ 2851.774573][T23037] slab_reclaimable 38216
[ 2851.774573][T23037] slab_unreclaimable 300379280
[ 2851.774573][T23037] slab 300417496
[ 2851.774573][T23037] workingset_refault_anon 0
[ 2851.774573][T23037] workingset_refault_file 0
[ 2851.774573][T23037] workingset_activate_anon 0
[ 2851.774573][T23037] workingset_activate_file 0
[ 2851.774573][T23037] workingset_restore_anon 0
[ 2851.774573][T23037] workingset_restore_file 0
[ 2851.774573][T23037] workingset_nodereclaim 0
[ 2851.774573][T23037] pgscan 0
[ 2851.774573][T23037] pgsteal 0
[ 2851.774573][T23037] pgscan_kswapd 0
[ 2851.774573][T23037] pgscan_direct 0
[ 2851.774573][T23037] pgscan_khugepaged 0
[ 2851.774573][T23037] pgsteal_kswapd 0
[ 2851.774573][T23037] pgsteal_direct 0
[ 2851.774573][T23037] pgsteal_khugepaged 0
[ 2851.774573][T23037] pgfault 386291
[ 2851.774573][T23037] pgmajfault 0
[ 2851.774573][T23037] pgrefill 0
[ 2851.774573][T23037] pgactivate 0
[ 2851.774573][T23037] pgdeactivate 0
[ 2851.774573][T23037] pglazyfree 0
[ 2851.774573][T23037] pglazyfreed 0
[ 2851.774573][T23037] zswpin 0
[ 2851.774573][T23037] zswpout 0
[ 2851.774573][T23037] thp_fault_alloc 0
13:48:26 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xb8)

[ 2852.064223][T23037] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23037,uid=0
[ 2852.090248][T23037] Memory cgroup out of memory: Killed process 23037 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:26 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0}) (async)
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$NL80211_CMD_GET_REG(r5, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f00000006c0)={0x29c, 0x0, 0xc04, 0x70bd25, 0x25dfdbfb, {}, [@NL80211_ATTR_REG_RULES={0x94, 0x22, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x379}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x7fff}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xb8e}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x8}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x1000}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x6}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x8}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_DFS_CAC_TIME={0x8}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0xbdf2}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x4}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x3f}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x2}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x1}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x4}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x6}]}]}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_REG_RULES={0x30, 0x22, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x97}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7}, @NL80211_ATTR_FREQ_RANGE_START={0x8}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x5}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xbf}]}]}, @NL80211_ATTR_REG_RULES={0x70, 0x22, 0x0, 0x1, [{0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x8}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x7}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x7}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x4}, @NL80211_ATTR_FREQ_RANGE_START={0x8}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0xf8000000}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x81}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x9f77}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xc00}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x6}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x4}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x1}]}]}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x11}, @NL80211_ATTR_REG_RULES={0xa0, 0x22, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0xc}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x8000}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x7}]}, {0x44, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x3}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x7}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x5}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x3}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x2b9c7db3}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x1}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x9}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x4}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xffffffc1}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7ff}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x400}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xf3}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x236324b4}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x7ad2}]}]}, @NL80211_ATTR_REG_RULES={0xa4, 0x22, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x6}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xffffffff}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xff6}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x6}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x800}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x1}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x41a4}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x3}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x1}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x1ab}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x401}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x5}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x4}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xffff}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0xffff0001}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xfffffff9}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x1}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x11}]}]}]}, 0x29c}, 0x1, 0x0, 0x0, 0x40}, 0x80)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000af2662090000050000000b000100666c6f77657200000c00024731f1422b7add5a8eb074985826180c9849c4d816a0a2b6899b45e912485f67fa3849549644b75ec33ec4f129390874b3188fdb9cc6727be64369a8369ecfc5357fa28c4baca3ad2befe2c908b34650eb1c"], 0x3c}}, 0x0) (async)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2852.432200][T23066] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2852.451272][T23066] CPU: 0 PID: 23066 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2852.461746][T23066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2852.471833][T23066] Call Trace:
[ 2852.475133][T23066]  <TASK>
[ 2852.478086][T23066]  dump_stack_lvl+0x136/0x150
[ 2852.482797][T23066]  dump_header+0x10a/0xd70
[ 2852.487252][T23066]  oom_kill_process+0x25d/0x600
[ 2852.492129][T23066]  out_of_memory+0x35c/0x1660
[ 2852.496855][T23066]  ? find_held_lock+0x2d/0x110
[ 2852.501666][T23066]  ? oom_killer_disable+0x2b0/0x2b0
[ 2852.506893][T23066]  ? rcu_read_unlock+0x9/0x60
[ 2852.511617][T23066]  ? find_held_lock+0x2d/0x110
[ 2852.516421][T23066]  mem_cgroup_out_of_memory+0x206/0x270
[ 2852.522102][T23066]  ? mem_cgroup_margin+0x130/0x130
[ 2852.527255][T23066]  ? lock_downgrade+0x690/0x690
[ 2852.532157][T23066]  try_charge_memcg+0xf99/0x13a0
[ 2852.537188][T23066]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2852.543237][T23066]  ? rcu_read_unlock+0x9/0x60
[ 2852.547938][T23066]  ? lock_downgrade+0x690/0x690
[ 2852.552861][T23066]  charge_memcg+0x90/0x3b0
[ 2852.557319][T23066]  __mem_cgroup_charge+0x2b/0x90
[ 2852.562270][T23066]  ? copy_mc_to_kernel+0x3e/0x90
[ 2852.567227][T23066]  do_wp_page+0x8ea/0x33c0
[ 2852.571660][T23066]  ? lock_sync+0x190/0x190
[ 2852.576089][T23066]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2852.581468][T23066]  ? do_raw_spin_lock+0x124/0x2b0
[ 2852.586517][T23066]  ? spin_bug+0x1c0/0x1c0
[ 2852.590878][T23066]  __handle_mm_fault+0x1635/0x41c0
[ 2852.596003][T23066]  ? vm_iomap_memory+0x190/0x190
[ 2852.600948][T23066]  ? mas_walk+0x58f/0x730
[ 2852.605300][T23066]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2852.610425][T23066]  handle_mm_fault+0x2af/0x9f0
[ 2852.615201][T23066]  do_user_addr_fault+0x2ca/0x1210
[ 2852.620330][T23066]  ? rcu_is_watching+0x12/0xb0
[ 2852.625116][T23066]  exc_page_fault+0x98/0x170
[ 2852.629718][T23066]  asm_exc_page_fault+0x26/0x30
[ 2852.634587][T23066] RIP: 0033:0x7f4036836f7e
[ 2852.639008][T23066] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2852.658711][T23066] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2852.664883][T23066] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000001
[ 2852.673032][T23066] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2852.681008][T23066] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2852.688985][T23066] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2852.696964][T23066] R13: 00007f4036400080 R14: 00007f40369abf80 R15: 0000000000000000
[ 2852.705045][T23066]  </TASK>
13:48:27 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2852.728693][T23066] memory: usage 307200kB, limit 307200kB, failcnt 17004
[ 2852.759601][T23066] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2852.787350][T23066] Memory cgroup stats for /syz4:
[ 2852.787582][T23066] anon 114688
[ 2852.787582][T23066] file 8380416
[ 2852.787582][T23066] kernel 306077696
[ 2852.787582][T23066] kernel_stack 65536
[ 2852.787582][T23066] pagetables 77824
[ 2852.787582][T23066] sec_pagetables 0
[ 2852.787582][T23066] percpu 5477376
[ 2852.787582][T23066] sock 0
[ 2852.787582][T23066] vmalloc 0
[ 2852.787582][T23066] shmem 8380416
[ 2852.787582][T23066] zswap 0
[ 2852.787582][T23066] zswapped 0
[ 2852.787582][T23066] file_mapped 405504
[ 2852.787582][T23066] file_dirty 0
[ 2852.787582][T23066] file_writeback 0
[ 2852.787582][T23066] swapcached 0
[ 2852.787582][T23066] anon_thp 0
[ 2852.787582][T23066] file_thp 0
[ 2852.787582][T23066] shmem_thp 0
[ 2852.787582][T23066] inactive_anon 4096
[ 2852.787582][T23066] active_anon 8491008
[ 2852.787582][T23066] inactive_file 0
[ 2852.787582][T23066] active_file 0
[ 2852.787582][T23066] unevictable 0
[ 2852.787582][T23066] slab_reclaimable 38216
[ 2852.787582][T23066] slab_unreclaimable 300379744
[ 2852.787582][T23066] slab 300417960
[ 2852.787582][T23066] workingset_refault_anon 0
[ 2852.787582][T23066] workingset_refault_file 0
[ 2852.787582][T23066] workingset_activate_anon 0
[ 2852.787582][T23066] workingset_activate_file 0
[ 2852.787582][T23066] workingset_restore_anon 0
[ 2852.787582][T23066] workingset_restore_file 0
[ 2852.787582][T23066] workingset_nodereclaim 0
[ 2852.787582][T23066] pgscan 0
[ 2852.787582][T23066] pgsteal 0
[ 2852.787582][T23066] pgscan_kswapd 0
[ 2852.787582][T23066] pgscan_direct 0
[ 2852.787582][T23066] pgscan_khugepaged 0
[ 2852.787582][T23066] pgsteal_kswapd 0
[ 2852.787582][T23066] pgsteal_direct 0
13:48:27 executing program 5:
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000740)=ANY=[@ANYBLOB="1100"/12, @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB='\x00\b\x00\x00\x00\x00\x00\x00./file0\x00'])
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x1c, 0x1, 0x4d, 0xbd2, 0x250, 0x1, 0xffffff1e, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000800), 0x210000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x7, 0x5, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, [@jmp={0x5, 0x1, 0x0, 0x7, 0xa, 0xfffffffffffffff4, 0xffffffffffffffff}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}]}, &(0x7f0000000400)='syzkaller\x00', 0x400, 0x9f, &(0x7f0000000600)=""/159, 0x40f00, 0x8, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x8, &(0x7f00000006c0)={0x4, 0x1}, 0x8, 0x10, &(0x7f0000000700)={0x0, 0x8, 0x80, 0xfffffffc}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000840)=[r0, 0x1, 0x1, r1, r3, r5, r6, 0x1]}, 0x80)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r8, &(0x7f0000000200)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r11=>0x0})
r12 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r11}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES64=r12, @ANYBLOB="1d00000000000000280012000900010076657468d0c6ad825022e5d5fcbacc162cc631090db14eb4fcb11bd03fe9b5314def8b906c139066eae8da3abfbfeb37a1"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="2c00000024000b0f00"/20, @ANYBLOB="3c870bb7334cbf543024358e5e2771461fa5548e5d68db72376505c6d4cbfdc2c38bc4985054360baa868be8e8867bd0bb8685e3316fa684418f21a154b8ed11b2cc9e7d0efb80e71b2f07faabc5442e4b905f93b07a63feae42fb10bc048276593959a808db3c8c388fa4adb8cb6be52afc41d1287c078bc60a7cdb2d423e6c078d879c62bff034af84b277422fd3ae7829278601d9973c2b69991d12fc79f415ca267718220e012cbcd42caa98ab", @ANYBLOB="00000000ffffffff000000000800010071667102"], 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r9, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r13 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r13, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r14 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r14, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r15, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r16=>0x0})
r17 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r17, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r16}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$TIPC_NL_NAME_TABLE_GET(r17, &(0x7f0000000380)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x20, 0x0, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x44005}, 0x4050)

[ 2852.787582][T23066] pgsteal_khugepaged 0
[ 2852.787582][T23066] pgfault 386329
[ 2852.787582][T23066] pgmajfault 0
[ 2852.787582][T23066] pgrefill 0
[ 2852.787582][T23066] pgactivate 0
[ 2852.787582][T23066] pgdeactivate 0
[ 2852.787582][T23066] pglazyfree 0
[ 2852.787582][T23066] pglazyfreed 0
[ 2852.787582][T23066] zswpin 0
[ 2852.787582][T23066] zswpout 0
[ 2852.787582][T23066] thp_fault_alloc 0
13:48:27 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6301000000000000)

13:48:27 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x4c01000000000000)

[ 2853.195763][T23066] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23066,uid=0
[ 2853.213654][T23066] Memory cgroup out of memory: Killed process 23066 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 2853.226168][T23065] __nla_validate_parse: 35 callbacks suppressed
[ 2853.226191][T23065] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
13:48:27 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2853.282424][T23078] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.5'.
13:48:27 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xb9)

13:48:27 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='snd_soc_dapm_connected\x00'}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2853.456291][T23079] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2853.580688][T23085] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2853.591186][T23085] CPU: 1 PID: 23085 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2853.601641][T23085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2853.611726][T23085] Call Trace:
[ 2853.615028][T23085]  <TASK>
[ 2853.617999][T23085]  dump_stack_lvl+0x136/0x150
[ 2853.622724][T23085]  dump_header+0x10a/0xd70
[ 2853.627180][T23085]  oom_kill_process+0x25d/0x600
[ 2853.632087][T23085]  out_of_memory+0x35c/0x1660
[ 2853.636828][T23085]  ? find_held_lock+0x2d/0x110
[ 2853.641642][T23085]  ? oom_killer_disable+0x2b0/0x2b0
[ 2853.646893][T23085]  ? rcu_read_unlock+0x9/0x60
[ 2853.651657][T23085]  ? find_held_lock+0x2d/0x110
[ 2853.656574][T23085]  mem_cgroup_out_of_memory+0x206/0x270
[ 2853.662152][T23085]  ? mem_cgroup_margin+0x130/0x130
[ 2853.667313][T23085]  ? lock_downgrade+0x690/0x690
[ 2853.672245][T23085]  try_charge_memcg+0xf99/0x13a0
[ 2853.677241][T23085]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2853.683278][T23085]  ? rcu_read_unlock+0x9/0x60
[ 2853.688087][T23085]  ? lock_downgrade+0x690/0x690
[ 2853.693006][T23085]  charge_memcg+0x90/0x3b0
[ 2853.697481][T23085]  __mem_cgroup_charge+0x2b/0x90
[ 2853.702444][T23085]  ? copy_mc_to_kernel+0x3e/0x90
[ 2853.707428][T23085]  do_wp_page+0x8ea/0x33c0
[ 2853.711909][T23085]  ? lock_sync+0x190/0x190
[ 2853.716551][T23085]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2853.721961][T23085]  ? do_raw_spin_lock+0x124/0x2b0
[ 2853.727048][T23085]  ? spin_bug+0x1c0/0x1c0
[ 2853.731436][T23085]  __handle_mm_fault+0x1635/0x41c0
[ 2853.736595][T23085]  ? vm_iomap_memory+0x190/0x190
[ 2853.741585][T23085]  ? mas_walk+0x58f/0x730
[ 2853.745964][T23085]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2853.751115][T23085]  handle_mm_fault+0x2af/0x9f0
[ 2853.756008][T23085]  do_user_addr_fault+0x2ca/0x1210
[ 2853.761169][T23085]  ? rcu_is_watching+0x12/0xb0
[ 2853.765981][T23085]  exc_page_fault+0x98/0x170
[ 2853.770608][T23085]  asm_exc_page_fault+0x26/0x30
[ 2853.775499][T23085] RIP: 0033:0x7f4036836f7e
[ 2853.779937][T23085] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2853.799579][T23085] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2853.805675][T23085] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2853.813677][T23085] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2853.821933][T23085] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2853.829941][T23085] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2853.837952][T23085] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2853.845987][T23085]  </TASK>
[ 2853.870343][T23085] memory: usage 307200kB, limit 307200kB, failcnt 17090
[ 2853.877568][T23085] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2853.885961][T23085] Memory cgroup stats for /syz4:
[ 2853.886185][T23085] anon 114688
[ 2853.886185][T23085] file 8380416
[ 2853.886185][T23085] kernel 306077696
[ 2853.886185][T23085] kernel_stack 65536
[ 2853.886185][T23085] pagetables 77824
[ 2853.886185][T23085] sec_pagetables 0
[ 2853.886185][T23085] percpu 5477376
[ 2853.886185][T23085] sock 0
[ 2853.886185][T23085] vmalloc 0
[ 2853.886185][T23085] shmem 8380416
[ 2853.886185][T23085] zswap 0
[ 2853.886185][T23085] zswapped 0
[ 2853.886185][T23085] file_mapped 405504
[ 2853.886185][T23085] file_dirty 0
[ 2853.886185][T23085] file_writeback 0
[ 2853.886185][T23085] swapcached 0
[ 2853.886185][T23085] anon_thp 0
[ 2853.886185][T23085] file_thp 0
[ 2853.886185][T23085] shmem_thp 0
[ 2853.886185][T23085] inactive_anon 4096
[ 2853.886185][T23085] active_anon 8491008
[ 2853.886185][T23085] inactive_file 0
[ 2853.886185][T23085] active_file 0
[ 2853.886185][T23085] unevictable 0
[ 2853.886185][T23085] slab_reclaimable 38216
[ 2853.886185][T23085] slab_unreclaimable 300379744
[ 2853.886185][T23085] slab 300417960
[ 2853.886185][T23085] workingset_refault_anon 0
[ 2853.886185][T23085] workingset_refault_file 0
[ 2853.886185][T23085] workingset_activate_anon 0
[ 2853.886185][T23085] workingset_activate_file 0
[ 2853.886185][T23085] workingset_restore_anon 0
[ 2853.886185][T23085] workingset_restore_file 0
[ 2853.886185][T23085] workingset_nodereclaim 0
[ 2853.886185][T23085] pgscan 0
[ 2853.886185][T23085] pgsteal 0
[ 2853.886185][T23085] pgscan_kswapd 0
[ 2853.886185][T23085] pgscan_direct 0
[ 2853.886185][T23085] pgscan_khugepaged 0
[ 2853.886185][T23085] pgsteal_kswapd 0
[ 2853.886185][T23085] pgsteal_direct 0
[ 2853.886185][T23085] pgsteal_khugepaged 0
[ 2853.886185][T23085] pgfault 386368
[ 2853.886185][T23085] pgmajfault 0
[ 2853.886185][T23085] pgrefill 0
[ 2853.886185][T23085] pgactivate 0
[ 2853.886185][T23085] pgdeactivate 0
[ 2853.886185][T23085] pglazyfree 0
[ 2853.886185][T23085] pglazyfreed 0
[ 2853.886185][T23085] zswpin 0
[ 2853.886185][T23085] zswpout 0
[ 2853.886185][T23085] thp_fault_alloc 0
[ 2854.123833][T23075] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2854.140717][T23080] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2854.191002][T23083] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2854.273864][T23085] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23085,uid=0
13:48:28 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2854.334160][T23086] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2854.347663][T23085] Memory cgroup out of memory: Killed process 23085 (syz-executor.4) total-vm:54548kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 2854.363324][T23089] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
13:48:28 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='snd_soc_dapm_connected\x00'}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
socket(0x10, 0x803, 0x0) (async)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='snd_soc_dapm_connected\x00'}, 0x10) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)

13:48:28 executing program 5:
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000740)=ANY=[@ANYBLOB="1100"/12, @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB='\x00\b\x00\x00\x00\x00\x00\x00./file0\x00'])
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x1c, 0x1, 0x4d, 0xbd2, 0x250, 0x1, 0xffffff1e, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c) (async, rerun: 64)
r6 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000800), 0x210000, 0x0) (rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x7, 0x5, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, [@jmp={0x5, 0x1, 0x0, 0x7, 0xa, 0xfffffffffffffff4, 0xffffffffffffffff}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}]}, &(0x7f0000000400)='syzkaller\x00', 0x400, 0x9f, &(0x7f0000000600)=""/159, 0x40f00, 0x8, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x8, &(0x7f00000006c0)={0x4, 0x1}, 0x8, 0x10, &(0x7f0000000700)={0x0, 0x8, 0x80, 0xfffffffc}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000840)=[r0, 0x1, 0x1, r1, r3, r5, r6, 0x1]}, 0x80) (async)
r7 = socket$netlink(0x10, 0x3, 0x0) (async)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async, rerun: 32)
getsockname$packet(r8, &(0x7f0000000200)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async, rerun: 32)
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r11=>0x0}) (async)
r12 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r11}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES64=r12, @ANYBLOB="1d00000000000000280012000900010076657468d0c6ad825022e5d5fcbacc162cc631090db14eb4fcb11bd03fe9b5314def8b906c139066eae8da3abfbfeb37a1"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="2c00000024000b0f00"/20, @ANYBLOB="3c870bb7334cbf543024358e5e2771461fa5548e5d68db72376505c6d4cbfdc2c38bc4985054360baa868be8e8867bd0bb8685e3316fa684418f21a154b8ed11b2cc9e7d0efb80e71b2f07faabc5442e4b905f93b07a63feae42fb10bc048276593959a808db3c8c388fa4adb8cb6be52afc41d1287c078bc60a7cdb2d423e6c078d879c62bff034af84b277422fd3ae7829278601d9973c2b69991d12fc79f415ca267718220e012cbcd42caa98ab", @ANYBLOB="00000000ffffffff000000000800010071667102"], 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r9, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r13 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r13, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r14 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r14, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r15, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r16=>0x0}) (async, rerun: 32)
r17 = socket(0x10, 0x80002, 0x0) (rerun: 32)
sendmsg$nl_route(r17, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r16}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$TIPC_NL_NAME_TABLE_GET(r17, &(0x7f0000000380)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x20, 0x0, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x44005}, 0x4050)

[ 2854.514424][T23092] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2854.545121][T23081] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
13:48:28 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xba)

[ 2854.563909][T23097] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2854.595771][T23097] CPU: 0 PID: 23097 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2854.606336][T23097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2854.616434][T23097] Call Trace:
[ 2854.619760][T23097]  <TASK>
[ 2854.622711][T23097]  dump_stack_lvl+0x136/0x150
[ 2854.627423][T23097]  dump_header+0x10a/0xd70
[ 2854.631871][T23097]  oom_kill_process+0x25d/0x600
[ 2854.636766][T23097]  out_of_memory+0x35c/0x1660
[ 2854.641477][T23097]  ? find_held_lock+0x2d/0x110
[ 2854.646273][T23097]  ? oom_killer_disable+0x2b0/0x2b0
[ 2854.651501][T23097]  ? rcu_read_unlock+0x9/0x60
[ 2854.656216][T23097]  ? find_held_lock+0x2d/0x110
[ 2854.661021][T23097]  mem_cgroup_out_of_memory+0x206/0x270
[ 2854.666599][T23097]  ? mem_cgroup_margin+0x130/0x130
[ 2854.671824][T23097]  ? lock_downgrade+0x690/0x690
[ 2854.676798][T23097]  try_charge_memcg+0xf99/0x13a0
[ 2854.681763][T23097]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2854.687770][T23097]  ? rcu_read_unlock+0x9/0x60
[ 2854.692456][T23097]  ? lock_downgrade+0x690/0x690
[ 2854.697336][T23097]  charge_memcg+0x90/0x3b0
[ 2854.701774][T23097]  __mem_cgroup_charge+0x2b/0x90
[ 2854.706754][T23097]  ? copy_mc_to_kernel+0x3e/0x90
[ 2854.711720][T23097]  do_wp_page+0x8ea/0x33c0
[ 2854.716150][T23097]  ? lock_sync+0x190/0x190
[ 2854.720593][T23097]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2854.725978][T23097]  ? do_raw_spin_lock+0x124/0x2b0
[ 2854.731019][T23097]  ? spin_bug+0x1c0/0x1c0
[ 2854.735371][T23097]  __handle_mm_fault+0x1635/0x41c0
[ 2854.740502][T23097]  ? vm_iomap_memory+0x190/0x190
[ 2854.745445][T23097]  ? mas_walk+0x58f/0x730
[ 2854.749798][T23097]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2854.754942][T23097]  handle_mm_fault+0x2af/0x9f0
[ 2854.759747][T23097]  do_user_addr_fault+0x2ca/0x1210
[ 2854.764900][T23097]  ? rcu_is_watching+0x12/0xb0
[ 2854.769692][T23097]  exc_page_fault+0x98/0x170
[ 2854.774297][T23097]  asm_exc_page_fault+0x26/0x30
[ 2854.779166][T23097] RIP: 0033:0x7f4036836f7e
[ 2854.783586][T23097] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2854.803201][T23097] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
13:48:29 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x4c01000000000000)

[ 2854.809273][T23097] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2854.817333][T23097] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2854.825308][T23097] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2854.833299][T23097] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2854.841272][T23097] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2854.849276][T23097]  </TASK>
13:48:29 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6400000000000000)

[ 2854.885496][T23097] memory: usage 307200kB, limit 307200kB, failcnt 17170
[ 2854.894571][T23097] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2854.909277][T23097] Memory cgroup stats for /syz4:
[ 2854.909727][T23097] anon 114688
[ 2854.909727][T23097] file 8380416
[ 2854.909727][T23097] kernel 306077696
[ 2854.909727][T23097] kernel_stack 65536
[ 2854.909727][T23097] pagetables 77824
[ 2854.909727][T23097] sec_pagetables 0
[ 2854.909727][T23097] percpu 5477376
[ 2854.909727][T23097] sock 0
[ 2854.909727][T23097] vmalloc 0
[ 2854.909727][T23097] shmem 8380416
[ 2854.909727][T23097] zswap 0
[ 2854.909727][T23097] zswapped 0
[ 2854.909727][T23097] file_mapped 405504
[ 2854.909727][T23097] file_dirty 0
[ 2854.909727][T23097] file_writeback 0
[ 2854.909727][T23097] swapcached 0
[ 2854.909727][T23097] anon_thp 0
[ 2854.909727][T23097] file_thp 0
[ 2854.909727][T23097] shmem_thp 0
[ 2854.909727][T23097] inactive_anon 4096
[ 2854.909727][T23097] active_anon 8491008
[ 2854.909727][T23097] inactive_file 0
[ 2854.909727][T23097] active_file 0
[ 2854.909727][T23097] unevictable 0
[ 2854.909727][T23097] slab_reclaimable 38216
[ 2854.909727][T23097] slab_unreclaimable 300379744
[ 2854.909727][T23097] slab 300417960
[ 2854.909727][T23097] workingset_refault_anon 0
[ 2854.909727][T23097] workingset_refault_file 0
[ 2854.909727][T23097] workingset_activate_anon 0
[ 2854.909727][T23097] workingset_activate_file 0
[ 2854.909727][T23097] workingset_restore_anon 0
[ 2854.909727][T23097] workingset_restore_file 0
[ 2854.909727][T23097] workingset_nodereclaim 0
[ 2854.909727][T23097] pgscan 0
[ 2854.909727][T23097] pgsteal 0
[ 2854.909727][T23097] pgscan_kswapd 0
[ 2854.909727][T23097] pgscan_direct 0
[ 2854.909727][T23097] pgscan_khugepaged 0
[ 2854.909727][T23097] pgsteal_kswapd 0
[ 2854.909727][T23097] pgsteal_direct 0
[ 2854.909727][T23097] pgsteal_khugepaged 0
[ 2854.909727][T23097] pgfault 386407
[ 2854.909727][T23097] pgmajfault 0
[ 2854.909727][T23097] pgrefill 0
[ 2854.909727][T23097] pgactivate 0
[ 2854.909727][T23097] pgdeactivate 0
[ 2854.909727][T23097] pglazyfree 0
[ 2854.909727][T23097] pglazyfreed 0
[ 2854.909727][T23097] zswpin 0
[ 2854.909727][T23097] zswpout 0
[ 2854.909727][T23097] thp_fault_alloc 0
13:48:29 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:29 executing program 5:
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000740)=ANY=[@ANYBLOB="1100"/12, @ANYRES32, @ANYBLOB='\x00\b\x00\x00\x00\x00\x00\x00./file0\x00']) (async)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000740)=ANY=[@ANYBLOB="1100"/12, @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB='\x00\b\x00\x00\x00\x00\x00\x00./file0\x00'])
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x1c, 0x1, 0x4d, 0xbd2, 0x250, 0x1, 0xffffff1e, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x5}, 0x48)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) (async)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) (async)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c) (async)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000800), 0x210000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x7, 0x5, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, [@jmp={0x5, 0x1, 0x0, 0x7, 0xa, 0xfffffffffffffff4, 0xffffffffffffffff}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}]}, &(0x7f0000000400)='syzkaller\x00', 0x400, 0x9f, &(0x7f0000000600)=""/159, 0x40f00, 0x8, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x8, &(0x7f00000006c0)={0x4, 0x1}, 0x8, 0x10, &(0x7f0000000700)={0x0, 0x8, 0x80, 0xfffffffc}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000840)=[r0, 0x1, 0x1, r1, r3, r5, r6, 0x1]}, 0x80)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
sendmsg$SMC_PNETID_ADD(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r8, &(0x7f0000000200)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r11=>0x0})
socket(0x10, 0x80002, 0x0) (async)
r12 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r11}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)
sendmsg$nl_route(r12, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r11}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES64=r12, @ANYBLOB="1d00000000000000280012000900010076657468d0c6ad825022e5d5fcbacc162cc631090db14eb4fcb11bd03fe9b5314def8b906c139066eae8da3abfbfeb37a1"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="2c00000024000b0f00"/20, @ANYBLOB="3c870bb7334cbf543024358e5e2771461fa5548e5d68db72376505c6d4cbfdc2c38bc4985054360baa868be8e8867bd0bb8685e3316fa684418f21a154b8ed11b2cc9e7d0efb80e71b2f07faabc5442e4b905f93b07a63feae42fb10bc048276593959a808db3c8c388fa4adb8cb6be52afc41d1287c078bc60a7cdb2d423e6c078d879c62bff034af84b277422fd3ae7829278601d9973c2b69991d12fc79f415ca267718220e012cbcd42caa98ab", @ANYBLOB="00000000ffffffff000000000800010071667102"], 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="2c00000024000b0f00"/20, @ANYBLOB="3c870bb7334cbf543024358e5e2771461fa5548e5d68db72376505c6d4cbfdc2c38bc4985054360baa868be8e8867bd0bb8685e3316fa684418f21a154b8ed11b2cc9e7d0efb80e71b2f07faabc5442e4b905f93b07a63feae42fb10bc048276593959a808db3c8c388fa4adb8cb6be52afc41d1287c078bc60a7cdb2d423e6c078d879c62bff034af84b277422fd3ae7829278601d9973c2b69991d12fc79f415ca267718220e012cbcd42caa98ab", @ANYBLOB="00000000ffffffff000000000800010071667102"], 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r9, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r13 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r13, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r14 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r14, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r15, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r16=>0x0})
r17 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r17, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r16}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$TIPC_NL_NAME_TABLE_GET(r17, &(0x7f0000000380)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x20, 0x0, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x44005}, 0x4050) (async)
sendmsg$TIPC_NL_NAME_TABLE_GET(r17, &(0x7f0000000380)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x20, 0x0, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x44005}, 0x4050)

[ 2855.196484][T23097] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23097,uid=0
[ 2855.214058][T23097] Memory cgroup out of memory: Killed process 23097 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:29 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='snd_soc_dapm_connected\x00'}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
socket(0x10, 0x803, 0x0) (async)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='snd_soc_dapm_connected\x00'}, 0x10) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)

13:48:29 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="480000008000000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000200280012000900010076657f9c"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:29 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xbb)

[ 2855.578734][T23123] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2855.627483][T23123] CPU: 0 PID: 23123 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2855.637961][T23123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2855.648048][T23123] Call Trace:
[ 2855.651339][T23123]  <TASK>
[ 2855.654293][T23123]  dump_stack_lvl+0x136/0x150
[ 2855.659008][T23123]  dump_header+0x10a/0xd70
[ 2855.663473][T23123]  oom_kill_process+0x25d/0x600
[ 2855.668366][T23123]  out_of_memory+0x35c/0x1660
[ 2855.673069][T23123]  ? find_held_lock+0x2d/0x110
[ 2855.677849][T23123]  ? oom_killer_disable+0x2b0/0x2b0
[ 2855.683058][T23123]  ? rcu_read_unlock+0x9/0x60
[ 2855.687922][T23123]  ? find_held_lock+0x2d/0x110
[ 2855.692706][T23123]  mem_cgroup_out_of_memory+0x206/0x270
[ 2855.698279][T23123]  ? mem_cgroup_margin+0x130/0x130
[ 2855.703407][T23123]  ? lock_downgrade+0x690/0x690
[ 2855.708289][T23123]  try_charge_memcg+0xf99/0x13a0
[ 2855.713256][T23123]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2855.719265][T23123]  ? rcu_read_unlock+0x9/0x60
[ 2855.723954][T23123]  ? lock_downgrade+0x690/0x690
[ 2855.728922][T23123]  charge_memcg+0x90/0x3b0
[ 2855.733368][T23123]  __mem_cgroup_charge+0x2b/0x90
[ 2855.738318][T23123]  ? copy_mc_to_kernel+0x3e/0x90
[ 2855.743283][T23123]  do_wp_page+0x8ea/0x33c0
[ 2855.747977][T23123]  ? lock_sync+0x190/0x190
[ 2855.752435][T23123]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2855.757820][T23123]  ? do_raw_spin_lock+0x124/0x2b0
[ 2855.762875][T23123]  ? spin_bug+0x1c0/0x1c0
[ 2855.767237][T23123]  __handle_mm_fault+0x1635/0x41c0
[ 2855.772369][T23123]  ? vm_iomap_memory+0x190/0x190
[ 2855.777403][T23123]  ? mas_walk+0x58f/0x730
[ 2855.781759][T23123]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2855.786885][T23123]  handle_mm_fault+0x2af/0x9f0
[ 2855.791663][T23123]  do_user_addr_fault+0x2ca/0x1210
[ 2855.796792][T23123]  ? rcu_is_watching+0x12/0xb0
[ 2855.801587][T23123]  exc_page_fault+0x98/0x170
[ 2855.806202][T23123]  asm_exc_page_fault+0x26/0x30
[ 2855.811081][T23123] RIP: 0033:0x7f4036836f7e
[ 2855.815518][T23123] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2855.835223][T23123] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2855.841313][T23123] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2855.849464][T23123] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2855.857447][T23123] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2855.865426][T23123] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2855.873577][T23123] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2855.881656][T23123]  </TASK>
[ 2855.890948][T23123] memory: usage 307200kB, limit 307200kB, failcnt 17258
[ 2855.923380][T23123] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2855.960348][T23123] Memory cgroup stats for /syz4:
[ 2855.961818][T23123] anon 114688
[ 2855.961818][T23123] file 8380416
[ 2855.961818][T23123] kernel 306077696
[ 2855.961818][T23123] kernel_stack 65536
[ 2855.961818][T23123] pagetables 77824
[ 2855.961818][T23123] sec_pagetables 0
[ 2855.961818][T23123] percpu 5477376
[ 2855.961818][T23123] sock 0
[ 2855.961818][T23123] vmalloc 0
[ 2855.961818][T23123] shmem 8380416
[ 2855.961818][T23123] zswap 0
[ 2855.961818][T23123] zswapped 0
[ 2855.961818][T23123] file_mapped 405504
[ 2855.961818][T23123] file_dirty 0
[ 2855.961818][T23123] file_writeback 0
[ 2855.961818][T23123] swapcached 0
[ 2855.961818][T23123] anon_thp 0
[ 2855.961818][T23123] file_thp 0
[ 2855.961818][T23123] shmem_thp 0
[ 2855.961818][T23123] inactive_anon 4096
[ 2855.961818][T23123] active_anon 8491008
[ 2855.961818][T23123] inactive_file 0
[ 2855.961818][T23123] active_file 0
[ 2855.961818][T23123] unevictable 0
[ 2855.961818][T23123] slab_reclaimable 38216
[ 2855.961818][T23123] slab_unreclaimable 300379744
[ 2855.961818][T23123] slab 300417960
[ 2855.961818][T23123] workingset_refault_anon 0
[ 2855.961818][T23123] workingset_refault_file 0
[ 2855.961818][T23123] workingset_activate_anon 0
[ 2855.961818][T23123] workingset_activate_file 0
[ 2855.961818][T23123] workingset_restore_anon 0
[ 2855.961818][T23123] workingset_restore_file 0
[ 2855.961818][T23123] workingset_nodereclaim 0
[ 2855.961818][T23123] pgscan 0
[ 2855.961818][T23123] pgsteal 0
[ 2855.961818][T23123] pgscan_kswapd 0
[ 2855.961818][T23123] pgscan_direct 0
[ 2855.961818][T23123] pgscan_khugepaged 0
[ 2855.961818][T23123] pgsteal_kswapd 0
[ 2855.961818][T23123] pgsteal_direct 0
[ 2855.961818][T23123] pgsteal_khugepaged 0
[ 2855.961818][T23123] pgfault 386446
[ 2855.961818][T23123] pgmajfault 0
[ 2855.961818][T23123] pgrefill 0
[ 2855.961818][T23123] pgactivate 0
[ 2855.961818][T23123] pgdeactivate 0
[ 2855.961818][T23123] pglazyfree 0
[ 2855.961818][T23123] pglazyfreed 0
[ 2855.961818][T23123] zswpin 0
[ 2855.961818][T23123] zswpout 0
[ 2855.961818][T23123] thp_fault_alloc 0
[ 2856.166116][T23123] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23123,uid=0
[ 2856.255268][T23123] Memory cgroup out of memory: Killed process 23123 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:30 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:30 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="480000008000000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000200280012000900010076657f9c"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
socket(0x10, 0x803, 0x0) (async)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="480000008000000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000200280012000900010076657f9c"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)

13:48:30 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000500)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)=@ipv6_getroute={0x3c, 0x1a, 0x10, 0x70bd2c, 0x25dfdbff, {0xa, 0x14, 0x10, 0x20, 0xfe, 0x3, 0xff, 0xb, 0x2000}, [@RTA_ENCAP={0x18, 0x16, 0x0, 0x1, @LWTUNNEL_IP6_DST={0x14, 0x2, @remote}}, @RTA_PREF={0x5}]}, 0x3c}}, 0x4)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000100)=<r6=>0x0)
sendmsg$AUDIT_SET(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x3c, 0x3e9, 0x800, 0x70bd2b, 0x25dfdbfb, {0x4, 0x0, 0x1, r6, 0x5, 0x2, 0x1, 0x7f, 0x0, 0x3, 0x5}, [""]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x80)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r8, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:30 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x4c01000000000000)

13:48:30 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6401000000000000)

13:48:30 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xbc)

[ 2856.528203][T23139] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2856.547604][T23139] CPU: 1 PID: 23139 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2856.558074][T23139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2856.568150][T23139] Call Trace:
[ 2856.571456][T23139]  <TASK>
[ 2856.574419][T23139]  dump_stack_lvl+0x136/0x150
[ 2856.579146][T23139]  dump_header+0x10a/0xd70
[ 2856.583617][T23139]  oom_kill_process+0x25d/0x600
[ 2856.588514][T23139]  out_of_memory+0x35c/0x1660
[ 2856.593230][T23139]  ? find_held_lock+0x2d/0x110
[ 2856.598031][T23139]  ? oom_killer_disable+0x2b0/0x2b0
[ 2856.603260][T23139]  ? rcu_read_unlock+0x9/0x60
[ 2856.607982][T23139]  ? find_held_lock+0x2d/0x110
[ 2856.612779][T23139]  mem_cgroup_out_of_memory+0x206/0x270
[ 2856.618374][T23139]  ? mem_cgroup_margin+0x130/0x130
[ 2856.623528][T23139]  ? lock_downgrade+0x690/0x690
[ 2856.628437][T23139]  try_charge_memcg+0xf99/0x13a0
[ 2856.633425][T23139]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2856.639472][T23139]  ? rcu_read_unlock+0x9/0x60
[ 2856.644191][T23139]  ? lock_downgrade+0x690/0x690
[ 2856.649180][T23139]  charge_memcg+0x90/0x3b0
[ 2856.653746][T23139]  __mem_cgroup_charge+0x2b/0x90
[ 2856.658723][T23139]  ? copy_mc_to_kernel+0x3e/0x90
[ 2856.663698][T23139]  do_wp_page+0x8ea/0x33c0
[ 2856.668211][T23139]  ? lock_sync+0x190/0x190
[ 2856.672764][T23139]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2856.678172][T23139]  ? do_raw_spin_lock+0x124/0x2b0
[ 2856.683249][T23139]  ? spin_bug+0x1c0/0x1c0
[ 2856.687739][T23139]  __handle_mm_fault+0x1635/0x41c0
[ 2856.692897][T23139]  ? vm_iomap_memory+0x190/0x190
[ 2856.697951][T23139]  ? mas_walk+0x58f/0x730
[ 2856.702517][T23139]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2856.707666][T23139]  handle_mm_fault+0x2af/0x9f0
[ 2856.712468][T23139]  do_user_addr_fault+0x2ca/0x1210
[ 2856.717621][T23139]  ? rcu_is_watching+0x12/0xb0
[ 2856.722449][T23139]  exc_page_fault+0x98/0x170
[ 2856.727084][T23139]  asm_exc_page_fault+0x26/0x30
[ 2856.731975][T23139] RIP: 0033:0x7f4036836f7e
[ 2856.736594][T23139] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2856.756248][T23139] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2856.762367][T23139] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2856.770389][T23139] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
13:48:31 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="480000008000000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000200280012000900010076657f9c"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2856.778407][T23139] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2856.786587][T23139] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2856.794591][T23139] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2856.802622][T23139]  </TASK>
13:48:31 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2856.998448][T23139] memory: usage 307200kB, limit 307200kB, failcnt 17332
[ 2857.005819][T23139] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2857.015952][T23139] Memory cgroup stats for /syz4:
[ 2857.016212][T23139] anon 114688
[ 2857.016212][T23139] file 8380416
[ 2857.016212][T23139] kernel 306077696
[ 2857.016212][T23139] kernel_stack 65536
[ 2857.016212][T23139] pagetables 77824
[ 2857.016212][T23139] sec_pagetables 0
[ 2857.016212][T23139] percpu 5477376
[ 2857.016212][T23139] sock 0
[ 2857.016212][T23139] vmalloc 0
[ 2857.016212][T23139] shmem 8380416
[ 2857.016212][T23139] zswap 0
[ 2857.016212][T23139] zswapped 0
[ 2857.016212][T23139] file_mapped 405504
[ 2857.016212][T23139] file_dirty 0
[ 2857.016212][T23139] file_writeback 0
[ 2857.016212][T23139] swapcached 0
[ 2857.016212][T23139] anon_thp 0
[ 2857.016212][T23139] file_thp 0
[ 2857.016212][T23139] shmem_thp 0
[ 2857.016212][T23139] inactive_anon 4096
[ 2857.016212][T23139] active_anon 8491008
[ 2857.016212][T23139] inactive_file 0
[ 2857.016212][T23139] active_file 0
[ 2857.016212][T23139] unevictable 0
[ 2857.016212][T23139] slab_reclaimable 38216
[ 2857.016212][T23139] slab_unreclaimable 300379744
[ 2857.016212][T23139] slab 300417960
[ 2857.016212][T23139] workingset_refault_anon 0
[ 2857.016212][T23139] workingset_refault_file 0
[ 2857.016212][T23139] workingset_activate_anon 0
[ 2857.016212][T23139] workingset_activate_file 0
[ 2857.016212][T23139] workingset_restore_anon 0
[ 2857.016212][T23139] workingset_restore_file 0
[ 2857.016212][T23139] workingset_nodereclaim 0
[ 2857.016212][T23139] pgscan 0
[ 2857.016212][T23139] pgsteal 0
[ 2857.016212][T23139] pgscan_kswapd 0
[ 2857.016212][T23139] pgscan_direct 0
[ 2857.016212][T23139] pgscan_khugepaged 0
[ 2857.016212][T23139] pgsteal_kswapd 0
[ 2857.016212][T23139] pgsteal_direct 0
[ 2857.016212][T23139] pgsteal_khugepaged 0
[ 2857.016212][T23139] pgfault 386482
[ 2857.016212][T23139] pgmajfault 0
[ 2857.016212][T23139] pgrefill 0
[ 2857.016212][T23139] pgactivate 0
[ 2857.016212][T23139] pgdeactivate 0
[ 2857.016212][T23139] pglazyfree 0
[ 2857.016212][T23139] pglazyfreed 0
[ 2857.016212][T23139] zswpin 0
[ 2857.016212][T23139] zswpout 0
[ 2857.016212][T23139] thp_fault_alloc 0
[ 2857.215667][T23139] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23139,uid=0
[ 2857.232472][T23139] Memory cgroup out of memory: Killed process 23139 (syz-executor.4) total-vm:54548kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:31 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000500)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)=@ipv6_getroute={0x3c, 0x1a, 0x10, 0x70bd2c, 0x25dfdbff, {0xa, 0x14, 0x10, 0x20, 0xfe, 0x3, 0xff, 0xb, 0x2000}, [@RTA_ENCAP={0x18, 0x16, 0x0, 0x1, @LWTUNNEL_IP6_DST={0x14, 0x2, @remote}}, @RTA_PREF={0x5}]}, 0x3c}}, 0x4)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000100)=<r6=>0x0)
sendmsg$AUDIT_SET(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x3c, 0x3e9, 0x800, 0x70bd2b, 0x25dfdbfb, {0x4, 0x0, 0x1, r6, 0x5, 0x2, 0x1, 0x7f, 0x0, 0x3, 0x5}, [""]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x80) (async)
sendmsg$AUDIT_SET(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x3c, 0x3e9, 0x800, 0x70bd2b, 0x25dfdbfb, {0x4, 0x0, 0x1, r6, 0x5, 0x2, 0x1, 0x7f, 0x0, 0x3, 0x5}, [""]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x80)
socket$netlink(0x10, 0x3, 0x0) (async)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r8, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2857.361246][T23163] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2857.375831][T23163] CPU: 1 PID: 23163 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2857.386324][T23163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2857.396414][T23163] Call Trace:
[ 2857.399711][T23163]  <TASK>
[ 2857.402657][T23163]  dump_stack_lvl+0x136/0x150
[ 2857.407376][T23163]  dump_header+0x10a/0xd70
[ 2857.411836][T23163]  oom_kill_process+0x25d/0x600
[ 2857.416832][T23163]  out_of_memory+0x35c/0x1660
[ 2857.421551][T23163]  ? find_held_lock+0x2d/0x110
[ 2857.426349][T23163]  ? oom_killer_disable+0x2b0/0x2b0
[ 2857.431583][T23163]  ? rcu_read_unlock+0x9/0x60
[ 2857.436276][T23163]  ? find_held_lock+0x2d/0x110
[ 2857.441059][T23163]  mem_cgroup_out_of_memory+0x206/0x270
[ 2857.446634][T23163]  ? mem_cgroup_margin+0x130/0x130
[ 2857.451767][T23163]  ? lock_downgrade+0x690/0x690
[ 2857.456653][T23163]  try_charge_memcg+0xf99/0x13a0
[ 2857.461621][T23163]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2857.467632][T23163]  ? rcu_read_unlock+0x9/0x60
[ 2857.472325][T23163]  ? lock_downgrade+0x690/0x690
[ 2857.477221][T23163]  charge_memcg+0x90/0x3b0
[ 2857.481668][T23163]  __mem_cgroup_charge+0x2b/0x90
[ 2857.486614][T23163]  ? copy_mc_to_kernel+0x3e/0x90
[ 2857.491573][T23163]  do_wp_page+0x8ea/0x33c0
[ 2857.496008][T23163]  ? lock_sync+0x190/0x190
[ 2857.500447][T23163]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2857.505828][T23163]  ? do_raw_spin_lock+0x124/0x2b0
[ 2857.510873][T23163]  ? spin_bug+0x1c0/0x1c0
[ 2857.515325][T23163]  __handle_mm_fault+0x1635/0x41c0
[ 2857.520455][T23163]  ? vm_iomap_memory+0x190/0x190
[ 2857.525401][T23163]  ? mas_walk+0x58f/0x730
[ 2857.529766][T23163]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2857.534898][T23163]  handle_mm_fault+0x2af/0x9f0
[ 2857.539685][T23163]  do_user_addr_fault+0x2ca/0x1210
[ 2857.544812][T23163]  ? rcu_is_watching+0x12/0xb0
[ 2857.549689][T23163]  exc_page_fault+0x98/0x170
[ 2857.554295][T23163]  asm_exc_page_fault+0x26/0x30
[ 2857.559166][T23163] RIP: 0033:0x7f4036836f7e
[ 2857.563586][T23163] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2857.583207][T23163] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2857.589281][T23163] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2857.597255][T23163] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2857.605231][T23163] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2857.613208][T23163] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2857.621185][T23163] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2857.629176][T23163]  </TASK>
13:48:32 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'lo\x00', <r4=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000500)=@getlink={0xfc, 0x12, 0x20, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, 0x10000, 0x1000}, [@IFLA_IFALIAS={0x14, 0x14, 'gretap0\x00'}, @IFLA_PROMISCUITY={0x8, 0x1e, 0x43}, @IFLA_PROP_LIST={0xb8, 0x34, 0x0, 0x1, [{0x14, 0x35, 'bridge0\x00'}, {0x14}, {0x14, 0x35, 'veth1_vlan\x00'}, {0x14, 0x35, 'erspan0\x00'}, {0x14, 0x35, 'syzkaller1\x00'}, {0x14, 0x35, 'sit0\x00'}, {0x14, 0x35, 'geneve0\x00'}, {0x14, 0x35, 'veth1_virt_wifi\x00'}, {0x14, 0x35, 'wg2\x00'}]}, @IFLA_EVENT={0x8, 0x2c, 0x2}]}, 0xfc}, 0x1, 0x0, 0x0, 0x10}, 0x408c800)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:32 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xbd)

13:48:32 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:32 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6500000000000000)

13:48:32 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x70)

13:48:32 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2858.206736][T23163] memory: usage 307200kB, limit 307200kB, failcnt 17385
[ 2858.215856][T23163] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2858.230713][T23163] Memory cgroup stats for /syz4:
[ 2858.230966][T23163] anon 114688
[ 2858.230966][T23163] file 8380416
[ 2858.230966][T23163] kernel 306077696
[ 2858.230966][T23163] kernel_stack 65536
[ 2858.230966][T23163] pagetables 77824
[ 2858.230966][T23163] sec_pagetables 0
[ 2858.230966][T23163] percpu 5477376
[ 2858.230966][T23163] sock 0
[ 2858.230966][T23163] vmalloc 0
[ 2858.230966][T23163] shmem 8380416
[ 2858.230966][T23163] zswap 0
[ 2858.230966][T23163] zswapped 0
[ 2858.230966][T23163] file_mapped 405504
[ 2858.230966][T23163] file_dirty 0
[ 2858.230966][T23163] file_writeback 0
[ 2858.230966][T23163] swapcached 0
[ 2858.230966][T23163] anon_thp 0
[ 2858.230966][T23163] file_thp 0
[ 2858.230966][T23163] shmem_thp 0
[ 2858.230966][T23163] inactive_anon 4096
[ 2858.230966][T23163] active_anon 8491008
[ 2858.230966][T23163] inactive_file 0
[ 2858.230966][T23163] active_file 0
[ 2858.230966][T23163] unevictable 0
[ 2858.230966][T23163] slab_reclaimable 38216
[ 2858.230966][T23163] slab_unreclaimable 300379744
[ 2858.230966][T23163] slab 300417960
[ 2858.230966][T23163] workingset_refault_anon 0
[ 2858.230966][T23163] workingset_refault_file 0
[ 2858.230966][T23163] workingset_activate_anon 0
[ 2858.230966][T23163] workingset_activate_file 0
[ 2858.230966][T23163] workingset_restore_anon 0
[ 2858.230966][T23163] workingset_restore_file 0
[ 2858.230966][T23163] workingset_nodereclaim 0
[ 2858.230966][T23163] pgscan 0
[ 2858.230966][T23163] pgsteal 0
[ 2858.230966][T23163] pgscan_kswapd 0
[ 2858.230966][T23163] pgscan_direct 0
[ 2858.230966][T23163] pgscan_khugepaged 0
[ 2858.230966][T23163] pgsteal_kswapd 0
[ 2858.230966][T23163] pgsteal_direct 0
[ 2858.230966][T23163] pgsteal_khugepaged 0
[ 2858.230966][T23163] pgfault 386521
[ 2858.230966][T23163] pgmajfault 0
[ 2858.230966][T23163] pgrefill 0
[ 2858.230966][T23163] pgactivate 0
[ 2858.230966][T23163] pgdeactivate 0
[ 2858.230966][T23163] pglazyfree 0
[ 2858.230966][T23163] pglazyfreed 0
[ 2858.230966][T23163] zswpin 0
[ 2858.230966][T23163] zswpout 0
[ 2858.230966][T23163] thp_fault_alloc 0
[ 2858.446324][T23174] __nla_validate_parse: 28 callbacks suppressed
[ 2858.446345][T23174] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2858.611379][T23176] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2858.612720][T23163] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23163,uid=0
[ 2858.633443][T23177] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
13:48:33 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0}) (async)
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000500)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)=@ipv6_getroute={0x3c, 0x1a, 0x10, 0x70bd2c, 0x25dfdbff, {0xa, 0x14, 0x10, 0x20, 0xfe, 0x3, 0xff, 0xb, 0x2000}, [@RTA_ENCAP={0x18, 0x16, 0x0, 0x1, @LWTUNNEL_IP6_DST={0x14, 0x2, @remote}}, @RTA_PREF={0x5}]}, 0x3c}}, 0x4)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000100)=<r6=>0x0)
sendmsg$AUDIT_SET(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x3c, 0x3e9, 0x800, 0x70bd2b, 0x25dfdbfb, {0x4, 0x0, 0x1, r6, 0x5, 0x2, 0x1, 0x7f, 0x0, 0x3, 0x5}, [""]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x80) (async)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r8, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:33 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xbe)

[ 2858.674407][T23163] Memory cgroup out of memory: Killed process 23163 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 2858.702809][T23178] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2858.800767][T23179] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2858.833855][T23185] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
13:48:33 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'lo\x00', <r4=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000500)=@getlink={0xfc, 0x12, 0x20, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, 0x10000, 0x1000}, [@IFLA_IFALIAS={0x14, 0x14, 'gretap0\x00'}, @IFLA_PROMISCUITY={0x8, 0x1e, 0x43}, @IFLA_PROP_LIST={0xb8, 0x34, 0x0, 0x1, [{0x14, 0x35, 'bridge0\x00'}, {0x14}, {0x14, 0x35, 'veth1_vlan\x00'}, {0x14, 0x35, 'erspan0\x00'}, {0x14, 0x35, 'syzkaller1\x00'}, {0x14, 0x35, 'sit0\x00'}, {0x14, 0x35, 'geneve0\x00'}, {0x14, 0x35, 'veth1_virt_wifi\x00'}, {0x14, 0x35, 'wg2\x00'}]}, @IFLA_EVENT={0x8, 0x2c, 0x2}]}, 0xfc}, 0x1, 0x0, 0x0, 0x10}, 0x408c800)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
socket(0x10, 0x803, 0x0) (async)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'lo\x00'}) (async)
sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000500)=@getlink={0xfc, 0x12, 0x20, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, 0x10000, 0x1000}, [@IFLA_IFALIAS={0x14, 0x14, 'gretap0\x00'}, @IFLA_PROMISCUITY={0x8, 0x1e, 0x43}, @IFLA_PROP_LIST={0xb8, 0x34, 0x0, 0x1, [{0x14, 0x35, 'bridge0\x00'}, {0x14}, {0x14, 0x35, 'veth1_vlan\x00'}, {0x14, 0x35, 'erspan0\x00'}, {0x14, 0x35, 'syzkaller1\x00'}, {0x14, 0x35, 'sit0\x00'}, {0x14, 0x35, 'geneve0\x00'}, {0x14, 0x35, 'veth1_virt_wifi\x00'}, {0x14, 0x35, 'wg2\x00'}]}, @IFLA_EVENT={0x8, 0x2c, 0x2}]}, 0xfc}, 0x1, 0x0, 0x0, 0x10}, 0x408c800) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)

[ 2858.856631][T23189] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2858.908876][T23189] CPU: 1 PID: 23189 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2858.919421][T23189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2858.929481][T23189] Call Trace:
[ 2858.932758][T23189]  <TASK>
[ 2858.935691][T23189]  dump_stack_lvl+0x136/0x150
[ 2858.940385][T23189]  dump_header+0x10a/0xd70
[ 2858.944814][T23189]  oom_kill_process+0x25d/0x600
[ 2858.949675][T23189]  out_of_memory+0x35c/0x1660
[ 2858.954368][T23189]  ? find_held_lock+0x2d/0x110
[ 2858.959150][T23189]  ? oom_killer_disable+0x2b0/0x2b0
[ 2858.964353][T23189]  ? rcu_read_unlock+0x9/0x60
[ 2858.969043][T23189]  ? find_held_lock+0x2d/0x110
[ 2858.973818][T23189]  mem_cgroup_out_of_memory+0x206/0x270
[ 2858.979383][T23189]  ? mem_cgroup_margin+0x130/0x130
[ 2858.984505][T23189]  ? lock_downgrade+0x690/0x690
[ 2858.989386][T23189]  try_charge_memcg+0xf99/0x13a0
[ 2858.994349][T23189]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2859.000359][T23189]  ? rcu_read_unlock+0x9/0x60
[ 2859.005049][T23189]  ? lock_downgrade+0x690/0x690
[ 2859.009987][T23189]  charge_memcg+0x90/0x3b0
[ 2859.014448][T23189]  __mem_cgroup_charge+0x2b/0x90
[ 2859.019409][T23189]  ? copy_mc_to_kernel+0x3e/0x90
[ 2859.024393][T23189]  do_wp_page+0x8ea/0x33c0
[ 2859.028859][T23189]  ? lock_sync+0x190/0x190
[ 2859.033305][T23189]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2859.038689][T23189]  ? do_raw_spin_lock+0x124/0x2b0
[ 2859.043909][T23189]  ? spin_bug+0x1c0/0x1c0
[ 2859.048292][T23189]  __handle_mm_fault+0x1635/0x41c0
[ 2859.053494][T23189]  ? vm_iomap_memory+0x190/0x190
[ 2859.058460][T23189]  ? mas_walk+0x58f/0x730
[ 2859.062828][T23189]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2859.067959][T23189]  handle_mm_fault+0x2af/0x9f0
[ 2859.072742][T23189]  do_user_addr_fault+0x2ca/0x1210
[ 2859.077873][T23189]  ? rcu_is_watching+0x12/0xb0
[ 2859.082664][T23189]  exc_page_fault+0x98/0x170
[ 2859.087267][T23189]  asm_exc_page_fault+0x26/0x30
[ 2859.092138][T23189] RIP: 0033:0x7f4036836f7e
[ 2859.096825][T23189] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2859.116528][T23189] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2859.122635][T23189] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000001
[ 2859.130616][T23189] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2859.138701][T23189] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2859.146694][T23189] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2859.154763][T23189] R13: 00007f4036400080 R14: 00007f40369abf80 R15: 0000000000000000
[ 2859.162760][T23189]  </TASK>
[ 2859.196314][T23189] memory: usage 307200kB, limit 307200kB, failcnt 17442
[ 2859.203964][T23189] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2859.221491][T23189] Memory cgroup stats for /syz4:
[ 2859.221734][T23189] anon 114688
[ 2859.221734][T23189] file 8380416
[ 2859.221734][T23189] kernel 306077696
[ 2859.221734][T23189] kernel_stack 65536
[ 2859.221734][T23189] pagetables 77824
[ 2859.221734][T23189] sec_pagetables 0
[ 2859.221734][T23189] percpu 5477376
[ 2859.221734][T23189] sock 0
[ 2859.221734][T23189] vmalloc 0
[ 2859.221734][T23189] shmem 8380416
[ 2859.221734][T23189] zswap 0
[ 2859.221734][T23189] zswapped 0
[ 2859.221734][T23189] file_mapped 405504
[ 2859.221734][T23189] file_dirty 0
[ 2859.221734][T23189] file_writeback 0
[ 2859.221734][T23189] swapcached 0
[ 2859.221734][T23189] anon_thp 0
[ 2859.221734][T23189] file_thp 0
[ 2859.221734][T23189] shmem_thp 0
[ 2859.221734][T23189] inactive_anon 4096
[ 2859.221734][T23189] active_anon 8491008
[ 2859.221734][T23189] inactive_file 0
[ 2859.221734][T23189] active_file 0
[ 2859.221734][T23189] unevictable 0
[ 2859.221734][T23189] slab_reclaimable 38216
[ 2859.221734][T23189] slab_unreclaimable 300379744
[ 2859.221734][T23189] slab 300417960
[ 2859.221734][T23189] workingset_refault_anon 0
[ 2859.221734][T23189] workingset_refault_file 0
[ 2859.221734][T23189] workingset_activate_anon 0
[ 2859.221734][T23189] workingset_activate_file 0
[ 2859.221734][T23189] workingset_restore_anon 0
[ 2859.221734][T23189] workingset_restore_file 0
[ 2859.221734][T23189] workingset_nodereclaim 0
[ 2859.221734][T23189] pgscan 0
[ 2859.221734][T23189] pgsteal 0
[ 2859.221734][T23189] pgscan_kswapd 0
[ 2859.221734][T23189] pgscan_direct 0
[ 2859.221734][T23189] pgscan_khugepaged 0
[ 2859.221734][T23189] pgsteal_kswapd 0
[ 2859.221734][T23189] pgsteal_direct 0
[ 2859.221734][T23189] pgsteal_khugepaged 0
[ 2859.221734][T23189] pgfault 386560
[ 2859.221734][T23189] pgmajfault 0
[ 2859.221734][T23189] pgrefill 0
[ 2859.221734][T23189] pgactivate 0
[ 2859.221734][T23189] pgdeactivate 0
[ 2859.221734][T23189] pglazyfree 0
[ 2859.221734][T23189] pglazyfreed 0
[ 2859.221734][T23189] zswpin 0
[ 2859.221734][T23189] zswpout 0
[ 2859.221734][T23189] thp_fault_alloc 0
13:48:33 executing program 4:
ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, &(0x7f00000001c0)=@req={0x28, &(0x7f0000000100)={'veth0_vlan\x00', @ifru_hwaddr=@multicast}})
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r5=>0x0})
r6 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r5}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_VID_CMD(r6, 0x8983, &(0x7f0000000080))
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:33 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2859.420559][T23189] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23189,uid=0
[ 2859.436614][T23188] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2859.436836][T23189] Memory cgroup out of memory: Killed process 23189 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 2859.571175][T23180] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2859.581201][T23197] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2859.593631][T23197] CPU: 0 PID: 23197 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2859.595137][T23183] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2859.604066][T23197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2859.604084][T23197] Call Trace:
[ 2859.604093][T23197]  <TASK>
[ 2859.604102][T23197]  dump_stack_lvl+0x136/0x150
[ 2859.604133][T23197]  dump_header+0x10a/0xd70
[ 2859.604159][T23197]  oom_kill_process+0x25d/0x600
[ 2859.604185][T23197]  out_of_memory+0x35c/0x1660
[ 2859.604211][T23197]  ? find_held_lock+0x2d/0x110
[ 2859.604240][T23197]  ? oom_killer_disable+0x2b0/0x2b0
[ 2859.604265][T23197]  ? rcu_read_unlock+0x9/0x60
[ 2859.604293][T23197]  ? find_held_lock+0x2d/0x110
[ 2859.604324][T23197]  mem_cgroup_out_of_memory+0x206/0x270
[ 2859.673452][T23197]  ? mem_cgroup_margin+0x130/0x130
[ 2859.678613][T23197]  ? lock_downgrade+0x690/0x690
[ 2859.683523][T23197]  try_charge_memcg+0xf99/0x13a0
[ 2859.688518][T23197]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2859.694716][T23197]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2859.700489][T23197]  ? lock_downgrade+0x690/0x690
[ 2859.705470][T23197]  ? lock_downgrade+0x690/0x690
[ 2859.706575][T23182] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2859.710342][T23197]  __memcg_kmem_charge_page+0x16e/0x3c0
[ 2859.710391][T23197]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2859.710430][T23197]  copy_process+0x4f9/0x75c0
[ 2859.710467][T23197]  ? __lock_acquire+0xc17/0x5f30
[ 2859.710511][T23197]  ? pidfd_prepare+0x80/0x80
[ 2859.710551][T23197]  ? psi_memstall_leave+0x174/0x250
[ 2859.710574][T23197]  ? lock_downgrade+0x690/0x690
[ 2859.710612][T23197]  kernel_clone+0xeb/0x890
[ 2859.760907][T23197]  ? create_io_thread+0xe0/0xe0
[ 2859.765804][T23197]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2859.772194][T23197]  ? lock_downgrade+0x690/0x690
[ 2859.777275][T23197]  __do_sys_clone+0xba/0x100
[ 2859.782911][T23197]  ? kernel_clone+0x890/0x890
[ 2859.787651][T23197]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2859.793951][T23197]  do_syscall_64+0x39/0xb0
[ 2859.798430][T23197]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2859.804373][T23197] RIP: 0033:0x7f403688d591
[ 2859.808829][T23197] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2859.829059][T23197] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2859.837521][T23197] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2859.845614][T23197] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2859.853622][T23197] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2859.861632][T23197] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
13:48:34 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xbf)

13:48:34 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6501000000000000)

13:48:34 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x70)

[ 2859.869644][T23197] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2859.877666][T23197]  </TASK>
[ 2859.971868][T23197] memory: usage 307200kB, limit 307200kB, failcnt 17516
[ 2859.985867][T23197] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
13:48:34 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'lo\x00', <r4=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000500)=@getlink={0xfc, 0x12, 0x20, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, 0x10000, 0x1000}, [@IFLA_IFALIAS={0x14, 0x14, 'gretap0\x00'}, @IFLA_PROMISCUITY={0x8, 0x1e, 0x43}, @IFLA_PROP_LIST={0xb8, 0x34, 0x0, 0x1, [{0x14, 0x35, 'bridge0\x00'}, {0x14}, {0x14, 0x35, 'veth1_vlan\x00'}, {0x14, 0x35, 'erspan0\x00'}, {0x14, 0x35, 'syzkaller1\x00'}, {0x14, 0x35, 'sit0\x00'}, {0x14, 0x35, 'geneve0\x00'}, {0x14, 0x35, 'veth1_virt_wifi\x00'}, {0x14, 0x35, 'wg2\x00'}]}, @IFLA_EVENT={0x8, 0x2c, 0x2}]}, 0xfc}, 0x1, 0x0, 0x0, 0x10}, 0x408c800)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
socket(0x10, 0x803, 0x0) (async)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'lo\x00'}) (async)
sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000500)=@getlink={0xfc, 0x12, 0x20, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, 0x10000, 0x1000}, [@IFLA_IFALIAS={0x14, 0x14, 'gretap0\x00'}, @IFLA_PROMISCUITY={0x8, 0x1e, 0x43}, @IFLA_PROP_LIST={0xb8, 0x34, 0x0, 0x1, [{0x14, 0x35, 'bridge0\x00'}, {0x14}, {0x14, 0x35, 'veth1_vlan\x00'}, {0x14, 0x35, 'erspan0\x00'}, {0x14, 0x35, 'syzkaller1\x00'}, {0x14, 0x35, 'sit0\x00'}, {0x14, 0x35, 'geneve0\x00'}, {0x14, 0x35, 'veth1_virt_wifi\x00'}, {0x14, 0x35, 'wg2\x00'}]}, @IFLA_EVENT={0x8, 0x2c, 0x2}]}, 0xfc}, 0x1, 0x0, 0x0, 0x10}, 0x408c800) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)

