endmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xf201}, 0x0) 09:53:28 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:28 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) (async) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) (async) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) (async) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) (async) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) (async) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r10) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, r11, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, ']\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x2c}}, 0x0) r13 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r14 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r15 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r14) sendmsg$IEEE802154_LLSEC_ADD_DEV(r13, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000c40)={0x14, r15, 0x201, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) (async) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000440)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_SET_SHORT_ADDR(r14, &(0x7f0000000500)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r8, 0x20, 0x70bd26, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r16}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48000}, 0x804) (async) sendmsg$IEEE802154_LIST_IFACE(r12, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r15, 0x400, 0x70bd2c, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) (async) sendmsg$IEEE802154_LLSEC_GETPARAMS(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000328bd7000ffdbdf252400000008000200", @ANYRES32=0x0, @ANYBLOB="0a0001007770616e3400000008000200", @ANYRES32=r5, @ANYBLOB="0a0001007770616e34000000000000000005616e3300000008000200", @ANYRES32=r9, @ANYBLOB], 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 09:53:28 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0x7a00) 09:53:28 executing program 4: ioctl$sock_SIOCGIFBR(0xffffffffffffffff, 0x8940, &(0x7f0000000300)=@add_del={0x2, &(0x7f0000000240)='ipvlan1\x00'}) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6erspan0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="2000000010000104000100"/20, @ANYRES32=r1, @ANYBLOB="da301bc605e98826edd05916"], 0x20}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000040)={&(0x7f0000000140)=@ipv4_getaddr={0x48, 0x16, 0x0, 0x70bd25, 0x25dfdbff, {0x2, 0x3f, 0x0, 0xff, r1}, [@IFA_LOCAL={0x8, 0x2, @remote}, @IFA_ADDRESS={0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, @IFA_FLAGS={0x8, 0x8, 0x4}, @IFA_RT_PRIORITY={0x8, 0x9, 0x3}, @IFA_LOCAL={0x8, 0x2, @loopback}, @IFA_RT_PRIORITY={0x8, 0x9, 0x7}]}, 0x48}}, 0x20000844) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=@mpls_getroute={0x38, 0x1a, 0x1, 0x70bd2d, 0x25dfdbff, {0x1c, 0x14, 0x10, 0x5, 0xfd, 0x0, 0xfd, 0x0, 0x100}, [@RTA_VIA={0x14, 0x12, {0x28, "195bd60d274eaab7594356691b3d"}}, @RTA_DST={0x8, 0x1, {0x0, 0x0, 0x1}}]}, 0x38}, 0x1, 0x48, 0x0, 0x4000}, 0x0) ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000280)=0x7fffffffffffffff) ioctl$sock_SIOCGIFBR(0xffffffffffffffff, 0x8940, &(0x7f0000000300)=@add_del={0x2, &(0x7f0000000240)='ipvlan1\x00'}) (async) socket$nl_route(0x10, 0x3, 0x0) (async) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6erspan0\x00'}) (async) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="2000000010000104000100"/20, @ANYRES32=r1, @ANYBLOB="da301bc605e98826edd05916"], 0x20}}, 0x0) (async) sendmsg$nl_route(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000040)={&(0x7f0000000140)=@ipv4_getaddr={0x48, 0x16, 0x0, 0x70bd25, 0x25dfdbff, {0x2, 0x3f, 0x0, 0xff, r1}, [@IFA_LOCAL={0x8, 0x2, @remote}, @IFA_ADDRESS={0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, @IFA_FLAGS={0x8, 0x8, 0x4}, @IFA_RT_PRIORITY={0x8, 0x9, 0x3}, @IFA_LOCAL={0x8, 0x2, @loopback}, @IFA_RT_PRIORITY={0x8, 0x9, 0x7}]}, 0x48}}, 0x20000844) (async) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=@mpls_getroute={0x38, 0x1a, 0x1, 0x70bd2d, 0x25dfdbff, {0x1c, 0x14, 0x10, 0x5, 0xfd, 0x0, 0xfd, 0x0, 0x100}, [@RTA_VIA={0x14, 0x12, {0x28, "195bd60d274eaab7594356691b3d"}}, @RTA_DST={0x8, 0x1, {0x0, 0x0, 0x1}}]}, 0x38}, 0x1, 0x48, 0x0, 0x4000}, 0x0) (async) ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000280)=0x7fffffffffffffff) (async) 09:53:28 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0xffffff9e}, 0x0) [ 2514.045186][T24392] Memory cgroup out of memory: Killed process 24392 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 09:53:28 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x2, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:28 executing program 4: ioctl$sock_SIOCGIFBR(0xffffffffffffffff, 0x8940, &(0x7f0000000300)=@add_del={0x2, &(0x7f0000000240)='ipvlan1\x00'}) (async) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6erspan0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="2000000010000104000100"/20, @ANYRES32=r1, @ANYBLOB="da301bc605e98826edd05916"], 0x20}}, 0x0) (async) sendmsg$nl_route(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000040)={&(0x7f0000000140)=@ipv4_getaddr={0x48, 0x16, 0x0, 0x70bd25, 0x25dfdbff, {0x2, 0x3f, 0x0, 0xff, r1}, [@IFA_LOCAL={0x8, 0x2, @remote}, @IFA_ADDRESS={0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, @IFA_FLAGS={0x8, 0x8, 0x4}, @IFA_RT_PRIORITY={0x8, 0x9, 0x3}, @IFA_LOCAL={0x8, 0x2, @loopback}, @IFA_RT_PRIORITY={0x8, 0x9, 0x7}]}, 0x48}}, 0x20000844) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=@mpls_getroute={0x38, 0x1a, 0x1, 0x70bd2d, 0x25dfdbff, {0x1c, 0x14, 0x10, 0x5, 0xfd, 0x0, 0xfd, 0x0, 0x100}, [@RTA_VIA={0x14, 0x12, {0x28, "195bd60d274eaab7594356691b3d"}}, @RTA_DST={0x8, 0x1, {0x0, 0x0, 0x1}}]}, 0x38}, 0x1, 0x48, 0x0, 0x4000}, 0x0) (async) ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000280)=0x7fffffffffffffff) [ 2514.185987][T24447] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 09:53:28 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x3, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:28 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0xffffff7f}, 0x0) [ 2514.338340][T24438] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2514.375455][T24449] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. 09:53:28 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x4, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2514.451749][T24438] CPU: 0 PID: 24438 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2514.462240][T24438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2514.472333][T24438] Call Trace: [ 2514.475646][T24438] [ 2514.478608][T24438] dump_stack_lvl+0xd1/0x138 [ 2514.483247][T24438] dump_header+0x10b/0x85f [ 2514.487722][T24438] oom_kill_process.cold+0x10/0x15 [ 2514.492892][T24438] out_of_memory+0x35c/0x14a0 [ 2514.497627][T24438] ? find_held_lock+0x2d/0x110 [ 2514.502438][T24438] ? oom_killer_disable+0x280/0x280 [ 2514.507694][T24438] ? find_held_lock+0x2d/0x110 [ 2514.512517][T24438] mem_cgroup_out_of_memory+0x206/0x270 [ 2514.518115][T24438] ? mem_cgroup_margin+0x130/0x130 [ 2514.523274][T24438] ? lock_downgrade+0x6e0/0x6e0 [ 2514.528185][T24438] try_charge_memcg+0xefb/0x12f0 [ 2514.533176][T24438] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2514.539198][T24438] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2514.544978][T24438] ? lock_downgrade+0x6e0/0x6e0 [ 2514.549906][T24438] obj_cgroup_charge+0x2af/0x5e0 [ 2514.554892][T24438] ? vm_area_dup+0x7d/0x380 [ 2514.559436][T24438] kmem_cache_alloc+0xb5/0x430 [ 2514.564243][T24438] vm_area_dup+0x7d/0x380 [ 2514.568617][T24438] ? mt_slot+0xa1/0x170 [ 2514.572822][T24438] ? mas_next_nentry+0x610/0xab0 [ 2514.577813][T24438] ? mas_next_node+0x547/0xa00 [ 2514.582634][T24438] ? mas_find+0x211/0xd10 [ 2514.587011][T24438] ? vm_area_alloc+0x100/0x100 [ 2514.591809][T24438] ? validate_mm_mt+0x149/0x1b0 [ 2514.596694][T24438] ? remove_vma+0x130/0x130 [ 2514.601239][T24438] ? can_vma_merge_before+0x390/0x390 [ 2514.606660][T24438] __split_vma+0xae/0x5e0 [ 2514.611029][T24438] ? vma_merge+0x2cf/0x870 [ 2514.615491][T24438] split_vma+0xa3/0xe0 [ 2514.619603][T24438] mprotect_fixup+0x686/0x960 [ 2514.624333][T24438] ? mas_find+0x211/0xd10 [ 2514.628704][T24438] ? change_protection+0x3b30/0x3b30 [ 2514.634043][T24438] do_mprotect_pkey+0x6fd/0xa70 [ 2514.638945][T24438] ? mprotect_fixup+0x960/0x960 [ 2514.643839][T24438] ? up_write+0x1b0/0x520 [ 2514.648264][T24438] __x64_sys_mprotect+0x78/0xb0 [ 2514.653156][T24438] do_syscall_64+0x39/0xb0 [ 2514.657620][T24438] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2514.663561][T24438] RIP: 0033:0x7f909a68c1d7 [ 2514.668016][T24438] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2514.681550][T24475] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. 09:53:29 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x5, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2514.687642][T24438] RSP: 002b:00007ffc6e869e78 EFLAGS: 00000206 ORIG_RAX: 000000000000000a [ 2514.687678][T24438] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f909a68c1d7 [ 2514.687698][T24438] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f909b41a000 [ 2514.721402][T24438] RBP: 00007ffc6e869f50 R08: 00000000ffffffff R09: 00007f909b439700 [ 2514.729410][T24438] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffc6e86a070 [ 2514.737415][T24438] R13: 00007f909b439700 R14: 0000000000000000 R15: 0000000000022000 [ 2514.745449][T24438] [ 2514.796363][T24438] memory: usage 307200kB, limit 307200kB, failcnt 68778 [ 2514.805530][T24438] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2514.821255][T24438] Memory cgroup stats for /syz2: [ 2514.821523][T24438] anon 139264 [ 2514.821523][T24438] file 638976 [ 2514.821523][T24438] kernel 313794560 [ 2514.821523][T24438] kernel_stack 65536 [ 2514.821523][T24438] pagetables 81920 [ 2514.821523][T24438] sec_pagetables 0 [ 2514.821523][T24438] percpu 5611104 [ 2514.821523][T24438] sock 0 [ 2514.821523][T24438] vmalloc 0 [ 2514.821523][T24438] shmem 638976 [ 2514.821523][T24438] zswap 0 [ 2514.821523][T24438] zswapped 0 [ 2514.821523][T24438] file_mapped 638976 [ 2514.821523][T24438] file_dirty 0 [ 2514.821523][T24438] file_writeback 0 [ 2514.821523][T24438] swapcached 0 [ 2514.821523][T24438] anon_thp 0 [ 2514.821523][T24438] file_thp 0 [ 2514.821523][T24438] shmem_thp 0 [ 2514.821523][T24438] inactive_anon 372736 [ 2514.821523][T24438] active_anon 405504 [ 2514.821523][T24438] inactive_file 0 [ 2514.821523][T24438] active_file 0 [ 2514.821523][T24438] unevictable 0 [ 2514.821523][T24438] slab_reclaimable 233712 [ 2514.821523][T24438] slab_unreclaimable 307770328 [ 2514.916145][T24438] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24438,uid=0 [ 2514.938927][T24438] Memory cgroup out of memory: Killed process 24438 (syz-executor.2) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2514.962774][T24437] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000 [ 2514.982709][T24437] CPU: 1 PID: 24437 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2514.993193][T24437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2515.003282][T24437] Call Trace: [ 2515.006590][T24437] [ 2515.009543][T24437] dump_stack_lvl+0xd1/0x138 [ 2515.014185][T24437] dump_header+0x10b/0x85f [ 2515.018650][T24437] oom_kill_process.cold+0x10/0x15 [ 2515.023807][T24437] out_of_memory+0x35c/0x14a0 [ 2515.028549][T24437] ? oom_killer_disable+0x280/0x280 [ 2515.033797][T24437] ? find_held_lock+0x2d/0x110 [ 2515.038706][T24437] mem_cgroup_out_of_memory+0x206/0x270 [ 2515.044291][T24437] ? mem_cgroup_margin+0x130/0x130 [ 2515.049449][T24437] ? lock_downgrade+0x6e0/0x6e0 [ 2515.054350][T24437] try_charge_memcg+0xefb/0x12f0 [ 2515.059328][T24437] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2515.065436][T24437] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2515.071208][T24437] ? lock_downgrade+0x6e0/0x6e0 [ 2515.076095][T24437] ? lock_downgrade+0x6e0/0x6e0 [ 2515.080977][T24437] ? rcu_read_unlock+0x9/0x60 [ 2515.085720][T24437] obj_cgroup_charge+0x2af/0x5e0 [ 2515.090708][T24437] ? copy_process+0x3aa/0x7520 [ 2515.095504][T24437] kmem_cache_alloc_node+0xb7/0x460 [ 2515.100747][T24437] copy_process+0x3aa/0x7520 [ 2515.105378][T24437] ? __lock_acquire+0xbc3/0x56d0 [ 2515.110361][T24437] ? __cleanup_sighand+0xb0/0xb0 [ 2515.115331][T24437] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 2515.121349][T24437] ? psi_memstall_leave+0x174/0x250 [ 2515.126602][T24437] kernel_clone+0xeb/0x990 [ 2515.131057][T24437] ? create_io_thread+0xf0/0xf0 [ 2515.135957][T24437] ? percpu_ref_put_many.constprop.0+0x6a/0x1a0 [ 2515.142251][T24437] ? lock_downgrade+0x6e0/0x6e0 [ 2515.147150][T24437] __do_sys_clone+0xba/0x100 [ 2515.151784][T24437] ? kernel_clone+0x990/0x990 [ 2515.156535][T24437] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2515.162482][T24437] do_syscall_64+0x39/0xb0 [ 2515.166940][T24437] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2515.172864][T24437] RIP: 0033:0x7f0b7de8d4f1 [ 2515.177302][T24437] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2515.196946][T24437] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2515.205417][T24437] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2515.213425][T24437] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 [ 2515.221435][T24437] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2515.229440][T24437] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2515.237440][T24437] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2515.245464][T24437] [ 2515.257280][T24437] memory: usage 307200kB, limit 307200kB, failcnt 78621 [ 2515.264537][T24437] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2515.272002][T24437] Memory cgroup stats for /syz0: [ 2515.272244][T24437] anon 143360 [ 2515.272244][T24437] file 479232 [ 2515.272244][T24437] kernel 313950208 [ 2515.272244][T24437] kernel_stack 65536 [ 2515.272244][T24437] pagetables 77824 [ 2515.272244][T24437] sec_pagetables 0 [ 2515.272244][T24437] percpu 5614656 [ 2515.272244][T24437] sock 0 [ 2515.272244][T24437] vmalloc 8192 [ 2515.272244][T24437] shmem 479232 [ 2515.272244][T24437] zswap 0 [ 2515.272244][T24437] zswapped 0 [ 2515.272244][T24437] file_mapped 479232 [ 2515.272244][T24437] file_dirty 0 [ 2515.272244][T24437] file_writeback 0 [ 2515.272244][T24437] swapcached 0 [ 2515.272244][T24437] anon_thp 0 [ 2515.272244][T24437] file_thp 0 [ 2515.272244][T24437] shmem_thp 0 [ 2515.272244][T24437] inactive_anon 180224 [ 2515.272244][T24437] active_anon 442368 [ 2515.272244][T24437] inactive_file 0 [ 2515.272244][T24437] active_file 0 [ 2515.272244][T24437] unevictable 0 [ 2515.272244][T24437] slab_reclaimable 28096 [ 2515.272244][T24437] slab_unreclaimable 308121352 [ 2515.371746][T24437] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=24437,uid=0 [ 2515.387843][T24437] Memory cgroup out of memory: Killed process 24437 (syz-executor.0) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2515.406109][T24458] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2515.426354][T24458] CPU: 0 PID: 24458 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2515.436833][T24458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2515.446926][T24458] Call Trace: [ 2515.450227][T24458] [ 2515.453181][T24458] dump_stack_lvl+0xd1/0x138 [ 2515.457817][T24458] dump_header+0x10b/0x85f [ 2515.462285][T24458] oom_kill_process.cold+0x10/0x15 [ 2515.467444][T24458] out_of_memory+0x35c/0x14a0 [ 2515.472130][T24458] ? oom_killer_disable+0x280/0x280 [ 2515.477334][T24458] ? find_held_lock+0x2d/0x110 [ 2515.482128][T24458] mem_cgroup_out_of_memory+0x206/0x270 [ 2515.487724][T24458] ? mem_cgroup_margin+0x130/0x130 [ 2515.493401][T24458] ? lock_downgrade+0x6e0/0x6e0 [ 2515.498346][T24458] try_charge_memcg+0xefb/0x12f0 [ 2515.503322][T24458] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2515.509322][T24458] ? lock_downgrade+0x6e0/0x6e0 [ 2515.514180][T24458] charge_memcg+0x90/0x3b0 [ 2515.518595][T24458] __mem_cgroup_charge+0x2b/0x90 [ 2515.523532][T24458] do_wp_page+0x7ec/0x3370 [ 2515.527952][T24458] ? lock_release+0x810/0x810 [ 2515.532647][T24458] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2515.538071][T24458] ? do_raw_spin_lock+0x124/0x2b0 [ 2515.543130][T24458] ? rwlock_bug.part.0+0x90/0x90 [ 2515.548102][T24458] ? lock_chain_count+0x20/0x20 [ 2515.552978][T24458] __handle_mm_fault+0x1f58/0x3c90 [ 2515.558114][T24458] ? vm_iomap_memory+0x190/0x190 [ 2515.563099][T24458] handle_mm_fault+0x1b6/0x850 [ 2515.567870][T24458] do_user_addr_fault+0x475/0x1210 [ 2515.572985][T24458] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2515.578538][T24458] exc_page_fault+0x98/0x170 [ 2515.583141][T24458] asm_exc_page_fault+0x26/0x30 [ 2515.588028][T24458] RIP: 0033:0x7ff9f2039570 [ 2515.592477][T24458] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2515.612116][T24458] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2515.618183][T24458] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2515.626152][T24458] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2515.634138][T24458] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2515.642140][T24458] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2515.650143][T24458] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2515.658142][T24458] ? __sock_create+0x2c/0x790 [ 2515.662851][T24458] [ 2515.668060][T24458] memory: usage 307200kB, limit 307200kB, failcnt 31834 [ 2515.676128][T24458] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2515.683205][T24458] Memory cgroup stats for /syz1: [ 2515.683440][T24458] anon 114688 [ 2515.683440][T24458] file 606208 [ 2515.683440][T24458] kernel 313851904 [ 2515.683440][T24458] kernel_stack 65536 [ 2515.683440][T24458] pagetables 73728 [ 2515.683440][T24458] sec_pagetables 0 [ 2515.683440][T24458] percpu 5612288 [ 2515.683440][T24458] sock 0 [ 2515.683440][T24458] vmalloc 0 [ 2515.683440][T24458] shmem 602112 [ 2515.683440][T24458] zswap 0 [ 2515.683440][T24458] zswapped 0 [ 2515.683440][T24458] file_mapped 602112 [ 2515.683440][T24458] file_dirty 4096 [ 2515.683440][T24458] file_writeback 0 [ 2515.683440][T24458] swapcached 0 [ 2515.683440][T24458] anon_thp 0 [ 2515.683440][T24458] file_thp 0 [ 2515.683440][T24458] shmem_thp 0 [ 2515.683440][T24458] inactive_anon 282624 [ 2515.683440][T24458] active_anon 434176 [ 2515.683440][T24458] inactive_file 0 [ 2515.683440][T24458] active_file 4096 [ 2515.683440][T24458] unevictable 0 [ 2515.683440][T24458] slab_reclaimable 219568 [ 2515.683440][T24458] slab_unreclaimable 307848312 [ 2515.779310][T24458] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=24458,uid=0 [ 2515.795014][T24458] Memory cgroup out of memory: Killed process 24458 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 09:53:30 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xf202}, 0x0) 09:53:30 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x6, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:30 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0x7601) 09:53:30 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r10) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, r11, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, ']\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x2c}}, 0x0) r13 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r14 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r15 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r14) sendmsg$IEEE802154_LLSEC_ADD_DEV(r13, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000c40)={0x14, r15, 0x201, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000440)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_SET_SHORT_ADDR(r14, &(0x7f0000000500)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r8, 0x20, 0x70bd26, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r16}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48000}, 0x804) sendmsg$IEEE802154_LIST_IFACE(r12, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r15, 0x400, 0x70bd2c, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) sendmsg$IEEE802154_LLSEC_GETPARAMS(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000328bd7000ffdbdf252400000008000200", @ANYRES32=0x0, @ANYBLOB="0a0001007770616e3400000008000200", @ANYRES32=r5, @ANYBLOB="0a0001007770616e34000000000000000005616e3300000008000200", @ANYRES32=r9, @ANYBLOB], 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 09:53:30 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0x7a02) 09:53:30 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0xfffffff0}, 0x0) [ 2515.834587][T24480] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. 09:53:30 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x7, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2515.975041][T24487] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2515.996116][T24491] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2516.020046][T24489] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2516.027430][T24491] CPU: 0 PID: 24491 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2516.039808][T24491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2516.049901][T24491] Call Trace: [ 2516.053212][T24491] [ 2516.056170][T24491] dump_stack_lvl+0xd1/0x138 [ 2516.060817][T24491] dump_header+0x10b/0x85f [ 2516.065299][T24491] oom_kill_process.cold+0x10/0x15 [ 2516.070478][T24491] out_of_memory+0x35c/0x14a0 [ 2516.075233][T24491] ? find_held_lock+0x2d/0x110 [ 2516.080053][T24491] ? oom_killer_disable+0x280/0x280 [ 2516.085293][T24491] ? find_held_lock+0x2d/0x110 [ 2516.090088][T24491] mem_cgroup_out_of_memory+0x206/0x270 [ 2516.095674][T24491] ? mem_cgroup_margin+0x130/0x130 [ 2516.100816][T24491] ? lock_downgrade+0x6e0/0x6e0 [ 2516.105706][T24491] try_charge_memcg+0xefb/0x12f0 [ 2516.110674][T24491] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2516.116686][T24491] ? lock_downgrade+0x6e0/0x6e0 [ 2516.121568][T24491] charge_memcg+0x90/0x3b0 [ 2516.126006][T24491] __mem_cgroup_charge+0x2b/0x90 [ 2516.130966][T24491] do_wp_page+0x7ec/0x3370 [ 2516.135416][T24491] ? lock_release+0x810/0x810 [ 2516.140109][T24491] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2516.145518][T24491] ? do_raw_spin_lock+0x124/0x2b0 [ 2516.150558][T24491] ? rwlock_bug.part.0+0x90/0x90 [ 2516.155513][T24491] ? lock_chain_count+0x20/0x20 [ 2516.160385][T24491] __handle_mm_fault+0x1f58/0x3c90 [ 2516.165530][T24491] ? vm_iomap_memory+0x190/0x190 [ 2516.170520][T24491] handle_mm_fault+0x1b6/0x850 [ 2516.175317][T24491] do_user_addr_fault+0x475/0x1210 [ 2516.180460][T24491] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2516.186038][T24491] exc_page_fault+0x98/0x170 [ 2516.190649][T24491] asm_exc_page_fault+0x26/0x30 [ 2516.195519][T24491] RIP: 0033:0x7ff9f2039570 [ 2516.199949][T24491] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2516.219574][T24491] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 09:53:30 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x8, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:30 executing program 3: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6(0xa, 0x3, 0x2c) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) write$binfmt_elf32(r1, &(0x7f0000000100)=ANY=[], 0x3) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000540)={r1, &(0x7f0000000440)="2f1dc17f35267f04e472d9d4854447b016c8fb68f8cdd092f86e9d1c26899690bfbba4072dc526dc19ce37df9b603cae88ca932fe79524c7d123d13c4359bb59dffc55bec602baf6e6f55d1d0c8b56980ee0a2ea155939fa2baba10258f1cec921f2f9f7d21e29ca77f5fd18e6e4f6666a6e5f1d074c826495ecf10afe87a5341982a9327fec0761d91a3adeaef979aba49e0d2e4d443d5f924b8b3e9bdd8f182e33d76ec6a9077ddc7118601f6e8a7ff4b05984f9d169fa950f1307", &(0x7f0000000500)=@tcp=r1, 0xcd1556b75c53c3f9}, 0x20) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0) getsockname$packet(r4, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000900)=@newqdisc={0x2c, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_atm={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000940)=@delchain={0x24, 0x2e, 0x301, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0xfff1, 0x3}, {0x1, 0xffff}}}, 0x24}}, 0x24040841) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x3c1, 0x3, 0x390, 0x0, 0x2b8, 0x0, 0x0, 0x0, 0x228, 0x3a8, 0x3a8, 0x228, 0x3a8, 0x3, 0x0, {[{{@ipv6={@private0={0xfc, 0x0, '\x00', 0x1}, @local, [0xff, 0xffffff00, 0xff0000ff, 0xff], [0xffffffff, 0xff000000, 0xffffff00], 'ip6tnl0\x00', 'pim6reg1\x00', {0xff}, {}, 0x2, 0x64, 0x1}, 0x0, 0x1a0, 0x1d0, 0x0, {}, [@common=@mh={{}, {"ec05", 0x1}}]}, @unspec=@CT1={0x0, 'CT\x00', 0x1, {0x9, 0xeb, 0x40, 0x0, 'snmp_trap\x00', 'syz1\x00', {0x8}}}}, {{@ipv6={@local, @remote, [], [0x0, 0x0, 0xffffff00], 'veth1_to_hsr\x00', 'macvlan1\x00', {}, {}, 0x0, 0x0, 0x7}, 0x0, 0xa8, 0xf0}, @common=@unspec=@LED={0x0, 'LED\x00', 0x0, {'syz0\x00', 0x0, 0x0, {0xda7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x43) sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000080)=0x1) write$binfmt_misc(r1, &(0x7f0000000080)=ANY=[], 0x2bb98205) splice(r0, 0x0, r2, 0x0, 0x4ff9c, 0x0) [ 2516.225666][T24491] RAX: 000000004717ba0b RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2516.233653][T24491] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 0000000000000022 [ 2516.241634][T24491] RBP: 000000004717ba0b R08: 0000000000001a0b R09: 000000004717ba0f [ 2516.249618][T24491] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2516.257606][T24491] R13: 0000000000000001 R14: 0000000000000000 R15: ffffffff87bef361 [ 2516.265589][T24491] ? __x64_sys_socket+0x11/0xb0 [ 2516.270487][T24491] 09:53:30 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0xb, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:30 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0xe, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2516.360995][T24501] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. 09:53:30 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x11, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2516.475439][T24491] memory: usage 307188kB, limit 307200kB, failcnt 31915 [ 2516.488862][T24491] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2516.508140][T24491] Memory cgroup stats for /syz1: [ 2516.508396][T24491] anon 102400 [ 2516.508396][T24491] file 606208 [ 2516.508396][T24491] kernel 313851904 [ 2516.508396][T24491] kernel_stack 65536 [ 2516.508396][T24491] pagetables 73728 [ 2516.508396][T24491] sec_pagetables 0 [ 2516.508396][T24491] percpu 5612288 [ 2516.508396][T24491] sock 0 [ 2516.508396][T24491] vmalloc 0 [ 2516.508396][T24491] shmem 602112 [ 2516.508396][T24491] zswap 0 [ 2516.508396][T24491] zswapped 0 [ 2516.508396][T24491] file_mapped 602112 [ 2516.508396][T24491] file_dirty 4096 [ 2516.508396][T24491] file_writeback 0 [ 2516.508396][T24491] swapcached 0 [ 2516.508396][T24491] anon_thp 0 [ 2516.508396][T24491] file_thp 0 [ 2516.508396][T24491] shmem_thp 0 [ 2516.508396][T24491] inactive_anon 270336 [ 2516.508396][T24491] active_anon 434176 [ 2516.508396][T24491] inactive_file 0 [ 2516.508396][T24491] active_file 4096 [ 2516.508396][T24491] unevictable 0 [ 2516.508396][T24491] slab_reclaimable 219568 [ 2516.508396][T24491] slab_unreclaimable 307848312 [ 2516.643161][T24491] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=24491,uid=0 [ 2516.659999][T24491] Memory cgroup out of memory: Killed process 24491 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2516.679476][T24481] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000 [ 2516.692629][T24481] CPU: 0 PID: 24481 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2516.703095][T24481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2516.713192][T24481] Call Trace: [ 2516.716492][T24481] [ 2516.719446][T24481] dump_stack_lvl+0xd1/0x138 [ 2516.724084][T24481] dump_header+0x10b/0x85f [ 2516.728561][T24481] oom_kill_process.cold+0x10/0x15 [ 2516.733724][T24481] out_of_memory+0x35c/0x14a0 [ 2516.738462][T24481] ? oom_killer_disable+0x280/0x280 [ 2516.743716][T24481] ? find_held_lock+0x2d/0x110 [ 2516.748535][T24481] mem_cgroup_out_of_memory+0x206/0x270 [ 2516.754132][T24481] ? mem_cgroup_margin+0x130/0x130 [ 2516.759290][T24481] ? lock_downgrade+0x6e0/0x6e0 [ 2516.764197][T24481] try_charge_memcg+0xefb/0x12f0 [ 2516.769254][T24481] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2516.775270][T24481] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2516.781039][T24481] ? lock_downgrade+0x6e0/0x6e0 [ 2516.785912][T24481] ? lock_downgrade+0x6e0/0x6e0 [ 2516.790765][T24481] ? rcu_read_unlock+0x9/0x60 [ 2516.795450][T24481] obj_cgroup_charge+0x2af/0x5e0 [ 2516.800406][T24481] ? copy_process+0x3aa/0x7520 [ 2516.805213][T24481] kmem_cache_alloc_node+0xb7/0x460 [ 2516.810465][T24481] copy_process+0x3aa/0x7520 [ 2516.815108][T24481] ? find_held_lock+0x2d/0x110 [ 2516.819941][T24481] ? __cleanup_sighand+0xb0/0xb0 [ 2516.824923][T24481] ? lock_downgrade+0x6e0/0x6e0 [ 2516.829796][T24481] ? folio_flags.constprop.0+0x53/0x150 [ 2516.835345][T24481] ? folio_add_lru+0x37b/0x680 [ 2516.840112][T24481] kernel_clone+0xeb/0x990 [ 2516.844529][T24481] ? create_io_thread+0xf0/0xf0 [ 2516.849401][T24481] ? find_held_lock+0x2d/0x110 [ 2516.854224][T24481] __do_sys_clone+0xba/0x100 [ 2516.858853][T24481] ? kernel_clone+0x990/0x990 [ 2516.863583][T24481] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2516.869518][T24481] do_syscall_64+0x39/0xb0 [ 2516.873986][T24481] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2516.879940][T24481] RIP: 0033:0x7f0b7de8d4f1 [ 2516.884348][T24481] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2516.903972][T24481] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2516.912423][T24481] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2516.920425][T24481] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 [ 2516.928422][T24481] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2516.936444][T24481] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e 09:53:31 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xf203}, 0x0) 09:53:31 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x29, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2516.944435][T24481] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2516.952447][T24481] 09:53:31 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x38, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2517.010408][T24481] memory: usage 307200kB, limit 307200kB, failcnt 78749 [ 2517.017544][T24481] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2517.043378][T24481] Memory cgroup stats for /syz0: [ 2517.043587][T24481] anon 143360 [ 2517.043587][T24481] file 479232 [ 2517.043587][T24481] kernel 313950208 09:53:31 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r10) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, r11, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, ']\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x2c}}, 0x0) r13 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r14 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r15 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r14) sendmsg$IEEE802154_LLSEC_ADD_DEV(r13, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000c40)={0x14, r15, 0x201, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000440)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_SET_SHORT_ADDR(r14, &(0x7f0000000500)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r8, 0x20, 0x70bd26, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r16}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48000}, 0x804) sendmsg$IEEE802154_LIST_IFACE(r12, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r15, 0x400, 0x70bd2c, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) sendmsg$IEEE802154_LLSEC_GETPARAMS(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000328bd7000ffdbdf252400000008000200", @ANYRES32=0x0, @ANYBLOB="0a0001007770616e3400000008000200", @ANYRES32=r5, @ANYBLOB="0a0001007770616e34000000000000000005616e3300000008000200", @ANYRES32=r9, @ANYBLOB], 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x0) [ 2517.043587][T24481] kernel_stack 65536 [ 2517.043587][T24481] pagetables 77824 [ 2517.043587][T24481] sec_pagetables 0 [ 2517.043587][T24481] percpu 5614656 [ 2517.043587][T24481] sock 0 [ 2517.043587][T24481] vmalloc 8192 [ 2517.043587][T24481] shmem 479232 [ 2517.043587][T24481] zswap 0 [ 2517.043587][T24481] zswapped 0 [ 2517.043587][T24481] file_mapped 479232 [ 2517.043587][T24481] file_dirty 0 [ 2517.043587][T24481] file_writeback 0 [ 2517.043587][T24481] swapcached 0 [ 2517.043587][T24481] anon_thp 0 [ 2517.043587][T24481] file_thp 0 [ 2517.043587][T24481] shmem_thp 0 [ 2517.043587][T24481] inactive_anon 180224 [ 2517.043587][T24481] active_anon 442368 [ 2517.043587][T24481] inactive_file 0 [ 2517.043587][T24481] active_file 0 [ 2517.043587][T24481] unevictable 0 [ 2517.043587][T24481] slab_reclaimable 28096 [ 2517.043587][T24481] slab_unreclaimable 308121352 [ 2517.406994][T24481] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=24481,uid=0 [ 2517.458579][T24481] Memory cgroup out of memory: Killed process 24481 (syz-executor.0) total-vm:54672kB, anon-rss:356kB, file-rss:8944kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2517.513297][T24482] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2517.527841][T24482] CPU: 0 PID: 24482 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2517.538334][T24482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2517.548418][T24482] Call Trace: [ 2517.551712][T24482] [ 2517.554659][T24482] dump_stack_lvl+0xd1/0x138 [ 2517.559279][T24482] dump_header+0x10b/0x85f [ 2517.563730][T24482] oom_kill_process.cold+0x10/0x15 [ 