[ 2860.012089][T23197] Memory cgroup stats for /syz4:
[ 2860.012322][T23197] anon 118784
[ 2860.012322][T23197] file 8380416
[ 2860.012322][T23197] kernel 306073600
[ 2860.012322][T23197] kernel_stack 32768
[ 2860.012322][T23197] pagetables 86016
[ 2860.012322][T23197] sec_pagetables 0
[ 2860.012322][T23197] percpu 5477376
[ 2860.012322][T23197] sock 0
[ 2860.012322][T23197] vmalloc 0
[ 2860.012322][T23197] shmem 8380416
[ 2860.012322][T23197] zswap 0
[ 2860.012322][T23197] zswapped 0
[ 2860.012322][T23197] file_mapped 405504
[ 2860.012322][T23197] file_dirty 0
[ 2860.012322][T23197] file_writeback 0
[ 2860.012322][T23197] swapcached 0
[ 2860.012322][T23197] anon_thp 0
[ 2860.012322][T23197] file_thp 0
[ 2860.012322][T23197] shmem_thp 0
[ 2860.012322][T23197] inactive_anon 4096
[ 2860.012322][T23197] active_anon 8495104
[ 2860.012322][T23197] inactive_file 0
[ 2860.012322][T23197] active_file 0
[ 2860.012322][T23197] unevictable 0
[ 2860.012322][T23197] slab_reclaimable 38216
[ 2860.012322][T23197] slab_unreclaimable 300379680
[ 2860.012322][T23197] slab 300417896
[ 2860.012322][T23197] workingset_refault_anon 0
[ 2860.012322][T23197] workingset_refault_file 0
[ 2860.012322][T23197] workingset_activate_anon 0
[ 2860.012322][T23197] workingset_activate_file 0
[ 2860.012322][T23197] workingset_restore_anon 0
[ 2860.012322][T23197] workingset_restore_file 0
[ 2860.012322][T23197] workingset_nodereclaim 0
[ 2860.012322][T23197] pgscan 0
[ 2860.012322][T23197] pgsteal 0
[ 2860.012322][T23197] pgscan_kswapd 0
[ 2860.012322][T23197] pgscan_direct 0
[ 2860.012322][T23197] pgscan_khugepaged 0
[ 2860.012322][T23197] pgsteal_kswapd 0
[ 2860.012322][T23197] pgsteal_direct 0
[ 2860.012322][T23197] pgsteal_khugepaged 0
[ 2860.012322][T23197] pgfault 386600
[ 2860.012322][T23197] pgmajfault 0
[ 2860.012322][T23197] pgrefill 0
[ 2860.012322][T23197] pgactivate 0
[ 2860.012322][T23197] pgdeactivate 0
[ 2860.012322][T23197] pglazyfree 0
[ 2860.012322][T23197] pglazyfreed 0
[ 2860.012322][T23197] zswpin 0
[ 2860.012322][T23197] zswpout 0
[ 2860.012322][T23197] thp_fault_alloc 0
13:48:34 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2860.501684][T23197] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23197,uid=0
[ 2860.563955][T23197] Memory cgroup out of memory: Killed process 23197 (syz-executor.4) total-vm:54548kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:92kB oom_score_adj:1000
13:48:35 executing program 4:
ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, &(0x7f00000001c0)=@req={0x28, &(0x7f0000000100)={'veth0_vlan\x00', @ifru_hwaddr=@multicast}})
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r5=>0x0})
r6 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r5}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_VID_CMD(r6, 0x8983, &(0x7f0000000080)) (async)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2860.871322][T23223] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2860.903308][T23223] CPU: 0 PID: 23223 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2860.913797][T23223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2860.923887][T23223] Call Trace:
[ 2860.927281][T23223]  <TASK>
[ 2860.930232][T23223]  dump_stack_lvl+0x136/0x150
[ 2860.934967][T23223]  dump_header+0x10a/0xd70
[ 2860.939428][T23223]  oom_kill_process+0x25d/0x600
[ 2860.944334][T23223]  out_of_memory+0x35c/0x1660
[ 2860.949054][T23223]  ? find_held_lock+0x2d/0x110
[ 2860.953970][T23223]  ? oom_killer_disable+0x2b0/0x2b0
[ 2860.959215][T23223]  ? rcu_read_unlock+0x9/0x60
[ 2860.963925][T23223]  ? find_held_lock+0x2d/0x110
[ 2860.968801][T23223]  mem_cgroup_out_of_memory+0x206/0x270
[ 2860.974451][T23223]  ? mem_cgroup_margin+0x130/0x130
[ 2860.979578][T23223]  ? lock_downgrade+0x690/0x690
[ 2860.984464][T23223]  try_charge_memcg+0xf99/0x13a0
[ 2860.989433][T23223]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2860.995782][T23223]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2861.001519][T23223]  ? lock_downgrade+0x690/0x690
[ 2861.006391][T23223]  ? lock_downgrade+0x690/0x690
[ 2861.011269][T23223]  __memcg_kmem_charge_page+0x16e/0x3c0
[ 2861.016849][T23223]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2861.023023][T23223]  copy_process+0x4f9/0x75c0
[ 2861.027648][T23223]  ? __lock_acquire+0xc17/0x5f30
[ 2861.032618][T23223]  ? pidfd_prepare+0x80/0x80
[ 2861.037250][T23223]  ? psi_memstall_leave+0x174/0x250
[ 2861.042483][T23223]  ? lock_downgrade+0x690/0x690
[ 2861.047384][T23223]  kernel_clone+0xeb/0x890
[ 2861.051867][T23223]  ? create_io_thread+0xe0/0xe0
[ 2861.056766][T23223]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2861.063082][T23223]  ? lock_downgrade+0x690/0x690
[ 2861.068062][T23223]  __do_sys_clone+0xba/0x100
[ 2861.072768][T23223]  ? kernel_clone+0x890/0x890
[ 2861.077476][T23223]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2861.083391][T23223]  do_syscall_64+0x39/0xb0
[ 2861.087932][T23223]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2861.093879][T23223] RIP: 0033:0x7f403688d591
[ 2861.098311][T23223] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2861.117934][T23223] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2861.126446][T23223] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2861.134512][T23223] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2861.142496][T23223] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2861.150473][T23223] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2861.158547][T23223] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2861.166630][T23223]  </TASK>
[ 2861.180935][T23223] memory: usage 307200kB, limit 307200kB, failcnt 17605
[ 2861.207498][T23223] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2861.217945][T23223] Memory cgroup stats for /syz4:
[ 2861.218166][T23223] anon 118784
[ 2861.218166][T23223] file 8380416
[ 2861.218166][T23223] kernel 306073600
[ 2861.218166][T23223] kernel_stack 32768
[ 2861.218166][T23223] pagetables 86016
[ 2861.218166][T23223] sec_pagetables 0
[ 2861.218166][T23223] percpu 5477376
[ 2861.218166][T23223] sock 0
[ 2861.218166][T23223] vmalloc 0
[ 2861.218166][T23223] shmem 8380416
[ 2861.218166][T23223] zswap 0
[ 2861.218166][T23223] zswapped 0
[ 2861.218166][T23223] file_mapped 405504
[ 2861.218166][T23223] file_dirty 0
[ 2861.218166][T23223] file_writeback 0
[ 2861.218166][T23223] swapcached 0
[ 2861.218166][T23223] anon_thp 0
[ 2861.218166][T23223] file_thp 0
[ 2861.218166][T23223] shmem_thp 0
[ 2861.218166][T23223] inactive_anon 4096
[ 2861.218166][T23223] active_anon 8495104
[ 2861.218166][T23223] inactive_file 0
[ 2861.218166][T23223] active_file 0
[ 2861.218166][T23223] unevictable 0
[ 2861.218166][T23223] slab_reclaimable 38216
[ 2861.218166][T23223] slab_unreclaimable 300379680
[ 2861.218166][T23223] slab 300417896
[ 2861.218166][T23223] workingset_refault_anon 0
[ 2861.218166][T23223] workingset_refault_file 0
[ 2861.218166][T23223] workingset_activate_anon 0
[ 2861.218166][T23223] workingset_activate_file 0
[ 2861.218166][T23223] workingset_restore_anon 0
[ 2861.218166][T23223] workingset_restore_file 0
[ 2861.218166][T23223] workingset_nodereclaim 0
[ 2861.218166][T23223] pgscan 0
[ 2861.218166][T23223] pgsteal 0
[ 2861.218166][T23223] pgscan_kswapd 0
[ 2861.218166][T23223] pgscan_direct 0
[ 2861.218166][T23223] pgscan_khugepaged 0
[ 2861.218166][T23223] pgsteal_kswapd 0
[ 2861.218166][T23223] pgsteal_direct 0
[ 2861.218166][T23223] pgsteal_khugepaged 0
[ 2861.218166][T23223] pgfault 386639
[ 2861.218166][T23223] pgmajfault 0
[ 2861.218166][T23223] pgrefill 0
[ 2861.218166][T23223] pgactivate 0
[ 2861.218166][T23223] pgdeactivate 0
[ 2861.218166][T23223] pglazyfree 0
[ 2861.218166][T23223] pglazyfreed 0
[ 2861.218166][T23223] zswpin 0
[ 2861.218166][T23223] zswpout 0
[ 2861.218166][T23223] thp_fault_alloc 0
13:48:35 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xc0)

13:48:35 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
sendmsg$netlink(r0, &(0x7f00000001c0)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfd, 0x8}, 0xc, &(0x7f0000000100)=[{&(0x7f00000006c0)={0x224, 0x3f, 0x8, 0x70bd28, 0x25dfdbfb, "", [@generic="c445f0b9f0ead55e9e5d04b4f344ebf2bd3df9568b9e568852dcc22e3cf694577390e829e6eb6b46de6c91e5befea240042e92e3897d10545db5891efd3a56a74c46698d1ceb13e4d2c195904b29450ab267496fcf04882a47c8fe533a66d5b2ee988a671f142509e4baac89686a2ac662ab35a42a558216fa9236249b788b82bb4da28488e669c8154466f6977afa", @nested={0xdb, 0x39, 0x0, 0x1, [@generic="82e3378cdffdb9a6de312b3337588fccc4425372452258ee19ddf65eac3e95d6443af7c091d4f1990d64ab5fe97adfec744dd919142e1b5c52aec54af4d01bb745ee8534cb1e8cd624fa75a9ef2ab7512478df7d2b55", @typed={0x8, 0x63, 0x0, 0x0, @fd=r3}, @generic="8a6ec8d6ceb7f093141b3989156046c4cd5b6f14c615e30a7ced560ced0ff97647d9a363f828a5b6666be3e5ba0481f83add160a1f10579cb496011a04fef17919286c609ee5a20055c8b21c80253bdc7d607c192c14a628d81f1b23d05c309a44d7bb872a5e6907595e693c106bb256eb8ac5c0fd1d602a32"]}, @generic="b4c767c674908798ea9dbdce946948f9d01df338c6f4ff7994dce7dba84ed5f2491378118e9c42e3828647d87ca604fff6c9ca1f5b31a2c0803e0928c227b05e0a24a18e49f325510ca1cf2d02a65e77dd2afe088628f3bbe35dd0f9a93ed8ddef669b9ac3932711cf1912a3c1e48c7dd050c385b17e546a505a9e1afbb382fa5d5995f4e05e1fe496c1f01ae2469e56e0cba420a9d2f3ad129f46b5311d", @typed={0x5, 0x69, 0x0, 0x0, @str='\x00'}]}, 0x224}, {&(0x7f0000000900)={0x1330, 0x36, 0x200, 0x70bd29, 0x25dfdbff, "", [@typed={0x8, 0x85, 0x0, 0x0, @pid=0xffffffffffffffff}, @generic="58d0bf4fadf1ecf33586ffc5a09d220524245c6b085aa8be642347efad2bfd026a001b88dd97195e87490cd97c2fbf0124338a0b5550a61ef4370d624972fca066300dd2d60060892c78f62994cd0392c9c2f96415c76bf0d9523f439705882f9a596560a493d7299d3c21fe972c4a4f192817efbd7473d462796e05e6f17b079fa17f74da9df948c37129b416e56a926ab6f6ce85b8f629f82f07402bee5d6ad11b05ccff4f086e7454ee0ead18cb746b1f29a45938951765e5f8defeaed44c92", @generic="326e623dffd782269eda0adc01791d9b45d35cc59e484e3934fe09da9e7fd993cf94b8b3be8bd987e3cd950a091688cb2f9f0de1279cd88bdcad31f2e9869412", @nested={0x10b0, 0x83, 0x0, 0x1, [@typed={0x9e, 0x6c, 0x0, 0x0, @binary="47f9e1447f750d7a4185fe4cc913d2743d8d7968a4402a8b4108217b57b83c74993462853a85f3a49b1fa00ad68b611d02c29f1972eadfaaef16cc7bd636abf61c835989a9906e6b898bbc282b00bd7431a7004504952e21cb482db8ba8f928dec2a62a4dbd5c6fff2bedfa1c1028d7a43083daa733f23d92942fb9f1b1350c179a297996472c78ef6f92fac9a7954cd9072d0fd2efe0af60db9"}, @generic="77ca9524b3f8324ea7146891713545296697bec45cd509fdb65a7586c71a9e03680c7bd7b5718d3974cd6f288aecb558771ea92ac61f8af884bb58f2ea29ee6daeb366418636e079c1756828fb1f8c1fbaf027c6f2b85680cedbc4dc33a6b25518535fbd91c8f52c386304f3340c5ec13a19a2b09e29624d3d6eae1ec9a2c30a77875ff04fd30615ef5adedcb5df6bb64ff97374d779ef0fbf6ac31f041d7219f5cd0c80d151d2946c48e68cca832797ea510a584f492d9071adaf1994345b653395ca4734b2c02c24354948409727aceb74746e7d5705850017f26aad16523399373f4b0dbcb11f7990720972f113b14ba61a8dc2f840ca21c0bb2811af40c0be6ac40f40c5049225a81202d4801ae3321507b7234b257c9ec13d7f812eaab9fdc9102cc943c7850456fcf4faa1b8984b2b7da48bcb56f8cbdf8365f70fa5ab816f4db16bf10de76355d65ebfea78f6db2208554f344facee2d9492cd5458213620d520a4f0662bcd60e6fb1d66151492172ae1e42fa2ff0939dc228e79e0bb86d862f1ead3286b28dbed87b198367bbd3613387833a09b1ff97066a7e57e789777954cffb3272001a9f157311380945be2f89b26578b295ef3b59b56961e6e91cb968acd5cc36f166ffa782c66a898f3acfe6f885f3d013446b0a0017d0bc0e14dfaaef471fca1a5a121c9f50e3455f53850b236ed67a135460b483f1de82f34a52fc31d3164c955dee9e729ce237168beafc9a56fe7cfdb5260cd92660d070e94bae28ce94a173b7d62fe820ea9edc13b74836bec1cf0c700f517074b63313ae3c4e217535a4df1fa8c1ddf4cdd351d516d7caf75e71ba0ffc9b2e5caf4f0c17147bc4d8282f6c156bf05c7127dbeb8f4e432f5aeed1d8643e6ad16bb697d200eefe053716817cd7862660e43d257d93003281074cbac2680ced8b09f06e52f2477996f59ac621088216b8533043969bf3d87045634f6fbc68524fee36898e7ba9f8a641c83c38c63e7e9a8b5585888337b35b430aa00ddc48dc41bef701f20529d4d428e742d5c132266806c335bb954c2d228e380bb0c69c025e76827292201b822030882d3e91cd3d6cc66b5d2813ffe7e0d4bc2d57705f77d1b843356063306e47b659c0b04249ba164b913f87b8203383a926f4b2e2ee80f15d4414225008781401d0c9681390968081bfcafd7547087db571d7c0eac239dcd1f0d9b9fe161ad41b4080dc3b3029d32ffad2706c8286a0872fe20b7ffd6403472cb7b87c921ae75bc33f2738237e14fce53b5a89eb37aacaa6934f750de5a76b3ef53c727e16e1a1e5c2e02fdde8dc32995e1073879c7cdbe059a8fa51aefbfdd553b593fdfe2786b810256e2c1a38b13f8fbb0129c83ba061b8dfd688575638870de30ea256608dc9bd2dccb4c3e5d516b2d55338b1681e3299426cc79c94bffe5cbd24ea0c18650038265fdc1f23868fc830b1b9ddf798f32e0c79fb8296dead4479e17c9ccdad1bad844717e24e4c31d260304a28e43b967d151b5c59c1e707af4467630f7a9373314ed50f8dd1d4929377b76b3be6ea7be42dd8d824986f14a315407188eb93f20735af7934c6bf090755a4fab061d2883e360238094043f06bcbcc0abb553528a3a9e1afd584fdd608db7fb4d8c9b92adfbf369993f2db3ff8d986d80cacd07f75b2f836ebda654e90ca534a391e40139fd2ecbb0c358b71957524ff4c74950b4c7f04eaae2023d9b0e303d71d590658807453d90d75ef491190a9ff2eff5231ee9055fcf94b935df4a0e331336dad488c252aaa3fddd63369b51cdccfa6f2d453a1c4837fffd4f384e8b10d6a518ba46ff48eb22bfd5a101e43daba501fbfd52be44ae8860dec5435d7b1a4d7dfc85d1979dd236991454e33d79a052e51db8e6c3e4731b450952cc3449084859da2af33f7dad75e04645734c393498b7c6f07ba85fb0634faf3bc3cc70528526da7b1597785275afd19f4797a86033266cba348708fbc4e54e1738823ebff8e647c29eb9698729132c9120858d3e7c8ea9a7292e35fdd1a25a2962d7e209f45c21eb83060852213bddb4ef89ee07e2e545ec0ffcb13068e3c306de1f207bb9fd3a48716cc6c68fdf54ceb923d751ebe792c358fc8a7d1fe0a5b2a939b8bd1a9f995f57153ae4ba4548a889a771f0a22d5437038ac03138662673443ed4ca949ab975c8d5df3637f7dc528b918d6af24e1099bd9de2098eadd3ce9db1f7da2f6008178a5027c924ece84fa37347a08056599857ae62e91093eb8082397004b6d3c9464c0c905e3d6744ee1e9e83e9cacea9deac583d3e9fae4843c87e67d6131246f8d1424717d9d03a848362e4391e60f795535a09f7775973eec54a9c4aef77dfd38b853dce98e356c80b7ef96fb6a11d7bd78b096164475d56c89bfb41fceb3568ea06bbb8465793a55bb6defb98ae9c415edefe9c9f8d2c6d2949d8990d000ec9d06f2031c56c23c9c29adfcb310d4fc4831086c41edebdb55b701e25dd877a40be4b6523bc4c93a54042a73987e7a691ba8698a8a2619a31b52fdc1582862e8e35315670f5901e3fcb978dc992deea6d3cb8248a1939357860bbceff4082b499a103da72e1eca264e8a750e9ca2483260090aff65ddd21c899b2a75ad75b2ae25aaa5806e7eef7211cd4063dff26010f816955c85d3ab77d3da9af598fe289efddf4435ffe75504927062a0dd80e1099b716f0cf77b8957de1fe7c31b71be5c92df02c3f908bae572c3febef300c30c6976ff95814a23622fd558741c890cc10bb54397f42ab8dd0a302cf94f8c3dcb11049b61f07f5935771cc0964227229b1d8d731734b702c7305d1aa0cc079ba4251d96be41713835b4c0159d8b279cfee7eec97b0d74b70de3ae8af9bb3872ea36ff44937c61776f57d234c9c95a8d32997c2d9bae47f1589bba436befbc8723d8be662be54b896fd5feb1347c6cc275cda027fb4696e07ef9b380cbae7d2460c962b80fa52879e4c9ea0646a886383da3b3a756a3ca586ab6f0ba349872b922d6c1adb916d0d623c60f09f9bd8b89bc9e460a08cbf398d420eca14a1a8a07c478cbffed10dd144edfb1ee1596de0269be9dedf14bb600739f1299ffc8710b33d7790da3dd37b0b31909c43a1c3f9537cd328cd36bf599055c1803e5110726e7868f893d92d8aee564e0ad8e3a73ebcaef357618fef427916b9550628c419077d0ce1cea8cdbe5ff2bda21c9a83a04d45c88ea704c86ddc8fda45700f7acff4a67a874efbf734a238793629ac87e9f019a92bac8f8e59bcd1ac5b1ee44a31e93208955e784710ed3ed3933e43be0a9143adab18282b778159973eb744541690aa6c60c69e922723625fba5eea4161120558fb4e3d46e62cdf8e45daec522ef53e61d4e317cbd6d73cda4b2026cfb6bac85fc38bd0218c4d2dd4eeb9317ac326d78109ebb9c6f5b2eefdddca54245c391d4a6732e0beaf362d954b08ab7df006262c99d53df2dd28a0ec98837658b2f20ee7d096c12ccb9d280597da43c7c408d4e528f02a7176d6cdfe70d9cd349a614c6cac57914f7dd4165c7817b1f1b7d773c4e427d84785c05b153687bd43aae3346e39215f347c168b31a8914da6b367e5b5c2e6bca6fe8fd9e4618739a046e0affbb30690a78504453a49ca226f649a0062604ab48522b12e9db5c0415773e3c2093909aae97383f2107e9fffbd794ce31c188f2f3baed3cd5af11769bd23040f9603109de902055d4b0f561172700481f9a2331554bddbaa02dae16f9426588d013a8ec896e06092e0100a1cef42f445aec281df89b889ac19e7357ffda11f00d901bd5427cde44e260a98b1276a69cf48cb6285675dfbd4cdfab6910f01cb4261a10312e3788998ab90e10ba2ebdf5f29c36104cf8f07fe18a433b2fb628ded3586b5b064feb9e4981312826db0e2ee0c6b7d6463936bcf353ed285911752c152a4f9e3384fbfb284b4330ecdf7e85ac54877f5db40ada628754a5446f9303a0d83f8a6153753505923b297ab0fbe49a78e8c341b95db5350132c71602b128e58c3f03af6ff396b84a3dd855a5ff0efa3d8e1d769496541952c1823a00abe1571c41c589c183ead13cb019139b2ca7e96e5ff08d28c3b7f9475bbddfb6289aeada531c16f118e880521bf2ba07e58602360b2d6d8831f34261f54c9268185a1f0c6eaac560a1220ebd02b89958e4b8b60a09f507c4a30440885f4da123a6fc2cb9709a96b943c8a19a7e609c004402c1744b8cee9bab463e4ccb6b1c25cb33f22b49483901cbddbecd1d5ad75213a0ff6203f7ba517ecb6c1626736dea7cd2c563e4b3c1499c0011b3de95075983e7e5a28e1ebc161efab4b082a8bc0c005d02b5b0aa3c07868b33d03b812194fce1663fdae691deb0452c133f1e6320d5b2bf5ff1fdbb2efab38cc67c41e29389fd772809c37c0b75a4ea20b61212f3e935e29c53716547fd497ea2679bed607ef74d75880c2572cf1230e9a04a2d71a61c6329d75a68ed6d176c85f972b419563ec0ef759b6e420402c3dc562169e8340629a2c0a9c495c762fb2c61e11427364a2ba80f5265b29d86c12023ae9ad9a9de28f713d895281a87b535e96674a17bb6964feac5d66473e3e64fb177b3018924167a60d4eaf4a4d9574eee8a5f3b7a16102a4931d3b19c9d6c32151d34e94211310b37567488a6513c059138fa0487716f8b8c4b2990f6d8efbd2cff85141db9f1f5d3ac4644af99a3b2c13cc76a01f2f948c60d932c876805771b5b375a73c039c18ad1368d6d09d66d3b55f9714fc68967364826f1ebee1769eed56367bfaf17b6c63d5877f69de02d51a2e19189858a7a0ba12560125fd0c347bc0b80741fcf7d0fe95f9ab7c4b47c132afb195630954bed2903c692a218af5d1f8575423bcb0fe3250b51d8cc4d01b4abd758f73e43a7c0473e5af9e0b5bcaeabe1c0189d567d7d8923e9ad7eb371393739b781833c78e7a10158e003cf00f3c91c9d4c5690e96c01b6ff5cf44602426b8f98879b5a2197ce5d2ce7e74b4c8b70f2679589228ec50ea284d3ab4a6efabe6619a2082b3b003f1b178ce6e98b53426c9100a43ad01613047d6998736e1db8ffd926ef2e4d82c247f19aedd67f2ded62829e042e3280ff0f6efa363522d1e2bd4afb63323db93532a548d92ffce099407644153a6e2af781c2f1fd91f60ee63ee74fa54195c582536762bb4e72d61dbef1fe8c3b4b1437b8bbeb46300c5479510871da5faa53a1c81fefd3e7f39a764bd0dc05809749a8480e8a2f6894e13fa31f62b963c4d36f2070f6b2ecf323d7afb09ee9caa729258f2ba468832d589c0c50b76602de8992fbe30bee5863cb66a8dfd3e4ad13d3508e7e604c99c883a7e272dc1d460674ca53caf220d0ac23ac53b3aea14e1acb5c64248fd303bd3dafa838b1c13121d13ac1401ba4db6e0d85980fe7daff4f13956725af322cc2f1d7e3d85796f425a5fc8778515fe834d5d0ca88fd4d599f127dc6ecdae22cc5098d28dca8be2e677464b0abfc66785a3006dc0f6c3c7e69842dbdd8f674eec135daadc7f7a390b6b95498889be1aacee5840a4ca141ab25421bc6f301167e1fbf9d87c0e4e7c50158b7643023e0cd4b678bc3c4c8ab9bda8b8a2f3519b631134983e79b97557cc6df609a33ec9189576a449762be8a602a022bd7171ee6e04ea6056939462953c6484e85a18b753bdae9642c707086d302c7d93da3b7b05a6b8eb6700f1079209a3cd717211088fbe6d8091d24be971d292b802c2c873f32955", @typed={0xc, 0x92, 0x0, 0x0, @u64=0x400000000000}]}, @typed={0x14, 0x70, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @loopback}}, @nested={0x14d, 0x91, 0x0, 0x1, [@generic="c1e75303ee87050375", @generic="ca7522aa055694224476ee16d7f9aaed4163eb845fbf4ce65cb3cf37616f9945736c5630896108e0787778ea8af454acfd0004203926bae6c2283b6d9bdc202111f4fc877e56d3", @generic="f2df79a1d61d0e7859c0d122025c5131a560058166e6659039f3e14d6bf280ae9550fbe3f680e39b311ac8a0a3bb0c1c397ce61239c218e87884d993be707f02035bc559339d25d69b65c54f767b58174780df10a70f7cb7180443a6c9e5ad03136a48ff92d879fa3e4e1ca974c14a1006a3284e59140892ddd267b288fde226bf0885bf122ef7432567d07bb8434cc997223e1355bd69862e84e55702726c8e6c841b6f8105d1732e17b5e27110e403817377e935ea3d336d6c87e91415d74eef51a8b27edf55d4385c7041917f362622a4dc1942a81e7c36c67ee24a68f96fd1e3e4767153922a4d2e890a5f85906d68b141fd4f48cfca2f"]}]}, 0x1330}], 0x2, 0x0, 0x0, 0x4041}, 0x40800)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="2c00000024000b0f00000000000000000000020047d82cd9725ececfae8fc4a51f1ef51887cfc66e9cf7ddc4d7d1c47e5dd28b325625173489440407d1943e415ec4f8a82cd3f72212e51b516d91c17ff2549e6aabcc0d3c512e3c8b2fd78d9662e918167efdadcc8c222d9e08821bdddd70a4e5c6e1c6f730019cfb2d020000001bd8892d1c0b982b0c1026ad5f0bdf9dbaea18f5aafc0a772b1a7eb5d479a3eda74fe4eafb3e79fca0edfe5934fe86a9e1a8536a7af2d27f2ab80cc5f1b0a4c60c434052fa960119a1c8bd7befaacedc6a002670e62d01d3f108f27a9abb5b08f869f35a2cab423f47b028492a1ed66cc21365d5b0e82c5e28b1de4449410f700a5c4456b599a41abd9b6982bca53251d1cc8186705fd2efe7b57f8ce247308622abe690aeecda4c552898901acb7d11cf", @ANYRES32=r2, @ANYBLOB="00000000ffffffff000000000800010071667100"], 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:35 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2861.527417][T23223] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23223,uid=0
13:48:35 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6558000000000000)

[ 2861.565800][T23223] Memory cgroup out of memory: Killed process 23223 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:92kB oom_score_adj:1000
13:48:35 executing program 4:
ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, &(0x7f00000001c0)=@req={0x28, &(0x7f0000000100)={'veth0_vlan\x00', @ifru_hwaddr=@multicast}}) (async, rerun: 64)
r0 = socket$netlink(0x10, 0x3, 0x0) (async, rerun: 64)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r5=>0x0}) (async, rerun: 32)
r6 = socket(0x10, 0x80002, 0x0) (rerun: 32)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r5}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_VID_CMD(r6, 0x8983, &(0x7f0000000080)) (async)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:35 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x70)

[ 2861.735937][T23235] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2861.756977][T23235] CPU: 1 PID: 23235 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2861.767471][T23235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2861.777559][T23235] Call Trace:
[ 2861.780867][T23235]  <TASK>
[ 2861.783825][T23235]  dump_stack_lvl+0x136/0x150
[ 2861.788541][T23235]  dump_header+0x10a/0xd70
[ 2861.793002][T23235]  oom_kill_process+0x25d/0x600
[ 2861.797895][T23235]  out_of_memory+0x35c/0x1660
[ 2861.802616][T23235]  ? find_held_lock+0x2d/0x110
[ 2861.807417][T23235]  ? oom_killer_disable+0x2b0/0x2b0
[ 2861.812648][T23235]  ? rcu_read_unlock+0x9/0x60
[ 2861.817366][T23235]  ? find_held_lock+0x2d/0x110
[ 2861.822347][T23235]  mem_cgroup_out_of_memory+0x206/0x270
[ 2861.827941][T23235]  ? mem_cgroup_margin+0x130/0x130
[ 2861.833186][T23235]  ? lock_downgrade+0x690/0x690
[ 2861.838112][T23235]  try_charge_memcg+0xf99/0x13a0
[ 2861.843110][T23235]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2861.849155][T23235]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2861.855019][T23235]  ? lock_downgrade+0x690/0x690
[ 2861.859954][T23235]  ? lock_downgrade+0x690/0x690
[ 2861.864852][T23235]  __memcg_kmem_charge_page+0x16e/0x3c0
[ 2861.870451][T23235]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2861.876657][T23235]  copy_process+0x1442/0x75c0
[ 2861.881378][T23235]  ? __lock_acquire+0xc17/0x5f30
[ 2861.886371][T23235]  ? pidfd_prepare+0x80/0x80
[ 2861.891010][T23235]  ? psi_memstall_leave+0x174/0x250
[ 2861.896253][T23235]  ? lock_downgrade+0x690/0x690
[ 2861.901154][T23235]  kernel_clone+0xeb/0x890
[ 2861.905612][T23235]  ? create_io_thread+0xe0/0xe0
[ 2861.910508][T23235]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2861.916976][T23235]  ? lock_downgrade+0x690/0x690
[ 2861.922053][T23235]  __do_sys_clone+0xba/0x100
[ 2861.926864][T23235]  ? kernel_clone+0x890/0x890
[ 2861.931605][T23235]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2861.937551][T23235]  do_syscall_64+0x39/0xb0
[ 2861.942019][T23235]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2861.947976][T23235] RIP: 0033:0x7f403688d591
[ 2861.952435][T23235] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2861.972090][T23235] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2861.980559][T23235] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2861.988653][T23235] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2861.996657][T23235] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2862.004747][T23235] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2862.012757][T23235] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2862.020786][T23235]  </TASK>
[ 2862.032402][T23235] memory: usage 307200kB, limit 307200kB, failcnt 17680
[ 2862.040860][T23235] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2862.048383][T23235] Memory cgroup stats for /syz4:
[ 2862.048597][T23235] anon 118784
[ 2862.048597][T23235] file 8380416
[ 2862.048597][T23235] kernel 306073600
[ 2862.048597][T23235] kernel_stack 32768
[ 2862.048597][T23235] pagetables 86016
[ 2862.048597][T23235] sec_pagetables 0
[ 2862.048597][T23235] percpu 5477376
[ 2862.048597][T23235] sock 0
[ 2862.048597][T23235] vmalloc 0
[ 2862.048597][T23235] shmem 8380416
[ 2862.048597][T23235] zswap 0
[ 2862.048597][T23235] zswapped 0
[ 2862.048597][T23235] file_mapped 405504
[ 2862.048597][T23235] file_dirty 0
[ 2862.048597][T23235] file_writeback 0
[ 2862.048597][T23235] swapcached 0
[ 2862.048597][T23235] anon_thp 0
[ 2862.048597][T23235] file_thp 0
[ 2862.048597][T23235] shmem_thp 0
[ 2862.048597][T23235] inactive_anon 4096
[ 2862.048597][T23235] active_anon 8495104
[ 2862.048597][T23235] inactive_file 0
[ 2862.048597][T23235] active_file 0
[ 2862.048597][T23235] unevictable 0
[ 2862.048597][T23235] slab_reclaimable 38216
[ 2862.048597][T23235] slab_unreclaimable 300379680
[ 2862.048597][T23235] slab 300417896
[ 2862.048597][T23235] workingset_refault_anon 0
[ 2862.048597][T23235] workingset_refault_file 0
[ 2862.048597][T23235] workingset_activate_anon 0
[ 2862.048597][T23235] workingset_activate_file 0
[ 2862.048597][T23235] workingset_restore_anon 0
[ 2862.048597][T23235] workingset_restore_file 0
[ 2862.048597][T23235] workingset_nodereclaim 0
[ 2862.048597][T23235] pgscan 0
[ 2862.048597][T23235] pgsteal 0
[ 2862.048597][T23235] pgscan_kswapd 0
[ 2862.048597][T23235] pgscan_direct 0
[ 2862.048597][T23235] pgscan_khugepaged 0
[ 2862.048597][T23235] pgsteal_kswapd 0
[ 2862.048597][T23235] pgsteal_direct 0
[ 2862.048597][T23235] pgsteal_khugepaged 0
[ 2862.048597][T23235] pgfault 386676
[ 2862.048597][T23235] pgmajfault 0
[ 2862.048597][T23235] pgrefill 0
[ 2862.048597][T23235] pgactivate 0
[ 2862.048597][T23235] pgdeactivate 0
[ 2862.048597][T23235] pglazyfree 0
[ 2862.048597][T23235] pglazyfreed 0
[ 2862.048597][T23235] zswpin 0
[ 2862.048597][T23235] zswpout 0
[ 2862.048597][T23235] thp_fault_alloc 0
13:48:36 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
sendmsg$netlink(r0, &(0x7f00000001c0)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfd, 0x8}, 0xc, &(0x7f0000000100)=[{&(0x7f00000006c0)={0x224, 0x3f, 0x8, 0x70bd28, 0x25dfdbfb, "", [@generic="c445f0b9f0ead55e9e5d04b4f344ebf2bd3df9568b9e568852dcc22e3cf694577390e829e6eb6b46de6c91e5befea240042e92e3897d10545db5891efd3a56a74c46698d1ceb13e4d2c195904b29450ab267496fcf04882a47c8fe533a66d5b2ee988a671f142509e4baac89686a2ac662ab35a42a558216fa9236249b788b82bb4da28488e669c8154466f6977afa", @nested={0xdb, 0x39, 0x0, 0x1, [@generic="82e3378cdffdb9a6de312b3337588fccc4425372452258ee19ddf65eac3e95d6443af7c091d4f1990d64ab5fe97adfec744dd919142e1b5c52aec54af4d01bb745ee8534cb1e8cd624fa75a9ef2ab7512478df7d2b55", @typed={0x8, 0x63, 0x0, 0x0, @fd=r3}, @generic="8a6ec8d6ceb7f093141b3989156046c4cd5b6f14c615e30a7ced560ced0ff97647d9a363f828a5b6666be3e5ba0481f83add160a1f10579cb496011a04fef17919286c609ee5a20055c8b21c80253bdc7d607c192c14a628d81f1b23d05c309a44d7bb872a5e6907595e693c106bb256eb8ac5c0fd1d602a32"]}, @generic="b4c767c674908798ea9dbdce946948f9d01df338c6f4ff7994dce7dba84ed5f2491378118e9c42e3828647d87ca604fff6c9ca1f5b31a2c0803e0928c227b05e0a24a18e49f325510ca1cf2d02a65e77dd2afe088628f3bbe35dd0f9a93ed8ddef669b9ac3932711cf1912a3c1e48c7dd050c385b17e546a505a9e1afbb382fa5d5995f4e05e1fe496c1f01ae2469e56e0cba420a9d2f3ad129f46b5311d", @typed={0x5, 0x69, 0x0, 0x0, @str='\x00'}]}, 0x224}, {&(0x7f0000000900)={0x1330, 0x36, 0x200, 0x70bd29, 0x25dfdbff, "", [@typed={0x8, 0x85, 0x0, 0x0, @pid=0xffffffffffffffff}, @generic="58d0bf4fadf1ecf33586ffc5a09d220524245c6b085aa8be642347efad2bfd026a001b88dd97195e87490cd97c2fbf0124338a0b5550a61ef4370d624972fca066300dd2d60060892c78f62994cd0392c9c2f96415c76bf0d9523f439705882f9a596560a493d7299d3c21fe972c4a4f192817efbd7473d462796e05e6f17b079fa17f74da9df948c37129b416e56a926ab6f6ce85b8f629f82f07402bee5d6ad11b05ccff4f086e7454ee0ead18cb746b1f29a45938951765e5f8defeaed44c92", @generic="326e623dffd782269eda0adc01791d9b45d35cc59e484e3934fe09da9e7fd993cf94b8b3be8bd987e3cd950a091688cb2f9f0de1279cd88bdcad31f2e9869412", @nested={0x10b0, 0x83, 0x0, 0x1, [@typed={0x9e, 0x6c, 0x0, 0x0, @binary="47f9e1447f750d7a4185fe4cc913d2743d8d7968a4402a8b4108217b57b83c74993462853a85f3a49b1fa00ad68b611d02c29f1972eadfaaef16cc7bd636abf61c835989a9906e6b898bbc282b00bd7431a7004504952e21cb482db8ba8f928dec2a62a4dbd5c6fff2bedfa1c1028d7a43083daa733f23d92942fb9f1b1350c179a297996472c78ef6f92fac9a7954cd9072d0fd2efe0af60db9"}, @generic="77ca9524b3f8324ea7146891713545296697bec45cd509fdb65a7586c71a9e03680c7bd7b5718d3974cd6f288aecb558771ea92ac61f8af884bb58f2ea29ee6daeb366418636e079c1756828fb1f8c1fbaf027c6f2b85680cedbc4dc33a6b25518535fbd91c8f52c386304f3340c5ec13a19a2b09e29624d3d6eae1ec9a2c30a77875ff04fd30615ef5adedcb5df6bb64ff97374d779ef0fbf6ac31f041d7219f5cd0c80d151d2946c48e68cca832797ea510a584f492d9071adaf1994345b653395ca4734b2c02c24354948409727aceb74746e7d5705850017f26aad16523399373f4b0dbcb11f7990720972f113b14ba61a8dc2f840ca21c0bb2811af40c0be6ac40f40c5049225a81202d4801ae3321507b7234b257c9ec13d7f812eaab9fdc9102cc943c7850456fcf4faa1b8984b2b7da48bcb56f8cbdf8365f70fa5ab816f4db16bf10de76355d65ebfea78f6db2208554f344facee2d9492cd5458213620d520a4f0662bcd60e6fb1d66151492172ae1e42fa2ff0939dc228e79e0bb86d862f1ead3286b28dbed87b198367bbd3613387833a09b1ff97066a7e57e789777954cffb3272001a9f157311380945be2f89b26578b295ef3b59b56961e6e91cb968acd5cc36f166ffa782c66a898f3acfe6f885f3d013446b0a0017d0bc0e14dfaaef471fca1a5a121c9f50e3455f53850b236ed67a135460b483f1de82f34a52fc31d3164c955dee9e729ce237168beafc9a56fe7cfdb5260cd92660d070e94bae28ce94a173b7d62fe820ea9edc13b74836bec1cf0c700f517074b63313ae3c4e217535a4df1fa8c1ddf4cdd351d516d7caf75e71ba0ffc9b2e5caf4f0c17147bc4d8282f6c156bf05c7127dbeb8f4e432f5aeed1d8643e6ad16bb697d200eefe053716817cd7862660e43d257d93003281074cbac2680ced8b09f06e52f2477996f59ac621088216b8533043969bf3d87045634f6fbc68524fee36898e7ba9f8a641c83c38c63e7e9a8b5585888337b35b430aa00ddc48dc41bef701f20529d4d428e742d5c132266806c335bb954c2d228e380bb0c69c025e76827292201b822030882d3e91cd3d6cc66b5d2813ffe7e0d4bc2d57705f77d1b843356063306e47b659c0b04249ba164b913f87b8203383a926f4b2e2ee80f15d4414225008781401d0c9681390968081bfcafd7547087db571d7c0eac239dcd1f0d9b9fe161ad41b4080dc3b3029d32ffad2706c8286a0872fe20b7ffd6403472cb7b87c921ae75bc33f2738237e14fce53b5a89eb37aacaa6934f750de5a76b3ef53c727e16e1a1e5c2e02fdde8dc32995e1073879c7cdbe059a8fa51aefbfdd553b593fdfe2786b810256e2c1a38b13f8fbb0129c83ba061b8dfd688575638870de30ea256608dc9bd2dccb4c3e5d516b2d55338b1681e3299426cc79c94bffe5cbd24ea0c18650038265fdc1f23868fc830b1b9ddf798f32e0c79fb8296dead4479e17c9ccdad1bad844717e24e4c31d260304a28e43b967d151b5c59c1e707af4467630f7a9373314ed50f8dd1d4929377b76b3be6ea7be42dd8d824986f14a315407188eb93f20735af7934c6bf090755a4fab061d2883e360238094043f06bcbcc0abb553528a3a9e1afd584fdd608db7fb4d8c9b92adfbf369993f2db3ff8d986d80cacd07f75b2f836ebda654e90ca534a391e40139fd2ecbb0c358b71957524ff4c74950b4c7f04eaae2023d9b0e303d71d590658807453d90d75ef491190a9ff2eff5231ee9055fcf94b935df4a0e331336dad488c252aaa3fddd63369b51cdccfa6f2d453a1c4837fffd4f384e8b10d6a518ba46ff48eb22bfd5a101e43daba501fbfd52be44ae8860dec5435d7b1a4d7dfc85d1979dd236991454e33d79a052e51db8e6c3e4731b450952cc3449084859da2af33f7dad75e04645734c393498b7c6f07ba85fb0634faf3bc3cc70528526da7b1597785275afd19f4797a86033266cba348708fbc4e54e1738823ebff8e647c29eb9698729132c9120858d3e7c8ea9a7292e35fdd1a25a2962d7e209f45c21eb83060852213bddb4ef89ee07e2e545ec0ffcb13068e3c306de1f207bb9fd3a48716cc6c68fdf54ceb923d751ebe792c358fc8a7d1fe0a5b2a939b8bd1a9f995f57153ae4ba4548a889a771f0a22d5437038ac03138662673443ed4ca949ab975c8d5df3637f7dc528b918d6af24e1099bd9de2098eadd3ce9db1f7da2f6008178a5027c924ece84fa37347a08056599857ae62e91093eb8082397004b6d3c9464c0c905e3d6744ee1e9e83e9cacea9deac583d3e9fae4843c87e67d6131246f8d1424717d9d03a848362e4391e60f795535a09f7775973eec54a9c4aef77dfd38b853dce98e356c80b7ef96fb6a11d7bd78b096164475d56c89bfb41fceb3568ea06bbb8465793a55bb6defb98ae9c415edefe9c9f8d2c6d2949d8990d000ec9d06f2031c56c23c9c29adfcb310d4fc4831086c41edebdb55b701e25dd877a40be4b6523bc4c93a54042a73987e7a691ba8698a8a2619a31b52fdc1582862e8e35315670f5901e3fcb978dc992deea6d3cb8248a1939357860bbceff4082b499a103da72e1eca264e8a750e9ca2483260090aff65ddd21c899b2a75ad75b2ae25aaa5806e7eef7211cd4063dff26010f816955c85d3ab77d3da9af598fe289efddf4435ffe75504927062a0dd80e1099b716f0cf77b8957de1fe7c31b71be5c92df02c3f908bae572c3febef300c30c6976ff95814a23622fd558741c890cc10bb54397f42ab8dd0a302cf94f8c3dcb11049b61f07f5935771cc0964227229b1d8d731734b702c7305d1aa0cc079ba4251d96be41713835b4c0159d8b279cfee7eec97b0d74b70de3ae8af9bb3872ea36ff44937c61776f57d234c9c95a8d32997c2d9bae47f1589bba436befbc8723d8be662be54b896fd5feb1347c6cc275cda027fb4696e07ef9b380cbae7d2460c962b80fa52879e4c9ea0646a886383da3b3a756a3ca586ab6f0ba349872b922d6c1adb916d0d623c60f09f9bd8b89bc9e460a08cbf398d420eca14a1a8a07c478cbffed10dd144edfb1ee1596de0269be9dedf14bb600739f1299ffc8710b33d7790da3dd37b0b31909c43a1c3f9537cd328cd36bf599055c1803e5110726e7868f893d92d8aee564e0ad8e3a73ebcaef357618fef427916b9550628c419077d0ce1cea8cdbe5ff2bda21c9a83a04d45c88ea704c86ddc8fda45700f7acff4a67a874efbf734a238793629ac87e9f019a92bac8f8e59bcd1ac5b1ee44a31e93208955e784710ed3ed3933e43be0a9143adab18282b778159973eb744541690aa6c60c69e922723625fba5eea4161120558fb4e3d46e62cdf8e45daec522ef53e61d4e317cbd6d73cda4b2026cfb6bac85fc38bd0218c4d2dd4eeb9317ac326d78109ebb9c6f5b2eefdddca54245c391d4a6732e0beaf362d954b08ab7df006262c99d53df2dd28a0ec98837658b2f20ee7d096c12ccb9d280597da43c7c408d4e528f02a7176d6cdfe70d9cd349a614c6cac57914f7dd4165c7817b1f1b7d773c4e427d84785c05b153687bd43aae3346e39215f347c168b31a8914da6b367e5b5c2e6bca6fe8fd9e4618739a046e0affbb30690a78504453a49ca226f649a0062604ab48522b12e9db5c0415773e3c2093909aae97383f2107e9fffbd794ce31c188f2f3baed3cd5af11769bd23040f9603109de902055d4b0f561172700481f9a2331554bddbaa02dae16f9426588d013a8ec896e06092e0100a1cef42f445aec281df89b889ac19e7357ffda11f00d901bd5427cde44e260a98b1276a69cf48cb6285675dfbd4cdfab6910f01cb4261a10312e3788998ab90e10ba2ebdf5f29c36104cf8f07fe18a433b2fb628ded3586b5b064feb9e4981312826db0e2ee0c6b7d6463936bcf353ed285911752c152a4f9e3384fbfb284b4330ecdf7e85ac54877f5db40ada628754a5446f9303a0d83f8a6153753505923b297ab0fbe49a78e8c341b95db5350132c71602b128e58c3f03af6ff396b84a3dd855a5ff0efa3d8e1d769496541952c1823a00abe1571c41c589c183ead13cb019139b2ca7e96e5ff08d28c3b7f9475bbddfb6289aeada531c16f118e880521bf2ba07e58602360b2d6d8831f34261f54c9268185a1f0c6eaac560a1220ebd02b89958e4b8b60a09f507c4a30440885f4da123a6fc2cb9709a96b943c8a19a7e609c004402c1744b8cee9bab463e4ccb6b1c25cb33f22b49483901cbddbecd1d5ad75213a0ff6203f7ba517ecb6c1626736dea7cd2c563e4b3c1499c0011b3de95075983e7e5a28e1ebc161efab4b082a8bc0c005d02b5b0aa3c07868b33d03b812194fce1663fdae691deb0452c133f1e6320d5b2bf5ff1fdbb2efab38cc67c41e29389fd772809c37c0b75a4ea20b61212f3e935e29c53716547fd497ea2679bed607ef74d75880c2572cf1230e9a04a2d71a61c6329d75a68ed6d176c85f972b419563ec0ef759b6e420402c3dc562169e8340629a2c0a9c495c762fb2c61e11427364a2ba80f5265b29d86c12023ae9ad9a9de28f713d895281a87b535e96674a17bb6964feac5d66473e3e64fb177b3018924167a60d4eaf4a4d9574eee8a5f3b7a16102a4931d3b19c9d6c32151d34e94211310b37567488a6513c059138fa0487716f8b8c4b2990f6d8efbd2cff85141db9f1f5d3ac4644af99a3b2c13cc76a01f2f948c60d932c876805771b5b375a73c039c18ad1368d6d09d66d3b55f9714fc68967364826f1ebee1769eed56367bfaf17b6c63d5877f69de02d51a2e19189858a7a0ba12560125fd0c347bc0b80741fcf7d0fe95f9ab7c4b47c132afb195630954bed2903c692a218af5d1f8575423bcb0fe3250b51d8cc4d01b4abd758f73e43a7c0473e5af9e0b5bcaeabe1c0189d567d7d8923e9ad7eb371393739b781833c78e7a10158e003cf00f3c91c9d4c5690e96c01b6ff5cf44602426b8f98879b5a2197ce5d2ce7e74b4c8b70f2679589228ec50ea284d3ab4a6efabe6619a2082b3b003f1b178ce6e98b53426c9100a43ad01613047d6998736e1db8ffd926ef2e4d82c247f19aedd67f2ded62829e042e3280ff0f6efa363522d1e2bd4afb63323db93532a548d92ffce099407644153a6e2af781c2f1fd91f60ee63ee74fa54195c582536762bb4e72d61dbef1fe8c3b4b1437b8bbeb46300c5479510871da5faa53a1c81fefd3e7f39a764bd0dc05809749a8480e8a2f6894e13fa31f62b963c4d36f2070f6b2ecf323d7afb09ee9caa729258f2ba468832d589c0c50b76602de8992fbe30bee5863cb66a8dfd3e4ad13d3508e7e604c99c883a7e272dc1d460674ca53caf220d0ac23ac53b3aea14e1acb5c64248fd303bd3dafa838b1c13121d13ac1401ba4db6e0d85980fe7daff4f13956725af322cc2f1d7e3d85796f425a5fc8778515fe834d5d0ca88fd4d599f127dc6ecdae22cc5098d28dca8be2e677464b0abfc66785a3006dc0f6c3c7e69842dbdd8f674eec135daadc7f7a390b6b95498889be1aacee5840a4ca141ab25421bc6f301167e1fbf9d87c0e4e7c50158b7643023e0cd4b678bc3c4c8ab9bda8b8a2f3519b631134983e79b97557cc6df609a33ec9189576a449762be8a602a022bd7171ee6e04ea6056939462953c6484e85a18b753bdae9642c707086d302c7d93da3b7b05a6b8eb6700f1079209a3cd717211088fbe6d8091d24be971d292b802c2c873f32955", @typed={0xc, 0x92, 0x0, 0x0, @u64=0x400000000000}]}, @typed={0x14, 0x70, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @loopback}}, @nested={0x14d, 0x91, 0x0, 0x1, [@generic="c1e75303ee87050375", @generic="ca7522aa055694224476ee16d7f9aaed4163eb845fbf4ce65cb3cf37616f9945736c5630896108e0787778ea8af454acfd0004203926bae6c2283b6d9bdc202111f4fc877e56d3", @generic="f2df79a1d61d0e7859c0d122025c5131a560058166e6659039f3e14d6bf280ae9550fbe3f680e39b311ac8a0a3bb0c1c397ce61239c218e87884d993be707f02035bc559339d25d69b65c54f767b58174780df10a70f7cb7180443a6c9e5ad03136a48ff92d879fa3e4e1ca974c14a1006a3284e59140892ddd267b288fde226bf0885bf122ef7432567d07bb8434cc997223e1355bd69862e84e55702726c8e6c841b6f8105d1732e17b5e27110e403817377e935ea3d336d6c87e91415d74eef51a8b27edf55d4385c7041917f362622a4dc1942a81e7c36c67ee24a68f96fd1e3e4767153922a4d2e890a5f85906d68b141fd4f48cfca2f"]}]}, 0x1330}], 0x2, 0x0, 0x0, 0x4041}, 0x40800)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="2c00000024000b0f00000000000000000000020047d82cd9725ececfae8fc4a51f1ef51887cfc66e9cf7ddc4d7d1c47e5dd28b325625173489440407d1943e415ec4f8a82cd3f72212e51b516d91c17ff2549e6aabcc0d3c512e3c8b2fd78d9662e918167efdadcc8c222d9e08821bdddd70a4e5c6e1c6f730019cfb2d020000001bd8892d1c0b982b0c1026ad5f0bdf9dbaea18f5aafc0a772b1a7eb5d479a3eda74fe4eafb3e79fca0edfe5934fe86a9e1a8536a7af2d27f2ab80cc5f1b0a4c60c434052fa960119a1c8bd7befaacedc6a002670e62d01d3f108f27a9abb5b08f869f35a2cab423f47b028492a1ed66cc21365d5b0e82c5e28b1de4449410f700a5c4456b599a41abd9b6982bca53251d1cc8186705fd2efe7b57f8ce247308622abe690aeecda4c552898901acb7d11cf", @ANYRES32=r2, @ANYBLOB="00000000ffffffff000000000800010071667100"], 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
socket(0x10, 0x803, 0x0) (async)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) (async)
sendmsg$netlink(r0, &(0x7f00000001c0)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfd, 0x8}, 0xc, &(0x7f0000000100)=[{&(0x7f00000006c0)={0x224, 0x3f, 0x8, 0x70bd28, 0x25dfdbfb, "", [@generic="c445f0b9f0ead55e9e5d04b4f344ebf2bd3df9568b9e568852dcc22e3cf694577390e829e6eb6b46de6c91e5befea240042e92e3897d10545db5891efd3a56a74c46698d1ceb13e4d2c195904b29450ab267496fcf04882a47c8fe533a66d5b2ee988a671f142509e4baac89686a2ac662ab35a42a558216fa9236249b788b82bb4da28488e669c8154466f6977afa", @nested={0xdb, 0x39, 0x0, 0x1, [@generic="82e3378cdffdb9a6de312b3337588fccc4425372452258ee19ddf65eac3e95d6443af7c091d4f1990d64ab5fe97adfec744dd919142e1b5c52aec54af4d01bb745ee8534cb1e8cd624fa75a9ef2ab7512478df7d2b55", @typed={0x8, 0x63, 0x0, 0x0, @fd=r3}, @generic="8a6ec8d6ceb7f093141b3989156046c4cd5b6f14c615e30a7ced560ced0ff97647d9a363f828a5b6666be3e5ba0481f83add160a1f10579cb496011a04fef17919286c609ee5a20055c8b21c80253bdc7d607c192c14a628d81f1b23d05c309a44d7bb872a5e6907595e693c106bb256eb8ac5c0fd1d602a32"]}, @generic="b4c767c674908798ea9dbdce946948f9d01df338c6f4ff7994dce7dba84ed5f2491378118e9c42e3828647d87ca604fff6c9ca1f5b31a2c0803e0928c227b05e0a24a18e49f325510ca1cf2d02a65e77dd2afe088628f3bbe35dd0f9a93ed8ddef669b9ac3932711cf1912a3c1e48c7dd050c385b17e546a505a9e1afbb382fa5d5995f4e05e1fe496c1f01ae2469e56e0cba420a9d2f3ad129f46b5311d", @typed={0x5, 0x69, 0x0, 0x0, @str='\x00'}]}, 0x224}, {&(0x7f0000000900)={0x1330, 0x36, 0x200, 0x70bd29, 0x25dfdbff, "", [@typed={0x8, 0x85, 0x0, 0x0, @pid=0xffffffffffffffff}, @generic="58d0bf4fadf1ecf33586ffc5a09d220524245c6b085aa8be642347efad2bfd026a001b88dd97195e87490cd97c2fbf0124338a0b5550a61ef4370d624972fca066300dd2d60060892c78f62994cd0392c9c2f96415c76bf0d9523f439705882f9a596560a493d7299d3c21fe972c4a4f192817efbd7473d462796e05e6f17b079fa17f74da9df948c37129b416e56a926ab6f6ce85b8f629f82f07402bee5d6ad11b05ccff4f086e7454ee0ead18cb746b1f29a45938951765e5f8defeaed44c92", @generic="326e623dffd782269eda0adc01791d9b45d35cc59e484e3934fe09da9e7fd993cf94b8b3be8bd987e3cd950a091688cb2f9f0de1279cd88bdcad31f2e9869412", @nested={0x10b0, 0x83, 0x0, 0x1, [@typed={0x9e, 0x6c, 0x0, 0x0, @binary="47f9e1447f750d7a4185fe4cc913d2743d8d7968a4402a8b4108217b57b83c74993462853a85f3a49b1fa00ad68b611d02c29f1972eadfaaef16cc7bd636abf61c835989a9906e6b898bbc282b00bd7431a7004504952e21cb482db8ba8f928dec2a62a4dbd5c6fff2bedfa1c1028d7a43083daa733f23d92942fb9f1b1350c179a297996472c78ef6f92fac9a7954cd9072d0fd2efe0af60db9"}, @generic="77ca9524b3f8324ea7146891713545296697bec45cd509fdb65a7586c71a9e03680c7bd7b5718d3974cd6f288aecb558771ea92ac61f8af884bb58f2ea29ee6daeb366418636e079c1756828fb1f8c1fbaf027c6f2b85680cedbc4dc33a6b25518535fbd91c8f52c386304f3340c5ec13a19a2b09e29624d3d6eae1ec9a2c30a77875ff04fd30615ef5adedcb5df6bb64ff97374d779ef0fbf6ac31f041d7219f5cd0c80d151d2946c48e68cca832797ea510a584f492d9071adaf1994345b653395ca4734b2c02c24354948409727aceb74746e7d5705850017f26aad16523399373f4b0dbcb11f7990720972f113b14ba61a8dc2f840ca21c0bb2811af40c0be6ac40f40c5049225a81202d4801ae3321507b7234b257c9ec13d7f812eaab9fdc9102cc943c7850456fcf4faa1b8984b2b7da48bcb56f8cbdf8365f70fa5ab816f4db16bf10de76355d65ebfea78f6db2208554f344facee2d9492cd5458213620d520a4f0662bcd60e6fb1d66151492172ae1e42fa2ff0939dc228e79e0bb86d862f1ead3286b28dbed87b198367bbd3613387833a09b1ff97066a7e57e789777954cffb3272001a9f157311380945be2f89b26578b295ef3b59b56961e6e91cb968acd5cc36f166ffa782c66a898f3acfe6f885f3d013446b0a0017d0bc0e14dfaaef471fca1a5a121c9f50e3455f53850b236ed67a135460b483f1de82f34a52fc31d3164c955dee9e729ce237168beafc9a56fe7cfdb5260cd92660d070e94bae28ce94a173b7d62fe820ea9edc13b74836bec1cf0c700f517074b63313ae3c4e217535a4df1fa8c1ddf4cdd351d516d7caf75e71ba0ffc9b2e5caf4f0c17147bc4d8282f6c156bf05c7127dbeb8f4e432f5aeed1d8643e6ad16bb697d200eefe053716817cd7862660e43d257d93003281074cbac2680ced8b09f06e52f2477996f59ac621088216b8533043969bf3d87045634f6fbc68524fee36898e7ba9f8a641c83c38c63e7e9a8b5585888337b35b430aa00ddc48dc41bef701f20529d4d428e742d5c132266806c335bb954c2d228e380bb0c69c025e76827292201b822030882d3e91cd3d6cc66b5d2813ffe7e0d4bc2d57705f77d1b843356063306e47b659c0b04249ba164b913f87b8203383a926f4b2e2ee80f15d4414225008781401d0c9681390968081bfcafd7547087db571d7c0eac239dcd1f0d9b9fe161ad41b4080dc3b3029d32ffad2706c8286a0872fe20b7ffd6403472cb7b87c921ae75bc33f2738237e14fce53b5a89eb37aacaa6934f750de5a76b3ef53c727e16e1a1e5c2e02fdde8dc32995e1073879c7cdbe059a8fa51aefbfdd553b593fdfe2786b810256e2c1a38b13f8fbb0129c83ba061b8dfd688575638870de30ea256608dc9bd2dccb4c3e5d516b2d55338b1681e3299426cc79c94bffe5cbd24ea0c18650038265fdc1f23868fc830b1b9ddf798f32e0c79fb8296dead4479e17c9ccdad1bad844717e24e4c31d260304a28e43b967d151b5c59c1e707af4467630f7a9373314ed50f8dd1d4929377b76b3be6ea7be42dd8d824986f14a315407188eb93f20735af7934c6bf090755a4fab061d2883e360238094043f06bcbcc0abb553528a3a9e1afd584fdd608db7fb4d8c9b92adfbf369993f2db3ff8d986d80cacd07f75b2f836ebda654e90ca534a391e40139fd2ecbb0c358b71957524ff4c74950b4c7f04eaae2023d9b0e303d71d590658807453d90d75ef491190a9ff2eff5231ee9055fcf94b935df4a0e331336dad488c252aaa3fddd63369b51cdccfa6f2d453a1c4837fffd4f384e8b10d6a518ba46ff48eb22bfd5a101e43daba501fbfd52be44ae8860dec5435d7b1a4d7dfc85d1979dd236991454e33d79a052e51db8e6c3e4731b450952cc3449084859da2af33f7dad75e04645734c393498b7c6f07ba85fb0634faf3bc3cc70528526da7b1597785275afd19f4797a86033266cba348708fbc4e54e1738823ebff8e647c29eb9698729132c9120858d3e7c8ea9a7292e35fdd1a25a2962d7e209f45c21eb83060852213bddb4ef89ee07e2e545ec0ffcb13068e3c306de1f207bb9fd3a48716cc6c68fdf54ceb923d751ebe792c358fc8a7d1fe0a5b2a939b8bd1a9f995f57153ae4ba4548a889a771f0a22d5437038ac03138662673443ed4ca949ab975c8d5df3637f7dc528b918d6af24e1099bd9de2098eadd3ce9db1f7da2f6008178a5027c924ece84fa37347a08056599857ae62e91093eb8082397004b6d3c9464c0c905e3d6744ee1e9e83e9cacea9deac583d3e9fae4843c87e67d6131246f8d1424717d9d03a848362e4391e60f795535a09f7775973eec54a9c4aef77dfd38b853dce98e356c80b7ef96fb6a11d7bd78b096164475d56c89bfb41fceb3568ea06bbb8465793a55bb6defb98ae9c415edefe9c9f8d2c6d2949d8990d000ec9d06f2031c56c23c9c29adfcb310d4fc4831086c41edebdb55b701e25dd877a40be4b6523bc4c93a54042a73987e7a691ba8698a8a2619a31b52fdc1582862e8e35315670f5901e3fcb978dc992deea6d3cb8248a1939357860bbceff4082b499a103da72e1eca264e8a750e9ca2483260090aff65ddd21c899b2a75ad75b2ae25aaa5806e7eef7211cd4063dff26010f816955c85d3ab77d3da9af598fe289efddf4435ffe75504927062a0dd80e1099b716f0cf77b8957de1fe7c31b71be5c92df02c3f908bae572c3febef300c30c6976ff95814a23622fd558741c890cc10bb54397f42ab8dd0a302cf94f8c3dcb11049b61f07f5935771cc0964227229b1d8d731734b702c7305d1aa0cc079ba4251d96be41713835b4c0159d8b279cfee7eec97b0d74b70de3ae8af9bb3872ea36ff44937c61776f57d234c9c95a8d32997c2d9bae47f1589bba436befbc8723d8be662be54b896fd5feb1347c6cc275cda027fb4696e07ef9b380cbae7d2460c962b80fa52879e4c9ea0646a886383da3b3a756a3ca586ab6f0ba349872b922d6c1adb916d0d623c60f09f9bd8b89bc9e460a08cbf398d420eca14a1a8a07c478cbffed10dd144edfb1ee1596de0269be9dedf14bb600739f1299ffc8710b33d7790da3dd37b0b31909c43a1c3f9537cd328cd36bf599055c1803e5110726e7868f893d92d8aee564e0ad8e3a73ebcaef357618fef427916b9550628c419077d0ce1cea8cdbe5ff2bda21c9a83a04d45c88ea704c86ddc8fda45700f7acff4a67a874efbf734a238793629ac87e9f019a92bac8f8e59bcd1ac5b1ee44a31e93208955e784710ed3ed3933e43be0a9143adab18282b778159973eb744541690aa6c60c69e922723625fba5eea4161120558fb4e3d46e62cdf8e45daec522ef53e61d4e317cbd6d73cda4b2026cfb6bac85fc38bd0218c4d2dd4eeb9317ac326d78109ebb9c6f5b2eefdddca54245c391d4a6732e0beaf362d954b08ab7df006262c99d53df2dd28a0ec98837658b2f20ee7d096c12ccb9d280597da43c7c408d4e528f02a7176d6cdfe70d9cd349a614c6cac57914f7dd4165c7817b1f1b7d773c4e427d84785c05b153687bd43aae3346e39215f347c168b31a8914da6b367e5b5c2e6bca6fe8fd9e4618739a046e0affbb30690a78504453a49ca226f649a0062604ab48522b12e9db5c0415773e3c2093909aae97383f2107e9fffbd794ce31c188f2f3baed3cd5af11769bd23040f9603109de902055d4b0f561172700481f9a2331554bddbaa02dae16f9426588d013a8ec896e06092e0100a1cef42f445aec281df89b889ac19e7357ffda11f00d901bd5427cde44e260a98b1276a69cf48cb6285675dfbd4cdfab6910f01cb4261a10312e3788998ab90e10ba2ebdf5f29c36104cf8f07fe18a433b2fb628ded3586b5b064feb9e4981312826db0e2ee0c6b7d6463936bcf353ed285911752c152a4f9e3384fbfb284b4330ecdf7e85ac54877f5db40ada628754a5446f9303a0d83f8a6153753505923b297ab0fbe49a78e8c341b95db5350132c71602b128e58c3f03af6ff396b84a3dd855a5ff0efa3d8e1d769496541952c1823a00abe1571c41c589c183ead13cb019139b2ca7e96e5ff08d28c3b7f9475bbddfb6289aeada531c16f118e880521bf2ba07e58602360b2d6d8831f34261f54c9268185a1f0c6eaac560a1220ebd02b89958e4b8b60a09f507c4a30440885f4da123a6fc2cb9709a96b943c8a19a7e609c004402c1744b8cee9bab463e4ccb6b1c25cb33f22b49483901cbddbecd1d5ad75213a0ff6203f7ba517ecb6c1626736dea7cd2c563e4b3c1499c0011b3de95075983e7e5a28e1ebc161efab4b082a8bc0c005d02b5b0aa3c07868b33d03b812194fce1663fdae691deb0452c133f1e6320d5b2bf5ff1fdbb2efab38cc67c41e29389fd772809c37c0b75a4ea20b61212f3e935e29c53716547fd497ea2679bed607ef74d75880c2572cf1230e9a04a2d71a61c6329d75a68ed6d176c85f972b419563ec0ef759b6e420402c3dc562169e8340629a2c0a9c495c762fb2c61e11427364a2ba80f5265b29d86c12023ae9ad9a9de28f713d895281a87b535e96674a17bb6964feac5d66473e3e64fb177b3018924167a60d4eaf4a4d9574eee8a5f3b7a16102a4931d3b19c9d6c32151d34e94211310b37567488a6513c059138fa0487716f8b8c4b2990f6d8efbd2cff85141db9f1f5d3ac4644af99a3b2c13cc76a01f2f948c60d932c876805771b5b375a73c039c18ad1368d6d09d66d3b55f9714fc68967364826f1ebee1769eed56367bfaf17b6c63d5877f69de02d51a2e19189858a7a0ba12560125fd0c347bc0b80741fcf7d0fe95f9ab7c4b47c132afb195630954bed2903c692a218af5d1f8575423bcb0fe3250b51d8cc4d01b4abd758f73e43a7c0473e5af9e0b5bcaeabe1c0189d567d7d8923e9ad7eb371393739b781833c78e7a10158e003cf00f3c91c9d4c5690e96c01b6ff5cf44602426b8f98879b5a2197ce5d2ce7e74b4c8b70f2679589228ec50ea284d3ab4a6efabe6619a2082b3b003f1b178ce6e98b53426c9100a43ad01613047d6998736e1db8ffd926ef2e4d82c247f19aedd67f2ded62829e042e3280ff0f6efa363522d1e2bd4afb63323db93532a548d92ffce099407644153a6e2af781c2f1fd91f60ee63ee74fa54195c582536762bb4e72d61dbef1fe8c3b4b1437b8bbeb46300c5479510871da5faa53a1c81fefd3e7f39a764bd0dc05809749a8480e8a2f6894e13fa31f62b963c4d36f2070f6b2ecf323d7afb09ee9caa729258f2ba468832d589c0c50b76602de8992fbe30bee5863cb66a8dfd3e4ad13d3508e7e604c99c883a7e272dc1d460674ca53caf220d0ac23ac53b3aea14e1acb5c64248fd303bd3dafa838b1c13121d13ac1401ba4db6e0d85980fe7daff4f13956725af322cc2f1d7e3d85796f425a5fc8778515fe834d5d0ca88fd4d599f127dc6ecdae22cc5098d28dca8be2e677464b0abfc66785a3006dc0f6c3c7e69842dbdd8f674eec135daadc7f7a390b6b95498889be1aacee5840a4ca141ab25421bc6f301167e1fbf9d87c0e4e7c50158b7643023e0cd4b678bc3c4c8ab9bda8b8a2f3519b631134983e79b97557cc6df609a33ec9189576a449762be8a602a022bd7171ee6e04ea6056939462953c6484e85a18b753bdae9642c707086d302c7d93da3b7b05a6b8eb6700f1079209a3cd717211088fbe6d8091d24be971d292b802c2c873f32955", @typed={0xc, 0x92, 0x0, 0x0, @u64=0x400000000000}]}, @typed={0x14, 0x70, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @loopback}}, @nested={0x14d, 0x91, 0x0, 0x1, [@generic="c1e75303ee87050375", @generic="ca7522aa055694224476ee16d7f9aaed4163eb845fbf4ce65cb3cf37616f9945736c5630896108e0787778ea8af454acfd0004203926bae6c2283b6d9bdc202111f4fc877e56d3", @generic="f2df79a1d61d0e7859c0d122025c5131a560058166e6659039f3e14d6bf280ae9550fbe3f680e39b311ac8a0a3bb0c1c397ce61239c218e87884d993be707f02035bc559339d25d69b65c54f767b58174780df10a70f7cb7180443a6c9e5ad03136a48ff92d879fa3e4e1ca974c14a1006a3284e59140892ddd267b288fde226bf0885bf122ef7432567d07bb8434cc997223e1355bd69862e84e55702726c8e6c841b6f8105d1732e17b5e27110e403817377e935ea3d336d6c87e91415d74eef51a8b27edf55d4385c7041917f362622a4dc1942a81e7c36c67ee24a68f96fd1e3e4767153922a4d2e890a5f85906d68b141fd4f48cfca2f"]}]}, 0x1330}], 0x2, 0x0, 0x0, 0x4041}, 0x40800) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="2c00000024000b0f00000000000000000000020047d82cd9725ececfae8fc4a51f1ef51887cfc66e9cf7ddc4d7d1c47e5dd28b325625173489440407d1943e415ec4f8a82cd3f72212e51b516d91c17ff2549e6aabcc0d3c512e3c8b2fd78d9662e918167efdadcc8c222d9e08821bdddd70a4e5c6e1c6f730019cfb2d020000001bd8892d1c0b982b0c1026ad5f0bdf9dbaea18f5aafc0a772b1a7eb5d479a3eda74fe4eafb3e79fca0edfe5934fe86a9e1a8536a7af2d27f2ab80cc5f1b0a4c60c434052fa960119a1c8bd7befaacedc6a002670e62d01d3f108f27a9abb5b08f869f35a2cab423f47b028492a1ed66cc21365d5b0e82c5e28b1de4449410f700a5c4456b599a41abd9b6982bca53251d1cc8186705fd2efe7b57f8ce247308622abe690aeecda4c552898901acb7d11cf", @ANYRES32=r2, @ANYBLOB="00000000ffffffff000000000800010071667100"], 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)

13:48:36 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xc1)

13:48:36 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2862.297690][T23235] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23235,uid=0
[ 2862.339132][T23235] Memory cgroup out of memory: Killed process 23235 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:92kB oom_score_adj:1000
13:48:36 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100001070400"/20, @ANYRES32=r2, @ANYBLOB="0000000000bd3d8c550012000900010076657468e4ea1a879bd5811e379fc6de154844cac920f68a79036940b5d0abbb0e733eea31060c84ec17ed18b6dc3822c031c3c9d2267c9ea2c20228a290f762b9046171f182"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2862.595270][T23256] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2862.606123][T23256] CPU: 0 PID: 23256 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2862.616672][T23256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2862.626764][T23256] Call Trace:
[ 2862.630066][T23256]  <TASK>
[ 2862.633017][T23256]  dump_stack_lvl+0x136/0x150
[ 2862.637726][T23256]  dump_header+0x10a/0xd70
[ 2862.642454][T23256]  oom_kill_process+0x25d/0x600
[ 2862.647358][T23256]  out_of_memory+0x35c/0x1660
[ 2862.652074][T23256]  ? find_held_lock+0x2d/0x110
[ 2862.656984][T23256]  ? oom_killer_disable+0x2b0/0x2b0
[ 2862.662229][T23256]  ? rcu_read_unlock+0x9/0x60
[ 2862.666958][T23256]  ? find_held_lock+0x2d/0x110
[ 2862.671779][T23256]  mem_cgroup_out_of_memory+0x206/0x270
[ 2862.677362][T23256]  ? mem_cgroup_margin+0x130/0x130
[ 2862.682513][T23256]  ? lock_downgrade+0x690/0x690
[ 2862.687420][T23256]  try_charge_memcg+0xf99/0x13a0
[ 2862.692399][T23256]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2862.698404][T23256]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2862.704138][T23256]  ? lock_downgrade+0x690/0x690
[ 2862.709004][T23256]  ? lock_downgrade+0x690/0x690
[ 2862.713880][T23256]  __memcg_kmem_charge_page+0x16e/0x3c0
[ 2862.719891][T23256]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2862.726067][T23256]  copy_process+0x1442/0x75c0
[ 2862.730772][T23256]  ? __lock_acquire+0xc17/0x5f30
[ 2862.735733][T23256]  ? pidfd_prepare+0x80/0x80
[ 2862.740348][T23256]  ? psi_memstall_leave+0x174/0x250
[ 2862.745557][T23256]  ? lock_downgrade+0x690/0x690
[ 2862.750438][T23256]  kernel_clone+0xeb/0x890
[ 2862.754874][T23256]  ? create_io_thread+0xe0/0xe0
[ 2862.759746][T23256]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2862.766007][T23256]  ? lock_downgrade+0x690/0x690
[ 2862.770883][T23256]  __do_sys_clone+0xba/0x100
[ 2862.775495][T23256]  ? kernel_clone+0x890/0x890
[ 2862.780199][T23256]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2862.786112][T23256]  do_syscall_64+0x39/0xb0
[ 2862.790560][T23256]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2862.796486][T23256] RIP: 0033:0x7f403688d591
[ 2862.800917][T23256] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2862.820894][T23256] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2862.829319][T23256] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2862.837297][T23256] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2862.845270][T23256] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2862.853249][T23256] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2862.861228][T23256] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2862.869218][T23256]  </TASK>
[ 2862.879570][T23256] memory: usage 307184kB, limit 307200kB, failcnt 17761
[ 2862.901413][T23256] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2862.917689][T23256] Memory cgroup stats for /syz4:
[ 2862.917965][T23256] anon 114688
[ 2862.917965][T23256] file 8380416
[ 2862.917965][T23256] kernel 306061312
[ 2862.917965][T23256] kernel_stack 32768
[ 2862.917965][T23256] pagetables 77824
[ 2862.917965][T23256] sec_pagetables 0
[ 2862.917965][T23256] percpu 5477376
[ 2862.917965][T23256] sock 0
13:48:37 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

[ 2862.917965][T23256] vmalloc 0
[ 2862.917965][T23256] shmem 8380416
[ 2862.917965][T23256] zswap 0
[ 2862.917965][T23256] zswapped 0
[ 2862.917965][T23256] file_mapped 405504
[ 2862.917965][T23256] file_dirty 0
[ 2862.917965][T23256] file_writeback 0
[ 2862.917965][T23256] swapcached 0
[ 2862.917965][T23256] anon_thp 0
[ 2862.917965][T23256] file_thp 0
[ 2862.917965][T23256] shmem_thp 0
[ 2862.917965][T23256] inactive_anon 4096
[ 2862.917965][T23256] active_anon 8491008
[ 2862.917965][T23256] inactive_file 0
[ 2862.917965][T23256] active_file 0
[ 2862.917965][T23256] unevictable 0
[ 2862.917965][T23256] slab_reclaimable 38216
[ 2862.917965][T23256] slab_unreclaimable 300379584
[ 2862.917965][T23256] slab 300417800
[ 2862.917965][T23256] workingset_refault_anon 0
[ 2862.917965][T23256] workingset_refault_file 0
[ 2862.917965][T23256] workingset_activate_anon 0
[ 2862.917965][T23256] workingset_activate_file 0
[ 2862.917965][T23256] workingset_restore_anon 0
[ 2862.917965][T23256] workingset_restore_file 0
[ 2862.917965][T23256] workingset_nodereclaim 0
[ 2862.917965][T23256] pgscan 0
[ 2862.917965][T23256] pgsteal 0
[ 2862.917965][T23256] pgscan_kswapd 0
[ 2862.917965][T23256] pgscan_direct 0
[ 2862.917965][T23256] pgscan_khugepaged 0
[ 2862.917965][T23256] pgsteal_kswapd 0
[ 2862.917965][T23256] pgsteal_direct 0
[ 2862.917965][T23256] pgsteal_khugepaged 0
[ 2862.917965][T23256] pgfault 386711
[ 2862.917965][T23256] pgmajfault 0
[ 2862.917965][T23256] pgrefill 0
[ 2862.917965][T23256] pgactivate 0
[ 2862.917965][T23256] pgdeactivate 0
[ 2862.917965][T23256] pglazyfree 0
[ 2862.917965][T23256] pglazyfreed 0
[ 2862.917965][T23256] zswpin 0
[ 2862.917965][T23256] zswpout 0
[ 2862.917965][T23256] thp_fault_alloc 0
[ 2863.138800][T23256] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23256,uid=0
[ 2863.161844][T23256] Memory cgroup out of memory: Killed process 23256 (syz-executor.4) total-vm:54548kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:37 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100001070400"/20, @ANYRES32=r2, @ANYBLOB="0000000000bd3d8c550012000900010076657468e4ea1a879bd5811e379fc6de154844cac920f68a79036940b5d0abbb0e733eea31060c84ec17ed18b6dc3822c031c3c9d2267c9ea2c20228a290f762b9046171f182"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2863.381503][T23265] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2863.392100][T23265] CPU: 1 PID: 23265 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2863.402568][T23265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2863.412681][T23265] Call Trace:
[ 2863.415993][T23265]  <TASK>
[ 2863.418957][T23265]  dump_stack_lvl+0x136/0x150
[ 2863.423677][T23265]  dump_header+0x10a/0xd70
[ 2863.428137][T23265]  oom_kill_process+0x25d/0x600
[ 2863.433023][T23265]  out_of_memory+0x35c/0x1660
[ 2863.437741][T23265]  ? find_held_lock+0x2d/0x110
[ 2863.442554][T23265]  ? oom_killer_disable+0x2b0/0x2b0
[ 2863.447787][T23265]  ? rcu_read_unlock+0x9/0x60
[ 2863.452493][T23265]  ? find_held_lock+0x2d/0x110
[ 2863.457289][T23265]  mem_cgroup_out_of_memory+0x206/0x270
[ 2863.462889][T23265]  ? mem_cgroup_margin+0x130/0x130
[ 2863.468047][T23265]  ? lock_downgrade+0x690/0x690
[ 2863.472962][T23265]  try_charge_memcg+0xf99/0x13a0
[ 2863.477951][T23265]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2863.483974][T23265]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2863.489760][T23265]  ? lock_downgrade+0x690/0x690
[ 2863.494666][T23265]  ? lock_downgrade+0x690/0x690
[ 2863.499642][T23265]  __memcg_kmem_charge_page+0x16e/0x3c0
[ 2863.505245][T23265]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2863.511467][T23265]  copy_process+0x4f9/0x75c0
[ 2863.516380][T23265]  ? __lock_acquire+0xc17/0x5f30
[ 2863.521468][T23265]  ? pidfd_prepare+0x80/0x80
[ 2863.526115][T23265]  ? psi_memstall_leave+0x174/0x250
[ 2863.531345][T23265]  ? lock_downgrade+0x690/0x690
[ 2863.536251][T23265]  kernel_clone+0xeb/0x890
[ 2863.540719][T23265]  ? create_io_thread+0xe0/0xe0
[ 2863.545616][T23265]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2863.551897][T23265]  ? lock_downgrade+0x690/0x690
[ 2863.556799][T23265]  __do_sys_clone+0xba/0x100
[ 2863.561459][T23265]  ? kernel_clone+0x890/0x890
[ 2863.566243][T23265]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2863.572186][T23265]  do_syscall_64+0x39/0xb0
[ 2863.576657][T23265]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2863.582600][T23265] RIP: 0033:0x7f403688d591
[ 2863.587051][T23265] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2863.606702][T23265] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2863.615173][T23265] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2863.623183][T23265] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2863.631182][T23265] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2863.639446][T23265] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2863.647440][T23265] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2863.655464][T23265]  </TASK>
[ 2863.668327][T23254] __nla_validate_parse: 33 callbacks suppressed
[ 2863.668346][T23254] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2863.678917][T23265] memory: usage 307184kB, limit 307200kB, failcnt 17869
[ 2863.691414][T23265] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2863.698973][T23265] Memory cgroup stats for /syz4:
[ 2863.699243][T23265] anon 114688
[ 2863.699243][T23265] file 8380416
[ 2863.699243][T23265] kernel 306061312
[ 2863.699243][T23265] kernel_stack 32768
[ 2863.699243][T23265] pagetables 77824
[ 2863.699243][T23265] sec_pagetables 0
[ 2863.699243][T23265] percpu 5477376
[ 2863.699243][T23265] sock 0
[ 2863.699243][T23265] vmalloc 0
[ 2863.699243][T23265] shmem 8380416
[ 2863.699243][T23265] zswap 0
[ 2863.699243][T23265] zswapped 0
[ 2863.699243][T23265] file_mapped 405504
[ 2863.699243][T23265] file_dirty 0
[ 2863.699243][T23265] file_writeback 0
[ 2863.699243][T23265] swapcached 0
[ 2863.699243][T23265] anon_thp 0
[ 2863.699243][T23265] file_thp 0
[ 2863.699243][T23265] shmem_thp 0
[ 2863.699243][T23265] inactive_anon 4096
[ 2863.699243][T23265] active_anon 8491008
[ 2863.699243][T23265] inactive_file 0
[ 2863.699243][T23265] active_file 0
[ 2863.699243][T23265] unevictable 0
[ 2863.699243][T23265] slab_reclaimable 38216
[ 2863.699243][T23265] slab_unreclaimable 300379584
[ 2863.699243][T23265] slab 300417800
[ 2863.699243][T23265] workingset_refault_anon 0
[ 2863.699243][T23265] workingset_refault_file 0
[ 2863.699243][T23265] workingset_activate_anon 0
[ 2863.699243][T23265] workingset_activate_file 0
[ 2863.699243][T23265] workingset_restore_anon 0
[ 2863.699243][T23265] workingset_restore_file 0
[ 2863.699243][T23265] workingset_nodereclaim 0
[ 2863.699243][T23265] pgscan 0
[ 2863.699243][T23265] pgsteal 0
[ 2863.699243][T23265] pgscan_kswapd 0
[ 2863.699243][T23265] pgscan_direct 0
[ 2863.699243][T23265] pgscan_khugepaged 0
[ 2863.699243][T23265] pgsteal_kswapd 0
[ 2863.699243][T23265] pgsteal_direct 0
[ 2863.699243][T23265] pgsteal_khugepaged 0
[ 2863.699243][T23265] pgfault 386749
[ 2863.699243][T23265] pgmajfault 0
[ 2863.699243][T23265] pgrefill 0
[ 2863.699243][T23265] pgactivate 0
[ 2863.699243][T23265] pgdeactivate 0
[ 2863.699243][T23265] pglazyfree 0
[ 2863.699243][T23265] pglazyfreed 0
[ 2863.699243][T23265] zswpin 0
[ 2863.699243][T23265] zswpout 0
13:48:38 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2863.699243][T23265] thp_fault_alloc 0
[ 2863.890839][T23258] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2863.904623][T23245] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
13:48:38 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) (async)
sendmsg$netlink(r0, &(0x7f00000001c0)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfd, 0x8}, 0xc, &(0x7f0000000100)=[{&(0x7f00000006c0)={0x224, 0x3f, 0x8, 0x70bd28, 0x25dfdbfb, "", [@generic="c445f0b9f0ead55e9e5d04b4f344ebf2bd3df9568b9e568852dcc22e3cf694577390e829e6eb6b46de6c91e5befea240042e92e3897d10545db5891efd3a56a74c46698d1ceb13e4d2c195904b29450ab267496fcf04882a47c8fe533a66d5b2ee988a671f142509e4baac89686a2ac662ab35a42a558216fa9236249b788b82bb4da28488e669c8154466f6977afa", @nested={0xdb, 0x39, 0x0, 0x1, [@generic="82e3378cdffdb9a6de312b3337588fccc4425372452258ee19ddf65eac3e95d6443af7c091d4f1990d64ab5fe97adfec744dd919142e1b5c52aec54af4d01bb745ee8534cb1e8cd624fa75a9ef2ab7512478df7d2b55", @typed={0x8, 0x63, 0x0, 0x0, @fd=r3}, @generic="8a6ec8d6ceb7f093141b3989156046c4cd5b6f14c615e30a7ced560ced0ff97647d9a363f828a5b6666be3e5ba0481f83add160a1f10579cb496011a04fef17919286c609ee5a20055c8b21c80253bdc7d607c192c14a628d81f1b23d05c309a44d7bb872a5e6907595e693c106bb256eb8ac5c0fd1d602a32"]}, @generic="b4c767c674908798ea9dbdce946948f9d01df338c6f4ff7994dce7dba84ed5f2491378118e9c42e3828647d87ca604fff6c9ca1f5b31a2c0803e0928c227b05e0a24a18e49f325510ca1cf2d02a65e77dd2afe088628f3bbe35dd0f9a93ed8ddef669b9ac3932711cf1912a3c1e48c7dd050c385b17e546a505a9e1afbb382fa5d5995f4e05e1fe496c1f01ae2469e56e0cba420a9d2f3ad129f46b5311d", @typed={0x5, 0x69, 0x0, 0x0, @str='\x00'}]}, 0x224}, {&(0x7f0000000900)={0x1330, 0x36, 0x200, 0x70bd29, 0x25dfdbff, "", [@typed={0x8, 0x85, 0x0, 0x0, @pid=0xffffffffffffffff}, @generic="58d0bf4fadf1ecf33586ffc5a09d220524245c6b085aa8be642347efad2bfd026a001b88dd97195e87490cd97c2fbf0124338a0b5550a61ef4370d624972fca066300dd2d60060892c78f62994cd0392c9c2f96415c76bf0d9523f439705882f9a596560a493d7299d3c21fe972c4a4f192817efbd7473d462796e05e6f17b079fa17f74da9df948c37129b416e56a926ab6f6ce85b8f629f82f07402bee5d6ad11b05ccff4f086e7454ee0ead18cb746b1f29a45938951765e5f8defeaed44c92", @generic="326e623dffd782269eda0adc01791d9b45d35cc59e484e3934fe09da9e7fd993cf94b8b3be8bd987e3cd950a091688cb2f9f0de1279cd88bdcad31f2e9869412", @nested={0x10b0, 0x83, 0x0, 0x1, [@typed={0x9e, 0x6c, 0x0, 0x0, @binary="47f9e1447f750d7a4185fe4cc913d2743d8d7968a4402a8b4108217b57b83c74993462853a85f3a49b1fa00ad68b611d02c29f1972eadfaaef16cc7bd636abf61c835989a9906e6b898bbc282b00bd7431a7004504952e21cb482db8ba8f928dec2a62a4dbd5c6fff2bedfa1c1028d7a43083daa733f23d92942fb9f1b1350c179a297996472c78ef6f92fac9a7954cd9072d0fd2efe0af60db9"}, @generic="77ca9524b3f8324ea7146891713545296697bec45cd509fdb65a7586c71a9e03680c7bd7b5718d3974cd6f288aecb558771ea92ac61f8af884bb58f2ea29ee6daeb366418636e079c1756828fb1f8c1fbaf027c6f2b85680cedbc4dc33a6b25518535fbd91c8f52c386304f3340c5ec13a19a2b09e29624d3d6eae1ec9a2c30a77875ff04fd30615ef5adedcb5df6bb64ff97374d779ef0fbf6ac31f041d7219f5cd0c80d151d2946c48e68cca832797ea510a584f492d9071adaf1994345b653395ca4734b2c02c24354948409727aceb74746e7d5705850017f26aad16523399373f4b0dbcb11f7990720972f113b14ba61a8dc2f840ca21c0bb2811af40c0be6ac40f40c5049225a81202d4801ae3321507b7234b257c9ec13d7f812eaab9fdc9102cc943c7850456fcf4faa1b8984b2b7da48bcb56f8cbdf8365f70fa5ab816f4db16bf10de76355d65ebfea78f6db2208554f344facee2d9492cd5458213620d520a4f0662bcd60e6fb1d66151492172ae1e42fa2ff0939dc228e79e0bb86d862f1ead3286b28dbed87b198367bbd3613387833a09b1ff97066a7e57e789777954cffb3272001a9f157311380945be2f89b26578b295ef3b59b56961e6e91cb968acd5cc36f166ffa782c66a898f3acfe6f885f3d013446b0a0017d0bc0e14dfaaef471fca1a5a121c9f50e3455f53850b236ed67a135460b483f1de82f34a52fc31d3164c955dee9e729ce237168beafc9a56fe7cfdb5260cd92660d070e94bae28ce94a173b7d62fe820ea9edc13b74836bec1cf0c700f517074b63313ae3c4e217535a4df1fa8c1ddf4cdd351d516d7caf75e71ba0ffc9b2e5caf4f0c17147bc4d8282f6c156bf05c7127dbeb8f4e432f5aeed1d8643e6ad16bb697d200eefe053716817cd7862660e43d257d93003281074cbac2680ced8b09f06e52f2477996f59ac621088216b8533043969bf3d87045634f6fbc68524fee36898e7ba9f8a641c83c38c63e7e9a8b5585888337b35b430aa00ddc48dc41bef701f20529d4d428e742d5c132266806c335bb954c2d228e380bb0c69c025e76827292201b822030882d3e91cd3d6cc66b5d2813ffe7e0d4bc2d57705f77d1b843356063306e47b659c0b04249ba164b913f87b8203383a926f4b2e2ee80f15d4414225008781401d0c9681390968081bfcafd7547087db571d7c0eac239dcd1f0d9b9fe161ad41b4080dc3b3029d32ffad2706c8286a0872fe20b7ffd6403472cb7b87c921ae75bc33f2738237e14fce53b5a89eb37aacaa6934f750de5a76b3ef53c727e16e1a1e5c2e02fdde8dc32995e1073879c7cdbe059a8fa51aefbfdd553b593fdfe2786b810256e2c1a38b13f8fbb0129c83ba061b8dfd688575638870de30ea256608dc9bd2dccb4c3e5d516b2d55338b1681e3299426cc79c94bffe5cbd24ea0c18650038265fdc1f23868fc830b1b9ddf798f32e0c79fb8296dead4479e17c9ccdad1bad844717e24e4c31d260304a28e43b967d151b5c59c1e707af4467630f7a9373314ed50f8dd1d4929377b76b3be6ea7be42dd8d824986f14a315407188eb93f20735af7934c6bf090755a4fab061d2883e360238094043f06bcbcc0abb553528a3a9e1afd584fdd608db7fb4d8c9b92adfbf369993f2db3ff8d986d80cacd07f75b2f836ebda654e90ca534a391e40139fd2ecbb0c358b71957524ff4c74950b4c7f04eaae2023d9b0e303d71d590658807453d90d75ef491190a9ff2eff5231ee9055fcf94b935df4a0e331336dad488c252aaa3fddd63369b51cdccfa6f2d453a1c4837fffd4f384e8b10d6a518ba46ff48eb22bfd5a101e43daba501fbfd52be44ae8860dec5435d7b1a4d7dfc85d1979dd236991454e33d79a052e51db8e6c3e4731b450952cc3449084859da2af33f7dad75e04645734c393498b7c6f07ba85fb0634faf3bc3cc70528526da7b1597785275afd19f4797a86033266cba348708fbc4e54e1738823ebff8e647c29eb9698729132c9120858d3e7c8ea9a7292e35fdd1a25a2962d7e209f45c21eb83060852213bddb4ef89ee07e2e545ec0ffcb13068e3c306de1f207bb9fd3a48716cc6c68fdf54ceb923d751ebe792c358fc8a7d1fe0a5b2a939b8bd1a9f995f57153ae4ba4548a889a771f0a22d5437038ac03138662673443ed4ca949ab975c8d5df3637f7dc528b918d6af24e1099bd9de2098eadd3ce9db1f7da2f6008178a5027c924ece84fa37347a08056599857ae62e91093eb8082397004b6d3c9464c0c905e3d6744ee1e9e83e9cacea9deac583d3e9fae4843c87e67d6131246f8d1424717d9d03a848362e4391e60f795535a09f7775973eec54a9c4aef77dfd38b853dce98e356c80b7ef96fb6a11d7bd78b096164475d56c89bfb41fceb3568ea06bbb8465793a55bb6defb98ae9c415edefe9c9f8d2c6d2949d8990d000ec9d06f2031c56c23c9c29adfcb310d4fc4831086c41edebdb55b701e25dd877a40be4b6523bc4c93a54042a73987e7a691ba8698a8a2619a31b52fdc1582862e8e35315670f5901e3fcb978dc992deea6d3cb8248a1939357860bbceff4082b499a103da72e1eca264e8a750e9ca2483260090aff65ddd21c899b2a75ad75b2ae25aaa5806e7eef7211cd4063dff26010f816955c85d3ab77d3da9af598fe289efddf4435ffe75504927062a0dd80e1099b716f0cf77b8957de1fe7c31b71be5c92df02c3f908bae572c3febef300c30c6976ff95814a23622fd558741c890cc10bb54397f42ab8dd0a302cf94f8c3dcb11049b61f07f5935771cc0964227229b1d8d731734b702c7305d1aa0cc079ba4251d96be41713835b4c0159d8b279cfee7eec97b0d74b70de3ae8af9bb3872ea36ff44937c61776f57d234c9c95a8d32997c2d9bae47f1589bba436befbc8723d8be662be54b896fd5feb1347c6cc275cda027fb4696e07ef9b380cbae7d2460c962b80fa52879e4c9ea0646a886383da3b3a756a3ca586ab6f0ba349872b922d6c1adb916d0d623c60f09f9bd8b89bc9e460a08cbf398d420eca14a1a8a07c478cbffed10dd144edfb1ee1596de0269be9dedf14bb600739f1299ffc8710b33d7790da3dd37b0b31909c43a1c3f9537cd328cd36bf599055c1803e5110726e7868f893d92d8aee564e0ad8e3a73ebcaef357618fef427916b9550628c419077d0ce1cea8cdbe5ff2bda21c9a83a04d45c88ea704c86ddc8fda45700f7acff4a67a874efbf734a238793629ac87e9f019a92bac8f8e59bcd1ac5b1ee44a31e93208955e784710ed3ed3933e43be0a9143adab18282b778159973eb744541690aa6c60c69e922723625fba5eea4161120558fb4e3d46e62cdf8e45daec522ef53e61d4e317cbd6d73cda4b2026cfb6bac85fc38bd0218c4d2dd4eeb9317ac326d78109ebb9c6f5b2eefdddca54245c391d4a6732e0beaf362d954b08ab7df006262c99d53df2dd28a0ec98837658b2f20ee7d096c12ccb9d280597da43c7c408d4e528f02a7176d6cdfe70d9cd349a614c6cac57914f7dd4165c7817b1f1b7d773c4e427d84785c05b153687bd43aae3346e39215f347c168b31a8914da6b367e5b5c2e6bca6fe8fd9e4618739a046e0affbb30690a78504453a49ca226f649a0062604ab48522b12e9db5c0415773e3c2093909aae97383f2107e9fffbd794ce31c188f2f3baed3cd5af11769bd23040f9603109de902055d4b0f561172700481f9a2331554bddbaa02dae16f9426588d013a8ec896e06092e0100a1cef42f445aec281df89b889ac19e7357ffda11f00d901bd5427cde44e260a98b1276a69cf48cb6285675dfbd4cdfab6910f01cb4261a10312e3788998ab90e10ba2ebdf5f29c36104cf8f07fe18a433b2fb628ded3586b5b064feb9e4981312826db0e2ee0c6b7d6463936bcf353ed285911752c152a4f9e3384fbfb284b4330ecdf7e85ac54877f5db40ada628754a5446f9303a0d83f8a6153753505923b297ab0fbe49a78e8c341b95db5350132c71602b128e58c3f03af6ff396b84a3dd855a5ff0efa3d8e1d769496541952c1823a00abe1571c41c589c183ead13cb019139b2ca7e96e5ff08d28c3b7f9475bbddfb6289aeada531c16f118e880521bf2ba07e58602360b2d6d8831f34261f54c9268185a1f0c6eaac560a1220ebd02b89958e4b8b60a09f507c4a30440885f4da123a6fc2cb9709a96b943c8a19a7e609c004402c1744b8cee9bab463e4ccb6b1c25cb33f22b49483901cbddbecd1d5ad75213a0ff6203f7ba517ecb6c1626736dea7cd2c563e4b3c1499c0011b3de95075983e7e5a28e1ebc161efab4b082a8bc0c005d02b5b0aa3c07868b33d03b812194fce1663fdae691deb0452c133f1e6320d5b2bf5ff1fdbb2efab38cc67c41e29389fd772809c37c0b75a4ea20b61212f3e935e29c53716547fd497ea2679bed607ef74d75880c2572cf1230e9a04a2d71a61c6329d75a68ed6d176c85f972b419563ec0ef759b6e420402c3dc562169e8340629a2c0a9c495c762fb2c61e11427364a2ba80f5265b29d86c12023ae9ad9a9de28f713d895281a87b535e96674a17bb6964feac5d66473e3e64fb177b3018924167a60d4eaf4a4d9574eee8a5f3b7a16102a4931d3b19c9d6c32151d34e94211310b37567488a6513c059138fa0487716f8b8c4b2990f6d8efbd2cff85141db9f1f5d3ac4644af99a3b2c13cc76a01f2f948c60d932c876805771b5b375a73c039c18ad1368d6d09d66d3b55f9714fc68967364826f1ebee1769eed56367bfaf17b6c63d5877f69de02d51a2e19189858a7a0ba12560125fd0c347bc0b80741fcf7d0fe95f9ab7c4b47c132afb195630954bed2903c692a218af5d1f8575423bcb0fe3250b51d8cc4d01b4abd758f73e43a7c0473e5af9e0b5bcaeabe1c0189d567d7d8923e9ad7eb371393739b781833c78e7a10158e003cf00f3c91c9d4c5690e96c01b6ff5cf44602426b8f98879b5a2197ce5d2ce7e74b4c8b70f2679589228ec50ea284d3ab4a6efabe6619a2082b3b003f1b178ce6e98b53426c9100a43ad01613047d6998736e1db8ffd926ef2e4d82c247f19aedd67f2ded62829e042e3280ff0f6efa363522d1e2bd4afb63323db93532a548d92ffce099407644153a6e2af781c2f1fd91f60ee63ee74fa54195c582536762bb4e72d61dbef1fe8c3b4b1437b8bbeb46300c5479510871da5faa53a1c81fefd3e7f39a764bd0dc05809749a8480e8a2f6894e13fa31f62b963c4d36f2070f6b2ecf323d7afb09ee9caa729258f2ba468832d589c0c50b76602de8992fbe30bee5863cb66a8dfd3e4ad13d3508e7e604c99c883a7e272dc1d460674ca53caf220d0ac23ac53b3aea14e1acb5c64248fd303bd3dafa838b1c13121d13ac1401ba4db6e0d85980fe7daff4f13956725af322cc2f1d7e3d85796f425a5fc8778515fe834d5d0ca88fd4d599f127dc6ecdae22cc5098d28dca8be2e677464b0abfc66785a3006dc0f6c3c7e69842dbdd8f674eec135daadc7f7a390b6b95498889be1aacee5840a4ca141ab25421bc6f301167e1fbf9d87c0e4e7c50158b7643023e0cd4b678bc3c4c8ab9bda8b8a2f3519b631134983e79b97557cc6df609a33ec9189576a449762be8a602a022bd7171ee6e04ea6056939462953c6484e85a18b753bdae9642c707086d302c7d93da3b7b05a6b8eb6700f1079209a3cd717211088fbe6d8091d24be971d292b802c2c873f32955", @typed={0xc, 0x92, 0x0, 0x0, @u64=0x400000000000}]}, @typed={0x14, 0x70, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @loopback}}, @nested={0x14d, 0x91, 0x0, 0x1, [@generic="c1e75303ee87050375", @generic="ca7522aa055694224476ee16d7f9aaed4163eb845fbf4ce65cb3cf37616f9945736c5630896108e0787778ea8af454acfd0004203926bae6c2283b6d9bdc202111f4fc877e56d3", @generic="f2df79a1d61d0e7859c0d122025c5131a560058166e6659039f3e14d6bf280ae9550fbe3f680e39b311ac8a0a3bb0c1c397ce61239c218e87884d993be707f02035bc559339d25d69b65c54f767b58174780df10a70f7cb7180443a6c9e5ad03136a48ff92d879fa3e4e1ca974c14a1006a3284e59140892ddd267b288fde226bf0885bf122ef7432567d07bb8434cc997223e1355bd69862e84e55702726c8e6c841b6f8105d1732e17b5e27110e403817377e935ea3d336d6c87e91415d74eef51a8b27edf55d4385c7041917f362622a4dc1942a81e7c36c67ee24a68f96fd1e3e4767153922a4d2e890a5f85906d68b141fd4f48cfca2f"]}]}, 0x1330}], 0x2, 0x0, 0x0, 0x4041}, 0x40800) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="2c00000024000b0f00000000000000000000020047d82cd9725ececfae8fc4a51f1ef51887cfc66e9cf7ddc4d7d1c47e5dd28b325625173489440407d1943e415ec4f8a82cd3f72212e51b516d91c17ff2549e6aabcc0d3c512e3c8b2fd78d9662e918167efdadcc8c222d9e08821bdddd70a4e5c6e1c6f730019cfb2d020000001bd8892d1c0b982b0c1026ad5f0bdf9dbaea18f5aafc0a772b1a7eb5d479a3eda74fe4eafb3e79fca0edfe5934fe86a9e1a8536a7af2d27f2ab80cc5f1b0a4c60c434052fa960119a1c8bd7befaacedc6a002670e62d01d3f108f27a9abb5b08f869f35a2cab423f47b028492a1ed66cc21365d5b0e82c5e28b1de4449410f700a5c4456b599a41abd9b6982bca53251d1cc8186705fd2efe7b57f8ce247308622abe690aeecda4c552898901acb7d11cf", @ANYRES32=r2, @ANYBLOB="00000000ffffffff000000000800010071667100"], 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2863.928878][T23265] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23265,uid=0
13:48:38 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6600000000000000)

[ 2863.968245][T23265] Memory cgroup out of memory: Killed process 23265 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 2863.988483][T23262] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
13:48:38 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100001070400"/20, @ANYRES32=r2, @ANYBLOB="0000000000bd3d8c550012000900010076657468e4ea1a879bd5811e379fc6de154844cac920f68a79036940b5d0abbb0e733eea31060c84ec17ed18b6dc3822c031c3c9d2267c9ea2c20228a290f762b9046171f182"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2864.188549][T23263] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2864.214330][T23253] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
13:48:38 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xc2)

[ 2864.246520][T23268] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2864.301360][T23279] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2864.346386][T23279] CPU: 1 PID: 23279 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2864.356863][T23279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2864.366965][T23279] Call Trace:
[ 2864.370277][T23279]  <TASK>
[ 2864.373239][T23279]  dump_stack_lvl+0x136/0x150
[ 2864.377954][T23279]  dump_header+0x10a/0xd70
[ 2864.382414][T23279]  oom_kill_process+0x25d/0x600
[ 2864.387315][T23279]  out_of_memory+0x35c/0x1660
[ 2864.392054][T23279]  ? find_held_lock+0x2d/0x110
[ 2864.396877][T23279]  ? oom_killer_disable+0x2b0/0x2b0
[ 2864.402126][T23279]  ? rcu_read_unlock+0x9/0x60
[ 2864.406840][T23279]  ? find_held_lock+0x2d/0x110
[ 2864.411645][T23279]  mem_cgroup_out_of_memory+0x206/0x270
[ 2864.417243][T23279]  ? mem_cgroup_margin+0x130/0x130
[ 2864.422398][T23279]  ? lock_downgrade+0x690/0x690
[ 2864.427297][T23279]  try_charge_memcg+0xf99/0x13a0
[ 2864.432297][T23279]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2864.438331][T23279]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2864.444191][T23279]  ? lock_downgrade+0x690/0x690
[ 2864.449093][T23279]  ? lock_downgrade+0x690/0x690
[ 2864.454014][T23279]  __memcg_kmem_charge_page+0x16e/0x3c0
[ 2864.459617][T23279]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2864.465820][T23279]  copy_process+0x4f9/0x75c0
[ 2864.470453][T23279]  ? __lock_acquire+0xc17/0x5f30
[ 2864.475440][T23279]  ? pidfd_prepare+0x80/0x80
[ 2864.480085][T23279]  ? psi_memstall_leave+0x174/0x250
[ 2864.485323][T23279]  ? lock_downgrade+0x690/0x690
[ 2864.490251][T23279]  kernel_clone+0xeb/0x890
[ 2864.494710][T23279]  ? create_io_thread+0xe0/0xe0
[ 2864.499600][T23279]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2864.505889][T23279]  ? lock_downgrade+0x690/0x690
[ 2864.510817][T23279]  __do_sys_clone+0xba/0x100
[ 2864.515456][T23279]  ? kernel_clone+0x890/0x890
[ 2864.520200][T23279]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2864.526145][T23279]  do_syscall_64+0x39/0xb0
[ 2864.530699][T23279]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2864.536675][T23279] RIP: 0033:0x7f403688d591
[ 2864.541126][T23279] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2864.560768][T23279] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2864.569249][T23279] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2864.577348][T23279] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2864.585375][T23279] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2864.593595][T23279] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2864.601790][T23279] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2864.609825][T23279]  </TASK>
[ 2864.626863][T23269] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2864.641143][T23279] memory: usage 307184kB, limit 307200kB, failcnt 17984
[ 2864.651824][T23279] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2864.662357][T23279] Memory cgroup stats for /syz4:
[ 2864.662600][T23279] anon 114688
[ 2864.662600][T23279] file 8380416
[ 2864.662600][T23279] kernel 306061312
[ 2864.662600][T23279] kernel_stack 32768
[ 2864.662600][T23279] pagetables 77824
[ 2864.662600][T23279] sec_pagetables 0
[ 2864.662600][T23279] percpu 5477376
[ 2864.662600][T23279] sock 0
[ 2864.662600][T23279] vmalloc 0
[ 2864.662600][T23279] shmem 8380416
[ 2864.662600][T23279] zswap 0
[ 2864.662600][T23279] zswapped 0
[ 2864.662600][T23279] file_mapped 405504
[ 2864.662600][T23279] file_dirty 0
[ 2864.662600][T23279] file_writeback 0
[ 2864.662600][T23279] swapcached 0
[ 2864.662600][T23279] anon_thp 0
[ 2864.662600][T23279] file_thp 0
[ 2864.662600][T23279] shmem_thp 0
[ 2864.662600][T23279] inactive_anon 4096
[ 2864.662600][T23279] active_anon 8491008
[ 2864.662600][T23279] inactive_file 0
[ 2864.662600][T23279] active_file 0
[ 2864.662600][T23279] unevictable 0
[ 2864.662600][T23279] slab_reclaimable 38216
[ 2864.662600][T23279] slab_unreclaimable 300379584
[ 2864.662600][T23279] slab 300417800
[ 2864.662600][T23279] workingset_refault_anon 0
[ 2864.662600][T23279] workingset_refault_file 0
[ 2864.662600][T23279] workingset_activate_anon 0
[ 2864.662600][T23279] workingset_activate_file 0
[ 2864.662600][T23279] workingset_restore_anon 0
[ 2864.662600][T23279] workingset_restore_file 0
[ 2864.662600][T23279] workingset_nodereclaim 0
[ 2864.662600][T23279] pgscan 0
[ 2864.662600][T23279] pgsteal 0
[ 2864.662600][T23279] pgscan_kswapd 0
[ 2864.662600][T23279] pgscan_direct 0
[ 2864.662600][T23279] pgscan_khugepaged 0
[ 2864.662600][T23279] pgsteal_kswapd 0
[ 2864.662600][T23279] pgsteal_direct 0
[ 2864.662600][T23279] pgsteal_khugepaged 0
[ 2864.662600][T23279] pgfault 386784
[ 2864.662600][T23279] pgmajfault 0
[ 2864.662600][T23279] pgrefill 0
[ 2864.662600][T23279] pgactivate 0
[ 2864.662600][T23279] pgdeactivate 0
[ 2864.662600][T23279] pglazyfree 0
[ 2864.662600][T23279] pglazyfreed 0
[ 2864.662600][T23279] zswpin 0
[ 2864.662600][T23279] zswpout 0
[ 2864.662600][T23279] thp_fault_alloc 0
13:48:39 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:39 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32, @ANYBLOB="000000007731516f0552000000002800120009000100766574688fa50ba622e216d94e5d72a7408b3af99456d73761f3d534df6732"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2864.860612][T23270] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2864.883006][T23276] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
13:48:39 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

13:48:39 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6601000000000000)

[ 2865.192909][T23279] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23279,uid=0
[ 2865.277459][T23279] Memory cgroup out of memory: Killed process 23279 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:39 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'rose0\x00'})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r1)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:39 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32, @ANYBLOB="000000007731516f0552000000002800120009000100766574688fa50ba622e216d94e5d72a7408b3af99456d73761f3d534df6732"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:39 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xc3)

13:48:39 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2865.568840][T23301] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2865.592644][T23301] CPU: 1 PID: 23301 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2865.603144][T23301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2865.613238][T23301] Call Trace:
[ 2865.616538][T23301]  <TASK>
[ 2865.619490][T23301]  dump_stack_lvl+0x136/0x150
[ 2865.624262][T23301]  dump_header+0x10a/0xd70
[ 2865.628732][T23301]  oom_kill_process+0x25d/0x600
[ 2865.633624][T23301]  out_of_memory+0x35c/0x1660
[ 2865.638348][T23301]  ? find_held_lock+0x2d/0x110
[ 2865.643153][T23301]  ? oom_killer_disable+0x2b0/0x2b0
[ 2865.648474][T23301]  ? rcu_read_unlock+0x9/0x60
[ 2865.653194][T23301]  ? find_held_lock+0x2d/0x110
[ 2865.658002][T23301]  mem_cgroup_out_of_memory+0x206/0x270
[ 2865.663675][T23301]  ? mem_cgroup_margin+0x130/0x130
[ 2865.668886][T23301]  ? lock_downgrade+0x690/0x690
[ 2865.673805][T23301]  try_charge_memcg+0xf99/0x13a0
[ 2865.678890][T23301]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2865.684928][T23301]  ? rcu_read_unlock+0x9/0x60
[ 2865.689643][T23301]  ? lock_downgrade+0x690/0x690
[ 2865.694652][T23301]  charge_memcg+0x90/0x3b0
[ 2865.699137][T23301]  __mem_cgroup_charge+0x2b/0x90
[ 2865.704195][T23301]  ? copy_mc_to_kernel+0x3e/0x90
[ 2865.709194][T23301]  do_wp_page+0x8ea/0x33c0
[ 2865.713657][T23301]  ? lock_sync+0x190/0x190
[ 2865.718320][T23301]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2865.723734][T23301]  ? do_raw_spin_lock+0x124/0x2b0
[ 2865.728817][T23301]  ? spin_bug+0x1c0/0x1c0
[ 2865.733293][T23301]  __handle_mm_fault+0x1635/0x41c0
[ 2865.738451][T23301]  ? vm_iomap_memory+0x190/0x190
[ 2865.743425][T23301]  ? mas_walk+0x58f/0x730
[ 2865.747892][T23301]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2865.753034][T23301]  handle_mm_fault+0x2af/0x9f0
[ 2865.757835][T23301]  do_user_addr_fault+0x2ca/0x1210
[ 2865.763002][T23301]  ? rcu_is_watching+0x12/0xb0
[ 2865.767813][T23301]  exc_page_fault+0x98/0x170
[ 2865.772436][T23301]  asm_exc_page_fault+0x26/0x30
[ 2865.777322][T23301] RIP: 0033:0x7f4036836f7e
[ 2865.781761][T23301] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2865.801392][T23301] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2865.807653][T23301] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2865.815675][T23301] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2865.823759][T23301] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2865.831758][T23301] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2865.839759][T23301] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2865.847862][T23301]  </TASK>
13:48:40 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6700000000000000)

13:48:40 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32, @ANYBLOB="000000007731516f0552000000002800120009000100766574688fa50ba622e216d94e5d72a7408b3af99456d73761f3d534df6732"], 0x48}}, 0x0) (async, rerun: 64)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async, rerun: 64)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:40 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xc4)

13:48:40 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:40 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

13:48:40 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:40 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6701000000000000)

[ 2866.365490][T23301] memory: usage 307184kB, limit 307200kB, failcnt 18071
[ 2866.374944][T23301] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2866.386113][T23301] Memory cgroup stats for /syz4:
[ 2866.386376][T23301] anon 114688
[ 2866.386376][T23301] file 8380416
[ 2866.386376][T23301] kernel 306061312
[ 2866.386376][T23301] kernel_stack 65536
[ 2866.386376][T23301] pagetables 77824
[ 2866.386376][T23301] sec_pagetables 0
[ 2866.386376][T23301] percpu 5477312
[ 2866.386376][T23301] sock 0
[ 2866.386376][T23301] vmalloc 0
[ 2866.386376][T23301] shmem 8380416
[ 2866.386376][T23301] zswap 0
[ 2866.386376][T23301] zswapped 0
[ 2866.386376][T23301] file_mapped 405504
[ 2866.386376][T23301] file_dirty 0
[ 2866.386376][T23301] file_writeback 0
[ 2866.386376][T23301] swapcached 0
[ 2866.386376][T23301] anon_thp 0
[ 2866.386376][T23301] file_thp 0
[ 2866.386376][T23301] shmem_thp 0
[ 2866.386376][T23301] inactive_anon 4096
[ 2866.386376][T23301] active_anon 8491008
[ 2866.386376][T23301] inactive_file 0
[ 2866.386376][T23301] active_file 0
[ 2866.386376][T23301] unevictable 0
[ 2866.386376][T23301] slab_reclaimable 38216
[ 2866.386376][T23301] slab_unreclaimable 300367768
[ 2866.386376][T23301] slab 300405984
[ 2866.386376][T23301] workingset_refault_anon 0
[ 2866.386376][T23301] workingset_refault_file 0
[ 2866.386376][T23301] workingset_activate_anon 0
[ 2866.386376][T23301] workingset_activate_file 0
[ 2866.386376][T23301] workingset_restore_anon 0
[ 2866.386376][T23301] workingset_restore_file 0
[ 2866.386376][T23301] workingset_nodereclaim 0
[ 2866.386376][T23301] pgscan 0
[ 2866.386376][T23301] pgsteal 0
[ 2866.386376][T23301] pgscan_kswapd 0
[ 2866.386376][T23301] pgscan_direct 0
[ 2866.386376][T23301] pgscan_khugepaged 0
[ 2866.386376][T23301] pgsteal_kswapd 0
[ 2866.386376][T23301] pgsteal_direct 0
[ 2866.386376][T23301] pgsteal_khugepaged 0
[ 2866.386376][T23301] pgfault 386822
[ 2866.386376][T23301] pgmajfault 0
[ 2866.386376][T23301] pgrefill 0
[ 2866.386376][T23301] pgactivate 0
[ 2866.386376][T23301] pgdeactivate 0
[ 2866.386376][T23301] pglazyfree 0
[ 2866.386376][T23301] pglazyfreed 0
[ 2866.386376][T23301] zswpin 0
[ 2866.386376][T23301] zswpout 0
[ 2866.386376][T23301] thp_fault_alloc 0
13:48:41 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'rose0\x00'})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r1) (async, rerun: 32)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) (rerun: 32)

[ 2866.641977][T23301] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23301,uid=0
[ 2866.664606][T23301] Memory cgroup out of memory: Killed process 23301 (syz-executor.4) total-vm:54548kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:41 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xc5)

[ 2866.868463][T23347] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2866.892600][T23347] CPU: 0 PID: 23347 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2866.903088][T23347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2866.913205][T23347] Call Trace:
[ 2866.916510][T23347]  <TASK>
[ 2866.919474][T23347]  dump_stack_lvl+0x136/0x150
[ 2866.924199][T23347]  dump_header+0x10a/0xd70
[ 2866.928680][T23347]  oom_kill_process+0x25d/0x600
[ 2866.933598][T23347]  out_of_memory+0x35c/0x1660
[ 2866.938395][T23347]  ? find_held_lock+0x2d/0x110
[ 2866.943178][T23347]  ? oom_killer_disable+0x2b0/0x2b0
[ 2866.948396][T23347]  ? rcu_read_unlock+0x9/0x60
[ 2866.953084][T23347]  ? find_held_lock+0x2d/0x110
[ 2866.957870][T23347]  mem_cgroup_out_of_memory+0x206/0x270
[ 2866.963432][T23347]  ? mem_cgroup_margin+0x130/0x130
[ 2866.968558][T23347]  ? lock_downgrade+0x690/0x690
[ 2866.973442][T23347]  try_charge_memcg+0xf99/0x13a0
[ 2866.978411][T23347]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2866.984439][T23347]  ? rcu_read_unlock+0x9/0x60
[ 2866.989164][T23347]  ? lock_downgrade+0x690/0x690
[ 2866.994065][T23347]  charge_memcg+0x90/0x3b0
[ 2866.998513][T23347]  __mem_cgroup_charge+0x2b/0x90
[ 2867.003477][T23347]  ? copy_mc_to_kernel+0x3e/0x90
[ 2867.008452][T23347]  do_wp_page+0x8ea/0x33c0
[ 2867.012901][T23347]  ? lock_sync+0x190/0x190
[ 2867.017365][T23347]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2867.022834][T23347]  ? do_raw_spin_lock+0x124/0x2b0
[ 2867.027962][T23347]  ? spin_bug+0x1c0/0x1c0
[ 2867.032319][T23347]  __handle_mm_fault+0x1635/0x41c0
[ 2867.037481][T23347]  ? vm_iomap_memory+0x190/0x190
[ 2867.042428][T23347]  ? mas_walk+0x58f/0x730
[ 2867.046884][T23347]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2867.052020][T23347]  handle_mm_fault+0x2af/0x9f0
[ 2867.056820][T23347]  do_user_addr_fault+0x2ca/0x1210
[ 2867.061989][T23347]  ? rcu_is_watching+0x12/0xb0
[ 2867.066791][T23347]  exc_page_fault+0x98/0x170
[ 2867.071399][T23347]  asm_exc_page_fault+0x26/0x30
[ 2867.076272][T23347] RIP: 0033:0x7f4036836f7e
[ 2867.080693][T23347] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2867.100308][T23347] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2867.106381][T23347] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2867.114532][T23347] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2867.122599][T23347] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2867.130598][T23347] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2867.138574][T23347] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2867.146571][T23347]  </TASK>
[ 2867.159182][T23347] memory: usage 307200kB, limit 307200kB, failcnt 18140
[ 2867.172175][T23347] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2867.185012][T23347] Memory cgroup stats for /syz4:
[ 2867.185258][T23347] anon 114688
[ 2867.185258][T23347] file 8380416
[ 2867.185258][T23347] kernel 306077696
[ 2867.185258][T23347] kernel_stack 65536
[ 2867.185258][T23347] pagetables 77824
[ 2867.185258][T23347] sec_pagetables 0
[ 2867.185258][T23347] percpu 5477376
[ 2867.185258][T23347] sock 0
[ 2867.185258][T23347] vmalloc 0
[ 2867.185258][T23347] shmem 8380416
[ 2867.185258][T23347] zswap 0
[ 2867.185258][T23347] zswapped 0
[ 2867.185258][T23347] file_mapped 405504
[ 2867.185258][T23347] file_dirty 0
[ 2867.185258][T23347] file_writeback 0
[ 2867.185258][T23347] swapcached 0
[ 2867.185258][T23347] anon_thp 0
[ 2867.185258][T23347] file_thp 0
[ 2867.185258][T23347] shmem_thp 0
[ 2867.185258][T23347] inactive_anon 4096
[ 2867.185258][T23347] active_anon 8491008
[ 2867.185258][T23347] inactive_file 0
[ 2867.185258][T23347] active_file 0
[ 2867.185258][T23347] unevictable 0
[ 2867.185258][T23347] slab_reclaimable 38216
[ 2867.185258][T23347] slab_unreclaimable 300379744
[ 2867.185258][T23347] slab 300417960
[ 2867.185258][T23347] workingset_refault_anon 0
[ 2867.185258][T23347] workingset_refault_file 0
[ 2867.185258][T23347] workingset_activate_anon 0
[ 2867.185258][T23347] workingset_activate_file 0
[ 2867.185258][T23347] workingset_restore_anon 0
[ 2867.185258][T23347] workingset_restore_file 0
[ 2867.185258][T23347] workingset_nodereclaim 0
[ 2867.185258][T23347] pgscan 0
[ 2867.185258][T23347] pgsteal 0
[ 2867.185258][T23347] pgscan_kswapd 0
[ 2867.185258][T23347] pgscan_direct 0
[ 2867.185258][T23347] pgscan_khugepaged 0
[ 2867.185258][T23347] pgsteal_kswapd 0
[ 2867.185258][T23347] pgsteal_direct 0
[ 2867.185258][T23347] pgsteal_khugepaged 0
[ 2867.185258][T23347] pgfault 386861
[ 2867.185258][T23347] pgmajfault 0
[ 2867.185258][T23347] pgrefill 0
[ 2867.185258][T23347] pgactivate 0
[ 2867.185258][T23347] pgdeactivate 0
[ 2867.185258][T23347] pglazyfree 0
[ 2867.185258][T23347] pglazyfreed 0
[ 2867.185258][T23347] zswpin 0
[ 2867.185258][T23347] zswpout 0
[ 2867.185258][T23347] thp_fault_alloc 0
13:48:41 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'rose0\x00'}) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0) (async)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r1)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2867.379492][T23347] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23347,uid=0
[ 2867.399647][T23347] Memory cgroup out of memory: Killed process 23347 (syz-executor.4) total-vm:50708kB, anon-rss:496kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:41 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:42 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2867.679160][T23353] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2867.705385][T23353] CPU: 1 PID: 23353 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2867.715872][T23353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2867.725957][T23353] Call Trace:
[ 2867.729253][T23353]  <TASK>
[ 2867.732203][T23353]  dump_stack_lvl+0x136/0x150
[ 2867.736915][T23353]  dump_header+0x10a/0xd70
[ 2867.741370][T23353]  oom_kill_process+0x25d/0x600
[ 2867.746256][T23353]  out_of_memory+0x35c/0x1660
[ 2867.750984][T23353]  ? find_held_lock+0x2d/0x110
[ 2867.755797][T23353]  ? oom_killer_disable+0x2b0/0x2b0
[ 2867.761035][T23353]  ? rcu_read_unlock+0x9/0x60
[ 2867.765750][T23353]  ? find_held_lock+0x2d/0x110
[ 2867.770574][T23353]  mem_cgroup_out_of_memory+0x206/0x270
[ 2867.776171][T23353]  ? mem_cgroup_margin+0x130/0x130
[ 2867.781323][T23353]  ? lock_downgrade+0x690/0x690
[ 2867.786230][T23353]  try_charge_memcg+0xf99/0x13a0
[ 2867.791230][T23353]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2867.797284][T23353]  ? rcu_read_unlock+0x9/0x60
[ 2867.802001][T23353]  ? lock_downgrade+0x690/0x690
[ 2867.806917][T23353]  charge_memcg+0x90/0x3b0
[ 2867.811392][T23353]  __mem_cgroup_charge+0x2b/0x90
[ 2867.816350][T23353]  ? copy_mc_to_kernel+0x3e/0x90
[ 2867.821314][T23353]  do_wp_page+0x8ea/0x33c0
[ 2867.825761][T23353]  ? lock_sync+0x190/0x190
[ 2867.830304][T23353]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2867.835719][T23353]  ? do_raw_spin_lock+0x124/0x2b0
[ 2867.840797][T23353]  ? spin_bug+0x1c0/0x1c0
[ 2867.845204][T23353]  __handle_mm_fault+0x1635/0x41c0
[ 2867.850368][T23353]  ? vm_iomap_memory+0x190/0x190
[ 2867.855332][T23353]  ? mas_walk+0x58f/0x730
[ 2867.859725][T23353]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2867.864882][T23353]  handle_mm_fault+0x2af/0x9f0
[ 2867.869678][T23353]  do_user_addr_fault+0x2ca/0x1210
[ 2867.874833][T23353]  ? rcu_is_watching+0x12/0xb0
[ 2867.879663][T23353]  exc_page_fault+0x98/0x170
[ 2867.884319][T23353]  asm_exc_page_fault+0x26/0x30
[ 2867.889227][T23353] RIP: 0033:0x7f4036836f7e
[ 2867.893659][T23353] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2867.913387][T23353] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2867.919492][T23353] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000001
[ 2867.927497][T23353] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2867.935501][T23353] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2867.943499][T23353] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2867.951506][T23353] R13: 00007f4036400080 R14: 00007f40369abf80 R15: 0000000000000000
[ 2867.959536][T23353]  </TASK>
13:48:42 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xc6)

13:48:42 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

[ 2867.996506][T23353] memory: usage 307200kB, limit 307200kB, failcnt 18203
[ 2868.005632][T23353] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
13:48:42 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6800000000000000)

13:48:42 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2868.357547][T23353] Memory cgroup stats for /syz4:
[ 2868.357778][T23353] anon 114688
[ 2868.357778][T23353] file 8380416
[ 2868.357778][T23353] kernel 306077696
[ 2868.357778][T23353] kernel_stack 65536
[ 2868.357778][T23353] pagetables 77824
[ 2868.357778][T23353] sec_pagetables 0
[ 2868.357778][T23353] percpu 5477376
[ 2868.357778][T23353] sock 0
[ 2868.357778][T23353] vmalloc 0
[ 2868.357778][T23353] shmem 8380416
[ 2868.357778][T23353] zswap 0
[ 2868.357778][T23353] zswapped 0
[ 2868.357778][T23353] file_mapped 405504
[ 2868.357778][T23353] file_dirty 0
[ 2868.357778][T23353] file_writeback 0
[ 2868.357778][T23353] swapcached 0
[ 2868.357778][T23353] anon_thp 0
[ 2868.357778][T23353] file_thp 0
[ 2868.357778][T23353] shmem_thp 0
[ 2868.357778][T23353] inactive_anon 4096
[ 2868.357778][T23353] active_anon 8491008
[ 2868.357778][T23353] inactive_file 0
[ 2868.357778][T23353] active_file 0
[ 2868.357778][T23353] unevictable 0
[ 2868.357778][T23353] slab_reclaimable 38216
[ 2868.357778][T23353] slab_unreclaimable 300379744
[ 2868.357778][T23353] slab 300417960
[ 2868.357778][T23353] workingset_refault_anon 0
[ 2868.357778][T23353] workingset_refault_file 0
[ 2868.357778][T23353] workingset_activate_anon 0
[ 2868.357778][T23353] workingset_activate_file 0
[ 2868.357778][T23353] workingset_restore_anon 0
[ 2868.357778][T23353] workingset_restore_file 0
[ 2868.357778][T23353] workingset_nodereclaim 0
[ 2868.357778][T23353] pgscan 0
[ 2868.357778][T23353] pgsteal 0
[ 2868.357778][T23353] pgscan_kswapd 0
[ 2868.357778][T23353] pgscan_direct 0
[ 2868.357778][T23353] pgscan_khugepaged 0
[ 2868.357778][T23353] pgsteal_kswapd 0
[ 2868.357778][T23353] pgsteal_direct 0
[ 2868.357778][T23353] pgsteal_khugepaged 0
[ 2868.357778][T23353] pgfault 386897
[ 2868.357778][T23353] pgmajfault 0
[ 2868.357778][T23353] pgrefill 0
[ 2868.357778][T23353] pgactivate 0
[ 2868.357778][T23353] pgdeactivate 0
[ 2868.357778][T23353] pglazyfree 0
[ 2868.357778][T23353] pglazyfreed 0
[ 2868.357778][T23353] zswpin 0
[ 2868.357778][T23353] zswpout 0
[ 2868.357778][T23353] thp_fault_alloc 0
13:48:42 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

[ 2868.699160][T23362] __nla_validate_parse: 40 callbacks suppressed
[ 2868.699178][T23362] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2868.736188][T23373] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
13:48:43 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2868.751389][T23376] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2868.761985][T23353] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23353,uid=0
[ 2868.791306][T23353] Memory cgroup out of memory: Killed process 23353 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:43 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r3 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x0, 0x4004080)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = accept(r1, &(0x7f0000000240)=@ieee802154={0x24, @short}, &(0x7f0000000100)=0x80)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f0000000380)={'syztnl1\x00', <r6=>r2, 0x20, 0x20, 0x6, 0x9, {{0x27, 0x4, 0x2, 0x1, 0x9c, 0x68, 0x0, 0x0, 0x2f, 0x0, @remote, @multicast2, {[@noop, @generic={0x44, 0xf, "c1b9131947f7ae4bfa7a8536a6"}, @timestamp_addr={0x44, 0x34, 0x2b, 0x1, 0x9, [{@multicast2, 0x588b}, {@remote, 0x93e0}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x7}, {@loopback, 0xf7bd}, {@empty, 0x1000}, {@empty, 0x7}]}, @ssrr={0x89, 0x17, 0x69, [@private=0xa010102, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0xa}]}, @timestamp_addr={0x44, 0x1c, 0xe, 0x1, 0xf, [{@dev={0xac, 0x14, 0x14, 0xf}, 0x7}, {@local, 0xf8}, {@private=0xa010100, 0xaefd}]}, @timestamp={0x44, 0x10, 0x81, 0x0, 0xd, [0x122, 0x9, 0xeb]}]}}}}})
setsockopt$MRT_ADD_VIF(r5, 0x0, 0xca, &(0x7f0000000500)={0x1, 0x0, 0x81, 0x45e, @vifc_lcl_ifindex=r6, @broadcast}, 0x10)

13:48:43 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2868.909838][T23380] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2869.036821][T23388] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2869.049038][T23388] CPU: 0 PID: 23388 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2869.059535][T23388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2869.069633][T23388] Call Trace:
[ 2869.072928][T23388]  <TASK>
[ 2869.075877][T23388]  dump_stack_lvl+0x136/0x150
[ 2869.080602][T23388]  dump_header+0x10a/0xd70
[ 2869.085068][T23388]  oom_kill_process+0x25d/0x600
[ 2869.089954][T23388]  out_of_memory+0x35c/0x1660
[ 2869.094668][T23388]  ? find_held_lock+0x2d/0x110
[ 2869.099469][T23388]  ? oom_killer_disable+0x2b0/0x2b0
[ 2869.104703][T23388]  ? rcu_read_unlock+0x9/0x60
[ 2869.109417][T23388]  ? find_held_lock+0x2d/0x110
[ 2869.114224][T23388]  mem_cgroup_out_of_memory+0x206/0x270
[ 2869.119818][T23388]  ? mem_cgroup_margin+0x130/0x130
[ 2869.124978][T23388]  ? lock_downgrade+0x690/0x690
[ 2869.129897][T23388]  try_charge_memcg+0xf99/0x13a0
[ 2869.134887][T23388]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2869.140922][T23388]  ? rcu_read_unlock+0x9/0x60
[ 2869.145651][T23388]  ? lock_downgrade+0x690/0x690
[ 2869.150580][T23388]  charge_memcg+0x90/0x3b0
[ 2869.155076][T23388]  __mem_cgroup_charge+0x2b/0x90
[ 2869.160141][T23388]  ? copy_mc_to_kernel+0x3e/0x90
[ 2869.165133][T23388]  do_wp_page+0x8ea/0x33c0
[ 2869.169680][T23388]  ? lock_sync+0x190/0x190
[ 2869.174138][T23388]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2869.179548][T23388]  ? do_raw_spin_lock+0x124/0x2b0
[ 2869.184624][T23388]  ? spin_bug+0x1c0/0x1c0
[ 2869.189018][T23388]  __handle_mm_fault+0x1635/0x41c0
[ 2869.194176][T23388]  ? vm_iomap_memory+0x190/0x190
[ 2869.199145][T23388]  ? mas_walk+0x58f/0x730
[ 2869.203554][T23388]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2869.208705][T23388]  handle_mm_fault+0x2af/0x9f0
[ 2869.213520][T23388]  do_user_addr_fault+0x2ca/0x1210
[ 2869.218676][T23388]  ? rcu_is_watching+0x12/0xb0
[ 2869.223486][T23388]  exc_page_fault+0x98/0x170
[ 2869.228229][T23388]  asm_exc_page_fault+0x26/0x30
[ 2869.233156][T23388] RIP: 0033:0x7f4036836f7e
[ 2869.237604][T23388] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2869.257434][T23388] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2869.263535][T23388] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2869.271537][T23388] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2869.279535][T23388] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2869.287531][T23388] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2869.295522][T23388] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2869.303552][T23388]  </TASK>
[ 2869.311896][T23388] memory: usage 307200kB, limit 307200kB, failcnt 18271
[ 2869.319240][T23388] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2869.326323][T23388] Memory cgroup stats for /syz4:
[ 2869.326558][T23388] anon 114688
[ 2869.326558][T23388] file 8380416
[ 2869.326558][T23388] kernel 306077696
[ 2869.326558][T23388] kernel_stack 65536
[ 2869.326558][T23388] pagetables 77824
[ 2869.326558][T23388] sec_pagetables 0
[ 2869.326558][T23388] percpu 5477376
[ 2869.326558][T23388] sock 0
[ 2869.326558][T23388] vmalloc 0
[ 2869.326558][T23388] shmem 8380416
[ 2869.326558][T23388] zswap 0
[ 2869.326558][T23388] zswapped 0
[ 2869.326558][T23388] file_mapped 405504
[ 2869.326558][T23388] file_dirty 0
[ 2869.326558][T23388] file_writeback 0
[ 2869.326558][T23388] swapcached 0
[ 2869.326558][T23388] anon_thp 0
[ 2869.326558][T23388] file_thp 0
[ 2869.326558][T23388] shmem_thp 0
[ 2869.326558][T23388] inactive_anon 4096
[ 2869.326558][T23388] active_anon 8491008
[ 2869.326558][T23388] inactive_file 0
[ 2869.326558][T23388] active_file 0
[ 2869.326558][T23388] unevictable 0
[ 2869.326558][T23388] slab_reclaimable 38216
[ 2869.326558][T23388] slab_unreclaimable 300379744
[ 2869.326558][T23388] slab 300417960
[ 2869.326558][T23388] workingset_refault_anon 0
[ 2869.326558][T23388] workingset_refault_file 0
[ 2869.326558][T23388] workingset_activate_anon 0
[ 2869.326558][T23388] workingset_activate_file 0
[ 2869.326558][T23388] workingset_restore_anon 0
[ 2869.326558][T23388] workingset_restore_file 0
[ 2869.326558][T23388] workingset_nodereclaim 0
[ 2869.326558][T23388] pgscan 0
[ 2869.326558][T23388] pgsteal 0
[ 2869.326558][T23388] pgscan_kswapd 0
[ 2869.326558][T23388] pgscan_direct 0
[ 2869.326558][T23388] pgscan_khugepaged 0
[ 2869.326558][T23388] pgsteal_kswapd 0
[ 2869.326558][T23388] pgsteal_direct 0
[ 2869.326558][T23388] pgsteal_khugepaged 0
[ 2869.326558][T23388] pgfault 386936
[ 2869.326558][T23388] pgmajfault 0
[ 2869.326558][T23388] pgrefill 0
[ 2869.326558][T23388] pgactivate 0
[ 2869.326558][T23388] pgdeactivate 0
[ 2869.326558][T23388] pglazyfree 0
[ 2869.326558][T23388] pglazyfreed 0
[ 2869.326558][T23388] zswpin 0
[ 2869.326558][T23388] zswpout 0
[ 2869.326558][T23388] thp_fault_alloc 0
13:48:43 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xc7)

[ 2869.539226][T23370] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2869.565118][T23381] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2869.611369][T23372] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2869.643095][T23375] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
13:48:44 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

13:48:44 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6801000000000000)

[ 2869.661085][T23384] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2869.737782][T23390] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2869.772170][T23388] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23388,uid=0
13:48:44 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
r3 = memfd_secret(0x0)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r1, {0x2}}, './file0\x00'})
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
r7 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
sendmsg$DEVLINK_CMD_RELOAD(r3, &(0x7f00000003c0)={&(0x7f0000000080), 0xc, &(0x7f0000000380)={&(0x7f0000000500)={0x120, r4, 0x400, 0x70bd25, 0x25dfdbfd, {}, [{@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r7}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_ID={0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x3}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r6}}]}, 0x120}, 0x1, 0x0, 0x0, 0x80}, 0x5)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="00000000000000000554543610ae1a9a6e5bda1d070000000b000100666caae7d2b001e49faf8941a880516f77657200000c0002"], 0x3c}}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r8, &(0x7f00000002c0), 0x4000000000000d2, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r9, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2869.799848][T23388] Memory cgroup out of memory: Killed process 23388 (syz-executor.4) total-vm:54548kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:44 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
r3 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x0, 0x4004080)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r5 = accept(r1, &(0x7f0000000240)=@ieee802154={0x24, @short}, &(0x7f0000000100)=0x80) (async)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f0000000380)={'syztnl1\x00', <r6=>r2, 0x20, 0x20, 0x6, 0x9, {{0x27, 0x4, 0x2, 0x1, 0x9c, 0x68, 0x0, 0x0, 0x2f, 0x0, @remote, @multicast2, {[@noop, @generic={0x44, 0xf, "c1b9131947f7ae4bfa7a8536a6"}, @timestamp_addr={0x44, 0x34, 0x2b, 0x1, 0x9, [{@multicast2, 0x588b}, {@remote, 0x93e0}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x7}, {@loopback, 0xf7bd}, {@empty, 0x1000}, {@empty, 0x7}]}, @ssrr={0x89, 0x17, 0x69, [@private=0xa010102, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0xa}]}, @timestamp_addr={0x44, 0x1c, 0xe, 0x1, 0xf, [{@dev={0xac, 0x14, 0x14, 0xf}, 0x7}, {@local, 0xf8}, {@private=0xa010100, 0xaefd}]}, @timestamp={0x44, 0x10, 0x81, 0x0, 0xd, [0x122, 0x9, 0xeb]}]}}}}})
setsockopt$MRT_ADD_VIF(r5, 0x0, 0xca, &(0x7f0000000500)={0x1, 0x0, 0x81, 0x45e, @vifc_lcl_ifindex=r6, @broadcast}, 0x10)

13:48:44 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2870.094346][T23406] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2870.143151][T23406] CPU: 1 PID: 23406 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2870.153637][T23406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2870.163722][T23406] Call Trace:
[ 2870.167031][T23406]  <TASK>
[ 2870.169988][T23406]  dump_stack_lvl+0x136/0x150
[ 2870.174701][T23406]  dump_header+0x10a/0xd70
[ 2870.179149][T23406]  oom_kill_process+0x25d/0x600
[ 2870.184037][T23406]  out_of_memory+0x35c/0x1660
[ 2870.188755][T23406]  ? find_held_lock+0x2d/0x110
13:48:44 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xc8)