2517.568875][T24482] out_of_memory+0x35c/0x14a0 [ 2517.573589][T24482] ? find_held_lock+0x2d/0x110 [ 2517.578385][T24482] ? oom_killer_disable+0x280/0x280 [ 2517.583621][T24482] ? find_held_lock+0x2d/0x110 [ 2517.588420][T24482] mem_cgroup_out_of_memory+0x206/0x270 [ 2517.593998][T24482] ? mem_cgroup_margin+0x130/0x130 [ 2517.599137][T24482] ? lock_downgrade+0x6e0/0x6e0 [ 2517.604022][T24482] try_charge_memcg+0xefb/0x12f0 [ 2517.608989][T24482] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2517.614999][T24482] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2517.620750][T24482] ? lock_downgrade+0x6e0/0x6e0 [ 2517.625622][T24482] ? lock_downgrade+0x6e0/0x6e0 [ 2517.630516][T24482] __memcg_kmem_charge_page+0x16e/0x3b0 [ 2517.636113][T24482] memcg_charge_kernel_stack.part.0+0x6c/0x150 [ 2517.642307][T24482] copy_process+0x4e3/0x7520 [ 2517.646926][T24482] ? find_held_lock+0x2d/0x110 [ 2517.651752][T24482] ? __cleanup_sighand+0xb0/0xb0 [ 2517.656722][T24482] ? lock_downgrade+0x6e0/0x6e0 [ 2517.661591][T24482] ? folio_flags.constprop.0+0x53/0x150 [ 2517.667177][T24482] ? folio_add_lru+0x37b/0x680 [ 2517.671971][T24482] kernel_clone+0xeb/0x990 [ 2517.676412][T24482] ? create_io_thread+0xf0/0xf0 [ 2517.681725][T24482] ? find_held_lock+0x2d/0x110 [ 2517.686525][T24482] __do_sys_clone+0xba/0x100 [ 2517.691138][T24482] ? kernel_clone+0x990/0x990 [ 2517.695851][T24482] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2517.701773][T24482] do_syscall_64+0x39/0xb0 [ 2517.706213][T24482] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2517.712126][T24482] RIP: 0033:0x7f909a68d4f1 [ 2517.716556][T24482] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2517.736269][T24482] RSP: 002b:00007ffc6e869e28 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2517.744699][T24482] RAX: ffffffffffffffda RBX: 00007f909b439700 RCX: 00007f909a68d4f1 [ 2517.752696][T24482] RDX: 00007f909b4399d0 RSI: 00007f909b4392f0 RDI: 00000000003d0f00 [ 2517.760681][T24482] RBP: 00007ffc6e86a070 R08: 00007f909b439700 R09: 00007f909b439700 [ 2517.768687][T24482] R10: 00007f909b4399d0 R11: 0000000000000206 R12: 00007ffc6e869ede [ 2517.776676][T24482] R13: 00007ffc6e869edf R14: 00007f909b439300 R15: 0000000000022000 [ 2517.784685][T24482] [ 2517.791833][T24482] memory: usage 307200kB, limit 307200kB, failcnt 68902 [ 2517.799664][T24482] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2517.806551][T24482] Memory cgroup stats for /syz2: [ 2517.806757][T24482] anon 143360 [ 2517.806757][T24482] file 638976 [ 2517.806757][T24482] kernel 313790464 [ 2517.806757][T24482] kernel_stack 65536 [ 2517.806757][T24482] pagetables 81920 [ 2517.806757][T24482] sec_pagetables 0 [ 2517.806757][T24482] percpu 5611040 [ 2517.806757][T24482] sock 0 [ 2517.806757][T24482] vmalloc 0 [ 2517.806757][T24482] shmem 638976 [ 2517.806757][T24482] zswap 0 [ 2517.806757][T24482] zswapped 0 [ 2517.806757][T24482] file_mapped 638976 [ 2517.806757][T24482] file_dirty 0 [ 2517.806757][T24482] file_writeback 0 [ 2517.806757][T24482] swapcached 0 [ 2517.806757][T24482] anon_thp 0 [ 2517.806757][T24482] file_thp 0 [ 2517.806757][T24482] shmem_thp 0 [ 2517.806757][T24482] inactive_anon 376832 [ 2517.806757][T24482] active_anon 405504 [ 2517.806757][T24482] inactive_file 0 [ 2517.806757][T24482] active_file 0 [ 2517.806757][T24482] unevictable 0 [ 2517.806757][T24482] slab_reclaimable 233712 [ 2517.806757][T24482] slab_unreclaimable 307766904 09:53:32 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0x7c02) 09:53:32 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x5c, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:32 executing program 3: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6(0xa, 0x3, 0x2c) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) write$binfmt_elf32(r1, &(0x7f0000000100)=ANY=[], 0x3) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000540)={r1, &(0x7f0000000440)="2f1dc17f35267f04e472d9d4854447b016c8fb68f8cdd092f86e9d1c26899690bfbba4072dc526dc19ce37df9b603cae88ca932fe79524c7d123d13c4359bb59dffc55bec602baf6e6f55d1d0c8b56980ee0a2ea155939fa2baba10258f1cec921f2f9f7d21e29ca77f5fd18e6e4f6666a6e5f1d074c826495ecf10afe87a5341982a9327fec0761d91a3adeaef979aba49e0d2e4d443d5f924b8b3e9bdd8f182e33d76ec6a9077ddc7118601f6e8a7ff4b05984f9d169fa950f1307", &(0x7f0000000500)=@tcp=r1, 0xcd1556b75c53c3f9}, 0x20) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0) getsockname$packet(r4, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000900)=@newqdisc={0x2c, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_atm={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000940)=@delchain={0x24, 0x2e, 0x301, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0xfff1, 0x3}, {0x1, 0xffff}}}, 0x24}}, 0x24040841) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x3c1, 0x3, 0x390, 0x0, 0x2b8, 0x0, 0x0, 0x0, 0x228, 0x3a8, 0x3a8, 0x228, 0x3a8, 0x3, 0x0, {[{{@ipv6={@private0={0xfc, 0x0, '\x00', 0x1}, @local, [0xff, 0xffffff00, 0xff0000ff, 0xff], [0xffffffff, 0xff000000, 0xffffff00], 'ip6tnl0\x00', 'pim6reg1\x00', {0xff}, {}, 0x2, 0x64, 0x1}, 0x0, 0x1a0, 0x1d0, 0x0, {}, [@common=@mh={{}, {"ec05", 0x1}}]}, @unspec=@CT1={0x0, 'CT\x00', 0x1, {0x9, 0xeb, 0x40, 0x0, 'snmp_trap\x00', 'syz1\x00', {0x8}}}}, {{@ipv6={@local, @remote, [], [0x0, 0x0, 0xffffff00], 'veth1_to_hsr\x00', 'macvlan1\x00', {}, {}, 0x0, 0x0, 0x7}, 0x0, 0xa8, 0xf0}, @common=@unspec=@LED={0x0, 'LED\x00', 0x0, {'syz0\x00', 0x0, 0x0, {0xda7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x43) sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000080)=0x1) write$binfmt_misc(r1, &(0x7f0000000080)=ANY=[], 0x2bb98205) splice(r0, 0x0, r2, 0x0, 0x4ff9c, 0x0) pipe(&(0x7f0000000000)) (async) socket$inet6(0xa, 0x3, 0x2c) (async) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) (async) write$binfmt_elf32(r1, &(0x7f0000000100)=ANY=[], 0x3) (async) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000540)={r1, &(0x7f0000000440)="2f1dc17f35267f04e472d9d4854447b016c8fb68f8cdd092f86e9d1c26899690bfbba4072dc526dc19ce37df9b603cae88ca932fe79524c7d123d13c4359bb59dffc55bec602baf6e6f55d1d0c8b56980ee0a2ea155939fa2baba10258f1cec921f2f9f7d21e29ca77f5fd18e6e4f6666a6e5f1d074c826495ecf10afe87a5341982a9327fec0761d91a3adeaef979aba49e0d2e4d443d5f924b8b3e9bdd8f182e33d76ec6a9077ddc7118601f6e8a7ff4b05984f9d169fa950f1307", &(0x7f0000000500)=@tcp=r1, 0xcd1556b75c53c3f9}, 0x20) (async) socket$netlink(0x10, 0x3, 0x0) (async) socket(0x10, 0x3, 0x0) (async) sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0) (async) getsockname$packet(r4, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) (async) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) (async) sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000900)=@newqdisc={0x2c, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_atm={0x8}]}, 0x2c}}, 0x0) (async) sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000940)=@delchain={0x24, 0x2e, 0x301, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0xfff1, 0x3}, {0x1, 0xffff}}}, 0x24}}, 0x24040841) (async) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x3c1, 0x3, 0x390, 0x0, 0x2b8, 0x0, 0x0, 0x0, 0x228, 0x3a8, 0x3a8, 0x228, 0x3a8, 0x3, 0x0, {[{{@ipv6={@private0={0xfc, 0x0, '\x00', 0x1}, @local, [0xff, 0xffffff00, 0xff0000ff, 0xff], [0xffffffff, 0xff000000, 0xffffff00], 'ip6tnl0\x00', 'pim6reg1\x00', {0xff}, {}, 0x2, 0x64, 0x1}, 0x0, 0x1a0, 0x1d0, 0x0, {}, [@common=@mh={{}, {"ec05", 0x1}}]}, @unspec=@CT1={0x0, 'CT\x00', 0x1, {0x9, 0xeb, 0x40, 0x0, 'snmp_trap\x00', 'syz1\x00', {0x8}}}}, {{@ipv6={@local, @remote, [], [0x0, 0x0, 0xffffff00], 'veth1_to_hsr\x00', 'macvlan1\x00', {}, {}, 0x0, 0x0, 0x7}, 0x0, 0xa8, 0xf0}, @common=@unspec=@LED={0x0, 'LED\x00', 0x0, {'syz0\x00', 0x0, 0x0, {0xda7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x43) (async) sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x0) (async) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000080)=0x1) (async) write$binfmt_misc(r1, &(0x7f0000000080)=ANY=[], 0x2bb98205) (async) splice(r0, 0x0, r2, 0x0, 0x4ff9c, 0x0) (async) 09:53:32 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r10) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, r11, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, ']\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x2c}}, 0x0) r13 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r14 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r15 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r14) sendmsg$IEEE802154_LLSEC_ADD_DEV(r13, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000c40)={0x14, r15, 0x201, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000440)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_SET_SHORT_ADDR(r14, &(0x7f0000000500)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r8, 0x20, 0x70bd26, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r16}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48000}, 0x804) sendmsg$IEEE802154_LIST_IFACE(r12, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r15, 0x400, 0x70bd2c, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) sendmsg$IEEE802154_LLSEC_GETPARAMS(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000328bd7000ffdbdf252400000008000200", @ANYRES32=0x0, @ANYBLOB="0a0001007770616e3400000008000200", @ANYRES32=r5, @ANYBLOB="0a0001007770616e34000000000000000005616e3300000008000200", @ANYRES32=r9, @ANYBLOB], 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 09:53:32 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0xfffffffe}, 0x0) [ 2517.903439][T24482] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24482,uid=0 [ 2517.921434][T24482] Memory cgroup out of memory: Killed process 24482 (syz-executor.2) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:53:32 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0xc8, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2517.984424][T24529] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 2518.012603][T24513] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2518.045584][T24513] CPU: 0 PID: 24513 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2518.056081][T24513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2518.066267][T24513] Call Trace: [ 2518.069580][T24513] [ 2518.072539][T24513] dump_stack_lvl+0xd1/0x138 [ 2518.077179][T24513] dump_header+0x10b/0x85f [ 2518.081646][T24513] oom_kill_process.cold+0x10/0x15 [ 2518.086802][T24513] out_of_memory+0x35c/0x14a0 [ 2518.091539][T24513] ? find_held_lock+0x2d/0x110 [ 2518.096354][T24513] ? oom_killer_disable+0x280/0x280 [ 2518.101604][T24513] ? find_held_lock+0x2d/0x110 [ 2518.106403][T24513] mem_cgroup_out_of_memory+0x206/0x270 [ 2518.111980][T24513] ? mem_cgroup_margin+0x130/0x130 [ 2518.117120][T24513] ? lock_downgrade+0x6e0/0x6e0 [ 2518.122005][T24513] try_charge_memcg+0xefb/0x12f0 [ 2518.126973][T24513] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2518.132980][T24513] ? lock_downgrade+0x6e0/0x6e0 [ 2518.137880][T24513] charge_memcg+0x90/0x3b0 [ 2518.142317][T24513] __mem_cgroup_charge+0x2b/0x90 [ 2518.147278][T24513] do_wp_page+0x7ec/0x3370 [ 2518.151728][T24513] ? lock_release+0x810/0x810 [ 2518.156423][T24513] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2518.161823][T24513] ? do_raw_spin_lock+0x124/0x2b0 [ 2518.166870][T24513] ? rwlock_bug.part.0+0x90/0x90 [ 2518.171826][T24513] ? lock_chain_count+0x20/0x20 [ 2518.176700][T24513] __handle_mm_fault+0x1f58/0x3c90 [ 2518.181846][T24513] ? vm_iomap_memory+0x190/0x190 [ 2518.186834][T24513] handle_mm_fault+0x1b6/0x850 [ 2518.191628][T24513] do_user_addr_fault+0x475/0x1210 [ 2518.196767][T24513] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2518.202343][T24513] exc_page_fault+0x98/0x170 [ 2518.206954][T24513] asm_exc_page_fault+0x26/0x30 [ 2518.211819][T24513] RIP: 0033:0x7ff9f2039570 [ 2518.216246][T24513] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2518.235868][T24513] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2518.241949][T24513] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2518.249930][T24513] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2518.257909][T24513] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2518.265892][T24513] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2518.273872][T24513] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2518.281878][T24513] ? __sock_create+0x2c/0x790 [ 2518.286599][T24513] [ 2518.323738][T24513] memory: usage 307200kB, limit 307200kB, failcnt 32029 [ 2518.332706][T24513] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2518.340628][T24513] Memory cgroup stats for /syz1: [ 2518.340837][T24513] anon 114688 [ 2518.340837][T24513] file 606208 [ 2518.340837][T24513] kernel 313851904 [ 2518.340837][T24513] kernel_stack 65536 [ 2518.340837][T24513] pagetables 73728 [ 2518.340837][T24513] sec_pagetables 0 [ 2518.340837][T24513] percpu 5612288 [ 2518.340837][T24513] sock 0 [ 2518.340837][T24513] vmalloc 0 [ 2518.340837][T24513] shmem 602112 [ 2518.340837][T24513] zswap 0 [ 2518.340837][T24513] zswapped 0 [ 2518.340837][T24513] file_mapped 602112 [ 2518.340837][T24513] file_dirty 4096 [ 2518.340837][T24513] file_writeback 0 [ 2518.340837][T24513] swapcached 0 [ 2518.340837][T24513] anon_thp 0 [ 2518.340837][T24513] file_thp 0 [ 2518.340837][T24513] shmem_thp 0 [ 2518.340837][T24513] inactive_anon 282624 [ 2518.340837][T24513] active_anon 434176 [ 2518.340837][T24513] inactive_file 0 [ 2518.340837][T24513] active_file 4096 09:53:32 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0xe0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2518.340837][T24513] unevictable 0 [ 2518.340837][T24513] slab_reclaimable 219568 [ 2518.340837][T24513] slab_unreclaimable 307848312 09:53:32 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x1f4, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2518.492986][T24540] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2518.728726][T24513] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=24513,uid=0 [ 2518.757830][T24513] Memory cgroup out of memory: Killed process 24513 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2518.796296][T24528] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2518.813667][T24528] CPU: 0 PID: 24528 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2518.824150][T24528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2518.834250][T24528] Call Trace: [ 2518.837568][T24528] [ 2518.840528][T24528] dump_stack_lvl+0xd1/0x138 [ 2518.845181][T24528] dump_header+0x10b/0x85f [ 2518.849661][T24528] oom_kill_process.cold+0x10/0x15 [ 2518.854833][T24528] out_of_memory+0x35c/0x14a0 [ 2518.859584][T24528] ? oom_killer_disable+0x280/0x280 [ 2518.864847][T24528] ? find_held_lock+0x2d/0x110 [ 2518.869720][T24528] mem_cgroup_out_of_memory+0x206/0x270 [ 2518.875320][T24528] ? mem_cgroup_margin+0x130/0x130 [ 2518.880480][T24528] ? lock_downgrade+0x6e0/0x6e0 [ 2518.885395][T24528] try_charge_memcg+0xefb/0x12f0 [ 2518.890390][T24528] ? mem_cgroup_handle_over_high+0x520/0x520 09:53:33 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xf600}, 0x0) 09:53:33 executing program 3: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) (async) r2 = socket$inet6(0xa, 0x3, 0x2c) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) (async) write$binfmt_elf32(r1, &(0x7f0000000100)=ANY=[], 0x3) (async) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000540)={r1, &(0x7f0000000440)="2f1dc17f35267f04e472d9d4854447b016c8fb68f8cdd092f86e9d1c26899690bfbba4072dc526dc19ce37df9b603cae88ca932fe79524c7d123d13c4359bb59dffc55bec602baf6e6f55d1d0c8b56980ee0a2ea155939fa2baba10258f1cec921f2f9f7d21e29ca77f5fd18e6e4f6666a6e5f1d074c826495ecf10afe87a5341982a9327fec0761d91a3adeaef979aba49e0d2e4d443d5f924b8b3e9bdd8f182e33d76ec6a9077ddc7118601f6e8a7ff4b05984f9d169fa950f1307", &(0x7f0000000500)=@tcp=r1, 0xcd1556b75c53c3f9}, 0x20) (async) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0) (async) getsockname$packet(r4, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) (async) sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000900)=@newqdisc={0x2c, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_atm={0x8}]}, 0x2c}}, 0x0) (async) sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000940)=@delchain={0x24, 0x2e, 0x301, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0xfff1, 0x3}, {0x1, 0xffff}}}, 0x24}}, 0x24040841) (async) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x3c1, 0x3, 0x390, 0x0, 0x2b8, 0x0, 0x0, 0x0, 0x228, 0x3a8, 0x3a8, 0x228, 0x3a8, 0x3, 0x0, {[{{@ipv6={@private0={0xfc, 0x0, '\x00', 0x1}, @local, [0xff, 0xffffff00, 0xff0000ff, 0xff], [0xffffffff, 0xff000000, 0xffffff00], 'ip6tnl0\x00', 'pim6reg1\x00', {0xff}, {}, 0x2, 0x64, 0x1}, 0x0, 0x1a0, 0x1d0, 0x0, {}, [@common=@mh={{}, {"ec05", 0x1}}]}, @unspec=@CT1={0x0, 'CT\x00', 0x1, {0x9, 0xeb, 0x40, 0x0, 'snmp_trap\x00', 'syz1\x00', {0x8}}}}, {{@ipv6={@local, @remote, [], [0x0, 0x0, 0xffffff00], 'veth1_to_hsr\x00', 'macvlan1\x00', {}, {}, 0x0, 0x0, 0x7}, 0x0, 0xa8, 0xf0}, @common=@unspec=@LED={0x0, 'LED\x00', 0x0, {'syz0\x00', 0x0, 0x0, {0xda7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x43) (async) sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x0) (async) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000080)=0x1) write$binfmt_misc(r1, &(0x7f0000000080)=ANY=[], 0x2bb98205) (async) splice(r0, 0x0, r2, 0x0, 0x4ff9c, 0x0) 09:53:33 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x300, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:33 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0x7e02) [ 2518.896420][T24528] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2518.902202][T24528] ? lock_downgrade+0x6e0/0x6e0 [ 2518.907100][T24528] ? lock_downgrade+0x6e0/0x6e0 [ 2518.912009][T24528] __memcg_kmem_charge_page+0x16e/0x3b0 [ 2518.917612][T24528] memcg_charge_kernel_stack.part.0+0x6c/0x150 [ 2518.923831][T24528] copy_process+0x1359/0x7520 [ 2518.928561][T24528] ? find_held_lock+0x2d/0x110 [ 2518.933389][T24528] ? __cleanup_sighand+0xb0/0xb0 [ 2518.938402][T24528] ? lock_downgrade+0x6e0/0x6e0 [ 2518.943310][T24528] ? folio_flags.constprop.0+0x53/0x150 [ 2518.948919][T24528] ? folio_add_lru+0x37b/0x680 [ 2518.953744][T24528] kernel_clone+0xeb/0x990 [ 2518.958212][T24528] ? create_io_thread+0xf0/0xf0 [ 2518.963119][T24528] ? find_held_lock+0x2d/0x110 [ 2518.967953][T24528] __do_sys_clone+0xba/0x100 [ 2518.972594][T24528] ? kernel_clone+0x990/0x990 [ 2518.977339][T24528] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2518.983289][T24528] do_syscall_64+0x39/0xb0 [ 2518.987760][T24528] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2518.993693][T24528] RIP: 0033:0x7f0b7de8d4f1 [ 2518.998145][T24528] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2519.017793][T24528] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2519.026254][T24528] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2519.034264][T24528] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 09:53:33 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r10) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, r11, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, ']\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x2c}}, 0x0) r13 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r14 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r15 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r14) sendmsg$IEEE802154_LLSEC_ADD_DEV(r13, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000c40)={0x14, r15, 0x201, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000440)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_SET_SHORT_ADDR(r14, &(0x7f0000000500)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r8, 0x20, 0x70bd26, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r16}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48000}, 0x804) sendmsg$IEEE802154_LIST_IFACE(r12, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r15, 0x400, 0x70bd2c, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) 09:53:33 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x3e8, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2519.042273][T24528] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2519.050280][T24528] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2519.058285][T24528] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2519.066315][T24528] 09:53:33 executing program 3: getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000001200)={0x0, 0x0, 0x6ee, 0x5, 0x40, 0x20, 0xffff, 0xc58, {0x0, @in={{0x2, 0x4e23, @multicast2}}, 0x3, 0xffff, 0x1, 0xde, 0x800}}, &(0x7f0000000040)=0xb0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={r0, 0x8}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x19, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000761198009500000000000000"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x16, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 2519.102818][T24528] memory: usage 307200kB, limit 307200kB, failcnt 78842 [ 2519.125843][T24528] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2519.158813][T24528] Memory cgroup stats for /syz0: [ 2519.159022][T24528] anon 143360 [ 2519.159022][T24528] file 479232 [ 2519.159022][T24528] kernel 313950208 [ 2519.159022][T24528] kernel_stack 65536 [ 2519.159022][T24528] pagetables 77824 [ 2519.159022][T24528] sec_pagetables 0 [ 2519.159022][T24528] percpu 5614656 [ 2519.159022][T24528] sock 0 [ 2519.159022][T24528] vmalloc 8192 [ 2519.159022][T24528] shmem 479232 [ 2519.159022][T24528] zswap 0 [ 2519.159022][T24528] zswapped 0 [ 2519.159022][T24528] file_mapped 479232 [ 2519.159022][T24528] file_dirty 0 [ 2519.159022][T24528] file_writeback 0 [ 2519.159022][T24528] swapcached 0 [ 2519.159022][T24528] anon_thp 0 [ 2519.159022][T24528] file_thp 0 [ 2519.159022][T24528] shmem_thp 0 [ 2519.159022][T24528] inactive_anon 180224 [ 2519.159022][T24528] active_anon 442368 [ 2519.159022][T24528] inactive_file 0 [ 2519.159022][T24528] active_file 0 [ 2519.159022][T24528] unevictable 0 [ 2519.159022][T24528] slab_reclaimable 20384 [ 2519.159022][T24528] slab_unreclaimable 308126256 09:53:33 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x500, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2519.159191][T24560] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2519.270595][T24528] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=24528,uid=0 [ 2519.344273][T24528] Memory cgroup out of memory: Killed process 24528 (syz-executor.0) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:53:33 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x20000000000}, 0x0) 09:53:33 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x600, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:33 executing program 3: getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000001200)={0x0, 0x0, 0x6ee, 0x5, 0x40, 0x20, 0xffff, 0xc58, {0x0, @in={{0x2, 0x4e23, @multicast2}}, 0x3, 0xffff, 0x1, 0xde, 0x800}}, &(0x7f0000000040)=0xb0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={r0, 0x8}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x19, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000761198009500000000000000"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x16, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000001200)={0x0, 0x0, 0x6ee, 0x5, 0x40, 0x20, 0xffff, 0xc58, {0x0, @in={{0x2, 0x4e23, @multicast2}}, 0x3, 0xffff, 0x1, 0xde, 0x800}}, &(0x7f0000000040)=0xb0) (async) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={r0, 0x8}, 0x8) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x19, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000761198009500000000000000"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x16, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) (async) [ 2519.452527][T24554] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2519.484716][T24554] CPU: 0 PID: 24554 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 09:53:33 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x700, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2519.495210][T24554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2519.505304][T24554] Call Trace: [ 2519.508618][T24554] [ 2519.511591][T24554] dump_stack_lvl+0xd1/0x138 [ 2519.516230][T24554] dump_header+0x10b/0x85f [ 2519.520704][T24554] oom_kill_process.cold+0x10/0x15 [ 2519.525875][T24554] out_of_memory+0x35c/0x14a0 [ 2519.530616][T24554] ? find_held_lock+0x2d/0x110 [ 2519.535434][T24554] ? oom_killer_disable+0x280/0x280 [ 2519.540693][T24554] ? find_held_lock+0x2d/0x110 [ 2519.545505][T24554] mem_cgroup_out_of_memory+0x206/0x270 [ 2519.551102][T24554] ? mem_cgroup_margin+0x130/0x130 [ 2519.556263][T24554] ? lock_downgrade+0x6e0/0x6e0 [ 2519.561186][T24554] try_charge_memcg+0xefb/0x12f0 [ 2519.566176][T24554] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2519.572205][T24554] ? lock_downgrade+0x6e0/0x6e0 [ 2519.577116][T24554] charge_memcg+0x90/0x3b0 [ 2519.581583][T24554] __mem_cgroup_charge+0x2b/0x90 [ 2519.586574][T24554] do_wp_page+0x7ec/0x3370 [ 2519.591045][T24554] ? lock_release+0x810/0x810 [ 2519.595745][T24554] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2519.601151][T24554] ? do_raw_spin_lock+0x124/0x2b0 [ 2519.606194][T24554] ? rwlock_bug.part.0+0x90/0x90 [ 2519.611153][T24554] ? lock_chain_count+0x20/0x20 [ 2519.616028][T24554] __handle_mm_fault+0x1f58/0x3c90 [ 2519.621193][T24554] ? vm_iomap_memory+0x190/0x190 [ 2519.626201][T24554] handle_mm_fault+0x1b6/0x850 [ 2519.631016][T24554] do_user_addr_fault+0x475/0x1210 [ 2519.636217][T24554] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2519.641805][T24554] exc_page_fault+0x98/0x170 [ 2519.646419][T24554] asm_exc_page_fault+0x26/0x30 [ 2519.651287][T24554] RIP: 0033:0x7ff9f2039570 [ 2519.655801][T24554] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2519.675425][T24554] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2519.681521][T24554] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2519.689521][T24554] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2519.697515][T24554] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2519.705506][T24554] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2519.713492][T24554] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2519.721474][T24554] ? __sock_create+0x2c/0x790 [ 2519.726200][T24554] [ 2519.918801][T24554] memory: usage 307200kB, limit 307200kB, failcnt 32132 [ 2519.926220][T24554] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2519.956329][T24554] Memory cgroup stats for /syz1: [ 2519.957449][T24554] anon 114688 [ 2519.957449][T24554] file 606208 [ 2519.957449][T24554] kernel 313851904 [ 2519.957449][T24554] kernel_stack 65536 [ 2519.957449][T24554] pagetables 73728 [ 2519.957449][T24554] sec_pagetables 0 [ 2519.957449][T24554] percpu 5612288 [ 2519.957449][T24554] sock 0 [ 2519.957449][T24554] vmalloc 0 [ 2519.957449][T24554] shmem 602112 [ 2519.957449][T24554] zswap 0 [ 2519.957449][T24554] zswapped 0 [ 2519.957449][T24554] file_mapped 602112 [ 2519.957449][T24554] file_dirty 4096 [ 2519.957449][T24554] file_writeback 0 [ 2519.957449][T24554] swapcached 0 [ 2519.957449][T24554] anon_thp 0 [ 2519.957449][T24554] file_thp 0 [ 2519.957449][T24554] shmem_thp 0 [ 2519.957449][T24554] inactive_anon 282624 [ 2519.957449][T24554] active_anon 434176 [ 2519.957449][T24554] inactive_file 0 [ 2519.957449][T24554] active_file 4096 [ 2519.957449][T24554] unevictable 0 [ 2519.957449][T24554] slab_reclaimable 219568 [ 2519.957449][T24554] slab_unreclaimable 307848312 [ 2520.109987][T24554] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=24554,uid=0 [ 2520.134746][T24554] Memory cgroup out of memory: Killed process 24554 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2520.153975][T24587] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2520.169767][T24587] CPU: 1 PID: 24587 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2520.180240][T24587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2520.190325][T24587] Call Trace: [ 2520.193621][T24587] [ 2520.196564][T24587] dump_stack_lvl+0xd1/0x138 [ 2520.201186][T24587] dump_header+0x10b/0x85f [ 2520.205642][T24587] oom_kill_process.cold+0x10/0x15 [ 2520.211046][T24587] out_of_memory+0x35c/0x14a0 [ 2520.215764][T24587] ? oom_killer_disable+0x280/0x280 [ 2520.220997][T24587] ? find_held_lock+0x2d/0x110 [ 2520.225797][T24587] mem_cgroup_out_of_memory+0x206/0x270 [ 2520.231378][T24587] ? mem_cgroup_margin+0x130/0x130 [ 2520.236516][T24587] ? lock_downgrade+0x6e0/0x6e0 [ 2520.241402][T24587] try_charge_memcg+0xefb/0x12f0 [ 2520.246369][T24587] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2520.252369][T24587] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2520.258119][T24587] ? lock_downgrade+0x6e0/0x6e0 [ 2520.262990][T24587] ? lock_downgrade+0x6e0/0x6e0 [ 2520.267875][T24587] obj_cgroup_charge+0x2af/0x5e0 [ 2520.272847][T24587] kmem_cache_alloc_lru+0x145/0x760 [ 2520.278065][T24587] ? sock_alloc_inode+0x27/0x1d0 [ 2520.283041][T24587] sock_alloc_inode+0x27/0x1d0 [ 2520.287828][T24587] ? sock_free_inode+0x30/0x30 [ 2520.292618][T24587] alloc_inode+0x61/0x230 [ 2520.296977][T24587] new_inode_pseudo+0x17/0x80 [ 2520.301683][T24587] sock_alloc+0x40/0x260 [ 2520.305950][T24587] __sock_create+0xbd/0x790 [ 2520.310490][T24587] __sys_socket+0x133/0x250 [ 2520.315023][T24587] ? __sys_socket_file+0x1f0/0x1f0 [ 2520.320169][T24587] __x64_sys_socket+0x73/0xb0 [ 2520.324875][T24587] do_syscall_64+0x39/0xb0 [ 2520.329322][T24587] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2520.335235][T24587] RIP: 0033:0x7f0b7de8c0c9 [ 2520.339666][T24587] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2520.359296][T24587] RSP: 002b:00007f0b7eba3168 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 2520.367736][T24587] RAX: ffffffffffffffda RBX: 00007f0b7dfabf80 RCX: 00007f0b7de8c0c9 [ 2520.375719][T24587] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000010 [ 2520.383702][T24587] RBP: 00007f0b7dee7ae9 R08: 0000000000000000 R09: 0000000000000000 [ 2520.391686][T24587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2520.399669][T24587] R13: 00007fff0637016f R14: 00007f0b7eba3300 R15: 0000000000022000 [ 2520.407689][T24587] 09:53:34 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xf601}, 0x0) 09:53:34 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0xb00, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:34 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0x8100) 09:53:34 executing program 3: getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000001200)={0x0, 0x0, 0x6ee, 0x5, 0x40, 0x20, 0xffff, 0xc58, {0x0, @in={{0x2, 0x4e23, @multicast2}}, 0x3, 0xffff, 0x1, 0xde, 0x800}}, &(0x7f0000000040)=0xb0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={r0, 0x8}, 0x8) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x19, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000761198009500000000000000"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x16, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 09:53:34 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r10) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, r11, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, ']\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x2c}}, 0x0) r13 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r14 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r15 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r14) sendmsg$IEEE802154_LLSEC_ADD_DEV(r13, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000c40)={0x14, r15, 0x201, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000440)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_SET_SHORT_ADDR(r14, &(0x7f0000000500)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r8, 0x20, 0x70bd26, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r16}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48000}, 0x804) [ 2520.432768][T24587] memory: usage 307200kB, limit 307200kB, failcnt 78970 [ 2520.461574][T24587] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 09:53:34 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0xe00, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2520.501262][T24587] Memory cgroup stats for /syz0: [ 2520.501482][T24587] anon 143360 [ 2520.501482][T24587] file 479232 [ 2520.501482][T24587] kernel 313950208 [ 2520.501482][T24587] kernel_stack 65536 [ 2520.501482][T24587] pagetables 77824 [ 2520.501482][T24587] sec_pagetables 0 [ 2520.501482][T24587] percpu 5614656 [ 2520.501482][T24587] sock 0 [ 2520.501482][T24587] vmalloc 8192 [ 2520.501482][T24587] shmem 479232 [ 2520.501482][T24587] zswap 0 [ 2520.501482][T24587] zswapped 0 [ 2520.501482][T24587] file_mapped 479232 09:53:34 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0x7e02) 09:53:34 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x1100, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2520.501482][T24587] file_dirty 0 [ 2520.501482][T24587] file_writeback 0 [ 2520.501482][T24587] swapcached 0 [ 2520.501482][T24587] anon_thp 0 [ 2520.501482][T24587] file_thp 0 [ 2520.501482][T24587] shmem_thp 0 [ 2520.501482][T24587] inactive_anon 180224 [ 2520.501482][T24587] active_anon 442368 [ 2520.501482][T24587] inactive_file 0 [ 2520.501482][T24587] active_file 0 [ 2520.501482][T24587] unevictable 0 [ 2520.501482][T24587] slab_reclaimable 20384 [ 2520.501482][T24587] slab_unreclaimable 308126256 [ 2520.655343][T24607] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. 