[ 2870.193560][T23406]  ? oom_killer_disable+0x2b0/0x2b0
[ 2870.198799][T23406]  ? rcu_read_unlock+0x9/0x60
[ 2870.203522][T23406]  ? find_held_lock+0x2d/0x110
[ 2870.208335][T23406]  mem_cgroup_out_of_memory+0x206/0x270
[ 2870.213927][T23406]  ? mem_cgroup_margin+0x130/0x130
[ 2870.219147][T23406]  ? lock_downgrade+0x690/0x690
[ 2870.224072][T23406]  try_charge_memcg+0xf99/0x13a0
[ 2870.229083][T23406]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2870.235134][T23406]  ? rcu_read_unlock+0x9/0x60
[ 2870.239855][T23406]  ? lock_downgrade+0x690/0x690
[ 2870.244763][T23406]  charge_memcg+0x90/0x3b0
[ 2870.249225][T23406]  __mem_cgroup_charge+0x2b/0x90
[ 2870.254198][T23406]  ? copy_mc_to_kernel+0x3e/0x90
[ 2870.259190][T23406]  do_wp_page+0x8ea/0x33c0
[ 2870.263653][T23406]  ? lock_sync+0x190/0x190
[ 2870.268121][T23406]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2870.273539][T23406]  ? do_raw_spin_lock+0x124/0x2b0
[ 2870.278702][T23406]  ? spin_bug+0x1c0/0x1c0
[ 2870.283085][T23406]  __handle_mm_fault+0x1635/0x41c0
[ 2870.288248][T23406]  ? vm_iomap_memory+0x190/0x190
[ 2870.293220][T23406]  ? mas_walk+0x58f/0x730
[ 2870.297599][T23406]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2870.302752][T23406]  handle_mm_fault+0x2af/0x9f0
[ 2870.307570][T23406]  do_user_addr_fault+0x2ca/0x1210
[ 2870.312730][T23406]  ? rcu_is_watching+0x12/0xb0
[ 2870.317544][T23406]  exc_page_fault+0x98/0x170
[ 2870.322171][T23406]  asm_exc_page_fault+0x26/0x30
[ 2870.327063][T23406] RIP: 0033:0x7f4036836f7e
[ 2870.331501][T23406] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2870.351146][T23406] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2870.357251][T23406] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2870.365511][T23406] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2870.373508][T23406] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2870.381527][T23406] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2870.389529][T23406] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2870.397548][T23406]  </TASK>
[ 2870.455748][T23406] memory: usage 307200kB, limit 307200kB, failcnt 18354
[ 2870.481552][T23406] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2870.511227][T23406] Memory cgroup stats for /syz4:
[ 2870.511470][T23406] anon 114688
[ 2870.511470][T23406] file 8380416
[ 2870.511470][T23406] kernel 306077696
[ 2870.511470][T23406] kernel_stack 65536
[ 2870.511470][T23406] pagetables 77824
[ 2870.511470][T23406] sec_pagetables 0
[ 2870.511470][T23406] percpu 5477376
[ 2870.511470][T23406] sock 0
[ 2870.511470][T23406] vmalloc 0
[ 2870.511470][T23406] shmem 8380416
[ 2870.511470][T23406] zswap 0
[ 2870.511470][T23406] zswapped 0
[ 2870.511470][T23406] file_mapped 405504
[ 2870.511470][T23406] file_dirty 0
[ 2870.511470][T23406] file_writeback 0
[ 2870.511470][T23406] swapcached 0
[ 2870.511470][T23406] anon_thp 0
[ 2870.511470][T23406] file_thp 0
[ 2870.511470][T23406] shmem_thp 0
[ 2870.511470][T23406] inactive_anon 4096
[ 2870.511470][T23406] active_anon 8491008
[ 2870.511470][T23406] inactive_file 0
[ 2870.511470][T23406] active_file 0
[ 2870.511470][T23406] unevictable 0
[ 2870.511470][T23406] slab_reclaimable 38216
[ 2870.511470][T23406] slab_unreclaimable 300379744
[ 2870.511470][T23406] slab 300417960
[ 2870.511470][T23406] workingset_refault_anon 0
[ 2870.511470][T23406] workingset_refault_file 0
[ 2870.511470][T23406] workingset_activate_anon 0
[ 2870.511470][T23406] workingset_activate_file 0
[ 2870.511470][T23406] workingset_restore_anon 0
[ 2870.511470][T23406] workingset_restore_file 0
[ 2870.511470][T23406] workingset_nodereclaim 0
[ 2870.511470][T23406] pgscan 0
[ 2870.511470][T23406] pgsteal 0
[ 2870.511470][T23406] pgscan_kswapd 0
[ 2870.511470][T23406] pgscan_direct 0
[ 2870.511470][T23406] pgscan_khugepaged 0
[ 2870.511470][T23406] pgsteal_kswapd 0
[ 2870.511470][T23406] pgsteal_direct 0
[ 2870.511470][T23406] pgsteal_khugepaged 0
[ 2870.511470][T23406] pgfault 386972
[ 2870.511470][T23406] pgmajfault 0
[ 2870.511470][T23406] pgrefill 0
[ 2870.511470][T23406] pgactivate 0
[ 2870.511470][T23406] pgdeactivate 0
[ 2870.511470][T23406] pglazyfree 0
[ 2870.511470][T23406] pglazyfreed 0
[ 2870.511470][T23406] zswpin 0
[ 2870.511470][T23406] zswpout 0
[ 2870.511470][T23406] thp_fault_alloc 0
[ 2870.817546][T23406] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23406,uid=0
[ 2870.846977][T23406] Memory cgroup out of memory: Killed process 23406 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:45 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0) (async)
r3 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x0, 0x4004080) (async)
sendmmsg(r3, &(0x7f00000002c0), 0x0, 0x4004080)
socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = accept(r1, &(0x7f0000000240)=@ieee802154={0x24, @short}, &(0x7f0000000100)=0x80)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f0000000380)={'syztnl1\x00', <r6=>r2, 0x20, 0x20, 0x6, 0x9, {{0x27, 0x4, 0x2, 0x1, 0x9c, 0x68, 0x0, 0x0, 0x2f, 0x0, @remote, @multicast2, {[@noop, @generic={0x44, 0xf, "c1b9131947f7ae4bfa7a8536a6"}, @timestamp_addr={0x44, 0x34, 0x2b, 0x1, 0x9, [{@multicast2, 0x588b}, {@remote, 0x93e0}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x7}, {@loopback, 0xf7bd}, {@empty, 0x1000}, {@empty, 0x7}]}, @ssrr={0x89, 0x17, 0x69, [@private=0xa010102, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0xa}]}, @timestamp_addr={0x44, 0x1c, 0xe, 0x1, 0xf, [{@dev={0xac, 0x14, 0x14, 0xf}, 0x7}, {@local, 0xf8}, {@private=0xa010100, 0xaefd}]}, @timestamp={0x44, 0x10, 0x81, 0x0, 0xd, [0x122, 0x9, 0xeb]}]}}}}})
setsockopt$MRT_ADD_VIF(r5, 0x0, 0xca, &(0x7f0000000500)={0x1, 0x0, 0x81, 0x45e, @vifc_lcl_ifindex=r6, @broadcast}, 0x10)

13:48:45 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

[ 2871.092778][T23425] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2871.122487][T23425] CPU: 1 PID: 23425 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2871.132945][T23425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2871.143112][T23425] Call Trace:
[ 2871.146411][T23425]  <TASK>
[ 2871.149364][T23425]  dump_stack_lvl+0x136/0x150
[ 2871.154074][T23425]  dump_header+0x10a/0xd70
[ 2871.158526][T23425]  oom_kill_process+0x25d/0x600
[ 2871.163414][T23425]  out_of_memory+0x35c/0x1660
[ 2871.168135][T23425]  ? find_held_lock+0x2d/0x110
[ 2871.172947][T23425]  ? oom_killer_disable+0x2b0/0x2b0
[ 2871.178180][T23425]  ? rcu_read_unlock+0x9/0x60
[ 2871.182897][T23425]  ? find_held_lock+0x2d/0x110
[ 2871.187708][T23425]  mem_cgroup_out_of_memory+0x206/0x270
[ 2871.193311][T23425]  ? mem_cgroup_margin+0x130/0x130
[ 2871.198469][T23425]  ? lock_downgrade+0x690/0x690
[ 2871.203379][T23425]  try_charge_memcg+0xf99/0x13a0
[ 2871.208368][T23425]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2871.214414][T23425]  ? rcu_read_unlock+0x9/0x60
[ 2871.219151][T23425]  ? lock_downgrade+0x690/0x690
[ 2871.224330][T23425]  charge_memcg+0x90/0x3b0
[ 2871.228802][T23425]  __mem_cgroup_charge+0x2b/0x90
[ 2871.233775][T23425]  ? copy_mc_to_kernel+0x3e/0x90
[ 2871.238766][T23425]  do_wp_page+0x8ea/0x33c0
[ 2871.243226][T23425]  ? lock_sync+0x190/0x190
[ 2871.247690][T23425]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2871.253099][T23425]  ? do_raw_spin_lock+0x124/0x2b0
[ 2871.258175][T23425]  ? spin_bug+0x1c0/0x1c0
[ 2871.262555][T23425]  __handle_mm_fault+0x1635/0x41c0
[ 2871.267715][T23425]  ? vm_iomap_memory+0x190/0x190
[ 2871.272698][T23425]  ? mas_walk+0x58f/0x730
[ 2871.277114][T23425]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2871.282274][T23425]  handle_mm_fault+0x2af/0x9f0
[ 2871.287106][T23425]  do_user_addr_fault+0x2ca/0x1210
[ 2871.292272][T23425]  ? rcu_is_watching+0x12/0xb0
[ 2871.297087][T23425]  exc_page_fault+0x98/0x170
[ 2871.301729][T23425]  asm_exc_page_fault+0x26/0x30
[ 2871.306634][T23425] RIP: 0033:0x7f4036836f7e
[ 2871.311084][T23425] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2871.330818][T23425] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2871.336924][T23425] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2871.344934][T23425] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2871.352946][T23425] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2871.360958][T23425] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2871.368961][T23425] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2871.376973][T23425]  </TASK>
[ 2871.386091][T23425] memory: usage 307200kB, limit 307200kB, failcnt 18408
[ 2871.393353][T23425] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2871.425724][T23425] Memory cgroup stats for /syz4:
[ 2871.425967][T23425] anon 114688
[ 2871.425967][T23425] file 8380416
[ 2871.425967][T23425] kernel 306077696
13:48:45 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
r3 = memfd_secret(0x0)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
fcntl$dupfd(0xffffffffffffffff, 0x0, r0) (async)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r1, {0x2}}, './file0\x00'}) (async)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
r7 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
sendmsg$DEVLINK_CMD_RELOAD(r3, &(0x7f00000003c0)={&(0x7f0000000080), 0xc, &(0x7f0000000380)={&(0x7f0000000500)={0x120, r4, 0x400, 0x70bd25, 0x25dfdbfd, {}, [{@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r7}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_ID={0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x3}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r6}}]}, 0x120}, 0x1, 0x0, 0x0, 0x80}, 0x5) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="00000000000000000554543610ae1a9a6e5bda1d070000000b000100666caae7d2b001e49faf8941a880516f77657200000c0002"], 0x3c}}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r8, &(0x7f00000002c0), 0x4000000000000d2, 0x0) (async)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r9, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2871.425967][T23425] kernel_stack 65536
[ 2871.425967][T23425] pagetables 77824
[ 2871.425967][T23425] sec_pagetables 0
[ 2871.425967][T23425] percpu 5477376
[ 2871.425967][T23425] sock 0
[ 2871.425967][T23425] vmalloc 0
[ 2871.425967][T23425] shmem 8380416
[ 2871.425967][T23425] zswap 0
[ 2871.425967][T23425] zswapped 0
[ 2871.425967][T23425] file_mapped 405504
[ 2871.425967][T23425] file_dirty 0
[ 2871.425967][T23425] file_writeback 0
[ 2871.425967][T23425] swapcached 0
[ 2871.425967][T23425] anon_thp 0
[ 2871.425967][T23425] file_thp 0
[ 2871.425967][T23425] shmem_thp 0
[ 2871.425967][T23425] inactive_anon 4096
[ 2871.425967][T23425] active_anon 8491008
[ 2871.425967][T23425] inactive_file 0
[ 2871.425967][T23425] active_file 0
[ 2871.425967][T23425] unevictable 0
[ 2871.425967][T23425] slab_reclaimable 38216
[ 2871.425967][T23425] slab_unreclaimable 300379744
[ 2871.425967][T23425] slab 300417960
[ 2871.425967][T23425] workingset_refault_anon 0
[ 2871.425967][T23425] workingset_refault_file 0
[ 2871.425967][T23425] workingset_activate_anon 0
[ 2871.425967][T23425] workingset_activate_file 0
[ 2871.425967][T23425] workingset_restore_anon 0
[ 2871.425967][T23425] workingset_restore_file 0
[ 2871.425967][T23425] workingset_nodereclaim 0
[ 2871.425967][T23425] pgscan 0
[ 2871.425967][T23425] pgsteal 0
[ 2871.425967][T23425] pgscan_kswapd 0
[ 2871.425967][T23425] pgscan_direct 0
[ 2871.425967][T23425] pgscan_khugepaged 0
[ 2871.425967][T23425] pgsteal_kswapd 0
[ 2871.425967][T23425] pgsteal_direct 0
[ 2871.425967][T23425] pgsteal_khugepaged 0
[ 2871.425967][T23425] pgfault 387011
[ 2871.425967][T23425] pgmajfault 0
[ 2871.425967][T23425] pgrefill 0
[ 2871.425967][T23425] pgactivate 0
13:48:45 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xc9)

13:48:45 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:45 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6900000000000000)

[ 2871.425967][T23425] pgdeactivate 0
[ 2871.425967][T23425] pglazyfree 0
[ 2871.425967][T23425] pglazyfreed 0
[ 2871.425967][T23425] zswpin 0
[ 2871.425967][T23425] zswpout 0
[ 2871.425967][T23425] thp_fault_alloc 0
13:48:46 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0) (async, rerun: 32)
r1 = socket(0x10, 0x803, 0x0) (rerun: 32)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async, rerun: 32)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async, rerun: 32)
r3 = memfd_secret(0x0) (async)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff) (async, rerun: 32)
fcntl$dupfd(0xffffffffffffffff, 0x0, r0) (rerun: 32)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r1, {0x2}}, './file0\x00'}) (async)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) (async)
r7 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
sendmsg$DEVLINK_CMD_RELOAD(r3, &(0x7f00000003c0)={&(0x7f0000000080), 0xc, &(0x7f0000000380)={&(0x7f0000000500)={0x120, r4, 0x400, 0x70bd25, 0x25dfdbfd, {}, [{@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r7}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_ID={0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x3}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r6}}]}, 0x120}, 0x1, 0x0, 0x0, 0x80}, 0x5)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="00000000000000000554543610ae1a9a6e5bda1d070000000b000100666caae7d2b001e49faf8941a880516f77657200000c0002"], 0x3c}}, 0x0) (async)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r8, &(0x7f00000002c0), 0x4000000000000d2, 0x0) (async)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r9, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:46 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

[ 2872.069634][T23425] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23425,uid=0
13:48:46 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x14)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x40050}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
r3 = eventfd2(0x75f, 0x0)
lseek(r3, 0x1, 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
ioctl$sock_SIOCSIFVLAN_GET_VLAN_VID_CMD(r6, 0x8983, &(0x7f0000000080))

[ 2872.114479][T23425] Memory cgroup out of memory: Killed process 23425 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:46 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:46 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xca)

[ 2872.363713][T23456] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2872.387072][T23456] CPU: 1 PID: 23456 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2872.397544][T23456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2872.407637][T23456] Call Trace:
[ 2872.410946][T23456]  <TASK>
[ 2872.413907][T23456]  dump_stack_lvl+0x136/0x150
[ 2872.418629][T23456]  dump_header+0x10a/0xd70
[ 2872.423104][T23456]  oom_kill_process+0x25d/0x600
[ 2872.428004][T23456]  out_of_memory+0x35c/0x1660
[ 2872.433428][T23456]  ? find_held_lock+0x2d/0x110
[ 2872.438243][T23456]  ? oom_killer_disable+0x2b0/0x2b0
[ 2872.443482][T23456]  ? rcu_read_unlock+0x9/0x60
[ 2872.448209][T23456]  ? find_held_lock+0x2d/0x110
[ 2872.453030][T23456]  mem_cgroup_out_of_memory+0x206/0x270
[ 2872.458658][T23456]  ? mem_cgroup_margin+0x130/0x130
[ 2872.463835][T23456]  ? lock_downgrade+0x690/0x690
[ 2872.468760][T23456]  try_charge_memcg+0xf99/0x13a0
[ 2872.473755][T23456]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2872.479790][T23456]  ? rcu_read_unlock+0x9/0x60
[ 2872.484503][T23456]  ? lock_downgrade+0x690/0x690
[ 2872.489422][T23456]  charge_memcg+0x90/0x3b0
[ 2872.493898][T23456]  __mem_cgroup_charge+0x2b/0x90
[ 2872.498865][T23456]  ? copy_mc_to_kernel+0x3e/0x90
[ 2872.503846][T23456]  do_wp_page+0x8ea/0x33c0
[ 2872.508303][T23456]  ? lock_sync+0x190/0x190
[ 2872.512766][T23456]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2872.518184][T23456]  ? do_raw_spin_lock+0x124/0x2b0
[ 2872.523268][T23456]  ? spin_bug+0x1c0/0x1c0
[ 2872.527828][T23456]  __handle_mm_fault+0x1635/0x41c0
[ 2872.532981][T23456]  ? vm_iomap_memory+0x190/0x190
[ 2872.537955][T23456]  ? mas_walk+0x58f/0x730
[ 2872.542338][T23456]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2872.547468][T23456]  handle_mm_fault+0x2af/0x9f0
[ 2872.552261][T23456]  do_user_addr_fault+0x2ca/0x1210
[ 2872.557474][T23456]  ? rcu_is_watching+0x12/0xb0
[ 2872.562264][T23456]  exc_page_fault+0x98/0x170
[ 2872.566873][T23456]  asm_exc_page_fault+0x26/0x30
[ 2872.571745][T23456] RIP: 0033:0x7f4036836f7e
[ 2872.576166][T23456] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2872.595786][T23456] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2872.601894][T23456] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2872.609959][T23456] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2872.617973][T23456] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2872.625951][T23456] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2872.633930][T23456] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2872.641941][T23456]  </TASK>
13:48:47 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
recvmmsg(r5, &(0x7f0000000780)=[{{&(0x7f00000005c0)=@rc={0x1f, @none}, 0x80, &(0x7f0000000640)=[{&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/149, 0x95}], 0x2}, 0x1b6}], 0x1, 0x40002000, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r7=>0x0})
r8 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r7}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="24000000580000022dbd7000fddbdf250008000200", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00'], 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x40000)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r9, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r10, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r11 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r12 = dup(r11)
write$6lowpan_enable(r12, &(0x7f0000000000)='0', 0xfffffd2c)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1f, 0x5, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, [@btf_id={0x18, 0x3, 0x3, 0x0, 0x2}]}, &(0x7f0000000380)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x19, '\x00', r7, 0x13, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000400)={0x5, 0xf, 0x2, 0x7fffffff}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000500)=[0xffffffffffffffff, r12, 0x1]}, 0x80)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r13=>0x0})
r14 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r14, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r13}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
r15 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000800), r12)
sendmsg$L2TP_CMD_SESSION_GET(r14, &(0x7f0000000900)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000840)={0x64, r15, 0x0, 0x70bd2b, 0x25dfdbfe, {}, [@L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @private2={0xfc, 0x2, '\x00', 0x1}}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0xb}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0xb}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5}, @L2TP_ATTR_MRU={0x6, 0x1d, 0x101}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @empty}]}, 0x64}, 0x1, 0x0, 0x0, 0x804}, 0x801)

[ 2872.712889][T23456] memory: usage 307200kB, limit 307200kB, failcnt 18484
[ 2872.721470][T23456] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2872.736078][T23456] Memory cgroup stats for /syz4:
[ 2872.736375][T23456] anon 114688
[ 2872.736375][T23456] file 8380416
[ 2872.736375][T23456] kernel 306077696
[ 2872.736375][T23456] kernel_stack 65536
[ 2872.736375][T23456] pagetables 77824
[ 2872.736375][T23456] sec_pagetables 0
[ 2872.736375][T23456] percpu 5477376
[ 2872.736375][T23456] sock 0
[ 2872.736375][T23456] vmalloc 0
[ 2872.736375][T23456] shmem 8380416
[ 2872.736375][T23456] zswap 0
[ 2872.736375][T23456] zswapped 0
[ 2872.736375][T23456] file_mapped 405504
[ 2872.736375][T23456] file_dirty 0
[ 2872.736375][T23456] file_writeback 0
[ 2872.736375][T23456] swapcached 0
[ 2872.736375][T23456] anon_thp 0
[ 2872.736375][T23456] file_thp 0
[ 2872.736375][T23456] shmem_thp 0
[ 2872.736375][T23456] inactive_anon 4096
[ 2872.736375][T23456] active_anon 8491008
[ 2872.736375][T23456] inactive_file 0
[ 2872.736375][T23456] active_file 0
[ 2872.736375][T23456] unevictable 0
[ 2872.736375][T23456] slab_reclaimable 38216
[ 2872.736375][T23456] slab_unreclaimable 300379744
[ 2872.736375][T23456] slab 300417960
[ 2872.736375][T23456] workingset_refault_anon 0
[ 2872.736375][T23456] workingset_refault_file 0
[ 2872.736375][T23456] workingset_activate_anon 0
[ 2872.736375][T23456] workingset_activate_file 0
[ 2872.736375][T23456] workingset_restore_anon 0
[ 2872.736375][T23456] workingset_restore_file 0
[ 2872.736375][T23456] workingset_nodereclaim 0
[ 2872.736375][T23456] pgscan 0
[ 2872.736375][T23456] pgsteal 0
[ 2872.736375][T23456] pgscan_kswapd 0
[ 2872.736375][T23456] pgscan_direct 0
[ 2872.736375][T23456] pgscan_khugepaged 0
[ 2872.736375][T23456] pgsteal_kswapd 0
[ 2872.736375][T23456] pgsteal_direct 0
[ 2872.736375][T23456] pgsteal_khugepaged 0
[ 2872.736375][T23456] pgfault 387050
[ 2872.736375][T23456] pgmajfault 0
[ 2872.736375][T23456] pgrefill 0
[ 2872.736375][T23456] pgactivate 0
[ 2872.736375][T23456] pgdeactivate 0
[ 2872.736375][T23456] pglazyfree 0
[ 2872.736375][T23456] pglazyfreed 0
[ 2872.736375][T23456] zswpin 0
[ 2872.736375][T23456] zswpout 0
[ 2872.736375][T23456] thp_fault_alloc 0
13:48:47 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6901000000000000)

[ 2872.959596][T23456] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23456,uid=0
[ 2872.985817][T23456] Memory cgroup out of memory: Killed process 23456 (syz-executor.4) total-vm:54548kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:47 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x14)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x40050}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
r3 = eventfd2(0x75f, 0x0)
lseek(r3, 0x1, 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
ioctl$sock_SIOCSIFVLAN_GET_VLAN_VID_CMD(r6, 0x8983, &(0x7f0000000080))

[ 2873.153466][T23474] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2873.188547][T23474] CPU: 0 PID: 23474 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2873.199028][T23474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2873.209114][T23474] Call Trace:
[ 2873.212428][T23474]  <TASK>
[ 2873.215388][T23474]  dump_stack_lvl+0x136/0x150
[ 2873.220130][T23474]  dump_header+0x10a/0xd70
[ 2873.224606][T23474]  oom_kill_process+0x25d/0x600
[ 2873.229498][T23474]  out_of_memory+0x35c/0x1660
[ 2873.234216][T23474]  ? find_held_lock+0x2d/0x110
[ 2873.239017][T23474]  ? oom_killer_disable+0x2b0/0x2b0
[ 2873.244254][T23474]  ? rcu_read_unlock+0x9/0x60
[ 2873.248978][T23474]  ? find_held_lock+0x2d/0x110
[ 2873.253786][T23474]  mem_cgroup_out_of_memory+0x206/0x270
[ 2873.259373][T23474]  ? mem_cgroup_margin+0x130/0x130
[ 2873.264528][T23474]  ? lock_downgrade+0x690/0x690
[ 2873.269442][T23474]  try_charge_memcg+0xf99/0x13a0
[ 2873.274435][T23474]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2873.280473][T23474]  ? rcu_read_unlock+0x9/0x60
[ 2873.285196][T23474]  ? lock_downgrade+0x690/0x690
[ 2873.290097][T23474]  charge_memcg+0x90/0x3b0
[ 2873.294545][T23474]  __mem_cgroup_charge+0x2b/0x90
[ 2873.299488][T23474]  ? copy_mc_to_kernel+0x3e/0x90
[ 2873.304445][T23474]  do_wp_page+0x8ea/0x33c0
[ 2873.308875][T23474]  ? lock_sync+0x190/0x190
[ 2873.313306][T23474]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2873.318687][T23474]  ? do_raw_spin_lock+0x124/0x2b0
[ 2873.323747][T23474]  ? spin_bug+0x1c0/0x1c0
[ 2873.328122][T23474]  __handle_mm_fault+0x1635/0x41c0
[ 2873.333351][T23474]  ? vm_iomap_memory+0x190/0x190
[ 2873.338302][T23474]  ? mas_walk+0x58f/0x730
[ 2873.342661][T23474]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2873.347792][T23474]  handle_mm_fault+0x2af/0x9f0
[ 2873.352573][T23474]  do_user_addr_fault+0x2ca/0x1210
[ 2873.357702][T23474]  ? rcu_is_watching+0x12/0xb0
[ 2873.362491][T23474]  exc_page_fault+0x98/0x170
[ 2873.367094][T23474]  asm_exc_page_fault+0x26/0x30
[ 2873.371962][T23474] RIP: 0033:0x7f4036836f7e
[ 2873.376385][T23474] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2873.396010][T23474] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2873.402088][T23474] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2873.410064][T23474] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2873.418041][T23474] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2873.426101][T23474] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2873.434073][T23474] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2873.442069][T23474]  </TASK>
[ 2873.456094][T23474] memory: usage 307200kB, limit 307200kB, failcnt 18567
[ 2873.463779][T23474] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2873.508563][T23474] Memory cgroup stats for /syz4:
[ 2873.508848][T23474] anon 114688
[ 2873.508848][T23474] file 8380416
[ 2873.508848][T23474] kernel 306077696
[ 2873.508848][T23474] kernel_stack 65536
[ 2873.508848][T23474] pagetables 77824
[ 2873.508848][T23474] sec_pagetables 0
[ 2873.508848][T23474] percpu 5477376
[ 2873.508848][T23474] sock 0
[ 2873.508848][T23474] vmalloc 0
[ 2873.508848][T23474] shmem 8380416
[ 2873.508848][T23474] zswap 0
[ 2873.508848][T23474] zswapped 0
[ 2873.508848][T23474] file_mapped 405504
[ 2873.508848][T23474] file_dirty 0
[ 2873.508848][T23474] file_writeback 0
[ 2873.508848][T23474] swapcached 0
[ 2873.508848][T23474] anon_thp 0
[ 2873.508848][T23474] file_thp 0
[ 2873.508848][T23474] shmem_thp 0
[ 2873.508848][T23474] inactive_anon 4096
[ 2873.508848][T23474] active_anon 8491008
[ 2873.508848][T23474] inactive_file 0
[ 2873.508848][T23474] active_file 0
[ 2873.508848][T23474] unevictable 0
[ 2873.508848][T23474] slab_reclaimable 38216
[ 2873.508848][T23474] slab_unreclaimable 300379744
[ 2873.508848][T23474] slab 300417960
[ 2873.508848][T23474] workingset_refault_anon 0
[ 2873.508848][T23474] workingset_refault_file 0
[ 2873.508848][T23474] workingset_activate_anon 0
[ 2873.508848][T23474] workingset_activate_file 0
[ 2873.508848][T23474] workingset_restore_anon 0
[ 2873.508848][T23474] workingset_restore_file 0
[ 2873.508848][T23474] workingset_nodereclaim 0
[ 2873.508848][T23474] pgscan 0
[ 2873.508848][T23474] pgsteal 0
[ 2873.508848][T23474] pgscan_kswapd 0
[ 2873.508848][T23474] pgscan_direct 0
[ 2873.508848][T23474] pgscan_khugepaged 0
[ 2873.508848][T23474] pgsteal_kswapd 0
[ 2873.508848][T23474] pgsteal_direct 0
13:48:48 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2873.508848][T23474] pgsteal_khugepaged 0
[ 2873.508848][T23474] pgfault 387089
[ 2873.508848][T23474] pgmajfault 0
[ 2873.508848][T23474] pgrefill 0
[ 2873.508848][T23474] pgactivate 0
[ 2873.508848][T23474] pgdeactivate 0
[ 2873.508848][T23474] pglazyfree 0
[ 2873.508848][T23474] pglazyfreed 0
[ 2873.508848][T23474] zswpin 0
[ 2873.508848][T23474] zswpout 0
[ 2873.508848][T23474] thp_fault_alloc 0
[ 2873.819985][T23470] __nla_validate_parse: 28 callbacks suppressed
[ 2873.820007][T23470] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2873.848694][T23455] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
13:48:48 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

[ 2873.880957][T23475] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2873.976417][T23474] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23474,uid=0
[ 2874.001159][T23474] Memory cgroup out of memory: Killed process 23474 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:48 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x14)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x40050}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
r3 = eventfd2(0x75f, 0x0)
lseek(r3, 0x1, 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) (async)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_VID_CMD(r6, 0x8983, &(0x7f0000000080))

13:48:48 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
recvmmsg(r5, &(0x7f0000000780)=[{{&(0x7f00000005c0)=@rc={0x1f, @none}, 0x80, &(0x7f0000000640)=[{&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/149, 0x95}], 0x2}, 0x1b6}], 0x1, 0x40002000, 0x0) (async)
recvmmsg(r5, &(0x7f0000000780)=[{{&(0x7f00000005c0)=@rc={0x1f, @none}, 0x80, &(0x7f0000000640)=[{&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/149, 0x95}], 0x2}, 0x1b6}], 0x1, 0x40002000, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r7=>0x0})
socket(0x10, 0x80002, 0x0) (async)
r8 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r7}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="24000000580000022dbd7000fddbdf250008000200", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00'], 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x40000)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r9, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r10, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
sendmmsg(r10, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r11 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r12 = dup(r11)
write$6lowpan_enable(r12, &(0x7f0000000000)='0', 0xfffffd2c) (async)
write$6lowpan_enable(r12, &(0x7f0000000000)='0', 0xfffffd2c)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1f, 0x5, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, [@btf_id={0x18, 0x3, 0x3, 0x0, 0x2}]}, &(0x7f0000000380)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x19, '\x00', r7, 0x13, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000400)={0x5, 0xf, 0x2, 0x7fffffff}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000500)=[0xffffffffffffffff, r12, 0x1]}, 0x80)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r13=>0x0})
r14 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r14, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r13}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)
sendmsg$nl_route(r14, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r13}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
r15 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000800), r12)
sendmsg$L2TP_CMD_SESSION_GET(r14, &(0x7f0000000900)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000840)={0x64, r15, 0x0, 0x70bd2b, 0x25dfdbfe, {}, [@L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @private2={0xfc, 0x2, '\x00', 0x1}}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0xb}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0xb}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5}, @L2TP_ATTR_MRU={0x6, 0x1d, 0x101}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @empty}]}, 0x64}, 0x1, 0x0, 0x0, 0x804}, 0x801)

13:48:48 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xcb)

[ 2874.084965][T23463] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2874.103720][T23483] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2874.272699][T23489] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2874.302740][T23487] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2874.317439][T23489] CPU: 1 PID: 23489 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2874.327912][T23489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2874.338026][T23489] Call Trace:
[ 2874.341333][T23489]  <TASK>
[ 2874.344288][T23489]  dump_stack_lvl+0x136/0x150
[ 2874.349013][T23489]  dump_header+0x10a/0xd70
[ 2874.353471][T23489]  oom_kill_process+0x25d/0x600
[ 2874.358368][T23489]  out_of_memory+0x35c/0x1660
[ 2874.363085][T23489]  ? find_held_lock+0x2d/0x110
[ 2874.367901][T23489]  ? oom_killer_disable+0x2b0/0x2b0
[ 2874.373146][T23489]  ? rcu_read_unlock+0x9/0x60
[ 2874.377849][T23489]  ? find_held_lock+0x2d/0x110
[ 2874.382640][T23489]  mem_cgroup_out_of_memory+0x206/0x270
[ 2874.388235][T23489]  ? mem_cgroup_margin+0x130/0x130
[ 2874.393484][T23489]  ? lock_downgrade+0x690/0x690
[ 2874.398403][T23489]  try_charge_memcg+0xf99/0x13a0
[ 2874.403404][T23489]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2874.409443][T23489]  ? rcu_read_unlock+0x9/0x60
[ 2874.414158][T23489]  ? lock_downgrade+0x690/0x690
[ 2874.419069][T23489]  charge_memcg+0x90/0x3b0
[ 2874.423541][T23489]  __mem_cgroup_charge+0x2b/0x90
[ 2874.428508][T23489]  ? copy_mc_to_kernel+0x3e/0x90
[ 2874.433468][T23489]  do_wp_page+0x8ea/0x33c0
[ 2874.437898][T23489]  ? lock_sync+0x190/0x190
[ 2874.442329][T23489]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2874.447713][T23489]  ? do_raw_spin_lock+0x124/0x2b0
[ 2874.452752][T23489]  ? spin_bug+0x1c0/0x1c0
[ 2874.457105][T23489]  __handle_mm_fault+0x1635/0x41c0
[ 2874.462229][T23489]  ? vm_iomap_memory+0x190/0x190
[ 2874.467173][T23489]  ? mas_walk+0x58f/0x730
[ 2874.471883][T23489]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2874.477014][T23489]  handle_mm_fault+0x2af/0x9f0
[ 2874.481794][T23489]  do_user_addr_fault+0x2ca/0x1210
[ 2874.486925][T23489]  ? rcu_is_watching+0x12/0xb0
[ 2874.491711][T23489]  exc_page_fault+0x98/0x170
[ 2874.496325][T23489]  asm_exc_page_fault+0x26/0x30
[ 2874.501195][T23489] RIP: 0033:0x7f4036836f7e
[ 2874.505636][T23489] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2874.525337][T23489] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2874.531412][T23489] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2874.539388][T23489] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2874.547363][T23489] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2874.555338][T23489] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2874.563311][T23489] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2874.571302][T23489]  </TASK>
13:48:48 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2874.581793][T23489] memory: usage 307200kB, limit 307200kB, failcnt 18630
[ 2874.636145][T23489] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2874.686603][T23489] Memory cgroup stats for /syz4:
[ 2874.686924][T23489] anon 114688
[ 2874.686924][T23489] file 8380416
[ 2874.686924][T23489] kernel 306077696
[ 2874.686924][T23489] kernel_stack 65536
[ 2874.686924][T23489] pagetables 77824
[ 2874.686924][T23489] sec_pagetables 0
[ 2874.686924][T23489] percpu 5477376
[ 2874.686924][T23489] sock 0
[ 2874.686924][T23489] vmalloc 0
[ 2874.686924][T23489] shmem 8380416
[ 2874.686924][T23489] zswap 0
[ 2874.686924][T23489] zswapped 0
[ 2874.686924][T23489] file_mapped 405504
[ 2874.686924][T23489] file_dirty 0
[ 2874.686924][T23489] file_writeback 0
[ 2874.686924][T23489] swapcached 0
[ 2874.686924][T23489] anon_thp 0
[ 2874.686924][T23489] file_thp 0
[ 2874.686924][T23489] shmem_thp 0
[ 2874.686924][T23489] inactive_anon 4096
[ 2874.686924][T23489] active_anon 8491008
[ 2874.686924][T23489] inactive_file 0
[ 2874.686924][T23489] active_file 0
[ 2874.686924][T23489] unevictable 0
[ 2874.686924][T23489] slab_reclaimable 38216
[ 2874.686924][T23489] slab_unreclaimable 300379744
[ 2874.686924][T23489] slab 300417960
[ 2874.686924][T23489] workingset_refault_anon 0
[ 2874.686924][T23489] workingset_refault_file 0
[ 2874.686924][T23489] workingset_activate_anon 0
[ 2874.686924][T23489] workingset_activate_file 0
[ 2874.686924][T23489] workingset_restore_anon 0
[ 2874.686924][T23489] workingset_restore_file 0
[ 2874.686924][T23489] workingset_nodereclaim 0
[ 2874.686924][T23489] pgscan 0
[ 2874.686924][T23489] pgsteal 0
[ 2874.686924][T23489] pgscan_kswapd 0
[ 2874.686924][T23489] pgscan_direct 0
[ 2874.686924][T23489] pgscan_khugepaged 0
[ 2874.686924][T23489] pgsteal_kswapd 0
[ 2874.686924][T23489] pgsteal_direct 0
[ 2874.686924][T23489] pgsteal_khugepaged 0
[ 2874.686924][T23489] pgfault 387125
[ 2874.686924][T23489] pgmajfault 0
[ 2874.686924][T23489] pgrefill 0
[ 2874.686924][T23489] pgactivate 0
[ 2874.686924][T23489] pgdeactivate 0
[ 2874.686924][T23489] pglazyfree 0
[ 2874.686924][T23489] pglazyfreed 0
[ 2874.686924][T23489] zswpin 0
[ 2874.686924][T23489] zswpout 0
[ 2874.686924][T23489] thp_fault_alloc 0
[ 2874.959619][T23488] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2874.987063][T23479] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
13:48:49 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

13:48:49 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6a00000000000000)

[ 2875.014824][T23481] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2875.032790][T23492] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'.
13:48:49 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={&(0x7f0000000080), 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=@gettclass={0x24, 0x2a, 0x400, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0x10, 0x5}, {0x4, 0xfff1}, {0xc, 0xffff}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x40c1}, 0x4044401)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2875.189387][T23489] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23489,uid=0
[ 2875.211332][T23489] Memory cgroup out of memory: Killed process 23489 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:49 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async, rerun: 32)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async, rerun: 32)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0}) (async)
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)
recvmmsg(r5, &(0x7f0000000780)=[{{&(0x7f00000005c0)=@rc={0x1f, @none}, 0x80, &(0x7f0000000640)=[{&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/149, 0x95}], 0x2}, 0x1b6}], 0x1, 0x40002000, 0x0) (async, rerun: 64)
r6 = socket$inet_udplite(0x2, 0x2, 0x88) (rerun: 64)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r7=>0x0}) (async, rerun: 64)
r8 = socket(0x10, 0x80002, 0x0) (rerun: 64)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r7}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)
sendmsg$nl_route(r8, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="24000000580000022dbd7000fddbdf250008000200", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00'], 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x40000)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r9, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async, rerun: 32)
r10 = socket$netlink(0x10, 0x3, 0x0) (rerun: 32)
sendmmsg(r10, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r11 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r12 = dup(r11)
write$6lowpan_enable(r12, &(0x7f0000000000)='0', 0xfffffd2c) (async, rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1f, 0x5, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, [@btf_id={0x18, 0x3, 0x3, 0x0, 0x2}]}, &(0x7f0000000380)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x19, '\x00', r7, 0x13, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000400)={0x5, 0xf, 0x2, 0x7fffffff}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000500)=[0xffffffffffffffff, r12, 0x1]}, 0x80) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r13=>0x0}) (async)
r14 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r14, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r13}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)
r15 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000800), r12)
sendmsg$L2TP_CMD_SESSION_GET(r14, &(0x7f0000000900)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000840)={0x64, r15, 0x0, 0x70bd2b, 0x25dfdbfe, {}, [@L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @private2={0xfc, 0x2, '\x00', 0x1}}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0xb}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0xb}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5}, @L2TP_ATTR_MRU={0x6, 0x1d, 0x101}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @empty}]}, 0x64}, 0x1, 0x0, 0x0, 0x804}, 0x801)

[ 2875.417513][T23511] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2875.465930][T23511] CPU: 1 PID: 23511 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2875.476423][T23511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2875.486632][T23511] Call Trace:
[ 2875.489944][T23511]  <TASK>
[ 2875.492903][T23511]  dump_stack_lvl+0x136/0x150
[ 2875.497625][T23511]  dump_header+0x10a/0xd70
[ 2875.502088][T23511]  oom_kill_process+0x25d/0x600
[ 2875.506978][T23511]  out_of_memory+0x35c/0x1660
[ 2875.511694][T23511]  ? find_held_lock+0x2d/0x110
[ 2875.516498][T23511]  ? oom_killer_disable+0x2b0/0x2b0
[ 2875.521757][T23511]  ? rcu_read_unlock+0x9/0x60
[ 2875.526497][T23511]  ? find_held_lock+0x2d/0x110
[ 2875.531318][T23511]  mem_cgroup_out_of_memory+0x206/0x270
[ 2875.536916][T23511]  ? mem_cgroup_margin+0x130/0x130
[ 2875.542072][T23511]  ? lock_downgrade+0x690/0x690
[ 2875.546987][T23511]  try_charge_memcg+0xf99/0x13a0
[ 2875.551995][T23511]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2875.558053][T23511]  ? rcu_read_unlock+0x9/0x60
[ 2875.562769][T23511]  ? lock_downgrade+0x690/0x690
[ 2875.567672][T23511]  charge_memcg+0x90/0x3b0
[ 2875.572228][T23511]  __mem_cgroup_charge+0x2b/0x90
[ 2875.577201][T23511]  ? copy_mc_to_kernel+0x3e/0x90
[ 2875.582186][T23511]  do_wp_page+0x8ea/0x33c0
[ 2875.586667][T23511]  ? lock_sync+0x190/0x190
[ 2875.591170][T23511]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2875.596618][T23511]  ? do_raw_spin_lock+0x124/0x2b0
[ 2875.601718][T23511]  ? spin_bug+0x1c0/0x1c0
[ 2875.606102][T23511]  __handle_mm_fault+0x1635/0x41c0
[ 2875.611258][T23511]  ? vm_iomap_memory+0x190/0x190
[ 2875.616231][T23511]  ? mas_walk+0x58f/0x730
[ 2875.620627][T23511]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2875.625783][T23511]  handle_mm_fault+0x2af/0x9f0
[ 2875.630602][T23511]  do_user_addr_fault+0x2ca/0x1210
[ 2875.635755][T23511]  ? rcu_is_watching+0x12/0xb0
[ 2875.640562][T23511]  exc_page_fault+0x98/0x170
[ 2875.645634][T23511]  asm_exc_page_fault+0x26/0x30
[ 2875.650560][T23511] RIP: 0033:0x7f4036836f7e
[ 2875.655019][T23511] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2875.675026][T23511] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2875.681147][T23511] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2875.689245][T23511] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2875.697258][T23511] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2875.705258][T23511] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2875.713261][T23511] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2875.721289][T23511]  </TASK>
13:48:50 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2875.780466][T23511] memory: usage 307200kB, limit 307200kB, failcnt 18698
[ 2875.790052][T23511] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2875.820429][T23511] Memory cgroup stats for /syz4:
[ 2875.820671][T23511] anon 114688
[ 2875.820671][T23511] file 8380416
[ 2875.820671][T23511] kernel 306077696
[ 2875.820671][T23511] kernel_stack 65536
[ 2875.820671][T23511] pagetables 77824
[ 2875.820671][T23511] sec_pagetables 0
[ 2875.820671][T23511] percpu 5477376
[ 2875.820671][T23511] sock 0
[ 2875.820671][T23511] vmalloc 0
[ 2875.820671][T23511] shmem 8380416
[ 2875.820671][T23511] zswap 0
[ 2875.820671][T23511] zswapped 0
[ 2875.820671][T23511] file_mapped 405504
[ 2875.820671][T23511] file_dirty 0
[ 2875.820671][T23511] file_writeback 0
[ 2875.820671][T23511] swapcached 0
[ 2875.820671][T23511] anon_thp 0
[ 2875.820671][T23511] file_thp 0
[ 2875.820671][T23511] shmem_thp 0
[ 2875.820671][T23511] inactive_anon 4096
[ 2875.820671][T23511] active_anon 8491008
[ 2875.820671][T23511] inactive_file 0
[ 2875.820671][T23511] active_file 0
[ 2875.820671][T23511] unevictable 0
[ 2875.820671][T23511] slab_reclaimable 38216
[ 2875.820671][T23511] slab_unreclaimable 300379744
[ 2875.820671][T23511] slab 300417960
[ 2875.820671][T23511] workingset_refault_anon 0
[ 2875.820671][T23511] workingset_refault_file 0
[ 2875.820671][T23511] workingset_activate_anon 0
[ 2875.820671][T23511] workingset_activate_file 0
[ 2875.820671][T23511] workingset_restore_anon 0
[ 2875.820671][T23511] workingset_restore_file 0
[ 2875.820671][T23511] workingset_nodereclaim 0
[ 2875.820671][T23511] pgscan 0
[ 2875.820671][T23511] pgsteal 0
[ 2875.820671][T23511] pgscan_kswapd 0
[ 2875.820671][T23511] pgscan_direct 0
[ 2875.820671][T23511] pgscan_khugepaged 0
[ 2875.820671][T23511] pgsteal_kswapd 0
[ 2875.820671][T23511] pgsteal_direct 0
[ 2875.820671][T23511] pgsteal_khugepaged 0
[ 2875.820671][T23511] pgfault 387161
[ 2875.820671][T23511] pgmajfault 0
[ 2875.820671][T23511] pgrefill 0
[ 2875.820671][T23511] pgactivate 0
[ 2875.820671][T23511] pgdeactivate 0
[ 2875.820671][T23511] pglazyfree 0
[ 2875.820671][T23511] pglazyfreed 0
[ 2875.820671][T23511] zswpin 0
[ 2875.820671][T23511] zswpout 0
[ 2875.820671][T23511] thp_fault_alloc 0
[ 2876.066693][T23511] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23511,uid=0
[ 2876.091925][T23511] Memory cgroup out of memory: Killed process 23511 (syz-executor.4) total-vm:54548kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:50 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={&(0x7f0000000080), 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=@gettclass={0x24, 0x2a, 0x400, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0x10, 0x5}, {0x4, 0xfff1}, {0xc, 0xffff}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x40c1}, 0x4044401)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
socket(0x10, 0x803, 0x0) (async)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) (async)
socket(0x10, 0x80002, 0x0) (async)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={&(0x7f0000000080), 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=@gettclass={0x24, 0x2a, 0x400, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0x10, 0x5}, {0x4, 0xfff1}, {0xc, 0xffff}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x40c1}, 0x4044401) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)

13:48:50 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

13:48:50 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xcc)

[ 2876.415730][T23523] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2876.439790][T23523] CPU: 1 PID: 23523 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2876.450276][T23523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2876.460444][T23523] Call Trace:
[ 2876.463751][T23523]  <TASK>
[ 2876.466713][T23523]  dump_stack_lvl+0x136/0x150
[ 2876.471440][T23523]  dump_header+0x10a/0xd70
[ 2876.475889][T23523]  oom_kill_process+0x25d/0x600
[ 2876.480791][T23523]  out_of_memory+0x35c/0x1660
[ 2876.485514][T23523]  ? find_held_lock+0x2d/0x110
[ 2876.490320][T23523]  ? oom_killer_disable+0x2b0/0x2b0
[ 2876.495552][T23523]  ? rcu_read_unlock+0x9/0x60
[ 2876.500273][T23523]  ? find_held_lock+0x2d/0x110
[ 2876.505090][T23523]  mem_cgroup_out_of_memory+0x206/0x270
[ 2876.510682][T23523]  ? mem_cgroup_margin+0x130/0x130
[ 2876.515837][T23523]  ? lock_downgrade+0x690/0x690
[ 2876.520753][T23523]  try_charge_memcg+0xf99/0x13a0
[ 2876.525848][T23523]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2876.531892][T23523]  ? rcu_read_unlock+0x9/0x60
[ 2876.536619][T23523]  ? lock_downgrade+0x690/0x690
[ 2876.541531][T23523]  charge_memcg+0x90/0x3b0
[ 2876.546522][T23523]  __mem_cgroup_charge+0x2b/0x90
[ 2876.551493][T23523]  ? copy_mc_to_kernel+0x3e/0x90
[ 2876.556479][T23523]  do_wp_page+0x8ea/0x33c0
[ 2876.560935][T23523]  ? lock_sync+0x190/0x190
[ 2876.565390][T23523]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2876.570905][T23523]  ? do_raw_spin_lock+0x124/0x2b0
[ 2876.575977][T23523]  ? spin_bug+0x1c0/0x1c0
[ 2876.580363][T23523]  __handle_mm_fault+0x1635/0x41c0
[ 2876.585537][T23523]  ? vm_iomap_memory+0x190/0x190
[ 2876.590552][T23523]  ? mas_walk+0x58f/0x730
[ 2876.594938][T23523]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2876.600093][T23523]  handle_mm_fault+0x2af/0x9f0
[ 2876.604900][T23523]  do_user_addr_fault+0x2ca/0x1210
[ 2876.610239][T23523]  ? rcu_is_watching+0x12/0xb0
[ 2876.615064][T23523]  exc_page_fault+0x98/0x170
[ 2876.619708][T23523]  asm_exc_page_fault+0x26/0x30
[ 2876.624612][T23523] RIP: 0033:0x7f4036836f7e
[ 2876.629072][T23523] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2876.648714][T23523] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2876.655007][T23523] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2876.663017][T23523] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2876.671022][T23523] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2876.679019][T23523] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2876.687025][T23523] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2876.695095][T23523]  </TASK>
13:48:51 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="48bceb00100001f6ffffffffffffff0000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c000000e90c98317bcfb066ae8d2c00270d0000", @ANYRES32=r2, @ANYBLOB="1d372918fa50f7686a3f4608bcdb269b81d99f58e562e33d1e6baf59c6fa0b4110cd6d141526bf228c745990853791b35c50b71bd2735dbbe7997c8f248b2d5c3cbdaaa8ec"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000640)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000480)={&(0x7f0000000500)=@ipv6_getroute={0x134, 0x1a, 0x20, 0x70bd2a, 0x25dfdbfc, {0xa, 0x20, 0x80, 0xea, 0x0, 0x2, 0xc8, 0x1, 0xb00}, [@RTA_OIF={0x8}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x3}, @RTA_METRICS={0xf2, 0x8, 0x0, 0x1, "4e777d55499756501291b22d82784651ca09d11b4f333dee7197362454f48ffa07ddbd3a69d43629c3a7bd6e31e432b4f58e66139b58fee9ed4f33b68a133c334bf4dbf8533a7929db02add9286c837821018ef51ed2c0a7f3d0a2b58f25ab68c09b1e16f6714695c990ff0022aa17a589f842723a8d9d3c97bcb43fd5c7a8165d6adb38147990da107f9f10b033008fc310ebaf718336c52d0fd1b1d104746f32ebd4682dd6cf58df02851c7ea88e15189b853d4743155f3d8ecc23d8332915a7f683ed5072a9842497ab3e29bce4512048353b690902bba2857133cb39e4f234525046f732382aef98aed1fc7c"}, @RTA_GATEWAY={0x14, 0x5, @dev={0xfe, 0x80, '\x00', 0x43}}]}, 0x134}, 0x1, 0x0, 0x0, 0x14040851}, 0x80)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f00000006c0)=@mpls_getroute={0xa8, 0x1a, 0x100, 0x70bd25, 0x25dfdbff, {0x1c, 0x10, 0x10, 0x5e, 0xfd, 0x0, 0xc8, 0x4, 0x100}, [@RTA_TTL_PROPAGATE={0x5, 0x1a, 0x9}, @RTA_NEWDST={0x84, 0x13, [{0x8}, {0x85, 0x0, 0x1}, {0x100, 0x0, 0x1}, {0x3}, {0x4}, {0x8, 0x0, 0x1}, {0x1}, {0x400, 0x0, 0x1}, {0x1060, 0x0, 0x1}, {0xa59, 0x0, 0x1}, {0x7b, 0x0, 0x1}, {0xf3}, {0x3}, {0x8000, 0x0, 0x1}, {0x1ff}, {0x77027, 0x0, 0x1}, {0x6}, {0x8000}, {0x7}, {0x81, 0x0, 0x1}, {0x5}, {0x7}, {0x3f, 0x0, 0x1}, {0x68e, 0x0, 0x1}, {0x3, 0x0, 0x1}, {0xfff, 0x0, 0x1}, {0xfff5f}, {0x2, 0x0, 0x1}, {0x8001}, {0x80d5, 0x0, 0x1}, {0x3ff, 0x0, 0x1}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x4040010}, 0x8800)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
setsockopt$inet_udp_int(r4, 0x11, 0x65, &(0x7f0000000280)=0x6, 0x4)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:51 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2876.816575][T23523] memory: usage 307200kB, limit 307200kB, failcnt 18787
13:48:51 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6a01000000000000)

[ 2876.881746][T23523] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2876.897463][T23523] Memory cgroup stats for /syz4:
[ 2876.897681][T23523] anon 114688
[ 2876.897681][T23523] file 8380416
[ 2876.897681][T23523] kernel 306077696
[ 2876.897681][T23523] kernel_stack 65536
[ 2876.897681][T23523] pagetables 77824
[ 2876.897681][T23523] sec_pagetables 0
[ 2876.897681][T23523] percpu 5477376
[ 2876.897681][T23523] sock 0
[ 2876.897681][T23523] vmalloc 0
[ 2876.897681][T23523] shmem 8380416
[ 2876.897681][T23523] zswap 0
[ 2876.897681][T23523] zswapped 0
[ 2876.897681][T23523] file_mapped 405504
[ 2876.897681][T23523] file_dirty 0
[ 2876.897681][T23523] file_writeback 0
[ 2876.897681][T23523] swapcached 0
[ 2876.897681][T23523] anon_thp 0
[ 2876.897681][T23523] file_thp 0
[ 2876.897681][T23523] shmem_thp 0
[ 2876.897681][T23523] inactive_anon 4096
[ 2876.897681][T23523] active_anon 8491008
[ 2876.897681][T23523] inactive_file 0
[ 2876.897681][T23523] active_file 0
[ 2876.897681][T23523] unevictable 0
[ 2876.897681][T23523] slab_reclaimable 38216
[ 2876.897681][T23523] slab_unreclaimable 300379744
[ 2876.897681][T23523] slab 300417960
[ 2876.897681][T23523] workingset_refault_anon 0
[ 2876.897681][T23523] workingset_refault_file 0
[ 2876.897681][T23523] workingset_activate_anon 0
[ 2876.897681][T23523] workingset_activate_file 0
[ 2876.897681][T23523] workingset_restore_anon 0
[ 2876.897681][T23523] workingset_restore_file 0
[ 2876.897681][T23523] workingset_nodereclaim 0
[ 2876.897681][T23523] pgscan 0
[ 2876.897681][T23523] pgsteal 0
[ 2876.897681][T23523] pgscan_kswapd 0
[ 2876.897681][T23523] pgscan_direct 0
[ 2876.897681][T23523] pgscan_khugepaged 0
[ 2876.897681][T23523] pgsteal_kswapd 0
[ 2876.897681][T23523] pgsteal_direct 0
[ 2876.897681][T23523] pgsteal_khugepaged 0
[ 2876.897681][T23523] pgfault 387200
[ 2876.897681][T23523] pgmajfault 0
[ 2876.897681][T23523] pgrefill 0
[ 2876.897681][T23523] pgactivate 0
[ 2876.897681][T23523] pgdeactivate 0
[ 2876.897681][T23523] pglazyfree 0
[ 2876.897681][T23523] pglazyfreed 0
[ 2876.897681][T23523] zswpin 0
[ 2876.897681][T23523] zswpout 0
[ 2876.897681][T23523] thp_fault_alloc 0
[ 2877.101531][T23523] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23523,uid=0
[ 2877.147133][T23523] Memory cgroup out of memory: Killed process 23523 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:51 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xcd)

13:48:51 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0}) (async)
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={&(0x7f0000000080), 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=@gettclass={0x24, 0x2a, 0x400, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0x10, 0x5}, {0x4, 0xfff1}, {0xc, 0xffff}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x40c1}, 0x4044401) (async)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:51 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="48bceb00100001f6ffffffffffffff0000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c000000e90c98317bcfb066ae8d2c00270d0000", @ANYRES32=r2, @ANYBLOB="1d372918fa50f7686a3f4608bcdb269b81d99f58e562e33d1e6baf59c6fa0b4110cd6d141526bf228c745990853791b35c50b71bd2735dbbe7997c8f248b2d5c3cbdaaa8ec"], 0x3c}}, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000640)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000480)={&(0x7f0000000500)=@ipv6_getroute={0x134, 0x1a, 0x20, 0x70bd2a, 0x25dfdbfc, {0xa, 0x20, 0x80, 0xea, 0x0, 0x2, 0xc8, 0x1, 0xb00}, [@RTA_OIF={0x8}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x3}, @RTA_METRICS={0xf2, 0x8, 0x0, 0x1, "4e777d55499756501291b22d82784651ca09d11b4f333dee7197362454f48ffa07ddbd3a69d43629c3a7bd6e31e432b4f58e66139b58fee9ed4f33b68a133c334bf4dbf8533a7929db02add9286c837821018ef51ed2c0a7f3d0a2b58f25ab68c09b1e16f6714695c990ff0022aa17a589f842723a8d9d3c97bcb43fd5c7a8165d6adb38147990da107f9f10b033008fc310ebaf718336c52d0fd1b1d104746f32ebd4682dd6cf58df02851c7ea88e15189b853d4743155f3d8ecc23d8332915a7f683ed5072a9842497ab3e29bce4512048353b690902bba2857133cb39e4f234525046f732382aef98aed1fc7c"}, @RTA_GATEWAY={0x14, 0x5, @dev={0xfe, 0x80, '\x00', 0x43}}]}, 0x134}, 0x1, 0x0, 0x0, 0x14040851}, 0x80) (async)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f00000006c0)=@mpls_getroute={0xa8, 0x1a, 0x100, 0x70bd25, 0x25dfdbff, {0x1c, 0x10, 0x10, 0x5e, 0xfd, 0x0, 0xc8, 0x4, 0x100}, [@RTA_TTL_PROPAGATE={0x5, 0x1a, 0x9}, @RTA_NEWDST={0x84, 0x13, [{0x8}, {0x85, 0x0, 0x1}, {0x100, 0x0, 0x1}, {0x3}, {0x4}, {0x8, 0x0, 0x1}, {0x1}, {0x400, 0x0, 0x1}, {0x1060, 0x0, 0x1}, {0xa59, 0x0, 0x1}, {0x7b, 0x0, 0x1}, {0xf3}, {0x3}, {0x8000, 0x0, 0x1}, {0x1ff}, {0x77027, 0x0, 0x1}, {0x6}, {0x8000}, {0x7}, {0x81, 0x0, 0x1}, {0x5}, {0x7}, {0x3f, 0x0, 0x1}, {0x68e, 0x0, 0x1}, {0x3, 0x0, 0x1}, {0xfff, 0x0, 0x1}, {0xfff5f}, {0x2, 0x0, 0x1}, {0x8001}, {0x80d5, 0x0, 0x1}, {0x3ff, 0x0, 0x1}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x4040010}, 0x8800) (async)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
setsockopt$inet_udp_int(r4, 0x11, 0x65, &(0x7f0000000280)=0x6, 0x4) (async)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:51 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2877.574654][T23547] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2877.597438][T23547] CPU: 1 PID: 23547 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2877.608247][T23547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2877.618309][T23547] Call Trace:
[ 2877.621588][T23547]  <TASK>
[ 2877.624540][T23547]  dump_stack_lvl+0x136/0x150
[ 2877.629247][T23547]  dump_header+0x10a/0xd70
[ 2877.633694][T23547]  oom_kill_process+0x25d/0x600
[ 2877.638564][T23547]  out_of_memory+0x35c/0x1660
[ 2877.643259][T23547]  ? find_held_lock+0x2d/0x110
[ 2877.648040][T23547]  ? oom_killer_disable+0x2b0/0x2b0
[ 2877.653337][T23547]  ? rcu_read_unlock+0x9/0x60
[ 2877.658030][T23547]  ? find_held_lock+0x2d/0x110
[ 2877.662900][T23547]  mem_cgroup_out_of_memory+0x206/0x270
[ 2877.668465][T23547]  ? mem_cgroup_margin+0x130/0x130
[ 2877.673599][T23547]  ? lock_downgrade+0x690/0x690
[ 2877.678482][T23547]  try_charge_memcg+0xf99/0x13a0
[ 2877.683486][T23547]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2877.689504][T23547]  ? rcu_read_unlock+0x9/0x60
[ 2877.694195][T23547]  ? lock_downgrade+0x690/0x690
[ 2877.699162][T23547]  charge_memcg+0x90/0x3b0
[ 2877.703610][T23547]  __mem_cgroup_charge+0x2b/0x90
[ 2877.708556][T23547]  ? copy_mc_to_kernel+0x3e/0x90
[ 2877.713515][T23547]  do_wp_page+0x8ea/0x33c0
[ 2877.717945][T23547]  ? lock_sync+0x190/0x190
[ 2877.722465][T23547]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2877.727848][T23547]  ? do_raw_spin_lock+0x124/0x2b0
[ 2877.732892][T23547]  ? spin_bug+0x1c0/0x1c0
[ 2877.737247][T23547]  __handle_mm_fault+0x1635/0x41c0
[ 2877.742452][T23547]  ? vm_iomap_memory+0x190/0x190
[ 2877.747407][T23547]  ? mas_walk+0x58f/0x730
[ 2877.751764][T23547]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2877.756890][T23547]  handle_mm_fault+0x2af/0x9f0
[ 2877.761668][T23547]  do_user_addr_fault+0x2ca/0x1210
[ 2877.766800][T23547]  ? rcu_is_watching+0x12/0xb0
[ 2877.771589][T23547]  exc_page_fault+0x98/0x170
[ 2877.776192][T23547]  asm_exc_page_fault+0x26/0x30
[ 2877.781063][T23547] RIP: 0033:0x7f4036836f7e
[ 2877.785486][T23547] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2877.805115][T23547] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2877.811278][T23547] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000001
[ 2877.819255][T23547] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2877.827231][T23547] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2877.835295][T23547] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2877.843270][T23547] R13: 00007f4036400080 R14: 00007f40369abf80 R15: 0000000000000000
[ 2877.851287][T23547]  </TASK>
[ 2877.880892][T23547] memory: usage 307200kB, limit 307200kB, failcnt 18878
[ 2877.902756][T23547] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2877.922392][T23547] Memory cgroup stats for /syz4:
[ 2877.922666][T23547] anon 114688
13:48:52 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

[ 2877.922666][T23547] file 8380416
[ 2877.922666][T23547] kernel 306077696
[ 2877.922666][T23547] kernel_stack 65536
[ 2877.922666][T23547] pagetables 77824
[ 2877.922666][T23547] sec_pagetables 0
[ 2877.922666][T23547] percpu 5477376
[ 2877.922666][T23547] sock 0
[ 2877.922666][T23547] vmalloc 0
[ 2877.922666][T23547] shmem 8380416
[ 2877.922666][T23547] zswap 0
[ 2877.922666][T23547] zswapped 0
[ 2877.922666][T23547] file_mapped 405504
[ 2877.922666][T23547] file_dirty 0
[ 2877.922666][T23547] file_writeback 0
[ 2877.922666][T23547] swapcached 0
[ 2877.922666][T23547] anon_thp 0
[ 2877.922666][T23547] file_thp 0
[ 2877.922666][T23547] shmem_thp 0
[ 2877.922666][T23547] inactive_anon 4096
[ 2877.922666][T23547] active_anon 8491008
[ 2877.922666][T23547] inactive_file 0
[ 2877.922666][T23547] active_file 0
[ 2877.922666][T23547] unevictable 0
[ 2877.922666][T23547] slab_reclaimable 38216
[ 2877.922666][T23547] slab_unreclaimable 300379744
[ 2877.922666][T23547] slab 300417960
[ 2877.922666][T23547] workingset_refault_anon 0
[ 2877.922666][T23547] workingset_refault_file 0
[ 2877.922666][T23547] workingset_activate_anon 0
[ 2877.922666][T23547] workingset_activate_file 0
[ 2877.922666][T23547] workingset_restore_anon 0
[ 2877.922666][T23547] workingset_restore_file 0
[ 2877.922666][T23547] workingset_nodereclaim 0
[ 2877.922666][T23547] pgscan 0
[ 2877.922666][T23547] pgsteal 0
[ 2877.922666][T23547] pgscan_kswapd 0
[ 2877.922666][T23547] pgscan_direct 0
[ 2877.922666][T23547] pgscan_khugepaged 0
[ 2877.922666][T23547] pgsteal_kswapd 0
[ 2877.922666][T23547] pgsteal_direct 0
[ 2877.922666][T23547] pgsteal_khugepaged 0
[ 2877.922666][T23547] pgfault 387239
[ 2877.922666][T23547] pgmajfault 0
[ 2877.922666][T23547] pgrefill 0
[ 2877.922666][T23547] pgactivate 0
[ 2877.922666][T23547] pgdeactivate 0
[ 2877.922666][T23547] pglazyfree 0
[ 2877.922666][T23547] pglazyfreed 0
[ 2877.922666][T23547] zswpin 0
[ 2877.922666][T23547] zswpout 0
[ 2877.922666][T23547] thp_fault_alloc 0
13:48:52 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="48bceb00100001f6ffffffffffffff0000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async, rerun: 64)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c000000e90c98317bcfb066ae8d2c00270d0000", @ANYRES32=r2, @ANYBLOB="1d372918fa50f7686a3f4608bcdb269b81d99f58e562e33d1e6baf59c6fa0b4110cd6d141526bf228c745990853791b35c50b71bd2735dbbe7997c8f248b2d5c3cbdaaa8ec"], 0x3c}}, 0x0) (async, rerun: 64)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000640)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000480)={&(0x7f0000000500)=@ipv6_getroute={0x134, 0x1a, 0x20, 0x70bd2a, 0x25dfdbfc, {0xa, 0x20, 0x80, 0xea, 0x0, 0x2, 0xc8, 0x1, 0xb00}, [@RTA_OIF={0x8}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x3}, @RTA_METRICS={0xf2, 0x8, 0x0, 0x1, "4e777d55499756501291b22d82784651ca09d11b4f333dee7197362454f48ffa07ddbd3a69d43629c3a7bd6e31e432b4f58e66139b58fee9ed4f33b68a133c334bf4dbf8533a7929db02add9286c837821018ef51ed2c0a7f3d0a2b58f25ab68c09b1e16f6714695c990ff0022aa17a589f842723a8d9d3c97bcb43fd5c7a8165d6adb38147990da107f9f10b033008fc310ebaf718336c52d0fd1b1d104746f32ebd4682dd6cf58df02851c7ea88e15189b853d4743155f3d8ecc23d8332915a7f683ed5072a9842497ab3e29bce4512048353b690902bba2857133cb39e4f234525046f732382aef98aed1fc7c"}, @RTA_GATEWAY={0x14, 0x5, @dev={0xfe, 0x80, '\x00', 0x43}}]}, 0x134}, 0x1, 0x0, 0x0, 0x14040851}, 0x80) (async)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f00000006c0)=@mpls_getroute={0xa8, 0x1a, 0x100, 0x70bd25, 0x25dfdbff, {0x1c, 0x10, 0x10, 0x5e, 0xfd, 0x0, 0xc8, 0x4, 0x100}, [@RTA_TTL_PROPAGATE={0x5, 0x1a, 0x9}, @RTA_NEWDST={0x84, 0x13, [{0x8}, {0x85, 0x0, 0x1}, {0x100, 0x0, 0x1}, {0x3}, {0x4}, {0x8, 0x0, 0x1}, {0x1}, {0x400, 0x0, 0x1}, {0x1060, 0x0, 0x1}, {0xa59, 0x0, 0x1}, {0x7b, 0x0, 0x1}, {0xf3}, {0x3}, {0x8000, 0x0, 0x1}, {0x1ff}, {0x77027, 0x0, 0x1}, {0x6}, {0x8000}, {0x7}, {0x81, 0x0, 0x1}, {0x5}, {0x7}, {0x3f, 0x0, 0x1}, {0x68e, 0x0, 0x1}, {0x3, 0x0, 0x1}, {0xfff, 0x0, 0x1}, {0xfff5f}, {0x2, 0x0, 0x1}, {0x8001}, {0x80d5, 0x0, 0x1}, {0x3ff, 0x0, 0x1}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x4040010}, 0x8800) (async)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) (async, rerun: 64)
setsockopt$inet_udp_int(r4, 0x11, 0x65, &(0x7f0000000280)=0x6, 0x4) (async, rerun: 64)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2878.124032][T23547] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23547,uid=0
[ 2878.140263][T23547] Memory cgroup out of memory: Killed process 23547 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:52 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000240)={'ip6_vti0\x00', r2, 0x2f, 0x5, 0x3, 0x100, 0x1, @dev={0xfe, 0x80, '\x00', 0x2e}, @mcast1, 0x20, 0x0, 0x3b, 0xb}})
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:52 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xce)

13:48:52 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:52 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6b00000000000000)

13:48:52 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x4, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2878.366770][T23562] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2878.393044][T23562] CPU: 0 PID: 23562 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2878.403547][T23562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2878.413648][T23562] Call Trace:
[ 2878.416962][T23562]  <TASK>
[ 2878.419927][T23562]  dump_stack_lvl+0x136/0x150
[ 2878.424650][T23562]  dump_header+0x10a/0xd70
[ 2878.429109][T23562]  oom_kill_process+0x25d/0x600
[ 2878.434004][T23562]  out_of_memory+0x35c/0x1660
[ 2878.438725][T23562]  ? find_held_lock+0x2d/0x110
[ 2878.443538][T23562]  ? oom_killer_disable+0x2b0/0x2b0
[ 2878.448783][T23562]  ? rcu_read_unlock+0x9/0x60
[ 2878.453485][T23562]  ? find_held_lock+0x2d/0x110
[ 2878.458269][T23562]  mem_cgroup_out_of_memory+0x206/0x270
[ 2878.463930][T23562]  ? mem_cgroup_margin+0x130/0x130
[ 2878.469060][T23562]  ? lock_downgrade+0x690/0x690
[ 2878.473961][T23562]  try_charge_memcg+0xf99/0x13a0
[ 2878.478961][T23562]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2878.484981][T23562]  ? rcu_read_unlock+0x9/0x60
[ 2878.489761][T23562]  ? lock_downgrade+0x690/0x690
[ 2878.494729][T23562]  charge_memcg+0x90/0x3b0
[ 2878.499203][T23562]  __mem_cgroup_charge+0x2b/0x90
[ 2878.504246][T23562]  ? copy_mc_to_kernel+0x3e/0x90
[ 2878.509219][T23562]  do_wp_page+0x8ea/0x33c0
[ 2878.513667][T23562]  ? lock_sync+0x190/0x190
[ 2878.518275][T23562]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2878.523659][T23562]  ? do_raw_spin_lock+0x124/0x2b0
[ 2878.528708][T23562]  ? spin_bug+0x1c0/0x1c0
[ 2878.533151][T23562]  __handle_mm_fault+0x1635/0x41c0
[ 2878.538280][T23562]  ? vm_iomap_memory+0x190/0x190
[ 2878.543232][T23562]  ? mas_walk+0x58f/0x730
[ 2878.547589][T23562]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2878.552802][T23562]  handle_mm_fault+0x2af/0x9f0
[ 2878.557606][T23562]  do_user_addr_fault+0x2ca/0x1210
[ 2878.562770][T23562]  ? rcu_is_watching+0x12/0xb0
[ 2878.567565][T23562]  exc_page_fault+0x98/0x170
[ 2878.572187][T23562]  asm_exc_page_fault+0x26/0x30
[ 2878.577075][T23562] RIP: 0033:0x7f4036836f7e
[ 2878.581505][T23562] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2878.601158][T23562] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2878.607265][T23562] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2878.615254][T23562] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2878.623236][T23562] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2878.631218][T23562] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2878.639195][T23562] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2878.647189][T23562]  </TASK>
[ 2878.672357][T23562] memory: usage 307200kB, limit 307200kB, failcnt 18943
[ 2878.679705][T23562] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2878.686789][T23562] Memory cgroup stats for /syz4:
[ 2878.687063][T23562] anon 114688
[ 2878.687063][T23562] file 8380416
[ 2878.687063][T23562] kernel 306077696
[ 2878.687063][T23562] kernel_stack 65536
[ 2878.687063][T23562] pagetables 77824
[ 2878.687063][T23562] sec_pagetables 0
[ 2878.687063][T23562] percpu 5477376
[ 2878.687063][T23562] sock 0
[ 2878.687063][T23562] vmalloc 0
[ 2878.687063][T23562] shmem 8380416
[ 2878.687063][T23562] zswap 0
[ 2878.687063][T23562] zswapped 0
[ 2878.687063][T23562] file_mapped 405504
[ 2878.687063][T23562] file_dirty 0
[ 2878.687063][T23562] file_writeback 0
[ 2878.687063][T23562] swapcached 0
[ 2878.687063][T23562] anon_thp 0
[ 2878.687063][T23562] file_thp 0
[ 2878.687063][T23562] shmem_thp 0
[ 2878.687063][T23562] inactive_anon 4096
[ 2878.687063][T23562] active_anon 8491008
[ 2878.687063][T23562] inactive_file 0
[ 2878.687063][T23562] active_file 0
[ 2878.687063][T23562] unevictable 0
[ 2878.687063][T23562] slab_reclaimable 38216
[ 2878.687063][T23562] slab_unreclaimable 300379744
[ 2878.687063][T23562] slab 300417960
[ 2878.687063][T23562] workingset_refault_anon 0
[ 2878.687063][T23562] workingset_refault_file 0
[ 2878.687063][T23562] workingset_activate_anon 0
[ 2878.687063][T23562] workingset_activate_file 0
[ 2878.687063][T23562] workingset_restore_anon 0
[ 2878.687063][T23562] workingset_restore_file 0
[ 2878.687063][T23562] workingset_nodereclaim 0
[ 2878.687063][T23562] pgscan 0
[ 2878.687063][T23562] pgsteal 0
[ 2878.687063][T23562] pgscan_kswapd 0
[ 2878.687063][T23562] pgscan_direct 0
[ 2878.687063][T23562] pgscan_khugepaged 0
[ 2878.687063][T23562] pgsteal_kswapd 0
[ 2878.687063][T23562] pgsteal_direct 0
[ 2878.687063][T23562] pgsteal_khugepaged 0
[ 2878.687063][T23562] pgfault 387278
[ 2878.687063][T23562] pgmajfault 0
[ 2878.687063][T23562] pgrefill 0
[ 2878.687063][T23562] pgactivate 0
[ 2878.687063][T23562] pgdeactivate 0
[ 2878.687063][T23562] pglazyfree 0
[ 2878.687063][T23562] pglazyfreed 0
[ 2878.687063][T23562] zswpin 0
[ 2878.687063][T23562] zswpout 0
[ 2878.687063][T23562] thp_fault_alloc 0
[ 2878.881211][T23562] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23562,uid=0
[ 2878.897617][T23562] Memory cgroup out of memory: Killed process 23562 (syz-executor.4) total-vm:54548kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 2878.916323][T23572] __nla_validate_parse: 23 callbacks suppressed
13:48:53 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000240)={'ip6_vti0\x00', r2, 0x2f, 0x5, 0x3, 0x100, 0x1, @dev={0xfe, 0x80, '\x00', 0x2e}, @mcast1, 0x20, 0x0, 0x3b, 0xb}})
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2878.916343][T23572] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2879.027602][T23586] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2879.054745][T23586] CPU: 1 PID: 23586 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2879.055957][T23575] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2879.065214][T23586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2879.065234][T23586] Call Trace:
[ 2879.065243][T23586]  <TASK>
[ 2879.065253][T23586]  dump_stack_lvl+0x136/0x150
[ 2879.065284][T23586]  dump_header+0x10a/0xd70
[ 2879.065310][T23586]  oom_kill_process+0x25d/0x600
[ 2879.065335][T23586]  out_of_memory+0x35c/0x1660
[ 2879.065363][T23586]  ? find_held_lock+0x2d/0x110
[ 2879.114642][T23586]  ? oom_killer_disable+0x2b0/0x2b0
[ 2879.119864][T23586]  ? rcu_read_unlock+0x9/0x60
[ 2879.124558][T23586]  ? find_held_lock+0x2d/0x110
[ 2879.129338][T23586]  mem_cgroup_out_of_memory+0x206/0x270
[ 2879.134901][T23586]  ? mem_cgroup_margin+0x130/0x130
[ 2879.140023][T23586]  ? lock_downgrade+0x690/0x690
[ 2879.144906][T23586]  try_charge_memcg+0xf99/0x13a0
[ 2879.149869][T23586]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2879.155870][T23586]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2879.161616][T23586]  ? lock_downgrade+0x690/0x690
[ 2879.166576][T23586]  ? lock_downgrade+0x690/0x690
[ 2879.171457][T23586]  __memcg_kmem_charge_page+0x16e/0x3c0
[ 2879.177078][T23586]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2879.183280][T23586]  copy_process+0x4f9/0x75c0
[ 2879.187891][T23586]  ? __lock_acquire+0xc17/0x5f30
[ 2879.192855][T23586]  ? pidfd_prepare+0x80/0x80
[ 2879.197470][T23586]  ? psi_memstall_leave+0x174/0x250
[ 2879.202676][T23586]  ? lock_downgrade+0x690/0x690
[ 2879.207554][T23586]  kernel_clone+0xeb/0x890
[ 2879.211991][T23586]  ? create_io_thread+0xe0/0xe0
[ 2879.216866][T23586]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2879.223131][T23586]  ? lock_downgrade+0x690/0x690
[ 2879.228014][T23586]  __do_sys_clone+0xba/0x100
[ 2879.232625][T23586]  ? kernel_clone+0x890/0x890
[ 2879.237331][T23586]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2879.243247][T23586]  do_syscall_64+0x39/0xb0
[ 2879.247773][T23586]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2879.253692][T23586] RIP: 0033:0x7f403688d591
[ 2879.258118][T23586] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2879.277733][T23586] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2879.286151][T23586] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2879.294237][T23586] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2879.302325][T23586] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2879.311014][T23586] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2879.319011][T23586] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2879.327018][T23586]  </TASK>
[ 2879.428155][T23574] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2879.476732][T23586] memory: usage 307184kB, limit 307200kB, failcnt 18994
[ 2879.496872][T23586] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2879.509991][T23586] Memory cgroup stats for /syz4:
[ 2879.510293][T23586] anon 114688
[ 2879.510293][T23586] file 8380416
[ 2879.510293][T23586] kernel 306061312
[ 2879.510293][T23586] kernel_stack 32768
[ 2879.510293][T23586] pagetables 77824
[ 2879.510293][T23586] sec_pagetables 0
[ 2879.510293][T23586] percpu 5477376
[ 2879.510293][T23586] sock 0
[ 2879.510293][T23586] vmalloc 0
[ 2879.510293][T23586] shmem 8380416
[ 2879.510293][T23586] zswap 0
[ 2879.510293][T23586] zswapped 0
[ 2879.510293][T23586] file_mapped 405504
[ 2879.510293][T23586] file_dirty 0
[ 2879.510293][T23586] file_writeback 0
[ 2879.510293][T23586] swapcached 0
[ 2879.510293][T23586] anon_thp 0
[ 2879.510293][T23586] file_thp 0
[ 2879.510293][T23586] shmem_thp 0
[ 2879.510293][T23586] inactive_anon 4096
[ 2879.510293][T23586] active_anon 8491008
[ 2879.510293][T23586] inactive_file 0
[ 2879.510293][T23586] active_file 0
[ 2879.510293][T23586] unevictable 0
[ 2879.510293][T23586] slab_reclaimable 38216
[ 2879.510293][T23586] slab_unreclaimable 300379280
[ 2879.510293][T23586] slab 300417496
[ 2879.510293][T23586] workingset_refault_anon 0
[ 2879.510293][T23586] workingset_refault_file 0
[ 2879.510293][T23586] workingset_activate_anon 0
[ 2879.510293][T23586] workingset_activate_file 0
[ 2879.510293][T23586] workingset_restore_anon 0
[ 2879.510293][T23586] workingset_restore_file 0
[ 2879.510293][T23586] workingset_nodereclaim 0
[ 2879.510293][T23586] pgscan 0
[ 2879.510293][T23586] pgsteal 0
[ 2879.510293][T23586] pgscan_kswapd 0
[ 2879.510293][T23586] pgscan_direct 0
[ 2879.510293][T23586] pgscan_khugepaged 0
[ 2879.510293][T23586] pgsteal_kswapd 0
[ 2879.510293][T23586] pgsteal_direct 0
[ 2879.510293][T23586] pgsteal_khugepaged 0
[ 2879.510293][T23586] pgfault 387314
[ 2879.510293][T23586] pgmajfault 0
[ 2879.510293][T23586] pgrefill 0
[ 2879.510293][T23586] pgactivate 0
[ 2879.510293][T23586] pgdeactivate 0
[ 2879.510293][T23586] pglazyfree 0
[ 2879.510293][T23586] pglazyfreed 0
[ 2879.510293][T23586] zswpin 0
[ 2879.510293][T23586] zswpout 0
[ 2879.510293][T23586] thp_fault_alloc 0
[ 2879.707707][T23577] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2879.876885][T23578] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2879.906485][T23583] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
13:48:54 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x4, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:54 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2879.910399][T23586] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23586,uid=0
[ 2879.960867][T23580] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
13:48:54 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6b01000000000000)

[ 2879.975161][T23586] Memory cgroup out of memory: Killed process 23586 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 2880.001455][T23564] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
13:48:54 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xcf)

[ 2880.039785][T23582] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2880.059903][T23590] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
13:48:54 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

13:48:54 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000240)={'ip6_vti0\x00', r2, 0x2f, 0x5, 0x3, 0x100, 0x1, @dev={0xfe, 0x80, '\x00', 0x2e}, @mcast1, 0x20, 0x0, 0x3b, 0xb}})
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
socket(0x10, 0x803, 0x0) (async)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000240)={'ip6_vti0\x00', r2, 0x2f, 0x5, 0x3, 0x100, 0x1, @dev={0xfe, 0x80, '\x00', 0x2e}, @mcast1, 0x20, 0x0, 0x3b, 0xb}}) (async)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)

[ 2880.276986][T23600] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2880.293632][T23600] CPU: 1 PID: 23600 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2880.305104][T23600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2880.315205][T23600] Call Trace:
[ 2880.318523][T23600]  <TASK>
[ 2880.321566][T23600]  dump_stack_lvl+0x136/0x150
[ 2880.326335][T23600]  dump_header+0x10a/0xd70
[ 2880.330879][T23600]  oom_kill_process+0x25d/0x600
[ 2880.335856][T23600]  out_of_memory+0x35c/0x1660
[ 2880.340661][T23600]  ? find_held_lock+0x2d/0x110
[ 2880.345556][T23600]  ? oom_killer_disable+0x2b0/0x2b0
[ 2880.350874][T23600]  ? rcu_read_unlock+0x9/0x60
[ 2880.355573][T23600]  ? find_held_lock+0x2d/0x110
[ 2880.360358][T23600]  mem_cgroup_out_of_memory+0x206/0x270
[ 2880.365935][T23600]  ? mem_cgroup_margin+0x130/0x130
[ 2880.371066][T23600]  ? lock_downgrade+0x690/0x690
[ 2880.375948][T23600]  try_charge_memcg+0xf99/0x13a0
[ 2880.380918][T23600]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2880.387014][T23600]  ? rcu_read_unlock+0x9/0x60
[ 2880.391706][T23600]  ? lock_downgrade+0x690/0x690
[ 2880.396589][T23600]  charge_memcg+0x90/0x3b0
[ 2880.401206][T23600]  __mem_cgroup_charge+0x2b/0x90
[ 2880.406155][T23600]  ? copy_mc_to_kernel+0x3e/0x90
[ 2880.411138][T23600]  do_wp_page+0x8ea/0x33c0
[ 2880.415587][T23600]  ? lock_sync+0x190/0x190
[ 2880.420031][T23600]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2880.425445][T23600]  ? do_raw_spin_lock+0x124/0x2b0
[ 2880.430758][T23600]  ? spin_bug+0x1c0/0x1c0
[ 2880.435202][T23600]  __handle_mm_fault+0x1635/0x41c0
[ 2880.440337][T23600]  ? vm_iomap_memory+0x190/0x190
[ 2880.445291][T23600]  ? mas_walk+0x58f/0x730
[ 2880.449648][T23600]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2880.454782][T23600]  handle_mm_fault+0x2af/0x9f0
[ 2880.459828][T23600]  do_user_addr_fault+0x2ca/0x1210
[ 2880.464956][T23600]  ? rcu_is_watching+0x12/0xb0
[ 2880.469760][T23600]  exc_page_fault+0x98/0x170
[ 2880.474379][T23600]  asm_exc_page_fault+0x26/0x30
[ 2880.479338][T23600] RIP: 0033:0x7f4036836f7e
[ 2880.483760][T23600] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2880.503399][T23600] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2880.509474][T23600] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2880.517535][T23600] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2880.525508][T23600] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2880.538450][T23600] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2880.546453][T23600] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2880.554559][T23600]  </TASK>
[ 2880.617421][T23600] memory: usage 307200kB, limit 307200kB, failcnt 19121
[ 2880.624616][T23600] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2880.631888][T23600] Memory cgroup stats for /syz4:
[ 2880.632100][T23600] anon 114688
[ 2880.632100][T23600] file 8380416
[ 2880.632100][T23600] kernel 306077696
[ 2880.632100][T23600] kernel_stack 65536
[ 2880.632100][T23600] pagetables 77824
[ 2880.632100][T23600] sec_pagetables 0
[ 2880.632100][T23600] percpu 5477376
[ 2880.632100][T23600] sock 0
[ 2880.632100][T23600] vmalloc 0
[ 2880.632100][T23600] shmem 8380416
[ 2880.632100][T23600] zswap 0
[ 2880.632100][T23600] zswapped 0
[ 2880.632100][T23600] file_mapped 405504
[ 2880.632100][T23600] file_dirty 0
[ 2880.632100][T23600] file_writeback 0
[ 2880.632100][T23600] swapcached 0
[ 2880.632100][T23600] anon_thp 0
[ 2880.632100][T23600] file_thp 0
[ 2880.632100][T23600] shmem_thp 0
[ 2880.632100][T23600] inactive_anon 4096
[ 2880.632100][T23600] active_anon 8491008
[ 2880.632100][T23600] inactive_file 0
[ 2880.632100][T23600] active_file 0
[ 2880.632100][T23600] unevictable 0
[ 2880.632100][T23600] slab_reclaimable 38216
[ 2880.632100][T23600] slab_unreclaimable 300379744
[ 2880.632100][T23600] slab 300417960
[ 2880.632100][T23600] workingset_refault_anon 0
[ 2880.632100][T23600] workingset_refault_file 0
[ 2880.632100][T23600] workingset_activate_anon 0
[ 2880.632100][T23600] workingset_activate_file 0
[ 2880.632100][T23600] workingset_restore_anon 0
[ 2880.632100][T23600] workingset_restore_file 0
[ 2880.632100][T23600] workingset_nodereclaim 0
[ 2880.632100][T23600] pgscan 0
[ 2880.632100][T23600] pgsteal 0
[ 2880.632100][T23600] pgscan_kswapd 0
[ 2880.632100][T23600] pgscan_direct 0
[ 2880.632100][T23600] pgscan_khugepaged 0
[ 2880.632100][T23600] pgsteal_kswapd 0
[ 2880.632100][T23600] pgsteal_direct 0
[ 2880.632100][T23600] pgsteal_khugepaged 0
[ 2880.632100][T23600] pgfault 387349
[ 2880.632100][T23600] pgmajfault 0
[ 2880.632100][T23600] pgrefill 0
[ 2880.632100][T23600] pgactivate 0
[ 2880.632100][T23600] pgdeactivate 0
[ 2880.632100][T23600] pglazyfree 0
[ 2880.632100][T23600] pglazyfreed 0
[ 2880.632100][T23600] zswpin 0
[ 2880.632100][T23600] zswpout 0
[ 2880.632100][T23600] thp_fault_alloc 0
13:48:55 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x4, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
socket(0x10, 0x4, 0x0) (async)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)

[ 2880.846518][T23600] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23600,uid=0
[ 2880.887684][T23600] Memory cgroup out of memory: Killed process 23600 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:55 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000380)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x11b00400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=@gettfilter={0x6c, 0x2e, 0x400, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xd, 0x12}, {0x2}, {0xd, 0xd}}, [{0x8, 0xb, 0x8}, {0x8, 0xb, 0x32a9}, {0x8, 0xb, 0x9}, {0x8, 0xb, 0xf0000000}, {0x8, 0xb, 0x1}, {0x8, 0xb, 0x5}, {0x8, 0xb, 0x1f}, {0x8, 0xb, 0xfff}, {0x8}]}, 0x6c}, 0x1, 0x0, 0x0, 0x24000804}, 0x4080)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r3, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:55 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2881.081382][T23613] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[ 2881.104845][T23613] CPU: 0 PID: 23613 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2881.115352][T23613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2881.125447][T23613] Call Trace:
[ 2881.128753][T23613]  <TASK>
[ 2881.131710][T23613]  dump_stack_lvl+0x136/0x150
[ 2881.136427][T23613]  dump_header+0x10a/0xd70
[ 2881.140884][T23613]  oom_kill_process+0x25d/0x600
[ 2881.145770][T23613]  out_of_memory+0x35c/0x1660
[ 2881.150471][T23613]  ? find_held_lock+0x2d/0x110
[ 2881.155252][T23613]  ? oom_killer_disable+0x2b0/0x2b0
[ 2881.160461][T23613]  ? rcu_read_unlock+0x9/0x60
[ 2881.165153][T23613]  ? find_held_lock+0x2d/0x110
[ 2881.169931][T23613]  mem_cgroup_out_of_memory+0x206/0x270
[ 2881.175496][T23613]  ? mem_cgroup_margin+0x130/0x130
[ 2881.180623][T23613]  ? lock_downgrade+0x690/0x690
[ 2881.185511][T23613]  try_charge_memcg+0xf99/0x13a0
[ 2881.190480][T23613]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2881.196487][T23613]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2881.202235][T23613]  ? lock_downgrade+0x690/0x690
[ 2881.207106][T23613]  ? lock_downgrade+0x690/0x690
[ 2881.211972][T23613]  ? rcu_read_unlock+0x9/0x60
[ 2881.216674][T23613]  obj_cgroup_charge+0x2af/0x5e0
[ 2881.221642][T23613]  __kmem_cache_alloc_node+0xa3/0x320
[ 2881.227034][T23613]  ? copy_semundo+0x18b/0x300
[ 2881.231733][T23613]  kmalloc_trace+0x26/0xe0
[ 2881.236174][T23613]  copy_semundo+0x18b/0x300
[ 2881.240691][T23613]  copy_process+0x2557/0x75c0
[ 2881.245398][T23613]  ? pidfd_prepare+0x80/0x80
[ 2881.250010][T23613]  ? psi_memstall_leave+0x174/0x250
[ 2881.255230][T23613]  ? lock_downgrade+0x690/0x690
[ 2881.260122][T23613]  kernel_clone+0xeb/0x890
[ 2881.264571][T23613]  ? create_io_thread+0xe0/0xe0
[ 2881.269455][T23613]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2881.275886][T23613]  ? lock_downgrade+0x690/0x690
[ 2881.280801][T23613]  __do_sys_clone+0xba/0x100
[ 2881.285440][T23613]  ? kernel_clone+0x890/0x890
[ 2881.290164][T23613]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2881.296093][T23613]  do_syscall_64+0x39/0xb0
[ 2881.300541][T23613]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2881.306457][T23613] RIP: 0033:0x7f403688d591
[ 2881.310886][T23613] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2881.330505][T23613] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2881.338927][T23613] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2881.346903][T23613] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2881.354880][T23613] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2881.362861][T23613] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2881.370863][T23613] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2881.378863][T23613]  </TASK>
13:48:55 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

13:48:55 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6c00000000000000)

[ 2881.595775][T23613] memory: usage 307200kB, limit 307200kB, failcnt 19205
[ 2881.609951][T23613] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2881.636659][T23613] Memory cgroup stats for /syz4:
[ 2881.636977][T23613] anon 114688
[ 2881.636977][T23613] file 8380416
[ 2881.636977][T23613] kernel 306077696
[ 2881.636977][T23613] kernel_stack 65536
[ 2881.636977][T23613] pagetables 77824
[ 2881.636977][T23613] sec_pagetables 0
[ 2881.636977][T23613] percpu 5477376
[ 2881.636977][T23613] sock 0
[ 2881.636977][T23613] vmalloc 0
[ 2881.636977][T23613] shmem 8380416
[ 2881.636977][T23613] zswap 0
[ 2881.636977][T23613] zswapped 0
[ 2881.636977][T23613] file_mapped 405504
[ 2881.636977][T23613] file_dirty 0
[ 2881.636977][T23613] file_writeback 0
[ 2881.636977][T23613] swapcached 0
[ 2881.636977][T23613] anon_thp 0
[ 2881.636977][T23613] file_thp 0
[ 2881.636977][T23613] shmem_thp 0
[ 2881.636977][T23613] inactive_anon 4096
[ 2881.636977][T23613] active_anon 8491008
[ 2881.636977][T23613] inactive_file 0
[ 2881.636977][T23613] active_file 0
[ 2881.636977][T23613] unevictable 0
[ 2881.636977][T23613] slab_reclaimable 38216
[ 2881.636977][T23613] slab_unreclaimable 300379280
[ 2881.636977][T23613] slab 300417496
[ 2881.636977][T23613] workingset_refault_anon 0
[ 2881.636977][T23613] workingset_refault_file 0
[ 2881.636977][T23613] workingset_activate_anon 0
[ 2881.636977][T23613] workingset_activate_file 0
[ 2881.636977][T23613] workingset_restore_anon 0
[ 2881.636977][T23613] workingset_restore_file 0
[ 2881.636977][T23613] workingset_nodereclaim 0
[ 2881.636977][T23613] pgscan 0
[ 2881.636977][T23613] pgsteal 0
[ 2881.636977][T23613] pgscan_kswapd 0
[ 2881.636977][T23613] pgscan_direct 0
[ 2881.636977][T23613] pgscan_khugepaged 0
[ 2881.636977][T23613] pgsteal_kswapd 0
[ 2881.636977][T23613] pgsteal_direct 0
[ 2881.636977][T23613] pgsteal_khugepaged 0
[ 2881.636977][T23613] pgfault 387385
[ 2881.636977][T23613] pgmajfault 0
[ 2881.636977][T23613] pgrefill 0
[ 2881.636977][T23613] pgactivate 0
[ 2881.636977][T23613] pgdeactivate 0
[ 2881.636977][T23613] pglazyfree 0
[ 2881.636977][T23613] pglazyfreed 0
[ 2881.636977][T23613] zswpin 0
[ 2881.636977][T23613] zswpout 0
[ 2881.636977][T23613] thp_fault_alloc 0
13:48:56 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xfffffff9, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYRES16=r2, @ANYBLOB="048ffcd1cff2cb9de0b4281c505fc126d28d7275ae40f83a7dfe8bb4ff3ae53e22320ba86abb1190d48dd1fd8327353d234c02f6e450842645f594ebbccebeb6285135695b7b15d2c3a303155d9d0ae3e1da81eb8ba42721607daa4580cd802314b7", @ANYBLOB="0000000000000000280012000900010076657468", @ANYRES64=r1, @ANYRES8=r2], 0x48}}, 0x40004)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000024000b0f00"/20, @ANYRES32=r2, @ANYBLOB="00000000ffffffff000000000800014b71667100"], 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYRESHEX=r2, @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2881.833443][T23613] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23613,uid=0
[ 2881.851297][T23613] Memory cgroup out of memory: Killed process 23613 (syz-executor.4) total-vm:54548kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:56 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000380)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x11b00400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=@gettfilter={0x6c, 0x2e, 0x400, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xd, 0x12}, {0x2}, {0xd, 0xd}}, [{0x8, 0xb, 0x8}, {0x8, 0xb, 0x32a9}, {0x8, 0xb, 0x9}, {0x8, 0xb, 0xf0000000}, {0x8, 0xb, 0x1}, {0x8, 0xb, 0x5}, {0x8, 0xb, 0x1f}, {0x8, 0xb, 0xfff}, {0x8}]}, 0x6c}, 0x1, 0x0, 0x0, 0x24000804}, 0x4080) (async, rerun: 64)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (rerun: 64)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r3, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:56 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xd0)

13:48:56 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2882.138082][T23632] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[ 2882.191211][T23632] CPU: 1 PID: 23632 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2882.201696][T23632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2882.211790][T23632] Call Trace:
[ 2882.215100][T23632]  <TASK>
[ 2882.218054][T23632]  dump_stack_lvl+0x136/0x150
[ 2882.222776][T23632]  dump_header+0x10a/0xd70
[ 2882.227258][T23632]  oom_kill_process+0x25d/0x600
[ 2882.232150][T23632]  out_of_memory+0x35c/0x1660
[ 2882.236867][T23632]  ? find_held_lock+0x2d/0x110
[ 2882.241677][T23632]  ? oom_killer_disable+0x2b0/0x2b0
[ 2882.246912][T23632]  ? rcu_read_unlock+0x9/0x60
[ 2882.251625][T23632]  ? find_held_lock+0x2d/0x110
[ 2882.256439][T23632]  mem_cgroup_out_of_memory+0x206/0x270
[ 2882.262033][T23632]  ? mem_cgroup_margin+0x130/0x130
[ 2882.267186][T23632]  ? lock_downgrade+0x690/0x690
[ 2882.272097][T23632]  try_charge_memcg+0xf99/0x13a0
[ 2882.277093][T23632]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2882.283134][T23632]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2882.288899][T23632]  ? lock_downgrade+0x690/0x690
[ 2882.293797][T23632]  ? lock_downgrade+0x690/0x690
[ 2882.298778][T23632]  ? rcu_read_unlock+0x9/0x60
[ 2882.303498][T23632]  obj_cgroup_charge+0x2af/0x5e0
[ 2882.308494][T23632]  __kmem_cache_alloc_node+0xa3/0x320
[ 2882.313913][T23632]  ? copy_semundo+0x18b/0x300
[ 2882.318631][T23632]  kmalloc_trace+0x26/0xe0
[ 2882.323095][T23632]  copy_semundo+0x18b/0x300
[ 2882.327634][T23632]  copy_process+0x2557/0x75c0
[ 2882.332379][T23632]  ? pidfd_prepare+0x80/0x80
[ 2882.337021][T23632]  ? psi_memstall_leave+0x174/0x250
[ 2882.342255][T23632]  ? lock_downgrade+0x690/0x690
[ 2882.347246][T23632]  kernel_clone+0xeb/0x890
[ 2882.351713][T23632]  ? create_io_thread+0xe0/0xe0
[ 2882.356696][T23632]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2882.362985][T23632]  ? lock_downgrade+0x690/0x690
[ 2882.367984][T23632]  __do_sys_clone+0xba/0x100
[ 2882.372617][T23632]  ? kernel_clone+0x890/0x890
[ 2882.377353][T23632]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2882.383294][T23632]  do_syscall_64+0x39/0xb0
[ 2882.387764][T23632]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2882.393709][T23632] RIP: 0033:0x7f403688d591
[ 2882.398146][T23632] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2882.417804][T23632] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2882.426269][T23632] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2882.434276][T23632] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2882.442292][T23632] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2882.450305][T23632] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2882.458329][T23632] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2882.466361][T23632]  </TASK>
13:48:56 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6c01000000000000)

[ 2882.529952][T23632] memory: usage 307200kB, limit 307200kB, failcnt 19320
[ 2882.537199][T23632] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2882.566285][T23632] Memory cgroup stats for /syz4:
[ 2882.566570][T23632] anon 114688
[ 2882.566570][T23632] file 8380416
13:48:56 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

[ 2882.566570][T23632] kernel 306077696
[ 2882.566570][T23632] kernel_stack 65536
[ 2882.566570][T23632] pagetables 77824
[ 2882.566570][T23632] sec_pagetables 0
[ 2882.566570][T23632] percpu 5477376
[ 2882.566570][T23632] sock 0
[ 2882.566570][T23632] vmalloc 0
[ 2882.566570][T23632] shmem 8380416
[ 2882.566570][T23632] zswap 0
[ 2882.566570][T23632] zswapped 0
[ 2882.566570][T23632] file_mapped 405504
[ 2882.566570][T23632] file_dirty 0
[ 2882.566570][T23632] file_writeback 0
[ 2882.566570][T23632] swapcached 0
[ 2882.566570][T23632] anon_thp 0
[ 2882.566570][T23632] file_thp 0
[ 2882.566570][T23632] shmem_thp 0
[ 2882.566570][T23632] inactive_anon 4096
[ 2882.566570][T23632] active_anon 8491008
[ 2882.566570][T23632] inactive_file 0
[ 2882.566570][T23632] active_file 0
[ 2882.566570][T23632] unevictable 0
[ 2882.566570][T23632] slab_reclaimable 38216
[ 2882.566570][T23632] slab_unreclaimable 300379280
[ 2882.566570][T23632] slab 300417496
[ 2882.566570][T23632] workingset_refault_anon 0
[ 2882.566570][T23632] workingset_refault_file 0
[ 2882.566570][T23632] workingset_activate_anon 0
[ 2882.566570][T23632] workingset_activate_file 0
[ 2882.566570][T23632] workingset_restore_anon 0
[ 2882.566570][T23632] workingset_restore_file 0
[ 2882.566570][T23632] workingset_nodereclaim 0
[ 2882.566570][T23632] pgscan 0
[ 2882.566570][T23632] pgsteal 0
[ 2882.566570][T23632] pgscan_kswapd 0
[ 2882.566570][T23632] pgscan_direct 0
[ 2882.566570][T23632] pgscan_khugepaged 0
[ 2882.566570][T23632] pgsteal_kswapd 0
[ 2882.566570][T23632] pgsteal_direct 0
[ 2882.566570][T23632] pgsteal_khugepaged 0
[ 2882.566570][T23632] pgfault 387423
[ 2882.566570][T23632] pgmajfault 0
[ 2882.566570][T23632] pgrefill 0
[ 2882.566570][T23632] pgactivate 0
[ 2882.566570][T23632] pgdeactivate 0
[ 2882.566570][T23632] pglazyfree 0
[ 2882.566570][T23632] pglazyfreed 0
[ 2882.566570][T23632] zswpin 0
[ 2882.566570][T23632] zswpout 0
[ 2882.566570][T23632] thp_fault_alloc 0
13:48:57 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xfffffff9, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYRES16=r2, @ANYBLOB="048ffcd1cff2cb9de0b4281c505fc126d28d7275ae40f83a7dfe8bb4ff3ae53e22320ba86abb1190d48dd1fd8327353d234c02f6e450842645f594ebbccebeb6285135695b7b15d2c3a303155d9d0ae3e1da81eb8ba42721607daa4580cd802314b7", @ANYBLOB="0000000000000000280012000900010076657468", @ANYRES64=r1, @ANYRES8=r2], 0x48}}, 0x40004) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000024000b0f00"/20, @ANYRES32=r2, @ANYBLOB="00000000ffffffff000000000800014b71667100"], 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYRESHEX=r2, @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2882.789480][T23632] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23632,uid=0
[ 2882.848699][T23632] Memory cgroup out of memory: Killed process 23632 (syz-executor.4) total-vm:50708kB, anon-rss:484kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:57 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:57 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xd1)

13:48:57 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000380)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x11b00400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=@gettfilter={0x6c, 0x2e, 0x400, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xd, 0x12}, {0x2}, {0xd, 0xd}}, [{0x8, 0xb, 0x8}, {0x8, 0xb, 0x32a9}, {0x8, 0xb, 0x9}, {0x8, 0xb, 0xf0000000}, {0x8, 0xb, 0x1}, {0x8, 0xb, 0x5}, {0x8, 0xb, 0x1f}, {0x8, 0xb, 0xfff}, {0x8}]}, 0x6c}, 0x1, 0x0, 0x0, 0x24000804}, 0x4080) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async, rerun: 64)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async, rerun: 64)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r3, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:57 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xfffffff9, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYRES16=r2, @ANYBLOB="048ffcd1cff2cb9de0b4281c505fc126d28d7275ae40f83a7dfe8bb4ff3ae53e22320ba86abb1190d48dd1fd8327353d234c02f6e450842645f594ebbccebeb6285135695b7b15d2c3a303155d9d0ae3e1da81eb8ba42721607daa4580cd802314b7", @ANYBLOB="0000000000000000280012000900010076657468", @ANYRES64=r1, @ANYRES8=r2], 0x48}}, 0x40004)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000024000b0f00"/20, @ANYRES32=r2, @ANYBLOB="00000000ffffffff000000000800014b71667100"], 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYRESHEX=r2, @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYRESHEX=r2, @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2883.309980][T23662] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2883.344651][T23662] CPU: 1 PID: 23662 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2883.355150][T23662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2883.365260][T23662] Call Trace:
[ 2883.368561][T23662]  <TASK>
[ 2883.371529][T23662]  dump_stack_lvl+0x136/0x150
[ 2883.376261][T23662]  dump_header+0x10a/0xd70
[ 2883.380733][T23662]  oom_kill_process+0x25d/0x600
[ 2883.385656][T23662]  out_of_memory+0x35c/0x1660
[ 2883.390391][T23662]  ? find_held_lock+0x2d/0x110
[ 2883.395228][T23662]  ? oom_killer_disable+0x2b0/0x2b0
[ 2883.400463][T23662]  ? rcu_read_unlock+0x9/0x60
[ 2883.405182][T23662]  ? find_held_lock+0x2d/0x110
[ 2883.410019][T23662]  mem_cgroup_out_of_memory+0x206/0x270
[ 2883.415652][T23662]  ? mem_cgroup_margin+0x130/0x130
[ 2883.420837][T23662]  ? lock_downgrade+0x690/0x690
[ 2883.425761][T23662]  try_charge_memcg+0xf99/0x13a0
[ 2883.430768][T23662]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2883.436811][T23662]  ? rcu_read_unlock+0x9/0x60
[ 2883.441530][T23662]  ? lock_downgrade+0x690/0x690
[ 2883.446449][T23662]  charge_memcg+0x90/0x3b0
[ 2883.450946][T23662]  __mem_cgroup_charge+0x2b/0x90
[ 2883.455940][T23662]  ? copy_mc_to_kernel+0x3e/0x90
[ 2883.461106][T23662]  do_wp_page+0x8ea/0x33c0
[ 2883.465572][T23662]  ? lock_sync+0x190/0x190
[ 2883.470033][T23662]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2883.475437][T23662]  ? do_raw_spin_lock+0x124/0x2b0
[ 2883.480525][T23662]  ? spin_bug+0x1c0/0x1c0
[ 2883.484918][T23662]  __handle_mm_fault+0x1635/0x41c0
[ 2883.490088][T23662]  ? vm_iomap_memory+0x190/0x190
[ 2883.495149][T23662]  ? mas_walk+0x58f/0x730
[ 2883.499547][T23662]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2883.505581][T23662]  handle_mm_fault+0x2af/0x9f0
[ 2883.510391][T23662]  do_user_addr_fault+0x2ca/0x1210
[ 2883.515546][T23662]  ? rcu_is_watching+0x12/0xb0
[ 2883.520367][T23662]  exc_page_fault+0x98/0x170
[ 2883.525010][T23662]  asm_exc_page_fault+0x26/0x30
[ 2883.529914][T23662] RIP: 0033:0x7f4036836f7e
[ 2883.534361][T23662] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2883.554019][T23662] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
13:48:57 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

[ 2883.560126][T23662] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000001
[ 2883.568235][T23662] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2883.576239][T23662] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2883.584250][T23662] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2883.592292][T23662] R13: 00007f4036400080 R14: 00007f40369abf80 R15: 0000000000000000
[ 2883.600365][T23662]  </TASK>
13:48:58 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000007b9aa125880a00666c7d77657200000c000200"/40], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:58 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:58 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6d00000000000000)

[ 2883.826846][T23662] memory: usage 307200kB, limit 307200kB, failcnt 19412
[ 2883.842031][T23662] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2883.853292][T23662] Memory cgroup stats for /syz4:
[ 2883.853576][T23662] anon 114688
[ 2883.853576][T23662] file 8380416
[ 2883.853576][T23662] kernel 306077696
[ 2883.853576][T23662] kernel_stack 65536
[ 2883.853576][T23662] pagetables 77824
[ 2883.853576][T23662] sec_pagetables 0
[ 2883.853576][T23662] percpu 5477376
[ 2883.853576][T23662] sock 0
[ 2883.853576][T23662] vmalloc 0
[ 2883.853576][T23662] shmem 8380416
[ 2883.853576][T23662] zswap 0
[ 2883.853576][T23662] zswapped 0
[ 2883.853576][T23662] file_mapped 405504
[ 2883.853576][T23662] file_dirty 0
[ 2883.853576][T23662] file_writeback 0
[ 2883.853576][T23662] swapcached 0
[ 2883.853576][T23662] anon_thp 0
[ 2883.853576][T23662] file_thp 0
[ 2883.853576][T23662] shmem_thp 0
[ 2883.853576][T23662] inactive_anon 4096
[ 2883.853576][T23662] active_anon 8491008
[ 2883.853576][T23662] inactive_file 0
[ 2883.853576][T23662] active_file 0
[ 2883.853576][T23662] unevictable 0
[ 2883.853576][T23662] slab_reclaimable 38216
[ 2883.853576][T23662] slab_unreclaimable 300379744
[ 2883.853576][T23662] slab 300417960
[ 2883.853576][T23662] workingset_refault_anon 0
[ 2883.853576][T23662] workingset_refault_file 0
[ 2883.853576][T23662] workingset_activate_anon 0
[ 2883.853576][T23662] workingset_activate_file 0
[ 2883.853576][T23662] workingset_restore_anon 0
[ 2883.853576][T23662] workingset_restore_file 0
[ 2883.853576][T23662] workingset_nodereclaim 0
[ 2883.853576][T23662] pgscan 0
[ 2883.853576][T23662] pgsteal 0
[ 2883.853576][T23662] pgscan_kswapd 0
[ 2883.853576][T23662] pgscan_direct 0
[ 2883.853576][T23662] pgscan_khugepaged 0
[ 2883.853576][T23662] pgsteal_kswapd 0
[ 2883.853576][T23662] pgsteal_direct 0
[ 2883.853576][T23662] pgsteal_khugepaged 0
[ 2883.853576][T23662] pgfault 387461
[ 2883.853576][T23662] pgmajfault 0
[ 2883.853576][T23662] pgrefill 0
[ 2883.853576][T23662] pgactivate 0
[ 2883.853576][T23662] pgdeactivate 0
[ 2883.853576][T23662] pglazyfree 0
[ 2883.853576][T23662] pglazyfreed 0
[ 2883.853576][T23662] zswpin 0
[ 2883.853576][T23662] zswpout 0
[ 2883.853576][T23662] thp_fault_alloc 0
[ 2884.060647][T23659] __nla_validate_parse: 25 callbacks suppressed
[ 2884.060669][T23659] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
13:48:58 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xd2)

13:48:58 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

[ 2884.087178][T23662] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23662,uid=0
[ 2884.114906][T23671] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2884.172441][T23662] Memory cgroup out of memory: Killed process 23662 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:48:58 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000012171bf200000000050000000000000b00000000000000a0ce13a81646ac1c3973a43d79669cc896722c8b4c8eaac99b9d0fbfe89bef35d80b486b7dc8bc41e59ebab774d7b30dc9b380043b38d12cc49fe5bdd84e202aa22fc75a42688d2d6773cf0a0ed3aeb309a1f5980b66d644a8f1e01a717d10f4d247df352d42746d6bf8b95e93de43c4790bb9119bcd6bffbdef4a5ad8332fa9aba92ed968e70336c87f959b94d24c897422978cc28793f05b2986528724f2e23b079d733951372bda335a579bfe4fc8607ea694e2e89fe618ba44bfb6407a84299bc9ea68bf502c18dc17db81e1eac05323b76c68cbf1834e1a4cd28e9656f7577edc521dbfc430"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0xb)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2884.327166][T23674] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2884.365070][T23688] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2884.375681][T23688] CPU: 0 PID: 23688 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2884.386147][T23688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2884.396338][T23688] Call Trace:
[ 2884.399662][T23688]  <TASK>
[ 2884.402639][T23688]  dump_stack_lvl+0x136/0x150
[ 2884.407370][T23688]  dump_header+0x10a/0xd70
[ 2884.411842][T23688]  oom_kill_process+0x25d/0x600
[ 2884.416757][T23688]  out_of_memory+0x35c/0x1660
[ 2884.421663][T23688]  ? find_held_lock+0x2d/0x110
[ 2884.426482][T23688]  ? oom_killer_disable+0x2b0/0x2b0
[ 2884.432100][T23688]  ? rcu_read_unlock+0x9/0x60
[ 2884.436845][T23688]  ? find_held_lock+0x2d/0x110
[ 2884.441773][T23688]  mem_cgroup_out_of_memory+0x206/0x270
[ 2884.447396][T23688]  ? mem_cgroup_margin+0x130/0x130
[ 2884.452591][T23688]  ? lock_downgrade+0x690/0x690
[ 2884.457528][T23688]  try_charge_memcg+0xf99/0x13a0
[ 2884.462641][T23688]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2884.468744][T23688]  ? rcu_read_unlock+0x9/0x60
[ 2884.473647][T23688]  ? lock_downgrade+0x690/0x690
[ 2884.478554][T23688]  charge_memcg+0x90/0x3b0
[ 2884.483572][T23688]  __mem_cgroup_charge+0x2b/0x90
[ 2884.488646][T23688]  ? copy_mc_to_kernel+0x3e/0x90
[ 2884.493672][T23688]  do_wp_page+0x8ea/0x33c0
[ 2884.498165][T23688]  ? lock_sync+0x190/0x190
[ 2884.502645][T23688]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2884.508068][T23688]  ? do_raw_spin_lock+0x124/0x2b0
[ 2884.513274][T23688]  ? spin_bug+0x1c0/0x1c0
[ 2884.517670][T23688]  __handle_mm_fault+0x1635/0x41c0
[ 2884.522928][T23688]  ? vm_iomap_memory+0x190/0x190
[ 2884.527925][T23688]  ? mas_walk+0x58f/0x730
[ 2884.532325][T23688]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2884.537537][T23688]  handle_mm_fault+0x2af/0x9f0
[ 2884.542351][T23688]  do_user_addr_fault+0x2ca/0x1210
[ 2884.547522][T23688]  ? rcu_is_watching+0x12/0xb0
[ 2884.552344][T23688]  exc_page_fault+0x98/0x170
[ 2884.556988][T23688]  asm_exc_page_fault+0x26/0x30
[ 2884.561891][T23688] RIP: 0033:0x7f4036836f7e
[ 2884.566326][T23688] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2884.585971][T23688] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2884.592711][T23688] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2884.600943][T23688] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2884.609063][T23688] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2884.617143][T23688] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2884.625159][T23688] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2884.633385][T23688]  </TASK>
[ 2884.647570][T23688] memory: usage 307200kB, limit 307200kB, failcnt 19491
[ 2884.654657][T23688] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2884.660556][T23677] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2884.661872][T23688] Memory cgroup stats for /syz4:
[ 2884.671573][T23688] anon 114688
[ 2884.671573][T23688] file 8380416
[ 2884.671573][T23688] kernel 306077696
[ 2884.671573][T23688] kernel_stack 65536
[ 2884.671573][T23688] pagetables 77824
[ 2884.671573][T23688] sec_pagetables 0
[ 2884.671573][T23688] percpu 5477376
[ 2884.671573][T23688] sock 0
[ 2884.671573][T23688] vmalloc 0
[ 2884.671573][T23688] shmem 8380416
[ 2884.671573][T23688] zswap 0
[ 2884.671573][T23688] zswapped 0
[ 2884.671573][T23688] file_mapped 405504
[ 2884.671573][T23688] file_dirty 0
[ 2884.671573][T23688] file_writeback 0
[ 2884.671573][T23688] swapcached 0
[ 2884.671573][T23688] anon_thp 0
[ 2884.671573][T23688] file_thp 0
[ 2884.671573][T23688] shmem_thp 0
[ 2884.671573][T23688] inactive_anon 4096
[ 2884.671573][T23688] active_anon 8491008
[ 2884.671573][T23688] inactive_file 0
[ 2884.671573][T23688] active_file 0
[ 2884.671573][T23688] unevictable 0
[ 2884.671573][T23688] slab_reclaimable 38216
[ 2884.671573][T23688] slab_unreclaimable 300380392
[ 2884.671573][T23688] slab 300418608
[ 2884.671573][T23688] workingset_refault_anon 0
[ 2884.671573][T23688] workingset_refault_file 0
[ 2884.671573][T23688] workingset_activate_anon 0
[ 2884.671573][T23688] workingset_activate_file 0
[ 2884.671573][T23688] workingset_restore_anon 0
[ 2884.671573][T23688] workingset_restore_file 0
[ 2884.671573][T23688] workingset_nodereclaim 0
[ 2884.671573][T23688] pgscan 0
[ 2884.671573][T23688] pgsteal 0
[ 2884.671573][T23688] pgscan_kswapd 0
[ 2884.671573][T23688] pgscan_direct 0
[ 2884.671573][T23688] pgscan_khugepaged 0
[ 2884.671573][T23688] pgsteal_kswapd 0
[ 2884.671573][T23688] pgsteal_direct 0
[ 2884.671573][T23688] pgsteal_khugepaged 0
[ 2884.671573][T23688] pgfault 387497
[ 2884.671573][T23688] pgmajfault 0
[ 2884.671573][T23688] pgrefill 0
[ 2884.671573][T23688] pgactivate 0
[ 2884.671573][T23688] pgdeactivate 0
[ 2884.671573][T23688] pglazyfree 0
[ 2884.671573][T23688] pglazyfreed 0
[ 2884.671573][T23688] zswpin 0
[ 2884.671573][T23688] zswpout 0
[ 2884.671573][T23688] thp_fault_alloc 0
[ 2884.733808][T23678] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2884.864122][T23688] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23688,uid=0
[ 2884.886218][T23688] Memory cgroup out of memory: Killed process 23688 (syz-executor.4) total-vm:54548kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 2884.887722][T23681] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2884.905496][T23682] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2884.913904][T23684] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
13:48:59 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6d01000000000000)

13:48:59 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000012171bf200000000050000000000000b00000000000000a0ce13a81646ac1c3973a43d79669cc896722c8b4c8eaac99b9d0fbfe89bef35d80b486b7dc8bc41e59ebab774d7b30dc9b380043b38d12cc49fe5bdd84e202aa22fc75a42688d2d6773cf0a0ed3aeb309a1f5980b66d644a8f1e01a717d10f4d247df352d42746d6bf8b95e93de43c4790bb9119bcd6bffbdef4a5ad8332fa9aba92ed968e70336c87f959b94d24c897422978cc28793f05b2986528724f2e23b079d733951372bda335a579bfe4fc8607ea694e2e89fe618ba44bfb6407a84299bc9ea68bf502c18dc17db81e1eac05323b76c68cbf1834e1a4cd28e9656f7577edc521dbfc430"], 0x3c}}, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0xb) (async)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2884.997532][T23686] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2885.077669][T23692] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2885.107889][T23692] CPU: 1 PID: 23692 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2885.118396][T23692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2885.128484][T23692] Call Trace:
[ 2885.131786][T23692]  <TASK>
[ 2885.134739][T23692]  dump_stack_lvl+0x136/0x150
[ 2885.139457][T23692]  dump_header+0x10a/0xd70
[ 2885.143912][T23692]  oom_kill_process+0x25d/0x600
[ 2885.148799][T23692]  out_of_memory+0x35c/0x1660
[ 2885.153594][T23692]  ? find_held_lock+0x2d/0x110
[ 2885.158417][T23692]  ? oom_killer_disable+0x2b0/0x2b0
[ 2885.163803][T23692]  ? rcu_read_unlock+0x9/0x60
[ 2885.168623][T23692]  ? find_held_lock+0x2d/0x110
[ 2885.173432][T23692]  mem_cgroup_out_of_memory+0x206/0x270
[ 2885.179021][T23692]  ? mem_cgroup_margin+0x130/0x130
[ 2885.184148][T23692]  ? lock_downgrade+0x690/0x690
[ 2885.189031][T23692]  try_charge_memcg+0xf99/0x13a0
[ 2885.193997][T23692]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2885.200005][T23692]  ? rcu_read_unlock+0x9/0x60
[ 2885.204738][T23692]  ? lock_downgrade+0x690/0x690
[ 2885.209620][T23692]  charge_memcg+0x90/0x3b0
[ 2885.214112][T23692]  __mem_cgroup_charge+0x2b/0x90
[ 2885.222240][T23692]  ? copy_mc_to_kernel+0x3e/0x90
[ 2885.227216][T23692]  do_wp_page+0x8ea/0x33c0
[ 2885.231682][T23692]  ? lock_sync+0x190/0x190
[ 2885.236118][T23692]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2885.241590][T23692]  ? do_raw_spin_lock+0x124/0x2b0
[ 2885.246805][T23692]  ? spin_bug+0x1c0/0x1c0
[ 2885.251527][T23692]  __handle_mm_fault+0x1635/0x41c0
[ 2885.257528][T23692]  ? vm_iomap_memory+0x190/0x190
[ 2885.262564][T23692]  ? mas_walk+0x58f/0x730
[ 2885.267010][T23692]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2885.272831][T23692]  handle_mm_fault+0x2af/0x9f0
[ 2885.277627][T23692]  do_user_addr_fault+0x2ca/0x1210
[ 2885.282756][T23692]  ? rcu_is_watching+0x12/0xb0
[ 2885.287558][T23692]  exc_page_fault+0x98/0x170
[ 2885.292271][T23692]  asm_exc_page_fault+0x26/0x30
[ 2885.297163][T23692] RIP: 0033:0x7f4036836f7e
[ 2885.301822][T23692] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2885.321614][T23692] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2885.327952][T23692] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000001
[ 2885.336104][T23692] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2885.344164][T23692] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2885.352232][T23692] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2885.360230][T23692] R13: 00007f4036400080 R14: 00007f40369abf80 R15: 0000000000000000
[ 2885.368229][T23692]  </TASK>
13:48:59 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

[ 2885.486559][T23687] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
13:48:59 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:48:59 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async, rerun: 64)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (rerun: 64)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000007b9aa125880a00666c7d77657200000c000200"/40], 0x3c}}, 0x0) (async, rerun: 32)
r3 = socket$netlink(0x10, 0x3, 0x0) (rerun: 32)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:48:59 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xd3)

[ 2885.815957][T23692] memory: usage 307200kB, limit 307200kB, failcnt 19554
[ 2885.836817][T23692] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2885.854268][T23692] Memory cgroup stats for /syz4:
[ 2885.854506][T23692] anon 114688
[ 2885.854506][T23692] file 8380416
[ 2885.854506][T23692] kernel 306077696
[ 2885.854506][T23692] kernel_stack 65536
[ 2885.854506][T23692] pagetables 77824
[ 2885.854506][T23692] sec_pagetables 0
[ 2885.854506][T23692] percpu 5477376
[ 2885.854506][T23692] sock 0
[ 2885.854506][T23692] vmalloc 0
[ 2885.854506][T23692] shmem 8380416
[ 2885.854506][T23692] zswap 0
[ 2885.854506][T23692] zswapped 0
[ 2885.854506][T23692] file_mapped 405504
[ 2885.854506][T23692] file_dirty 0
[ 2885.854506][T23692] file_writeback 0
[ 2885.854506][T23692] swapcached 0
[ 2885.854506][T23692] anon_thp 0
[ 2885.854506][T23692] file_thp 0
[ 2885.854506][T23692] shmem_thp 0
[ 2885.854506][T23692] inactive_anon 4096
[ 2885.854506][T23692] active_anon 8491008
[ 2885.854506][T23692] inactive_file 0
[ 2885.854506][T23692] active_file 0
[ 2885.854506][T23692] unevictable 0
[ 2885.854506][T23692] slab_reclaimable 38216
[ 2885.854506][T23692] slab_unreclaimable 300379744
[ 2885.854506][T23692] slab 300417960
[ 2885.854506][T23692] workingset_refault_anon 0
[ 2885.854506][T23692] workingset_refault_file 0
[ 2885.854506][T23692] workingset_activate_anon 0
[ 2885.854506][T23692] workingset_activate_file 0
[ 2885.854506][T23692] workingset_restore_anon 0
[ 2885.854506][T23692] workingset_restore_file 0
[ 2885.854506][T23692] workingset_nodereclaim 0
[ 2885.854506][T23692] pgscan 0
[ 2885.854506][T23692] pgsteal 0
[ 2885.854506][T23692] pgscan_kswapd 0
[ 2885.854506][T23692] pgscan_direct 0
[ 2885.854506][T23692] pgscan_khugepaged 0
[ 2885.854506][T23692] pgsteal_kswapd 0
[ 2885.854506][T23692] pgsteal_direct 0
[ 2885.854506][T23692] pgsteal_khugepaged 0
[ 2885.854506][T23692] pgfault 387533
[ 2885.854506][T23692] pgmajfault 0
[ 2885.854506][T23692] pgrefill 0
[ 2885.854506][T23692] pgactivate 0
[ 2885.854506][T23692] pgdeactivate 0
[ 2885.854506][T23692] pglazyfree 0
[ 2885.854506][T23692] pglazyfreed 0
[ 2885.854506][T23692] zswpin 0
[ 2885.854506][T23692] zswpout 0
[ 2885.854506][T23692] thp_fault_alloc 0
13:49:00 executing program 2:
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r1, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

13:49:00 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000012171bf200000000050000000000000b00000000000000a0ce13a81646ac1c3973a43d79669cc896722c8b4c8eaac99b9d0fbfe89bef35d80b486b7dc8bc41e59ebab774d7b30dc9b380043b38d12cc49fe5bdd84e202aa22fc75a42688d2d6773cf0a0ed3aeb309a1f5980b66d644a8f1e01a717d10f4d247df352d42746d6bf8b95e93de43c4790bb9119bcd6bffbdef4a5ad8332fa9aba92ed968e70336c87f959b94d24c897422978cc28793f05b2986528724f2e23b079d733951372bda335a579bfe4fc8607ea694e2e89fe618ba44bfb6407a84299bc9ea68bf502c18dc17db81e1eac05323b76c68cbf1834e1a4cd28e9656f7577edc521dbfc430"], 0x3c}}, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0xb) (async)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2886.075374][T23692] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23692,uid=0
[ 2886.097857][T23692] Memory cgroup out of memory: Killed process 23692 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 2886.309496][T23713] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2886.341661][T23713] CPU: 0 PID: 23713 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2886.352127][T23713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2886.362311][T23713] Call Trace:
[ 2886.365610][T23713]  <TASK>
[ 2886.368565][T23713]  dump_stack_lvl+0x136/0x150
[ 2886.373271][T23713]  dump_header+0x10a/0xd70
[ 2886.377790][T23713]  oom_kill_process+0x25d/0x600
[ 2886.382785][T23713]  out_of_memory+0x35c/0x1660
[ 2886.387515][T23713]  ? find_held_lock+0x2d/0x110
[ 2886.392321][T23713]  ? oom_killer_disable+0x2b0/0x2b0
[ 2886.397569][T23713]  ? rcu_read_unlock+0x9/0x60
[ 2886.402311][T23713]  ? find_held_lock+0x2d/0x110
[ 2886.407123][T23713]  mem_cgroup_out_of_memory+0x206/0x270
[ 2886.412722][T23713]  ? mem_cgroup_margin+0x130/0x130
[ 2886.417856][T23713]  ? lock_downgrade+0x690/0x690
[ 2886.422928][T23713]  try_charge_memcg+0xf99/0x13a0
[ 2886.427900][T23713]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2886.433910][T23713]  ? rcu_read_unlock+0x9/0x60
[ 2886.438602][T23713]  ? lock_downgrade+0x690/0x690
[ 2886.443519][T23713]  charge_memcg+0x90/0x3b0
[ 2886.447969][T23713]  __mem_cgroup_charge+0x2b/0x90
[ 2886.453005][T23713]  ? copy_mc_to_kernel+0x3e/0x90
[ 2886.458064][T23713]  do_wp_page+0x8ea/0x33c0
[ 2886.462683][T23713]  ? lock_sync+0x190/0x190
[ 2886.467125][T23713]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2886.472768][T23713]  ? do_raw_spin_lock+0x124/0x2b0
[ 2886.477822][T23713]  ? spin_bug+0x1c0/0x1c0
[ 2886.482178][T23713]  __handle_mm_fault+0x1635/0x41c0
[ 2886.487307][T23713]  ? vm_iomap_memory+0x190/0x190
[ 2886.492268][T23713]  ? mas_walk+0x58f/0x730
[ 2886.496624][T23713]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2886.501749][T23713]  handle_mm_fault+0x2af/0x9f0
[ 2886.506539][T23713]  do_user_addr_fault+0x2ca/0x1210
[ 2886.511687][T23713]  ? rcu_is_watching+0x12/0xb0
[ 2886.516479][T23713]  exc_page_fault+0x98/0x170
[ 2886.521092][T23713]  asm_exc_page_fault+0x26/0x30
[ 2886.526050][T23713] RIP: 0033:0x7f4036836f7e
[ 2886.530471][T23713] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2886.550093][T23713] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2886.556169][T23713] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2886.564144][T23713] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2886.572125][T23713] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2886.580113][T23713] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2886.588091][T23713] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2886.596175][T23713]  </TASK>
[ 2886.619740][T23713] memory: usage 307200kB, limit 307200kB, failcnt 19636
[ 2886.626821][T23713] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2886.666323][T23713] Memory cgroup stats for /syz4:
[ 2886.666615][T23713] anon 114688
[ 2886.666615][T23713] file 8380416
[ 2886.666615][T23713] kernel 306077696
[ 2886.666615][T23713] kernel_stack 65536
[ 2886.666615][T23713] pagetables 77824
[ 2886.666615][T23713] sec_pagetables 0
[ 2886.666615][T23713] percpu 5477376
[ 2886.666615][T23713] sock 0
[ 2886.666615][T23713] vmalloc 0
[ 2886.666615][T23713] shmem 8380416
[ 2886.666615][T23713] zswap 0
[ 2886.666615][T23713] zswapped 0
[ 2886.666615][T23713] file_mapped 405504
[ 2886.666615][T23713] file_dirty 0
[ 2886.666615][T23713] file_writeback 0
[ 2886.666615][T23713] swapcached 0
[ 2886.666615][T23713] anon_thp 0
[ 2886.666615][T23713] file_thp 0
[ 2886.666615][T23713] shmem_thp 0
[ 2886.666615][T23713] inactive_anon 4096
[ 2886.666615][T23713] active_anon 8491008
[ 2886.666615][T23713] inactive_file 0
[ 2886.666615][T23713] active_file 0
[ 2886.666615][T23713] unevictable 0
[ 2886.666615][T23713] slab_reclaimable 38216
[ 2886.666615][T23713] slab_unreclaimable 300379744
[ 2886.666615][T23713] slab 300417960
[ 2886.666615][T23713] workingset_refault_anon 0
[ 2886.666615][T23713] workingset_refault_file 0
[ 2886.666615][T23713] workingset_activate_anon 0
[ 2886.666615][T23713] workingset_activate_file 0
[ 2886.666615][T23713] workingset_restore_anon 0
[ 2886.666615][T23713] workingset_restore_file 0
[ 2886.666615][T23713] workingset_nodereclaim 0
[ 2886.666615][T23713] pgscan 0
[ 2886.666615][T23713] pgsteal 0
[ 2886.666615][T23713] pgscan_kswapd 0
[ 2886.666615][T23713] pgscan_direct 0
[ 2886.666615][T23713] pgscan_khugepaged 0
[ 2886.666615][T23713] pgsteal_kswapd 0
[ 2886.666615][T23713] pgsteal_direct 0
[ 2886.666615][T23713] pgsteal_khugepaged 0
[ 2886.666615][T23713] pgfault 387569
[ 2886.666615][T23713] pgmajfault 0
[ 2886.666615][T23713] pgrefill 0
[ 2886.666615][T23713] pgactivate 0
[ 2886.666615][T23713] pgdeactivate 0
[ 2886.666615][T23713] pglazyfree 0
[ 2886.666615][T23713] pglazyfreed 0
[ 2886.666615][T23713] zswpin 0
[ 2886.666615][T23713] zswpout 0
[ 2886.666615][T23713] thp_fault_alloc 0
13:49:01 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xd4)

13:49:01 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:49:01 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000007b9aa125880a00666c7d77657200000c000200"/40], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
socket(0x10, 0x803, 0x0) (async)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000007b9aa125880a00666c7d77657200000c000200"/40], 0x3c}}, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)

[ 2886.881018][T23713] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23713,uid=0
[ 2886.898463][T23713] Memory cgroup out of memory: Killed process 23713 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:49:01 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6e00000000000000)

13:49:01 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012004900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000500), 0x200000, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000640)={&(0x7f0000000540), 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x68, 0x0, 0x10, 0x70bd26, 0x25dfdbfc, {}, [@NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0x3f}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1702}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x8720}, @NL80211_ATTR_WIPHY_RETRY_SHORT={0x5, 0x3d, 0x81}, @NL80211_ATTR_WIPHY_TXQ_PARAMS={0x1c, 0x25, 0x0, 0x1, [@NL80211_TXQ_ATTR_AIFS={0x5, 0x5, 0x7}, @NL80211_TXQ_ATTR_QUEUE={0x5}, @NL80211_TXQ_ATTR_CWMAX={0x6, 0x4, 0x4}]}, @NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0x3}, @NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0x1}, @NL80211_ATTR_WIPHY_ANTENNA_TX={0x8, 0x69, 0x200}]}, 0x68}, 0x1, 0x0, 0x0, 0x4004}, 0x10)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r7=>0x0})
r8 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000ad6f6c2991bf60c81d12f4d4a4eb9b11d9a4f427349fe76c4729f961dd6291815e46a8decc3f1083fb71bb4a77d3faee4253acf2ce6b7871", @ANYRES32=r7, @ANYBLOB="00000000000000001c001a8004000280030005000800000000000000080000000000000008000c0000000000"], 0x44}}, 0x0)
sendmsg$nl_route(r8, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f0000000380)=@ipv4_getaddr={0x8c, 0x16, 0x4, 0x70bd2c, 0x25dfdbff, {0x2, 0x20, 0x8, 0x0, r2}, [@IFA_RT_PRIORITY={0x8, 0x9, 0x4}, @IFA_CACHEINFO={0x14, 0x6, {0x1, 0x3ff, 0x80000001, 0x3}}, @IFA_FLAGS={0x8, 0x8, 0x1c}, @IFA_LABEL={0x14, 0x3, 'syz_tun\x00'}, @IFA_CACHEINFO={0x14, 0x6, {0x5, 0xffffffff, 0x3, 0x56b2}}, @IFA_BROADCAST={0x8, 0x4, @loopback}, @IFA_ADDRESS={0x8, 0x1, @empty}, @IFA_FLAGS={0x8, 0x8, 0x444}, @IFA_TARGET_NETNSID={0x8, 0xa, 0x3}, @IFA_LOCAL={0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x8004}, 0x20008010)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:49:01 executing program 2:
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r1, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