09:53:35 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x1f00, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2520.981388][T24587] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=24583,uid=0 [ 2520.998115][T24587] Memory cgroup out of memory: Killed process 24583 (syz-executor.0) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2521.025354][T24591] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2521.040816][T24591] CPU: 0 PID: 24591 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2521.051293][T24591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2521.061383][T24591] Call Trace: [ 2521.064674][T24591] [ 2521.067625][T24591] dump_stack_lvl+0xd1/0x138 [ 2521.072245][T24591] dump_header+0x10b/0x85f [ 2521.076699][T24591] oom_kill_process.cold+0x10/0x15 [ 2521.081842][T24591] out_of_memory+0x35c/0x14a0 [ 2521.086568][T24591] ? oom_killer_disable+0x280/0x280 [ 2521.091806][T24591] ? find_held_lock+0x2d/0x110 [ 2521.096608][T24591] mem_cgroup_out_of_memory+0x206/0x270 [ 2521.102456][T24591] ? mem_cgroup_margin+0x130/0x130 [ 2521.107595][T24591] ? lock_downgrade+0x6e0/0x6e0 [ 2521.112488][T24591] try_charge_memcg+0xefb/0x12f0 [ 2521.117461][T24591] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2521.123469][T24591] ? lock_downgrade+0x6e0/0x6e0 [ 2521.128438][T24591] charge_memcg+0x90/0x3b0 [ 2521.132877][T24591] __mem_cgroup_charge+0x2b/0x90 [ 2521.137837][T24591] do_wp_page+0x7ec/0x3370 [ 2521.142295][T24591] ? lock_release+0x810/0x810 [ 2521.146992][T24591] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2521.152390][T24591] ? do_raw_spin_lock+0x124/0x2b0 [ 2521.157459][T24591] ? rwlock_bug.part.0+0x90/0x90 [ 2521.162450][T24591] ? lock_chain_count+0x20/0x20 [ 2521.167328][T24591] __handle_mm_fault+0x1f58/0x3c90 [ 2521.172478][T24591] ? vm_iomap_memory+0x190/0x190 [ 2521.177485][T24591] handle_mm_fault+0x1b6/0x850 [ 2521.182370][T24591] do_user_addr_fault+0x475/0x1210 [ 2521.187509][T24591] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2521.193089][T24591] exc_page_fault+0x98/0x170 [ 2521.197698][T24591] asm_exc_page_fault+0x26/0x30 [ 2521.202567][T24591] RIP: 0033:0x7f909a639570 [ 2521.206993][T24591] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2521.226702][T24591] RSP: 002b:00007ffc6e869e80 EFLAGS: 00010246 [ 2521.232784][T24591] RAX: 00000000c8a28e77 RBX: 00007f909a7ac0e8 RCX: 0000001b31f20000 [ 2521.240767][T24591] RDX: 0000000000000000 RSI: 0000001b31f20018 RDI: 000000000c5be978 [ 2521.248756][T24591] RBP: 00000000c8a28e77 R08: 0000000000000e77 R09: 00000000c8a28e7b [ 2521.256745][T24591] R10: 00007ffc6e86a040 R11: 0000000000000246 R12: 00007f909a7a0000 [ 2521.264818][T24591] R13: 0000000000000001 R14: 0000000000000004 R15: ffffffff87be71f8 [ 2521.272806][T24591] ? sockfd_lookup_light+0x18/0x180 [ 2521.278049][T24591] [ 2521.295434][T24587] socket: no more sockets [ 2521.301298][T24591] memory: usage 307200kB, limit 307200kB, failcnt 69241 [ 2521.309335][T24591] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2521.316337][T24591] Memory cgroup stats for /syz2: [ 2521.316648][T24591] anon 122880 [ 2521.316648][T24591] file 638976 [ 2521.316648][T24591] kernel 313810944 [ 2521.316648][T24591] kernel_stack 98304 [ 2521.316648][T24591] pagetables 81920 [ 2521.316648][T24591] sec_pagetables 0 [ 2521.316648][T24591] percpu 5611040 [ 2521.316648][T24591] sock 0 [ 2521.316648][T24591] vmalloc 0 [ 2521.316648][T24591] shmem 638976 [ 2521.316648][T24591] zswap 0 [ 2521.316648][T24591] zswapped 0 [ 2521.316648][T24591] file_mapped 638976 [ 2521.316648][T24591] file_dirty 0 [ 2521.316648][T24591] file_writeback 0 [ 2521.316648][T24591] swapcached 0 [ 2521.316648][T24591] anon_thp 0 [ 2521.316648][T24591] file_thp 0 [ 2521.316648][T24591] shmem_thp 0 [ 2521.316648][T24591] inactive_anon 356352 [ 2521.316648][T24591] active_anon 405504 [ 2521.316648][T24591] inactive_file 0 09:53:35 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x1000000000000}, 0x0) 09:53:35 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x2000, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:35 executing program 3: r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180200000000005ef6dfdc5e63aef000850020e0ab420000d00000009500000000000000"], &(0x7f0000000140)='syzkaller\x00', 0x4, 0xf6, &(0x7f0000000180)=""/246, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000480), 0x8) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x22, 0x1, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x845}, 0x0) getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=ANY=[@ANYBLOB="4800000010000507000000010000ffff00000180", @ANYRES64=r4, @ANYBLOB="00000000000000002800007608746800000000004207bfecf8e1b3291490d2f9c33732553f54fb9e006d141052b38400796d10b8f671b9369dcbd8e0e7f7133ec8bd2d170abfc9eb6d773dcb6822917aca94ef5a772caa7bf234a09bab0b4566b67e50b379b053d8c9f501f3be39fade1960abc43ce35de0002ecfd4309e6d5969f0b7dc4dfc6f360de41c458b7f51"], 0x48}}, 0x4801) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000900)=@newqdisc={0x2c, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_atm={0x8}]}, 0x2c}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.current\x00', 0x275a, 0x0) write$binfmt_script(r7, &(0x7f0000000280)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r6, @ANYBLOB="01edff000000000004003b1c210008000300", @ANYRES32=r5, @ANYBLOB="2c0433005000de295b3acba5e0194cb76e2c2ee4080211000001"], 0x448}}, 0x0) r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r10 = socket$nl_generic(0x10, 0x3, 0x10) sendfile(r10, r9, 0x0, 0x10000a006) r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r8) ioctl$ifreq_SIOCGIFINDEX_wireguard(r10, 0x8933, &(0x7f0000000300)={'wg1\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r7, 0x89f2, &(0x7f00000003c0)={'syztnl0\x00', &(0x7f0000000340)={'syztnl1\x00', r12, 0x4, 0x80, 0x9, 0x8, 0x8, @mcast1, @loopback, 0x7, 0x7, 0x10001}}) sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x2c, r11, 0x800, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0xc14) r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r13, &(0x7f0000000040)=ANY=[], 0x208e24b) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000700)=@bpf_ext={0x1c, 0x7, &(0x7f00000004c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x53f5, 0x0, 0x0, 0x0, 0x3}, [@map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0xd1b8}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x4}]}, &(0x7f0000000500)='syzkaller\x00', 0x7, 0xce, &(0x7f0000000540)=""/206, 0x41100, 0x4, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000640)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0xfffffffe, 0x10, 0x400, 0x94b}, 0x10, 0x10583, r1, 0x0, &(0x7f00000006c0)=[0xffffffffffffffff, r13]}, 0x80) r14 = accept$packet(r3, 0x0, &(0x7f00000003c0)) getsockname$packet(r14, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000440)=0x14) sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000940)=@delchain={0x24, 0x2e, 0x301, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xd}, {0x1, 0xffff}}}, 0x24}}, 0x0) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000280)={r1, r4, 0x25, 0x2}, 0x10) [ 2521.316648][T24591] active_file 0 [ 2521.316648][T24591] unevictable 0 [ 2521.316648][T24591] slab_reclaimable 227928 [ 2521.316648][T24591] slab_unreclaimable 307765288 [ 2521.483590][T24591] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24591,uid=0 [ 2521.510357][T24621] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2521.518833][T24591] Memory cgroup out of memory: Killed process 24591 (syz-executor.2) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2521.588981][T24616] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2521.612402][T24616] CPU: 0 PID: 24616 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2521.623067][T24616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2521.633162][T24616] Call Trace: [ 2521.636461][T24616] [ 2521.639416][T24616] dump_stack_lvl+0xd1/0x138 [ 2521.644059][T24616] dump_header+0x10b/0x85f [ 2521.648530][T24616] oom_kill_process.cold+0x10/0x15 [ 2521.653694][T24616] out_of_memory+0x35c/0x14a0 [ 2521.658424][T24616] ? find_held_lock+0x2d/0x110 [ 2521.663241][T24616] ? oom_killer_disable+0x280/0x280 [ 2521.668503][T24616] ? find_held_lock+0x2d/0x110 [ 2521.673416][T24616] mem_cgroup_out_of_memory+0x206/0x270 [ 2521.679020][T24616] ? mem_cgroup_margin+0x130/0x130 [ 2521.684276][T24616] ? lock_downgrade+0x6e0/0x6e0 [ 2521.689199][T24616] try_charge_memcg+0xefb/0x12f0 [ 2521.694189][T24616] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2521.700223][T24616] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2521.706003][T24616] ? lock_downgrade+0x6e0/0x6e0 [ 2521.710928][T24616] obj_cgroup_charge+0x2af/0x5e0 [ 2521.715919][T24616] ? vm_area_dup+0x7d/0x380 [ 2521.720463][T24616] kmem_cache_alloc+0xb5/0x430 [ 2521.725272][T24616] vm_area_dup+0x7d/0x380 [ 2521.729643][T24616] ? mt_slot+0xa1/0x170 [ 2521.733848][T24616] ? mas_next_nentry+0x610/0xab0 [ 2521.738830][T24616] ? mas_next_node+0x547/0xa00 [ 2521.743641][T24616] ? mas_find+0x211/0xd10 [ 2521.748015][T24616] ? vm_area_alloc+0x100/0x100 [ 2521.752804][T24616] ? validate_mm_mt+0x149/0x1b0 [ 2521.757658][T24616] ? remove_vma+0x130/0x130 [ 2521.762176][T24616] ? can_vma_merge_before+0x390/0x390 [ 2521.767569][T24616] __split_vma+0xae/0x5e0 [ 2521.771951][T24616] ? vma_merge+0x2cf/0x870 [ 2521.776409][T24616] split_vma+0xa3/0xe0 [ 2521.780516][T24616] mprotect_fixup+0x686/0x960 [ 2521.785248][T24616] ? mas_find+0x211/0xd10 [ 2521.789611][T24616] ? change_protection+0x3b30/0x3b30 [ 2521.794941][T24616] do_mprotect_pkey+0x6fd/0xa70 [ 2521.799828][T24616] ? mprotect_fixup+0x960/0x960 [ 2521.804714][T24616] ? up_write+0x1b0/0x520 [ 2521.809077][T24616] ? xfd_validate_state+0x5d/0x180 [ 2521.814200][T24616] __x64_sys_mprotect+0x78/0xb0 [ 2521.819065][T24616] do_syscall_64+0x39/0xb0 [ 2521.823545][T24616] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2521.829480][T24616] RIP: 0033:0x7f0b7de8c1d7 [ 2521.833921][T24616] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2521.853552][T24616] RSP: 002b:00007fff06370108 EFLAGS: 00000206 ORIG_RAX: 000000000000000a [ 2521.861993][T24616] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f0b7de8c1d7 [ 2521.869987][T24616] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f0b7eb63000 [ 2521.878180][T24616] RBP: 00007fff063701e0 R08: 00000000ffffffff R09: 00007f0b7eb82700 [ 2521.886192][T24616] R10: 0000000000020022 R11: 0000000000000206 R12: 00007fff06370300 [ 2521.894206][T24616] R13: 00007f0b7eb82700 R14: 0000000000000000 R15: 0000000000022000 [ 2521.902233][T24616] [ 2521.907345][T24616] memory: usage 307200kB, limit 307200kB, failcnt 79083 [ 2521.915708][T24616] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2521.922881][T24616] Memory cgroup stats for /syz0: [ 2521.923131][T24616] anon 139264 [ 2521.923131][T24616] file 479232 [ 2521.923131][T24616] kernel 313954304 [ 2521.923131][T24616] kernel_stack 65536 [ 2521.923131][T24616] pagetables 77824 [ 2521.923131][T24616] sec_pagetables 0 [ 2521.923131][T24616] percpu 5614656 [ 2521.923131][T24616] sock 0 [ 2521.923131][T24616] vmalloc 8192 [ 2521.923131][T24616] shmem 479232 [ 2521.923131][T24616] zswap 0 [ 2521.923131][T24616] zswapped 0 [ 2521.923131][T24616] file_mapped 479232 [ 2521.923131][T24616] file_dirty 0 [ 2521.923131][T24616] file_writeback 0 [ 2521.923131][T24616] swapcached 0 [ 2521.923131][T24616] anon_thp 0 [ 2521.923131][T24616] file_thp 0 [ 2521.923131][T24616] shmem_thp 0 [ 2521.923131][T24616] inactive_anon 176128 [ 2521.923131][T24616] active_anon 442368 [ 2521.923131][T24616] inactive_file 0 [ 2521.923131][T24616] active_file 0 [ 2521.923131][T24616] unevictable 0 [ 2521.923131][T24616] slab_reclaimable 28096 [ 2521.923131][T24616] slab_unreclaimable 308120488 [ 2522.017626][T24616] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=24616,uid=0 [ 2522.034110][T24616] Memory cgroup out of memory: Killed process 24616 (syz-executor.0) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2522.052504][T24598] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2522.067085][T24598] CPU: 1 PID: 24598 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2522.077547][T24598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2522.087636][T24598] Call Trace: [ 2522.090939][T24598] [ 2522.093895][T24598] dump_stack_lvl+0xd1/0x138 [ 2522.098536][T24598] dump_header+0x10b/0x85f [ 2522.103041][T24598] oom_kill_process.cold+0x10/0x15 [ 2522.108201][T24598] out_of_memory+0x35c/0x14a0 [ 2522.112940][T24598] ? oom_killer_disable+0x280/0x280 [ 2522.118193][T24598] ? find_held_lock+0x2d/0x110 [ 2522.123007][T24598] mem_cgroup_out_of_memory+0x206/0x270 [ 2522.128600][T24598] ? mem_cgroup_margin+0x130/0x130 [ 2522.133751][T24598] ? lock_downgrade+0x6e0/0x6e0 [ 2522.138650][T24598] try_charge_memcg+0xefb/0x12f0 [ 2522.143630][T24598] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2522.149653][T24598] ? lock_downgrade+0x6e0/0x6e0 [ 2522.154556][T24598] charge_memcg+0x90/0x3b0 [ 2522.159012][T24598] __mem_cgroup_charge+0x2b/0x90 [ 2522.163984][T24598] do_wp_page+0x7ec/0x3370 [ 2522.168445][T24598] ? lock_release+0x810/0x810 [ 2522.173150][T24598] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2522.178568][T24598] ? do_raw_spin_lock+0x124/0x2b0 [ 2522.183625][T24598] ? rwlock_bug.part.0+0x90/0x90 [ 2522.188594][T24598] ? lock_chain_count+0x20/0x20 [ 2522.193483][T24598] __handle_mm_fault+0x1f58/0x3c90 [ 2522.198646][T24598] ? vm_iomap_memory+0x190/0x190 [ 2522.203649][T24598] handle_mm_fault+0x1b6/0x850 [ 2522.208461][T24598] do_user_addr_fault+0x475/0x1210 [ 2522.213617][T24598] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2522.219222][T24598] exc_page_fault+0x98/0x170 [ 2522.223848][T24598] asm_exc_page_fault+0x26/0x30 [ 2522.228728][T24598] RIP: 0033:0x7ff9f2039570 [ 2522.233166][T24598] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2522.252806][T24598] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2522.258906][T24598] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2522.266915][T24598] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2522.274908][T24598] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2522.282905][T24598] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2522.290907][T24598] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2522.298903][T24598] ? __sock_create+0x2c/0x790 [ 2522.303645][T24598] [ 2522.310972][T24598] memory: usage 307200kB, limit 307200kB, failcnt 32260 [ 2522.318568][T24598] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2522.325727][T24598] Memory cgroup stats for /syz1: [ 2522.325963][T24598] anon 114688 [ 2522.325963][T24598] file 606208 [ 2522.325963][T24598] kernel 313835520 [ 2522.325963][T24598] kernel_stack 65536 [ 2522.325963][T24598] pagetables 73728 [ 2522.325963][T24598] sec_pagetables 0 [ 2522.325963][T24598] percpu 5612224 [ 2522.325963][T24598] sock 0 [ 2522.325963][T24598] vmalloc 0 [ 2522.325963][T24598] shmem 602112 [ 2522.325963][T24598] zswap 0 [ 2522.325963][T24598] zswapped 0 [ 2522.325963][T24598] file_mapped 602112 [ 2522.325963][T24598] file_dirty 0 [ 2522.325963][T24598] file_writeback 0 [ 2522.325963][T24598] swapcached 0 [ 2522.325963][T24598] anon_thp 0 [ 2522.325963][T24598] file_thp 0 [ 2522.325963][T24598] shmem_thp 0 [ 2522.325963][T24598] inactive_anon 282624 [ 2522.325963][T24598] active_anon 434176 [ 2522.325963][T24598] inactive_file 0 [ 2522.325963][T24598] active_file 4096 [ 2522.325963][T24598] unevictable 0 [ 2522.325963][T24598] slab_reclaimable 219568 [ 2522.325963][T24598] slab_unreclaimable 307839080 [ 2522.423416][T24598] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=24598,uid=0 09:53:36 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xf602}, 0x0) 09:53:36 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r10) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, r11, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, ']\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x2c}}, 0x0) r13 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r14 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r15 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r14) sendmsg$IEEE802154_LLSEC_ADD_DEV(r13, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000c40)={0x14, r15, 0x201, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000440)={'wpan3\x00'}) 09:53:36 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x2900, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:36 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0x9202) 09:53:36 executing program 3: r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180200000000005ef6dfdc5e63aef000850020e0ab420000d00000009500000000000000"], &(0x7f0000000140)='syzkaller\x00', 0x4, 0xf6, &(0x7f0000000180)=""/246, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) (async) r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000480), 0x8) r2 = socket$netlink(0x10, 0x3, 0x0) (async) r3 = socket(0x22, 0x1, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x845}, 0x0) (async) getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=ANY=[@ANYBLOB="4800000010000507000000010000ffff00000180", @ANYRES64=r4, @ANYBLOB="00000000000000002800007608746800000000004207bfecf8e1b3291490d2f9c33732553f54fb9e006d141052b38400796d10b8f671b9369dcbd8e0e7f7133ec8bd2d170abfc9eb6d773dcb6822917aca94ef5a772caa7bf234a09bab0b4566b67e50b379b053d8c9f501f3be39fade1960abc43ce35de0002ecfd4309e6d5969f0b7dc4dfc6f360de41c458b7f51"], 0x48}}, 0x4801) (async) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000900)=@newqdisc={0x2c, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_atm={0x8}]}, 0x2c}}, 0x0) (async) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.current\x00', 0x275a, 0x0) write$binfmt_script(r7, &(0x7f0000000280)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0) (async) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r6, @ANYBLOB="01edff000000000004003b1c210008000300", @ANYRES32=r5, @ANYBLOB="2c0433005000de295b3acba5e0194cb76e2c2ee4080211000001"], 0x448}}, 0x0) r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) (async) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) (async) r10 = socket$nl_generic(0x10, 0x3, 0x10) sendfile(r10, r9, 0x0, 0x10000a006) (async) r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r8) ioctl$ifreq_SIOCGIFINDEX_wireguard(r10, 0x8933, &(0x7f0000000300)={'wg1\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r7, 0x89f2, &(0x7f00000003c0)={'syztnl0\x00', &(0x7f0000000340)={'syztnl1\x00', r12, 0x4, 0x80, 0x9, 0x8, 0x8, @mcast1, @loopback, 0x7, 0x7, 0x10001}}) sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x2c, r11, 0x800, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0xc14) (async) r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r13, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000700)=@bpf_ext={0x1c, 0x7, &(0x7f00000004c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x53f5, 0x0, 0x0, 0x0, 0x3}, [@map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0xd1b8}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x4}]}, &(0x7f0000000500)='syzkaller\x00', 0x7, 0xce, &(0x7f0000000540)=""/206, 0x41100, 0x4, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000640)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0xfffffffe, 0x10, 0x400, 0x94b}, 0x10, 0x10583, r1, 0x0, &(0x7f00000006c0)=[0xffffffffffffffff, r13]}, 0x80) r14 = accept$packet(r3, 0x0, &(0x7f00000003c0)) getsockname$packet(r14, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000440)=0x14) sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000940)=@delchain={0x24, 0x2e, 0x301, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xd}, {0x1, 0xffff}}}, 0x24}}, 0x0) (async) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000280)={r1, r4, 0x25, 0x2}, 0x10) 09:53:36 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x4000000000000}, 0x0) [ 2522.439945][T24598] Memory cgroup out of memory: Killed process 24598 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 09:53:36 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x34c0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:36 executing program 3: r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180200000000005ef6dfdc5e63aef000850020e0ab420000d00000009500000000000000"], &(0x7f0000000140)='syzkaller\x00', 0x4, 0xf6, &(0x7f0000000180)=""/246, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000480), 0x8) (async) r2 = socket$netlink(0x10, 0x3, 0x0) (async, rerun: 32) r3 = socket(0x22, 0x1, 0x0) (rerun: 32) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x845}, 0x0) (async) getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=ANY=[@ANYBLOB="4800000010000507000000010000ffff00000180", @ANYRES64=r4, @ANYBLOB="00000000000000002800007608746800000000004207bfecf8e1b3291490d2f9c33732553f54fb9e006d141052b38400796d10b8f671b9369dcbd8e0e7f7133ec8bd2d170abfc9eb6d773dcb6822917aca94ef5a772caa7bf234a09bab0b4566b67e50b379b053d8c9f501f3be39fade1960abc43ce35de0002ecfd4309e6d5969f0b7dc4dfc6f360de41c458b7f51"], 0x48}}, 0x4801) (async) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000900)=@newqdisc={0x2c, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_atm={0x8}]}, 0x2c}}, 0x0) (async) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) (async) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) (async) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.current\x00', 0x275a, 0x0) write$binfmt_script(r7, &(0x7f0000000280)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0) (async, rerun: 32) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r6, @ANYBLOB="01edff000000000004003b1c210008000300", @ANYRES32=r5, @ANYBLOB="2c0433005000de295b3acba5e0194cb76e2c2ee4080211000001"], 0x448}}, 0x0) (async, rerun: 32) r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) (async, rerun: 32) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) (rerun: 32) r10 = socket$nl_generic(0x10, 0x3, 0x10) sendfile(r10, r9, 0x0, 0x10000a006) (async) r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r8) ioctl$ifreq_SIOCGIFINDEX_wireguard(r10, 0x8933, &(0x7f0000000300)={'wg1\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r7, 0x89f2, &(0x7f00000003c0)={'syztnl0\x00', &(0x7f0000000340)={'syztnl1\x00', r12, 0x4, 0x80, 0x9, 0x8, 0x8, @mcast1, @loopback, 0x7, 0x7, 0x10001}}) (async) sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x2c, r11, 0x800, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0xc14) (async) r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r13, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000700)=@bpf_ext={0x1c, 0x7, &(0x7f00000004c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x53f5, 0x0, 0x0, 0x0, 0x3}, [@map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0xd1b8}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x4}]}, &(0x7f0000000500)='syzkaller\x00', 0x7, 0xce, &(0x7f0000000540)=""/206, 0x41100, 0x4, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000640)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0xfffffffe, 0x10, 0x400, 0x94b}, 0x10, 0x10583, r1, 0x0, &(0x7f00000006c0)=[0xffffffffffffffff, r13]}, 0x80) r14 = accept$packet(r3, 0x0, &(0x7f00000003c0)) getsockname$packet(r14, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000440)=0x14) (async, rerun: 64) sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000940)=@delchain={0x24, 0x2e, 0x301, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xd}, {0x1, 0xffff}}}, 0x24}}, 0x0) (async, rerun: 64) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000280)={r1, r4, 0x25, 0x2}, 0x10) [ 2522.595662][T24634] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. 09:53:37 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x3800, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2522.666492][T24635] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2522.728987][T24635] CPU: 0 PID: 24635 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2522.739577][T24635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2522.749672][T24635] Call Trace: [ 2522.752981][T24635] [ 2522.755944][T24635] dump_stack_lvl+0xd1/0x138 [ 2522.760589][T24635] dump_header+0x10b/0x85f [ 2522.765064][T24635] oom_kill_process.cold+0x10/0x15 [ 2522.770233][T24635] out_of_memory+0x35c/0x14a0 [ 2522.774968][T24635] ? find_held_lock+0x2d/0x110 [ 2522.779781][T24635] ? oom_killer_disable+0x280/0x280 [ 2522.785030][T24635] ? find_held_lock+0x2d/0x110 [ 2522.789856][T24635] mem_cgroup_out_of_memory+0x206/0x270 [ 2522.795463][T24635] ? mem_cgroup_margin+0x130/0x130 [ 2522.800645][T24635] ? lock_downgrade+0x6e0/0x6e0 [ 2522.806440][T24635] try_charge_memcg+0xefb/0x12f0 [ 2522.811439][T24635] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2522.817481][T24635] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2522.823311][T24635] ? lock_downgrade+0x6e0/0x6e0 [ 2522.828211][T24635] ? lock_downgrade+0x6e0/0x6e0 [ 2522.833130][T24635] obj_cgroup_charge+0x2af/0x5e0 [ 2522.838128][T24635] kmem_cache_alloc_lru+0x145/0x760 [ 2522.843370][T24635] ? sock_alloc_inode+0x27/0x1d0 [ 2522.848375][T24635] sock_alloc_inode+0x27/0x1d0 [ 2522.853185][T24635] ? sock_free_inode+0x30/0x30 [ 2522.857993][T24635] alloc_inode+0x61/0x230 [ 2522.862391][T24635] new_inode_pseudo+0x17/0x80 [ 2522.867126][T24635] sock_alloc+0x40/0x260 [ 2522.871601][T24635] __sock_create+0xbd/0x790 [ 2522.876184][T24635] __sys_socket+0x133/0x250 [ 2522.880754][T24635] ? __sys_socket_file+0x1f0/0x1f0 [ 2522.885931][T24635] __x64_sys_socket+0x73/0xb0 [ 2522.890660][T24635] do_syscall_64+0x39/0xb0 [ 2522.895122][T24635] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2522.901045][T24635] RIP: 0033:0x7f0b7de8c0c9 [ 2522.905500][T24635] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 09:53:37 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000010000c50000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x45) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000000c0)='kvm_ioapic_delayed_eoi_inj\x00', r0}, 0x10) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)) socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x1, 0x803, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001600200026bdcb00fddbdf2500000000"], 0x14}, 0x1, 0x0, 0x0, 0x4001050}, 0x0) 09:53:37 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xa511) [ 2522.925157][T24635] RSP: 002b:00007f0b7eba3168 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 2522.933622][T24635] RAX: ffffffffffffffda RBX: 00007f0b7dfabf80 RCX: 00007f0b7de8c0c9 [ 2522.941639][T24635] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000010 [ 2522.949654][T24635] RBP: 00007f0b7dee7ae9 R08: 0000000000000000 R09: 0000000000000000 [ 2522.957670][T24635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2522.965682][T24635] R13: 00007fff0637016f R14: 00007f0b7eba3300 R15: 0000000000022000 [ 2522.973726][T24635] 09:53:37 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x3f00, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2523.018600][T24635] memory: usage 307200kB, limit 307200kB, failcnt 79184 [ 2523.043718][T24635] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2523.091256][T24635] Memory cgroup stats for /syz0: [ 2523.091474][T24635] anon 139264 [ 2523.091474][T24635] file 479232 [ 2523.091474][T24635] kernel 313937920 [ 2523.091474][T24635] kernel_stack 65536 [ 2523.091474][T24635] pagetables 77824 [ 2523.091474][T24635] sec_pagetables 0 [ 2523.091474][T24635] percpu 5614656 [ 2523.091474][T24635] sock 0 [ 2523.091474][T24635] vmalloc 8192 [ 2523.091474][T24635] shmem 479232 [ 2523.091474][T24635] zswap 0 [ 2523.091474][T24635] zswapped 0 [ 2523.091474][T24635] file_mapped 479232 [ 2523.091474][T24635] file_dirty 0 [ 2523.091474][T24635] file_writeback 0 [ 2523.091474][T24635] swapcached 0 [ 2523.091474][T24635] anon_thp 0 [ 2523.091474][T24635] file_thp 0 [ 2523.091474][T24635] shmem_thp 0 [ 2523.091474][T24635] inactive_anon 176128 [ 2523.091474][T24635] active_anon 442368 [ 2523.091474][T24635] inactive_file 0 [ 2523.091474][T24635] active_file 0 [ 2523.091474][T24635] unevictable 0 [ 2523.091474][T24635] slab_reclaimable 20384 [ 2523.091474][T24635] slab_unreclaimable 308117896 [ 2523.210700][T24635] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=24629,uid=0 [ 2523.239146][T24635] Memory cgroup out of memory: Killed process 24629 (syz-executor.0) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2523.270758][T24636] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2523.301438][T24636] CPU: 1 PID: 24636 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2523.311926][T24636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2523.322009][T24636] Call Trace: [ 2523.325307][T24636] [ 2523.328259][T24636] dump_stack_lvl+0xd1/0x138 [ 2523.332898][T24636] dump_header+0x10b/0x85f [ 2523.337366][T24636] oom_kill_process.cold+0x10/0x15 [ 2523.342539][T24636] out_of_memory+0x35c/0x14a0 [ 2523.347278][T24636] ? oom_killer_disable+0x280/0x280 [ 2523.352534][T24636] ? find_held_lock+0x2d/0x110 [ 2523.357350][T24636] mem_cgroup_out_of_memory+0x206/0x270 [ 2523.362943][T24636] ? mem_cgroup_margin+0x130/0x130 [ 2523.368097][T24636] ? lock_downgrade+0x6e0/0x6e0 [ 2523.373005][T24636] try_charge_memcg+0xefb/0x12f0 [ 2523.377992][T24636] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2523.384020][T24636] ? lock_downgrade+0x6e0/0x6e0 [ 2523.388923][T24636] charge_memcg+0x90/0x3b0 [ 2523.393382][T24636] __mem_cgroup_charge+0x2b/0x90 [ 2523.398361][T24636] do_wp_page+0x7ec/0x3370 [ 2523.402828][T24636] ? lock_release+0x810/0x810 [ 2523.407539][T24636] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2523.412949][T24636] ? do_raw_spin_lock+0x124/0x2b0 [ 2523.417998][T24636] ? rwlock_bug.part.0+0x90/0x90 [ 2523.422956][T24636] ? lock_chain_count+0x20/0x20 [ 2523.427833][T24636] __handle_mm_fault+0x1f58/0x3c90 [ 2523.432980][T24636] ? vm_iomap_memory+0x190/0x190 [ 2523.437974][T24636] handle_mm_fault+0x1b6/0x850 [ 2523.442773][T24636] do_user_addr_fault+0x475/0x1210 [ 2523.447914][T24636] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2523.453498][T24636] exc_page_fault+0x98/0x170 [ 2523.458110][T24636] asm_exc_page_fault+0x26/0x30 [ 2523.462978][T24636] RIP: 0033:0x7ff9f2039570 [ 2523.467406][T24636] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2523.487121][T24636] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2523.493206][T24636] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2523.501187][T24636] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2523.509170][T24636] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2523.517152][T24636] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2523.525134][T24636] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2523.533116][T24636] ? __sock_create+0x2c/0x790 [ 2523.537837][T24636] [ 2523.543055][T24636] memory: usage 307200kB, limit 307200kB, failcnt 32357 [ 2523.551642][T24636] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2523.559606][T24636] Memory cgroup stats for /syz1: [ 2523.559941][T24636] anon 114688 [ 2523.559941][T24636] file 606208 [ 2523.559941][T24636] kernel 313851904 [ 2523.559941][T24636] kernel_stack 65536 [ 2523.559941][T24636] pagetables 73728 [ 2523.559941][T24636] sec_pagetables 0 [ 2523.559941][T24636] percpu 5612288 [ 2523.559941][T24636] sock 0 [ 2523.559941][T24636] vmalloc 0 [ 2523.559941][T24636] shmem 602112 [ 2523.559941][T24636] zswap 0 [ 2523.559941][T24636] zswapped 0 [ 2523.559941][T24636] file_mapped 602112 [ 2523.559941][T24636] file_dirty 4096 [ 2523.559941][T24636] file_writeback 0 [ 2523.559941][T24636] swapcached 0 [ 2523.559941][T24636] anon_thp 0 [ 2523.559941][T24636] file_thp 0 [ 2523.559941][T24636] shmem_thp 0 [ 2523.559941][T24636] inactive_anon 282624 [ 2523.559941][T24636] active_anon 434176 [ 2523.559941][T24636] inactive_file 0 [ 2523.559941][T24636] active_file 4096 [ 2523.559941][T24636] unevictable 0 [ 2523.559941][T24636] slab_reclaimable 219568 [ 2523.559941][T24636] slab_unreclaimable 307848312 [ 2523.655780][T24636] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=24636,uid=0 [ 2523.671537][T24636] Memory cgroup out of memory: Killed process 24636 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2523.689558][T24655] syz-executor.2 invoked oom-killer: gfp_mask=0xdc0(GFP_KERNEL|__GFP_ZERO), order=0, oom_score_adj=1000 [ 2523.707996][T24655] CPU: 0 PID: 24655 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2523.718462][T24655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2523.728560][T24655] Call Trace: [ 2523.731873][T24655] [ 2523.734845][T24655] dump_stack_lvl+0xd1/0x138 [ 2523.739495][T24655] dump_header+0x10b/0x85f [ 2523.743981][T24655] oom_kill_process.cold+0x10/0x15 [ 2523.749173][T24655] out_of_memory+0x35c/0x14a0 [ 2523.753919][T24655] ? oom_killer_disable+0x280/0x280 [ 2523.759186][T24655] ? find_held_lock+0x2d/0x110 [ 2523.764005][T24655] mem_cgroup_out_of_memory+0x206/0x270 09:53:38 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xf603}, 0x0) 09:53:38 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000010000c50000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x45) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000000c0)='kvm_ioapic_delayed_eoi_inj\x00', r0}, 0x10) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)) socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x1, 0x803, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001600200026bdcb00fddbdf2500000000"], 0x14}, 0x1, 0x0, 0x0, 0x4001050}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000010000c50000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x45) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000000c0)='kvm_ioapic_delayed_eoi_inj\x00', r0}, 0x10) (async) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)) (async) socket$nl_route(0x10, 0x3, 0x0) (async) socket(0x1, 0x803, 0x0) (async) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) (async) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001600200026bdcb00fddbdf2500000000"], 