[ 2887.130811][T23727] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2887.168739][T23727] CPU: 1 PID: 23727 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2887.179305][T23727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2887.189397][T23727] Call Trace:
[ 2887.192703][T23727]  <TASK>
[ 2887.195695][T23727]  dump_stack_lvl+0x136/0x150
[ 2887.200515][T23727]  dump_header+0x10a/0xd70
[ 2887.204986][T23727]  oom_kill_process+0x25d/0x600
[ 2887.209886][T23727]  out_of_memory+0x35c/0x1660
[ 2887.214713][T23727]  ? find_held_lock+0x2d/0x110
[ 2887.219530][T23727]  ? oom_killer_disable+0x2b0/0x2b0
[ 2887.224859][T23727]  ? rcu_read_unlock+0x9/0x60
[ 2887.229603][T23727]  ? find_held_lock+0x2d/0x110
[ 2887.234412][T23727]  mem_cgroup_out_of_memory+0x206/0x270
[ 2887.240021][T23727]  ? mem_cgroup_margin+0x130/0x130
[ 2887.245280][T23727]  ? lock_downgrade+0x690/0x690
[ 2887.250204][T23727]  try_charge_memcg+0xf99/0x13a0
[ 2887.255206][T23727]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2887.261245][T23727]  ? rcu_read_unlock+0x9/0x60
[ 2887.265969][T23727]  ? lock_downgrade+0x690/0x690
[ 2887.270897][T23727]  charge_memcg+0x90/0x3b0
[ 2887.275379][T23727]  __mem_cgroup_charge+0x2b/0x90
[ 2887.280346][T23727]  ? copy_mc_to_kernel+0x3e/0x90
[ 2887.285353][T23727]  do_wp_page+0x8ea/0x33c0
[ 2887.289812][T23727]  ? lock_sync+0x190/0x190
[ 2887.294280][T23727]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2887.299688][T23727]  ? do_raw_spin_lock+0x124/0x2b0
[ 2887.304772][T23727]  ? spin_bug+0x1c0/0x1c0
[ 2887.309154][T23727]  __handle_mm_fault+0x1635/0x41c0
[ 2887.314311][T23727]  ? vm_iomap_memory+0x190/0x190
[ 2887.319284][T23727]  ? mas_walk+0x58f/0x730
[ 2887.323666][T23727]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2887.328829][T23727]  handle_mm_fault+0x2af/0x9f0
[ 2887.333642][T23727]  do_user_addr_fault+0x2ca/0x1210
[ 2887.338790][T23727]  ? rcu_is_watching+0x12/0xb0
[ 2887.343612][T23727]  exc_page_fault+0x98/0x170
[ 2887.348426][T23727]  asm_exc_page_fault+0x26/0x30
[ 2887.353329][T23727] RIP: 0033:0x7f4036836f7e
[ 2887.357781][T23727] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2887.377433][T23727] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2887.383531][T23727] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2887.391643][T23727] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2887.399657][T23727] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2887.407680][T23727] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2887.415708][T23727] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2887.423746][T23727]  </TASK>
[ 2887.466241][T23727] memory: usage 307200kB, limit 307200kB, failcnt 19720
[ 2887.475858][T23727] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2887.491118][T23727] Memory cgroup stats for /syz4:
[ 2887.491355][T23727] anon 114688
[ 2887.491355][T23727] file 8380416
[ 2887.491355][T23727] kernel 306077696
[ 2887.491355][T23727] kernel_stack 65536
[ 2887.491355][T23727] pagetables 77824
[ 2887.491355][T23727] sec_pagetables 0
[ 2887.491355][T23727] percpu 5477376
[ 2887.491355][T23727] sock 0
[ 2887.491355][T23727] vmalloc 0
[ 2887.491355][T23727] shmem 8380416
[ 2887.491355][T23727] zswap 0
[ 2887.491355][T23727] zswapped 0
[ 2887.491355][T23727] file_mapped 405504
[ 2887.491355][T23727] file_dirty 0
[ 2887.491355][T23727] file_writeback 0
[ 2887.491355][T23727] swapcached 0
[ 2887.491355][T23727] anon_thp 0
[ 2887.491355][T23727] file_thp 0
[ 2887.491355][T23727] shmem_thp 0
[ 2887.491355][T23727] inactive_anon 4096
[ 2887.491355][T23727] active_anon 8491008
[ 2887.491355][T23727] inactive_file 0
[ 2887.491355][T23727] active_file 0
[ 2887.491355][T23727] unevictable 0
[ 2887.491355][T23727] slab_reclaimable 38216
[ 2887.491355][T23727] slab_unreclaimable 300379744
[ 2887.491355][T23727] slab 300417960
[ 2887.491355][T23727] workingset_refault_anon 0
[ 2887.491355][T23727] workingset_refault_file 0
[ 2887.491355][T23727] workingset_activate_anon 0
[ 2887.491355][T23727] workingset_activate_file 0
[ 2887.491355][T23727] workingset_restore_anon 0
[ 2887.491355][T23727] workingset_restore_file 0
[ 2887.491355][T23727] workingset_nodereclaim 0
[ 2887.491355][T23727] pgscan 0
[ 2887.491355][T23727] pgsteal 0
[ 2887.491355][T23727] pgscan_kswapd 0
[ 2887.491355][T23727] pgscan_direct 0
[ 2887.491355][T23727] pgscan_khugepaged 0
[ 2887.491355][T23727] pgsteal_kswapd 0
[ 2887.491355][T23727] pgsteal_direct 0
[ 2887.491355][T23727] pgsteal_khugepaged 0
[ 2887.491355][T23727] pgfault 387608
[ 2887.491355][T23727] pgmajfault 0
[ 2887.491355][T23727] pgrefill 0
[ 2887.491355][T23727] pgactivate 0
[ 2887.491355][T23727] pgdeactivate 0
[ 2887.491355][T23727] pglazyfree 0
[ 2887.491355][T23727] pglazyfreed 0
[ 2887.491355][T23727] zswpin 0
[ 2887.491355][T23727] zswpout 0
[ 2887.491355][T23727] thp_fault_alloc 0
[ 2887.737600][T23727] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23727,uid=0
[ 2887.764742][T23727] Memory cgroup out of memory: Killed process 23727 (syz-executor.4) total-vm:54548kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:49:02 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012004900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000500), 0x200000, 0x0) (async)
r4 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000500), 0x200000, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000640)={&(0x7f0000000540), 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x68, 0x0, 0x10, 0x70bd26, 0x25dfdbfc, {}, [@NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0x3f}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1702}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x8720}, @NL80211_ATTR_WIPHY_RETRY_SHORT={0x5, 0x3d, 0x81}, @NL80211_ATTR_WIPHY_TXQ_PARAMS={0x1c, 0x25, 0x0, 0x1, [@NL80211_TXQ_ATTR_AIFS={0x5, 0x5, 0x7}, @NL80211_TXQ_ATTR_QUEUE={0x5}, @NL80211_TXQ_ATTR_CWMAX={0x6, 0x4, 0x4}]}, @NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0x3}, @NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0x1}, @NL80211_ATTR_WIPHY_ANTENNA_TX={0x8, 0x69, 0x200}]}, 0x68}, 0x1, 0x0, 0x0, 0x4004}, 0x10)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r7=>0x0})
socket(0x10, 0x80002, 0x0) (async)
r8 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000ad6f6c2991bf60c81d12f4d4a4eb9b11d9a4f427349fe76c4729f961dd6291815e46a8decc3f1083fb71bb4a77d3faee4253acf2ce6b7871", @ANYRES32=r7, @ANYBLOB="00000000000000001c001a8004000280030005000800000000000000080000000000000008000c0000000000"], 0x44}}, 0x0)
sendmsg$nl_route(r8, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f0000000380)=@ipv4_getaddr={0x8c, 0x16, 0x4, 0x70bd2c, 0x25dfdbff, {0x2, 0x20, 0x8, 0x0, r2}, [@IFA_RT_PRIORITY={0x8, 0x9, 0x4}, @IFA_CACHEINFO={0x14, 0x6, {0x1, 0x3ff, 0x80000001, 0x3}}, @IFA_FLAGS={0x8, 0x8, 0x1c}, @IFA_LABEL={0x14, 0x3, 'syz_tun\x00'}, @IFA_CACHEINFO={0x14, 0x6, {0x5, 0xffffffff, 0x3, 0x56b2}}, @IFA_BROADCAST={0x8, 0x4, @loopback}, @IFA_ADDRESS={0x8, 0x1, @empty}, @IFA_FLAGS={0x8, 0x8, 0x444}, @IFA_TARGET_NETNSID={0x8, 0xa, 0x3}, @IFA_LOCAL={0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x8004}, 0x20008010)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2887.927000][T23741] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2887.944795][T23741] CPU: 0 PID: 23741 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2887.955285][T23741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2887.965378][T23741] Call Trace:
[ 2887.968688][T23741]  <TASK>
[ 2887.971646][T23741]  dump_stack_lvl+0x136/0x150
[ 2887.976376][T23741]  dump_header+0x10a/0xd70
[ 2887.980842][T23741]  oom_kill_process+0x25d/0x600
[ 2887.986176][T23741]  out_of_memory+0x35c/0x1660
[ 2887.990908][T23741]  ? find_held_lock+0x2d/0x110
[ 2887.995805][T23741]  ? oom_killer_disable+0x2b0/0x2b0
[ 2888.001040][T23741]  ? rcu_read_unlock+0x9/0x60
[ 2888.005766][T23741]  ? find_held_lock+0x2d/0x110
[ 2888.010633][T23741]  mem_cgroup_out_of_memory+0x206/0x270
[ 2888.016234][T23741]  ? mem_cgroup_margin+0x130/0x130
[ 2888.021400][T23741]  ? lock_downgrade+0x690/0x690
[ 2888.026319][T23741]  try_charge_memcg+0xf99/0x13a0
[ 2888.031311][T23741]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2888.037336][T23741]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2888.043612][T23741]  ? lock_downgrade+0x690/0x690
[ 2888.048556][T23741]  ? lock_downgrade+0x690/0x690
[ 2888.053923][T23741]  __memcg_kmem_charge_page+0x16e/0x3c0
[ 2888.059536][T23741]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2888.065744][T23741]  copy_process+0x4f9/0x75c0
[ 2888.070393][T23741]  ? __lock_acquire+0xc17/0x5f30
[ 2888.075390][T23741]  ? pidfd_prepare+0x80/0x80
[ 2888.080036][T23741]  ? psi_memstall_leave+0x174/0x250
[ 2888.085274][T23741]  ? lock_downgrade+0x690/0x690
[ 2888.090191][T23741]  kernel_clone+0xeb/0x890
[ 2888.094665][T23741]  ? create_io_thread+0xe0/0xe0
[ 2888.099560][T23741]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2888.105852][T23741]  ? lock_downgrade+0x690/0x690
[ 2888.110770][T23741]  __do_sys_clone+0xba/0x100
[ 2888.115421][T23741]  ? kernel_clone+0x890/0x890
[ 2888.120160][T23741]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2888.126105][T23741]  do_syscall_64+0x39/0xb0
[ 2888.130586][T23741]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2888.136540][T23741] RIP: 0033:0x7f403688d591
[ 2888.140987][T23741] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2888.160818][T23741] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2888.169274][T23741] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2888.177269][T23741] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2888.185278][T23741] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2888.193299][T23741] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2888.201400][T23741] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2888.209485][T23741]  </TASK>
[ 2888.225113][T23741] memory: usage 307200kB, limit 307200kB, failcnt 19803
[ 2888.232446][T23741] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2888.253266][T23741] Memory cgroup stats for /syz4:
[ 2888.253494][T23741] anon 114688
[ 2888.253494][T23741] file 8380416
[ 2888.253494][T23741] kernel 306065408
[ 2888.253494][T23741] kernel_stack 32768
[ 2888.253494][T23741] pagetables 77824
13:49:02 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xd5)

[ 2888.253494][T23741] sec_pagetables 0
[ 2888.253494][T23741] percpu 5477376
[ 2888.253494][T23741] sock 0
[ 2888.253494][T23741] vmalloc 0
[ 2888.253494][T23741] shmem 8380416
[ 2888.253494][T23741] zswap 0
[ 2888.253494][T23741] zswapped 0
[ 2888.253494][T23741] file_mapped 405504
[ 2888.253494][T23741] file_dirty 0
[ 2888.253494][T23741] file_writeback 0
[ 2888.253494][T23741] swapcached 0
[ 2888.253494][T23741] anon_thp 0
[ 2888.253494][T23741] file_thp 0
[ 2888.253494][T23741] shmem_thp 0
[ 2888.253494][T23741] inactive_anon 4096
[ 2888.253494][T23741] active_anon 8491008
[ 2888.253494][T23741] inactive_file 0
[ 2888.253494][T23741] active_file 0
[ 2888.253494][T23741] unevictable 0
[ 2888.253494][T23741] slab_reclaimable 38216
[ 2888.253494][T23741] slab_unreclaimable 300379584
[ 2888.253494][T23741] slab 300417800
[ 2888.253494][T23741] workingset_refault_anon 0
[ 2888.253494][T23741] workingset_refault_file 0
[ 2888.253494][T23741] workingset_activate_anon 0
[ 2888.253494][T23741] workingset_activate_file 0
[ 2888.253494][T23741] workingset_restore_anon 0
[ 2888.253494][T23741] workingset_restore_file 0
[ 2888.253494][T23741] workingset_nodereclaim 0
[ 2888.253494][T23741] pgscan 0
[ 2888.253494][T23741] pgsteal 0
[ 2888.253494][T23741] pgscan_kswapd 0
[ 2888.253494][T23741] pgscan_direct 0
[ 2888.253494][T23741] pgscan_khugepaged 0
[ 2888.253494][T23741] pgsteal_kswapd 0
[ 2888.253494][T23741] pgsteal_direct 0
[ 2888.253494][T23741] pgsteal_khugepaged 0
[ 2888.253494][T23741] pgfault 387644
[ 2888.253494][T23741] pgmajfault 0
[ 2888.253494][T23741] pgrefill 0
[ 2888.253494][T23741] pgactivate 0
[ 2888.253494][T23741] pgdeactivate 0
[ 2888.253494][T23741] pglazyfree 0
13:49:02 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6e01000000000000)

13:49:02 executing program 2:
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r1, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

[ 2888.253494][T23741] pglazyfreed 0
[ 2888.253494][T23741] zswpin 0
[ 2888.253494][T23741] zswpout 0
[ 2888.253494][T23741] thp_fault_alloc 0
[ 2888.462475][T23741] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23741,uid=0
13:49:02 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
connect$packet(r1, &(0x7f0000000400)={0x11, 0x10, r4, 0x1, 0x7f, 0x6, @remote}, 0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r9=>0x0})
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
pwritev(r10, &(0x7f00000003c0)=[{&(0x7f0000000380)="fbd3aed0fbd6b91ae1eddb740c2a6af5dc3fc51c4cb002e3a731e5139cd01cd245ee45fee8fd4b778e594bd99e34f171", 0x30}], 0x1, 0x800, 0xb2b0)
r11 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000940)=ANY=[@ANYBLOB="2c0000001300291a000000000000000007000000", @ANYRES32=r9, @ANYBLOB="00000000000000000c001a800800028004000500"], 0x2c}}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r12 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$NL80211_CMD_RELOAD_REGDB(r12, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x14, 0x0, 0x400, 0x70bd2d, 0x25dfdbfd, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x815}, 0x20040001)
recvfrom$inet(r1, &(0x7f0000000600)=""/74, 0x4a, 0x2000, &(0x7f00000006c0)={0x2, 0x4e21, @private=0xa010101}, 0x10)
sendmsg$nl_route(r11, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=@getlink={0x3c, 0x12, 0x400, 0x70bd28, 0x25dfdbff, {0x0, 0x0, 0x0, r2, 0x8000, 0x24400}, [@IFLA_IFNAME={0x14, 0x3, 'nr0\x00'}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000040}, 0x41)

13:49:02 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

[ 2888.527836][T23741] Memory cgroup out of memory: Killed process 23741 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:49:03 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012004900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000500), 0x200000, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000640)={&(0x7f0000000540), 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x68, 0x0, 0x10, 0x70bd26, 0x25dfdbfc, {}, [@NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0x3f}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1702}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x8720}, @NL80211_ATTR_WIPHY_RETRY_SHORT={0x5, 0x3d, 0x81}, @NL80211_ATTR_WIPHY_TXQ_PARAMS={0x1c, 0x25, 0x0, 0x1, [@NL80211_TXQ_ATTR_AIFS={0x5, 0x5, 0x7}, @NL80211_TXQ_ATTR_QUEUE={0x5}, @NL80211_TXQ_ATTR_CWMAX={0x6, 0x4, 0x4}]}, @NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0x3}, @NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0x1}, @NL80211_ATTR_WIPHY_ANTENNA_TX={0x8, 0x69, 0x200}]}, 0x68}, 0x1, 0x0, 0x0, 0x4004}, 0x10)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r7=>0x0})
r8 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000ad6f6c2991bf60c81d12f4d4a4eb9b11d9a4f427349fe76c4729f961dd6291815e46a8decc3f1083fb71bb4a77d3faee4253acf2ce6b7871", @ANYRES32=r7, @ANYBLOB="00000000000000001c001a8004000280030005000800000000000000080000000000000008000c0000000000"], 0x44}}, 0x0)
sendmsg$nl_route(r8, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f0000000380)=@ipv4_getaddr={0x8c, 0x16, 0x4, 0x70bd2c, 0x25dfdbff, {0x2, 0x20, 0x8, 0x0, r2}, [@IFA_RT_PRIORITY={0x8, 0x9, 0x4}, @IFA_CACHEINFO={0x14, 0x6, {0x1, 0x3ff, 0x80000001, 0x3}}, @IFA_FLAGS={0x8, 0x8, 0x1c}, @IFA_LABEL={0x14, 0x3, 'syz_tun\x00'}, @IFA_CACHEINFO={0x14, 0x6, {0x5, 0xffffffff, 0x3, 0x56b2}}, @IFA_BROADCAST={0x8, 0x4, @loopback}, @IFA_ADDRESS={0x8, 0x1, @empty}, @IFA_FLAGS={0x8, 0x8, 0x444}, @IFA_TARGET_NETNSID={0x8, 0xa, 0x3}, @IFA_LOCAL={0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x8004}, 0x20008010)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
socket(0x10, 0x803, 0x0) (async)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012004900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000500), 0x200000, 0x0) (async)
sendmsg$NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000640)={&(0x7f0000000540), 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x68, 0x0, 0x10, 0x70bd26, 0x25dfdbfc, {}, [@NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0x3f}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1702}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x8720}, @NL80211_ATTR_WIPHY_RETRY_SHORT={0x5, 0x3d, 0x81}, @NL80211_ATTR_WIPHY_TXQ_PARAMS={0x1c, 0x25, 0x0, 0x1, [@NL80211_TXQ_ATTR_AIFS={0x5, 0x5, 0x7}, @NL80211_TXQ_ATTR_QUEUE={0x5}, @NL80211_TXQ_ATTR_CWMAX={0x6, 0x4, 0x4}]}, @NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0x3}, @NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0x1}, @NL80211_ATTR_WIPHY_ANTENNA_TX={0x8, 0x69, 0x200}]}, 0x68}, 0x1, 0x0, 0x0, 0x4004}, 0x10) (async)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) (async)
socket(0x10, 0x80002, 0x0) (async)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000ad6f6c2991bf60c81d12f4d4a4eb9b11d9a4f427349fe76c4729f961dd6291815e46a8decc3f1083fb71bb4a77d3faee4253acf2ce6b7871", @ANYRES32=r7, @ANYBLOB="00000000000000001c001a8004000280030005000800000000000000080000000000000008000c0000000000"], 0x44}}, 0x0) (async)
sendmsg$nl_route(r8, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f0000000380)=@ipv4_getaddr={0x8c, 0x16, 0x4, 0x70bd2c, 0x25dfdbff, {0x2, 0x20, 0x8, 0x0, r2}, [@IFA_RT_PRIORITY={0x8, 0x9, 0x4}, @IFA_CACHEINFO={0x14, 0x6, {0x1, 0x3ff, 0x80000001, 0x3}}, @IFA_FLAGS={0x8, 0x8, 0x1c}, @IFA_LABEL={0x14, 0x3, 'syz_tun\x00'}, @IFA_CACHEINFO={0x14, 0x6, {0x5, 0xffffffff, 0x3, 0x56b2}}, @IFA_BROADCAST={0x8, 0x4, @loopback}, @IFA_ADDRESS={0x8, 0x1, @empty}, @IFA_FLAGS={0x8, 0x8, 0x444}, @IFA_TARGET_NETNSID={0x8, 0xa, 0x3}, @IFA_LOCAL={0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x8004}, 0x20008010) (async)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)

[ 2888.721653][T23756] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2888.735717][T23756] CPU: 1 PID: 23756 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2888.746287][T23756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2888.756640][T23756] Call Trace:
[ 2888.760043][T23756]  <TASK>
[ 2888.763006][T23756]  dump_stack_lvl+0x136/0x150
[ 2888.767733][T23756]  dump_header+0x10a/0xd70
[ 2888.772195][T23756]  oom_kill_process+0x25d/0x600
[ 2888.777098][T23756]  out_of_memory+0x35c/0x1660
[ 2888.781827][T23756]  ? find_held_lock+0x2d/0x110
[ 2888.786634][T23756]  ? oom_killer_disable+0x2b0/0x2b0
[ 2888.791877][T23756]  ? rcu_read_unlock+0x9/0x60
[ 2888.796601][T23756]  ? find_held_lock+0x2d/0x110
[ 2888.801410][T23756]  mem_cgroup_out_of_memory+0x206/0x270
[ 2888.807015][T23756]  ? mem_cgroup_margin+0x130/0x130
[ 2888.812187][T23756]  ? lock_downgrade+0x690/0x690
[ 2888.817103][T23756]  try_charge_memcg+0xf99/0x13a0
[ 2888.822104][T23756]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2888.828128][T23756]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2888.833902][T23756]  ? lock_downgrade+0x690/0x690
[ 2888.838807][T23756]  ? lock_downgrade+0x690/0x690
[ 2888.843731][T23756]  __memcg_kmem_charge_page+0x16e/0x3c0
[ 2888.849335][T23756]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2888.855558][T23756]  copy_process+0x1442/0x75c0
[ 2888.860272][T23756]  ? __lock_acquire+0xc17/0x5f30
[ 2888.865255][T23756]  ? pidfd_prepare+0x80/0x80
[ 2888.869903][T23756]  ? psi_memstall_leave+0x174/0x250
[ 2888.875217][T23756]  ? lock_downgrade+0x690/0x690
[ 2888.880147][T23756]  kernel_clone+0xeb/0x890
[ 2888.884613][T23756]  ? create_io_thread+0xe0/0xe0
[ 2888.889524][T23756]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2888.895836][T23756]  ? lock_downgrade+0x690/0x690
[ 2888.900861][T23756]  __do_sys_clone+0xba/0x100
[ 2888.905512][T23756]  ? kernel_clone+0x890/0x890
[ 2888.910533][T23756]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2888.916578][T23756]  do_syscall_64+0x39/0xb0
[ 2888.921065][T23756]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2888.927017][T23756] RIP: 0033:0x7f403688d591
[ 2888.931462][T23756] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2888.951220][T23756] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2888.959680][T23756] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2888.967864][T23756] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2888.975865][T23756] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2888.983865][T23756] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2888.991964][T23756] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2889.000274][T23756]  </TASK>
[ 2889.056796][T23756] memory: usage 307200kB, limit 307200kB, failcnt 19904
[ 2889.080532][T23756] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2889.106823][T23756] Memory cgroup stats for /syz4:
[ 2889.107060][T23756] anon 114688
[ 2889.107060][T23756] file 8380416
[ 2889.107060][T23756] kernel 306061312
[ 2889.107060][T23756] kernel_stack 32768
[ 2889.107060][T23756] pagetables 77824
[ 2889.107060][T23756] sec_pagetables 0
[ 2889.107060][T23756] percpu 5477376
[ 2889.107060][T23756] sock 0
[ 2889.107060][T23756] vmalloc 0
[ 2889.107060][T23756] shmem 8380416
[ 2889.107060][T23756] zswap 0
[ 2889.107060][T23756] zswapped 0
[ 2889.107060][T23756] file_mapped 405504
[ 2889.107060][T23756] file_dirty 0
[ 2889.107060][T23756] file_writeback 0
[ 2889.107060][T23756] swapcached 0
[ 2889.107060][T23756] anon_thp 0
[ 2889.107060][T23756] file_thp 0
[ 2889.107060][T23756] shmem_thp 0
[ 2889.107060][T23756] inactive_anon 4096
[ 2889.107060][T23756] active_anon 8491008
[ 2889.107060][T23756] inactive_file 0
[ 2889.107060][T23756] active_file 0
[ 2889.107060][T23756] unevictable 0
[ 2889.107060][T23756] slab_reclaimable 38216
[ 2889.107060][T23756] slab_unreclaimable 300379280
[ 2889.107060][T23756] slab 300417496
[ 2889.107060][T23756] workingset_refault_anon 0
[ 2889.107060][T23756] workingset_refault_file 0
[ 2889.107060][T23756] workingset_activate_anon 0
[ 2889.107060][T23756] workingset_activate_file 0
[ 2889.107060][T23756] workingset_restore_anon 0
[ 2889.107060][T23756] workingset_restore_file 0
[ 2889.107060][T23756] workingset_nodereclaim 0
[ 2889.107060][T23756] pgscan 0
[ 2889.107060][T23756] pgsteal 0
[ 2889.107060][T23756] pgscan_kswapd 0
[ 2889.107060][T23756] pgscan_direct 0
[ 2889.107060][T23756] pgscan_khugepaged 0
[ 2889.107060][T23756] pgsteal_kswapd 0
[ 2889.107060][T23756] pgsteal_direct 0
[ 2889.107060][T23756] pgsteal_khugepaged 0
[ 2889.107060][T23756] pgfault 387682
[ 2889.107060][T23756] pgmajfault 0
[ 2889.107060][T23756] pgrefill 0
[ 2889.107060][T23756] pgactivate 0
[ 2889.107060][T23756] pgdeactivate 0
[ 2889.107060][T23756] pglazyfree 0
[ 2889.107060][T23756] pglazyfreed 0
[ 2889.107060][T23756] zswpin 0
[ 2889.107060][T23756] zswpout 0
[ 2889.107060][T23756] thp_fault_alloc 0
13:49:03 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xd6)

[ 2889.310029][T23750] __nla_validate_parse: 28 callbacks suppressed
[ 2889.310050][T23750] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2889.349602][T23753] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2889.575511][T23754] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2889.597518][T23756] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23756,uid=0
[ 2889.599756][T23759] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
13:49:04 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

13:49:04 executing program 5:
socket$netlink(0x10, 0x3, 0x0) (async)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
connect$packet(r1, &(0x7f0000000400)={0x11, 0x10, r4, 0x1, 0x7f, 0x6, @remote}, 0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r9=>0x0})
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
pwritev(r10, &(0x7f00000003c0)=[{&(0x7f0000000380)="fbd3aed0fbd6b91ae1eddb740c2a6af5dc3fc51c4cb002e3a731e5139cd01cd245ee45fee8fd4b778e594bd99e34f171", 0x30}], 0x1, 0x800, 0xb2b0)
r11 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000940)=ANY=[@ANYBLOB="2c0000001300291a000000000000000007000000", @ANYRES32=r9, @ANYBLOB="00000000000000000c001a800800028004000500"], 0x2c}}, 0x0) (async)
sendmsg$nl_route(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000940)=ANY=[@ANYBLOB="2c0000001300291a000000000000000007000000", @ANYRES32=r9, @ANYBLOB="00000000000000000c001a800800028004000500"], 0x2c}}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socket(0x10, 0x80002, 0x0) (async)
r12 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)
sendmsg$nl_route(r12, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$NL80211_CMD_RELOAD_REGDB(r12, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x14, 0x0, 0x400, 0x70bd2d, 0x25dfdbfd, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x815}, 0x20040001)
recvfrom$inet(r1, &(0x7f0000000600)=""/74, 0x4a, 0x2000, &(0x7f00000006c0)={0x2, 0x4e21, @private=0xa010101}, 0x10)
sendmsg$nl_route(r11, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=@getlink={0x3c, 0x12, 0x400, 0x70bd28, 0x25dfdbff, {0x0, 0x0, 0x0, r2, 0x8000, 0x24400}, [@IFLA_IFNAME={0x14, 0x3, 'nr0\x00'}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000040}, 0x41)

[ 2889.627878][T23757] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2889.643012][T23756] Memory cgroup out of memory: Killed process 23756 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 2889.683705][T23752] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2889.727099][T23767] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
13:49:04 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6f00000000000000)

13:49:04 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r6=>0x0})
r7 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0x400, 0x0, 0x0, {0x7, 0x0, 0x0, r6}, [@IFLA_AF_SPEC={0x24, 0x1a, 0x0, 0x1, [@AF_INET={0x20, 0x2, 0x0, 0x1, {0x1c, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r4, 0x58, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
sendmsg$nl_route_sched(r7, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000380)={&(0x7f00000001c0)=@newtclass={0x34, 0x28, 0x200, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0xfff1, 0x2}, {0x9, 0x1}, {0x16, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x8a, 0x6}}, @TCA_RATE={0x6, 0x5, {0x7, 0x9}}]}, 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x800)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:49:04 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:49:04 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xd7)

[ 2889.870438][T23768] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2889.909361][T23774] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2890.012735][T23780] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2890.027095][T23773] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2890.045972][T23780] CPU: 1 PID: 23780 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2890.056469][T23780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2890.066552][T23780] Call Trace:
[ 2890.069857][T23780]  <TASK>
[ 2890.072807][T23780]  dump_stack_lvl+0x136/0x150
[ 2890.077524][T23780]  dump_header+0x10a/0xd70
[ 2890.082065][T23780]  oom_kill_process+0x25d/0x600
[ 2890.086951][T23780]  out_of_memory+0x35c/0x1660
[ 2890.091661][T23780]  ? find_held_lock+0x2d/0x110
[ 2890.096480][T23780]  ? oom_killer_disable+0x2b0/0x2b0
[ 2890.101720][T23780]  ? rcu_read_unlock+0x9/0x60
[ 2890.106429][T23780]  ? find_held_lock+0x2d/0x110
[ 2890.111218][T23780]  mem_cgroup_out_of_memory+0x206/0x270
[ 2890.116811][T23780]  ? mem_cgroup_margin+0x130/0x130
[ 2890.121969][T23780]  ? lock_downgrade+0x690/0x690
[ 2890.126876][T23780]  try_charge_memcg+0xf99/0x13a0
[ 2890.131875][T23780]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2890.137931][T23780]  ? rcu_read_unlock+0x9/0x60
[ 2890.142652][T23780]  ? lock_downgrade+0x690/0x690
[ 2890.147565][T23780]  charge_memcg+0x90/0x3b0
[ 2890.152125][T23780]  __mem_cgroup_charge+0x2b/0x90
[ 2890.157127][T23780]  ? copy_mc_to_kernel+0x3e/0x90
[ 2890.162111][T23780]  do_wp_page+0x8ea/0x33c0
[ 2890.166559][T23780]  ? lock_sync+0x190/0x190
[ 2890.171004][T23780]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2890.176415][T23780]  ? do_raw_spin_lock+0x124/0x2b0
[ 2890.181506][T23780]  ? spin_bug+0x1c0/0x1c0
[ 2890.185909][T23780]  __handle_mm_fault+0x1635/0x41c0
[ 2890.191081][T23780]  ? vm_iomap_memory+0x190/0x190
[ 2890.196054][T23780]  ? mas_walk+0x58f/0x730
[ 2890.200451][T23780]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2890.205612][T23780]  handle_mm_fault+0x2af/0x9f0
[ 2890.210422][T23780]  do_user_addr_fault+0x2ca/0x1210
[ 2890.215594][T23780]  ? rcu_is_watching+0x12/0xb0
[ 2890.220404][T23780]  exc_page_fault+0x98/0x170
[ 2890.225041][T23780]  asm_exc_page_fault+0x26/0x30
[ 2890.230042][T23780] RIP: 0033:0x7f4036836f7e
[ 2890.234493][T23780] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2890.254151][T23780] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2890.260264][T23780] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2890.268273][T23780] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2890.276269][T23780] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2890.284267][T23780] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2890.292272][T23780] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2890.300294][T23780]  </TASK>
13:49:04 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0}) (async)
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)
connect$packet(r1, &(0x7f0000000400)={0x11, 0x10, r4, 0x1, 0x7f, 0x6, @remote}, 0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r9=>0x0}) (async)
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) (async)
pwritev(r10, &(0x7f00000003c0)=[{&(0x7f0000000380)="fbd3aed0fbd6b91ae1eddb740c2a6af5dc3fc51c4cb002e3a731e5139cd01cd245ee45fee8fd4b778e594bd99e34f171", 0x30}], 0x1, 0x800, 0xb2b0) (async)
r11 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000940)=ANY=[@ANYBLOB="2c0000001300291a000000000000000007000000", @ANYRES32=r9, @ANYBLOB="00000000000000000c001a800800028004000500"], 0x2c}}, 0x0) (async)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
r12 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$NL80211_CMD_RELOAD_REGDB(r12, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x14, 0x0, 0x400, 0x70bd2d, 0x25dfdbfd, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x815}, 0x20040001) (async)
recvfrom$inet(r1, &(0x7f0000000600)=""/74, 0x4a, 0x2000, &(0x7f00000006c0)={0x2, 0x4e21, @private=0xa010101}, 0x10)
sendmsg$nl_route(r11, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=@getlink={0x3c, 0x12, 0x400, 0x70bd28, 0x25dfdbff, {0x0, 0x0, 0x0, r2, 0x8000, 0x24400}, [@IFLA_IFNAME={0x14, 0x3, 'nr0\x00'}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000040}, 0x41)

13:49:04 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

[ 2890.603856][T23780] memory: usage 307200kB, limit 307200kB, failcnt 20022
[ 2890.623048][T23780] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2890.641663][T23780] Memory cgroup stats for /syz4:
[ 2890.641943][T23780] anon 114688
[ 2890.641943][T23780] file 8380416
[ 2890.641943][T23780] kernel 306077696
[ 2890.641943][T23780] kernel_stack 65536
[ 2890.641943][T23780] pagetables 77824
[ 2890.641943][T23780] sec_pagetables 0
[ 2890.641943][T23780] percpu 5477376
[ 2890.641943][T23780] sock 0
[ 2890.641943][T23780] vmalloc 0
[ 2890.641943][T23780] shmem 8380416
[ 2890.641943][T23780] zswap 0
[ 2890.641943][T23780] zswapped 0
[ 2890.641943][T23780] file_mapped 405504
[ 2890.641943][T23780] file_dirty 0
[ 2890.641943][T23780] file_writeback 0
[ 2890.641943][T23780] swapcached 0
[ 2890.641943][T23780] anon_thp 0
[ 2890.641943][T23780] file_thp 0
[ 2890.641943][T23780] shmem_thp 0
[ 2890.641943][T23780] inactive_anon 4096
[ 2890.641943][T23780] active_anon 8491008
[ 2890.641943][T23780] inactive_file 0
[ 2890.641943][T23780] active_file 0
[ 2890.641943][T23780] unevictable 0
[ 2890.641943][T23780] slab_reclaimable 38216
[ 2890.641943][T23780] slab_unreclaimable 300379744
[ 2890.641943][T23780] slab 300417960
[ 2890.641943][T23780] workingset_refault_anon 0
[ 2890.641943][T23780] workingset_refault_file 0
[ 2890.641943][T23780] workingset_activate_anon 0
[ 2890.641943][T23780] workingset_activate_file 0
[ 2890.641943][T23780] workingset_restore_anon 0
[ 2890.641943][T23780] workingset_restore_file 0
[ 2890.641943][T23780] workingset_nodereclaim 0
[ 2890.641943][T23780] pgscan 0
[ 2890.641943][T23780] pgsteal 0
[ 2890.641943][T23780] pgscan_kswapd 0
[ 2890.641943][T23780] pgscan_direct 0
[ 2890.641943][T23780] pgscan_khugepaged 0
[ 2890.641943][T23780] pgsteal_kswapd 0
[ 2890.641943][T23780] pgsteal_direct 0
[ 2890.641943][T23780] pgsteal_khugepaged 0
[ 2890.641943][T23780] pgfault 387720
[ 2890.641943][T23780] pgmajfault 0
[ 2890.641943][T23780] pgrefill 0
[ 2890.641943][T23780] pgactivate 0
[ 2890.641943][T23780] pgdeactivate 0
[ 2890.641943][T23780] pglazyfree 0
[ 2890.641943][T23780] pglazyfreed 0
[ 2890.641943][T23780] zswpin 0
[ 2890.641943][T23780] zswpout 0
[ 2890.641943][T23780] thp_fault_alloc 0
13:49:05 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xd8)

[ 2890.862215][T23780] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23780,uid=0
[ 2890.887710][T23780] Memory cgroup out of memory: Killed process 23780 (syz-executor.4) total-vm:54548kB, anon-rss:440kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:49:05 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r6=>0x0})
r7 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0x400, 0x0, 0x0, {0x7, 0x0, 0x0, r6}, [@IFLA_AF_SPEC={0x24, 0x1a, 0x0, 0x1, [@AF_INET={0x20, 0x2, 0x0, 0x1, {0x1c, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r4, 0x58, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
sendmsg$nl_route_sched(r7, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000380)={&(0x7f00000001c0)=@newtclass={0x34, 0x28, 0x200, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0xfff1, 0x2}, {0x9, 0x1}, {0x16, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x8a, 0x6}}, @TCA_RATE={0x6, 0x5, {0x7, 0x9}}]}, 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x800)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:49:05 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b00"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:49:05 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f00000006c0)=@deltaction={0x1a0, 0x31, 0x8, 0x70bd29, 0x25dfdbfb, {}, [@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x17, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0xe54, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x16}}]}, @TCA_ACT_TAB={0x38, 0x1, [{0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0x10, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0x7, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9a}}]}, @TCA_ACT_TAB={0x80, 0x1, [{0xc, 0xc, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x10001}}, {0xc, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0xa, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0x1b, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0xb, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0xc, 0x1b, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xbf79}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x11, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xffff}}, {0x10, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}]}, @TCA_ACT_TAB={0x30, 0x1, [{0x10, 0x1b, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0x10, 0x18, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}]}, @TCA_ACT_TAB={0x78, 0x1, [{0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0x10, 0x18, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0x10, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xdfe4}}, {0xc, 0x140e, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8e}}]}]}, 0x1a0}, 0x1, 0x0, 0x0, 0x15}, 0x60800)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:49:05 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x6f01000000000000)

13:49:05 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

[ 2891.174505][T23804] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2891.205561][T23804] CPU: 1 PID: 23804 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2891.216047][T23804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2891.226217][T23804] Call Trace:
[ 2891.229524][T23804]  <TASK>
[ 2891.232478][T23804]  dump_stack_lvl+0x136/0x150
[ 2891.237216][T23804]  dump_header+0x10a/0xd70
[ 2891.241674][T23804]  oom_kill_process+0x25d/0x600
[ 2891.246581][T23804]  out_of_memory+0x35c/0x1660
[ 2891.251389][T23804]  ? find_held_lock+0x2d/0x110
[ 2891.256239][T23804]  ? oom_killer_disable+0x2b0/0x2b0
[ 2891.261488][T23804]  ? rcu_read_unlock+0x9/0x60
[ 2891.266221][T23804]  ? find_held_lock+0x2d/0x110
[ 2891.271043][T23804]  mem_cgroup_out_of_memory+0x206/0x270
[ 2891.276742][T23804]  ? mem_cgroup_margin+0x130/0x130
[ 2891.281901][T23804]  ? lock_downgrade+0x690/0x690
[ 2891.286836][T23804]  try_charge_memcg+0xf99/0x13a0
[ 2891.291847][T23804]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2891.297881][T23804]  ? rcu_read_unlock+0x9/0x60
[ 2891.302609][T23804]  ? lock_downgrade+0x690/0x690
[ 2891.307531][T23804]  charge_memcg+0x90/0x3b0
[ 2891.312054][T23804]  __mem_cgroup_charge+0x2b/0x90
[ 2891.317115][T23804]  ? copy_mc_to_kernel+0x3e/0x90
[ 2891.322105][T23804]  do_wp_page+0x8ea/0x33c0
[ 2891.326574][T23804]  ? lock_sync+0x190/0x190
[ 2891.331234][T23804]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2891.336664][T23804]  ? do_raw_spin_lock+0x124/0x2b0
[ 2891.341749][T23804]  ? spin_bug+0x1c0/0x1c0
[ 2891.346257][T23804]  __handle_mm_fault+0x1635/0x41c0
[ 2891.351513][T23804]  ? vm_iomap_memory+0x190/0x190
[ 2891.356489][T23804]  ? mas_walk+0x58f/0x730
[ 2891.360983][T23804]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2891.366146][T23804]  handle_mm_fault+0x2af/0x9f0
[ 2891.370961][T23804]  do_user_addr_fault+0x2ca/0x1210
[ 2891.376119][T23804]  ? rcu_is_watching+0x12/0xb0
[ 2891.380955][T23804]  exc_page_fault+0x98/0x170
[ 2891.385599][T23804]  asm_exc_page_fault+0x26/0x30
[ 2891.390496][T23804] RIP: 0033:0x7f4036836f7e
[ 2891.395024][T23804] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2891.414682][T23804] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2891.420789][T23804] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2891.428884][T23804] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2891.436913][T23804] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2891.445198][T23804] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2891.453211][T23804] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2891.461252][T23804]  </TASK>
[ 2891.484734][T23804] memory: usage 307200kB, limit 307200kB, failcnt 20091
[ 2891.492132][T23804] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2891.499874][T23804] Memory cgroup stats for /syz4:
[ 2891.500151][T23804] anon 114688
[ 2891.500151][T23804] file 8380416
[ 2891.500151][T23804] kernel 306077696
[ 2891.500151][T23804] kernel_stack 65536
[ 2891.500151][T23804] pagetables 77824
[ 2891.500151][T23804] sec_pagetables 0
[ 2891.500151][T23804] percpu 5477376
[ 2891.500151][T23804] sock 0
[ 2891.500151][T23804] vmalloc 0
[ 2891.500151][T23804] shmem 8380416
[ 2891.500151][T23804] zswap 0
[ 2891.500151][T23804] zswapped 0
[ 2891.500151][T23804] file_mapped 405504
[ 2891.500151][T23804] file_dirty 0
[ 2891.500151][T23804] file_writeback 0
[ 2891.500151][T23804] swapcached 0
[ 2891.500151][T23804] anon_thp 0
[ 2891.500151][T23804] file_thp 0
[ 2891.500151][T23804] shmem_thp 0
[ 2891.500151][T23804] inactive_anon 4096
[ 2891.500151][T23804] active_anon 8491008
[ 2891.500151][T23804] inactive_file 0
[ 2891.500151][T23804] active_file 0
[ 2891.500151][T23804] unevictable 0
[ 2891.500151][T23804] slab_reclaimable 38216
[ 2891.500151][T23804] slab_unreclaimable 300379744
[ 2891.500151][T23804] slab 300417960
[ 2891.500151][T23804] workingset_refault_anon 0
[ 2891.500151][T23804] workingset_refault_file 0
[ 2891.500151][T23804] workingset_activate_anon 0
[ 2891.500151][T23804] workingset_activate_file 0
[ 2891.500151][T23804] workingset_restore_anon 0
[ 2891.500151][T23804] workingset_restore_file 0
[ 2891.500151][T23804] workingset_nodereclaim 0
[ 2891.500151][T23804] pgscan 0
[ 2891.500151][T23804] pgsteal 0
[ 2891.500151][T23804] pgscan_kswapd 0
[ 2891.500151][T23804] pgscan_direct 0
[ 2891.500151][T23804] pgscan_khugepaged 0
[ 2891.500151][T23804] pgsteal_kswapd 0
[ 2891.500151][T23804] pgsteal_direct 0
[ 2891.500151][T23804] pgsteal_khugepaged 0
[ 2891.500151][T23804] pgfault 387756
[ 2891.500151][T23804] pgmajfault 0
[ 2891.500151][T23804] pgrefill 0
[ 2891.500151][T23804] pgactivate 0
[ 2891.500151][T23804] pgdeactivate 0
[ 2891.500151][T23804] pglazyfree 0
[ 2891.500151][T23804] pglazyfreed 0
[ 2891.500151][T23804] zswpin 0
[ 2891.500151][T23804] zswpout 0
13:49:06 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xd9)

13:49:06 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async, rerun: 32)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (rerun: 32)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async, rerun: 64)
r4 = socket$netlink(0x10, 0x3, 0x0) (async, rerun: 64)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r6=>0x0}) (async)
r7 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0x400, 0x0, 0x0, {0x7, 0x0, 0x0, r6}, [@IFLA_AF_SPEC={0x24, 0x1a, 0x0, 0x1, [@AF_INET={0x20, 0x2, 0x0, 0x1, {0x1c, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r4, 0x58, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
sendmsg$nl_route_sched(r7, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000380)={&(0x7f00000001c0)=@newtclass={0x34, 0x28, 0x200, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0xfff1, 0x2}, {0x9, 0x1}, {0x16, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x8a, 0x6}}, @TCA_RATE={0x6, 0x5, {0x7, 0x9}}]}, 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x800) (async)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2891.500151][T23804] thp_fault_alloc 0
[ 2891.696337][T23804] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23804,uid=0
[ 2891.712720][T23804] Memory cgroup out of memory: Killed process 23804 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 2891.841915][T23826] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2891.852857][T23826] CPU: 1 PID: 23826 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2891.863317][T23826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2891.873501][T23826] Call Trace:
[ 2891.876816][T23826]  <TASK>
[ 2891.879777][T23826]  dump_stack_lvl+0x136/0x150
[ 2891.884507][T23826]  dump_header+0x10a/0xd70
[ 2891.888961][T23826]  oom_kill_process+0x25d/0x600
[ 2891.893946][T23826]  out_of_memory+0x35c/0x1660
[ 2891.898671][T23826]  ? find_held_lock+0x2d/0x110
[ 2891.903478][T23826]  ? oom_killer_disable+0x2b0/0x2b0
[ 2891.908711][T23826]  ? rcu_read_unlock+0x9/0x60
[ 2891.913498][T23826]  ? find_held_lock+0x2d/0x110
[ 2891.918280][T23826]  mem_cgroup_out_of_memory+0x206/0x270
[ 2891.923848][T23826]  ? mem_cgroup_margin+0x130/0x130
[ 2891.928974][T23826]  ? lock_downgrade+0x690/0x690
[ 2891.933853][T23826]  try_charge_memcg+0xf99/0x13a0
[ 2891.938818][T23826]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2891.944822][T23826]  ? rcu_read_unlock+0x9/0x60
[ 2891.949511][T23826]  ? lock_downgrade+0x690/0x690
[ 2891.954390][T23826]  charge_memcg+0x90/0x3b0
[ 2891.958833][T23826]  __mem_cgroup_charge+0x2b/0x90
[ 2891.963777][T23826]  ? copy_mc_to_kernel+0x3e/0x90
[ 2891.968735][T23826]  do_wp_page+0x8ea/0x33c0
[ 2891.973166][T23826]  ? lock_sync+0x190/0x190
[ 2891.977603][T23826]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2891.982990][T23826]  ? do_raw_spin_lock+0x124/0x2b0
[ 2891.988033][T23826]  ? spin_bug+0x1c0/0x1c0
[ 2891.992388][T23826]  __handle_mm_fault+0x1635/0x41c0
[ 2891.997515][T23826]  ? vm_iomap_memory+0x190/0x190
[ 2892.002465][T23826]  ? mas_walk+0x58f/0x730
[ 2892.006821][T23826]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2892.011948][T23826]  handle_mm_fault+0x2af/0x9f0
[ 2892.016734][T23826]  do_user_addr_fault+0x2ca/0x1210
[ 2892.021867][T23826]  ? rcu_is_watching+0x12/0xb0
[ 2892.026661][T23826]  exc_page_fault+0x98/0x170
[ 2892.031263][T23826]  asm_exc_page_fault+0x26/0x30
[ 2892.036131][T23826] RIP: 0033:0x7f4036836f7e
[ 2892.040547][T23826] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2892.060170][T23826] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2892.066244][T23826] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2892.074222][T23826] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2892.082305][T23826] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
13:49:06 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b00"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:49:06 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0}) (async)
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f00000006c0)=@deltaction={0x1a0, 0x31, 0x8, 0x70bd29, 0x25dfdbfb, {}, [@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x17, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0xe54, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x16}}]}, @TCA_ACT_TAB={0x38, 0x1, [{0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0x10, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0x7, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9a}}]}, @TCA_ACT_TAB={0x80, 0x1, [{0xc, 0xc, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x10001}}, {0xc, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0xa, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0x1b, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0xb, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0xc, 0x1b, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xbf79}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x11, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xffff}}, {0x10, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}]}, @TCA_ACT_TAB={0x30, 0x1, [{0x10, 0x1b, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0x10, 0x18, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}]}, @TCA_ACT_TAB={0x78, 0x1, [{0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0x10, 0x18, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0x10, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xdfe4}}, {0xc, 0x140e, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8e}}]}]}, 0x1a0}, 0x1, 0x0, 0x0, 0x15}, 0x60800) (async, rerun: 64)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async, rerun: 64)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async, rerun: 64)
r7 = socket$netlink(0x10, 0x3, 0x0) (rerun: 64)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2892.090290][T23826] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2892.098527][T23826] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2892.106521][T23826]  </TASK>
[ 2892.118553][T23826] memory: usage 307200kB, limit 307200kB, failcnt 20167
[ 2892.137813][T23826] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2892.154422][T23826] Memory cgroup stats for /syz4:
[ 2892.154664][T23826] anon 114688
[ 2892.154664][T23826] file 8380416
[ 2892.154664][T23826] kernel 306077696
[ 2892.154664][T23826] kernel_stack 65536
[ 2892.154664][T23826] pagetables 77824
[ 2892.154664][T23826] sec_pagetables 0
[ 2892.154664][T23826] percpu 5477376
[ 2892.154664][T23826] sock 0
[ 2892.154664][T23826] vmalloc 0
[ 2892.154664][T23826] shmem 8380416
[ 2892.154664][T23826] zswap 0
[ 2892.154664][T23826] zswapped 0
[ 2892.154664][T23826] file_mapped 405504
[ 2892.154664][T23826] file_dirty 0
[ 2892.154664][T23826] file_writeback 0
[ 2892.154664][T23826] swapcached 0
[ 2892.154664][T23826] anon_thp 0
[ 2892.154664][T23826] file_thp 0
[ 2892.154664][T23826] shmem_thp 0
[ 2892.154664][T23826] inactive_anon 4096
[ 2892.154664][T23826] active_anon 8491008
[ 2892.154664][T23826] inactive_file 0
[ 2892.154664][T23826] active_file 0
[ 2892.154664][T23826] unevictable 0
[ 2892.154664][T23826] slab_reclaimable 38216
[ 2892.154664][T23826] slab_unreclaimable 300379744
[ 2892.154664][T23826] slab 300417960
[ 2892.154664][T23826] workingset_refault_anon 0
[ 2892.154664][T23826] workingset_refault_file 0
[ 2892.154664][T23826] workingset_activate_anon 0
[ 2892.154664][T23826] workingset_activate_file 0
[ 2892.154664][T23826] workingset_restore_anon 0
[ 2892.154664][T23826] workingset_restore_file 0
[ 2892.154664][T23826] workingset_nodereclaim 0
[ 2892.154664][T23826] pgscan 0
[ 2892.154664][T23826] pgsteal 0
[ 2892.154664][T23826] pgscan_kswapd 0
[ 2892.154664][T23826] pgscan_direct 0
[ 2892.154664][T23826] pgscan_khugepaged 0
[ 2892.154664][T23826] pgsteal_kswapd 0
[ 2892.154664][T23826] pgsteal_direct 0
[ 2892.154664][T23826] pgsteal_khugepaged 0
[ 2892.154664][T23826] pgfault 387793
[ 2892.154664][T23826] pgmajfault 0
[ 2892.154664][T23826] pgrefill 0
[ 2892.154664][T23826] pgactivate 0
[ 2892.154664][T23826] pgdeactivate 0
[ 2892.154664][T23826] pglazyfree 0
[ 2892.154664][T23826] pglazyfreed 0
[ 2892.154664][T23826] zswpin 0
[ 2892.154664][T23826] zswpout 0
[ 2892.154664][T23826] thp_fault_alloc 0
13:49:06 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000600)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000a3fc25142252a78d2ba5c4a1b62a0fabe3f1cdeb0e1f0d73277759d0ff5ef99381a6398e28f2a5b59c8935705567b18acbed8f13ee942def04ecabd32ae47745eee220e47a0a4af251d374c4f57503af337387af645bdded21f8a02aaafc3f8e8ecc8a2d650c026baa18ba94db579e14a27157c9fc7e313a4c69b9b7bd17500211465873e6aa8c615c14cc0fd12e6a984255afbc9b58e01af0c3cca0b2f13d839a143e11ee45f6ba4f56d35225e96ab3cf28a7bfe99a23f5bd9423004a639f51377a0ad44b28aa11494584e157f3932f27", @ANYRES64=r0, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r6=>0x0})
r7 = socket(0x10, 0x80002, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000000000)={@local, 0x8, 0x2, 0x3, 0xa, 0x8, 0x80}, 0x20)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r6}, [@IFLA_AF_SPEC={0x24, 0x1a, 0x0, 0x1, [@AF_INET={0x20, 0x2, 0x0, 0x1, {0x1c, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x8001}, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r7, 0x10e, 0x3, &(0x7f0000000080)=0x3, 0x4)

[ 2892.360611][T23826] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23826,uid=0
[ 2892.378318][T23826] Memory cgroup out of memory: Killed process 23826 (syz-executor.4) total-vm:50708kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 2892.503954][T23838] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2892.523274][T23838] CPU: 0 PID: 23838 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2892.533750][T23838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2892.544631][T23838] Call Trace:
[ 2892.547952][T23838]  <TASK>
[ 2892.550993][T23838]  dump_stack_lvl+0x136/0x150
[ 2892.555712][T23838]  dump_header+0x10a/0xd70
[ 2892.560185][T23838]  oom_kill_process+0x25d/0x600
[ 2892.565075][T23838]  out_of_memory+0x35c/0x1660
[ 2892.569793][T23838]  ? find_held_lock+0x2d/0x110
[ 2892.574606][T23838]  ? oom_killer_disable+0x2b0/0x2b0
[ 2892.579847][T23838]  ? rcu_read_unlock+0x9/0x60
[ 2892.584559][T23838]  ? find_held_lock+0x2d/0x110
[ 2892.589359][T23838]  mem_cgroup_out_of_memory+0x206/0x270
[ 2892.594956][T23838]  ? mem_cgroup_margin+0x130/0x130
[ 2892.600115][T23838]  ? lock_downgrade+0x690/0x690
[ 2892.605110][T23838]  try_charge_memcg+0xf99/0x13a0
[ 2892.610096][T23838]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2892.616116][T23838]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2892.621885][T23838]  ? lock_downgrade+0x690/0x690
[ 2892.626890][T23838]  ? lock_downgrade+0x690/0x690
[ 2892.631801][T23838]  __memcg_kmem_charge_page+0x16e/0x3c0
[ 2892.637490][T23838]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2892.643688][T23838]  copy_process+0x4f9/0x75c0
[ 2892.648318][T23838]  ? __lock_acquire+0xc17/0x5f30
[ 2892.653313][T23838]  ? pidfd_prepare+0x80/0x80
[ 2892.657960][T23838]  ? psi_memstall_leave+0x174/0x250
[ 2892.663277][T23838]  ? lock_downgrade+0x690/0x690
[ 2892.668217][T23838]  kernel_clone+0xeb/0x890
[ 2892.672677][T23838]  ? create_io_thread+0xe0/0xe0
[ 2892.677565][T23838]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2892.683863][T23838]  ? lock_downgrade+0x690/0x690
[ 2892.688766][T23838]  __do_sys_clone+0xba/0x100
[ 2892.693396][T23838]  ? kernel_clone+0x890/0x890
[ 2892.698138][T23838]  ? syscall_enter_from_user_mode+0x26/0x80
13:49:07 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

[ 2892.704072][T23838]  do_syscall_64+0x39/0xb0
[ 2892.708535][T23838]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2892.714485][T23838] RIP: 0033:0x7f403688d591
[ 2892.719016][T23838] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2892.739175][T23838] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2892.747624][T23838] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2892.755636][T23838] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2892.763638][T23838] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2892.771670][T23838] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2892.779761][T23838] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2892.787801][T23838]  </TASK>
[ 2893.100769][T23838] memory: usage 307200kB, limit 307200kB, failcnt 20250
[ 2893.119612][T23838] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2893.126785][T23838] Memory cgroup stats for /syz4:
[ 2893.126973][T23838] anon 114688
[ 2893.126973][T23838] file 8380416
[ 2893.126973][T23838] kernel 306061312
[ 2893.126973][T23838] kernel_stack 32768
[ 2893.126973][T23838] pagetables 77824
[ 2893.126973][T23838] sec_pagetables 0
[ 2893.126973][T23838] percpu 5477376
[ 2893.126973][T23838] sock 0
[ 2893.126973][T23838] vmalloc 0
[ 2893.126973][T23838] shmem 8380416
[ 2893.126973][T23838] zswap 0
[ 2893.126973][T23838] zswapped 0
[ 2893.126973][T23838] file_mapped 405504
[ 2893.126973][T23838] file_dirty 0
[ 2893.126973][T23838] file_writeback 0
[ 2893.126973][T23838] swapcached 0
[ 2893.126973][T23838] anon_thp 0
[ 2893.126973][T23838] file_thp 0
[ 2893.126973][T23838] shmem_thp 0
[ 2893.126973][T23838] inactive_anon 4096
[ 2893.126973][T23838] active_anon 8491008
[ 2893.126973][T23838] inactive_file 0
[ 2893.126973][T23838] active_file 0
[ 2893.126973][T23838] unevictable 0
[ 2893.126973][T23838] slab_reclaimable 38216
[ 2893.126973][T23838] slab_unreclaimable 300379280
[ 2893.126973][T23838] slab 300417496
[ 2893.126973][T23838] workingset_refault_anon 0
[ 2893.126973][T23838] workingset_refault_file 0
[ 2893.126973][T23838] workingset_activate_anon 0
[ 2893.126973][T23838] workingset_activate_file 0
[ 2893.126973][T23838] workingset_restore_anon 0
[ 2893.126973][T23838] workingset_restore_file 0
[ 2893.126973][T23838] workingset_nodereclaim 0
[ 2893.126973][T23838] pgscan 0
[ 2893.126973][T23838] pgsteal 0
[ 2893.126973][T23838] pgscan_kswapd 0
[ 2893.126973][T23838] pgscan_direct 0
[ 2893.126973][T23838] pgscan_khugepaged 0
[ 2893.126973][T23838] pgsteal_kswapd 0
[ 2893.126973][T23838] pgsteal_direct 0
[ 2893.126973][T23838] pgsteal_khugepaged 0
[ 2893.126973][T23838] pgfault 387832
[ 2893.126973][T23838] pgmajfault 0
[ 2893.126973][T23838] pgrefill 0
[ 2893.126973][T23838] pgactivate 0
[ 2893.126973][T23838] pgdeactivate 0
[ 2893.126973][T23838] pglazyfree 0
13:49:07 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x7000000000000000)

13:49:07 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b00"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:49:07 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xda)

[ 2893.126973][T23838] pglazyfreed 0
[ 2893.126973][T23838] zswpin 0
[ 2893.126973][T23838] zswpout 0
[ 2893.126973][T23838] thp_fault_alloc 0
[ 2893.321497][T23838] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23838,uid=0
[ 2893.373432][T23838] Memory cgroup out of memory: Killed process 23838 (syz-executor.4) total-vm:54548kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:49:07 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

13:49:07 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)
sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f00000006c0)=@deltaction={0x1a0, 0x31, 0x8, 0x70bd29, 0x25dfdbfb, {}, [@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x17, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0xe54, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x16}}]}, @TCA_ACT_TAB={0x38, 0x1, [{0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0x10, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0x7, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9a}}]}, @TCA_ACT_TAB={0x80, 0x1, [{0xc, 0xc, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x10001}}, {0xc, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0xa, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0x1b, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0xb, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0xc, 0x1b, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xbf79}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x11, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xffff}}, {0x10, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}]}, @TCA_ACT_TAB={0x30, 0x1, [{0x10, 0x1b, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0x10, 0x18, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}]}, @TCA_ACT_TAB={0x78, 0x1, [{0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0x10, 0x18, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0x10, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xdfe4}}, {0xc, 0x140e, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8e}}]}]}, 0x1a0}, 0x1, 0x0, 0x0, 0x15}, 0x60800) (async, rerun: 64)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async, rerun: 64)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:49:07 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000600)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000a3fc25142252a78d2ba5c4a1b62a0fabe3f1cdeb0e1f0d73277759d0ff5ef99381a6398e28f2a5b59c8935705567b18acbed8f13ee942def04ecabd32ae47745eee220e47a0a4af251d374c4f57503af337387af645bdded21f8a02aaafc3f8e8ecc8a2d650c026baa18ba94db579e14a27157c9fc7e313a4c69b9b7bd17500211465873e6aa8c615c14cc0fd12e6a984255afbc9b58e01af0c3cca0b2f13d839a143e11ee45f6ba4f56d35225e96ab3cf28a7bfe99a23f5bd9423004a639f51377a0ad44b28aa11494584e157f3932f27", @ANYRES64=r0, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r6=>0x0})
r7 = socket(0x10, 0x80002, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000000000)={@local, 0x8, 0x2, 0x3, 0xa, 0x8, 0x80}, 0x20) (async)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r6}, [@IFLA_AF_SPEC={0x24, 0x1a, 0x0, 0x1, [@AF_INET={0x20, 0x2, 0x0, 0x1, {0x1c, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x8001}, 0x0) (async)
setsockopt$netlink_NETLINK_PKTINFO(r7, 0x10e, 0x3, &(0x7f0000000080)=0x3, 0x4)

[ 2893.631432][T23862] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2893.662118][T23862] CPU: 0 PID: 23862 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2893.672597][T23862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2893.682940][T23862] Call Trace:
[ 2893.686245][T23862]  <TASK>
[ 2893.689197][T23862]  dump_stack_lvl+0x136/0x150
[ 2893.693907][T23862]  dump_header+0x10a/0xd70
[ 2893.698354][T23862]  oom_kill_process+0x25d/0x600
[ 2893.703247][T23862]  out_of_memory+0x35c/0x1660
[ 2893.707949][T23862]  ? find_held_lock+0x2d/0x110
[ 2893.712745][T23862]  ? oom_killer_disable+0x2b0/0x2b0
[ 2893.717984][T23862]  ? rcu_read_unlock+0x9/0x60
[ 2893.722710][T23862]  ? find_held_lock+0x2d/0x110
[ 2893.727529][T23862]  mem_cgroup_out_of_memory+0x206/0x270
[ 2893.733114][T23862]  ? mem_cgroup_margin+0x130/0x130
[ 2893.738245][T23862]  ? lock_downgrade+0x690/0x690
[ 2893.743300][T23862]  try_charge_memcg+0xf99/0x13a0
[ 2893.748267][T23862]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2893.754269][T23862]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2893.760011][T23862]  ? lock_downgrade+0x690/0x690
[ 2893.764880][T23862]  ? lock_downgrade+0x690/0x690
[ 2893.769763][T23862]  __memcg_kmem_charge_page+0x16e/0x3c0
[ 2893.775336][T23862]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2893.781509][T23862]  copy_process+0x1442/0x75c0
[ 2893.786203][T23862]  ? folio_flags.constprop.0+0x53/0x150
[ 2893.791779][T23862]  ? pidfd_prepare+0x80/0x80
[ 2893.796409][T23862]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2893.802416][T23862]  kernel_clone+0xeb/0x890
[ 2893.806941][T23862]  ? create_io_thread+0xe0/0xe0
[ 2893.811810][T23862]  ? do_user_addr_fault+0x2b1/0x1210
[ 2893.817199][T23862]  ? reacquire_held_locks+0x216/0x4e0
[ 2893.822594][T23862]  ? do_user_addr_fault+0x2b1/0x1210
[ 2893.827912][T23862]  ? find_held_lock+0x2d/0x110
[ 2893.832697][T23862]  __do_sys_clone+0xba/0x100
[ 2893.837311][T23862]  ? kernel_clone+0x890/0x890
[ 2893.842015][T23862]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2893.847927][T23862]  do_syscall_64+0x39/0xb0
[ 2893.852387][T23862]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2893.858320][T23862] RIP: 0033:0x7f403688d591
[ 2893.862745][T23862] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2893.882534][T23862] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2893.890955][T23862] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2893.898933][T23862] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2893.906910][T23862] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2893.914888][T23862] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2893.922956][T23862] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2893.931046][T23862]  </TASK>
[ 2893.967524][T23862] memory: usage 307200kB, limit 307200kB, failcnt 20359
[ 2893.975886][T23862] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2893.985533][T23862] Memory cgroup stats for /syz4:
[ 2893.985765][T23862] anon 114688
[ 2893.985765][T23862] file 8380416
[ 2893.985765][T23862] kernel 306061312
[ 2893.985765][T23862] kernel_stack 32768
[ 2893.985765][T23862] pagetables 77824
[ 2893.985765][T23862] sec_pagetables 0
[ 2893.985765][T23862] percpu 5477376
[ 2893.985765][T23862] sock 0
[ 2893.985765][T23862] vmalloc 0
[ 2893.985765][T23862] shmem 8380416
[ 2893.985765][T23862] zswap 0
[ 2893.985765][T23862] zswapped 0
[ 2893.985765][T23862] file_mapped 405504
[ 2893.985765][T23862] file_dirty 0
[ 2893.985765][T23862] file_writeback 0
[ 2893.985765][T23862] swapcached 0
[ 2893.985765][T23862] anon_thp 0
[ 2893.985765][T23862] file_thp 0
[ 2893.985765][T23862] shmem_thp 0
[ 2893.985765][T23862] inactive_anon 4096
[ 2893.985765][T23862] active_anon 8491008
[ 2893.985765][T23862] inactive_file 0
[ 2893.985765][T23862] active_file 0
[ 2893.985765][T23862] unevictable 0
[ 2893.985765][T23862] slab_reclaimable 38216
[ 2893.985765][T23862] slab_unreclaimable 300381896
[ 2893.985765][T23862] slab 300420112
[ 2893.985765][T23862] workingset_refault_anon 0
[ 2893.985765][T23862] workingset_refault_file 0
[ 2893.985765][T23862] workingset_activate_anon 0
[ 2893.985765][T23862] workingset_activate_file 0
[ 2893.985765][T23862] workingset_restore_anon 0
[ 2893.985765][T23862] workingset_restore_file 0
[ 2893.985765][T23862] workingset_nodereclaim 0
[ 2893.985765][T23862] pgscan 0
[ 2893.985765][T23862] pgsteal 0
[ 2893.985765][T23862] pgscan_kswapd 0
[ 2893.985765][T23862] pgscan_direct 0
[ 2893.985765][T23862] pgscan_khugepaged 0
[ 2893.985765][T23862] pgsteal_kswapd 0
[ 2893.985765][T23862] pgsteal_direct 0
[ 2893.985765][T23862] pgsteal_khugepaged 0
[ 2893.985765][T23862] pgfault 387867
[ 2893.985765][T23862] pgmajfault 0
[ 2893.985765][T23862] pgrefill 0
[ 2893.985765][T23862] pgactivate 0
[ 2893.985765][T23862] pgdeactivate 0
[ 2893.985765][T23862] pglazyfree 0
[ 2893.985765][T23862] pglazyfreed 0
[ 2893.985765][T23862] zswpin 0
[ 2893.985765][T23862] zswpout 0
[ 2893.985765][T23862] thp_fault_alloc 0
[ 2894.177739][T23862] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23862,uid=0
[ 2894.194535][T23862] Memory cgroup out of memory: Killed process 23862 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:49:08 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000600)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000a3fc25142252a78d2ba5c4a1b62a0fabe3f1cdeb0e1f0d73277759d0ff5ef99381a6398e28f2a5b59c8935705567b18acbed8f13ee942def04ecabd32ae47745eee220e47a0a4af251d374c4f57503af337387af645bdded21f8a02aaafc3f8e8ecc8a2d650c026baa18ba94db579e14a27157c9fc7e313a4c69b9b7bd17500211465873e6aa8c615c14cc0fd12e6a984255afbc9b58e01af0c3cca0b2f13d839a143e11ee45f6ba4f56d35225e96ab3cf28a7bfe99a23f5bd9423004a639f51377a0ad44b28aa11494584e157f3932f27", @ANYRES64=r0, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r6=>0x0}) (async)
r7 = socket(0x10, 0x80002, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000000000)={@local, 0x8, 0x2, 0x3, 0xa, 0x8, 0x80}, 0x20)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r6}, [@IFLA_AF_SPEC={0x24, 0x1a, 0x0, 0x1, [@AF_INET={0x20, 0x2, 0x0, 0x1, {0x1c, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x8001}, 0x0) (async)
setsockopt$netlink_NETLINK_PKTINFO(r7, 0x10e, 0x3, &(0x7f0000000080)=0x3, 0x4)

[ 2894.352404][T23859] __nla_validate_parse: 35 callbacks suppressed
[ 2894.352425][T23859] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2894.352508][T23858] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2894.407707][T23866] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2894.419610][T23866] CPU: 1 PID: 23866 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2894.430074][T23866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2894.440170][T23866] Call Trace:
[ 2894.443477][T23866]  <TASK>
[ 2894.446433][T23866]  dump_stack_lvl+0x136/0x150
[ 2894.451160][T23866]  dump_header+0x10a/0xd70
[ 2894.455622][T23866]  oom_kill_process+0x25d/0x600
[ 2894.460515][T23866]  out_of_memory+0x35c/0x1660
[ 2894.465229][T23866]  ? find_held_lock+0x2d/0x110
[ 2894.470045][T23866]  ? oom_killer_disable+0x2b0/0x2b0
[ 2894.475305][T23866]  ? rcu_read_unlock+0x9/0x60
[ 2894.480029][T23866]  ? find_held_lock+0x2d/0x110
[ 2894.484851][T23866]  mem_cgroup_out_of_memory+0x206/0x270
[ 2894.490475][T23866]  ? mem_cgroup_margin+0x130/0x130
[ 2894.495726][T23866]  ? lock_downgrade+0x690/0x690
[ 2894.500648][T23866]  try_charge_memcg+0xf99/0x13a0
[ 2894.505647][T23866]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2894.511704][T23866]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2894.517474][T23866]  ? lock_downgrade+0x690/0x690
[ 2894.522368][T23866]  ? lock_downgrade+0x690/0x690
[ 2894.527294][T23866]  __memcg_kmem_charge_page+0x16e/0x3c0
[ 2894.532886][T23866]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2894.539111][T23866]  copy_process+0x4f9/0x75c0
[ 2894.543746][T23866]  ? __lock_acquire+0xc17/0x5f30
[ 2894.548740][T23866]  ? pidfd_prepare+0x80/0x80
[ 2894.553377][T23866]  ? psi_memstall_leave+0x174/0x250
[ 2894.558601][T23866]  ? lock_downgrade+0x690/0x690
[ 2894.563509][T23866]  kernel_clone+0xeb/0x890
[ 2894.567974][T23866]  ? create_io_thread+0xe0/0xe0
[ 2894.572873][T23866]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2894.579180][T23866]  ? lock_downgrade+0x690/0x690
[ 2894.584071][T23866]  __do_sys_clone+0xba/0x100
[ 2894.588705][T23866]  ? kernel_clone+0x890/0x890
[ 2894.593445][T23866]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2894.599395][T23866]  do_syscall_64+0x39/0xb0
[ 2894.603864][T23866]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2894.609817][T23866] RIP: 0033:0x7f403688d591
[ 2894.614259][T23866] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2894.633901][T23866] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2894.642352][T23866] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2894.650360][T23866] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2894.658377][T23866] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2894.666397][T23866] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2894.674497][T23866] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2894.682529][T23866]  </TASK>
[ 2894.697838][T23861] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2894.742672][T23866] memory: usage 307184kB, limit 307200kB, failcnt 20463
[ 2894.748439][T23863] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2894.750048][T23866] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2894.769420][T23866] Memory cgroup stats for /syz4:
[ 2894.769684][T23866] anon 114688
[ 2894.769684][T23866] file 8380416
[ 2894.769684][T23866] kernel 306061312
[ 2894.769684][T23866] kernel_stack 32768
[ 2894.769684][T23866] pagetables 77824
[ 2894.769684][T23866] sec_pagetables 0
[ 2894.769684][T23866] percpu 5477376
[ 2894.769684][T23866] sock 0
[ 2894.769684][T23866] vmalloc 0
[ 2894.769684][T23866] shmem 8380416
[ 2894.769684][T23866] zswap 0
[ 2894.769684][T23866] zswapped 0
[ 2894.769684][T23866] file_mapped 405504
[ 2894.769684][T23866] file_dirty 0
[ 2894.769684][T23866] file_writeback 0
[ 2894.769684][T23866] swapcached 0
[ 2894.769684][T23866] anon_thp 0
[ 2894.769684][T23866] file_thp 0
[ 2894.769684][T23866] shmem_thp 0
[ 2894.769684][T23866] inactive_anon 4096
[ 2894.769684][T23866] active_anon 8491008
[ 2894.769684][T23866] inactive_file 0
[ 2894.769684][T23866] active_file 0
[ 2894.769684][T23866] unevictable 0
[ 2894.769684][T23866] slab_reclaimable 38216
[ 2894.769684][T23866] slab_unreclaimable 300379280
[ 2894.769684][T23866] slab 300417496
[ 2894.769684][T23866] workingset_refault_anon 0
[ 2894.769684][T23866] workingset_refault_file 0
[ 2894.769684][T23866] workingset_activate_anon 0
[ 2894.769684][T23866] workingset_activate_file 0
[ 2894.769684][T23866] workingset_restore_anon 0
[ 2894.769684][T23866] workingset_restore_file 0
[ 2894.769684][T23866] workingset_nodereclaim 0
[ 2894.769684][T23866] pgscan 0
[ 2894.769684][T23866] pgsteal 0
[ 2894.769684][T23866] pgscan_kswapd 0
[ 2894.769684][T23866] pgscan_direct 0
[ 2894.769684][T23866] pgscan_khugepaged 0
[ 2894.769684][T23866] pgsteal_kswapd 0
[ 2894.769684][T23866] pgsteal_direct 0
[ 2894.769684][T23866] pgsteal_khugepaged 0
[ 2894.769684][T23866] pgfault 387905
[ 2894.769684][T23866] pgmajfault 0
[ 2894.769684][T23866] pgrefill 0
[ 2894.769684][T23866] pgactivate 0
[ 2894.769684][T23866] pgdeactivate 0
13:49:09 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x7001000000000000)