0x14}, 0x1, 0x0, 0x0, 0x4001050}, 0x0) (async) 09:53:38 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x4000, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:38 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r10) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, r11, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, ']\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x2c}}, 0x0) r13 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r14 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r15 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r14) sendmsg$IEEE802154_LLSEC_ADD_DEV(r13, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000c40)={0x14, r15, 0x201, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 09:53:38 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0xf0ffffffffffff}, 0x0) [ 2523.769606][T24655] ? mem_cgroup_margin+0x130/0x130 [ 2523.774866][T24655] ? lock_downgrade+0x6e0/0x6e0 [ 2523.779787][T24655] try_charge_memcg+0xefb/0x12f0 [ 2523.784780][T24655] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2523.790808][T24655] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2523.796585][T24655] ? lock_downgrade+0x6e0/0x6e0 [ 2523.801487][T24655] ? lock_downgrade+0x6e0/0x6e0 [ 2523.806378][T24655] ? rcu_read_unlock+0x9/0x60 [ 2523.811112][T24655] obj_cgroup_charge+0x2af/0x5e0 [ 2523.816082][T24655] ? __alloc_file+0x21/0x270 [ 2523.820698][T24655] kmem_cache_alloc+0xb5/0x430 [ 2523.825480][T24655] ? d_instantiate+0x79/0xa0 [ 2523.830096][T24655] __alloc_file+0x21/0x270 [ 2523.834539][T24655] alloc_empty_file+0x71/0x170 [ 2523.839337][T24655] alloc_file+0x59/0x800 [ 2523.843624][T24655] alloc_file_pseudo+0x169/0x250 [ 2523.848595][T24655] ? alloc_file+0x800/0x800 [ 2523.853134][T24655] ? alloc_fd+0x2d8/0x6d0 [ 2523.857493][T24655] sock_alloc_file+0x53/0x190 [ 2523.862209][T24655] __sys_socket+0x1a8/0x250 [ 2523.866747][T24655] ? __sys_socket_file+0x1f0/0x1f0 [ 2523.871902][T24655] __x64_sys_socket+0x73/0xb0 [ 2523.876610][T24655] do_syscall_64+0x39/0xb0 [ 2523.881053][T24655] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2523.886964][T24655] RIP: 0033:0x7f909a68c0c9 [ 2523.891393][T24655] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2523.911031][T24655] RSP: 002b:00007f909b45a168 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 2523.919472][T24655] RAX: ffffffffffffffda RBX: 00007f909a7abf80 RCX: 00007f909a68c0c9 [ 2523.927460][T24655] RDX: 0000000000000000 RSI: 0000000000000803 RDI: 0000000000000010 [ 2523.935441][T24655] RBP: 00007f909a6e7ae9 R08: 0000000000000000 R09: 0000000000000000 [ 2523.943427][T24655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2523.951408][T24655] R13: 00007ffc6e869edf R14: 00007f909b45a300 R15: 0000000000022000 [ 2523.959412][T24655] 09:53:38 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x5c00, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2523.976666][T24655] memory: usage 307184kB, limit 307200kB, failcnt 69470 [ 2523.994281][T24655] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2524.020481][T24655] Memory cgroup stats for /syz2: [ 2524.020706][T24655] anon 139264 [ 2524.020706][T24655] file 638976 [ 2524.020706][T24655] kernel 313778176 [ 2524.020706][T24655] kernel_stack 65536 [ 2524.020706][T24655] pagetables 81920 [ 2524.020706][T24655] sec_pagetables 0 [ 2524.020706][T24655] percpu 5611040 [ 2524.020706][T24655] sock 0 [ 2524.020706][T24655] vmalloc 0 [ 2524.020706][T24655] shmem 638976 [ 2524.020706][T24655] zswap 0 [ 2524.020706][T24655] zswapped 0 [ 2524.020706][T24655] file_mapped 638976 09:53:38 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0xc034, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2524.020706][T24655] file_dirty 0 [ 2524.020706][T24655] file_writeback 0 [ 2524.020706][T24655] swapcached 0 [ 2524.020706][T24655] anon_thp 0 [ 2524.020706][T24655] file_thp 0 [ 2524.020706][T24655] shmem_thp 0 [ 2524.020706][T24655] inactive_anon 372736 [ 2524.020706][T24655] active_anon 405504 [ 2524.020706][T24655] inactive_file 0 [ 2524.020706][T24655] active_file 0 [ 2524.020706][T24655] unevictable 0 [ 2524.020706][T24655] slab_reclaimable 233712 [ 2524.020706][T24655] slab_unreclaimable 307758760 09:53:38 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0xc800, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:38 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000010000c50000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x45) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000000c0)='kvm_ioapic_delayed_eoi_inj\x00', r0}, 0x10) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)) socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x1, 0x803, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001600200026bdcb00fddbdf2500000000"], 0x14}, 0x1, 0x0, 0x0, 0x4001050}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000010000c50000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x45) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000000c0)='kvm_ioapic_delayed_eoi_inj\x00', r0}, 0x10) (async) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)) (async) socket$nl_route(0x10, 0x3, 0x0) (async) socket(0x1, 0x803, 0x0) (async) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) (async) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001600200026bdcb00fddbdf2500000000"], 0x14}, 0x1, 0x0, 0x0, 0x4001050}, 0x0) (async) 09:53:38 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0xe000, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2524.313865][T24655] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24650,uid=0 09:53:38 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xa602) 09:53:38 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r10) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, r11, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, ']\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x2c}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r13 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r13) [ 2524.390884][T24655] Memory cgroup out of memory: Killed process 24650 (syz-executor.2) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2524.410059][T24657] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2524.428782][T24657] CPU: 0 PID: 24657 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2524.439257][T24657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2524.449348][T24657] Call Trace: [ 2524.452654][T24657] [ 2524.455609][T24657] dump_stack_lvl+0xd1/0x138 [ 2524.460251][T24657] dump_header+0x10b/0x85f [ 2524.464731][T24657] oom_kill_process.cold+0x10/0x15 [ 2524.469909][T24657] out_of_memory+0x35c/0x14a0 [ 2524.474666][T24657] ? oom_killer_disable+0x280/0x280 [ 2524.479921][T24657] ? find_held_lock+0x2d/0x110 [ 2524.484746][T24657] mem_cgroup_out_of_memory+0x206/0x270 [ 2524.490342][T24657] ? mem_cgroup_margin+0x130/0x130 [ 2524.495497][T24657] ? lock_downgrade+0x6e0/0x6e0 [ 2524.500381][T24657] try_charge_memcg+0xefb/0x12f0 [ 2524.505344][T24657] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2524.511369][T24657] ? lock_downgrade+0x6e0/0x6e0 [ 2524.516254][T24657] charge_memcg+0x90/0x3b0 [ 2524.520691][T24657] __mem_cgroup_charge+0x2b/0x90 [ 2524.525648][T24657] do_wp_page+0x7ec/0x3370 [ 2524.530098][T24657] ? lock_release+0x810/0x810 [ 2524.534880][T24657] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2524.540280][T24657] ? do_raw_spin_lock+0x124/0x2b0 [ 2524.545332][T24657] ? rwlock_bug.part.0+0x90/0x90 [ 2524.550286][T24657] ? lock_chain_count+0x20/0x20 [ 2524.555162][T24657] __handle_mm_fault+0x1f58/0x3c90 [ 2524.560303][T24657] ? vm_iomap_memory+0x190/0x190 [ 2524.565290][T24657] handle_mm_fault+0x1b6/0x850 [ 2524.570087][T24657] do_user_addr_fault+0x475/0x1210 [ 2524.575225][T24657] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2524.580801][T24657] exc_page_fault+0x98/0x170 [ 2524.585417][T24657] asm_exc_page_fault+0x26/0x30 [ 2524.590283][T24657] RIP: 0033:0x7f0b7de39570 [ 2524.594796][T24657] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2524.614448][T24657] RSP: 002b:00007fff06370110 EFLAGS: 00010246 [ 2524.620532][T24657] RAX: 0000000041637750 RBX: 00007f0b7dfac0e8 RCX: 0000001b31d20000 [ 2524.628512][T24657] RDX: 0000000000000000 RSI: 0000001b31d20018 RDI: 000000000c5be95e [ 2524.636493][T24657] RBP: 0000000041637750 R08: 0000000000001750 R09: 0000000041637754 [ 2524.644476][T24657] R10: 00007fff063702d0 R11: 0000000000000246 R12: 00007f0b7dfa0000 [ 2524.652458][T24657] R13: 0000000000000001 R14: 0000000000000002 R15: ffffffff87bf5059 [ 2524.660446][T24657] ? __sys_sendmsg+0x99/0x1c0 [ 2524.665169][T24657] [ 2524.731655][T24689] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2524.829265][T24657] memory: usage 307200kB, limit 307200kB, failcnt 79255 [ 2524.836628][T24657] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2524.843867][T24657] Memory cgroup stats for /syz0: [ 2524.844127][T24657] anon 114688 [ 2524.844127][T24657] file 479232 [ 2524.844127][T24657] kernel 313978880 [ 2524.844127][T24657] kernel_stack 98304 [ 2524.844127][T24657] pagetables 77824 [ 2524.844127][T24657] sec_pagetables 0 [ 2524.844127][T24657] percpu 5614656 [ 2524.844127][T24657] sock 0 [ 2524.844127][T24657] vmalloc 8192 [ 2524.844127][T24657] shmem 479232 [ 2524.844127][T24657] zswap 0 [ 2524.844127][T24657] zswapped 0 [ 2524.844127][T24657] file_mapped 479232 [ 2524.844127][T24657] file_dirty 0 [ 2524.844127][T24657] file_writeback 0 [ 2524.844127][T24657] swapcached 0 [ 2524.844127][T24657] anon_thp 0 [ 2524.844127][T24657] file_thp 0 [ 2524.844127][T24657] shmem_thp 0 [ 2524.844127][T24657] inactive_anon 151552 [ 2524.844127][T24657] active_anon 442368 [ 2524.844127][T24657] inactive_file 0 [ 2524.844127][T24657] active_file 0 [ 2524.844127][T24657] unevictable 0 [ 2524.844127][T24657] slab_reclaimable 20384 [ 2524.844127][T24657] slab_unreclaimable 308126584 [ 2524.940678][T24657] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=24657,uid=0 [ 2524.960159][T24657] Memory cgroup out of memory: Killed process 24657 (syz-executor.0) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2524.998456][T24684] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2525.012090][T24684] CPU: 0 PID: 24684 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2525.022562][T24684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2525.032652][T24684] Call Trace: [ 2525.035955][T24684] [ 2525.038914][T24684] dump_stack_lvl+0xd1/0x138 [ 2525.043558][T24684] dump_header+0x10b/0x85f [ 2525.048046][T24684] oom_kill_process.cold+0x10/0x15 [ 2525.053213][T24684] out_of_memory+0x35c/0x14a0 [ 2525.057948][T24684] ? find_held_lock+0x2d/0x110 [ 2525.062760][T24684] ? oom_killer_disable+0x280/0x280 [ 2525.068016][T24684] ? find_held_lock+0x2d/0x110 [ 2525.072834][T24684] mem_cgroup_out_of_memory+0x206/0x270 [ 2525.078423][T24684] ? mem_cgroup_margin+0x130/0x130 [ 2525.083587][T24684] ? lock_downgrade+0x6e0/0x6e0 [ 2525.088498][T24684] try_charge_memcg+0xefb/0x12f0 [ 2525.093484][T24684] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2525.099522][T24684] ? lock_downgrade+0x6e0/0x6e0 [ 2525.104427][T24684] charge_memcg+0x90/0x3b0 [ 2525.108885][T24684] __mem_cgroup_charge+0x2b/0x90 [ 2525.113867][T24684] do_wp_page+0x7ec/0x3370 [ 2525.118331][T24684] ? lock_release+0x810/0x810 [ 2525.123050][T24684] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2525.128467][T24684] ? do_raw_spin_lock+0x124/0x2b0 [ 2525.133527][T24684] ? rwlock_bug.part.0+0x90/0x90 [ 2525.138501][T24684] ? lock_chain_count+0x20/0x20 [ 2525.143394][T24684] __handle_mm_fault+0x1f58/0x3c90 [ 2525.148559][T24684] ? vm_iomap_memory+0x190/0x190 [ 2525.153541][T24684] handle_mm_fault+0x1b6/0x850 [ 2525.158344][T24684] do_user_addr_fault+0x475/0x1210 [ 2525.163468][T24684] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2525.169037][T24684] exc_page_fault+0x98/0x170 [ 2525.173660][T24684] asm_exc_page_fault+0x26/0x30 [ 2525.178540][T24684] RIP: 0033:0x7ff9f2039570 [ 2525.182977][T24684] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2525.202619][T24684] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2525.208694][T24684] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2525.216663][T24684] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2525.224646][T24684] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2525.232646][T24684] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2525.240647][T24684] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2525.248645][T24684] ? __sock_create+0x2c/0x790 [ 2525.253367][T24684] [ 2525.269264][T24684] memory: usage 307200kB, limit 307200kB, failcnt 32496 [ 2525.277167][T24684] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2525.284229][T24684] Memory cgroup stats for /syz1: [ 2525.284459][T24684] anon 114688 [ 2525.284459][T24684] file 606208 [ 2525.284459][T24684] kernel 313851904 [ 2525.284459][T24684] kernel_stack 65536 [ 2525.284459][T24684] pagetables 73728 [ 2525.284459][T24684] sec_pagetables 0 [ 2525.284459][T24684] percpu 5612288 [ 2525.284459][T24684] sock 0 [ 2525.284459][T24684] vmalloc 0 [ 2525.284459][T24684] shmem 602112 [ 2525.284459][T24684] zswap 0 [ 2525.284459][T24684] zswapped 0 [ 2525.284459][T24684] file_mapped 602112 [ 2525.284459][T24684] file_dirty 4096 [ 2525.284459][T24684] file_writeback 0 [ 2525.284459][T24684] swapcached 0 [ 2525.284459][T24684] anon_thp 0 [ 2525.284459][T24684] file_thp 0 [ 2525.284459][T24684] shmem_thp 0 [ 2525.284459][T24684] inactive_anon 282624 [ 2525.284459][T24684] active_anon 434176 [ 2525.284459][T24684] inactive_file 0 [ 2525.284459][T24684] active_file 4096 [ 2525.284459][T24684] unevictable 0 [ 2525.284459][T24684] slab_reclaimable 219568 [ 2525.284459][T24684] slab_unreclaimable 307848312 [ 2525.381283][T24684] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=24684,uid=0 09:53:39 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xf802}, 0x0) 09:53:39 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0xe803, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:39 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r10) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, r11, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, ']\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x2c}}, 0x0) r13 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r14 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r15 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r14) sendmsg$IEEE802154_LLSEC_ADD_DEV(r13, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000c40)={0x14, r15, 0x201, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 09:53:39 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xa803) 09:53:39 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x100000000000000}, 0x0) 09:53:39 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r10) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, r11, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, ']\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x2c}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) [ 2525.398191][T24684] Memory cgroup out of memory: Killed process 24684 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 09:53:39 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0xf401, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2525.565479][T24700] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 09:53:39 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2525.656231][T24701] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2525.661352][T24692] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000 [ 2525.716301][T24692] CPU: 1 PID: 24692 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2525.726793][T24692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2525.736888][T24692] Call Trace: [ 2525.740197][T24692] [ 2525.743157][T24692] dump_stack_lvl+0xd1/0x138 [ 2525.747799][T24692] dump_header+0x10b/0x85f [ 2525.752276][T24692] oom_kill_process.cold+0x10/0x15 [ 2525.757450][T24692] out_of_memory+0x35c/0x14a0 [ 2525.762193][T24692] ? find_held_lock+0x2d/0x110 [ 2525.767011][T24692] ? oom_killer_disable+0x280/0x280 [ 2525.772264][T24692] ? find_held_lock+0x2d/0x110 [ 2525.777091][T24692] mem_cgroup_out_of_memory+0x206/0x270 [ 2525.782698][T24692] ? mem_cgroup_margin+0x130/0x130 [ 2525.787864][T24692] ? lock_downgrade+0x6e0/0x6e0 [ 2525.792774][T24692] try_charge_memcg+0xefb/0x12f0 [ 2525.797761][T24692] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2525.803780][T24692] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2525.809554][T24692] ? lock_downgrade+0x6e0/0x6e0 [ 2525.814445][T24692] ? lock_downgrade+0x6e0/0x6e0 [ 2525.819341][T24692] ? rcu_read_unlock+0x9/0x60 [ 2525.824079][T24692] obj_cgroup_charge+0x2af/0x5e0 [ 2525.829064][T24692] ? copy_process+0x3aa/0x7520 [ 2525.833870][T24692] kmem_cache_alloc_node+0xb7/0x460 [ 2525.839117][T24692] copy_process+0x3aa/0x7520 [ 2525.843757][T24692] ? __lock_acquire+0xbc3/0x56d0 [ 2525.848748][T24692] ? __cleanup_sighand+0xb0/0xb0 [ 2525.853725][T24692] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 2525.859748][T24692] ? psi_memstall_leave+0x174/0x250 [ 2525.865005][T24692] kernel_clone+0xeb/0x990 [ 2525.869463][T24692] ? create_io_thread+0xf0/0xf0 [ 2525.874362][T24692] ? percpu_ref_put_many.constprop.0+0x6a/0x1a0 [ 2525.880670][T24692] ? lock_downgrade+0x6e0/0x6e0 [ 2525.885573][T24692] __do_sys_clone+0xba/0x100 [ 2525.890211][T24692] ? kernel_clone+0x990/0x990 [ 2525.894944][T24692] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2525.900885][T24692] do_syscall_64+0x39/0xb0 [ 2525.905350][T24692] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2525.911279][T24692] RIP: 0033:0x7f0b7de8d4f1 [ 2525.915724][T24692] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2525.935375][T24692] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2525.943836][T24692] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2525.951962][T24692] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 09:53:40 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x2, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2525.959974][T24692] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2525.967984][T24692] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2525.975990][T24692] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2525.984017][T24692] 09:53:40 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x3, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:40 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r10) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, r11, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, ']\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x2c}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 09:53:40 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r10) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, r11, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, ']\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x2c}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r13 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r13) [ 2526.154111][T24692] memory: usage 307200kB, limit 307200kB, failcnt 79332 [ 2526.166667][T24692] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2526.178930][T24692] Memory cgroup stats for /syz0: [ 2526.179225][T24692] anon 143360 [ 2526.179225][T24692] file 479232 [ 2526.179225][T24692] kernel 313950208 [ 2526.179225][T24692] kernel_stack 65536 [ 2526.179225][T24692] pagetables 77824 [ 2526.179225][T24692] sec_pagetables 0 [ 2526.179225][T24692] percpu 5614656 [ 2526.179225][T24692] sock 0 [ 2526.179225][T24692] vmalloc 8192 [ 2526.179225][T24692] shmem 479232 [ 2526.179225][T24692] zswap 0 [ 2526.179225][T24692] zswapped 0 [ 2526.179225][T24692] file_mapped 479232 [ 2526.179225][T24692] file_dirty 0 [ 2526.179225][T24692] file_writeback 0 [ 2526.179225][T24692] swapcached 0 [ 2526.179225][T24692] anon_thp 0 [ 2526.179225][T24692] file_thp 0 [ 2526.179225][T24692] shmem_thp 0 [ 2526.179225][T24692] inactive_anon 180224 [ 2526.179225][T24692] active_anon 442368 [ 2526.179225][T24692] inactive_file 0 [ 2526.179225][T24692] active_file 0 [ 2526.179225][T24692] unevictable 0 [ 2526.179225][T24692] slab_reclaimable 28096 [ 2526.179225][T24692] slab_unreclaimable 308121352 [ 2526.446731][T24692] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=24692,uid=0 [ 2526.498804][T24692] Memory cgroup out of memory: Killed process 24692 (syz-executor.0) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2526.555191][T24698] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2526.585212][T24698] CPU: 0 PID: 24698 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2526.595704][T24698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2526.605797][T24698] Call Trace: [ 2526.609106][T24698] [ 2526.612058][T24698] dump_stack_lvl+0xd1/0x138 [ 2526.616692][T24698] dump_header+0x10b/0x85f [ 2526.621164][T24698] oom_kill_process.cold+0x10/0x15 [ 2526.626334][T24698] out_of_memory+0x35c/0x14a0 [ 2526.631069][T24698] ? find_held_lock+0x2d/0x110 [ 2526.635884][T24698] ? oom_killer_disable+0x280/0x280 [ 2526.641139][T24698] ? find_held_lock+0x2d/0x110 [ 2526.645943][T24698] mem_cgroup_out_of_memory+0x206/0x270 [ 2526.651522][T24698] ? mem_cgroup_margin+0x130/0x130 [ 2526.656665][T24698] ? lock_downgrade+0x6e0/0x6e0 [ 2526.661550][T24698] try_charge_memcg+0xefb/0x12f0 [ 2526.666519][T24698] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2526.672534][T24698] ? lock_downgrade+0x6e0/0x6e0 [ 2526.677421][T24698] charge_memcg+0x90/0x3b0 [ 2526.681860][T24698] __mem_cgroup_charge+0x2b/0x90 [ 2526.686820][T24698] do_wp_page+0x7ec/0x3370 [ 2526.691273][T24698] ? lock_release+0x810/0x810 [ 2526.695969][T24698] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2526.701368][T24698] ? do_raw_spin_lock+0x124/0x2b0 [ 2526.706413][T24698] ? rwlock_bug.part.0+0x90/0x90 [ 2526.711373][T24698] ? lock_chain_count+0x20/0x20 [ 2526.716247][T24698] __handle_mm_fault+0x1f58/0x3c90 [ 2526.721397][T24698] ? vm_iomap_memory+0x190/0x190 [ 2526.726388][T24698] handle_mm_fault+0x1b6/0x850 [ 2526.731186][T24698] do_user_addr_fault+0x475/0x1210 [ 2526.736324][T24698] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2526.741918][T24698] exc_page_fault+0x98/0x170 [ 2526.746531][T24698] asm_exc_page_fault+0x26/0x30 [ 2526.751406][T24698] RIP: 0033:0x7ff9f2039570 [ 2526.755843][T24698] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2526.775463][T24698] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2526.781552][T24698] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2526.789542][T24698] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2526.797529][T24698] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2526.805519][T24698] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2526.813503][T24698] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2526.821484][T24698] ? __sock_create+0x2c/0x790 [ 2526.826206][T24698] [ 2526.858806][T24698] memory: usage 307200kB, limit 307200kB, failcnt 32609 [ 2526.865995][T24698] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2526.873141][T24698] Memory cgroup stats for /syz1: [ 2526.873330][T24698] anon 114688 [ 2526.873330][T24698] file 606208 [ 2526.873330][T24698] kernel 313851904 [ 2526.873330][T24698] kernel_stack 65536 [ 2526.873330][T24698] pagetables 73728 [ 2526.873330][T24698] sec_pagetables 0 [ 2526.873330][T24698] percpu 5612288 [ 2526.873330][T24698] sock 0 [ 2526.873330][T24698] vmalloc 0 [ 2526.873330][T24698] shmem 602112 [ 2526.873330][T24698] zswap 0 [ 2526.873330][T24698] zswapped 0 [ 2526.873330][T24698] file_mapped 602112 [ 2526.873330][T24698] file_dirty 4096 [ 2526.873330][T24698] file_writeback 0 [ 2526.873330][T24698] swapcached 0 [ 2526.873330][T24698] anon_thp 0 [ 2526.873330][T24698] file_thp 0 [ 2526.873330][T24698] shmem_thp 0 [ 2526.873330][T24698] inactive_anon 282624 [ 2526.873330][T24698] active_anon 434176 [ 2526.873330][T24698] inactive_file 4096 [ 2526.873330][T24698] active_file 0 [ 2526.873330][T24698] unevictable 0 [ 2526.873330][T24698] slab_reclaimable 219568 [ 2526.873330][T24698] slab_unreclaimable 307848312 [ 2526.970200][T24698] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=24698,uid=0 [ 2526.986196][T24698] Memory cgroup out of memory: Killed process 24698 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2527.004032][T24694] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2527.024582][T24694] CPU: 1 PID: 24694 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2527.035066][T24694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2527.045152][T24694] Call Trace: [ 2527.048455][T24694] [ 2527.051407][T24694] dump_stack_lvl+0xd1/0x138 [ 2527.056052][T24694] dump_header+0x10b/0x85f [ 2527.060517][T24694] oom_kill_process.cold+0x10/0x15 [ 2527.065679][T24694] out_of_memory+0x35c/0x14a0 [ 2527.070415][T24694] ? oom_killer_disable+0x280/0x280 [ 2527.075667][T24694] ? find_held_lock+0x2d/0x110 [ 2527.080484][T24694] mem_cgroup_out_of_memory+0x206/0x270 [ 2527.086081][T24694] ? mem_cgroup_margin+0x130/0x130 [ 2527.091237][T24694] ? lock_downgrade+0x6e0/0x6e0 [ 2527.096143][T24694] try_charge_memcg+0xefb/0x12f0 [ 2527.101124][T24694] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2527.107140][T24694] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2527.112909][T24694] ? lock_downgrade+0x6e0/0x6e0 [ 2527.117804][T24694] ? lock_downgrade+0x6e0/0x6e0 [ 2527.122708][T24694] __memcg_kmem_charge_page+0x16e/0x3b0 [ 2527.128300][T24694] memcg_charge_kernel_stack.part.0+0x6c/0x150 [ 2527.134505][T24694] copy_process+0x1359/0x7520 [ 2527.139240][T24694] ? find_held_lock+0x2d/0x110 [ 2527.144070][T24694] ? __cleanup_sighand+0xb0/0xb0 [ 2527.149042][T24694] ? lock_downgrade+0x6e0/0x6e0 [ 2527.153920][T24694] ? folio_flags.constprop.0+0x53/0x150 [ 2527.159495][T24694] ? folio_add_lru+0x37b/0x680 [ 2527.164287][T24694] kernel_clone+0xeb/0x990 [ 2527.168737][T24694] ? create_io_thread+0xf0/0xf0 [ 2527.173790][T24694] ? find_held_lock+0x2d/0x110 [ 2527.178590][T24694] __do_sys_clone+0xba/0x100 [ 2527.183201][T24694] ? kernel_clone+0x990/0x990 [ 2527.187914][T24694] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2527.193835][T24694] do_syscall_64+0x39/0xb0 [ 2527.198277][T24694] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2527.204188][T24694] RIP: 0033:0x7f909a68d4f1 [ 2527.208617][T24694] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2527.228275][T24694] RSP: 002b:00007ffc6e869e28 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2527.236706][T24694] RAX: ffffffffffffffda RBX: 00007f909b439700 RCX: 00007f909a68d4f1 [ 2527.244692][T24694] RDX: 00007f909b4399d0 RSI: 00007f909b4392f0 RDI: 00000000003d0f00 [ 2527.252672][T24694] RBP: 00007ffc6e86a070 R08: 00007f909b439700 R09: 00007f909b439700 09:53:41 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xfa00}, 0x0) 09:53:41 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x4, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:41 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x200000000000000}, 0x0) [ 2527.260652][T24694] R10: 00007f909b4399d0 R11: 0000000000000206 R12: 00007ffc6e869ede [ 2527.268637][T24694] R13: 00007ffc6e869edf R14: 00007f909b439300 R15: 0000000000022000 [ 2527.276643][T24694] [ 2527.288751][T24694] memory: usage 307200kB, limit 307200kB, failcnt 69740 [ 2527.296210][T24694] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2527.326718][T24694] Memory cgroup stats for /syz2: [ 2527.326977][T24694] anon 143360 [ 2527.326977][T24694] file 638976 [ 2527.326977][T24694] kernel 313790464 [ 2527.326977][T24694] kernel_stack 65536 [ 2527.326977][T24694] pagetables 81920 [ 2527.326977][T24694] sec_pagetables 0 [ 2527.326977][T24694] percpu 5611040 [ 2527.326977][T24694] sock 0 [ 2527.326977][T24694] vmalloc 0 [ 2527.326977][T24694] shmem 638976 [ 2527.326977][T24694] zswap 0 [ 2527.326977][T24694] zswapped 0 [ 2527.326977][T24694] file_mapped 638976 [ 2527.326977][T24694] file_dirty 0 [ 2527.326977][T24694] file_writeback 0 [ 2527.326977][T24694] swapcached 0 [ 2527.326977][T24694] anon_thp 0 [ 2527.326977][T24694] file_thp 0 [ 2527.326977][T24694] shmem_thp 0 [ 2527.326977][T24694] inactive_anon 376832 [ 2527.326977][T24694] active_anon 405504 [ 2527.326977][T24694] inactive_file 0 [ 2527.326977][T24694] active_file 0 [ 2527.326977][T24694] unevictable 0 [ 2527.326977][T24694] slab_reclaimable 233712 [ 2527.326977][T24694] slab_unreclaimable 307766904 [ 2527.452744][T24694] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24694,uid=0 [ 2527.478480][T24694] Memory cgroup out of memory: Killed process 24694 (syz-executor.2) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:53:41 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xca01) 09:53:41 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r10) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, r11, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, ']\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x2c}}, 0x0) 09:53:41 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r10) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, r11, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, ']\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x2c}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r13 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r13) 09:53:41 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x5, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2527.496788][T24724] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2527.518820][T24724] CPU: 0 PID: 24724 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2527.529306][T24724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2527.539401][T24724] Call Trace: [ 2527.542711][T24724] [ 2527.545668][T24724] dump_stack_lvl+0xd1/0x138 [ 2527.550311][T24724] dump_header+0x10b/0x85f [ 2527.554793][T24724] oom_kill_process.cold+0x10/0x15 [ 2527.559972][T24724] out_of_memory+0x35c/0x14a0 [ 2527.564722][T24724] ? oom_killer_disable+0x280/0x280 [ 2527.569992][T24724] ? find_held_lock+0x2d/0x110 [ 2527.574828][T24724] mem_cgroup_out_of_memory+0x206/0x270 [ 2527.580435][T24724] ? mem_cgroup_margin+0x130/0x130 [ 2527.585592][T24724] ? lock_downgrade+0x6e0/0x6e0 [ 2527.590491][T24724] try_charge_memcg+0xefb/0x12f0 [ 2527.595458][T24724] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2527.601463][T24724] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2527.607221][T24724] ? lock_downgrade+0x6e0/0x6e0 [ 2527.612095][T24724] ? lock_downgrade+0x6e0/0x6e0 [ 2527.616976][T24724] obj_cgroup_charge+0x2af/0x5e0 [ 2527.621949][T24724] kmem_cache_alloc_lru+0x145/0x760 [ 2527.627162][T24724] ? sock_alloc_inode+0x27/0x1d0 [ 2527.632138][T24724] sock_alloc_inode+0x27/0x1d0 [ 2527.636929][T24724] ? sock_free_inode+0x30/0x30 [ 2527.641719][T24724] alloc_inode+0x61/0x230 [ 2527.646090][T24724] new_inode_pseudo+0x17/0x80 [ 2527.650818][T24724] sock_alloc+0x40/0x260 [ 2527.655087][T24724] __sock_create+0xbd/0x790 [ 2527.659624][T24724] __sys_socket+0x133/0x250 [ 2527.664163][T24724] ? __sys_socket_file+0x1f0/0x1f0 [ 2527.669313][T24724] __x64_sys_socket+0x73/0xb0 [ 2527.674019][T24724] do_syscall_64+0x39/0xb0 [ 2527.678468][T24724] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2527.684389][T24724] RIP: 0033:0x7f0b7de8c0c9 [ 2527.688817][T24724] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2527.708442][T24724] RSP: 002b:00007f0b7eba3168 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 2527.716881][T24724] RAX: ffffffffffffffda RBX: 00007f0b7dfabf80 RCX: 00007f0b7de8c0c9 [ 2527.724866][T24724] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000010 [ 2527.732852][T24724] RBP: 00007f0b7dee7ae9 R08: 0000000000000000 R09: 0000000000000000 [ 2527.740836][T24724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 09:53:42 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x6, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:42 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x7, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2527.748818][T24724] R13: 00007fff0637016f R14: 00007f0b7eba3300 R15: 0000000000022000 [ 2527.756997][T24724] 09:53:42 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x8, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2527.916650][T24741] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. 