[ 2894.769684][T23866] pglazyfree 0
[ 2894.769684][T23866] pglazyfreed 0
[ 2894.769684][T23866] zswpin 0
[ 2894.769684][T23866] zswpout 0
[ 2894.769684][T23866] thp_fault_alloc 0
[ 2894.957565][T23851] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2894.973491][T23848] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
13:49:09 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f7765"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:49:09 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

13:49:09 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xdb)

[ 2894.998968][T23866] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23866,uid=0
[ 2895.015541][T23866] Memory cgroup out of memory: Killed process 23866 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 2895.033930][T23855] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
13:49:09 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendfile(r0, r0, &(0x7f0000000100)=0x1666, 0x943)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x8094}, 0x4)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f0000001c80)=[{{&(0x7f0000000180)=@un=@abs={0x1, 0x0, 0x4e23}, 0x80, &(0x7f0000000240)=[{&(0x7f0000001d00)="cda5d356cc488c63bc40890fe0af3f624ca3f3aa60cb2efada87f1396fdd2771eb001e7fb0070ffcc77f9eb45bcf23ff8a7ba06a3eb3cf7993d319b21e6746005974328357d74faa6160b35d72662583d1e26d01d2c70c9e777fdd46c3695df489a7b3bb608c92f06d6d82f87baf79fc7ef27a70c28376cf63009bc07e58860a8c3646b2db18463a681f4192faf540e56fb0b0d685354c43ab", 0x99}, {&(0x7f0000000380)="a63ee2f1c4665526dbf19dc833c79ae52a6dd5b32d400a82d31056f5a414932e374ab74a3619530f1260fe27c7fcd374acc534e5f4de63d3206f129d13355b19e849b571ffea6e5409e6a4fb2b195076c2d1e59a31252431aefbd4b10c9ed01670f79800c0869abdeed7adff046511418ef0c3ed1f68a54c162167d74ac9c8862ac8995a918d3aa13334c61b92a5173075e5c2a0ad64b7b960f74c", 0x9b}], 0x2, &(0x7f0000001dc0)=[{0x40, 0x29, 0x0, "facdb3666be624a9e504fe32dd294059c27753b49b8230d2731a566ab92f70bf45b7f529de4548775570"}, {0x198, 0x112, 0xfffffffa, "5f09d6c22a2c34e93efa24e359203612fc11e7d93ac2e2db0c2e2f6c5408592dcbb5b4705938b4e70fa239067d3a646dbe99f551fba38e294ea649f01d5ffb81de86f3f2303ec748089c56689125f2187d61d043c7e1417eab63d247494474dbaeafc79a0f336c81a7aa78f4ebf1def2943f85c3535e13e598766849c1452a421cbda9f3fdfba96e52d4ab0895f8da7369d0487d253a750d783316ee51a24155219ce68b0d5753aaf5e1d6f6c2cc7cae9a911d93e8a9af1681482bf6112b07cef9a13860dce61c4415b7ae786dab1926223f4271c32ea0797ed406b259bae4d472181c5c6fdcc1b96d84c44be05839a81f3592d7e3a65fe67229acce6b8d34659c91d0de37765eb76ba60fb3aeb1d627bb97153cd6d59b8ab202650487c241348b6893198cbe622828f7e22668c352a15d83803ee5aa3e14ed32eaaa55ff2f4779d491fc5bd8e2d5e595ca44a4ecb2b550063fd78b9c30126351e22531bf9b0fc3ba35372da914f739280771f8199da376f89de8a4ac0cbaf50e6c259ee8448af6919cb79a"}, {0x80, 0x10c, 0x49, "2b8ee5837012bcd1e2ff653028109693b23b9019f69a436922bcb615ca848f82fa95fed966adb3c43fbf2d1cc23dda0428325326915579f68cbf1bff435255818691082643cf08dbd28c0cbd386a4fdb7726a0e1bfbe51b79d8b5344fdbe3573b2f688a6c07ea15927"}, {0xa8, 0x112, 0x846, "d3217788bab33ac08a13307c88e00f6c8a925c213e062b41622ba1acaa8b09abb48892b43f8e851fd9313db64e75b501e7d0cc7fecba26cb64f47309f7279697e4468e93d317031f68ed27212b7b7d90ca86d292010a4ef2118b5f840b7b2f9619d8423249c85e67568106b6becb256362db0a7cd8810dd08feb9b96a921bfd3e8cfec6871e1011aa7f0c86110a464ffb9c3cde54f0f1ae0"}, {0xb0, 0x111, 0x1ff, "53e9b34f3b906165a2fc001a44286e21ef943e0ade52f94e49995c977f27de9529e64b33fc1fbb1d5b316bd9ccce673a35d210586e498b5de408864ca6ca05fec0f6fc338e3335985cb2ddd1a62af15f6d2e512beea2c7bb50b571753211b25f1a253de942a0612236a94f138d241d1a16e301e00a7a31907809be96607cc39be9860ec897cbbcc69fc3096a7cf74f73f5bd39e9f1207b812a2923"}, {0x58, 0x113, 0x0, "59df65e7eabcd61ca89aeca7b8af7988b1ae6c4c6d983a3abe84cd3b6f5c229d1920585e7fe500df97fe7da85740917d45d3a8f813edc249ede961d08377efa786ad67"}], 0x408}}, {{&(0x7f0000000500)=@isdn={0x22, 0xc5, 0x40, 0x5, 0x6}, 0x80, &(0x7f0000000600)=[{&(0x7f0000000580)="734ec42ef9adfcc3d43bcd688856edea1b4a766e1836a0984ae2a801c2ce29325287f2b9912a570a85f5105975dfcb8b4952e5056c0604babe9bb650b3c29ad870e1551a431e88ca6a2ee90692c7416ec5b1524d213bc8e6a77438b3e1", 0x5d}, {&(0x7f0000000280)="c594b763253a72d0df7cdc6318ed6ad2b448c7ffc80a1ae3391a59365662910c39b7bbd9c6713209cf5921f15ea40ef25ca75f815a211a", 0x37}, {&(0x7f0000000a40)="f27c6f5ca4170428eaa8c4bdf0e61e2d3377fcb52b2a1cf561838ff79430549fe178398db82d374c5bda23cd97dfc2d466b1bf4d3ec6cbe4672b9988724c3d0b2d761ac3bbfb211eae15d493166dd51cf64edce31a8fa58ea9efa1977f0e8aad1ba8cb376dbf2d6fe56f688d09aca1bd5086365cee7168ef7e5b47d2f02e0d9d9a35be0a5ca4a8e770d9d0f3411d71ccf07991ae69bfdc7447c5a16117c07c67f62a0165a72c9cedb7e5bf2fd4ea09ceb597c6a38acf767c", 0xb8}, {&(0x7f0000000b00)="43c4231e54e239412328a711c1b26d924aa9ead53cb3429133a837815ff14fe34c1908fac6c8105f38a9882de6b4a1cc977155190c2ab2a5a0edeff1413e087f917630c9c655557f91d9a74e0f853027841379f0d2091e6b11235f67b99a60dbd6705001446b1cba9c164d60c5457411b314af4638a1c283b4be49a5400bf13aa09032c849e22f488a0a05658eedd1a791d8e641fb4516683a3f3d254b4113de5573155a43", 0xa5}, {&(0x7f0000000bc0)="35c37f778f4b7f0c49326cb5425c95307ce6da0c9a081fa92611d7e8111a73234f7d47cfe8d47f3adfd06dd664de2cb303de059dbcd43223bedca2edf444e020175cd0d2343098b51d18add804ca40709f689a947a8abd1dd9cf87ed9df38626b300fe1e3aaa946da107985febbc6b8f2f0d44f18830caa432e2f4cd7e3e7511bb66fbbf731882793a579ffe0a1f3def2b", 0x91}, {&(0x7f0000000c80)="13eb20a8d05130f0cf5dde743f785ed0465c8226085ce15fb2cce71cc0009e59a15da66bf06bbaee2886eacd5549e9f41f1dbf9a4da74fcddea7830a256ecb9528c50d7e2b974ecaa06ff82515c0f701611ad2636ca9608bea3a40d3577c67adc40f47f3c1137c9e3478b5730c5243650ff306d1cf3c91428dbb7b7cbc60df75d812da77a179870c97bb9622e9aa1d2767742bed4006d4ab4ec2d9c16216482b36136e08ac2b0d7904dbf8ef6efe00234bd1a8c5392cb2bfe44220c43ba7015f7c24d130352ca25af3ac9578de5e950a79eaf24a278671453d232ae3152469ed9c95f2675dd01535f9207a75ecd3b52b616200bee55053c0bdf8cf247a7a436f0738bae491fbd306f53521a3965760e091f9ab507cbb5bfea6662382fe0feedb6c0602c6ea2b7a3541ec0e0b446711600b0feff115da41f7a16b181e758dca48e56e000cb356a11695ee07bbb4ad9cb249ca91a5f080b05af55214981204b23940699964da9d7326e040bad2acfecb7732f437cc063b044fa853e3c6966cbafd0070cedc421f3dd6adaa7518930ac1a5bb4d238e8c51c0bfad593f4be032505e3259afcc7d73cf1e8e7e0a64cb677bd71908bb00e0936d08bf1b43322eab244b655faffd384f86f63eabd45687bb1e91aafb301b63a1e2e5b788dc125eb86a30129994195cff6e8260b1477a615cf452c21cd0d137cba77a1325d37e54f17071ff9486bf9b883d48049e19e7804b4d77a0a0eed7fc3ed3d8d135a5c00c31ecdb6a4f16852004a8f9f22c8dd683fd2d28860173a4ce838b65f1ad7b3d1888599a90d5b322d309a7c035177cd385704c3d6168e83b645254ac36d3dd327fa688b09e6a7261f7207180b7d3c7541071d5f896c28fa1c0bbfc26f3c85c7ad34b576dd5d9602837c12a2cd59220390f8061d91ac00a1c8391ed1b7d31b49b875f9fea6ac9cc4f25da1b612ea67e540cd834b17804bd1b76defeba58cf5162e133143fe761fb7c135d31a280748e4f857111343e6c317f39ca9114b1ba2891b76631f6a48573d294eaad79a14eabc5bc7cdfd2a53e86d51f31aabd443972aa90aa882b6531247cfd4544ab550c15417d5415bc43a859bfeb4d47218b2562548e82abc99b72d023039f99c68467ae841fa13b65c55d993e0b914ae61d1d10a2fbeceacabe7868d174e3b985856c236711ceb4bbfc9194997327ca65b8053cf74ec8e053761b4c7936375949e157777489df861aa949bbef1d531f17e7da55c663fe4d41fe98887acd3af03e1201d3a1e2e4ab627cc5ca760379b8cb98edb196c6dac846471accbe7225a8830985ed68482311e9b4fb6ebccfd63410b4433e9159be12741a126897b9e904dffa12a2fe60adaa47341e2d01b818acd9f5643b25bc3f6e11a40d49739f77a13fbe27d2bb9b780cec44c813ff2354aa5ad2e0998bf80cdb112c540b0448ee4f393b4f9e3e120b81a1332031040f6a4d04c7983f44eda19f7a1cf3a6920e724386cd5f7ce90fac1456c5cc8d34c5e585504f60790d3c89d24eff5976f63d7a13aa97659771ffef3fade68e4a9f9c1b5ecdaa59eb77598140b44f82502f21b06fcf03d2ecbc439b4081f465f249b8090f2a7f871783a576bbf169c0cedbf3c54c114474b1d8c39027d343723c56fe589fe2eb8d3fec2a3c7e3c3830e89e80aa39ede315c13607131729af2f553011c7d1de56e6b76c0fd1d4af54275d66dd4056ebe47b974f032eb6a836aab32852b60ff8a7568d7549b81a8020954665c2e245816c169e4aa51d1889d1af29cc048c921e7072c2591b3b6276b5111739da3eb6d9005134a5642cbd5316e97081e247a8a8098db18072274b68022e9d4561410cce7856e8c4b6ffd6dee74d72e05da086f541f5f1335041a3b8db399e221e725f269efa2636891b5c778d862e9527e83858e40a0f271b871aa4df0a0b48e4e1c7b4d9c09a68cb6e3e835ca9423c7d69d2fbf566267b3fef65dcf4c489f6e951cf94922d0b3625e1db804e03feda6d3dab692e5416acc5ae5be54bab43b13ab8dd254f0ef550bbdef77bcdccca5bc64a10f2f31f0d0fffe8678e44fca98b686a11b335ce5b414c96ec7df910167ab9fc583ec63941fb4d5070b541bf25816343f421fa7bf77059f51b9745eb0b49de7baedd6f1eac64256e6460a39e6d9cf2ad0f9ba45ddb0b7d2c25177224cee7100e4f6a1c3fe28e6376a0d8667f802a6ae726a3bbab8b122d1d6e80873030555d0e1b0233b37ca50325107aeb30c01157fedf441c13b18cab5c2de880ef39c177c8cd310638861e42642d89cc988a7784772174a8824821339d284dc5100f1bb332e58e4c1904880a6be95a77023c51aec0f0a05a714f362753452ba881f84edc6ea21ff40b3a48c0f730dbdac5fa3b5481e742cec5c6159b055b4173964bdfcc9985887e3a864ed2fb9247fd1efcec0c361914c4dfdc50ab3f695bf3374661947895913a4c5100b70788563ec7ec093f050d9cb27712058c7523b4277e1624da0326e0af396722acd83153c72d898bf4186891f23054b4773c981490f9ce7f63c38b66825bcaeadd51dc793ecf8aab2867fa33e5b48ee5bc1a1fd7831aa8d3e07adfcef94820d5ca489d8f15ce95f337a28f8719d1fe22c21caee22a15fdc59de91d50b7de6dccc80ed3e2f9982813002da1ce823bddea4a00b843723d196dbe2d1f2a015a03bb487f052b7c6255715cbf015de435ddba87e049d0a7e9e299f134b531954ca4a077cb0b216447a417c03b9441191a41c4631c6fbd62095a21238ddacc4ddeede29db6a93a4c7fde30c0934d5f4919a251bc117feff13f5a7955df310e7aeb5a1b40111b5d207c2d2fb3640c27be468377e29388d7593ca25947eb6f3cf1c923d8b3e75b6e5f6b2f50dcb72975efa48a2300a454ff2091884fd6050b5bb1ff3f539cdfcbdc10398437ea7576c034dd9d1681c9cfd589554a43a780a5c16d27afdc352dcf6196a99b0b17d59bd949f1b97acae5dfe27a2117746ee57ffea5c6362390277c518098b1ef72ad85c1ad92e9ebf9ed254506c77f39224f97be0d65c94161ebd91fc2f3678454e4d0dad58d6c30d8b6008d5badb8b37f78c2351160dae0df985b350068fa3a98d178d14547d850fda5b38c109d091bdf8d6d9b79a039842991a63b55ed80df994501824f95ff217fc6046f4b5b9a9163a6229a784da1adbda66cf6f22d90083a457f8b80ca22826e853cc3df19ca0a9d56830133f98e436f126f629c5378f6da2f2e3e02b8dfbfdd0f29ce05ab4afcea6240a8af75f25c1e93eb511d1d7d9585f01ad03b8d50ea93063abf14569b19af7f06b10d86de551e091f0d9d755f8a49b51d57387f2c3b5158e1f7e0accd750f3db54b13b1136653fc39a71003ad0c8dd777722ffa7aae60283c0c4b4f1715b2fd13081d777dc63dd66764149172a7a01d827c729b4a865c81c25d396bc747fe34b2ca23f66337787546165bf1a0f0550fffdb070f839dfc8e7a854afd2d9823b5212fb0b213a15ed088ad2439b00948815bf0d7578b8384e2d518796f5a3e0cb87002dc525147a185f181d2a1cdf751650407d05608298e077614e0d5c7823cef7714d7246b9a4d7aa7a10b83308b4532979d1c74bef260ded0d16bf7759c84b4fb7b1cf09a7c75874a754ee3dc0b9037c289c152c7af6e9e83dc917796d374b6ff94bb96a990fbae645a3b42864e7dbba7c5f890fdc0e9a7e0794a3fcfa675b9f20e205c58df22acc7416210fda92d38b2a5ef9dd4140aa7fc5a3899538312993329726e4e178d2b054c45cf87018a29bd48e6ba8efe900cabf1b95fd41a2745deefa3227880b42be25906d476de1c9a0dfcbbdd702d1d5758c03773660fd6d50ea5a13d3313c579e0fb1efbed9f46a977cfc29a9e0d8f84158f74a372d359df3f6955a099ed6e5e01980ce0f3af23dd934690498329fea1124d2e8a544c6f149a1568aa36e8c1ea3c777cdb0f5f54b5c1bc5cb074683f0106b73e149e1019b2ce113e55f9e783061a25beecd60ee185374b111c121a4279f695d1e8753fb2b2d23bd763008555da94750a2280d019f3427f5fde18171638724373064c24a501bddabf87d36cd358097cccc336aad6a3f7f4c7001b35ee4c7bccedad0ce70c6de0621be2faf3a7f6f81977b62ed9732c696eb7c359e11dc7ea19a3e0e8368191dbcbcec410ad08af1a496618e91ed0459d176fd05dcad99623c305d449851cd2e521aecf43c32a56ff69c4e580f4e64e483da01ceb933c01852b4b35119f9c59b194463f61dbe3f6e82a20e74b12f0dc5cb204a027f66e31bb3a03d428f2e3d6a7b73cf380fb9f44b76d3fcf7baa5b6eefa125eb4833763c6f8775a974331576e5726e6f52d339c7ae2af1ef1ee79174a3a569c9d87eca581f9395192be3c75288139d6264b39f34fac9379edfc6a5b6b9a291e08d8e8cccee754bd1a5bcc090081aa3ca786691bdd97dc7a49292563d9fd94f7d79334ba32a7573425fba5fd11f14e5617c91bc38c2c9b0c9b99c1fcef7a1b5e39168912bd38a910e8aa28f72c125056053558f8122265c2a2f66f22856d45bcb85f954e928658936bf5fd7c253be74c7af8076a0d885d3037d76bdce78d5be83e34d6a26b137021868928d1977baacef3378bf414ecbfad2379bc95aa1974fd43ef1e88fe7a289f5017358cfcc00d47d20dc21518ac20e79b2448df1d36294ac219d53f705efe1a5de51806a1491df58fe0dad56388e836248badc8c45a70c0c7ce1584f5622ce63c278c7d1ddf84603b747dccbf02c7488c84ec05a98185d208b6254b28129548beb4eda40cb214dc8c84e78c9446a505b31f972824c64cb1833b7679875189266b4ab45244edd2e4865fd3a65c9e9624a504140961c3031f77cbf0bb3ce93b225096b4ff109cf05b668e74226a1ddac11dea395d2f220031d786a8e02c5952da84ed468af03165b2f3859525e66f528c0e09503cfb71bbe90fd9eccf26dc532dfeb8ae49e3193b7b9768b44634029ee30f1dcbef6882e7d05d05140aa5bf2ace309b82da5266f5c608147a102d84ebb7313d1b8f5e63cd03147f9724414909658ffcf1772128131d7704cf45260c9d46199c49fc8a7b5aecaec3a0f328283c39402e5138e218be76ee860d74179760a1a76b3552383e2986df925789806f4009c7bac256712d40cdd1c2aa70c20c1f8cf3647bdcae2f00c95fc3f8ae850ba13c48e466f57f4bbd31dec6c7e16c26707b14d4620e8c9b8a707c72f5659f95f028d2d1893c8aaba9295aa1bf3057c053291ecae2108949aaf9244f5b4309becaf51ce9f349dec96ea7b840a28677f8d39c03ba41207895393d46383fd7cd3da38887a3f6722e39c7c3a21b9d68ebc1d8feb7c0b58dc40e777492208b617edd23778d3804f7f1c8d8fd15b60d362d1b71cdc4afce18379813be259d630ca6862847ad2ea940cb35a0380b2be9a4acae89314cfbd9d8f48d1041525db73a68a63e13cf327de178253a4e143ac7c5dfd7d56fb30cc40b52671602560d0efbee3036b0b8dce822124575fb9491b77025a156eb3e1089df8caa6812e7b6f22acfb0166d721b6b1d15cc1490ba3a996c276d41d5c7f6bd3b4fe01c850fe44bbd53991cbca291417fde10fbc5e4ea3fa47856de8cbdcee732be107da1ef8ffce752ed0911ddfc6eeed2ae16277e1bdbef99bec48e04b40218002b7af1e33eca29d7f11f3ee6b80c960e5b79bf9d29de8c765352489c9bbd584521493f8fa2c6da4226e439857cbfd61ab459ddf30642e57f59a", 0x1000}], 0x6}}], 0x2, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2895.080619][T23868] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
13:49:09 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="440000001300290a000000000000000001000000", @ANYRES32=r4, @ANYBLOB="00000000000000001c001a8004000280030005000800000000000000080000000000000008000c0000000000"], 0x44}}, 0x0)
setsockopt$MRT6_ASSERT(r5, 0x29, 0xcf, &(0x7f0000000080), 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000008c00270d000000000000000004000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2895.264072][T23879] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2895.281169][T23879] CPU: 0 PID: 23879 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2895.291762][T23879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2895.301865][T23879] Call Trace:
[ 2895.305215][T23879]  <TASK>
[ 2895.308158][T23879]  dump_stack_lvl+0x136/0x150
[ 2895.312873][T23879]  dump_header+0x10a/0xd70
[ 2895.317326][T23879]  oom_kill_process+0x25d/0x600
[ 2895.322205][T23879]  out_of_memory+0x35c/0x1660
[ 2895.326933][T23879]  ? find_held_lock+0x2d/0x110
[ 2895.331735][T23879]  ? oom_killer_disable+0x2b0/0x2b0
[ 2895.336975][T23879]  ? rcu_read_unlock+0x9/0x60
[ 2895.341716][T23879]  ? find_held_lock+0x2d/0x110
[ 2895.346536][T23879]  mem_cgroup_out_of_memory+0x206/0x270
[ 2895.352132][T23879]  ? mem_cgroup_margin+0x130/0x130
[ 2895.357279][T23879]  ? lock_downgrade+0x690/0x690
[ 2895.362181][T23879]  try_charge_memcg+0xf99/0x13a0
[ 2895.367168][T23879]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2895.373229][T23879]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2895.379034][T23879]  ? lock_downgrade+0x690/0x690
[ 2895.384399][T23879]  ? lock_downgrade+0x690/0x690
[ 2895.389948][T23879]  __memcg_kmem_charge_page+0x16e/0x3c0
[ 2895.396476][T23879]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2895.402803][T23879]  copy_process+0x1442/0x75c0
[ 2895.407525][T23879]  ? __lock_acquire+0xc17/0x5f30
[ 2895.412705][T23879]  ? pidfd_prepare+0x80/0x80
[ 2895.417354][T23879]  ? psi_memstall_leave+0x174/0x250
[ 2895.422795][T23879]  ? lock_downgrade+0x690/0x690
[ 2895.427782][T23879]  kernel_clone+0xeb/0x890
[ 2895.432253][T23879]  ? create_io_thread+0xe0/0xe0
[ 2895.437241][T23879]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2895.443617][T23879]  ? lock_downgrade+0x690/0x690
[ 2895.448537][T23879]  __do_sys_clone+0xba/0x100
[ 2895.453265][T23879]  ? kernel_clone+0x890/0x890
[ 2895.458005][T23879]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2895.463981][T23879]  do_syscall_64+0x39/0xb0
[ 2895.468505][T23879]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2895.474456][T23879] RIP: 0033:0x7f403688d591
[ 2895.479341][T23879] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2895.499087][T23879] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2895.507631][T23879] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2895.515820][T23879] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2895.523849][T23879] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2895.531871][T23879] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2895.539980][T23879] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2895.548095][T23879]  </TASK>
[ 2895.559913][T23879] memory: usage 307192kB, limit 307200kB, failcnt 20577
[ 2895.568336][T23879] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2895.575388][T23879] Memory cgroup stats for /syz4:
[ 2895.575587][T23879] anon 114688
[ 2895.575587][T23879] file 8380416
[ 2895.575587][T23879] kernel 306061312
[ 2895.575587][T23879] kernel_stack 32768
[ 2895.575587][T23879] pagetables 77824
[ 2895.575587][T23879] sec_pagetables 0
[ 2895.575587][T23879] percpu 5477376
[ 2895.575587][T23879] sock 0
[ 2895.575587][T23879] vmalloc 0
[ 2895.575587][T23879] shmem 8380416
[ 2895.575587][T23879] zswap 0
[ 2895.575587][T23879] zswapped 0
[ 2895.575587][T23879] file_mapped 405504
[ 2895.575587][T23879] file_dirty 0
[ 2895.575587][T23879] file_writeback 0
[ 2895.575587][T23879] swapcached 0
[ 2895.575587][T23879] anon_thp 0
[ 2895.575587][T23879] file_thp 0
[ 2895.575587][T23879] shmem_thp 0
[ 2895.575587][T23879] inactive_anon 4096
[ 2895.575587][T23879] active_anon 8491008
[ 2895.575587][T23879] inactive_file 0
[ 2895.575587][T23879] active_file 0
[ 2895.575587][T23879] unevictable 0
[ 2895.575587][T23879] slab_reclaimable 38216
[ 2895.575587][T23879] slab_unreclaimable 300381896
[ 2895.575587][T23879] slab 300420112
[ 2895.575587][T23879] workingset_refault_anon 0
[ 2895.575587][T23879] workingset_refault_file 0
[ 2895.575587][T23879] workingset_activate_anon 0
[ 2895.575587][T23879] workingset_activate_file 0
[ 2895.575587][T23879] workingset_restore_anon 0
[ 2895.575587][T23879] workingset_restore_file 0
[ 2895.575587][T23879] workingset_nodereclaim 0
[ 2895.575587][T23879] pgscan 0
[ 2895.575587][T23879] pgsteal 0
[ 2895.575587][T23879] pgscan_kswapd 0
[ 2895.575587][T23879] pgscan_direct 0
[ 2895.575587][T23879] pgscan_khugepaged 0
[ 2895.575587][T23879] pgsteal_kswapd 0
[ 2895.575587][T23879] pgsteal_direct 0
[ 2895.575587][T23879] pgsteal_khugepaged 0
[ 2895.575587][T23879] pgfault 387943
[ 2895.575587][T23879] pgmajfault 0
[ 2895.575587][T23879] pgrefill 0
[ 2895.575587][T23879] pgactivate 0
[ 2895.575587][T23879] pgdeactivate 0
[ 2895.575587][T23879] pglazyfree 0
[ 2895.575587][T23879] pglazyfreed 0
[ 2895.575587][T23879] zswpin 0
[ 2895.575587][T23879] zswpout 0
[ 2895.575587][T23879] thp_fault_alloc 0
[ 2895.707611][T23874] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2895.967444][T23879] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23879,uid=0
[ 2896.014349][T23879] Memory cgroup out of memory: Killed process 23879 (syz-executor.4) total-vm:54548kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:49:10 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0}) (async)
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="440000001300290a000000000000000001000000", @ANYRES32=r4, @ANYBLOB="00000000000000001c001a8004000280030005000800000000000000080000000000000008000c0000000000"], 0x44}}, 0x0) (async)
setsockopt$MRT6_ASSERT(r5, 0x29, 0xcf, &(0x7f0000000080), 0x4) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000008c00270d000000000000000004000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2896.121984][T23873] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2896.220753][T23888] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2896.250417][T23888] CPU: 1 PID: 23888 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2896.261103][T23888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2896.271371][T23888] Call Trace:
[ 2896.274764][T23888]  <TASK>
[ 2896.277839][T23888]  dump_stack_lvl+0x136/0x150
[ 2896.282560][T23888]  dump_header+0x10a/0xd70
[ 2896.287027][T23888]  oom_kill_process+0x25d/0x600
[ 2896.291921][T23888]  out_of_memory+0x35c/0x1660
[ 2896.296647][T23888]  ? find_held_lock+0x2d/0x110
[ 2896.301458][T23888]  ? oom_killer_disable+0x2b0/0x2b0
[ 2896.306783][T23888]  ? rcu_read_unlock+0x9/0x60
[ 2896.311679][T23888]  ? find_held_lock+0x2d/0x110
[ 2896.316606][T23888]  mem_cgroup_out_of_memory+0x206/0x270
[ 2896.322203][T23888]  ? mem_cgroup_margin+0x130/0x130
[ 2896.327355][T23888]  ? lock_downgrade+0x690/0x690
[ 2896.332263][T23888]  try_charge_memcg+0xf99/0x13a0
[ 2896.337259][T23888]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2896.343289][T23888]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2896.349069][T23888]  ? lock_downgrade+0x690/0x690
[ 2896.353971][T23888]  ? lock_downgrade+0x690/0x690
[ 2896.358869][T23888]  __memcg_kmem_charge_page+0x16e/0x3c0
[ 2896.364468][T23888]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2896.370780][T23888]  copy_process+0x4f9/0x75c0
[ 2896.375434][T23888]  ? __lock_acquire+0xc17/0x5f30
[ 2896.380427][T23888]  ? pidfd_prepare+0x80/0x80
[ 2896.385163][T23888]  ? psi_memstall_leave+0x174/0x250
[ 2896.390578][T23888]  ? lock_downgrade+0x690/0x690
[ 2896.395915][T23888]  kernel_clone+0xeb/0x890
[ 2896.400460][T23888]  ? create_io_thread+0xe0/0xe0
[ 2896.405454][T23888]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2896.411757][T23888]  ? lock_downgrade+0x690/0x690
[ 2896.416666][T23888]  __do_sys_clone+0xba/0x100
[ 2896.421314][T23888]  ? kernel_clone+0x890/0x890
[ 2896.427381][T23888]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2896.433327][T23888]  do_syscall_64+0x39/0xb0
[ 2896.437904][T23888]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2896.443932][T23888] RIP: 0033:0x7f403688d591
[ 2896.448458][T23888] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2896.468189][T23888] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2896.476635][T23888] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2896.484745][T23888] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2896.492782][T23888] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2896.500970][T23888] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2896.509064][T23888] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2896.517188][T23888]  </TASK>
13:49:11 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xdc)

13:49:11 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r1, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r1, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

13:49:11 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendfile(r0, r0, &(0x7f0000000100)=0x1666, 0x943) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x8094}, 0x4) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f0000001c80)=[{{&(0x7f0000000180)=@un=@abs={0x1, 0x0, 0x4e23}, 0x80, &(0x7f0000000240)=[{&(0x7f0000001d00)="cda5d356cc488c63bc40890fe0af3f624ca3f3aa60cb2efada87f1396fdd2771eb001e7fb0070ffcc77f9eb45bcf23ff8a7ba06a3eb3cf7993d319b21e6746005974328357d74faa6160b35d72662583d1e26d01d2c70c9e777fdd46c3695df489a7b3bb608c92f06d6d82f87baf79fc7ef27a70c28376cf63009bc07e58860a8c3646b2db18463a681f4192faf540e56fb0b0d685354c43ab", 0x99}, {&(0x7f0000000380)="a63ee2f1c4665526dbf19dc833c79ae52a6dd5b32d400a82d31056f5a414932e374ab74a3619530f1260fe27c7fcd374acc534e5f4de63d3206f129d13355b19e849b571ffea6e5409e6a4fb2b195076c2d1e59a31252431aefbd4b10c9ed01670f79800c0869abdeed7adff046511418ef0c3ed1f68a54c162167d74ac9c8862ac8995a918d3aa13334c61b92a5173075e5c2a0ad64b7b960f74c", 0x9b}], 0x2, &(0x7f0000001dc0)=[{0x40, 0x29, 0x0, "facdb3666be624a9e504fe32dd294059c27753b49b8230d2731a566ab92f70bf45b7f529de4548775570"}, {0x198, 0x112, 0xfffffffa, "5f09d6c22a2c34e93efa24e359203612fc11e7d93ac2e2db0c2e2f6c5408592dcbb5b4705938b4e70fa239067d3a646dbe99f551fba38e294ea649f01d5ffb81de86f3f2303ec748089c56689125f2187d61d043c7e1417eab63d247494474dbaeafc79a0f336c81a7aa78f4ebf1def2943f85c3535e13e598766849c1452a421cbda9f3fdfba96e52d4ab0895f8da7369d0487d253a750d783316ee51a24155219ce68b0d5753aaf5e1d6f6c2cc7cae9a911d93e8a9af1681482bf6112b07cef9a13860dce61c4415b7ae786dab1926223f4271c32ea0797ed406b259bae4d472181c5c6fdcc1b96d84c44be05839a81f3592d7e3a65fe67229acce6b8d34659c91d0de37765eb76ba60fb3aeb1d627bb97153cd6d59b8ab202650487c241348b6893198cbe622828f7e22668c352a15d83803ee5aa3e14ed32eaaa55ff2f4779d491fc5bd8e2d5e595ca44a4ecb2b550063fd78b9c30126351e22531bf9b0fc3ba35372da914f739280771f8199da376f89de8a4ac0cbaf50e6c259ee8448af6919cb79a"}, {0x80, 0x10c, 0x49, "2b8ee5837012bcd1e2ff653028109693b23b9019f69a436922bcb615ca848f82fa95fed966adb3c43fbf2d1cc23dda0428325326915579f68cbf1bff435255818691082643cf08dbd28c0cbd386a4fdb7726a0e1bfbe51b79d8b5344fdbe3573b2f688a6c07ea15927"}, {0xa8, 0x112, 0x846, "d3217788bab33ac08a13307c88e00f6c8a925c213e062b41622ba1acaa8b09abb48892b43f8e851fd9313db64e75b501e7d0cc7fecba26cb64f47309f7279697e4468e93d317031f68ed27212b7b7d90ca86d292010a4ef2118b5f840b7b2f9619d8423249c85e67568106b6becb256362db0a7cd8810dd08feb9b96a921bfd3e8cfec6871e1011aa7f0c86110a464ffb9c3cde54f0f1ae0"}, {0xb0, 0x111, 0x1ff, "53e9b34f3b906165a2fc001a44286e21ef943e0ade52f94e49995c977f27de9529e64b33fc1fbb1d5b316bd9ccce673a35d210586e498b5de408864ca6ca05fec0f6fc338e3335985cb2ddd1a62af15f6d2e512beea2c7bb50b571753211b25f1a253de942a0612236a94f138d241d1a16e301e00a7a31907809be96607cc39be9860ec897cbbcc69fc3096a7cf74f73f5bd39e9f1207b812a2923"}, {0x58, 0x113, 0x0, "59df65e7eabcd61ca89aeca7b8af7988b1ae6c4c6d983a3abe84cd3b6f5c229d1920585e7fe500df97fe7da85740917d45d3a8f813edc249ede961d08377efa786ad67"}], 0x408}}, {{&(0x7f0000000500)=@isdn={0x22, 0xc5, 0x40, 0x5, 0x6}, 0x80, &(0x7f0000000600)=[{&(0x7f0000000580)="734ec42ef9adfcc3d43bcd688856edea1b4a766e1836a0984ae2a801c2ce29325287f2b9912a570a85f5105975dfcb8b4952e5056c0604babe9bb650b3c29ad870e1551a431e88ca6a2ee90692c7416ec5b1524d213bc8e6a77438b3e1", 0x5d}, {&(0x7f0000000280)="c594b763253a72d0df7cdc6318ed6ad2b448c7ffc80a1ae3391a59365662910c39b7bbd9c6713209cf5921f15ea40ef25ca75f815a211a", 0x37}, {&(0x7f0000000a40)="f27c6f5ca4170428eaa8c4bdf0e61e2d3377fcb52b2a1cf561838ff79430549fe178398db82d374c5bda23cd97dfc2d466b1bf4d3ec6cbe4672b9988724c3d0b2d761ac3bbfb211eae15d493166dd51cf64edce31a8fa58ea9efa1977f0e8aad1ba8cb376dbf2d6fe56f688d09aca1bd5086365cee7168ef7e5b47d2f02e0d9d9a35be0a5ca4a8e770d9d0f3411d71ccf07991ae69bfdc7447c5a16117c07c67f62a0165a72c9cedb7e5bf2fd4ea09ceb597c6a38acf767c", 0xb8}, {&(0x7f0000000b00)="43c4231e54e239412328a711c1b26d924aa9ead53cb3429133a837815ff14fe34c1908fac6c8105f38a9882de6b4a1cc977155190c2ab2a5a0edeff1413e087f917630c9c655557f91d9a74e0f853027841379f0d2091e6b11235f67b99a60dbd6705001446b1cba9c164d60c5457411b314af4638a1c283b4be49a5400bf13aa09032c849e22f488a0a05658eedd1a791d8e641fb4516683a3f3d254b4113de5573155a43", 0xa5}, {&(0x7f0000000bc0)="35c37f778f4b7f0c49326cb5425c95307ce6da0c9a081fa92611d7e8111a73234f7d47cfe8d47f3adfd06dd664de2cb303de059dbcd43223bedca2edf444e020175cd0d2343098b51d18add804ca40709f689a947a8abd1dd9cf87ed9df38626b300fe1e3aaa946da107985febbc6b8f2f0d44f18830caa432e2f4cd7e3e7511bb66fbbf731882793a579ffe0a1f3def2b", 0x91}, {&(0x7f0000000c80)="13eb20a8d05130f0cf5dde743f785ed0465c8226085ce15fb2cce71cc0009e59a15da66bf06bbaee2886eacd5549e9f41f1dbf9a4da74fcddea7830a256ecb9528c50d7e2b974ecaa06ff82515c0f701611ad2636ca9608bea3a40d3577c67adc40f47f3c1137c9e3478b5730c5243650ff306d1cf3c91428dbb7b7cbc60df75d812da77a179870c97bb9622e9aa1d2767742bed4006d4ab4ec2d9c16216482b36136e08ac2b0d7904dbf8ef6efe00234bd1a8c5392cb2bfe44220c43ba7015f7c24d130352ca25af3ac9578de5e950a79eaf24a278671453d232ae3152469ed9c95f2675dd01535f9207a75ecd3b52b616200bee55053c0bdf8cf247a7a436f0738bae491fbd306f53521a3965760e091f9ab507cbb5bfea6662382fe0feedb6c0602c6ea2b7a3541ec0e0b446711600b0feff115da41f7a16b181e758dca48e56e000cb356a11695ee07bbb4ad9cb249ca91a5f080b05af55214981204b23940699964da9d7326e040bad2acfecb7732f437cc063b044fa853e3c6966cbafd0070cedc421f3dd6adaa7518930ac1a5bb4d238e8c51c0bfad593f4be032505e3259afcc7d73cf1e8e7e0a64cb677bd71908bb00e0936d08bf1b43322eab244b655faffd384f86f63eabd45687bb1e91aafb301b63a1e2e5b788dc125eb86a30129994195cff6e8260b1477a615cf452c21cd0d137cba77a1325d37e54f17071ff9486bf9b883d48049e19e7804b4d77a0a0eed7fc3ed3d8d135a5c00c31ecdb6a4f16852004a8f9f22c8dd683fd2d28860173a4ce838b65f1ad7b3d1888599a90d5b322d309a7c035177cd385704c3d6168e83b645254ac36d3dd327fa688b09e6a7261f7207180b7d3c7541071d5f896c28fa1c0bbfc26f3c85c7ad34b576dd5d9602837c12a2cd59220390f8061d91ac00a1c8391ed1b7d31b49b875f9fea6ac9cc4f25da1b612ea67e540cd834b17804bd1b76defeba58cf5162e133143fe761fb7c135d31a280748e4f857111343e6c317f39ca9114b1ba2891b76631f6a48573d294eaad79a14eabc5bc7cdfd2a53e86d51f31aabd443972aa90aa882b6531247cfd4544ab550c15417d5415bc43a859bfeb4d47218b2562548e82abc99b72d023039f99c68467ae841fa13b65c55d993e0b914ae61d1d10a2fbeceacabe7868d174e3b985856c236711ceb4bbfc9194997327ca65b8053cf74ec8e053761b4c7936375949e157777489df861aa949bbef1d531f17e7da55c663fe4d41fe98887acd3af03e1201d3a1e2e4ab627cc5ca760379b8cb98edb196c6dac846471accbe7225a8830985ed68482311e9b4fb6ebccfd63410b4433e9159be12741a126897b9e904dffa12a2fe60adaa47341e2d01b818acd9f5643b25bc3f6e11a40d49739f77a13fbe27d2bb9b780cec44c813ff2354aa5ad2e0998bf80cdb112c540b0448ee4f393b4f9e3e120b81a1332031040f6a4d04c7983f44eda19f7a1cf3a6920e724386cd5f7ce90fac1456c5cc8d34c5e585504f60790d3c89d24eff5976f63d7a13aa97659771ffef3fade68e4a9f9c1b5ecdaa59eb77598140b44f82502f21b06fcf03d2ecbc439b4081f465f249b8090f2a7f871783a576bbf169c0cedbf3c54c114474b1d8c39027d343723c56fe589fe2eb8d3fec2a3c7e3c3830e89e80aa39ede315c13607131729af2f553011c7d1de56e6b76c0fd1d4af54275d66dd4056ebe47b974f032eb6a836aab32852b60ff8a7568d7549b81a8020954665c2e245816c169e4aa51d1889d1af29cc048c921e7072c2591b3b6276b5111739da3eb6d9005134a5642cbd5316e97081e247a8a8098db18072274b68022e9d4561410cce7856e8c4b6ffd6dee74d72e05da086f541f5f1335041a3b8db399e221e725f269efa2636891b5c778d862e9527e83858e40a0f271b871aa4df0a0b48e4e1c7b4d9c09a68cb6e3e835ca9423c7d69d2fbf566267b3fef65dcf4c489f6e951cf94922d0b3625e1db804e03feda6d3dab692e5416acc5ae5be54bab43b13ab8dd254f0ef550bbdef77bcdccca5bc64a10f2f31f0d0fffe8678e44fca98b686a11b335ce5b414c96ec7df910167ab9fc583ec63941fb4d5070b541bf25816343f421fa7bf77059f51b9745eb0b49de7baedd6f1eac64256e6460a39e6d9cf2ad0f9ba45ddb0b7d2c25177224cee7100e4f6a1c3fe28e6376a0d8667f802a6ae726a3bbab8b122d1d6e80873030555d0e1b0233b37ca50325107aeb30c01157fedf441c13b18cab5c2de880ef39c177c8cd310638861e42642d89cc988a7784772174a8824821339d284dc5100f1bb332e58e4c1904880a6be95a77023c51aec0f0a05a714f362753452ba881f84edc6ea21ff40b3a48c0f730dbdac5fa3b5481e742cec5c6159b055b4173964bdfcc9985887e3a864ed2fb9247fd1efcec0c361914c4dfdc50ab3f695bf3374661947895913a4c5100b70788563ec7ec093f050d9cb27712058c7523b4277e1624da0326e0af396722acd83153c72d898bf4186891f23054b4773c981490f9ce7f63c38b66825bcaeadd51dc793ecf8aab2867fa33e5b48ee5bc1a1fd7831aa8d3e07adfcef94820d5ca489d8f15ce95f337a28f8719d1fe22c21caee22a15fdc59de91d50b7de6dccc80ed3e2f9982813002da1ce823bddea4a00b843723d196dbe2d1f2a015a03bb487f052b7c6255715cbf015de435ddba87e049d0a7e9e299f134b531954ca4a077cb0b216447a417c03b9441191a41c4631c6fbd62095a21238ddacc4ddeede29db6a93a4c7fde30c0934d5f4919a251bc117feff13f5a7955df310e7aeb5a1b40111b5d207c2d2fb3640c27be468377e29388d7593ca25947eb6f3cf1c923d8b3e75b6e5f6b2f50dcb72975efa48a2300a454ff2091884fd6050b5bb1ff3f539cdfcbdc10398437ea7576c034dd9d1681c9cfd589554a43a780a5c16d27afdc352dcf6196a99b0b17d59bd949f1b97acae5dfe27a2117746ee57ffea5c6362390277c518098b1ef72ad85c1ad92e9ebf9ed254506c77f39224f97be0d65c94161ebd91fc2f3678454e4d0dad58d6c30d8b6008d5badb8b37f78c2351160dae0df985b350068fa3a98d178d14547d850fda5b38c109d091bdf8d6d9b79a039842991a63b55ed80df994501824f95ff217fc6046f4b5b9a9163a6229a784da1adbda66cf6f22d90083a457f8b80ca22826e853cc3df19ca0a9d56830133f98e436f126f629c5378f6da2f2e3e02b8dfbfdd0f29ce05ab4afcea6240a8af75f25c1e93eb511d1d7d9585f01ad03b8d50ea93063abf14569b19af7f06b10d86de551e091f0d9d755f8a49b51d57387f2c3b5158e1f7e0accd750f3db54b13b1136653fc39a71003ad0c8dd777722ffa7aae60283c0c4b4f1715b2fd13081d777dc63dd66764149172a7a01d827c729b4a865c81c25d396bc747fe34b2ca23f66337787546165bf1a0f0550fffdb070f839dfc8e7a854afd2d9823b5212fb0b213a15ed088ad2439b00948815bf0d7578b8384e2d518796f5a3e0cb87002dc525147a185f181d2a1cdf751650407d05608298e077614e0d5c7823cef7714d7246b9a4d7aa7a10b83308b4532979d1c74bef260ded0d16bf7759c84b4fb7b1cf09a7c75874a754ee3dc0b9037c289c152c7af6e9e83dc917796d374b6ff94bb96a990fbae645a3b42864e7dbba7c5f890fdc0e9a7e0794a3fcfa675b9f20e205c58df22acc7416210fda92d38b2a5ef9dd4140aa7fc5a3899538312993329726e4e178d2b054c45cf87018a29bd48e6ba8efe900cabf1b95fd41a2745deefa3227880b42be25906d476de1c9a0dfcbbdd702d1d5758c03773660fd6d50ea5a13d3313c579e0fb1efbed9f46a977cfc29a9e0d8f84158f74a372d359df3f6955a099ed6e5e01980ce0f3af23dd934690498329fea1124d2e8a544c6f149a1568aa36e8c1ea3c777cdb0f5f54b5c1bc5cb074683f0106b73e149e1019b2ce113e55f9e783061a25beecd60ee185374b111c121a4279f695d1e8753fb2b2d23bd763008555da94750a2280d019f3427f5fde18171638724373064c24a501bddabf87d36cd358097cccc336aad6a3f7f4c7001b35ee4c7bccedad0ce70c6de0621be2faf3a7f6f81977b62ed9732c696eb7c359e11dc7ea19a3e0e8368191dbcbcec410ad08af1a496618e91ed0459d176fd05dcad99623c305d449851cd2e521aecf43c32a56ff69c4e580f4e64e483da01ceb933c01852b4b35119f9c59b194463f61dbe3f6e82a20e74b12f0dc5cb204a027f66e31bb3a03d428f2e3d6a7b73cf380fb9f44b76d3fcf7baa5b6eefa125eb4833763c6f8775a974331576e5726e6f52d339c7ae2af1ef1ee79174a3a569c9d87eca581f9395192be3c75288139d6264b39f34fac9379edfc6a5b6b9a291e08d8e8cccee754bd1a5bcc090081aa3ca786691bdd97dc7a49292563d9fd94f7d79334ba32a7573425fba5fd11f14e5617c91bc38c2c9b0c9b99c1fcef7a1b5e39168912bd38a910e8aa28f72c125056053558f8122265c2a2f66f22856d45bcb85f954e928658936bf5fd7c253be74c7af8076a0d885d3037d76bdce78d5be83e34d6a26b137021868928d1977baacef3378bf414ecbfad2379bc95aa1974fd43ef1e88fe7a289f5017358cfcc00d47d20dc21518ac20e79b2448df1d36294ac219d53f705efe1a5de51806a1491df58fe0dad56388e836248badc8c45a70c0c7ce1584f5622ce63c278c7d1ddf84603b747dccbf02c7488c84ec05a98185d208b6254b28129548beb4eda40cb214dc8c84e78c9446a505b31f972824c64cb1833b7679875189266b4ab45244edd2e4865fd3a65c9e9624a504140961c3031f77cbf0bb3ce93b225096b4ff109cf05b668e74226a1ddac11dea395d2f220031d786a8e02c5952da84ed468af03165b2f3859525e66f528c0e09503cfb71bbe90fd9eccf26dc532dfeb8ae49e3193b7b9768b44634029ee30f1dcbef6882e7d05d05140aa5bf2ace309b82da5266f5c608147a102d84ebb7313d1b8f5e63cd03147f9724414909658ffcf1772128131d7704cf45260c9d46199c49fc8a7b5aecaec3a0f328283c39402e5138e218be76ee860d74179760a1a76b3552383e2986df925789806f4009c7bac256712d40cdd1c2aa70c20c1f8cf3647bdcae2f00c95fc3f8ae850ba13c48e466f57f4bbd31dec6c7e16c26707b14d4620e8c9b8a707c72f5659f95f028d2d1893c8aaba9295aa1bf3057c053291ecae2108949aaf9244f5b4309becaf51ce9f349dec96ea7b840a28677f8d39c03ba41207895393d46383fd7cd3da38887a3f6722e39c7c3a21b9d68ebc1d8feb7c0b58dc40e777492208b617edd23778d3804f7f1c8d8fd15b60d362d1b71cdc4afce18379813be259d630ca6862847ad2ea940cb35a0380b2be9a4acae89314cfbd9d8f48d1041525db73a68a63e13cf327de178253a4e143ac7c5dfd7d56fb30cc40b52671602560d0efbee3036b0b8dce822124575fb9491b77025a156eb3e1089df8caa6812e7b6f22acfb0166d721b6b1d15cc1490ba3a996c276d41d5c7f6bd3b4fe01c850fe44bbd53991cbca291417fde10fbc5e4ea3fa47856de8cbdcee732be107da1ef8ffce752ed0911ddfc6eeed2ae16277e1bdbef99bec48e04b40218002b7af1e33eca29d7f11f3ee6b80c960e5b79bf9d29de8c765352489c9bbd584521493f8fa2c6da4226e439857cbfd61ab459ddf30642e57f59a", 0x1000}], 0x6}}], 0x2, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:49:11 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f7765"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:49:11 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x7100000000000000)

[ 2896.764371][T23888] memory: usage 307184kB, limit 307200kB, failcnt 20665
[ 2896.797520][T23888] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2896.816078][T23888] Memory cgroup stats for /syz4:
[ 2896.816321][T23888] anon 114688
[ 2896.816321][T23888] file 8380416
[ 2896.816321][T23888] kernel 306061312
[ 2896.816321][T23888] kernel_stack 32768
[ 2896.816321][T23888] pagetables 77824
[ 2896.816321][T23888] sec_pagetables 0
[ 2896.816321][T23888] percpu 5477376
[ 2896.816321][T23888] sock 0
[ 2896.816321][T23888] vmalloc 0
[ 2896.816321][T23888] shmem 8380416
[ 2896.816321][T23888] zswap 0
[ 2896.816321][T23888] zswapped 0
[ 2896.816321][T23888] file_mapped 405504
[ 2896.816321][T23888] file_dirty 0
[ 2896.816321][T23888] file_writeback 0
[ 2896.816321][T23888] swapcached 0
[ 2896.816321][T23888] anon_thp 0
[ 2896.816321][T23888] file_thp 0
[ 2896.816321][T23888] shmem_thp 0
[ 2896.816321][T23888] inactive_anon 4096
[ 2896.816321][T23888] active_anon 8491008
[ 2896.816321][T23888] inactive_file 0
[ 2896.816321][T23888] active_file 0
[ 2896.816321][T23888] unevictable 0
[ 2896.816321][T23888] slab_reclaimable 38216
[ 2896.816321][T23888] slab_unreclaimable 300379280
[ 2896.816321][T23888] slab 300417496
[ 2896.816321][T23888] workingset_refault_anon 0
[ 2896.816321][T23888] workingset_refault_file 0
[ 2896.816321][T23888] workingset_activate_anon 0
[ 2896.816321][T23888] workingset_activate_file 0
[ 2896.816321][T23888] workingset_restore_anon 0
[ 2896.816321][T23888] workingset_restore_file 0
[ 2896.816321][T23888] workingset_nodereclaim 0
[ 2896.816321][T23888] pgscan 0
[ 2896.816321][T23888] pgsteal 0
[ 2896.816321][T23888] pgscan_kswapd 0
[ 2896.816321][T23888] pgscan_direct 0
[ 2896.816321][T23888] pgscan_khugepaged 0
[ 2896.816321][T23888] pgsteal_kswapd 0
[ 2896.816321][T23888] pgsteal_direct 0
[ 2896.816321][T23888] pgsteal_khugepaged 0
[ 2896.816321][T23888] pgfault 387978
[ 2896.816321][T23888] pgmajfault 0
[ 2896.816321][T23888] pgrefill 0
[ 2896.816321][T23888] pgactivate 0
[ 2896.816321][T23888] pgdeactivate 0
[ 2896.816321][T23888] pglazyfree 0
[ 2896.816321][T23888] pglazyfreed 0
[ 2896.816321][T23888] zswpin 0
[ 2896.816321][T23888] zswpout 0
[ 2896.816321][T23888] thp_fault_alloc 0
13:49:11 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendfile(r0, r0, &(0x7f0000000100)=0x1666, 0x943) (async)
sendfile(r0, r0, &(0x7f0000000100)=0x1666, 0x943)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x8094}, 0x4) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x8094}, 0x4)
socket$netlink(0x10, 0x3, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f0000001c80)=[{{&(0x7f0000000180)=@un=@abs={0x1, 0x0, 0x4e23}, 0x80, &(0x7f0000000240)=[{&(0x7f0000001d00)="cda5d356cc488c63bc40890fe0af3f624ca3f3aa60cb2efada87f1396fdd2771eb001e7fb0070ffcc77f9eb45bcf23ff8a7ba06a3eb3cf7993d319b21e6746005974328357d74faa6160b35d72662583d1e26d01d2c70c9e777fdd46c3695df489a7b3bb608c92f06d6d82f87baf79fc7ef27a70c28376cf63009bc07e58860a8c3646b2db18463a681f4192faf540e56fb0b0d685354c43ab", 0x99}, {&(0x7f0000000380)="a63ee2f1c4665526dbf19dc833c79ae52a6dd5b32d400a82d31056f5a414932e374ab74a3619530f1260fe27c7fcd374acc534e5f4de63d3206f129d13355b19e849b571ffea6e5409e6a4fb2b195076c2d1e59a31252431aefbd4b10c9ed01670f79800c0869abdeed7adff046511418ef0c3ed1f68a54c162167d74ac9c8862ac8995a918d3aa13334c61b92a5173075e5c2a0ad64b7b960f74c", 0x9b}], 0x2, &(0x7f0000001dc0)=[{0x40, 0x29, 0x0, "facdb3666be624a9e504fe32dd294059c27753b49b8230d2731a566ab92f70bf45b7f529de4548775570"}, {0x198, 0x112, 0xfffffffa, "5f09d6c22a2c34e93efa24e359203612fc11e7d93ac2e2db0c2e2f6c5408592dcbb5b4705938b4e70fa239067d3a646dbe99f551fba38e294ea649f01d5ffb81de86f3f2303ec748089c56689125f2187d61d043c7e1417eab63d247494474dbaeafc79a0f336c81a7aa78f4ebf1def2943f85c3535e13e598766849c1452a421cbda9f3fdfba96e52d4ab0895f8da7369d0487d253a750d783316ee51a24155219ce68b0d5753aaf5e1d6f6c2cc7cae9a911d93e8a9af1681482bf6112b07cef9a13860dce61c4415b7ae786dab1926223f4271c32ea0797ed406b259bae4d472181c5c6fdcc1b96d84c44be05839a81f3592d7e3a65fe67229acce6b8d34659c91d0de37765eb76ba60fb3aeb1d627bb97153cd6d59b8ab202650487c241348b6893198cbe622828f7e22668c352a15d83803ee5aa3e14ed32eaaa55ff2f4779d491fc5bd8e2d5e595ca44a4ecb2b550063fd78b9c30126351e22531bf9b0fc3ba35372da914f739280771f8199da376f89de8a4ac0cbaf50e6c259ee8448af6919cb79a"}, {0x80, 0x10c, 0x49, "2b8ee5837012bcd1e2ff653028109693b23b9019f69a436922bcb615ca848f82fa95fed966adb3c43fbf2d1cc23dda0428325326915579f68cbf1bff435255818691082643cf08dbd28c0cbd386a4fdb7726a0e1bfbe51b79d8b5344fdbe3573b2f688a6c07ea15927"}, {0xa8, 0x112, 0x846, "d3217788bab33ac08a13307c88e00f6c8a925c213e062b41622ba1acaa8b09abb48892b43f8e851fd9313db64e75b501e7d0cc7fecba26cb64f47309f7279697e4468e93d317031f68ed27212b7b7d90ca86d292010a4ef2118b5f840b7b2f9619d8423249c85e67568106b6becb256362db0a7cd8810dd08feb9b96a921bfd3e8cfec6871e1011aa7f0c86110a464ffb9c3cde54f0f1ae0"}, {0xb0, 0x111, 0x1ff, "53e9b34f3b906165a2fc001a44286e21ef943e0ade52f94e49995c977f27de9529e64b33fc1fbb1d5b316bd9ccce673a35d210586e498b5de408864ca6ca05fec0f6fc338e3335985cb2ddd1a62af15f6d2e512beea2c7bb50b571753211b25f1a253de942a0612236a94f138d241d1a16e301e00a7a31907809be96607cc39be9860ec897cbbcc69fc3096a7cf74f73f5bd39e9f1207b812a2923"}, {0x58, 0x113, 0x0, "59df65e7eabcd61ca89aeca7b8af7988b1ae6c4c6d983a3abe84cd3b6f5c229d1920585e7fe500df97fe7da85740917d45d3a8f813edc249ede961d08377efa786ad67"}], 0x408}}, {{&(0x7f0000000500)=@isdn={0x22, 0xc5, 0x40, 0x5, 0x6}, 0x80, &(0x7f0000000600)=[{&(0x7f0000000580)="734ec42ef9adfcc3d43bcd688856edea1b4a766e1836a0984ae2a801c2ce29325287f2b9912a570a85f5105975dfcb8b4952e5056c0604babe9bb650b3c29ad870e1551a431e88ca6a2ee90692c7416ec5b1524d213bc8e6a77438b3e1", 0x5d}, {&(0x7f0000000280)="c594b763253a72d0df7cdc6318ed6ad2b448c7ffc80a1ae3391a59365662910c39b7bbd9c6713209cf5921f15ea40ef25ca75f815a211a", 0x37}, {&(0x7f0000000a40)="f27c6f5ca4170428eaa8c4bdf0e61e2d3377fcb52b2a1cf561838ff79430549fe178398db82d374c5bda23cd97dfc2d466b1bf4d3ec6cbe4672b9988724c3d0b2d761ac3bbfb211eae15d493166dd51cf64edce31a8fa58ea9efa1977f0e8aad1ba8cb376dbf2d6fe56f688d09aca1bd5086365cee7168ef7e5b47d2f02e0d9d9a35be0a5ca4a8e770d9d0f3411d71ccf07991ae69bfdc7447c5a16117c07c67f62a0165a72c9cedb7e5bf2fd4ea09ceb597c6a38acf767c", 0xb8}, {&(0x7f0000000b00)="43c4231e54e239412328a711c1b26d924aa9ead53cb3429133a837815ff14fe34c1908fac6c8105f38a9882de6b4a1cc977155190c2ab2a5a0edeff1413e087f917630c9c655557f91d9a74e0f853027841379f0d2091e6b11235f67b99a60dbd6705001446b1cba9c164d60c5457411b314af4638a1c283b4be49a5400bf13aa09032c849e22f488a0a05658eedd1a791d8e641fb4516683a3f3d254b4113de5573155a43", 0xa5}, {&(0x7f0000000bc0)="35c37f778f4b7f0c49326cb5425c95307ce6da0c9a081fa92611d7e8111a73234f7d47cfe8d47f3adfd06dd664de2cb303de059dbcd43223bedca2edf444e020175cd0d2343098b51d18add804ca40709f689a947a8abd1dd9cf87ed9df38626b300fe1e3aaa946da107985febbc6b8f2f0d44f18830caa432e2f4cd7e3e7511bb66fbbf731882793a579ffe0a1f3def2b", 0x91}, {&(0x7f0000000c80)="13eb20a8d05130f0cf5dde743f785ed0465c8226085ce15fb2cce71cc0009e59a15da66bf06bbaee2886eacd5549e9f41f1dbf9a4da74fcddea7830a256ecb9528c50d7e2b974ecaa06ff82515c0f701611ad2636ca9608bea3a40d3577c67adc40f47f3c1137c9e3478b5730c5243650ff306d1cf3c91428dbb7b7cbc60df75d812da77a179870c97bb9622e9aa1d2767742bed4006d4ab4ec2d9c16216482b36136e08ac2b0d7904dbf8ef6efe00234bd1a8c5392cb2bfe44220c43ba7015f7c24d130352ca25af3ac9578de5e950a79eaf24a278671453d232ae3152469ed9c95f2675dd01535f9207a75ecd3b52b616200bee55053c0bdf8cf247a7a436f0738bae491fbd306f53521a3965760e091f9ab507cbb5bfea6662382fe0feedb6c0602c6ea2b7a3541ec0e0b446711600b0feff115da41f7a16b181e758dca48e56e000cb356a11695ee07bbb4ad9cb249ca91a5f080b05af55214981204b23940699964da9d7326e040bad2acfecb7732f437cc063b044fa853e3c6966cbafd0070cedc421f3dd6adaa7518930ac1a5bb4d238e8c51c0bfad593f4be032505e3259afcc7d73cf1e8e7e0a64cb677bd71908bb00e0936d08bf1b43322eab244b655faffd384f86f63eabd45687bb1e91aafb301b63a1e2e5b788dc125eb86a30129994195cff6e8260b1477a615cf452c21cd0d137cba77a1325d37e54f17071ff9486bf9b883d48049e19e7804b4d77a0a0eed7fc3ed3d8d135a5c00c31ecdb6a4f16852004a8f9f22c8dd683fd2d28860173a4ce838b65f1ad7b3d1888599a90d5b322d309a7c035177cd385704c3d6168e83b645254ac36d3dd327fa688b09e6a7261f7207180b7d3c7541071d5f896c28fa1c0bbfc26f3c85c7ad34b576dd5d9602837c12a2cd59220390f8061d91ac00a1c8391ed1b7d31b49b875f9fea6ac9cc4f25da1b612ea67e540cd834b17804bd1b76defeba58cf5162e133143fe761fb7c135d31a280748e4f857111343e6c317f39ca9114b1ba2891b76631f6a48573d294eaad79a14eabc5bc7cdfd2a53e86d51f31aabd443972aa90aa882b6531247cfd4544ab550c15417d5415bc43a859bfeb4d47218b2562548e82abc99b72d023039f99c68467ae841fa13b65c55d993e0b914ae61d1d10a2fbeceacabe7868d174e3b985856c236711ceb4bbfc9194997327ca65b8053cf74ec8e053761b4c7936375949e157777489df861aa949bbef1d531f17e7da55c663fe4d41fe98887acd3af03e1201d3a1e2e4ab627cc5ca760379b8cb98edb196c6dac846471accbe7225a8830985ed68482311e9b4fb6ebccfd63410b4433e9159be12741a126897b9e904dffa12a2fe60adaa47341e2d01b818acd9f5643b25bc3f6e11a40d49739f77a13fbe27d2bb9b780cec44c813ff2354aa5ad2e0998bf80cdb112c540b0448ee4f393b4f9e3e120b81a1332031040f6a4d04c7983f44eda19f7a1cf3a6920e724386cd5f7ce90fac1456c5cc8d34c5e585504f60790d3c89d24eff5976f63d7a13aa97659771ffef3fade68e4a9f9c1b5ecdaa59eb77598140b44f82502f21b06fcf03d2ecbc439b4081f465f249b8090f2a7f871783a576bbf169c0cedbf3c54c114474b1d8c39027d343723c56fe589fe2eb8d3fec2a3c7e3c3830e89e80aa39ede315c13607131729af2f553011c7d1de56e6b76c0fd1d4af54275d66dd4056ebe47b974f032eb6a836aab32852b60ff8a7568d7549b81a8020954665c2e245816c169e4aa51d1889d1af29cc048c921e7072c2591b3b6276b5111739da3eb6d9005134a5642cbd5316e97081e247a8a8098db18072274b68022e9d4561410cce7856e8c4b6ffd6dee74d72e05da086f541f5f1335041a3b8db399e221e725f269efa2636891b5c778d862e9527e83858e40a0f271b871aa4df0a0b48e4e1c7b4d9c09a68cb6e3e835ca9423c7d69d2fbf566267b3fef65dcf4c489f6e951cf94922d0b3625e1db804e03feda6d3dab692e5416acc5ae5be54bab43b13ab8dd254f0ef550bbdef77bcdccca5bc64a10f2f31f0d0fffe8678e44fca98b686a11b335ce5b414c96ec7df910167ab9fc583ec63941fb4d5070b541bf25816343f421fa7bf77059f51b9745eb0b49de7baedd6f1eac64256e6460a39e6d9cf2ad0f9ba45ddb0b7d2c25177224cee7100e4f6a1c3fe28e6376a0d8667f802a6ae726a3bbab8b122d1d6e80873030555d0e1b0233b37ca50325107aeb30c01157fedf441c13b18cab5c2de880ef39c177c8cd310638861e42642d89cc988a7784772174a8824821339d284dc5100f1bb332e58e4c1904880a6be95a77023c51aec0f0a05a714f362753452ba881f84edc6ea21ff40b3a48c0f730dbdac5fa3b5481e742cec5c6159b055b4173964bdfcc9985887e3a864ed2fb9247fd1efcec0c361914c4dfdc50ab3f695bf3374661947895913a4c5100b70788563ec7ec093f050d9cb27712058c7523b4277e1624da0326e0af396722acd83153c72d898bf4186891f23054b4773c981490f9ce7f63c38b66825bcaeadd51dc793ecf8aab2867fa33e5b48ee5bc1a1fd7831aa8d3e07adfcef94820d5ca489d8f15ce95f337a28f8719d1fe22c21caee22a15fdc59de91d50b7de6dccc80ed3e2f9982813002da1ce823bddea4a00b843723d196dbe2d1f2a015a03bb487f052b7c6255715cbf015de435ddba87e049d0a7e9e299f134b531954ca4a077cb0b216447a417c03b9441191a41c4631c6fbd62095a21238ddacc4ddeede29db6a93a4c7fde30c0934d5f4919a251bc117feff13f5a7955df310e7aeb5a1b40111b5d207c2d2fb3640c27be468377e29388d7593ca25947eb6f3cf1c923d8b3e75b6e5f6b2f50dcb72975efa48a2300a454ff2091884fd6050b5bb1ff3f539cdfcbdc10398437ea7576c034dd9d1681c9cfd589554a43a780a5c16d27afdc352dcf6196a99b0b17d59bd949f1b97acae5dfe27a2117746ee57ffea5c6362390277c518098b1ef72ad85c1ad92e9ebf9ed254506c77f39224f97be0d65c94161ebd91fc2f3678454e4d0dad58d6c30d8b6008d5badb8b37f78c2351160dae0df985b350068fa3a98d178d14547d850fda5b38c109d091bdf8d6d9b79a039842991a63b55ed80df994501824f95ff217fc6046f4b5b9a9163a6229a784da1adbda66cf6f22d90083a457f8b80ca22826e853cc3df19ca0a9d56830133f98e436f126f629c5378f6da2f2e3e02b8dfbfdd0f29ce05ab4afcea6240a8af75f25c1e93eb511d1d7d9585f01ad03b8d50ea93063abf14569b19af7f06b10d86de551e091f0d9d755f8a49b51d57387f2c3b5158e1f7e0accd750f3db54b13b1136653fc39a71003ad0c8dd777722ffa7aae60283c0c4b4f1715b2fd13081d777dc63dd66764149172a7a01d827c729b4a865c81c25d396bc747fe34b2ca23f66337787546165bf1a0f0550fffdb070f839dfc8e7a854afd2d9823b5212fb0b213a15ed088ad2439b00948815bf0d7578b8384e2d518796f5a3e0cb87002dc525147a185f181d2a1cdf751650407d05608298e077614e0d5c7823cef7714d7246b9a4d7aa7a10b83308b4532979d1c74bef260ded0d16bf7759c84b4fb7b1cf09a7c75874a754ee3dc0b9037c289c152c7af6e9e83dc917796d374b6ff94bb96a990fbae645a3b42864e7dbba7c5f890fdc0e9a7e0794a3fcfa675b9f20e205c58df22acc7416210fda92d38b2a5ef9dd4140aa7fc5a3899538312993329726e4e178d2b054c45cf87018a29bd48e6ba8efe900cabf1b95fd41a2745deefa3227880b42be25906d476de1c9a0dfcbbdd702d1d5758c03773660fd6d50ea5a13d3313c579e0fb1efbed9f46a977cfc29a9e0d8f84158f74a372d359df3f6955a099ed6e5e01980ce0f3af23dd934690498329fea1124d2e8a544c6f149a1568aa36e8c1ea3c777cdb0f5f54b5c1bc5cb074683f0106b73e149e1019b2ce113e55f9e783061a25beecd60ee185374b111c121a4279f695d1e8753fb2b2d23bd763008555da94750a2280d019f3427f5fde18171638724373064c24a501bddabf87d36cd358097cccc336aad6a3f7f4c7001b35ee4c7bccedad0ce70c6de0621be2faf3a7f6f81977b62ed9732c696eb7c359e11dc7ea19a3e0e8368191dbcbcec410ad08af1a496618e91ed0459d176fd05dcad99623c305d449851cd2e521aecf43c32a56ff69c4e580f4e64e483da01ceb933c01852b4b35119f9c59b194463f61dbe3f6e82a20e74b12f0dc5cb204a027f66e31bb3a03d428f2e3d6a7b73cf380fb9f44b76d3fcf7baa5b6eefa125eb4833763c6f8775a974331576e5726e6f52d339c7ae2af1ef1ee79174a3a569c9d87eca581f9395192be3c75288139d6264b39f34fac9379edfc6a5b6b9a291e08d8e8cccee754bd1a5bcc090081aa3ca786691bdd97dc7a49292563d9fd94f7d79334ba32a7573425fba5fd11f14e5617c91bc38c2c9b0c9b99c1fcef7a1b5e39168912bd38a910e8aa28f72c125056053558f8122265c2a2f66f22856d45bcb85f954e928658936bf5fd7c253be74c7af8076a0d885d3037d76bdce78d5be83e34d6a26b137021868928d1977baacef3378bf414ecbfad2379bc95aa1974fd43ef1e88fe7a289f5017358cfcc00d47d20dc21518ac20e79b2448df1d36294ac219d53f705efe1a5de51806a1491df58fe0dad56388e836248badc8c45a70c0c7ce1584f5622ce63c278c7d1ddf84603b747dccbf02c7488c84ec05a98185d208b6254b28129548beb4eda40cb214dc8c84e78c9446a505b31f972824c64cb1833b7679875189266b4ab45244edd2e4865fd3a65c9e9624a504140961c3031f77cbf0bb3ce93b225096b4ff109cf05b668e74226a1ddac11dea395d2f220031d786a8e02c5952da84ed468af03165b2f3859525e66f528c0e09503cfb71bbe90fd9eccf26dc532dfeb8ae49e3193b7b9768b44634029ee30f1dcbef6882e7d05d05140aa5bf2ace309b82da5266f5c608147a102d84ebb7313d1b8f5e63cd03147f9724414909658ffcf1772128131d7704cf45260c9d46199c49fc8a7b5aecaec3a0f328283c39402e5138e218be76ee860d74179760a1a76b3552383e2986df925789806f4009c7bac256712d40cdd1c2aa70c20c1f8cf3647bdcae2f00c95fc3f8ae850ba13c48e466f57f4bbd31dec6c7e16c26707b14d4620e8c9b8a707c72f5659f95f028d2d1893c8aaba9295aa1bf3057c053291ecae2108949aaf9244f5b4309becaf51ce9f349dec96ea7b840a28677f8d39c03ba41207895393d46383fd7cd3da38887a3f6722e39c7c3a21b9d68ebc1d8feb7c0b58dc40e777492208b617edd23778d3804f7f1c8d8fd15b60d362d1b71cdc4afce18379813be259d630ca6862847ad2ea940cb35a0380b2be9a4acae89314cfbd9d8f48d1041525db73a68a63e13cf327de178253a4e143ac7c5dfd7d56fb30cc40b52671602560d0efbee3036b0b8dce822124575fb9491b77025a156eb3e1089df8caa6812e7b6f22acfb0166d721b6b1d15cc1490ba3a996c276d41d5c7f6bd3b4fe01c850fe44bbd53991cbca291417fde10fbc5e4ea3fa47856de8cbdcee732be107da1ef8ffce752ed0911ddfc6eeed2ae16277e1bdbef99bec48e04b40218002b7af1e33eca29d7f11f3ee6b80c960e5b79bf9d29de8c765352489c9bbd584521493f8fa2c6da4226e439857cbfd61ab459ddf30642e57f59a", 0x1000}], 0x6}}], 0x2, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:49:11 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="440000001300290a000000000000000001000000", @ANYRES32=r4, @ANYBLOB="00000000000000001c001a8004000280030005000800000000000000080000000000000008000c0000000000"], 0x44}}, 0x0) (async)
setsockopt$MRT6_ASSERT(r5, 0x29, 0xcf, &(0x7f0000000080), 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000008c00270d000000000000000004000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async, rerun: 32)
r7 = socket$netlink(0x10, 0x3, 0x0) (rerun: 32)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2897.044424][T23888] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23888,uid=0
[ 2897.062576][T23888] Memory cgroup out of memory: Killed process 23888 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 2897.169525][T23911] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2897.196964][T23911] CPU: 0 PID: 23911 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2897.207638][T23911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2897.217724][T23911] Call Trace:
[ 2897.221069][T23911]  <TASK>
[ 2897.224017][T23911]  dump_stack_lvl+0x136/0x150
[ 2897.228909][T23911]  dump_header+0x10a/0xd70
[ 2897.233368][T23911]  oom_kill_process+0x25d/0x600
[ 2897.238256][T23911]  out_of_memory+0x35c/0x1660
[ 2897.242968][T23911]  ? find_held_lock+0x2d/0x110
[ 2897.247784][T23911]  ? oom_killer_disable+0x2b0/0x2b0
[ 2897.253061][T23911]  ? rcu_read_unlock+0x9/0x60
[ 2897.257789][T23911]  ? find_held_lock+0x2d/0x110
[ 2897.262594][T23911]  mem_cgroup_out_of_memory+0x206/0x270
[ 2897.268274][T23911]  ? mem_cgroup_margin+0x130/0x130
[ 2897.273422][T23911]  ? lock_downgrade+0x690/0x690
[ 2897.278343][T23911]  try_charge_memcg+0xf99/0x13a0
[ 2897.283342][T23911]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2897.289379][T23911]  ? rcu_read_unlock+0x9/0x60
[ 2897.294099][T23911]  ? lock_downgrade+0x690/0x690
[ 2897.299009][T23911]  charge_memcg+0x90/0x3b0
[ 2897.303480][T23911]  __mem_cgroup_charge+0x2b/0x90
[ 2897.308450][T23911]  ? copy_mc_to_kernel+0x3e/0x90
[ 2897.313451][T23911]  do_wp_page+0x8ea/0x33c0
[ 2897.317908][T23911]  ? lock_sync+0x190/0x190
[ 2897.322361][T23911]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2897.327777][T23911]  ? do_raw_spin_lock+0x124/0x2b0
[ 2897.332872][T23911]  ? spin_bug+0x1c0/0x1c0
[ 2897.337238][T23911]  __handle_mm_fault+0x1635/0x41c0
[ 2897.342397][T23911]  ? vm_iomap_memory+0x190/0x190
[ 2897.347381][T23911]  ? mas_walk+0x58f/0x730
[ 2897.351765][T23911]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2897.357102][T23911]  handle_mm_fault+0x2af/0x9f0
[ 2897.361933][T23911]  do_user_addr_fault+0x2ca/0x1210
[ 2897.367082][T23911]  ? rcu_is_watching+0x12/0xb0
[ 2897.371886][T23911]  exc_page_fault+0x98/0x170
[ 2897.376520][T23911]  asm_exc_page_fault+0x26/0x30
[ 2897.381419][T23911] RIP: 0033:0x7f4036836f7e
[ 2897.385859][T23911] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2897.406816][T23911] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2897.413376][T23911] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000000
[ 2897.421397][T23911] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2897.429494][T23911] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2897.437489][T23911] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2897.445497][T23911] R13: 00007f4036400060 R14: 00007f40369abf80 R15: 0000000000000000
[ 2897.453533][T23911]  </TASK>
[ 2897.713423][T23911] memory: usage 307200kB, limit 307200kB, failcnt 20740
[ 2897.728917][T23911] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2897.747767][T23911] Memory cgroup stats for /syz4:
[ 2897.748109][T23911] anon 114688
[ 2897.748109][T23911] file 8380416
[ 2897.748109][T23911] kernel 306077696
[ 2897.748109][T23911] kernel_stack 65536
[ 2897.748109][T23911] pagetables 77824
[ 2897.748109][T23911] sec_pagetables 0
[ 2897.748109][T23911] percpu 5477376
[ 2897.748109][T23911] sock 0
[ 2897.748109][T23911] vmalloc 0
[ 2897.748109][T23911] shmem 8380416
[ 2897.748109][T23911] zswap 0
[ 2897.748109][T23911] zswapped 0
[ 2897.748109][T23911] file_mapped 405504
[ 2897.748109][T23911] file_dirty 0
[ 2897.748109][T23911] file_writeback 0
[ 2897.748109][T23911] swapcached 0
[ 2897.748109][T23911] anon_thp 0
[ 2897.748109][T23911] file_thp 0
[ 2897.748109][T23911] shmem_thp 0
[ 2897.748109][T23911] inactive_anon 4096
[ 2897.748109][T23911] active_anon 8491008
[ 2897.748109][T23911] inactive_file 0
[ 2897.748109][T23911] active_file 0
[ 2897.748109][T23911] unevictable 0
[ 2897.748109][T23911] slab_reclaimable 38216
[ 2897.748109][T23911] slab_unreclaimable 300379744
[ 2897.748109][T23911] slab 300417960
[ 2897.748109][T23911] workingset_refault_anon 0
[ 2897.748109][T23911] workingset_refault_file 0
[ 2897.748109][T23911] workingset_activate_anon 0
[ 2897.748109][T23911] workingset_activate_file 0
[ 2897.748109][T23911] workingset_restore_anon 0
[ 2897.748109][T23911] workingset_restore_file 0
[ 2897.748109][T23911] workingset_nodereclaim 0
[ 2897.748109][T23911] pgscan 0
[ 2897.748109][T23911] pgsteal 0
[ 2897.748109][T23911] pgscan_kswapd 0
[ 2897.748109][T23911] pgscan_direct 0
[ 2897.748109][T23911] pgscan_khugepaged 0
[ 2897.748109][T23911] pgsteal_kswapd 0
[ 2897.748109][T23911] pgsteal_direct 0
[ 2897.748109][T23911] pgsteal_khugepaged 0
[ 2897.748109][T23911] pgfault 388013
[ 2897.748109][T23911] pgmajfault 0
[ 2897.748109][T23911] pgrefill 0
[ 2897.748109][T23911] pgactivate 0
[ 2897.748109][T23911] pgdeactivate 0
[ 2897.748109][T23911] pglazyfree 0
[ 2897.748109][T23911] pglazyfreed 0
[ 2897.748109][T23911] zswpin 0
[ 2897.748109][T23911] zswpout 0
[ 2897.748109][T23911] thp_fault_alloc 0
[ 2897.779448][ T1211] ieee802154 phy0 wpan0: encryption failed: -22
[ 2897.956392][ T1211] ieee802154 phy1 wpan1: encryption failed: -22
[ 2898.027572][T23911] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23911,uid=0
[ 2898.052959][T23911] Memory cgroup out of memory: Killed process 23911 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:49:12 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f7765"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x3e01000000000000)

13:49:12 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r1, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r1, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

13:49:12 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r5=>0x0})
r6 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r5}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0x44, r8, 0x7562f43b63fde81f, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_FRAME={0x27, 0x33, @action={@with_ht={{{}, {}, @device_a, @device_b}}, @channel_switch={0x0, 0x4, {{0x25, 0x3}, @void, @void}}}}]}, 0x44}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f00000003c0)={{0x1, 0x1, 0x18, <r10=>r1}, './file0\x00'})
r11 = syz_genetlink_get_family_id$batadv(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000840)={0x5c, r11, 0x0, 0x70bd2b, 0x25dfdbfd, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x79505edd}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x5c}, 0x1, 0x0, 0x0, 0x804}, 0x20040000)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r10, &(0x7f00000005c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x44, r11, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xfffffc00}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x4}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r5}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000010}, 0x40)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r12=>0x0})
sendmsg$NL80211_CMD_SET_MPATH(r6, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)={0x64, r8, 0x20, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r12}, @val={0xc, 0x99, {0x14fb, 0x77}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x64}, 0x1, 0x0, 0x0, 0x400c0}, 0x84c)
r13 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r13, &(0x7f00000002c0), 0x40000000000009f, 0x0)

13:49:12 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socketpair(0xa, 0x3, 0x101, &(0x7f0000000100)={<r5=>0xffffffffffffffff})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
r10 = socket$l2tp(0x2, 0x2, 0x73)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="230900000000000000000100000005000700000000000800090000000000060002000100000008000a000000000008001700", @ANYRES32=r10, @ANYBLOB="54c423d8406b6afc56184eaa8ca611b3afe2e224a3db7e7625442a6c799a149f34164737ec00bdefb8c3"], 0x3c}}, 0x0)
sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000500)={0x44, r9, 0x800, 0x70bd2b, 0x25dfdbfc, {}, [@L2TP_ATTR_OFFSET={0x6, 0x3, 0x7}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x20}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @multicast2}, @L2TP_ATTR_MTU={0x6, 0x1c, 0x8}, @L2TP_ATTR_MRU={0x6, 0x1d, 0x7e}, @L2TP_ATTR_L2SPEC_LEN={0x5, 0x6, 0x23}]}, 0x44}, 0x1, 0x0, 0x0, 0x4800}, 0x800)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r12=>0x0})
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0x44, r11, 0x7562f43b63fde81f, 0x0, 0x0, {{}, {@val={0x8, 0x3, r12}, @void}}, [@NL80211_ATTR_FRAME={0x27, 0x33, @action={@with_ht={{{}, {}, @device_a, @device_b}}, @channel_switch={0x0, 0x4, {{0x25, 0x3}, @void, @void}}}}]}, 0x44}}, 0x0)
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(r5, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000280)={0x28, r6, 0x10, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r12}, @val={0xc, 0x99, {0x4, 0x1a}}}}, ["", "", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x80)

13:49:12 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0xdd)

13:49:12 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x7101000000000000)

[ 2898.401975][T23924] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[ 2898.426955][T23924] CPU: 0 PID: 23924 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2898.437420][T23924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2898.447483][T23924] Call Trace:
[ 2898.450763][T23924]  <TASK>
[ 2898.453703][T23924]  dump_stack_lvl+0x136/0x150
[ 2898.458404][T23924]  dump_header+0x10a/0xd70
[ 2898.462850][T23924]  oom_kill_process+0x25d/0x600
[ 2898.467708][T23924]  out_of_memory+0x35c/0x1660
[ 2898.472395][T23924]  ? find_held_lock+0x2d/0x110
[ 2898.477170][T23924]  ? oom_killer_disable+0x2b0/0x2b0
[ 2898.482374][T23924]  ? rcu_read_unlock+0x9/0x60
[ 2898.487061][T23924]  ? find_held_lock+0x2d/0x110
[ 2898.491839][T23924]  mem_cgroup_out_of_memory+0x206/0x270
[ 2898.497678][T23924]  ? mem_cgroup_margin+0x130/0x130
[ 2898.502816][T23924]  ? lock_downgrade+0x690/0x690
[ 2898.507738][T23924]  try_charge_memcg+0xf99/0x13a0
[ 2898.512713][T23924]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2898.518809][T23924]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2898.524748][T23924]  ? lock_downgrade+0x690/0x690
[ 2898.529636][T23924]  ? lock_downgrade+0x690/0x690
[ 2898.534716][T23924]  ? rcu_read_unlock+0x9/0x60
[ 2898.539462][T23924]  obj_cgroup_charge+0x2af/0x5e0
[ 2898.544929][T23924]  __kmem_cache_alloc_node+0xa3/0x320
[ 2898.550420][T23924]  ? copy_semundo+0x18b/0x300
[ 2898.555118][T23924]  kmalloc_trace+0x26/0xe0
[ 2898.559563][T23924]  copy_semundo+0x18b/0x300
[ 2898.564079][T23924]  copy_process+0x2557/0x75c0
[ 2898.568786][T23924]  ? pidfd_prepare+0x80/0x80
[ 2898.573397][T23924]  ? psi_memstall_leave+0x174/0x250
[ 2898.578727][T23924]  ? lock_downgrade+0x690/0x690
[ 2898.583602][T23924]  kernel_clone+0xeb/0x890
[ 2898.588036][T23924]  ? create_io_thread+0xe0/0xe0
[ 2898.592904][T23924]  ? percpu_ref_put_many.constprop.0+0x6a/0x1b0
[ 2898.599163][T23924]  ? lock_downgrade+0x690/0x690
[ 2898.604044][T23924]  __do_sys_clone+0xba/0x100
[ 2898.608658][T23924]  ? kernel_clone+0x890/0x890
[ 2898.613362][T23924]  ? syscall_enter_from_user_mode+0x26/0x80
[ 2898.619275][T23924]  do_syscall_64+0x39/0xb0
[ 2898.623718][T23924]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2898.629654][T23924] RIP: 0033:0x7f403688d591
[ 2898.634352][T23924] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2898.654068][T23924] RSP: 002b:00007f4036acfa68 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2898.662661][T23924] RAX: ffffffffffffffda RBX: 00007f4037673700 RCX: 00007f403688d591
[ 2898.670725][T23924] RDX: 00007f40376739d0 RSI: 00007f40376732f0 RDI: 00000000003d0f00
[ 2898.678960][T23924] RBP: 00007f4036acfcb0 R08: 00007f4037673700 R09: 00007f4037673700
[ 2898.686956][T23924] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f4036acfb1e
[ 2898.694946][T23924] R13: 00007f4036acfb1f R14: 00007f4037673300 R15: 0000000000022000
[ 2898.702938][T23924]  </TASK>
[ 2898.712658][T23924] memory: usage 307200kB, limit 307200kB, failcnt 20819
[ 2898.721179][T23924] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2898.728258][T23924] Memory cgroup stats for /syz4:
[ 2898.728496][T23924] anon 114688
[ 2898.728496][T23924] file 8380416
[ 2898.728496][T23924] kernel 306077696
[ 2898.728496][T23924] kernel_stack 65536
[ 2898.728496][T23924] pagetables 77824
[ 2898.728496][T23924] sec_pagetables 0
[ 2898.728496][T23924] percpu 5477376
[ 2898.728496][T23924] sock 0
[ 2898.728496][T23924] vmalloc 0
[ 2898.728496][T23924] shmem 8380416
[ 2898.728496][T23924] zswap 0
[ 2898.728496][T23924] zswapped 0
[ 2898.728496][T23924] file_mapped 405504
[ 2898.728496][T23924] file_dirty 0
[ 2898.728496][T23924] file_writeback 0
[ 2898.728496][T23924] swapcached 0
[ 2898.728496][T23924] anon_thp 0
[ 2898.728496][T23924] file_thp 0
[ 2898.728496][T23924] shmem_thp 0
[ 2898.728496][T23924] inactive_anon 4096
[ 2898.728496][T23924] active_anon 8491008
[ 2898.728496][T23924] inactive_file 0
[ 2898.728496][T23924] active_file 0
[ 2898.728496][T23924] unevictable 0
[ 2898.728496][T23924] slab_reclaimable 38216
[ 2898.728496][T23924] slab_unreclaimable 300379280
[ 2898.728496][T23924] slab 300417496
[ 2898.728496][T23924] workingset_refault_anon 0
[ 2898.728496][T23924] workingset_refault_file 0
[ 2898.728496][T23924] workingset_activate_anon 0
[ 2898.728496][T23924] workingset_activate_file 0
[ 2898.728496][T23924] workingset_restore_anon 0
[ 2898.728496][T23924] workingset_restore_file 0
[ 2898.728496][T23924] workingset_nodereclaim 0
[ 2898.728496][T23924] pgscan 0
[ 2898.728496][T23924] pgsteal 0
[ 2898.728496][T23924] pgscan_kswapd 0
[ 2898.728496][T23924] pgscan_direct 0
[ 2898.728496][T23924] pgscan_khugepaged 0
[ 2898.728496][T23924] pgsteal_kswapd 0
[ 2898.728496][T23924] pgsteal_direct 0
[ 2898.728496][T23924] pgsteal_khugepaged 0
[ 2898.728496][T23924] pgfault 388052
[ 2898.728496][T23924] pgmajfault 0
[ 2898.728496][T23924] pgrefill 0
[ 2898.728496][T23924] pgactivate 0
[ 2898.728496][T23924] pgdeactivate 0
[ 2898.728496][T23924] pglazyfree 0
[ 2898.728496][T23924] pglazyfreed 0
[ 2898.728496][T23924] zswpin 0
[ 2898.728496][T23924] zswpout 0
[ 2898.728496][T23924] thp_fault_alloc 0
[ 2898.928346][T23924] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23924,uid=0
[ 2898.945890][T23924] Memory cgroup out of memory: Killed process 23924 (syz-executor.4) total-vm:54548kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:49:13 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async, rerun: 32)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) (rerun: 32)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async, rerun: 64)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async, rerun: 64)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r5=>0x0}) (async, rerun: 32)
r6 = socket(0x10, 0x80002, 0x0) (rerun: 32)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r5}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0x44, r8, 0x7562f43b63fde81f, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_FRAME={0x27, 0x33, @action={@with_ht={{{}, {}, @device_a, @device_b}}, @channel_switch={0x0, 0x4, {{0x25, 0x3}, @void, @void}}}}]}, 0x44}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f00000003c0)={{0x1, 0x1, 0x18, <r10=>r1}, './file0\x00'})
r11 = syz_genetlink_get_family_id$batadv(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000840)={0x5c, r11, 0x0, 0x70bd2b, 0x25dfdbfd, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x79505edd}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x5c}, 0x1, 0x0, 0x0, 0x804}, 0x20040000) (async)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r10, &(0x7f00000005c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x44, r11, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xfffffc00}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x4}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r5}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000010}, 0x40) (async)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r12=>0x0})
sendmsg$NL80211_CMD_SET_MPATH(r6, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)={0x64, r8, 0x20, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r12}, @val={0xc, 0x99, {0x14fb, 0x77}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x64}, 0x1, 0x0, 0x0, 0x400c0}, 0x84c) (async, rerun: 64)
r13 = socket$netlink(0x10, 0x3, 0x0) (rerun: 64)
sendmmsg(r13, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2899.208572][T23947] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2899.234294][T23947] CPU: 1 PID: 23947 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2899.244808][T23947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2899.254916][T23947] Call Trace:
[ 2899.258222][T23947]  <TASK>
[ 2899.261182][T23947]  dump_stack_lvl+0x136/0x150
[ 2899.265902][T23947]  dump_header+0x10a/0xd70
[ 2899.270377][T23947]  oom_kill_process+0x25d/0x600
[ 2899.275264][T23947]  out_of_memory+0x35c/0x1660
[ 2899.279983][T23947]  ? find_held_lock+0x2d/0x110
[ 2899.284788][T23947]  ? oom_killer_disable+0x2b0/0x2b0
[ 2899.290024][T23947]  ? rcu_read_unlock+0x9/0x60
[ 2899.294736][T23947]  ? find_held_lock+0x2d/0x110
[ 2899.299539][T23947]  mem_cgroup_out_of_memory+0x206/0x270
[ 2899.305123][T23947]  ? mem_cgroup_margin+0x130/0x130
[ 2899.310267][T23947]  ? lock_downgrade+0x690/0x690
[ 2899.315180][T23947]  try_charge_memcg+0xf99/0x13a0
[ 2899.320179][T23947]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2899.326231][T23947]  ? rcu_read_unlock+0x9/0x60
[ 2899.330957][T23947]  ? lock_downgrade+0x690/0x690
[ 2899.335876][T23947]  charge_memcg+0x90/0x3b0
[ 2899.340357][T23947]  __mem_cgroup_charge+0x2b/0x90
[ 2899.345326][T23947]  ? copy_mc_to_kernel+0x3e/0x90
[ 2899.350326][T23947]  do_wp_page+0x8ea/0x33c0
[ 2899.354799][T23947]  ? lock_sync+0x190/0x190
[ 2899.359273][T23947]  ? finish_mkwrite_fault+0x3d0/0x3d0
[ 2899.364676][T23947]  ? do_raw_spin_lock+0x124/0x2b0
[ 2899.369764][T23947]  ? spin_bug+0x1c0/0x1c0
[ 2899.374176][T23947]  __handle_mm_fault+0x1635/0x41c0
[ 2899.379436][T23947]  ? vm_iomap_memory+0x190/0x190
[ 2899.384416][T23947]  ? mas_walk+0x58f/0x730
[ 2899.388796][T23947]  ? numa_migrate_prep+0x3a0/0x3a0
[ 2899.393939][T23947]  handle_mm_fault+0x2af/0x9f0
[ 2899.398746][T23947]  do_user_addr_fault+0x2ca/0x1210
[ 2899.403902][T23947]  ? rcu_is_watching+0x12/0xb0
[ 2899.408707][T23947]  exc_page_fault+0x98/0x170
[ 2899.413319][T23947]  asm_exc_page_fault+0x26/0x30
[ 2899.418205][T23947] RIP: 0033:0x7f4036836f7e
[ 2899.422633][T23947] Code: 10 4c 89 35 14 50 17 00 89 78 28 8b 7c 24 18 89 78 2c 8b 7c 24 54 89 78 78 48 8b 3c 24 88 4c 3a 04 8b 7c 24 4c 48 8b 54 24 40 <89> b8 80 00 00 00 0f 1f 40 00 48 8b 8c 14 50 01 00 00 48 83 c2 08
[ 2899.442439][T23947] RSP: 002b:00007f4036acfba0 EFLAGS: 00010246
[ 2899.448516][T23947] RAX: 00007f40369abf80 RBX: 00007f40369abf8c RCX: 0000000000000001
[ 2899.456509][T23947] RDX: 0000000000000000 RSI: 00007f40369abf88 RDI: 0000000000000000
[ 2899.464575][T23947] RBP: 00007f40369abf80 R08: 00007f4037673700 R09: 00007f4037673700
[ 2899.472570][T23947] R10: 00007f40376739d0 R11: 0000000000000206 R12: 00007f40369abf8c
[ 2899.480556][T23947] R13: 00007f4036400080 R14: 00007f40369abf80 R15: 0000000000000000
[ 2899.488554][T23947]  </TASK>
[ 2899.526533][T23947] memory: usage 307200kB, limit 307200kB, failcnt 20906
[ 2899.538835][T23947] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2899.563879][T23947] Memory cgroup stats for /syz4:
[ 2899.564180][T23947] anon 114688
[ 2899.564180][T23947] file 8380416
[ 2899.564180][T23947] kernel 306077696
[ 2899.564180][T23947] kernel_stack 65536
[ 2899.564180][T23947] pagetables 77824
[ 2899.564180][T23947] sec_pagetables 0
[ 2899.564180][T23947] percpu 5477376
[ 2899.564180][T23947] sock 0
[ 2899.564180][T23947] vmalloc 0
[ 2899.564180][T23947] shmem 8380416
[ 2899.564180][T23947] zswap 0
[ 2899.564180][T23947] zswapped 0
[ 2899.564180][T23947] file_mapped 405504
[ 2899.564180][T23947] file_dirty 0
[ 2899.564180][T23947] file_writeback 0
[ 2899.564180][T23947] swapcached 0
[ 2899.564180][T23947] anon_thp 0
[ 2899.564180][T23947] file_thp 0
[ 2899.564180][T23947] shmem_thp 0
[ 2899.564180][T23947] inactive_anon 4096
[ 2899.564180][T23947] active_anon 8491008
[ 2899.564180][T23947] inactive_file 0
[ 2899.564180][T23947] active_file 0
[ 2899.564180][T23947] unevictable 0
[ 2899.564180][T23947] slab_reclaimable 38216
[ 2899.564180][T23947] slab_unreclaimable 300379744
[ 2899.564180][T23947] slab 300417960
[ 2899.564180][T23947] workingset_refault_anon 0
[ 2899.564180][T23947] workingset_refault_file 0
[ 2899.564180][T23947] workingset_activate_anon 0
[ 2899.564180][T23947] workingset_activate_file 0
[ 2899.564180][T23947] workingset_restore_anon 0
[ 2899.564180][T23947] workingset_restore_file 0
[ 2899.564180][T23947] workingset_nodereclaim 0
[ 2899.564180][T23947] pgscan 0
[ 2899.564180][T23947] pgsteal 0
[ 2899.564180][T23947] pgscan_kswapd 0
[ 2899.564180][T23947] pgscan_direct 0
[ 2899.564180][T23947] pgscan_khugepaged 0
[ 2899.564180][T23947] pgsteal_kswapd 0
[ 2899.564180][T23947] pgsteal_direct 0
[ 2899.564180][T23947] pgsteal_khugepaged 0
[ 2899.564180][T23947] pgfault 388087
[ 2899.564180][T23947] pgmajfault 0
[ 2899.564180][T23947] pgrefill 0
[ 2899.564180][T23947] pgactivate 0
[ 2899.564180][T23947] pgdeactivate 0
[ 2899.564180][T23947] pglazyfree 0
[ 2899.564180][T23947] pglazyfreed 0
[ 2899.564180][T23947] zswpin 0
[ 2899.564180][T23947] zswpout 0
[ 2899.564180][T23947] thp_fault_alloc 0
[ 2899.757078][   T28] INFO: task kworker/0:3:13815 blocked for more than 143 seconds.
[ 2899.777049][T23947] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23947,uid=0
[ 2899.785039][   T28]       Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2899.795755][T23947] Memory cgroup out of memory: Killed process 23947 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
13:49:14 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) (async, rerun: 32)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0) (async, rerun: 32)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r5=>0x0})
r6 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r5}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x4, 0x2, 0x0, 0x1, {0x3, 0x5, 0x0, 0x0, [{0x8}, {0x8}, {0x8, 0xc}]}}]}]}, 0x44}}, 0x0) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0x44, r8, 0x7562f43b63fde81f, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_FRAME={0x27, 0x33, @action={@with_ht={{{}, {}, @device_a, @device_b}}, @channel_switch={0x0, 0x4, {{0x25, 0x3}, @void, @void}}}}]}, 0x44}}, 0x0) (async, rerun: 64)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f00000003c0)={{0x1, 0x1, 0x18, <r10=>r1}, './file0\x00'}) (async, rerun: 64)
r11 = syz_genetlink_get_family_id$batadv(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000840)={0x5c, r11, 0x0, 0x70bd2b, 0x25dfdbfd, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x79505edd}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x5c}, 0x1, 0x0, 0x0, 0x804}, 0x20040000) (async, rerun: 32)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r10, &(0x7f00000005c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x44, r11, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xfffffc00}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x4}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r5}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000010}, 0x40) (async, rerun: 32)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r12=>0x0})
sendmsg$NL80211_CMD_SET_MPATH(r6, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)={0x64, r8, 0x20, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r12}, @val={0xc, 0x99, {0x14fb, 0x77}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x64}, 0x1, 0x0, 0x0, 0x400c0}, 0x84c)
r13 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r13, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2899.832545][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2899.854948][   T28] task:kworker/0:3     state:D stack:25016 pid:13815 ppid:2      flags:0x00004000
[ 2899.895228][   T28] Workqueue: usb_hub_wq hub_event
[ 2899.904943][   T28] Call Trace:
[ 2899.911846][   T28]  <TASK>
[ 2899.914927][   T28]  __schedule+0xc9a/0x5880
[ 2899.932950][   T28]  ? vhci_urb_dequeue+0x348/0x760
[ 2899.936168][T23951] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2899.950753][   T28]  ? find_held_lock+0x2d/0x110
[ 2899.955671][   T28]  ? io_schedule_timeout+0x150/0x150
[ 2899.971227][T23951] CPU: 1 PID: 23951 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2899.980575][   T28]  ? lock_downgrade+0x690/0x690
[ 2899.981773][T23951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2899.986620][   T28]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2899.996659][T23951] Call Trace:
[ 2899.996671][T23951]  <TASK>
[ 2899.996679][T23951]  dump_stack_lvl+0x136/0x150
[ 2899.996705][T23951]  dump_header+0x10a/0xd70
[ 2899.996733][T23951]  oom_kill_process+0x25d/0x600
[ 2900.022237][T23951]  out_of_memory+0x35c/0x1660
[ 2900.026969][T23951]  ? find_held_lock+0x2d/0x110
[ 2900.031775][T23951]  ? oom_killer_disable+0x2b0/0x2b0
[ 2900.037360][T23951]  ? rcu_read_unlock+0x9/0x60
[ 2900.042246][T23951]  ? find_held_lock+0x2d/0x110
[ 2900.047123][T23951]  mem_cgroup_out_of_memory+0x206/0x270
[ 2900.052700][T23951]  ? mem_cgroup_margin+0x130/0x130
[ 2900.057826][T23951]  ? lock_downgrade+0x690/0x690
[ 2900.062823][T23951]  try_charge_memcg+0xf99/0x13a0
[ 2900.067813][T23951]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2900.073865][T23951]  ? rcu_read_unlock+0x9/0x60
[ 2900.078580][T23951]  ? lock_downgrade+0x690/0x690
[ 2900.083499][T23951]  charge_memcg+0x90/0x3b0
[ 2900.087967][T23951]  __mem_cgroup_charge+0x2b/0x90
[ 2900.092933][T23951]  __handle_mm_fault+0x2296/0x41c0
[ 2900.098606][T23951]  ? mt_find+0x3b9/0xa60
[ 2900.103058][T23951]  ? vm_iomap_memory+0x190/0x190
[ 2900.108009][T23951]  ? mas_find+0x200/0x200
[ 2900.112375][T23951]  handle_mm_fault+0x2af/0x9f0
[ 2900.117154][T23951]  do_user_addr_fault+0x51a/0x1210
[ 2900.122288][T23951]  exc_page_fault+0x98/0x170
[ 2900.126982][T23951]  asm_exc_page_fault+0x26/0x30
[ 2900.131861][T23951] RIP: 0033:0x7f403683b96f
[ 2900.136280][T23951] Code: ff ff 4d 89 cd 48 85 c0 74 19 8b 95 44 ff ff ff 48 29 c6 48 01 c7 e8 10 09 05 00 85 c0 0f 85 0b 03 00 00 48 8b 85 48 ff ff ff <41> c7 45 18 01 00 00 00 4c 89 ef 49 89 85 90 06 00 00 48 8b 85 50
[ 2900.155898][T23951] RSP: 002b:00007f4036acfac0 EFLAGS: 00010246
[ 2900.161975][T23951] RAX: 00007f4037653000 RBX: 0000000000021000 RCX: 00007f403688c277
[ 2900.169954][T23951] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f4037654000
[ 2900.177942][T23951] RBP: 00007f4036acfb90 R08: 00000000ffffffff R09: 00007f4037673700
[ 2900.185922][T23951] R10: 0000000000020022 R11: 0000000000000206 R12: 00007f4036acfcb0
[ 2900.193909][T23951] R13: 00007f4037673700 R14: 0000000000000000 R15: 0000000000022000
[ 2900.202015][T23951]  </TASK>
[ 2900.232332][T23951] memory: usage 307200kB, limit 307200kB, failcnt 20957
[ 2900.240908][   T28]  ? lockdep_hardirqs_on+0x7d/0x100
[ 2900.244442][T23951] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2900.250819][   T28]  schedule+0xde/0x1a0
[ 2900.259739][   T28]  usb_kill_urb.part.0+0x19a/0x220
[ 2900.269669][   T28]  ? usb_anchor_suspend_wakeups+0x40/0x40
[ 2900.275031][T23951] Memory cgroup stats for /syz4:
[ 2900.275689][T23951] anon 106496
[ 2900.275689][T23951] file 8380416
[ 2900.275689][T23951] kernel 306069504
[ 2900.275689][T23951] kernel_stack 32768
[ 2900.275689][T23951] pagetables 77824
[ 2900.275689][T23951] sec_pagetables 0
[ 2900.275689][T23951] percpu 5477376
[ 2900.275689][T23951] sock 0
[ 2900.275689][T23951] vmalloc 0
[ 2900.275689][T23951] shmem 8380416
[ 2900.275689][T23951] zswap 0
[ 2900.275689][T23951] zswapped 0
[ 2900.275689][T23951] file_mapped 405504
[ 2900.275689][T23951] file_dirty 0
[ 2900.275689][T23951] file_writeback 0
[ 2900.275689][T23951] swapcached 0
[ 2900.275689][T23951] anon_thp 0
[ 2900.275689][T23951] file_thp 0
[ 2900.275689][T23951] shmem_thp 0
[ 2900.275689][T23951] inactive_anon 4096
[ 2900.275689][T23951] active_anon 8482816
[ 2900.275689][T23951] inactive_file 0
[ 2900.275689][T23951] active_file 0
[ 2900.275689][T23951] unevictable 0
[ 2900.275689][T23951] slab_reclaimable 50216
[ 2900.275689][T23951] slab_unreclaimable 300395168
[ 2900.275689][T23951] slab 300445384
[ 2900.275689][T23951] workingset_refault_anon 0
[ 2900.275689][T23951] workingset_refault_file 0
[ 2900.275689][T23951] workingset_activate_anon 0
[ 2900.275689][T23951] workingset_activate_file 0
[ 2900.275689][T23951] workingset_restore_anon 0
[ 2900.275689][T23951] workingset_restore_file 0
[ 2900.275689][T23951] workingset_nodereclaim 0
[ 2900.275689][T23951] pgscan 0
[ 2900.275689][T23951] pgsteal 0
[ 2900.275689][T23951] pgscan_kswapd 0
[ 2900.275689][T23951] pgscan_direct 0
[ 2900.275689][T23951] pgscan_khugepaged 0
[ 2900.275689][T23951] pgsteal_kswapd 0
[ 2900.275689][T23951] pgsteal_direct 0
[ 2900.275689][T23951] pgsteal_khugepaged 0
[ 2900.275689][T23951] pgfault 388123
[ 2900.275689][T23951] pgmajfault 0
[ 2900.275689][T23951] pgrefill 0
[ 2900.275689][T23951] pgactivate 0
[ 2900.275689][T23951] pgdeactivate 0
[ 2900.275689][T23951] pglazyfree 0
[ 2900.275689][T23951] pglazyfreed 0
[ 2900.275689][T23951] zswpin 0
[ 2900.275689][T23951] zswpout 0
[ 2900.275689][T23951] thp_fault_alloc 0
[ 2900.288357][   T28]  ? prepare_to_swait_exclusive+0x240/0x240
[ 2900.470727][T23951] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23951,uid=0
13:49:14 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800feff0f9ab11616fb3f7ec0b112155d442dae", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=@ipv4_newroute={0x2c, 0x18, 0x300, 0x70bd28, 0x25dfdbfb, {0x2, 0x80, 0x10, 0x2, 0xfd, 0x0, 0xfe, 0x4}, [@RTA_GATEWAY={0x8, 0x5, @empty}, @RTA_PREFSRC={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20048850}, 0x4010)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2900.488955][T23951] Memory cgroup out of memory: Killed process 23951 (syz-executor.4) total-vm:50708kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 2900.533362][   T28]  usb_kill_urb+0x83/0xa0
[ 2900.550987][   T28]  usb_start_wait_urb+0x24a/0x4b0
[ 2900.561693][   T28]  ? usb_api_blocking_completion+0xa0/0xa0
[ 2900.579622][   T28]  ? usb_alloc_urb+0xa4/0xb0
[ 2900.590178][   T28]  ? rcu_is_watching+0x12/0xb0
[ 2900.600349][   T28]  ? __kmalloc+0xf2/0x190
[ 2900.610509][   T28]  usb_control_msg+0x320/0x4a0
[ 2900.621855][   T28]  ? usb_start_wait_urb+0x4b0/0x4b0
[ 2900.630176][T23952] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[ 2900.642644][   T28]  usb_get_descriptor+0xe1/0x1d0
[ 2900.648241][   T28]  usb_get_device_descriptor+0x85/0xf0
[ 2900.653928][T23952] CPU: 0 PID: 23952 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2900.665442][T23952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2900.675532][T23952] Call Trace:
[ 2900.678839][T23952]  <TASK>
[ 2900.681793][T23952]  dump_stack_lvl+0x136/0x150
[ 2900.686511][T23952]  dump_header+0x10a/0xd70
[ 2900.690986][T23952]  oom_kill_process+0x25d/0x600
[ 2900.695874][T23952]  out_of_memory+0x35c/0x1660
[ 2900.700593][T23952]  ? find_held_lock+0x2d/0x110
[ 2900.705408][T23952]  ? oom_killer_disable+0x2b0/0x2b0
[ 2900.710649][T23952]  ? rcu_read_unlock+0x9/0x60
[ 2900.715372][T23952]  ? find_held_lock+0x2d/0x110
[ 2900.720188][T23952]  mem_cgroup_out_of_memory+0x206/0x270
[ 2900.725786][T23952]  ? mem_cgroup_margin+0x130/0x130
[ 2900.730941][T23952]  ? lock_downgrade+0x690/0x690
[ 2900.735940][T23952]  try_charge_memcg+0xf99/0x13a0
[ 2900.740941][T23952]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2900.746972][T23952]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2900.752750][T23952]  ? lock_downgrade+0x690/0x690
[ 2900.757654][T23952]  ? lock_downgrade+0x690/0x690
[ 2900.762567][T23952]  __memcg_kmem_charge_page+0x16e/0x3c0
[ 2900.768175][T23952]  __alloc_pages+0x1f3/0x4a0
[ 2900.772809][T23952]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 2900.779616][T23952]  ? __lock_acquire+0xc17/0x5f30
[ 2900.784615][T23952]  ? find_held_lock+0x2d/0x110
[ 2900.789432][T23952]  alloc_pages+0x1aa/0x270
[ 2900.793891][T23952]  get_zeroed_page+0x14/0x40
[ 2900.798525][T23952]  __pud_alloc+0x3b/0x180
[ 2900.802891][T23952]  __handle_mm_fault+0x839/0x41c0
[ 2900.807951][T23952]  ? mt_find+0x3b9/0xa60
[ 2900.812334][T23952]  ? vm_iomap_memory+0x190/0x190
[ 2900.817397][T23952]  ? mas_find+0x200/0x200
[ 2900.821800][T23952]  handle_mm_fault+0x2af/0x9f0
[ 2900.826707][T23952]  do_user_addr_fault+0x51a/0x1210
[ 2900.831878][T23952]  exc_page_fault+0x98/0x170
[ 2900.836520][T23952]  asm_exc_page_fault+0x26/0x30
[ 2900.841415][T23952] RIP: 0033:0x7f4036827766
[ 2900.845868][T23952] Code: ff ff 66 90 48 8b 0d 89 df ca 00 4c 63 05 72 df ca 00 48 8b 05 73 df ca 00 49 01 c8 48 39 c8 72 13 4c 39 c0 73 0e 48 8d 50 04 <89> 38 48 89 15 59 df ca 00 c3 52 48 8d 35 e2 f1 0b 00 48 89 c2 48
[ 2900.865786][T23952] RSP: 002b:00007f4036acfb98 EFLAGS: 00010287
[ 2900.871898][T23952] RAX: 0000001b2dd20000 RBX: 0000000000000003 RCX: 0000001b2dd20000
[ 2900.879903][T23952] RDX: 0000001b2dd20004 RSI: 00000000003c0000 RDI: 0000000000000000
[ 2900.888695][T23952] RBP: 0000000000000000 R08: 0000001b2e120000 R09: 0000000000040000
[ 2900.896703][T23952] R10: 0000000000000011 R11: 0000000000000000 R12: 0000000000000001
[ 2900.904720][T23952] R13: 0000000000000000 R14: 0000000000000001 R15: 00007f4036acfe40
[ 2900.912738][T23952]  </TASK>
[ 2900.927905][   T28]  hub_port_init+0x859/0x3900
[ 2900.932752][   T28]  hub_event+0x2b89/0x4e40
[ 2900.937868][   T28]  ? hub_port_debounce+0x3b0/0x3b0
[ 2900.943109][   T28]  ? lock_sync+0x190/0x190
[ 2900.948162][   T28]  ? lock_downgrade+0x690/0x690
[ 2900.953145][   T28]  ? do_raw_spin_lock+0x124/0x2b0
[ 2900.958736][   T28]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2900.964087][   T28]  process_one_work+0x99a/0x15e0
[ 2900.969651][   T28]  ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 2900.975186][   T28]  ? spin_bug+0x1c0/0x1c0
[ 2900.980106][   T28]  ? _raw_spin_lock_irq+0x45/0x50
[ 2900.985259][   T28]  worker_thread+0x67d/0x10c0
[ 2900.992678][   T28]  ? process_one_work+0x15e0/0x15e0
[ 2900.998421][   T28]  kthread+0x344/0x440
[ 2901.002633][   T28]  ? kthread_complete_and_exit+0x40/0x40
[ 2901.009016][   T28]  ret_from_fork+0x1f/0x30
[ 2901.013679][   T28]  </TASK>
[ 2901.016824][   T28] 
[ 2901.016824][   T28] Showing all locks held in the system:
[ 2901.025331][   T28] 1 lock held by rcu_tasks_kthre/13:
[ 2901.034106][T23935] __nla_validate_parse: 22 callbacks suppressed
[ 2901.034127][T23935] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
13:49:15 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800000010000107000000000000000000040000", @ANYRES32=r1, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r1, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x4501000000000000)

[ 2901.058136][   T28]  #0: ffffffff8c7984b0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x31/0xd80
[ 2901.076903][   T28] 1 lock held by rcu_tasks_trace/14:
[ 2901.094820][   T28]  #0: ffffffff8c7981b0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x31/0xd80
[ 2901.123249][   T28] 1 lock held by khungtaskd/28:
[ 2901.136291][   T28]  #0: ffffffff8c7990c0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x340
[ 2901.153108][T23952] memory: usage 307152kB, limit 307200kB, failcnt 21027
[ 2901.160924][   T28] 3 locks held by kworker/1:2/758:
[ 2901.175311][T23952] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2901.178796][   T28]  #0: ffff888012470d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x883/0x15e0
[ 2901.197584][T23952] Memory cgroup stats for /syz4:
[ 2901.197801][T23952] anon 102400
[ 2901.197801][T23952] file 8380416
[ 2901.197801][T23952] kernel 306040832
[ 2901.197801][T23952] kernel_stack 32768
[ 2901.197801][T23952] pagetables 61440
[ 2901.197801][T23952] sec_pagetables 0
[ 2901.197801][T23952] percpu 5477376
[ 2901.197801][T23952] sock 0
[ 2901.197801][T23952] vmalloc 0
[ 2901.197801][T23952] shmem 8380416
[ 2901.197801][T23952] zswap 0
[ 2901.197801][T23952] zswapped 0
[ 2901.197801][T23952] file_mapped 405504
[ 2901.197801][T23952] file_dirty 0
[ 2901.197801][T23952] file_writeback 0
[ 2901.197801][T23952] swapcached 0
[ 2901.197801][T23952] anon_thp 0
[ 2901.197801][T23952] file_thp 0
[ 2901.197801][T23952] shmem_thp 0
[ 2901.197801][T23952] inactive_anon 4096
[ 2901.197801][T23952] active_anon 8478720
[ 2901.197801][T23952] inactive_file 0
[ 2901.197801][T23952] active_file 0
[ 2901.197801][T23952] unevictable 0
[ 2901.197801][T23952] slab_reclaimable 50216
[ 2901.197801][T23952] slab_unreclaimable 300383224
[ 2901.197801][T23952] slab 300433440
[ 2901.197801][T23952] workingset_refault_anon 0
[ 2901.197801][T23952] workingset_refault_file 0
[ 2901.197801][T23952] workingset_activate_anon 0
[ 2901.197801][T23952] workingset_activate_file 0
[ 2901.197801][T23952] workingset_restore_anon 0
[ 2901.197801][T23952] workingset_restore_file 0
[ 2901.197801][T23952] workingset_nodereclaim 0
[ 2901.197801][T23952] pgscan 0
[ 2901.197801][T23952] pgsteal 0
[ 2901.197801][T23952] pgscan_kswapd 0
[ 2901.197801][T23952] pgscan_direct 0
[ 2901.197801][T23952] pgscan_khugepaged 0
[ 2901.197801][T23952] pgsteal_kswapd 0
[ 2901.197801][T23952] pgsteal_direct 0
[ 2901.197801][T23952] pgsteal_khugepaged 0
[ 2901.197801][T23952] pgfault 388152
[ 2901.197801][T23952] pgmajfault 0
[ 2901.197801][T23952] pgrefill 0
[ 2901.197801][T23952] pgactivate 0
[ 2901.197801][T23952] pgdeactivate 0
[ 2901.197801][T23952] pglazyfree 0
[ 2901.197801][T23952] pglazyfreed 0
[ 2901.197801][T23952] zswpin 0
[ 2901.197801][T23952] zswpout 0
[ 2901.197801][T23952] thp_fault_alloc 0
[ 2901.211927][   T28]  #1: 
13:49:15 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4800feff0f9ab11616fb3f7ec0b112155d442dae", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000002c00270d000000000000000000000080", @ANYRES32=r2, @ANYBLOB="0000000000000000050000000b000100666c6f77657200000c0002"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=@ipv4_newroute={0x2c, 0x18, 0x300, 0x70bd28, 0x25dfdbfb, {0x2, 0x80, 0x10, 0x2, 0xfd, 0x0, 0xfe, 0x4}, [@RTA_GATEWAY={0x8, 0x5, @empty}, @RTA_PREFSRC={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20048850}, 0x4010) (async)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[ 2901.408207][T23952] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23952,uid=0
[ 2901.436758][T23952] Memory cgroup out of memory: Killed process 23952 (syz-executor.4) total-vm:54416kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:64kB oom_score_adj:1000
[ 2901.475465][   T28] ffffc90003eafdb0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x8b7/0x15e0
[ 2901.523370][   T28]  #2: ffffffff8e115368 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xf/0x70
[ 2901.551048][   T28] 2 locks held by getty/4756:
[ 2901.561558][   T28]  #0: ffff88802c862098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x26/0x80
[ 2901.576084][   T28]  #1: ffffc900015902f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xef4/0x13e0
[ 2901.594369][   T28] 2 locks held by kworker/0:0/25267:
[ 2901.600279][   T28]  #0: ffff888012472538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x883/0x15e0
[ 2901.634738][   T28]  #1: ffffc900065e7db0 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_one_work+0x8b7/0x15e0
[ 2901.658245][   T28] 5 locks held by kworker/0:3/13815:
[ 2901.663711][   T28]  #0: ffff888012eb5938 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x883/0x15e0
[ 2901.682968][   T28]  #1: ffffc9000c7b7db0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x8b7/0x15e0
[ 2901.686781][T23957] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[ 2901.696371][   T28]  #2: ffff888143333190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1c0/0x4e40
[ 2901.726525][   T28]  #3: ffff8881433f04f8 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x278e/0x4e40
[ 2901.747473][   T28]  #4: ffff888022704168 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_event+0x27c3/0x4e40
[ 2901.750926][T23957] CPU: 0 PID: 23957 Comm: syz-executor.4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2901.764954][   T28] 1 lock held by syz-executor.1/23927:
[ 2901.767617][T23957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2901.767635][T23957] Call Trace:
[ 2901.767643][T23957]  <TASK>
[ 2901.767654][T23957]  dump_stack_lvl+0x136/0x150
[ 2901.767683][T23957]  dump_header+0x10a/0xd70
[ 2901.767711][T23957]  oom_kill_process+0x25d/0x600
[ 2901.767736][T23957]  out_of_memory+0x35c/0x1660
[ 2901.767764][T23957]  ? find_held_lock+0x2d/0x110
[ 2901.774245][   T28]  #0: 
[ 2901.783270][T23957]  ? oom_killer_disable+0x2b0/0x2b0
[ 2901.783304][T23957]  ? rcu_read_unlock+0x9/0x60
[ 2901.783333][T23957]  ? find_held_lock+0x2d/0x110
[ 2901.783364][T23957]  mem_cgroup_out_of_memory+0x206/0x270
[ 2901.783395][T23957]  ? mem_cgroup_margin+0x130/0x130
[ 2901.783422][T23957]  ? lock_downgrade+0x690/0x690
[ 2901.783469][T23957]  try_charge_memcg+0xf99/0x13a0
[ 2901.783515][T23957]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2901.783553][T23957]  ? get_mem_cgroup_from_objcg+0xa1/0x280
[ 2901.794451][   T28] ffffffff8e115368
[ 2901.798841][T23957]  ? lock_downgrade+0x690/0x690
[ 2901.798883][T23957]  ? lock_downgrade+0x690/0x690
[ 2901.798926][T23957]  __memcg_kmem_charge_page+0x16e/0x3c0
[ 2901.798969][T23957]  __alloc_pages+0x1f3/0x4a0
[ 2901.799007][T23957]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 2901.804566][   T28]  (
[ 2901.808494][T23957]  ? find_held_lock+0x2d/0x110
[ 2901.808535][T23957]  ? __pmd_alloc+0x307/0x5d0
[ 2901.808558][T23957]  ? lock_downgrade+0x690/0x690
[ 2901.808594][T23957]  ? do_raw_spin_lock+0x124/0x2b0
[ 2901.808630][T23957]  alloc_pages+0x1aa/0x270
[ 2901.808667][T23957]  pte_alloc_one+0x1a/0x230
[ 2901.808703][T23957]  __do_fault+0x433/0x600
[ 2901.808737][T23957]  ? __pud_alloc+0xe4/0x180
[ 2901.808763][T23957]  __handle_mm_fault+0x24c9/0x41c0
[ 2901.808791][T23957]  ? mt_find+0x3b9/0xa60
[ 2901.808824][T23957]  ? vm_iomap_memory+0x190/0x190
[ 2901.808849][T23957]  ? mas_find+0x200/0x200
[ 2901.808899][T23957]  handle_mm_fault+0x2af/0x9f0
[ 2901.808932][T23957]  do_user_addr_fault+0x51a/0x1210
[ 2901.808972][T23957]  exc_page_fault+0x98/0x170
[ 2901.809004][T23957]  asm_exc_page_fault+0x26/0x30
[ 2901.809042][T23957] RIP: 0033:0x7f4036827766
[ 2901.809063][T23957] Code: ff ff 66 90 48 8b 0d 89 df ca 00 4c 63 05 72 df ca 00 48 8b 05 73 df ca 00 49 01 c8 48 39 c8 72 13 4c 39 c0 73 0e 48 8d 50 04 <89> 38 48 89 15 59 df ca 00 c3 52 48 8d 35 e2 f1 0b 00 48 89 c2 48
[ 2901.809085][T23957] RSP: 002b:00007f4036acfb98 EFLAGS: 00010287
[ 2901.809106][T23957] RAX: 0000001b2dd20000 RBX: 0000000000000003 RCX: 0000001b2dd20000
[ 2901.809123][T23957] RDX: 0000001b2dd20004 RSI: 00000000ffffff9c RDI: 0000000000000000
[ 2901.809139][T23957] RBP: 0000000000000000 R08: 0000001b2dd60000 R09: 00007f4036acf7f0
[ 2901.809156][T23957] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000001
[ 2901.809169][T23957] R13: 0000000000000000 R14: 0000000000000001 R15: 00007f4036acfe40
[ 2901.809205][T23957]  </TASK>
[ 2901.949726][T23957] memory: usage 307200kB, limit 307200kB, failcnt 21082
[ 2901.983923][   T28] rtnl_mutex){+.+.}-{3:3}, at: tcf_proto_lookup_ops+0x13d/0x160
[ 2902.089659][   T28] 1 lock held by syz-executor.5/23937:
[ 2902.095287][   T28]  #0: ffffffff8e115368 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e8/0xd50
[ 2902.112416][   T28] 1 lock held by syz-executor.5/23942:
[ 2902.121818][   T28]  #0: ffffffff8e115368 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e8/0xd50
[ 2902.137397][T23957] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2902.144315][T23957] Memory cgroup stats for /syz4:
[ 2902.144528][T23957] anon 102400
[ 2902.144528][T23957] file 8380416
[ 2902.144528][T23957] kernel 306073600
[ 2902.144528][T23957] kernel_stack 32768
[ 2902.144528][T23957] pagetables 65536
[ 2902.144528][T23957] sec_pagetables 0
[ 2902.144528][T23957] percpu 5477376
[ 2902.144528][T23957] sock 0
[ 2902.144528][T23957] vmalloc 0
[ 2902.144528][T23957] shmem 8380416
[ 2902.144528][T23957] zswap 0
[ 2902.144528][T23957] zswapped 0
[ 2902.144528][T23957] file_mapped 405504
[ 2902.144528][T23957] file_dirty 0
[ 2902.144528][T23957] file_writeback 0
[ 2902.144528][T23957] swapcached 0
[ 2902.144528][T23957] anon_thp 0
[ 2902.144528][T23957] file_thp 0
[ 2902.144528][T23957] shmem_thp 0
[ 2902.144528][T23957] inactive_anon 4096
[ 2902.144528][T23957] active_anon 8478720
[ 2902.144528][T23957] inactive_file 0
[ 2902.144528][T23957] active_file 0
[ 2902.144528][T23957] unevictable 0
[ 2902.144528][T23957] slab_reclaimable 62216
[ 2902.144528][T23957] slab_unreclaimable 300398784
[ 2902.144528][T23957] slab 300461000
[ 2902.144528][T23957] workingset_refault_anon 0
[ 2902.144528][T23957] workingset_refault_file 0
[ 2902.144528][T23957] workingset_activate_anon 0
[ 2902.144528][T23957] workingset_activate_file 0
[ 2902.144528][T23957] workingset_restore_anon 0
[ 2902.144528][T23957] workingset_restore_file 0
[ 2902.144528][T23957] workingset_nodereclaim 0
[ 2902.144528][T23957] pgscan 0
[ 2902.144528][T23957] pgsteal 0
[ 2902.144528][T23957] pgscan_kswapd 0
[ 2902.144528][T23957] pgscan_direct 0
[ 2902.144528][T23957] pgscan_khugepaged 0
[ 2902.144528][T23957] pgsteal_kswapd 0
[ 2902.144528][T23957] pgsteal_direct 0
[ 2902.144528][T23957] pgsteal_khugepaged 0
[ 2902.144528][T23957] pgfault 388181
[ 2902.144528][T23957] pgmajfault 0
[ 2902.144528][T23957] pgrefill 0
[ 2902.144528][T23957] pgactivate 0
[ 2902.144528][T23957] pgdeactivate 0
[ 2902.144528][T23957] pglazyfree 0
[ 2902.144528][T23957] pglazyfreed 0
[ 2902.144528][T23957] zswpin 0
[ 2902.144528][T23957] zswpout 0
[ 2902.144528][T23957] thp_fault_alloc 0
[ 2902.338514][   T28] 1 lock held by syz-executor.5/23944:
[ 2902.344073][   T28]  #0: ffffffff8e115368 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e8/0xd50
[ 2902.353782][   T28] 2 locks held by syz-executor.5/23945:
[ 2902.359621][   T28]  #0: ffffffff8e1a8bb0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[ 2902.368108][   T28]  #1: ffffffff8e115368 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0xb4/0xab0
[ 2902.377612][   T28] 2 locks held by syz-executor.0/23935:
[ 2902.383183][   T28]  #0: ffffffff8e115368 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e8/0xd50
[ 2902.392834][   T28]  #1: ffffffff8c7a4538 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x64a/0x770
[ 2902.404159][   T28] 1 lock held by syz-executor.0/23936:
[ 2902.409793][   T28]  #0: ffffffff8e115368 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e8/0xd50
[ 2902.437438][   T28] 1 lock held by syz-executor.3/23941:
[ 2902.442969][   T28]  #0: ffffffff8e115368 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e8/0xd50
[ 2902.463603][   T28] 1 lock held by syz-executor.3/23943:
[ 2902.469278][   T28]  #0: ffffffff8e115368 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e8/0xd50
[ 2902.486302][   T28] 1 lock held by syz-executor.3/23946:
[ 2902.492473][   T28]  #0: ffffffff8e115368 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e8/0xd50
[ 2902.510550][   T28] 1 lock held by syz-executor.2/23954:
[ 2902.516080][   T28]  #0: ffffffff8e115368 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e8/0xd50
[ 2902.534013][   T28] 1 lock held by syz-executor.2/23955:
[ 2902.539606][   T28]  #0: ffffffff8e115368 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e8/0xd50
[ 2902.559809][   T28] 1 lock held by syz-executor.2/23956:
[ 2902.565348][   T28]  #0: ffffffff8e115368 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e8/0xd50
[ 2902.594747][   T28] 3 locks held by syz-executor.4/23957:
[ 2902.600618][   T28] 
[ 2902.606174][   T28] =============================================
[ 2902.606174][   T28] 
[ 2902.616433][T23937] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2902.628920][   T28] NMI backtrace for cpu 1
[ 2902.633290][   T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2902.643592][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2902.653691][   T28] Call Trace:
[ 2902.657080][   T28]  <TASK>
[ 2902.660040][   T28]  dump_stack_lvl+0xd9/0x150
[ 2902.664760][   T28]  nmi_cpu_backtrace+0x29c/0x350
[ 2902.670005][   T28]  ? lapic_can_unplug_cpu+0xa0/0xa0
[ 2902.675251][   T28]  nmi_trigger_cpumask_backtrace+0x2a4/0x300
[ 2902.681375][   T28]  watchdog+0xe16/0x1090
[ 2902.685647][   T28]  ? proc_dohung_task_timeout_secs+0x80/0x80
[ 2902.691648][   T28]  kthread+0x344/0x440
[ 2902.695731][   T28]  ? kthread_complete_and_exit+0x40/0x40
[ 2902.701383][   T28]  ret_from_fork+0x1f/0x30
[ 2902.705831][   T28]  </TASK>
[ 2902.708947][T23957] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23957,uid=0
[ 2902.709408][   T28] Sending NMI from CPU 1 to CPUs 0:
[ 2902.730741][    C0] NMI backtrace for cpu 0
[ 2902.730753][    C0] CPU: 0 PID: 6013 Comm: kworker/u4:4 Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2902.730774][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2902.730785][    C0] Workqueue: bat_events batadv_nc_worker
[ 2902.730922][    C0] RIP: 0010:check_preemption_disabled+0x1b/0x170
[ 2902.730951][    C0] Code: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 41 56 41 55 49 89 f5 41 54 55 48 89 fd 53 0f 1f 44 00 00 65 44 8b 25 c1 cc f3 75 <65> 8b 1d b6 cc f3 75 81 e3 ff ff ff 7f 31 ff 89 de 0f 1f 44 00 00
[ 2902.730968][    C0] RSP: 0018:ffffc9000b8dfba8 EFLAGS: 00000083
[ 2902.730981][    C0] RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffffffff818ae28b
[ 2902.730992][    C0] RDX: fffffbfff1cf4fe3 RSI: ffffffff8aa712c0 RDI: ffffffff8aa71300
[ 2902.731005][    C0] RBP: ffffffff8aa71300 R08: 0000000000000000 R09: ffffffff8e7a7f17
[ 2902.731017][    C0] R10: fffffbfff1cf4fe2 R11: 1ffffffff18f47d1 R12: 0000000000000000
[ 2902.731029][    C0] R13: ffffffff8aa712c0 R14: dffffc0000000000 R15: ffffffff89dac870
[ 2902.731041][    C0] FS:  0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[ 2902.731060][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2902.731073][    C0] CR2: 0000555555ea9848 CR3: 0000000181e6f000 CR4: 00000000003506f0
[ 2902.731085][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2902.731096][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2902.731108][    C0] Call Trace:
[ 2902.731113][    C0]  <NMI>
[ 2902.731120][    C0]  ? nmi_cpu_backtrace+0x1d0/0x350
[ 2902.731150][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x10
[ 2902.731169][    C0]  ? nmi_handle+0x13d/0x400
[ 2902.731198][    C0]  ? check_preemption_disabled+0x1b/0x170
[ 2902.731222][    C0]  ? default_do_nmi+0x6b/0x170
[ 2902.731241][    C0]  ? exc_nmi+0x171/0x1e0
[ 2902.731259][    C0]  ? end_repeat_nmi+0x16/0x31
[ 2902.731295][    C0]  ? batadv_nc_to_purge_nc_path_decoding+0x160/0x160
[ 2902.731320][    C0]  ? trace_hardirqs_off+0x5b/0x120
[ 2902.731348][    C0]  ? check_preemption_disabled+0x1b/0x170
[ 2902.731372][    C0]  ? check_preemption_disabled+0x1b/0x170
[ 2902.731396][    C0]  ? check_preemption_disabled+0x1b/0x170
[ 2902.731420][    C0]  </NMI>
[ 2902.731425][    C0]  <TASK>
[ 2902.731430][    C0]  ? __local_bh_enable_ip+0xc7/0x130
[ 2902.731458][    C0]  rcu_is_watching+0x12/0xb0
[ 2902.731487][    C0]  ? __local_bh_enable_ip+0xc7/0x130
[ 2902.731508][    C0]  trace_hardirqs_off+0x6a/0x120
[ 2902.731535][    C0]  ? batadv_nc_purge_paths+0x1cc/0x3c0
[ 2902.731555][    C0]  __local_bh_enable_ip+0xc7/0x130
[ 2902.731576][    C0]  batadv_nc_purge_paths+0x1cc/0x3c0
[ 2902.731600][    C0]  batadv_nc_worker+0x8fa/0xfe0
[ 2902.731625][    C0]  process_one_work+0x99a/0x15e0
[ 2902.731655][    C0]  ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 2902.731682][    C0]  ? spin_bug+0x1c0/0x1c0
[ 2902.731707][    C0]  ? _raw_spin_lock_irq+0x45/0x50
[ 2902.731734][    C0]  worker_thread+0x67d/0x10c0
[ 2902.731764][    C0]  ? process_one_work+0x15e0/0x15e0
[ 2902.731789][    C0]  kthread+0x344/0x440
[ 2902.731810][    C0]  ? kthread_complete_and_exit+0x40/0x40
[ 2902.731834][    C0]  ret_from_fork+0x1f/0x30
[ 2902.731865][    C0]  </TASK>
[ 2902.798885][T23936] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2902.877475][T23957] Memory cgroup out of memory: Killed process 23957 (syz-executor.4) total-vm:50576kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2902.972137][T23942] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2903.027510][   T28] Kernel panic - not syncing: hung_task: blocked tasks
[ 2903.027526][   T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.4.0-rc5-syzkaller-00002-gf8dba31b0a82 #0
[ 2903.027551][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 2903.027564][   T28] Call Trace:
[ 2903.027572][   T28]  <TASK>
[ 2903.027582][   T28]  dump_stack_lvl+0xd9/0x150
[ 2903.027612][   T28]  panic+0x686/0x730
[ 2903.027647][   T28]  ? panic_smp_self_stop+0xa0/0xa0
[ 2903.027684][   T28]  ? lapic_can_unplug_cpu+0xa0/0xa0
[ 2903.027708][   T28]  ? preempt_schedule_thunk+0x1a/0x20
[ 2903.027746][   T28]  ? watchdog+0xbe8/0x1090
[ 2903.027784][   T28]  watchdog+0xbf9/0x1090
[ 2903.027818][   T28]  ? proc_dohung_task_timeout_secs+0x80/0x80
[ 2903.027854][   T28]  kthread+0x344/0x440
[ 2903.027881][   T28]  ? kthread_complete_and_exit+0x40/0x40
[ 2903.027914][   T28]  ret_from_fork+0x1f/0x30
[ 2903.027959][   T28]  </TASK>
[ 2903.030513][   T28] Kernel Offset: disabled
[ 2903.178284][   T28] Rebooting in 86400 seconds..