09:53:42 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xce01) 09:53:42 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0xb, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2528.095246][T24747] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2528.348281][T24724] memory: usage 307200kB, limit 307200kB, failcnt 79407 [ 2528.369013][T24724] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2528.376033][T24724] Memory cgroup stats for /syz0: [ 2528.376311][T24724] anon 143360 [ 2528.376311][T24724] file 479232 [ 2528.376311][T24724] kernel 313950208 [ 2528.376311][T24724] kernel_stack 65536 [ 2528.376311][T24724] pagetables 77824 [ 2528.376311][T24724] sec_pagetables 0 [ 2528.376311][T24724] percpu 5614656 [ 2528.376311][T24724] sock 0 [ 2528.376311][T24724] vmalloc 8192 [ 2528.376311][T24724] shmem 479232 [ 2528.376311][T24724] zswap 0 [ 2528.376311][T24724] zswapped 0 [ 2528.376311][T24724] file_mapped 479232 [ 2528.376311][T24724] file_dirty 0 [ 2528.376311][T24724] file_writeback 0 [ 2528.376311][T24724] swapcached 0 [ 2528.376311][T24724] anon_thp 0 [ 2528.376311][T24724] file_thp 0 [ 2528.376311][T24724] shmem_thp 0 [ 2528.376311][T24724] inactive_anon 180224 [ 2528.376311][T24724] active_anon 442368 [ 2528.376311][T24724] inactive_file 0 [ 2528.376311][T24724] active_file 0 [ 2528.376311][T24724] unevictable 0 [ 2528.376311][T24724] slab_reclaimable 22312 [ 2528.376311][T24724] slab_unreclaimable 308126904 [ 2528.472737][T24724] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=24723,uid=0 [ 2528.488506][T24724] Memory cgroup out of memory: Killed process 24723 (syz-executor.0) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2528.516389][T24725] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2528.534464][T24725] CPU: 1 PID: 24725 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2528.544941][T24725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2528.555029][T24725] Call Trace: [ 2528.558339][T24725] [ 2528.561296][T24725] dump_stack_lvl+0xd1/0x138 [ 2528.565935][T24725] dump_header+0x10b/0x85f [ 2528.570408][T24725] oom_kill_process.cold+0x10/0x15 [ 2528.575577][T24725] out_of_memory+0x35c/0x14a0 [ 2528.580318][T24725] ? oom_killer_disable+0x280/0x280 [ 2528.585568][T24725] ? find_held_lock+0x2d/0x110 [ 2528.590370][T24725] mem_cgroup_out_of_memory+0x206/0x270 [ 2528.595950][T24725] ? mem_cgroup_margin+0x130/0x130 [ 2528.601088][T24725] ? lock_downgrade+0x6e0/0x6e0 [ 2528.605972][T24725] try_charge_memcg+0xefb/0x12f0 [ 2528.610938][T24725] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2528.616947][T24725] ? lock_downgrade+0x6e0/0x6e0 [ 2528.621830][T24725] charge_memcg+0x90/0x3b0 [ 2528.626267][T24725] __mem_cgroup_charge+0x2b/0x90 [ 2528.631228][T24725] do_wp_page+0x7ec/0x3370 [ 2528.635679][T24725] ? lock_release+0x810/0x810 [ 2528.640370][T24725] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2528.645769][T24725] ? do_raw_spin_lock+0x124/0x2b0 [ 2528.650811][T24725] ? rwlock_bug.part.0+0x90/0x90 [ 2528.655766][T24725] ? lock_chain_count+0x20/0x20 [ 2528.660815][T24725] __handle_mm_fault+0x1f58/0x3c90 [ 2528.665961][T24725] ? vm_iomap_memory+0x190/0x190 [ 2528.670952][T24725] handle_mm_fault+0x1b6/0x850 [ 2528.675748][T24725] do_user_addr_fault+0x475/0x1210 [ 2528.680890][T24725] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2528.686468][T24725] exc_page_fault+0x98/0x170 [ 2528.691080][T24725] asm_exc_page_fault+0x26/0x30 [ 2528.695946][T24725] RIP: 0033:0x7ff9f2039570 [ 2528.700373][T24725] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2528.719997][T24725] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2528.726084][T24725] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2528.734067][T24725] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2528.742050][T24725] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2528.750035][T24725] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2528.758023][T24725] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2528.766006][T24725] ? __sock_create+0x2c/0x790 [ 2528.770747][T24725] [ 2528.782702][ T1206] ieee802154 phy0 wpan0: encryption failed: -22 [ 2528.789109][ T1206] ieee802154 phy1 wpan1: encryption failed: -22 [ 2528.799799][T24725] memory: usage 307200kB, limit 307200kB, failcnt 32718 [ 2528.806795][T24725] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2528.813820][T24725] Memory cgroup stats for /syz1: [ 2528.814232][T24725] anon 114688 [ 2528.814232][T24725] file 606208 [ 2528.814232][T24725] kernel 313851904 [ 2528.814232][T24725] kernel_stack 65536 [ 2528.814232][T24725] pagetables 73728 [ 2528.814232][T24725] sec_pagetables 0 [ 2528.814232][T24725] percpu 5612288 [ 2528.814232][T24725] sock 0 [ 2528.814232][T24725] vmalloc 0 [ 2528.814232][T24725] shmem 602112 [ 2528.814232][T24725] zswap 0 [ 2528.814232][T24725] zswapped 0 [ 2528.814232][T24725] file_mapped 602112 [ 2528.814232][T24725] file_dirty 4096 [ 2528.814232][T24725] file_writeback 0 [ 2528.814232][T24725] swapcached 0 [ 2528.814232][T24725] anon_thp 0 [ 2528.814232][T24725] file_thp 0 [ 2528.814232][T24725] shmem_thp 0 [ 2528.814232][T24725] inactive_anon 282624 [ 2528.814232][T24725] active_anon 434176 [ 2528.814232][T24725] inactive_file 0 [ 2528.814232][T24725] active_file 4096 [ 2528.814232][T24725] unevictable 0 09:53:43 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xfa01}, 0x0) 09:53:43 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0xe, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:43 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xd000) 09:53:43 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xce01) 09:53:43 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 09:53:43 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x300000000000000}, 0x0) [ 2528.814232][T24725] slab_reclaimable 219568 [ 2528.814232][T24725] slab_unreclaimable 307848312 [ 2528.911136][T24725] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=24725,uid=0 [ 2528.926833][T24725] Memory cgroup out of memory: Killed process 24725 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 09:53:43 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x11, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2529.006768][T24757] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. 09:53:43 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x29, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2529.122618][T24750] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000 [ 2529.154762][T24750] CPU: 1 PID: 24750 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2529.165258][T24750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2529.175348][T24750] Call Trace: [ 2529.178658][T24750] [ 2529.181642][T24750] dump_stack_lvl+0xd1/0x138 [ 2529.186282][T24750] dump_header+0x10b/0x85f [ 2529.190762][T24750] oom_kill_process.cold+0x10/0x15 [ 2529.195932][T24750] out_of_memory+0x35c/0x14a0 [ 2529.200672][T24750] ? find_held_lock+0x2d/0x110 [ 2529.205578][T24750] ? oom_killer_disable+0x280/0x280 [ 2529.210836][T24750] ? find_held_lock+0x2d/0x110 [ 2529.215665][T24750] mem_cgroup_out_of_memory+0x206/0x270 [ 2529.221271][T24750] ? mem_cgroup_margin+0x130/0x130 [ 2529.226433][T24750] ? lock_downgrade+0x6e0/0x6e0 [ 2529.231341][T24750] try_charge_memcg+0xefb/0x12f0 [ 2529.236333][T24750] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2529.242352][T24750] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2529.248134][T24750] ? lock_downgrade+0x6e0/0x6e0 [ 2529.253031][T24750] ? lock_downgrade+0x6e0/0x6e0 [ 2529.257923][T24750] ? rcu_read_unlock+0x9/0x60 [ 2529.262664][T24750] obj_cgroup_charge+0x2af/0x5e0 [ 2529.267655][T24750] ? copy_process+0x3aa/0x7520 [ 2529.272459][T24750] kmem_cache_alloc_node+0xb7/0x460 [ 2529.277701][T24750] copy_process+0x3aa/0x7520 [ 2529.282335][T24750] ? find_held_lock+0x2d/0x110 [ 2529.287164][T24750] ? __cleanup_sighand+0xb0/0xb0 [ 2529.292145][T24750] ? lock_downgrade+0x6e0/0x6e0 [ 2529.297034][T24750] ? folio_flags.constprop.0+0x53/0x150 [ 2529.302634][T24750] ? folio_add_lru+0x37b/0x680 [ 2529.307446][T24750] kernel_clone+0xeb/0x990 [ 2529.311907][T24750] ? create_io_thread+0xf0/0xf0 [ 2529.316892][T24750] ? find_held_lock+0x2d/0x110 [ 2529.321722][T24750] __do_sys_clone+0xba/0x100 [ 2529.326355][T24750] ? kernel_clone+0x990/0x990 [ 2529.331104][T24750] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2529.337061][T24750] do_syscall_64+0x39/0xb0 [ 2529.341532][T24750] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2529.347477][T24750] RIP: 0033:0x7f0b7de8d4f1 [ 2529.351928][T24750] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 09:53:43 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x38, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2529.371579][T24750] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2529.380039][T24750] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2529.388055][T24750] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 [ 2529.396151][T24750] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2529.404165][T24750] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2529.412180][T24750] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2529.420212][T24750] 09:53:43 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x5c, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:43 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r10) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, r11, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, ']\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x2c}}, 0x0) [ 2529.457051][T24752] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2529.466574][T24750] memory: usage 307200kB, limit 307200kB, failcnt 79473 [ 2529.481016][T24750] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2529.509332][T24759] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2529.520786][T24750] Memory cgroup stats for /syz0: [ 2529.521043][T24750] anon 143360 [ 2529.521043][T24750] file 479232 [ 2529.521043][T24750] kernel 313950208 [ 2529.521043][T24750] kernel_stack 65536 [ 2529.521043][T24750] pagetables 77824 [ 2529.521043][T24750] sec_pagetables 0 [ 2529.521043][T24750] percpu 5614656 [ 2529.521043][T24750] sock 0 [ 2529.521043][T24750] vmalloc 8192 [ 2529.521043][T24750] shmem 479232 [ 2529.521043][T24750] zswap 0 [ 2529.521043][T24750] zswapped 0 [ 2529.521043][T24750] file_mapped 479232 [ 2529.521043][T24750] file_dirty 0 [ 2529.521043][T24750] file_writeback 0 [ 2529.521043][T24750] swapcached 0 [ 2529.521043][T24750] anon_thp 0 [ 2529.521043][T24750] file_thp 0 [ 2529.521043][T24750] shmem_thp 0 [ 2529.521043][T24750] inactive_anon 180224 [ 2529.521043][T24750] active_anon 442368 [ 2529.521043][T24750] inactive_file 0 [ 2529.521043][T24750] active_file 0 [ 2529.521043][T24750] unevictable 0 [ 2529.521043][T24750] slab_reclaimable 28096 [ 2529.521043][T24750] slab_unreclaimable 308121352 [ 2529.640362][T24750] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=24750,uid=0 09:53:44 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0xc8, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2529.657504][T24750] Memory cgroup out of memory: Killed process 24750 (syz-executor.0) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2529.686464][T24758] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2529.725981][T24758] CPU: 0 PID: 24758 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2529.736471][T24758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2529.746566][T24758] Call Trace: [ 2529.749872][T24758] [ 2529.752839][T24758] dump_stack_lvl+0xd1/0x138 [ 2529.757481][T24758] dump_header+0x10b/0x85f [ 2529.761957][T24758] oom_kill_process.cold+0x10/0x15 [ 2529.767136][T24758] out_of_memory+0x35c/0x14a0 [ 2529.771880][T24758] ? oom_killer_disable+0x280/0x280 [ 2529.777147][T24758] ? find_held_lock+0x2d/0x110 [ 2529.781966][T24758] mem_cgroup_out_of_memory+0x206/0x270 [ 2529.787561][T24758] ? mem_cgroup_margin+0x130/0x130 [ 2529.792724][T24758] ? lock_downgrade+0x6e0/0x6e0 [ 2529.797640][T24758] try_charge_memcg+0xefb/0x12f0 [ 2529.802629][T24758] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2529.808660][T24758] ? lock_downgrade+0x6e0/0x6e0 [ 2529.813571][T24758] charge_memcg+0x90/0x3b0 [ 2529.818035][T24758] __mem_cgroup_charge+0x2b/0x90 [ 2529.823019][T24758] do_wp_page+0x7ec/0x3370 [ 2529.827490][T24758] ? lock_release+0x810/0x810 [ 2529.832204][T24758] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2529.837625][T24758] ? do_raw_spin_lock+0x124/0x2b0 [ 2529.842691][T24758] ? rwlock_bug.part.0+0x90/0x90 [ 2529.847678][T24758] ? lock_chain_count+0x20/0x20 [ 2529.852573][T24758] __handle_mm_fault+0x1f58/0x3c90 [ 2529.857749][T24758] ? vm_iomap_memory+0x190/0x190 [ 2529.862806][T24758] handle_mm_fault+0x1b6/0x850 [ 2529.867630][T24758] do_user_addr_fault+0x475/0x1210 [ 2529.872794][T24758] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2529.878401][T24758] exc_page_fault+0x98/0x170 [ 2529.883210][T24758] asm_exc_page_fault+0x26/0x30 [ 2529.888117][T24758] RIP: 0033:0x7ff9f2039570 [ 2529.892566][T24758] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2529.912218][T24758] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2529.918333][T24758] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2529.926349][T24758] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2529.934362][T24758] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2529.942378][T24758] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2529.950388][T24758] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2529.958487][T24758] ? __sock_create+0x2c/0x790 [ 2529.963259][T24758] [ 2529.993006][T24758] memory: usage 307200kB, limit 307200kB, failcnt 32824 [ 2530.014246][T24758] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2530.021881][T24758] Memory cgroup stats for /syz1: [ 2530.022121][T24758] anon 114688 [ 2530.022121][T24758] file 606208 [ 2530.022121][T24758] kernel 313851904 [ 2530.022121][T24758] kernel_stack 65536 [ 2530.022121][T24758] pagetables 73728 [ 2530.022121][T24758] sec_pagetables 0 [ 2530.022121][T24758] percpu 5612288 [ 2530.022121][T24758] sock 0 [ 2530.022121][T24758] vmalloc 0 [ 2530.022121][T24758] shmem 602112 [ 2530.022121][T24758] zswap 0 [ 2530.022121][T24758] zswapped 0 [ 2530.022121][T24758] file_mapped 602112 [ 2530.022121][T24758] file_dirty 4096 [ 2530.022121][T24758] file_writeback 0 [ 2530.022121][T24758] swapcached 0 [ 2530.022121][T24758] anon_thp 0 [ 2530.022121][T24758] file_thp 0 [ 2530.022121][T24758] shmem_thp 0 [ 2530.022121][T24758] inactive_anon 282624 [ 2530.022121][T24758] active_anon 434176 [ 2530.022121][T24758] inactive_file 0 [ 2530.022121][T24758] active_file 4096 [ 2530.022121][T24758] unevictable 0 [ 2530.022121][T24758] slab_reclaimable 219568 [ 2530.022121][T24758] slab_unreclaimable 307848312 [ 2530.149118][T24758] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=24758,uid=0 [ 2530.165645][T24758] Memory cgroup out of memory: Killed process 24758 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2530.183595][T24755] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2530.205089][T24755] CPU: 0 PID: 24755 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2530.215564][T24755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2530.225655][T24755] Call Trace: [ 2530.228964][T24755] [ 2530.231928][T24755] dump_stack_lvl+0xd1/0x138 [ 2530.236573][T24755] dump_header+0x10b/0x85f [ 2530.241052][T24755] oom_kill_process.cold+0x10/0x15 [ 2530.246218][T24755] out_of_memory+0x35c/0x14a0 [ 2530.250963][T24755] ? oom_killer_disable+0x280/0x280 [ 2530.256222][T24755] ? find_held_lock+0x2d/0x110 [ 2530.261036][T24755] mem_cgroup_out_of_memory+0x206/0x270 [ 2530.266618][T24755] ? mem_cgroup_margin+0x130/0x130 [ 2530.271757][T24755] ? lock_downgrade+0x6e0/0x6e0 [ 2530.276659][T24755] try_charge_memcg+0xefb/0x12f0 [ 2530.281646][T24755] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2530.287660][T24755] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2530.293425][T24755] ? lock_downgrade+0x6e0/0x6e0 [ 2530.298317][T24755] ? lock_downgrade+0x6e0/0x6e0 [ 2530.303216][T24755] __memcg_kmem_charge_page+0x16e/0x3b0 [ 2530.308808][T24755] memcg_charge_kernel_stack.part.0+0x6c/0x150 [ 2530.315036][T24755] copy_process+0x4e3/0x7520 [ 2530.319664][T24755] ? find_held_lock+0x2d/0x110 [ 2530.324480][T24755] ? __cleanup_sighand+0xb0/0xb0 [ 2530.329454][T24755] ? lock_downgrade+0x6e0/0x6e0 [ 2530.334339][T24755] ? folio_flags.constprop.0+0x53/0x150 [ 2530.339917][T24755] ? folio_add_lru+0x37b/0x680 [ 2530.344719][T24755] kernel_clone+0xeb/0x990 [ 2530.349165][T24755] ? create_io_thread+0xf0/0xf0 [ 2530.354052][T24755] ? find_held_lock+0x2d/0x110 [ 2530.358859][T24755] __do_sys_clone+0xba/0x100 [ 2530.363649][T24755] ? kernel_clone+0x990/0x990 [ 2530.368369][T24755] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2530.374294][T24755] do_syscall_64+0x39/0xb0 [ 2530.378739][T24755] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2530.384656][T24755] RIP: 0033:0x7f909a68d4f1 [ 2530.389173][T24755] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2530.408889][T24755] RSP: 002b:00007ffc6e869e28 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2530.417413][T24755] RAX: ffffffffffffffda RBX: 00007f909b439700 RCX: 00007f909a68d4f1 [ 2530.425484][T24755] RDX: 00007f909b4399d0 RSI: 00007f909b4392f0 RDI: 00000000003d0f00 [ 2530.433464][T24755] RBP: 00007ffc6e86a070 R08: 00007f909b439700 R09: 00007f909b439700 [ 2530.441444][T24755] R10: 00007f909b4399d0 R11: 0000000000000206 R12: 00007ffc6e869ede 09:53:44 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xfa02}, 0x0) 09:53:44 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x400000000000000}, 0x0) [ 2530.449428][T24755] R13: 00007ffc6e869edf R14: 00007f909b439300 R15: 0000000000022000 [ 2530.457429][T24755] [ 2530.464285][T24755] memory: usage 307200kB, limit 307200kB, failcnt 70012 [ 2530.492958][T24755] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2530.531383][T24755] Memory cgroup stats for /syz2: [ 2530.531600][T24755] anon 143360 [ 2530.531600][T24755] file 638976 [ 2530.531600][T24755] kernel 313790464 [ 2530.531600][T24755] kernel_stack 65536 [ 2530.531600][T24755] pagetables 81920 [ 2530.531600][T24755] sec_pagetables 0 [ 2530.531600][T24755] percpu 5611040 [ 2530.531600][T24755] sock 0 [ 2530.531600][T24755] vmalloc 0 [ 2530.531600][T24755] shmem 638976 [ 2530.531600][T24755] zswap 0 [ 2530.531600][T24755] zswapped 0 [ 2530.531600][T24755] file_mapped 638976 [ 2530.531600][T24755] file_dirty 0 [ 2530.531600][T24755] file_writeback 0 [ 2530.531600][T24755] swapcached 0 [ 2530.531600][T24755] anon_thp 0 [ 2530.531600][T24755] file_thp 0 [ 2530.531600][T24755] shmem_thp 0 [ 2530.531600][T24755] inactive_anon 376832 [ 2530.531600][T24755] active_anon 405504 [ 2530.531600][T24755] inactive_file 0 [ 2530.531600][T24755] active_file 0 [ 2530.531600][T24755] unevictable 0 [ 2530.531600][T24755] slab_reclaimable 233712 [ 2530.531600][T24755] slab_unreclaimable 307766904 [ 2530.639229][T24781] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2530.672870][T24755] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24755,uid=0 [ 2530.706906][T24755] Memory cgroup out of memory: Killed process 24755 (syz-executor.2) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2530.725915][T24782] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2530.746764][T24782] CPU: 1 PID: 24782 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2530.757251][T24782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2530.767348][T24782] Call Trace: [ 2530.770661][T24782] [ 2530.773629][T24782] dump_stack_lvl+0xd1/0x138 [ 2530.778278][T24782] dump_header+0x10b/0x85f [ 2530.782758][T24782] oom_kill_process.cold+0x10/0x15 [ 2530.787931][T24782] out_of_memory+0x35c/0x14a0 [ 2530.792674][T24782] ? oom_killer_disable+0x280/0x280 [ 2530.797929][T24782] ? find_held_lock+0x2d/0x110 09:53:45 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xd203) 09:53:45 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r10) 09:53:45 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0xe0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:45 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xca01) 09:53:45 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x500000000000000}, 0x0) [ 2530.802750][T24782] mem_cgroup_out_of_memory+0x206/0x270 [ 2530.808356][T24782] ? mem_cgroup_margin+0x130/0x130 [ 2530.813520][T24782] ? lock_downgrade+0x6e0/0x6e0 [ 2530.818432][T24782] try_charge_memcg+0xefb/0x12f0 [ 2530.823439][T24782] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2530.829461][T24782] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2530.835251][T24782] ? lock_downgrade+0x6e0/0x6e0 [ 2530.840156][T24782] ? lock_downgrade+0x6e0/0x6e0 [ 2530.844979][T24790] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 2530.845050][T24782] obj_cgroup_charge+0x2af/0x5e0 [ 2530.859297][T24782] kmem_cache_alloc_lru+0x145/0x760 [ 2530.864532][T24782] ? sock_alloc_inode+0x27/0x1d0 [ 2530.869530][T24782] sock_alloc_inode+0x27/0x1d0 [ 2530.874340][T24782] ? sock_free_inode+0x30/0x30 [ 2530.879150][T24782] alloc_inode+0x61/0x230 [ 2530.883538][T24782] new_inode_pseudo+0x17/0x80 [ 2530.888273][T24782] sock_alloc+0x40/0x260 [ 2530.892562][T24782] __sock_create+0xbd/0x790 [ 2530.897129][T24782] __sys_socket+0x133/0x250 [ 2530.901689][T24782] ? __sys_socket_file+0x1f0/0x1f0 [ 2530.906867][T24782] __x64_sys_socket+0x73/0xb0 [ 2530.911607][T24782] do_syscall_64+0x39/0xb0 [ 2530.916072][T24782] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2530.921997][T24782] RIP: 0033:0x7ff9f208c0c9 [ 2530.926437][T24782] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2530.946155][T24782] RSP: 002b:00007ff9f2e64168 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 2530.954627][T24782] RAX: ffffffffffffffda RBX: 00007ff9f21abf80 RCX: 00007ff9f208c0c9 [ 2530.962635][T24782] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000010 [ 2530.970641][T24782] RBP: 00007ff9f20e7ae9 R08: 0000000000000000 R09: 0000000000000000 [ 2530.978642][T24782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2530.986644][T24782] R13: 00007fffc68a93ef R14: 00007ff9f2e64300 R15: 0000000000022000 [ 2530.994669][T24782] 09:53:45 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x4, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:45 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2531.073242][T24792] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. 09:53:45 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x21, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:45 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r10) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, r11, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x6, 0x1, ']\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x2c}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) [ 2531.179897][T24782] memory: usage 307180kB, limit 307200kB, failcnt 32934 [ 2531.196027][T24782] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2531.211423][T24782] Memory cgroup stats for /syz1: [ 2531.211711][T24782] anon 98304 [ 2531.211711][T24782] file 606208 [ 2531.211711][T24782] kernel 313847808 [ 2531.211711][T24782] kernel_stack 65536 [ 2531.211711][T24782] pagetables 73728 [ 2531.211711][T24782] sec_pagetables 0 [ 2531.211711][T24782] percpu 5612288 [ 2531.211711][T24782] sock 0 [ 2531.211711][T24782] vmalloc 0 [ 2531.211711][T24782] shmem 602112 [ 2531.211711][T24782] zswap 0 [ 2531.211711][T24782] zswapped 0 [ 2531.211711][T24782] file_mapped 602112 [ 2531.211711][T24782] file_dirty 4096 [ 2531.211711][T24782] file_writeback 0 [ 2531.211711][T24782] swapcached 0 [ 2531.211711][T24782] anon_thp 0 [ 2531.211711][T24782] file_thp 0 [ 2531.211711][T24782] shmem_thp 0 [ 2531.211711][T24782] inactive_anon 266240 [ 2531.211711][T24782] active_anon 434176 [ 2531.211711][T24782] inactive_file 0 [ 2531.211711][T24782] active_file 4096 [ 2531.211711][T24782] unevictable 0 [ 2531.211711][T24782] slab_reclaimable 217640 [ 2531.211711][T24782] slab_unreclaimable 307847664 09:53:45 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x29, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2531.326012][T24782] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=24780,uid=0 [ 2531.357983][T24782] Memory cgroup out of memory: Killed process 24780 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2531.389891][T24786] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000 [ 2531.417858][T24786] CPU: 1 PID: 24786 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2531.428334][T24786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2531.438406][T24786] Call Trace: [ 2531.441693][T24786] [ 2531.444635][T24786] dump_stack_lvl+0xd1/0x138 [ 2531.449266][T24786] dump_header+0x10b/0x85f [ 2531.453713][T24786] oom_kill_process.cold+0x10/0x15 [ 2531.458858][T24786] out_of_memory+0x35c/0x14a0 [ 2531.463573][T24786] ? oom_killer_disable+0x280/0x280 [ 2531.468804][T24786] ? find_held_lock+0x2d/0x110 [ 2531.473600][T24786] mem_cgroup_out_of_memory+0x206/0x270 [ 2531.479177][T24786] ? mem_cgroup_margin+0x130/0x130 [ 2531.484310][T24786] ? lock_downgrade+0x6e0/0x6e0 [ 2531.489195][T24786] try_charge_memcg+0xe89/0x12f0 [ 2531.494158][T24786] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2531.500157][T24786] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2531.505904][T24786] ? lock_downgrade+0x6e0/0x6e0 [ 2531.510772][T24786] ? lock_downgrade+0x6e0/0x6e0 [ 2531.515634][T24786] ? rcu_read_unlock+0x9/0x60 [ 2531.520349][T24786] obj_cgroup_charge+0x2af/0x5e0 [ 2531.525308][T24786] ? copy_process+0x3aa/0x7520 [ 2531.530088][T24786] kmem_cache_alloc_node+0xb7/0x460 [ 2531.535319][T24786] copy_process+0x3aa/0x7520 [ 2531.539933][T24786] ? __lock_acquire+0xbc3/0x56d0 [ 2531.544899][T24786] ? __cleanup_sighand+0xb0/0xb0 [ 2531.549857][T24786] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 2531.555857][T24786] ? psi_memstall_leave+0x174/0x250 [ 2531.561088][T24786] kernel_clone+0xeb/0x990 [ 2531.565526][T24786] ? create_io_thread+0xf0/0xf0 [ 2531.570403][T24786] ? percpu_ref_put_many.constprop.0+0x6a/0x1a0 [ 2531.576670][T24786] ? lock_downgrade+0x6e0/0x6e0 [ 2531.581549][T24786] __do_sys_clone+0xba/0x100 [ 2531.586159][T24786] ? kernel_clone+0x990/0x990 [ 2531.590867][T24786] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2531.596793][T24786] do_syscall_64+0x39/0xb0 [ 2531.601233][T24786] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2531.607146][T24786] RIP: 0033:0x7f0b7de8d4f1 [ 2531.611571][T24786] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2531.631192][T24786] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 09:53:46 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xfa03}, 0x0) 09:53:46 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x2b, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2531.639619][T24786] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2531.647602][T24786] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 [ 2531.655671][T24786] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2531.663653][T24786] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2531.671631][T24786] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2531.679639][T24786] [ 2531.808858][T24786] memory: usage 307180kB, limit 307200kB, failcnt 79657 [ 2531.816277][T24786] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2531.832349][T24786] Memory cgroup stats for /syz0: [ 2531.832548][T24786] anon 143360 [ 2531.832548][T24786] file 479232 [ 2531.832548][T24786] kernel 313929728 [ 2531.832548][T24786] kernel_stack 65536 [ 2531.832548][T24786] pagetables 77824 [ 2531.832548][T24786] sec_pagetables 0 [ 2531.832548][T24786] percpu 5614592 [ 2531.832548][T24786] sock 0 [ 2531.832548][T24786] vmalloc 8192 [ 2531.832548][T24786] shmem 479232 [ 2531.832548][T24786] zswap 0 [ 2531.832548][T24786] zswapped 0 [ 2531.832548][T24786] file_mapped 479232 [ 2531.832548][T24786] file_dirty 0 [ 2531.832548][T24786] file_writeback 0 [ 2531.832548][T24786] swapcached 0 [ 2531.832548][T24786] anon_thp 0 [ 2531.832548][T24786] file_thp 0 [ 2531.832548][T24786] shmem_thp 0 [ 2531.832548][T24786] inactive_anon 180224 [ 2531.832548][T24786] active_anon 442368 [ 2531.832548][T24786] inactive_file 0 [ 2531.832548][T24786] active_file 0 [ 2531.832548][T24786] unevictable 0 [ 2531.832548][T24786] slab_reclaimable 24240 [ 2531.832548][T24786] slab_unreclaimable 308108272 [ 2531.942510][T24786] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=24786,uid=0 [ 2531.958848][T24786] Memory cgroup out of memory: Killed process 24786 (syz-executor.0) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2531.977009][T24789] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2531.995674][T24789] CPU: 0 PID: 24789 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2532.006148][T24789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2532.016239][T24789] Call Trace: [ 2532.019552][T24789] [ 2532.022519][T24789] dump_stack_lvl+0xd1/0x138 [ 2532.027166][T24789] dump_header+0x10b/0x85f [ 2532.031643][T24789] oom_kill_process.cold+0x10/0x15 [ 2532.036818][T24789] out_of_memory+0x35c/0x14a0 [ 2532.041558][T24789] ? oom_killer_disable+0x280/0x280 [ 2532.046814][T24789] ? find_held_lock+0x2d/0x110 [ 2532.051625][T24789] mem_cgroup_out_of_memory+0x206/0x270 [ 2532.057205][T24789] ? mem_cgroup_margin+0x130/0x130 [ 2532.062342][T24789] ? lock_downgrade+0x6e0/0x6e0 [ 2532.067238][T24789] try_charge_memcg+0xefb/0x12f0 [ 2532.072203][T24789] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2532.078201][T24789] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2532.083946][T24789] ? lock_downgrade+0x6e0/0x6e0 [ 2532.088835][T24789] obj_cgroup_charge+0x2af/0x5e0 [ 2532.093792][T24789] ? vm_area_dup+0x7d/0x380 [ 2532.098311][T24789] kmem_cache_alloc+0xb5/0x430 [ 2532.103097][T24789] vm_area_dup+0x7d/0x380 [ 2532.107444][T24789] ? mt_slot+0xa1/0x170 [ 2532.111630][T24789] ? mas_next_nentry+0x610/0xab0 [ 2532.116598][T24789] ? mas_next_node+0x547/0xa00 [ 2532.121388][T24789] ? mas_find+0x211/0xd10 [ 2532.125740][T24789] ? vm_area_alloc+0x100/0x100 [ 2532.130525][T24789] ? validate_mm_mt+0x149/0x1b0 [ 2532.135394][T24789] ? remove_vma+0x130/0x130 [ 2532.139915][T24789] ? can_vma_merge_before+0x390/0x390 [ 2532.145309][T24789] __split_vma+0xae/0x5e0 [ 2532.149652][T24789] ? vma_merge+0x2cf/0x870 [ 2532.154092][T24789] split_vma+0xa3/0xe0 [ 2532.158179][T24789] mprotect_fixup+0x686/0x960 [ 2532.162880][T24789] ? mas_find+0x211/0xd10 [ 2532.167235][T24789] ? change_protection+0x3b30/0x3b30 [ 2532.172553][T24789] do_mprotect_pkey+0x6fd/0xa70 [ 2532.177523][T24789] ? mprotect_fixup+0x960/0x960 [ 2532.182392][T24789] ? up_write+0x1b0/0x520 [ 2532.186784][T24789] __x64_sys_mprotect+0x78/0xb0 [ 2532.191655][T24789] do_syscall_64+0x39/0xb0 [ 2532.196098][T24789] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2532.202005][T24789] RIP: 0033:0x7f909a68c1d7 [ 2532.206435][T24789] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2532.226141][T24789] RSP: 002b:00007ffc6e869e78 EFLAGS: 00000206 ORIG_RAX: 000000000000000a [ 2532.234577][T24789] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f909a68c1d7 [ 2532.242565][T24789] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f909b41a000 [ 2532.250547][T24789] RBP: 00007ffc6e869f50 R08: 00000000ffffffff R09: 00007f909b439700 [ 2532.258528][T24789] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffc6e86a070 [ 2532.266522][T24789] R13: 00007f909b439700 R14: 0000000000000000 R15: 0000000000022000 [ 2532.274530][T24789] [ 2532.280854][T24789] memory: usage 307200kB, limit 307200kB, failcnt 70160 [ 2532.288557][T24789] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2532.296715][T24789] Memory cgroup stats for /syz2: [ 2532.298089][T24789] anon 139264 [ 2532.298089][T24789] file 638976 [ 2532.298089][T24789] kernel 313794560 [ 2532.298089][T24789] kernel_stack 65536 [ 2532.298089][T24789] pagetables 81920 [ 2532.298089][T24789] sec_pagetables 0 [ 2532.298089][T24789] percpu 5611104 [ 2532.298089][T24789] sock 0 [ 2532.298089][T24789] vmalloc 0 [ 2532.298089][T24789] shmem 638976 [ 2532.298089][T24789] zswap 0 [ 2532.298089][T24789] zswapped 0 [ 2532.298089][T24789] file_mapped 638976 [ 2532.298089][T24789] file_dirty 0 [ 2532.298089][T24789] file_writeback 0 [ 2532.298089][T24789] swapcached 0 [ 2532.298089][T24789] anon_thp 0 [ 2532.298089][T24789] file_thp 0 [ 2532.298089][T24789] shmem_thp 0 [ 2532.298089][T24789] inactive_anon 372736 [ 2532.298089][T24789] active_anon 405504 [ 2532.298089][T24789] inactive_file 0 [ 2532.298089][T24789] active_file 0 [ 2532.298089][T24789] unevictable 0 [ 2532.298089][T24789] slab_reclaimable 233712 [ 2532.298089][T24789] slab_unreclaimable 307770328 [ 2532.395923][T24789] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24789,uid=0 [ 2532.411827][T24789] Memory cgroup out of memory: Killed process 24789 (syz-executor.2) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2532.454442][T24812] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2532.467631][T24812] CPU: 1 PID: 24812 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2532.478104][T24812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2532.488195][T24812] Call Trace: [ 2532.491495][T24812] [ 2532.494452][T24812] dump_stack_lvl+0xd1/0x138 [ 2532.499091][T24812] dump_header+0x10b/0x85f [ 2532.503543][T24812] oom_kill_process.cold+0x10/0x15 [ 2532.508694][T24812] out_of_memory+0x35c/0x14a0 [ 2532.513413][T24812] ? find_held_lock+0x2d/0x110 [ 2532.518212][T24812] ? oom_killer_disable+0x280/0x280 [ 2532.523445][T24812] ? find_held_lock+0x2d/0x110 [ 2532.528243][T24812] mem_cgroup_out_of_memory+0x206/0x270 [ 2532.533818][T24812] ? mem_cgroup_margin+0x130/0x130 [ 2532.538954][T24812] ? lock_downgrade+0x6e0/0x6e0 [ 2532.543843][T24812] try_charge_memcg+0xefb/0x12f0 [ 2532.548811][T24812] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2532.554822][T24812] ? lock_downgrade+0x6e0/0x6e0 [ 2532.559714][T24812] charge_memcg+0x90/0x3b0 [ 2532.564158][T24812] __mem_cgroup_charge+0x2b/0x90 [ 2532.569126][T24812] do_wp_page+0x7ec/0x3370 [ 2532.573576][T24812] ? lock_release+0x810/0x810 [ 2532.578268][T24812] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2532.583668][T24812] ? do_raw_spin_lock+0x124/0x2b0 [ 2532.588709][T24812] ? rwlock_bug.part.0+0x90/0x90 [ 2532.593667][T24812] ? lock_chain_count+0x20/0x20 [ 2532.598535][T24812] __handle_mm_fault+0x1f58/0x3c90 [ 2532.603680][T24812] ? vm_iomap_memory+0x190/0x190 [ 2532.608679][T24812] handle_mm_fault+0x1b6/0x850 [ 2532.613486][T24812] do_user_addr_fault+0x475/0x1210 [ 2532.618623][T24812] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2532.624209][T24812] exc_page_fault+0x98/0x170 [ 2532.628817][T24812] asm_exc_page_fault+0x26/0x30 [ 2532.633683][T24812] RIP: 0033:0x7ff9f2039570 [ 2532.638114][T24812] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2532.657732][T24812] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2532.663815][T24812] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2532.672321][T24812] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2532.680307][T24812] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2532.688289][T24812] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2532.696272][T24812] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2532.704256][T24812] ? __sock_create+0x2c/0x790 [ 2532.708985][T24812] [ 2532.714984][T24812] memory: usage 307200kB, limit 307200kB, failcnt 33044 [ 2532.722270][T24812] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2532.729605][T24812] Memory cgroup stats for /syz1: [ 2532.729841][T24812] anon 114688 [ 2532.729841][T24812] file 606208 [ 2532.729841][T24812] kernel 313851904 [ 2532.729841][T24812] kernel_stack 65536 [ 2532.729841][T24812] pagetables 73728 [ 2532.729841][T24812] sec_pagetables 0 [ 2532.729841][T24812] percpu 5612288 [ 2532.729841][T24812] sock 0 [ 2532.729841][T24812] vmalloc 0 [ 2532.729841][T24812] shmem 602112 [ 2532.729841][T24812] zswap 0 [ 2532.729841][T24812] zswapped 0 [ 2532.729841][T24812] file_mapped 602112 [ 2532.729841][T24812] file_dirty 4096 [ 2532.729841][T24812] file_writeback 0 [ 2532.729841][T24812] swapcached 0 [ 2532.729841][T24812] anon_thp 0 [ 2532.729841][T24812] file_thp 0 [ 2532.729841][T24812] shmem_thp 0 [ 2532.729841][T24812] inactive_anon 282624 [ 2532.729841][T24812] active_anon 434176 09:53:47 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xd602) 09:53:47 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 09:53:47 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x2c, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:47 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x600000000000000}, 0x0) 09:53:47 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r10) [ 2532.729841][T24812] inactive_file 4096 [ 2532.729841][T24812] active_file 0 [ 2532.729841][T24812] unevictable 0 [ 2532.729841][T24812] slab_reclaimable 219568 [ 2532.729841][T24812] slab_unreclaimable 307848312 09:53:47 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x2f, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2532.884915][T24824] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2532.917020][T24823] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. 09:53:47 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x700000000000000}, 0x0) [ 2532.931232][T24812] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=24812,uid=0 09:53:47 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x3a, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2532.986639][T24812] Memory cgroup out of memory: Killed process 24812 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 09:53:47 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xfc00}, 0x0) [ 2533.062695][T24815] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2533.108616][T24831] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2533.130035][T24815] CPU: 0 PID: 24815 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2533.140520][T24815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2533.150611][T24815] Call Trace: [ 2533.153916][T24815] [ 2533.156876][T24815] dump_stack_lvl+0xd1/0x138 [ 2533.161520][T24815] dump_header+0x10b/0x85f [ 2533.165999][T24815] oom_kill_process.cold+0x10/0x15 [ 2533.171347][T24815] out_of_memory+0x35c/0x14a0 [ 2533.176099][T24815] ? oom_killer_disable+0x280/0x280 [ 2533.181358][T24815] ? find_held_lock+0x2d/0x110 [ 2533.186186][T24815] mem_cgroup_out_of_memory+0x206/0x270 [ 2533.191790][T24815] ? mem_cgroup_margin+0x130/0x130 [ 2533.196954][T24815] ? lock_downgrade+0x6e0/0x6e0 [ 2533.201862][T24815] try_charge_memcg+0xefb/0x12f0 [ 2533.206854][T24815] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2533.212875][T24815] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2533.218647][T24815] ? lock_downgrade+0x6e0/0x6e0 [ 2533.223563][T24815] obj_cgroup_charge+0x2af/0x5e0 [ 2533.228545][T24815] ? vm_area_dup+0x7d/0x380 [ 2533.233089][T24815] kmem_cache_alloc+0xb5/0x430 [ 2533.237904][T24815] vm_area_dup+0x7d/0x380 [ 2533.242363][T24815] ? mt_slot+0xa1/0x170 [ 2533.246577][T24815] ? mas_next_nentry+0x610/0xab0 [ 2533.252784][T24815] ? mas_next_node+0x547/0xa00 [ 2533.257601][T24815] ? mas_find+0x211/0xd10 [ 2533.261983][T24815] ? vm_area_alloc+0x100/0x100 [ 2533.266795][T24815] ? validate_mm_mt+0x149/0x1b0 [ 2533.271689][T24815] ? remove_vma+0x130/0x130 [ 2533.276242][T24815] ? can_vma_merge_before+0x390/0x390 [ 2533.281669][T24815] __split_vma+0xae/0x5e0 [ 2533.286037][T24815] ? vma_merge+0x2cf/0x870 [ 2533.290501][T24815] split_vma+0xa3/0xe0 [ 2533.294614][T24815] mprotect_fixup+0x686/0x960 [ 2533.299435][T24815] ? mas_find+0x211/0xd10 [ 2533.303807][T24815] ? change_protection+0x3b30/0x3b30 [ 2533.309149][T24815] do_mprotect_pkey+0x6fd/0xa70 [ 2533.314052][T24815] ? mprotect_fixup+0x960/0x960 [ 2533.318951][T24815] ? up_write+0x1b0/0x520 [ 2533.323375][T24815] __x64_sys_mprotect+0x78/0xb0 [ 2533.328275][T24815] do_syscall_64+0x39/0xb0 [ 2533.332741][T24815] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2533.338671][T24815] RIP: 0033:0x7f909a68c1d7 [ 2533.343138][T24815] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2533.362783][T24815] RSP: 002b:00007ffc6e869e78 EFLAGS: 00000206 ORIG_RAX: 000000000000000a [ 2533.371243][T24815] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f909a68c1d7 [ 2533.379260][T24815] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f909b41a000 [ 2533.387270][T24815] RBP: 00007ffc6e869f50 R08: 00000000ffffffff R09: 00007f909b439700 [ 2533.395277][T24815] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffc6e86a070 09:53:47 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x3c, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:47 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x73, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:47 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010102, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2533.403287][T24815] R13: 00007f909b439700 R14: 0000000000000000 R15: 0000000000022000 [ 2533.411315][T24815] [ 2533.637679][T24815] memory: usage 307200kB, limit 307200kB, failcnt 70274 [ 2533.652237][T24815] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2533.670605][T24815] Memory cgroup stats for /syz2: [ 2533.670862][T24815] anon 139264 [ 2533.670862][T24815] file 638976 [ 2533.670862][T24815] kernel 313794560 [ 2533.670862][T24815] kernel_stack 65536 [ 2533.670862][T24815] pagetables 81920 [ 2533.670862][T24815] sec_pagetables 0 [ 2533.670862][T24815] percpu 5611104 [ 2533.670862][T24815] sock 0 [ 2533.670862][T24815] vmalloc 0 [ 2533.670862][T24815] shmem 638976 [ 2533.670862][T24815] zswap 0 [ 2533.670862][T24815] zswapped 0 [ 2533.670862][T24815] file_mapped 638976 [ 2533.670862][T24815] file_dirty 0 [ 2533.670862][T24815] file_writeback 0 [ 2533.670862][T24815] swapcached 0 [ 2533.670862][T24815] anon_thp 0 [ 2533.670862][T24815] file_thp 0 [ 2533.670862][T24815] shmem_thp 0 [ 2533.670862][T24815] inactive_anon 372736 [ 2533.670862][T24815] active_anon 405504 [ 2533.670862][T24815] inactive_file 0 [ 2533.670862][T24815] active_file 0 [ 2533.670862][T24815] unevictable 0 [ 2533.670862][T24815] slab_reclaimable 233712 [ 2533.670862][T24815] slab_unreclaimable 307770328 [ 2533.766478][T24815] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24815,uid=0 [ 2533.783361][T24815] Memory cgroup out of memory: Killed process 24815 (syz-executor.2) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2533.803493][T24830] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000 [ 2533.822110][T24830] CPU: 0 PID: 24830 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2533.832578][T24830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2533.842661][T24830] Call Trace: [ 2533.845963][T24830] [ 2533.848918][T24830] dump_stack_lvl+0xd1/0x138 [ 2533.853542][T24830] dump_header+0x10b/0x85f [ 2533.857968][T24830] oom_kill_process.cold+0x10/0x15 [ 2533.863100][T24830] out_of_memory+0x35c/0x14a0 [ 2533.867800][T24830] ? oom_killer_disable+0x280/0x280 [ 2533.873040][T24830] ? find_held_lock+0x2d/0x110 [ 2533.877857][T24830] mem_cgroup_out_of_memory+0x206/0x270 [ 2533.883457][T24830] ? mem_cgroup_margin+0x130/0x130 [ 2533.888619][T24830] ? lock_downgrade+0x6e0/0x6e0 [ 2533.893526][T24830] try_charge_memcg+0xefb/0x12f0 [ 2533.898516][T24830] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2533.904541][T24830] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2533.910328][T24830] ? lock_downgrade+0x6e0/0x6e0 [ 2533.915231][T24830] ? lock_downgrade+0x6e0/0x6e0 [ 2533.920122][T24830] ? rcu_read_unlock+0x9/0x60 [ 2533.924867][T24830] obj_cgroup_charge+0x2af/0x5e0 [ 2533.929862][T24830] ? copy_process+0x3aa/0x7520 [ 2533.934669][T24830] kmem_cache_alloc_node+0xb7/0x460 [ 2533.939910][T24830] copy_process+0x3aa/0x7520 [ 2533.944544][T24830] ? find_held_lock+0x2d/0x110 [ 2533.949366][T24830] ? __cleanup_sighand+0xb0/0xb0 [ 2533.954353][T24830] ? lock_downgrade+0x6e0/0x6e0 [ 2533.959252][T24830] ? folio_flags.constprop.0+0x53/0x150 [ 2533.964851][T24830] ? folio_add_lru+0x37b/0x680 [ 2533.969665][T24830] kernel_clone+0xeb/0x990 [ 2533.974127][T24830] ? create_io_thread+0xf0/0xf0 [ 2533.979023][T24830] ? find_held_lock+0x2d/0x110 [ 2533.983848][T24830] __do_sys_clone+0xba/0x100 [ 2533.988476][T24830] ? kernel_clone+0x990/0x990 [ 2533.993214][T24830] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2533.999155][T24830] do_syscall_64+0x39/0xb0 [ 2534.003620][T24830] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2534.009545][T24830] RIP: 0033:0x7f0b7de8d4f1 [ 2534.013986][T24830] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 09:53:48 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010103, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:48 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xd803) 09:53:48 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) 09:53:48 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) [ 2534.033635][T24830] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2534.042171][T24830] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2534.050265][T24830] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 [ 2534.058279][T24830] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2534.066295][T24830] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2534.074302][T24830] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2534.082341][T24830] [ 2534.095937][T24830] memory: usage 307200kB, limit 307200kB, failcnt 79829 [ 2534.131340][T24830] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2534.138251][T24830] Memory cgroup stats for /syz0: [ 2534.138458][T24830] anon 143360 [ 2534.138458][T24830] file 479232 [ 2534.138458][T24830] kernel 313933824 [ 2534.138458][T24830] kernel_stack 65536 [ 2534.138458][T24830] pagetables 77824 [ 2534.138458][T24830] sec_pagetables 0 [ 2534.138458][T24830] percpu 5614592 [ 2534.138458][T24830] sock 0 [ 2534.138458][T24830] vmalloc 8192 [ 2534.138458][T24830] shmem 479232 [ 2534.138458][T24830] zswap 0 [ 2534.138458][T24830] zswapped 0 [ 2534.138458][T24830] file_mapped 479232 [ 2534.138458][T24830] file_dirty 0 [ 2534.138458][T24830] file_writeback 0 [ 2534.138458][T24830] swapcached 0 09:53:48 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010104, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2534.138458][T24830] anon_thp 0 [ 2534.138458][T24830] file_thp 0 [ 2534.138458][T24830] shmem_thp 0 [ 2534.138458][T24830] inactive_anon 180224 [ 2534.138458][T24830] active_anon 442368 [ 2534.138458][T24830] inactive_file 0 [ 2534.138458][T24830] active_file 0 [ 2534.138458][T24830] unevictable 0 [ 2534.138458][T24830] slab_reclaimable 28096 [ 2534.138458][T24830] slab_unreclaimable 308109568 09:53:48 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010105, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2534.518859][T24830] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=24830,uid=0 [ 2534.570612][T24830] Memory cgroup out of memory: Killed process 24830 (syz-executor.0) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2534.621802][T24841] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2534.645351][T24841] CPU: 1 PID: 24841 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2534.655840][T24841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2534.665958][T24841] Call Trace: [ 2534.669261][T24841] [ 2534.672216][T24841] dump_stack_lvl+0xd1/0x138 [ 2534.676862][T24841] dump_header+0x10b/0x85f [ 2534.681331][T24841] oom_kill_process.cold+0x10/0x15 [ 2534.686495][T24841] out_of_memory+0x35c/0x14a0 [ 2534.691233][T24841] ? oom_killer_disable+0x280/0x280 [ 2534.696486][T24841] ? find_held_lock+0x2d/0x110 [ 2534.701297][T24841] mem_cgroup_out_of_memory+0x206/0x270 [ 2534.706878][T24841] ? mem_cgroup_margin+0x130/0x130 [ 2534.712034][T24841] ? lock_downgrade+0x6e0/0x6e0 [ 2534.716936][T24841] try_charge_memcg+0xefb/0x12f0 [ 2534.721924][T24841] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2534.727941][T24841] ? lock_downgrade+0x6e0/0x6e0 [ 2534.732847][T24841] charge_memcg+0x90/0x3b0 [ 2534.737316][T24841] __mem_cgroup_charge+0x2b/0x90 [ 2534.742298][T24841] do_wp_page+0x7ec/0x3370 [ 2534.746772][T24841] ? lock_release+0x810/0x810 [ 2534.751490][T24841] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2534.756909][T24841] ? do_raw_spin_lock+0x124/0x2b0 [ 2534.761973][T24841] ? rwlock_bug.part.0+0x90/0x90 [ 2534.767032][T24841] ? lock_chain_count+0x20/0x20 [ 2534.771926][T24841] __handle_mm_fault+0x1f58/0x3c90 [ 2534.777093][T24841] ? vm_iomap_memory+0x190/0x190 [ 2534.782123][T24841] handle_mm_fault+0x1b6/0x850 [ 2534.786937][T24841] do_user_addr_fault+0x475/0x1210 [ 2534.792101][T24841] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2534.797703][T24841] exc_page_fault+0x98/0x170 [ 2534.802337][T24841] asm_exc_page_fault+0x26/0x30 [ 2534.807225][T24841] RIP: 0033:0x7ff9f2039570 [ 2534.811672][T24841] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2534.831319][T24841] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2534.837418][T24841] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2534.845418][T24841] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2534.853419][T24841] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2534.861421][T24841] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 09:53:49 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x800000000000000}, 0x0) 09:53:49 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010106, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2534.869421][T24841] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2534.877423][T24841] ? __sock_create+0x2c/0x790 [ 2534.882164][T24841] [ 2535.036801][T24861] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2535.129219][T24841] memory: usage 307184kB, limit 307200kB, failcnt 33128 [ 2535.136755][T24841] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2535.158841][T24841] Memory cgroup stats for /syz1: [ 2535.159073][T24841] anon 114688 [ 2535.159073][T24841] file 606208 [ 2535.159073][T24841] kernel 313835520 [ 2535.159073][T24841] kernel_stack 65536 [ 2535.159073][T24841] pagetables 73728 [ 2535.159073][T24841] sec_pagetables 0 [ 2535.159073][T24841] percpu 5612224 [ 2535.159073][T24841] sock 0 [ 2535.159073][T24841] vmalloc 0 [ 2535.159073][T24841] shmem 602112 [ 2535.159073][T24841] zswap 0 [ 2535.159073][T24841] zswapped 0 [ 2535.159073][T24841] file_mapped 602112 [ 2535.159073][T24841] file_dirty 4096 [ 2535.159073][T24841] file_writeback 0 [ 2535.159073][T24841] swapcached 0 [ 2535.159073][T24841] anon_thp 0 [ 2535.159073][T24841] file_thp 0 [ 2535.159073][T24841] shmem_thp 0 [ 2535.159073][T24841] inactive_anon 282624 [ 2535.159073][T24841] active_anon 434176 [ 2535.159073][T24841] inactive_file 0 [ 2535.159073][T24841] active_file 4096 [ 2535.159073][T24841] unevictable 0 [ 2535.159073][T24841] slab_reclaimable 219568 [ 2535.159073][T24841] slab_unreclaimable 307836528 09:53:49 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xfe02}, 0x0) 09:53:49 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) 09:53:49 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010107, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:49 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 09:53:49 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x900000000000000}, 0x0) [ 2535.288761][T24841] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=24841,uid=0 [ 2535.305033][T24841] Memory cgroup out of memory: Killed process 24841 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2535.327914][T24850] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. 09:53:49 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xdc02) 09:53:49 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010108, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2535.477388][T24869] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 09:53:49 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa01010b, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:49 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0xa00000000000000}, 0x0) 09:53:50 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010110, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2535.589992][T24877] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2535.622769][T24871] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2535.665869][T24871] CPU: 1 PID: 24871 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2535.676350][T24871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2535.686439][T24871] Call Trace: [ 2535.689757][T24871] [ 2535.692720][T24871] dump_stack_lvl+0xd1/0x138 [ 2535.697388][T24871] dump_header+0x10b/0x85f [ 2535.701864][T24871] oom_kill_process.cold+0x10/0x15 [ 2535.707032][T24871] out_of_memory+0x35c/0x14a0 [ 2535.711785][T24871] ? find_held_lock+0x2d/0x110 [ 2535.716603][T24871] ? oom_killer_disable+0x280/0x280 [ 2535.721862][T24871] ? find_held_lock+0x2d/0x110 [ 2535.726685][T24871] mem_cgroup_out_of_memory+0x206/0x270 [ 2535.732293][T24871] ? mem_cgroup_margin+0x130/0x130 [ 2535.737454][T24871] ? lock_downgrade+0x6e0/0x6e0 [ 2535.742448][T24871] try_charge_memcg+0xefb/0x12f0 [ 2535.747437][T24871] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2535.753555][T24871] ? lock_downgrade+0x6e0/0x6e0 [ 2535.758464][T24871] charge_memcg+0x90/0x3b0 [ 2535.762931][T24871] __mem_cgroup_charge+0x2b/0x90 [ 2535.767911][T24871] do_wp_page+0x7ec/0x3370 [ 2535.772382][T24871] ? lock_release+0x810/0x810 [ 2535.777102][T24871] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2535.782523][T24871] ? do_raw_spin_lock+0x124/0x2b0 [ 2535.787586][T24871] ? rwlock_bug.part.0+0x90/0x90 [ 2535.792557][T24871] ? lock_chain_count+0x20/0x20 [ 2535.797450][T24871] __handle_mm_fault+0x1f58/0x3c90 [ 2535.804698][T24871] ? vm_iomap_memory+0x190/0x190 [ 2535.809725][T24871] handle_mm_fault+0x1b6/0x850 09:53:50 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010111, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2535.814554][T24871] do_user_addr_fault+0x475/0x1210 [ 2535.819808][T24871] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2535.825414][T24871] exc_page_fault+0x98/0x170 [ 2535.830038][T24871] asm_exc_page_fault+0x26/0x30 [ 2535.834922][T24871] RIP: 0033:0x7ff9f2039570 [ 2535.839372][T24871] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2535.859018][T24871] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2535.865127][T24871] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2535.873128][T24871] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2535.881138][T24871] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2535.889149][T24871] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2535.897168][T24871] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2535.905182][T24871] ? __sock_create+0x2c/0x790 [ 2535.909932][T24871] 09:53:50 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa01012f, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2536.087683][T24871] memory: usage 307200kB, limit 307200kB, failcnt 33229 [ 2536.117702][T24871] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2536.134138][T24871] Memory cgroup stats for /syz1: [ 2536.134410][T24871] anon 114688 [ 2536.134410][T24871] file 606208 [ 2536.134410][T24871] kernel 313851904 [ 2536.134410][T24871] kernel_stack 65536 [ 2536.134410][T24871] pagetables 73728 [ 2536.134410][T24871] sec_pagetables 0 [ 2536.134410][T24871] percpu 5612288 [ 2536.134410][T24871] sock 0 [ 2536.134410][T24871] vmalloc 0 [ 2536.134410][T24871] shmem 602112 [ 2536.134410][T24871] zswap 0 [ 2536.134410][T24871] zswapped 0 [ 2536.134410][T24871] file_mapped 602112 [ 2536.134410][T24871] file_dirty 4096 [ 2536.134410][T24871] file_writeback 0 [ 2536.134410][T24871] swapcached 0 [ 2536.134410][T24871] anon_thp 0 [ 2536.134410][T24871] file_thp 0 [ 2536.134410][T24871] shmem_thp 0 [ 2536.134410][T24871] inactive_anon 282624 [ 2536.134410][T24871] active_anon 434176 [ 2536.134410][T24871] inactive_file 0 [ 2536.134410][T24871] active_file 4096 [ 2536.134410][T24871] unevictable 0 [ 2536.134410][T24871] slab_reclaimable 219568 [ 2536.134410][T24871] slab_unreclaimable 307848312 [ 2536.248215][T24871] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=24871,uid=0 [ 2536.265806][T24871] Memory cgroup out of memory: Killed process 24871 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 09:53:50 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xfe03}, 0x0) 09:53:50 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa01013a, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:50 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) 09:53:50 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) [ 2536.297270][T24872] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 09:53:50 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010143, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2536.356643][T24872] CPU: 1 PID: 24872 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2536.357434][T24890] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2536.367102][T24872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2536.367122][T24872] Call Trace: [ 2536.367136][T24872] [ 2536.367146][T24872] dump_stack_lvl+0xd1/0x138 [ 2536.367186][T24872] dump_header+0x10b/0x85f [ 2536.367230][T24872] oom_kill_process.cold+0x10/0x15 [ 2536.367274][T24872] out_of_memory+0x35c/0x14a0 [ 2536.367318][T24872] ? find_held_lock+0x2d/0x110 [ 2536.416461][T24872] ? oom_killer_disable+0x280/0x280 [ 2536.421721][T24872] ? find_held_lock+0x2d/0x110 [ 2536.426541][T24872] mem_cgroup_out_of_memory+0x206/0x270 [ 2536.432145][T24872] ? mem_cgroup_margin+0x130/0x130 [ 2536.437301][T24872] ? lock_downgrade+0x6e0/0x6e0 [ 2536.442207][T24872] try_charge_memcg+0xefb/0x12f0 [ 2536.447194][T24872] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2536.453219][T24872] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2536.458993][T24872] ? lock_downgrade+0x6e0/0x6e0 [ 2536.463885][T24872] ? lock_downgrade+0x6e0/0x6e0 [ 2536.468786][T24872] __memcg_kmem_charge_page+0x16e/0x3b0 [ 2536.474375][T24872] memcg_charge_kernel_stack.part.0+0x6c/0x150 [ 2536.480570][T24872] copy_process+0x4e3/0x7520 [ 2536.485200][T24872] ? find_held_lock+0x2d/0x110 [ 2536.490026][T24872] ? __cleanup_sighand+0xb0/0xb0 [ 2536.495002][T24872] ? lock_downgrade+0x6e0/0x6e0 [ 2536.499892][T24872] ? folio_flags.constprop.0+0x53/0x150 [ 2536.505486][T24872] ? folio_add_lru+0x37b/0x680 [ 2536.510303][T24872] kernel_clone+0xeb/0x990 [ 2536.514763][T24872] ? create_io_thread+0xf0/0xf0 [ 2536.519665][T24872] ? find_held_lock+0x2d/0x110 [ 2536.524491][T24872] __do_sys_clone+0xba/0x100 [ 2536.529126][T24872] ? kernel_clone+0x990/0x990 [ 2536.533866][T24872] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2536.539809][T24872] do_syscall_64+0x39/0xb0 [ 2536.544274][T24872] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2536.550198][T24872] RIP: 0033:0x7f909a68d4f1 [ 2536.554644][T24872] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2536.574288][T24872] RSP: 002b:00007ffc6e869e28 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2536.582836][T24872] RAX: ffffffffffffffda RBX: 00007f909b439700 RCX: 00007f909a68d4f1 [ 2536.591016][T24872] RDX: 00007f909b4399d0 RSI: 00007f909b4392f0 RDI: 00000000003d0f00 [ 2536.599022][T24872] RBP: 00007ffc6e86a070 R08: 00007f909b439700 R09: 00007f909b439700 [ 2536.607027][T24872] R10: 00007f909b4399d0 R11: 0000000000000206 R12: 00007ffc6e869ede [ 2536.615027][T24872] R13: 00007ffc6e869edf R14: 00007f909b439300 R15: 0000000000022000 [ 2536.623059][T24872] [ 2536.676307][T24872] memory: usage 307200kB, limit 307200kB, failcnt 70519 [ 2536.687092][T24872] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2536.694549][T24872] Memory cgroup stats for /syz2: [ 2536.694786][T24872] anon 143360 [ 2536.694786][T24872] file 638976 [ 2536.694786][T24872] kernel 313790464 [ 2536.694786][T24872] kernel_stack 65536 [ 2536.694786][T24872] pagetables 81920 [ 2536.694786][T24872] sec_pagetables 0 [ 2536.694786][T24872] percpu 5611040 [ 2536.694786][T24872] sock 0 [ 2536.694786][T24872] vmalloc 0 [ 2536.694786][T24872] shmem 638976 [ 2536.694786][T24872] zswap 0 [ 2536.694786][T24872] zswapped 0 [ 2536.694786][T24872] file_mapped 638976 [ 2536.694786][T24872] file_dirty 0 [ 2536.694786][T24872] file_writeback 0 [ 2536.694786][T24872] swapcached 0 [ 2536.694786][T24872] anon_thp 0 [ 2536.694786][T24872] file_thp 0 [ 2536.694786][T24872] shmem_thp 0 [ 2536.694786][T24872] inactive_anon 376832 [ 2536.694786][T24872] active_anon 405504 [ 2536.694786][T24872] inactive_file 0 [ 2536.694786][T24872] active_file 0 [ 2536.694786][T24872] unevictable 0 [ 2536.694786][T24872] slab_reclaimable 233712 [ 2536.694786][T24872] slab_unreclaimable 307766904 [ 2536.791281][T24872] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24872,uid=0 [ 2536.807240][T24872] Memory cgroup out of memory: Killed process 24872 (syz-executor.2) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:53:51 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xde07) 09:53:51 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0x5212bb8c, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2536.854208][T24901] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2536.883278][T24901] CPU: 1 PID: 24901 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2536.893769][T24901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2536.903858][T24901] Call Trace: [ 2536.907156][T24901] [ 2536.910102][T24901] dump_stack_lvl+0xd1/0x138 [ 2536.914724][T24901] dump_header+0x10b/0x85f [ 2536.919175][T24901] oom_kill_process.cold+0x10/0x15 [ 2536.924319][T24901] out_of_memory+0x35c/0x14a0 [ 2536.929031][T24901] ? find_held_lock+0x2d/0x110 [ 2536.933837][T24901] ? oom_killer_disable+0x280/0x280 [ 2536.939088][T24901] ? find_held_lock+0x2d/0x110 [ 2536.943884][T24901] mem_cgroup_out_of_memory+0x206/0x270 [ 2536.949462][T24901] ? mem_cgroup_margin+0x130/0x130 [ 2536.954604][T24901] ? lock_downgrade+0x6e0/0x6e0 [ 2536.959488][T24901] try_charge_memcg+0xefb/0x12f0 [ 2536.964454][T24901] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2536.970463][T24901] ? lock_downgrade+0x6e0/0x6e0 [ 2536.975348][T24901] charge_memcg+0x90/0x3b0 [ 2536.979789][T24901] __mem_cgroup_charge+0x2b/0x90 [ 2536.984751][T24901] do_wp_page+0x7ec/0x3370 [ 2536.989205][T24901] ? lock_release+0x810/0x810 [ 2536.993898][T24901] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2536.999296][T24901] ? do_raw_spin_lock+0x124/0x2b0 [ 2537.004339][T24901] ? rwlock_bug.part.0+0x90/0x90 [ 2537.009296][T24901] ? lock_chain_count+0x20/0x20 [ 2537.014169][T24901] __handle_mm_fault+0x1f58/0x3c90 [ 2537.019315][T24901] ? vm_iomap_memory+0x190/0x190 [ 2537.024307][T24901] handle_mm_fault+0x1b6/0x850 [ 2537.029104][T24901] do_user_addr_fault+0x475/0x1210 [ 2537.034245][T24901] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2537.039824][T24901] exc_page_fault+0x98/0x170 [ 2537.044437][T24901] asm_exc_page_fault+0x26/0x30 [ 2537.049305][T24901] RIP: 0033:0x7ff9f2039570 [ 2537.053732][T24901] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2537.073354][T24901] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2537.079437][T24901] RAX: 000000004717ba0b RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2537.087419][T24901] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 0000000000000022 [ 2537.095409][T24901] RBP: 000000004717ba0b R08: 0000000000001a0b R09: 000000004717ba0f [ 2537.103397][T24901] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2537.111382][T24901] R13: 0000000000000001 R14: 0000000000000000 R15: ffffffff87bef361 [ 2537.119364][T24901] ? __x64_sys_socket+0x11/0xb0 [ 2537.124268][T24901] 09:53:51 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0x5794814a, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2537.178935][T24901] memory: usage 307200kB, limit 307200kB, failcnt 33328 [ 2537.189469][T24901] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2537.209368][T24901] Memory cgroup stats for /syz1: [ 2537.209576][T24901] anon 102400 [ 2537.209576][T24901] file 606208 [ 2537.209576][T24901] kernel 313864192 [ 2537.209576][T24901] kernel_stack 65536 [ 2537.209576][T24901] pagetables 73728 [ 2537.209576][T24901] sec_pagetables 0 [ 2537.209576][T24901] percpu 5612352 [ 2537.209576][T24901] sock 0 [ 2537.209576][T24901] vmalloc 0 [ 2537.209576][T24901] shmem 602112 [ 2537.209576][T24901] zswap 0 [ 2537.209576][T24901] zswapped 0 [ 2537.209576][T24901] file_mapped 602112 [ 2537.209576][T24901] file_dirty 0 [ 2537.209576][T24901] file_writeback 0 [ 2537.209576][T24901] swapcached 0 [ 2537.209576][T24901] anon_thp 0 [ 2537.209576][T24901] file_thp 0 [ 2537.209576][T24901] shmem_thp 0 [ 2537.209576][T24901] inactive_anon 270336 [ 2537.209576][T24901] active_anon 434176 [ 2537.209576][T24901] inactive_file 0 [ 2537.209576][T24901] active_file 4096 [ 2537.209576][T24901] unevictable 0 [ 2537.209576][T24901] slab_reclaimable 219568 [ 2537.209576][T24901] slab_unreclaimable 307860096 [ 2537.311556][T24901] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=24901,uid=0 [ 2537.340705][T24908] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2537.341338][T24901] Memory cgroup out of memory: Killed process 24901 (syz-executor.1) total-vm:54540kB, anon-rss:356kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2537.372667][T24882] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2537.401786][T24882] CPU: 0 PID: 24882 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2537.412265][T24882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2537.422321][T24882] Call Trace: [ 2537.425600][T24882] [ 2537.428550][T24882] dump_stack_lvl+0xd1/0x138 [ 2537.433162][T24882] dump_header+0x10b/0x85f [ 2537.437592][T24882] oom_kill_process.cold+0x10/0x15 [ 2537.442742][T24882] out_of_memory+0x35c/0x14a0 [ 2537.447444][T24882] ? oom_killer_disable+0x280/0x280 [ 2537.452675][T24882] ? find_held_lock+0x2d/0x110 [ 2537.457447][T24882] mem_cgroup_out_of_memory+0x206/0x270 [ 2537.463120][T24882] ? mem_cgroup_margin+0x130/0x130 [ 2537.468271][T24882] ? lock_downgrade+0x6e0/0x6e0 [ 2537.473158][T24882] try_charge_memcg+0xefb/0x12f0 [ 2537.478121][T24882] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2537.484121][T24882] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2537.489873][T24882] ? lock_downgrade+0x6e0/0x6e0 [ 2537.494740][T24882] ? lock_downgrade+0x6e0/0x6e0 [ 2537.499622][T24882] __memcg_kmem_charge_page+0x16e/0x3b0 [ 2537.505193][T24882] memcg_charge_kernel_stack.part.0+0x6c/0x150 [ 2537.511370][T24882] copy_process+0x4e3/0x7520 [ 2537.515982][T24882] ? find_held_lock+0x2d/0x110 [ 2537.520790][T24882] ? __cleanup_sighand+0xb0/0xb0 [ 2537.525750][T24882] ? lock_downgrade+0x6e0/0x6e0 [ 2537.530613][T24882] ? folio_flags.constprop.0+0x53/0x150 [ 2537.536184][T24882] ? folio_add_lru+0x37b/0x680 [ 2537.540974][T24882] kernel_clone+0xeb/0x990 [ 2537.545418][T24882] ? create_io_thread+0xf0/0xf0 [ 2537.550296][T24882] ? find_held_lock+0x2d/0x110 [ 2537.555099][T24882] __do_sys_clone+0xba/0x100 [ 2537.559715][T24882] ? kernel_clone+0x990/0x990 [ 2537.564433][T24882] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2537.570351][T24882] do_syscall_64+0x39/0xb0 [ 2537.574800][T24882] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2537.580716][T24882] RIP: 0033:0x7f0b7de8d4f1 [ 2537.585152][T24882] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2537.604861][T24882] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2537.613290][T24882] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2537.621272][T24882] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 [ 2537.629255][T24882] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2537.637242][T24882] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2537.645230][T24882] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2537.653582][T24882] [ 2537.678779][T24882] memory: usage 307200kB, limit 307200kB, failcnt 80119 [ 2537.686488][T24882] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2537.693772][T24882] Memory cgroup stats for /syz0: [ 2537.693990][T24882] anon 143360 [ 2537.693990][T24882] file 479232 [ 2537.693990][T24882] kernel 313950208 [ 2537.693990][T24882] kernel_stack 65536 [ 2537.693990][T24882] pagetables 77824 [ 2537.693990][T24882] sec_pagetables 0 [ 2537.693990][T24882] percpu 5614592 [ 2537.693990][T24882] sock 0 [ 2537.693990][T24882] vmalloc 8192 [ 2537.693990][T24882] shmem 479232 [ 2537.693990][T24882] zswap 0 [ 2537.693990][T24882] zswapped 0 [ 2537.693990][T24882] file_mapped 479232 [ 2537.693990][T24882] file_dirty 0 [ 2537.693990][T24882] file_writeback 0 [ 2537.693990][T24882] swapcached 0 [ 2537.693990][T24882] anon_thp 0 [ 2537.693990][T24882] file_thp 0 [ 2537.693990][T24882] shmem_thp 0 [ 2537.693990][T24882] inactive_anon 180224 [ 2537.693990][T24882] active_anon 442368 [ 2537.693990][T24882] inactive_file 0 [ 2537.693990][T24882] active_file 0 [ 2537.693990][T24882] unevictable 0 [ 2537.693990][T24882] slab_reclaimable 28096 [ 2537.693990][T24882] slab_unreclaimable 308117064 [ 2537.790769][T24882] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=24882,uid=0 [ 2537.806633][T24882] Memory cgroup out of memory: Killed process 24882 (syz-executor.0) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2537.824670][T24907] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2537.843562][T24907] CPU: 1 PID: 24907 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2537.854036][T24907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2537.864128][T24907] Call Trace: [ 2537.867432][T24907] [ 2537.870391][T24907] dump_stack_lvl+0xd1/0x138 [ 2537.875028][T24907] dump_header+0x10b/0x85f [ 2537.879508][T24907] oom_kill_process.cold+0x10/0x15 [ 2537.884685][T24907] out_of_memory+0x35c/0x14a0 [ 2537.889419][T24907] ? oom_killer_disable+0x280/0x280 [ 2537.894754][T24907] ? find_held_lock+0x2d/0x110 [ 2537.899572][T24907] mem_cgroup_out_of_memory+0x206/0x270 [ 2537.905156][T24907] ? mem_cgroup_margin+0x130/0x130 [ 2537.910306][T24907] ? lock_downgrade+0x6e0/0x6e0 [ 2537.915278][T24907] try_charge_memcg+0xefb/0x12f0 [ 2537.920245][T24907] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2537.926329][T24907] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2537.932079][T24907] ? lock_downgrade+0x6e0/0x6e0 [ 2537.936966][T24907] obj_cgroup_charge+0x2af/0x5e0 [ 2537.941927][T24907] ? vm_area_dup+0x7d/0x380 [ 2537.946448][T24907] kmem_cache_alloc+0xb5/0x430 [ 2537.951234][T24907] vm_area_dup+0x7d/0x380 [ 2537.955583][T24907] ? mt_slot+0xa1/0x170 [ 2537.959767][T24907] ? mas_next_nentry+0x610/0xab0 [ 2537.964736][T24907] ? mas_next_node+0x547/0xa00 [ 2537.969528][T24907] ? mas_find+0x211/0xd10 [ 2537.973883][T24907] ? vm_area_alloc+0x100/0x100 [ 2537.978667][T24907] ? validate_mm_mt+0x149/0x1b0 [ 2537.983541][T24907] ? remove_vma+0x130/0x130 [ 2537.988070][T24907] ? can_vma_merge_before+0x390/0x390 [ 2537.993479][T24907] __split_vma+0xae/0x5e0 [ 2537.997830][T24907] ? vma_merge+0x2cf/0x870 [ 2538.002277][T24907] split_vma+0xa3/0xe0 [ 2538.006367][T24907] mprotect_fixup+0x686/0x960 [ 2538.011074][T24907] ? mas_find+0x211/0xd10 [ 2538.015417][T24907] ? change_protection+0x3b30/0x3b30 [ 2538.020734][T24907] do_mprotect_pkey+0x6fd/0xa70 [ 2538.025613][T24907] ? mprotect_fixup+0x960/0x960 [ 2538.030483][T24907] ? up_write+0x1b0/0x520 [ 2538.034874][T24907] __x64_sys_mprotect+0x78/0xb0 [ 2538.039756][T24907] do_syscall_64+0x39/0xb0 [ 2538.044201][T24907] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2538.050121][T24907] RIP: 0033:0x7f909a68c1d7 [ 2538.054548][T24907] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 09:53:52 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0xc00000000000000}, 0x0) 09:53:52 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x2}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:52 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) 09:53:52 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f00000005c0)={'wpan0\x00'}) 09:53:52 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xfeff}, 0x0) [ 2538.074169][T24907] RSP: 002b:00007ffc6e869e78 EFLAGS: 00000206 ORIG_RAX: 000000000000000a [ 2538.082603][T24907] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f909a68c1d7 [ 2538.090597][T24907] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f909b41a000 [ 2538.098666][T24907] RBP: 00007ffc6e869f50 R08: 00000000ffffffff R09: 00007f909b439700 [ 2538.106651][T24907] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffc6e86a070 [ 2538.114636][T24907] R13: 00007f909b439700 R14: 0000000000000000 R15: 0000000000022000 [ 2538.122649][T24907] [ 2538.140486][T24907] memory: usage 307200kB, limit 307200kB, failcnt 70632 [ 2538.158791][T24907] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2538.192258][T24907] Memory cgroup stats for /syz2: [ 2538.192465][T24907] anon 139264 [ 2538.192465][T24907] file 638976 [ 2538.192465][T24907] kernel 313794560 [ 2538.192465][T24907] kernel_stack 65536 [ 2538.192465][T24907] pagetables 81920 [ 2538.192465][T24907] sec_pagetables 0 [ 2538.192465][T24907] percpu 5611104 [ 2538.192465][T24907] sock 0 [ 2538.192465][T24907] vmalloc 0 [ 2538.192465][T24907] shmem 638976 [ 2538.192465][T24907] zswap 0 [ 2538.192465][T24907] zswapped 0 [ 2538.192465][T24907] file_mapped 638976 [ 2538.192465][T24907] file_dirty 0 [ 2538.192465][T24907] file_writeback 0 [ 2538.192465][T24907] swapcached 0 [ 2538.192465][T24907] anon_thp 0 [ 2538.192465][T24907] file_thp 0 [ 2538.192465][T24907] shmem_thp 0 [ 2538.192465][T24907] inactive_anon 372736 [ 2538.192465][T24907] active_anon 405504 [ 2538.192465][T24907] inactive_file 0 [ 2538.192465][T24907] active_file 0 [ 2538.192465][T24907] unevictable 0 [ 2538.192465][T24907] slab_reclaimable 233712 [ 2538.192465][T24907] slab_unreclaimable 307770328 09:53:52 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x4}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2538.289058][T24907] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24907,uid=0 09:53:52 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x6}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2538.388155][T24907] Memory cgroup out of memory: Killed process 24907 (syz-executor.2) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:53:52 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xe603) [ 2538.467493][T24916] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2538.498925][T24916] CPU: 1 PID: 24916 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2538.509418][T24916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2538.519514][T24916] Call Trace: [ 2538.522824][T24916] [ 2538.525784][T24916] dump_stack_lvl+0xd1/0x138 [ 2538.530421][T24916] dump_header+0x10b/0x85f [ 2538.534892][T24916] oom_kill_process.cold+0x10/0x15 [ 2538.540070][T24916] out_of_memory+0x35c/0x14a0 [ 2538.544811][T24916] ? find_held_lock+0x2d/0x110 [ 2538.549633][T24916] ? oom_killer_disable+0x280/0x280 [ 2538.554899][T24916] ? find_held_lock+0x2d/0x110 [ 2538.559721][T24916] mem_cgroup_out_of_memory+0x206/0x270 [ 2538.565322][T24916] ? mem_cgroup_margin+0x130/0x130 [ 2538.570481][T24916] ? lock_downgrade+0x6e0/0x6e0 [ 2538.575387][T24916] try_charge_memcg+0xefb/0x12f0 [ 2538.580374][T24916] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2538.586409][T24916] ? lock_downgrade+0x6e0/0x6e0 [ 2538.591317][T24916] charge_memcg+0x90/0x3b0 [ 2538.595785][T24916] __mem_cgroup_charge+0x2b/0x90 [ 2538.600776][T24916] do_wp_page+0x7ec/0x3370 [ 2538.605254][T24916] ? lock_release+0x810/0x810 [ 2538.609979][T24916] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2538.615400][T24916] ? do_raw_spin_lock+0x124/0x2b0 [ 2538.620469][T24916] ? rwlock_bug.part.0+0x90/0x90 [ 2538.625452][T24916] ? lock_chain_count+0x20/0x20 [ 2538.630446][T24916] __handle_mm_fault+0x1f58/0x3c90 [ 2538.635622][T24916] ? vm_iomap_memory+0x190/0x190 [ 2538.640643][T24916] handle_mm_fault+0x1b6/0x850 [ 2538.645472][T24916] do_user_addr_fault+0x475/0x1210 [ 2538.650632][T24916] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2538.656227][T24916] exc_page_fault+0x98/0x170 [ 2538.660861][T24916] asm_exc_page_fault+0x26/0x30 [ 2538.665743][T24916] RIP: 0033:0x7ff9f2039570 [ 2538.670178][T24916] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2538.689813][T24916] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2538.695905][T24916] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2538.703901][T24916] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 09:53:53 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x8}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2538.711902][T24916] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2538.719899][T24916] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2538.727898][T24916] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2538.735884][T24916] ? __sock_create+0x2c/0x790 [ 2538.740617][T24916] 09:53:53 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0xa}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:53 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00'}) [ 2538.805803][T24916] memory: usage 307200kB, limit 307200kB, failcnt 33433 [ 2538.820426][T24916] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2538.827343][T24916] Memory cgroup stats for /syz1: [ 2538.827593][T24916] anon 114688 [ 2538.827593][T24916] file 606208 [ 2538.827593][T24916] kernel 313851904 [ 2538.827593][T24916] kernel_stack 65536 [ 2538.827593][T24916] pagetables 73728 [ 2538.827593][T24916] sec_pagetables 0 [ 2538.827593][T24916] percpu 5612288 [ 2538.827593][T24916] sock 0 [ 2538.827593][T24916] vmalloc 0 [ 2538.827593][T24916] shmem 602112 [ 2538.827593][T24916] zswap 0 [ 2538.827593][T24916] zswapped 0 [ 2538.827593][T24916] file_mapped 602112 [ 2538.827593][T24916] file_dirty 0 [ 2538.827593][T24916] file_writeback 0 [ 2538.827593][T24916] swapcached 0 [ 2538.827593][T24916] anon_thp 0 [ 2538.827593][T24916] file_thp 0 [ 2538.827593][T24916] shmem_thp 0 [ 2538.827593][T24916] inactive_anon 282624 [ 2538.827593][T24916] active_anon 434176 [ 2538.827593][T24916] inactive_file 0 [ 2538.827593][T24916] active_file 4096 [ 2538.827593][T24916] unevictable 0 [ 2538.827593][T24916] slab_reclaimable 219568 [ 2538.827593][T24916] slab_unreclaimable 307848312 09:53:53 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0xc}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2539.080196][T24916] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=24916,uid=0 [ 2539.110542][T24916] Memory cgroup out of memory: Killed process 24916 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2539.136480][T24928] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2539.155396][T24920] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2539.167528][T24920] CPU: 1 PID: 24920 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2539.177999][T24920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2539.188088][T24920] Call Trace: [ 2539.191395][T24920] [ 2539.194360][T24920] dump_stack_lvl+0xd1/0x138 [ 2539.199003][T24920] dump_header+0x10b/0x85f [ 2539.203479][T24920] oom_kill_process.cold+0x10/0x15 [ 2539.208646][T24920] out_of_memory+0x35c/0x14a0 [ 2539.213383][T24920] ? find_held_lock+0x2d/0x110 [ 2539.218198][T24920] ? oom_killer_disable+0x280/0x280 [ 2539.223457][T24920] ? find_held_lock+0x2d/0x110 [ 2539.228278][T24920] mem_cgroup_out_of_memory+0x206/0x270 [ 2539.233885][T24920] ? mem_cgroup_margin+0x130/0x130 [ 2539.239049][T24920] ? lock_downgrade+0x6e0/0x6e0 [ 2539.244051][T24920] try_charge_memcg+0xefb/0x12f0 [ 2539.249031][T24920] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2539.255047][T24920] ? lock_downgrade+0x6e0/0x6e0 [ 2539.259930][T24920] charge_memcg+0x90/0x3b0 [ 2539.264375][T24920] __mem_cgroup_charge+0x2b/0x90 [ 2539.269340][T24920] do_wp_page+0x7ec/0x3370 [ 2539.273794][T24920] ? lock_release+0x810/0x810 [ 2539.278487][T24920] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2539.283888][T24920] ? do_raw_spin_lock+0x124/0x2b0 [ 2539.288930][T24920] ? rwlock_bug.part.0+0x90/0x90 [ 2539.293891][T24920] ? lock_chain_count+0x20/0x20 [ 2539.298764][T24920] __handle_mm_fault+0x1f58/0x3c90 [ 2539.303909][T24920] ? vm_iomap_memory+0x190/0x190 [ 2539.308901][T24920] handle_mm_fault+0x1b6/0x850 [ 2539.313697][T24920] do_user_addr_fault+0x475/0x1210 [ 2539.318841][T24920] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2539.324429][T24920] exc_page_fault+0x98/0x170 [ 2539.329044][T24920] asm_exc_page_fault+0x26/0x30 [ 2539.333915][T24920] RIP: 0033:0x7f0b7de39570 [ 2539.338347][T24920] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2539.357971][T24920] RSP: 002b:00007fff06370110 EFLAGS: 00010246 [ 2539.364052][T24920] RAX: 0000000041637750 RBX: 00007f0b7dfac0e8 RCX: 0000001b31d20000 [ 2539.372038][T24920] RDX: 0000000000000000 RSI: 0000001b31d20018 RDI: 000000000c5be95e [ 2539.380021][T24920] RBP: 0000000041637750 R08: 0000000000001750 R09: 0000000041637754 [ 2539.388003][T24920] R10: 00007fff063702d0 R11: 0000000000000246 R12: 00007f0b7dfa0000 [ 2539.395986][T24920] R13: 0000000000000001 R14: 0000000000000002 R15: ffffffff87bf5059 [ 2539.403971][T24920] ? __sys_sendmsg+0x99/0x1c0 [ 2539.408698][T24920] [ 2539.420097][T24920] memory: usage 307200kB, limit 307200kB, failcnt 80224 [ 2539.427833][T24920] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2539.435484][T24920] Memory cgroup stats for /syz0: [ 2539.435726][T24920] anon 114688 [ 2539.435726][T24920] file 479232 [ 2539.435726][T24920] kernel 313978880 [ 2539.435726][T24920] kernel_stack 98304 [ 2539.435726][T24920] pagetables 77824 [ 2539.435726][T24920] sec_pagetables 0 [ 2539.435726][T24920] percpu 5614656 [ 2539.435726][T24920] sock 0 [ 2539.435726][T24920] vmalloc 8192 [ 2539.435726][T24920] shmem 479232 [ 2539.435726][T24920] zswap 0 [ 2539.435726][T24920] zswapped 0 [ 2539.435726][T24920] file_mapped 479232 [ 2539.435726][T24920] file_dirty 0 [ 2539.435726][T24920] file_writeback 0 [ 2539.435726][T24920] swapcached 0 [ 2539.435726][T24920] anon_thp 0 [ 2539.435726][T24920] file_thp 0 [ 2539.435726][T24920] shmem_thp 0 [ 2539.435726][T24920] inactive_anon 151552 [ 2539.435726][T24920] active_anon 442368 [ 2539.435726][T24920] inactive_file 0 [ 2539.435726][T24920] active_file 0 [ 2539.435726][T24920] unevictable 0 [ 2539.435726][T24920] slab_reclaimable 20384 [ 2539.435726][T24920] slab_unreclaimable 308126584 09:53:53 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0xe00000000000000}, 0x0) 09:53:53 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) 09:53:53 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0xe}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:53 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xff0f}, 0x0) 09:53:53 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xec03) [ 2539.533427][T24920] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=24920,uid=0 [ 2539.549478][T24920] Memory cgroup out of memory: Killed process 24920 (syz-executor.0) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:53:54 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x10}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:54 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) [ 2539.737669][T24948] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2539.742356][T24941] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2539.777040][T24941] CPU: 1 PID: 24941 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2539.787531][T24941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2539.797624][T24941] Call Trace: [ 2539.800943][T24941] [ 2539.803909][T24941] dump_stack_lvl+0xd1/0x138 [ 2539.808571][T24941] dump_header+0x10b/0x85f [ 2539.813045][T24941] oom_kill_process.cold+0x10/0x15 [ 2539.818213][T24941] out_of_memory+0x35c/0x14a0 [ 2539.822952][T24941] ? find_held_lock+0x2d/0x110 [ 2539.827781][T24941] ? oom_killer_disable+0x280/0x280 [ 2539.833043][T24941] ? find_held_lock+0x2d/0x110 [ 2539.837866][T24941] mem_cgroup_out_of_memory+0x206/0x270 [ 2539.843472][T24941] ? mem_cgroup_margin+0x130/0x130 [ 2539.848637][T24941] ? lock_downgrade+0x6e0/0x6e0 [ 2539.853541][T24941] try_charge_memcg+0xefb/0x12f0 [ 2539.858529][T24941] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2539.864564][T24941] ? lock_downgrade+0x6e0/0x6e0 [ 2539.869468][T24941] charge_memcg+0x90/0x3b0 [ 2539.873934][T24941] __mem_cgroup_charge+0x2b/0x90 [ 2539.878920][T24941] do_wp_page+0x7ec/0x3370 [ 2539.883388][T24941] ? lock_release+0x810/0x810 09:53:54 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x12}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2539.888101][T24941] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2539.893524][T24941] ? do_raw_spin_lock+0x124/0x2b0 [ 2539.898590][T24941] ? rwlock_bug.part.0+0x90/0x90 [ 2539.903574][T24941] ? lock_chain_count+0x20/0x20 [ 2539.908472][T24941] __handle_mm_fault+0x1f58/0x3c90 [ 2539.913647][T24941] ? vm_iomap_memory+0x190/0x190 [ 2539.918666][T24941] handle_mm_fault+0x1b6/0x850 [ 2539.923489][T24941] do_user_addr_fault+0x475/0x1210 [ 2539.928647][T24941] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2539.934250][T24941] exc_page_fault+0x98/0x170 [ 2539.938884][T24941] asm_exc_page_fault+0x26/0x30 [ 2539.943774][T24941] RIP: 0033:0x7ff9f2039570 [ 2539.948221][T24941] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2539.968128][T24941] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2539.974233][T24941] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 09:53:54 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xf000) [ 2539.982243][T24941] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2539.990257][T24941] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2539.998281][T24941] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2540.006286][T24941] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2540.014297][T24941] ? __sock_create+0x2c/0x790 [ 2540.019051][T24941] 09:53:54 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x2}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:54 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x4}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:54 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x6}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2540.297297][T24941] memory: usage 307200kB, limit 307200kB, failcnt 33505 [ 2540.317101][T24941] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2540.326196][T24941] Memory cgroup stats for /syz1: [ 2540.326558][T24941] anon 114688 [ 2540.326558][T24941] file 606208 [ 2540.326558][T24941] kernel 313851904 [ 2540.326558][T24941] kernel_stack 65536 [ 2540.326558][T24941] pagetables 73728 [ 2540.326558][T24941] sec_pagetables 0 [ 2540.326558][T24941] percpu 5612288 [ 2540.326558][T24941] sock 0 [ 2540.326558][T24941] vmalloc 0 [ 2540.326558][T24941] shmem 602112 [ 2540.326558][T24941] zswap 0 [ 2540.326558][T24941] zswapped 0 [ 2540.326558][T24941] file_mapped 602112 [ 2540.326558][T24941] file_dirty 0 [ 2540.326558][T24941] file_writeback 0 [ 2540.326558][T24941] swapcached 0 [ 2540.326558][T24941] anon_thp 0 [ 2540.326558][T24941] file_thp 0 [ 2540.326558][T24941] shmem_thp 0 [ 2540.326558][T24941] inactive_anon 282624 [ 2540.326558][T24941] active_anon 434176 [ 2540.326558][T24941] inactive_file 0 [ 2540.326558][T24941] active_file 4096 [ 2540.326558][T24941] unevictable 0 [ 2540.326558][T24941] slab_reclaimable 219568 [ 2540.326558][T24941] slab_unreclaimable 307848312 [ 2540.438239][T24941] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=24941,uid=0 [ 2540.478999][T24941] Memory cgroup out of memory: Killed process 24941 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2540.507649][T24961] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2540.524965][T24961] CPU: 1 PID: 24961 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2540.535446][T24961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2540.545515][T24961] Call Trace: [ 2540.548799][T24961] [ 2540.551739][T24961] dump_stack_lvl+0xd1/0x138 [ 2540.556356][T24961] dump_header+0x10b/0x85f [ 2540.560801][T24961] oom_kill_process.cold+0x10/0x15 [ 2540.565942][T24961] out_of_memory+0x35c/0x14a0 [ 2540.570657][T24961] ? find_held_lock+0x2d/0x110 [ 2540.575448][T24961] ? oom_killer_disable+0x280/0x280 [ 2540.580679][T24961] ? find_held_lock+0x2d/0x110 [ 2540.585472][T24961] mem_cgroup_out_of_memory+0x206/0x270 [ 2540.591047][T24961] ? mem_cgroup_margin+0x130/0x130 [ 2540.596182][T24961] ? lock_downgrade+0x6e0/0x6e0 [ 2540.601062][T24961] try_charge_memcg+0xefb/0x12f0 [ 2540.606027][T24961] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2540.612023][T24961] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2540.617771][T24961] ? lock_downgrade+0x6e0/0x6e0 [ 2540.622645][T24961] ? lock_downgrade+0x6e0/0x6e0 [ 2540.627524][T24961] __memcg_kmem_charge_page+0x16e/0x3b0 [ 2540.633092][T24961] memcg_charge_kernel_stack.part.0+0x6c/0x150 [ 2540.639272][T24961] copy_process+0x4e3/0x7520 [ 2540.643886][T24961] ? __lock_acquire+0xbc3/0x56d0 [ 2540.648851][T24961] ? __cleanup_sighand+0xb0/0xb0 [ 2540.653806][T24961] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 2540.659805][T24961] ? psi_memstall_leave+0x174/0x250 [ 2540.665035][T24961] kernel_clone+0xeb/0x990 [ 2540.669473][T24961] ? create_io_thread+0xf0/0xf0 [ 2540.674366][T24961] ? percpu_ref_put_many.constprop.0+0x6a/0x1a0 [ 2540.680649][T24961] ? lock_downgrade+0x6e0/0x6e0 [ 2540.685533][T24961] __do_sys_clone+0xba/0x100 [ 2540.690155][T24961] ? kernel_clone+0x990/0x990 [ 2540.694883][T24961] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2540.700817][T24961] do_syscall_64+0x39/0xb0 [ 2540.705351][T24961] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2540.711265][T24961] RIP: 0033:0x7f909a68d4f1 [ 2540.715695][T24961] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2540.735338][T24961] RSP: 002b:00007ffc6e869e28 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2540.743777][T24961] RAX: ffffffffffffffda RBX: 00007f909b439700 RCX: 00007f909a68d4f1 [ 2540.751767][T24961] RDX: 00007f909b4399d0 RSI: 00007f909b4392f0 RDI: 00000000003d0f00 [ 2540.759750][T24961] RBP: 00007ffc6e86a070 R08: 00007f909b439700 R09: 00007f909b439700 [ 2540.767734][T24961] R10: 00007f909b4399d0 R11: 0000000000000206 R12: 00007ffc6e869ede [ 2540.775719][T24961] R13: 00007ffc6e869edf R14: 00007f909b439300 R15: 0000000000022000 [ 2540.783732][T24961] [ 2540.788212][T24961] memory: usage 307200kB, limit 307200kB, failcnt 70937 [ 2540.797319][T24961] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2540.804542][T24961] Memory cgroup stats for /syz2: [ 2540.804762][T24961] anon 143360 [ 2540.804762][T24961] file 638976 [ 2540.804762][T24961] kernel 313790464 [ 2540.804762][T24961] kernel_stack 65536 [ 2540.804762][T24961] pagetables 81920 [ 2540.804762][T24961] sec_pagetables 0 [ 2540.804762][T24961] percpu 5611040 [ 2540.804762][T24961] sock 0 [ 2540.804762][T24961] vmalloc 0 [ 2540.804762][T24961] shmem 638976 [ 2540.804762][T24961] zswap 0 [ 2540.804762][T24961] zswapped 0 [ 2540.804762][T24961] file_mapped 638976 [ 2540.804762][T24961] file_dirty 0 [ 2540.804762][T24961] file_writeback 0 [ 2540.804762][T24961] swapcached 0 [ 2540.804762][T24961] anon_thp 0 [ 2540.804762][T24961] file_thp 0 [ 2540.804762][T24961] shmem_thp 0 [ 2540.804762][T24961] inactive_anon 376832 [ 2540.804762][T24961] active_anon 405504 [ 2540.804762][T24961] inactive_file 0 [ 2540.804762][T24961] active_file 0 [ 2540.804762][T24961] unevictable 0 [ 2540.804762][T24961] slab_reclaimable 233712 [ 2540.804762][T24961] slab_unreclaimable 307766904 [ 2540.998776][T24961] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24961,uid=0 [ 2541.027737][T24961] Memory cgroup out of memory: Killed process 24961 (syz-executor.2) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2541.065296][T24947] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2541.081456][T24947] CPU: 0 PID: 24947 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2541.091924][T24947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2541.102012][T24947] Call Trace: [ 2541.105305][T24947] [ 2541.108244][T24947] dump_stack_lvl+0xd1/0x138 [ 2541.112867][T24947] dump_header+0x10b/0x85f [ 2541.117315][T24947] oom_kill_process.cold+0x10/0x15 [ 2541.122464][T24947] out_of_memory+0x35c/0x14a0 [ 2541.127178][T24947] ? oom_killer_disable+0x280/0x280 [ 2541.132407][T24947] ? find_held_lock+0x2d/0x110 [ 2541.137202][T24947] mem_cgroup_out_of_memory+0x206/0x270 [ 2541.142785][T24947] ? mem_cgroup_margin+0x130/0x130 [ 2541.147920][T24947] ? lock_downgrade+0x6e0/0x6e0 [ 2541.152799][T24947] try_charge_memcg+0xefb/0x12f0 [ 2541.157761][T24947] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2541.163758][T24947] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2541.169505][T24947] ? lock_downgrade+0x6e0/0x6e0 [ 2541.174374][T24947] ? lock_downgrade+0x6e0/0x6e0 [ 2541.179259][T24947] __memcg_kmem_charge_page+0x16e/0x3b0 [ 2541.184829][T24947] memcg_charge_kernel_stack.part.0+0x6c/0x150 [ 2541.191008][T24947] copy_process+0x4e3/0x7520 [ 2541.195627][T24947] ? __lock_acquire+0xbc3/0x56d0 [ 2541.200592][T24947] ? __cleanup_sighand+0xb0/0xb0 [ 2541.205551][T24947] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 2541.211551][T24947] ? psi_memstall_leave+0x174/0x250 [ 2541.216778][T24947] kernel_clone+0xeb/0x990 [ 2541.221215][T24947] ? create_io_thread+0xf0/0xf0 [ 2541.226085][T24947] ? percpu_ref_put_many.constprop.0+0x6a/0x1a0 [ 2541.232356][T24947] ? lock_downgrade+0x6e0/0x6e0 [ 2541.237233][T24947] __do_sys_clone+0xba/0x100 [ 2541.241843][T24947] ? kernel_clone+0x990/0x990 [ 2541.246557][T24947] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2541.252479][T24947] do_syscall_64+0x39/0xb0 [ 2541.256920][T24947] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2541.262829][T24947] RIP: 0033:0x7f0b7de8d4f1 [ 2541.267253][T24947] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2541.286872][T24947] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2541.295303][T24947] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2541.303287][T24947] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 [ 2541.311270][T24947] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2541.319251][T24947] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2541.327230][T24947] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2541.335229][T24947] [ 2541.354436][T24947] memory: usage 307200kB, limit 307200kB, failcnt 80353 [ 2541.361574][T24947] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2541.370008][T24947] Memory cgroup stats for /syz0: [ 2541.370257][T24947] anon 143360 [ 2541.370257][T24947] file 479232 [ 2541.370257][T24947] kernel 313950208 [ 2541.370257][T24947] kernel_stack 65536 [ 2541.370257][T24947] pagetables 77824 [ 2541.370257][T24947] sec_pagetables 0 [ 2541.370257][T24947] percpu 5614656 [ 2541.370257][T24947] sock 0 [ 2541.370257][T24947] vmalloc 8192 [ 2541.370257][T24947] shmem 479232 [ 2541.370257][T24947] zswap 0 [ 2541.370257][T24947] zswapped 0 [ 2541.370257][T24947] file_mapped 479232 [ 2541.370257][T24947] file_dirty 0 [ 2541.370257][T24947] file_writeback 0 [ 2541.370257][T24947] swapcached 0 [ 2541.370257][T24947] anon_thp 0 [ 2541.370257][T24947] file_thp 0 [ 2541.370257][T24947] shmem_thp 0 [ 2541.370257][T24947] inactive_anon 180224 [ 2541.370257][T24947] active_anon 442368 [ 2541.370257][T24947] inactive_file 0 [ 2541.370257][T24947] active_file 0 [ 2541.370257][T24947] unevictable 0 [ 2541.370257][T24947] slab_reclaimable 22312 [ 2541.370257][T24947] slab_unreclaimable 308126904 09:53:55 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x1000000000000000}, 0x0) 09:53:55 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 09:53:55 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x8}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2541.469367][T24947] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=24947,uid=0 [ 2541.485448][T24947] Memory cgroup out of memory: Killed process 24947 (syz-executor.0) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:53:55 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xff7f}, 0x0) 09:53:55 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) 09:53:55 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xf002) 09:53:55 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0xa}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2541.674658][T24979] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2541.688915][T24970] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2541.726077][T24970] CPU: 0 PID: 24970 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2541.736567][T24970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2541.746662][T24970] Call Trace: [ 2541.749962][T24970] [ 2541.752938][T24970] dump_stack_lvl+0xd1/0x138 [ 2541.757583][T24970] dump_header+0x10b/0x85f [ 2541.762065][T24970] oom_kill_process.cold+0x10/0x15 [ 2541.767239][T24970] out_of_memory+0x35c/0x14a0 [ 2541.771978][T24970] ? find_held_lock+0x2d/0x110 [ 2541.776803][T24970] ? oom_killer_disable+0x280/0x280 [ 2541.782063][T24970] ? find_held_lock+0x2d/0x110 [ 2541.786879][T24970] mem_cgroup_out_of_memory+0x206/0x270 [ 2541.792481][T24970] ? mem_cgroup_margin+0x130/0x130 [ 2541.797647][T24970] ? lock_downgrade+0x6e0/0x6e0 [ 2541.802558][T24970] try_charge_memcg+0xefb/0x12f0 [ 2541.807547][T24970] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2541.813582][T24970] ? lock_downgrade+0x6e0/0x6e0 [ 2541.818491][T24970] charge_memcg+0x90/0x3b0 [ 2541.822953][T24970] __mem_cgroup_charge+0x2b/0x90 [ 2541.828081][T24970] do_wp_page+0x7ec/0x3370 [ 2541.832558][T24970] ? lock_release+0x810/0x810 [ 2541.837268][T24970] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2541.842676][T24970] ? do_raw_spin_lock+0x124/0x2b0 [ 2541.847728][T24970] ? rwlock_bug.part.0+0x90/0x90 [ 2541.852688][T24970] ? lock_chain_count+0x20/0x20 [ 2541.857562][T24970] __handle_mm_fault+0x1f58/0x3c90 [ 2541.862713][T24970] ? vm_iomap_memory+0x190/0x190 [ 2541.867704][T24970] handle_mm_fault+0x1b6/0x850 [ 2541.872501][T24970] do_user_addr_fault+0x475/0x1210 [ 2541.877639][T24970] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2541.883223][T24970] exc_page_fault+0x98/0x170 [ 2541.887834][T24970] asm_exc_page_fault+0x26/0x30 [ 2541.892700][T24970] RIP: 0033:0x7ff9f2039570 [ 2541.897128][T24970] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2541.916761][T24970] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 09:53:56 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0xc}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2541.922846][T24970] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2541.930828][T24970] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2541.938812][T24970] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2541.946793][T24970] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2541.954782][T24970] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2541.962764][T24970] ? __sock_create+0x2c/0x790 [ 2541.967487][T24970] 09:53:56 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xf003) [ 2542.029721][T24985] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 09:53:56 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0xe}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:56 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x10}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:56 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x12}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2542.238056][T24991] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2542.370026][T24970] memory: usage 307200kB, limit 307200kB, failcnt 33563 [ 2542.384423][T24970] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2542.401158][T24970] Memory cgroup stats for /syz1: [ 2542.401418][T24970] anon 114688 [ 2542.401418][T24970] file 606208 [ 2542.401418][T24970] kernel 313851904 [ 2542.401418][T24970] kernel_stack 65536 [ 2542.401418][T24970] pagetables 73728 [ 2542.401418][T24970] sec_pagetables 0 [ 2542.401418][T24970] percpu 5612288 [ 2542.401418][T24970] sock 0 [ 2542.401418][T24970] vmalloc 0 [ 2542.401418][T24970] shmem 602112 [ 2542.401418][T24970] zswap 0 [ 2542.401418][T24970] zswapped 0 [ 2542.401418][T24970] file_mapped 602112 [ 2542.401418][T24970] file_dirty 0 [ 2542.401418][T24970] file_writeback 0 [ 2542.401418][T24970] swapcached 0 [ 2542.401418][T24970] anon_thp 0 [ 2542.401418][T24970] file_thp 0 [ 2542.401418][T24970] shmem_thp 0 [ 2542.401418][T24970] inactive_anon 282624 [ 2542.401418][T24970] active_anon 434176 [ 2542.401418][T24970] inactive_file 0 [ 2542.401418][T24970] active_file 4096 [ 2542.401418][T24970] unevictable 0 [ 2542.401418][T24970] slab_reclaimable 219568 [ 2542.401418][T24970] slab_unreclaimable 307848312 [ 2542.497553][T24970] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=24970,uid=0 [ 2542.513562][T24970] Memory cgroup out of memory: Killed process 24970 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2542.531943][T24980] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000 [ 2542.548169][T24980] CPU: 0 PID: 24980 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2542.558653][T24980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2542.568739][T24980] Call Trace: [ 2542.572044][T24980] [ 2542.574999][T24980] dump_stack_lvl+0xd1/0x138 [ 2542.579638][T24980] dump_header+0x10b/0x85f [ 2542.584100][T24980] oom_kill_process.cold+0x10/0x15 [ 2542.589271][T24980] out_of_memory+0x35c/0x14a0 [ 2542.594006][T24980] ? oom_killer_disable+0x280/0x280 [ 2542.599254][T24980] ? find_held_lock+0x2d/0x110 [ 2542.604081][T24980] mem_cgroup_out_of_memory+0x206/0x270 [ 2542.609679][T24980] ? mem_cgroup_margin+0x130/0x130 [ 2542.614877][T24980] ? lock_downgrade+0x6e0/0x6e0 [ 2542.619778][T24980] try_charge_memcg+0xefb/0x12f0 [ 2542.624769][T24980] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2542.630777][T24980] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2542.636508][T24980] ? lock_downgrade+0x6e0/0x6e0 [ 2542.641360][T24980] ? lock_downgrade+0x6e0/0x6e0 [ 2542.646221][T24980] ? rcu_read_unlock+0x9/0x60 [ 2542.650922][T24980] obj_cgroup_charge+0x2af/0x5e0 [ 2542.655906][T24980] ? copy_process+0x3aa/0x7520 [ 2542.660735][T24980] kmem_cache_alloc_node+0xb7/0x460 [ 2542.665968][T24980] copy_process+0x3aa/0x7520 [ 2542.670586][T24980] ? finish_task_switch.isra.0+0x2b0/0xc80 [ 2542.676438][T24980] ? lock_downgrade+0x6e0/0x6e0 [ 2542.681308][T24980] ? find_held_lock+0x2d/0x110 [ 2542.686112][T24980] ? __cleanup_sighand+0xb0/0xb0 [ 2542.691072][T24980] ? lockdep_hardirqs_on+0x7d/0x100 [ 2542.696290][T24980] ? __switch_to+0x5d0/0x10a0 [ 2542.701018][T24980] kernel_clone+0xeb/0x990 [ 2542.705473][T24980] ? create_io_thread+0xf0/0xf0 [ 2542.710358][T24980] ? io_schedule_timeout+0x150/0x150 [ 2542.715699][T24980] __do_sys_clone+0xba/0x100 [ 2542.720322][T24980] ? kernel_clone+0x990/0x990 [ 2542.725047][T24980] do_syscall_64+0x39/0xb0 [ 2542.729497][T24980] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2542.735410][T24980] RIP: 0033:0x7f0b7de8d4f1 [ 2542.739842][T24980] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2542.759467][T24980] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2542.767899][T24980] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2542.776144][T24980] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 [ 2542.784136][T24980] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2542.792118][T24980] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2542.800101][T24980] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2542.808103][T24980] [ 2542.814627][T24980] memory: usage 307200kB, limit 307200kB, failcnt 80502 [ 2542.827367][T24980] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2542.834975][T24980] Memory cgroup stats for /syz0: [ 2542.835336][T24980] anon 143360 [ 2542.835336][T24980] file 479232 [ 2542.835336][T24980] kernel 313950208 [ 2542.835336][T24980] kernel_stack 65536 [ 2542.835336][T24980] pagetables 77824 [ 2542.835336][T24980] sec_pagetables 0 [ 2542.835336][T24980] percpu 5614656 [ 2542.835336][T24980] sock 0 [ 2542.835336][T24980] vmalloc 8192 [ 2542.835336][T24980] shmem 479232 [ 2542.835336][T24980] zswap 0 [ 2542.835336][T24980] zswapped 0 [ 2542.835336][T24980] file_mapped 479232 [ 2542.835336][T24980] file_dirty 0 [ 2542.835336][T24980] file_writeback 0 [ 2542.835336][T24980] swapcached 0 [ 2542.835336][T24980] anon_thp 0 [ 2542.835336][T24980] file_thp 0 [ 2542.835336][T24980] shmem_thp 0 [ 2542.835336][T24980] inactive_anon 180224 [ 2542.835336][T24980] active_anon 442368 [ 2542.835336][T24980] inactive_file 0 [ 2542.835336][T24980] active_file 0 [ 2542.835336][T24980] unevictable 0 [ 2542.835336][T24980] slab_reclaimable 28096 [ 2542.835336][T24980] slab_unreclaimable 308121352 [ 2542.934178][T24980] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=24980,uid=0 [ 2542.951065][T24980] Memory cgroup out of memory: Killed process 24980 (syz-executor.0) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2542.969339][T24988] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2542.985390][T24988] CPU: 1 PID: 24988 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2542.995883][T24988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2543.005978][T24988] Call Trace: [ 2543.009288][T24988] [ 2543.012242][T24988] dump_stack_lvl+0xd1/0x138 [ 2543.016877][T24988] dump_header+0x10b/0x85f [ 2543.021348][T24988] oom_kill_process.cold+0x10/0x15 [ 2543.026519][T24988] out_of_memory+0x35c/0x14a0 [ 2543.031261][T24988] ? oom_killer_disable+0x280/0x280 [ 2543.036512][T24988] ? find_held_lock+0x2d/0x110 [ 2543.041323][T24988] mem_cgroup_out_of_memory+0x206/0x270 [ 2543.046908][T24988] ? mem_cgroup_margin+0x130/0x130 [ 2543.052047][T24988] ? lock_downgrade+0x6e0/0x6e0 [ 2543.056934][T24988] try_charge_memcg+0xefb/0x12f0 [ 2543.061899][T24988] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2543.067908][T24988] ? lock_downgrade+0x6e0/0x6e0 [ 2543.072793][T24988] charge_memcg+0x90/0x3b0 [ 2543.077231][T24988] __mem_cgroup_charge+0x2b/0x90 [ 2543.082187][T24988] ? _compound_head+0x5d/0x150 [ 2543.086974][T24988] __handle_mm_fault+0x187d/0x3c90 [ 2543.092117][T24988] ? vm_iomap_memory+0x190/0x190 [ 2543.097106][T24988] handle_mm_fault+0x1b6/0x850 [ 2543.101930][T24988] do_user_addr_fault+0x475/0x1210 [ 2543.107070][T24988] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2543.112688][T24988] exc_page_fault+0x98/0x170 [ 2543.117301][T24988] asm_exc_page_fault+0x26/0x30 [ 2543.122170][T24988] RIP: 0033:0x7f909a63b8cf [ 2543.126598][T24988] Code: ff ff 4d 89 cd 48 85 c0 74 19 8b 95 44 ff ff ff 48 29 c6 48 01 c7 e8 10 09 05 00 85 c0 0f 85 0b 03 00 00 48 8b 85 48 ff ff ff <41> c7 45 18 01 00 00 00 4c 89 ef 49 89 85 90 06 00 00 48 8b 85 50 [ 2543.146226][T24988] RSP: 002b:00007ffc6e869e80 EFLAGS: 00010246 [ 2543.152309][T24988] RAX: 00007f909b419000 RBX: 0000000000021000 RCX: 00007f909a68c1d7 [ 2543.160291][T24988] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f909b41a000 [ 2543.168271][T24988] RBP: 00007ffc6e869f50 R08: 00000000ffffffff R09: 00007f909b439700 09:53:57 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x1400000000000000}, 0x0) 09:53:57 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:57 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) 09:53:57 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) 09:53:57 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xfffe}, 0x0) [ 2543.176252][T24988] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffc6e86a070 [ 2543.184234][T24988] R13: 00007f909b439700 R14: 0000000000000000 R15: 0000000000022000 [ 2543.192235][T24988] [ 2543.217897][T24988] memory: usage 307184kB, limit 307200kB, failcnt 71188 09:53:57 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x2}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2543.291125][T24988] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2543.338495][T24988] Memory cgroup stats for /syz2: [ 2543.339633][T24988] anon 139264 [ 2543.339633][T24988] file 638976 [ 2543.339633][T24988] kernel 313778176 [ 2543.339633][T24988] kernel_stack 65536 [ 2543.339633][T24988] pagetables 81920 [ 2543.339633][T24988] sec_pagetables 0 [ 2543.339633][T24988] percpu 5611040 [ 2543.339633][T24988] sock 0 [ 2543.339633][T24988] vmalloc 0 [ 2543.339633][T24988] shmem 638976 [ 2543.339633][T24988] zswap 0 [ 2543.339633][T24988] zswapped 0 [ 2543.339633][T24988] file_mapped 638976 09:53:57 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x3}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2543.339633][T24988] file_dirty 0 [ 2543.339633][T24988] file_writeback 0 [ 2543.339633][T24988] swapcached 0 [ 2543.339633][T24988] anon_thp 0 [ 2543.339633][T24988] file_thp 0 [ 2543.339633][T24988] shmem_thp 0 [ 2543.339633][T24988] inactive_anon 372736 [ 2543.339633][T24988] active_anon 405504 [ 2543.339633][T24988] inactive_file 0 [ 2543.339633][T24988] active_file 0 [ 2543.339633][T24988] unevictable 0 [ 2543.339633][T24988] slab_reclaimable 233712 [ 2543.339633][T24988] slab_unreclaimable 307759408 09:53:57 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x4}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2543.486486][T24988] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24988,uid=0 [ 2543.505662][T24988] Memory cgroup out of memory: Killed process 24988 (syz-executor.2) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2543.540771][T24997] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2543.558989][T24997] CPU: 1 PID: 24997 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2543.569472][T24997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2543.579561][T24997] Call Trace: [ 2543.582869][T24997] [ 2543.585834][T24997] dump_stack_lvl+0xd1/0x138 [ 2543.590484][T24997] dump_header+0x10b/0x85f [ 2543.594958][T24997] oom_kill_process.cold+0x10/0x15 [ 2543.600130][T24997] out_of_memory+0x35c/0x14a0 [ 2543.604868][T24997] ? oom_killer_disable+0x280/0x280 [ 2543.610128][T24997] ? find_held_lock+0x2d/0x110 [ 2543.614943][T24997] mem_cgroup_out_of_memory+0x206/0x270 [ 2543.620543][T24997] ? mem_cgroup_margin+0x130/0x130 [ 2543.625702][T24997] ? lock_downgrade+0x6e0/0x6e0 [ 2543.630604][T24997] try_charge_memcg+0xefb/0x12f0 [ 2543.635594][T24997] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2543.641621][T24997] ? lock_downgrade+0x6e0/0x6e0 [ 2543.646508][T24997] charge_memcg+0x90/0x3b0 [ 2543.650950][T24997] __mem_cgroup_charge+0x2b/0x90 [ 2543.655910][T24997] do_wp_page+0x7ec/0x3370 [ 2543.660361][T24997] ? lock_release+0x810/0x810 [ 2543.665054][T24997] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2543.670452][T24997] ? do_raw_spin_lock+0x124/0x2b0 [ 2543.675668][T24997] ? rwlock_bug.part.0+0x90/0x90 [ 2543.680644][T24997] ? lock_chain_count+0x20/0x20 [ 2543.685532][T24997] __handle_mm_fault+0x1f58/0x3c90 [ 2543.690682][T24997] ? vm_iomap_memory+0x190/0x190 [ 2543.695679][T24997] handle_mm_fault+0x1b6/0x850 [ 2543.700486][T24997] do_user_addr_fault+0x475/0x1210 [ 2543.705637][T24997] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2543.711232][T24997] exc_page_fault+0x98/0x170 [ 2543.715848][T24997] asm_exc_page_fault+0x26/0x30 [ 2543.720734][T24997] RIP: 0033:0x7ff9f2039570 [ 2543.725178][T24997] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2543.744981][T24997] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2543.751067][T24997] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2543.759049][T24997] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2543.767122][T24997] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2543.775102][T24997] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2543.783087][T24997] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c 09:53:58 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xf200) [ 2543.791089][T24997] ? __sock_create+0x2c/0x790 [ 2543.795838][T24997] 09:53:58 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x5}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:58 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x6}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:58 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x7}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2543.983734][T25018] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2544.089517][T24997] memory: usage 307200kB, limit 307200kB, failcnt 33633 [ 2544.104127][T24997] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2544.123942][T24997] Memory cgroup stats for /syz1: [ 2544.124287][T24997] anon 114688 [ 2544.124287][T24997] file 606208 [ 2544.124287][T24997] kernel 313851904 [ 2544.124287][T24997] kernel_stack 65536 [ 2544.124287][T24997] pagetables 73728 [ 2544.124287][T24997] sec_pagetables 0 [ 2544.124287][T24997] percpu 5612288 [ 2544.124287][T24997] sock 0 [ 2544.124287][T24997] vmalloc 0 [ 2544.124287][T24997] shmem 602112 [ 2544.124287][T24997] zswap 0 [ 2544.124287][T24997] zswapped 0 [ 2544.124287][T24997] file_mapped 602112 [ 2544.124287][T24997] file_dirty 4096 [ 2544.124287][T24997] file_writeback 0 [ 2544.124287][T24997] swapcached 0 [ 2544.124287][T24997] anon_thp 0 [ 2544.124287][T24997] file_thp 0 [ 2544.124287][T24997] shmem_thp 0 [ 2544.124287][T24997] inactive_anon 282624 [ 2544.124287][T24997] active_anon 434176 [ 2544.124287][T24997] inactive_file 0 [ 2544.124287][T24997] active_file 4096 [ 2544.124287][T24997] unevictable 0 [ 2544.124287][T24997] slab_reclaimable 219568 [ 2544.124287][T24997] slab_unreclaimable 307848312 [ 2544.230446][T24997] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=24997,uid=0 [ 2544.255201][T24997] Memory cgroup out of memory: Killed process 24997 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2544.273624][T25012] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2544.291936][T25012] CPU: 1 PID: 25012 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2544.302410][T25012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2544.312500][T25012] Call Trace: [ 2544.315806][T25012] [ 2544.318771][T25012] dump_stack_lvl+0xd1/0x138 [ 2544.323509][T25012] dump_header+0x10b/0x85f [ 2544.327985][T25012] oom_kill_process.cold+0x10/0x15 [ 2544.333247][T25012] out_of_memory+0x35c/0x14a0 [ 2544.337984][T25012] ? oom_killer_disable+0x280/0x280 [ 2544.343233][T25012] ? find_held_lock+0x2d/0x110 [ 2544.348034][T25012] mem_cgroup_out_of_memory+0x206/0x270 [ 2544.353613][T25012] ? mem_cgroup_margin+0x130/0x130 [ 2544.358754][T25012] ? lock_downgrade+0x6e0/0x6e0 [ 2544.363641][T25012] try_charge_memcg+0xefb/0x12f0 [ 2544.368607][T25012] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2544.374614][T25012] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2544.380366][T25012] ? lock_downgrade+0x6e0/0x6e0 [ 2544.385238][T25012] ? lock_downgrade+0x6e0/0x6e0 [ 2544.390209][T25012] obj_cgroup_charge+0x2af/0x5e0 [ 2544.395173][T25012] kmem_cache_alloc_lru+0x145/0x760 [ 2544.400386][T25012] ? sock_alloc_inode+0x27/0x1d0 [ 2544.405443][T25012] sock_alloc_inode+0x27/0x1d0 [ 2544.410228][T25012] ? sock_free_inode+0x30/0x30 [ 2544.415019][T25012] alloc_inode+0x61/0x230 [ 2544.419377][T25012] new_inode_pseudo+0x17/0x80 [ 2544.424088][T25012] sock_alloc+0x40/0x260 [ 2544.428354][T25012] __sock_create+0xbd/0x790 [ 2544.432893][T25012] __sys_socket+0x133/0x250 [ 2544.437424][T25012] ? __sys_socket_file+0x1f0/0x1f0 [ 2544.442576][T25012] __x64_sys_socket+0x73/0xb0 [ 2544.447281][T25012] do_syscall_64+0x39/0xb0 [ 2544.451727][T25012] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2544.457638][T25012] RIP: 0033:0x7f0b7de8c0c9 [ 2544.462065][T25012] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2544.481692][T25012] RSP: 002b:00007f0b7eba3168 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 2544.490123][T25012] RAX: ffffffffffffffda RBX: 00007f0b7dfabf80 RCX: 00007f0b7de8c0c9 [ 2544.498109][T25012] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000010 [ 2544.506090][T25012] RBP: 00007f0b7dee7ae9 R08: 0000000000000000 R09: 0000000000000000 [ 2544.514074][T25012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2544.522059][T25012] R13: 00007fff0637016f R14: 00007f0b7eba3300 R15: 0000000000022000 [ 2544.530062][T25012] [ 2544.535228][T25012] memory: usage 307200kB, limit 307200kB, failcnt 80634 [ 2544.554091][T25012] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2544.561471][T25012] Memory cgroup stats for /syz0: [ 2544.561743][T25012] anon 143360 [ 2544.561743][T25012] file 479232 [ 2544.561743][T25012] kernel 313950208 [ 2544.561743][T25012] kernel_stack 65536 [ 2544.561743][T25012] pagetables 77824 [ 2544.561743][T25012] sec_pagetables 0 [ 2544.561743][T25012] percpu 5614656 [ 2544.561743][T25012] sock 0 [ 2544.561743][T25012] vmalloc 8192 [ 2544.561743][T25012] shmem 479232 [ 2544.561743][T25012] zswap 0 [ 2544.561743][T25012] zswapped 0 [ 2544.561743][T25012] file_mapped 479232 [ 2544.561743][T25012] file_dirty 0 [ 2544.561743][T25012] file_writeback 0 [ 2544.561743][T25012] swapcached 0 [ 2544.561743][T25012] anon_thp 0 [ 2544.561743][T25012] file_thp 0 [ 2544.561743][T25012] shmem_thp 0 [ 2544.561743][T25012] inactive_anon 180224 [ 2544.561743][T25012] active_anon 442368 [ 2544.561743][T25012] inactive_file 0 [ 2544.561743][T25012] active_file 0 [ 2544.561743][T25012] unevictable 0 [ 2544.561743][T25012] slab_reclaimable 20384 09:53:59 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x1500000000000000}, 0x0) 09:53:59 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x8}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:59 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xf202) 09:53:59 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000}, 0x0) 09:53:59 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) 09:53:59 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) [ 2544.561743][T25012] slab_unreclaimable 308126256 [ 2544.663219][T25012] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=25005,uid=0 [ 2544.679577][T25012] Memory cgroup out of memory: Killed process 25005 (syz-executor.0) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:53:59 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0xb}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:53:59 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0xe}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2544.852380][T25032] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2544.878914][T25027] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2544.910397][T25027] CPU: 0 PID: 25027 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2544.920894][T25027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2544.930987][T25027] Call Trace: [ 2544.934296][T25027] [ 2544.937257][T25027] dump_stack_lvl+0xd1/0x138 [ 2544.941902][T25027] dump_header+0x10b/0x85f [ 2544.946394][T25027] oom_kill_process.cold+0x10/0x15 [ 2544.951557][T25027] out_of_memory+0x35c/0x14a0 [ 2544.956297][T25027] ? find_held_lock+0x2d/0x110 [ 2544.961120][T25027] ? oom_killer_disable+0x280/0x280 [ 2544.966377][T25027] ? find_held_lock+0x2d/0x110 [ 2544.971181][T25027] mem_cgroup_out_of_memory+0x206/0x270 [ 2544.976767][T25027] ? mem_cgroup_margin+0x130/0x130 [ 2544.981910][T25027] ? lock_downgrade+0x6e0/0x6e0 [ 2544.986804][T25027] try_charge_memcg+0xefb/0x12f0 [ 2544.991769][T25027] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2544.997777][T25027] ? lock_downgrade+0x6e0/0x6e0 [ 2545.002662][T25027] charge_memcg+0x90/0x3b0 [ 2545.007103][T25027] __mem_cgroup_charge+0x2b/0x90 [ 2545.012062][T25027] do_wp_page+0x7ec/0x3370 [ 2545.016516][T25027] ? lock_release+0x810/0x810 [ 2545.021213][T25027] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2545.026614][T25027] ? do_raw_spin_lock+0x124/0x2b0 [ 2545.031658][T25027] ? rwlock_bug.part.0+0x90/0x90 [ 2545.036629][T25027] ? lock_chain_count+0x20/0x20 [ 2545.041504][T25027] __handle_mm_fault+0x1f58/0x3c90 [ 2545.046650][T25027] ? vm_iomap_memory+0x190/0x190 [ 2545.051641][T25027] handle_mm_fault+0x1b6/0x850 [ 2545.056436][T25027] do_user_addr_fault+0x475/0x1210 [ 2545.061574][T25027] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2545.067152][T25027] exc_page_fault+0x98/0x170 [ 2545.071771][T25027] asm_exc_page_fault+0x26/0x30 [ 2545.076638][T25027] RIP: 0033:0x7ff9f2039570 [ 2545.081066][T25027] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2545.100695][T25027] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2545.106778][T25027] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2545.114760][T25027] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2545.122740][T25027] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2545.130721][T25027] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2545.138703][T25027] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2545.146686][T25027] ? __sock_create+0x2c/0x790 [ 2545.151409][T25027] 09:53:59 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x11}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2545.208989][T25027] memory: usage 307200kB, limit 307200kB, failcnt 33697 [ 2545.221494][T25027] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2545.238959][T25038] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2545.239973][T25027] Memory cgroup stats for /syz1: [ 2545.270874][T25027] anon 114688 [ 2545.270874][T25027] file 606208 [ 2545.270874][T25027] kernel 313851904 [ 2545.270874][T25027] kernel_stack 65536 [ 2545.270874][T25027] pagetables 73728 [ 2545.270874][T25027] sec_pagetables 0 [ 2545.270874][T25027] percpu 5612288 [ 2545.270874][T25027] sock 0 [ 2545.270874][T25027] vmalloc 0 [ 2545.270874][T25027] shmem 602112 [ 2545.270874][T25027] zswap 0 [ 2545.270874][T25027] zswapped 0 [ 2545.270874][T25027] file_mapped 602112 [ 2545.270874][T25027] file_dirty 4096 [ 2545.270874][T25027] file_writeback 0 [ 2545.270874][T25027] swapcached 0 [ 2545.270874][T25027] anon_thp 0 [ 2545.270874][T25027] file_thp 0 [ 2545.270874][T25027] shmem_thp 0 [ 2545.270874][T25027] inactive_anon 282624 [ 2545.270874][T25027] active_anon 434176 [ 2545.270874][T25027] inactive_file 0 [ 2545.270874][T25027] active_file 4096 [ 2545.270874][T25027] unevictable 0 [ 2545.270874][T25027] slab_reclaimable 219568 [ 2545.270874][T25027] slab_unreclaimable 307848312 09:53:59 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x29}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2545.436207][T25027] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25027,uid=0 [ 2545.452670][T25027] Memory cgroup out of memory: Killed process 25027 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 09:53:59 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) [ 2545.480296][T25026] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2545.504045][T25026] CPU: 1 PID: 25026 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2545.514535][T25026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2545.524634][T25026] Call Trace: [ 2545.527944][T25026] [ 2545.530906][T25026] dump_stack_lvl+0xd1/0x138 [ 2545.535549][T25026] dump_header+0x10b/0x85f [ 2545.540035][T25026] oom_kill_process.cold+0x10/0x15 [ 2545.545207][T25026] out_of_memory+0x35c/0x14a0 [ 2545.549957][T25026] ? oom_killer_disable+0x280/0x280 [ 2545.555218][T25026] ? find_held_lock+0x2d/0x110 [ 2545.560042][T25026] mem_cgroup_out_of_memory+0x206/0x270 [ 2545.565653][T25026] ? mem_cgroup_margin+0x130/0x130 [ 2545.570823][T25026] ? lock_downgrade+0x6e0/0x6e0 [ 2545.575749][T25026] try_charge_memcg+0xefb/0x12f0 [ 2545.580740][T25026] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2545.586769][T25026] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2545.592551][T25026] ? lock_downgrade+0x6e0/0x6e0 [ 2545.597465][T25026] obj_cgroup_charge+0x2af/0x5e0 [ 2545.602453][T25026] ? vm_area_dup+0x7d/0x380 [ 2545.607004][T25026] kmem_cache_alloc+0xb5/0x430 [ 2545.611816][T25026] vm_area_dup+0x7d/0x380 [ 2545.616192][T25026] ? mt_slot+0xa1/0x170 [ 2545.620403][T25026] ? mas_next_nentry+0x610/0xab0 [ 2545.625393][T25026] ? mas_next_node+0x547/0xa00 [ 2545.630207][T25026] ? mas_find+0x211/0xd10 [ 2545.634590][T25026] ? vm_area_alloc+0x100/0x100 [ 2545.639401][T25026] ? validate_mm_mt+0x149/0x1b0 [ 2545.644293][T25026] ? remove_vma+0x130/0x130 [ 2545.648839][T25026] ? can_vma_merge_before+0x390/0x390 [ 2545.654262][T25026] __split_vma+0xae/0x5e0 [ 2545.658635][T25026] ? vma_merge+0x2cf/0x870 [ 2545.663095][T25026] split_vma+0xa3/0xe0 [ 2545.667304][T25026] mprotect_fixup+0x686/0x960 [ 2545.672042][T25026] ? mas_find+0x211/0xd10 [ 2545.676412][T25026] ? change_protection+0x3b30/0x3b30 [ 2545.681950][T25026] do_mprotect_pkey+0x6fd/0xa70 [ 2545.686858][T25026] ? mprotect_fixup+0x960/0x960 [ 2545.691756][T25026] ? up_write+0x1b0/0x520 [ 2545.696189][T25026] __x64_sys_mprotect+0x78/0xb0 [ 2545.701186][T25026] do_syscall_64+0x39/0xb0 [ 2545.705654][T25026] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2545.711588][T25026] RIP: 0033:0x7f909a68c1d7 [ 2545.716035][T25026] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 09:54:00 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x38}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2545.735688][T25026] RSP: 002b:00007ffc6e869e78 EFLAGS: 00000206 ORIG_RAX: 000000000000000a [ 2545.744161][T25026] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f909a68c1d7 [ 2545.752176][T25026] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f909b41a000 [ 2545.760189][T25026] RBP: 00007ffc6e869f50 R08: 00000000ffffffff R09: 00007f909b439700 [ 2545.768379][T25026] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffc6e86a070 [ 2545.776386][T25026] R13: 00007f909b439700 R14: 0000000000000000 R15: 0000000000022000 [ 2545.784417][T25026] [ 2545.802776][T25026] memory: usage 307184kB, limit 307200kB, failcnt 71411 [ 2545.811161][T25026] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2545.826943][T25026] Memory cgroup stats for /syz2: [ 2545.827202][T25026] anon 139264 [ 2545.827202][T25026] file 638976 [ 2545.827202][T25026] kernel 313778176 [ 2545.827202][T25026] kernel_stack 65536 [ 2545.827202][T25026] pagetables 81920 [ 2545.827202][T25026] sec_pagetables 0 [ 2545.827202][T25026] percpu 5611040 [ 2545.827202][T25026] sock 0 [ 2545.827202][T25026] vmalloc 0 [ 2545.827202][T25026] shmem 638976 [ 2545.827202][T25026] zswap 0 [ 2545.827202][T25026] zswapped 0 [ 2545.827202][T25026] file_mapped 638976 [ 2545.827202][T25026] file_dirty 0 [ 2545.827202][T25026] file_writeback 0 [ 2545.827202][T25026] swapcached 0 [ 2545.827202][T25026] anon_thp 0 [ 2545.827202][T25026] file_thp 0 [ 2545.827202][T25026] shmem_thp 0 [ 2545.827202][T25026] inactive_anon 372736 [ 2545.827202][T25026] active_anon 405504 [ 2545.827202][T25026] inactive_file 0 [ 2545.827202][T25026] active_file 0 [ 2545.827202][T25026] unevictable 0 [ 2545.827202][T25026] slab_reclaimable 233712 [ 2545.827202][T25026] slab_unreclaimable 307758544 [ 2545.956505][T25026] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=25026,uid=0 [ 2545.980127][T25026] Memory cgroup out of memory: Killed process 25026 (syz-executor.2) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2545.998221][T25035] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000 [ 2546.018786][T25035] CPU: 1 PID: 25035 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2546.029272][T25035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2546.039369][T25035] Call Trace: [ 2546.042673][T25035] [ 2546.045624][T25035] dump_stack_lvl+0xd1/0x138 [ 2546.050264][T25035] dump_header+0x10b/0x85f [ 2546.054720][T25035] oom_kill_process.cold+0x10/0x15 [ 2546.059869][T25035] out_of_memory+0x35c/0x14a0 [ 2546.064591][T25035] ? oom_killer_disable+0x280/0x280 [ 2546.069824][T25035] ? find_held_lock+0x2d/0x110 [ 2546.074883][T25035] mem_cgroup_out_of_memory+0x206/0x270 [ 2546.080461][T25035] ? mem_cgroup_margin+0x130/0x130 [ 2546.085597][T25035] ? lock_downgrade+0x6e0/0x6e0 [ 2546.090485][T25035] try_charge_memcg+0xefb/0x12f0 [ 2546.095453][T25035] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2546.101454][T25035] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2546.107203][T25035] ? lock_downgrade+0x6e0/0x6e0 [ 2546.112072][T25035] ? lock_downgrade+0x6e0/0x6e0 [ 2546.116948][T25035] ? rcu_read_unlock+0x9/0x60 [ 2546.121663][T25035] obj_cgroup_charge+0x2af/0x5e0 [ 2546.126630][T25035] ? copy_process+0x3aa/0x7520 [ 2546.131408][T25035] kmem_cache_alloc_node+0xb7/0x460 [ 2546.136632][T25035] copy_process+0x3aa/0x7520 [ 2546.141247][T25035] ? find_held_lock+0x2d/0x110 [ 2546.146050][T25035] ? __cleanup_sighand+0xb0/0xb0 [ 2546.151008][T25035] ? lock_downgrade+0x6e0/0x6e0 [ 2546.155875][T25035] ? folio_flags.constprop.0+0x53/0x150 [ 2546.161447][T25035] ? folio_add_lru+0x37b/0x680 [ 2546.166237][T25035] kernel_clone+0xeb/0x990 [ 2546.170675][T25035] ? create_io_thread+0xf0/0xf0 [ 2546.175552][T25035] ? find_held_lock+0x2d/0x110 [ 2546.180352][T25035] __do_sys_clone+0xba/0x100 [ 2546.184989][T25035] ? kernel_clone+0x990/0x990 [ 2546.189701][T25035] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2546.195618][T25035] do_syscall_64+0x39/0xb0 [ 2546.200058][T25035] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2546.205974][T25035] RIP: 0033:0x7f0b7de8d4f1 [ 2546.210402][T25035] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2546.230021][T25035] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2546.238457][T25035] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2546.246441][T25035] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 [ 2546.254425][T25035] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2546.262406][T25035] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2546.270386][T25035] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2546.278389][T25035] [ 2546.296187][T25035] memory: usage 307200kB, limit 307200kB, failcnt 80736 [ 2546.303632][T25035] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2546.313653][T25035] Memory cgroup stats for /syz0: [ 2546.313903][T25035] anon 143360 [ 2546.313903][T25035] file 479232 [ 2546.313903][T25035] kernel 313950208 [ 2546.313903][T25035] kernel_stack 65536 [ 2546.313903][T25035] pagetables 77824 [ 2546.313903][T25035] sec_pagetables 0 [ 2546.313903][T25035] percpu 5614656 [ 2546.313903][T25035] sock 0 [ 2546.313903][T25035] vmalloc 8192 [ 2546.313903][T25035] shmem 479232 [ 2546.313903][T25035] zswap 0 [ 2546.313903][T25035] zswapped 0 [ 2546.313903][T25035] file_mapped 479232 [ 2546.313903][T25035] file_dirty 0 [ 2546.313903][T25035] file_writeback 0 [ 2546.313903][T25035] swapcached 0 [ 2546.313903][T25035] anon_thp 0 [ 2546.313903][T25035] file_thp 0 [ 2546.313903][T25035] shmem_thp 0 [ 2546.313903][T25035] inactive_anon 180224 [ 2546.313903][T25035] active_anon 442368 [ 2546.313903][T25035] inactive_file 0 [ 2546.313903][T25035] active_file 0 [ 2546.313903][T25035] unevictable 0 [ 2546.313903][T25035] slab_reclaimable 28096 [ 2546.313903][T25035] slab_unreclaimable 308121352 09:54:00 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x5c}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:00 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x1800000000000000}, 0x0) 09:54:00 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x30000}, 0x0) 09:54:00 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xf203) 09:54:00 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) 09:54:00 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) [ 2546.411274][T25035] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=25035,uid=0 [ 2546.428493][T25035] Memory cgroup out of memory: Killed process 25035 (syz-executor.0) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:54:00 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0xc8}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:00 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) [ 2546.591918][T25057] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2546.619848][T25049] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 09:54:01 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0xe0}, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2546.651611][T25049] CPU: 1 PID: 25049 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2546.662099][T25049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2546.672189][T25049] Call Trace: [ 2546.675497][T25049] [ 2546.678456][T25049] dump_stack_lvl+0xd1/0x138 [ 2546.683106][T25049] dump_header+0x10b/0x85f [ 2546.687578][T25049] oom_kill_process.cold+0x10/0x15 [ 2546.692744][T25049] out_of_memory+0x35c/0x14a0 [ 2546.697484][T25049] ? find_held_lock+0x2d/0x110 [ 2546.702301][T25049] ? oom_killer_disable+0x280/0x280 [ 2546.707557][T25049] ? find_held_lock+0x2d/0x110 [ 2546.712379][T25049] mem_cgroup_out_of_memory+0x206/0x270 [ 2546.717977][T25049] ? mem_cgroup_margin+0x130/0x130 [ 2546.723140][T25049] ? lock_downgrade+0x6e0/0x6e0 [ 2546.728055][T25049] try_charge_memcg+0xefb/0x12f0 [ 2546.733066][T25049] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2546.739109][T25049] ? lock_downgrade+0x6e0/0x6e0 [ 2546.744016][T25049] charge_memcg+0x90/0x3b0 09:54:01 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x2, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2546.748482][T25049] __mem_cgroup_charge+0x2b/0x90 [ 2546.753465][T25049] do_wp_page+0x7ec/0x3370 [ 2546.757947][T25049] ? lock_release+0x810/0x810 [ 2546.762660][T25049] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2546.768086][T25049] ? do_raw_spin_lock+0x124/0x2b0 [ 2546.773149][T25049] ? rwlock_bug.part.0+0x90/0x90 [ 2546.778127][T25049] ? lock_chain_count+0x20/0x20 [ 2546.783019][T25049] __handle_mm_fault+0x1f58/0x3c90 [ 2546.788191][T25049] ? vm_iomap_memory+0x190/0x190 [ 2546.793213][T25049] handle_mm_fault+0x1b6/0x850 [ 2546.798036][T25049] do_user_addr_fault+0x475/0x1210 [ 2546.803207][T25049] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2546.808813][T25049] exc_page_fault+0x98/0x170 [ 2546.813445][T25049] asm_exc_page_fault+0x26/0x30 [ 2546.818339][T25049] RIP: 0033:0x7ff9f2039570 [ 2546.822788][T25049] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2546.842437][T25049] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 09:54:01 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x3, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2546.848546][T25049] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2546.856555][T25049] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2546.864565][T25049] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2546.872572][T25049] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2546.880585][T25049] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2546.888594][T25049] ? __sock_create+0x2c/0x790 [ 2546.893343][T25049] 09:54:01 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) 09:54:01 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x4, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2547.090221][T25049] memory: usage 307200kB, limit 307200kB, failcnt 33780 [ 2547.098137][T25049] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2547.106431][T25049] Memory cgroup stats for /syz1: [ 2547.106698][T25049] anon 114688 [ 2547.106698][T25049] file 606208 [ 2547.106698][T25049] kernel 313851904 [ 2547.106698][T25049] kernel_stack 65536 [ 2547.106698][T25049] pagetables 73728 [ 2547.106698][T25049] sec_pagetables 0 [ 2547.106698][T25049] percpu 5612288 [ 2547.106698][T25049] sock 0 [ 2547.106698][T25049] vmalloc 0 [ 2547.106698][T25049] shmem 602112 [ 2547.106698][T25049] zswap 0 [ 2547.106698][T25049] zswapped 0 [ 2547.106698][T25049] file_mapped 602112 [ 2547.106698][T25049] file_dirty 4096 [ 2547.106698][T25049] file_writeback 0 [ 2547.106698][T25049] swapcached 0 [ 2547.106698][T25049] anon_thp 0 [ 2547.106698][T25049] file_thp 0 [ 2547.106698][T25049] shmem_thp 0 [ 2547.106698][T25049] inactive_anon 282624 [ 2547.106698][T25049] active_anon 434176 [ 2547.106698][T25049] inactive_file 0 [ 2547.106698][T25049] active_file 4096 [ 2547.106698][T25049] unevictable 0 [ 2547.106698][T25049] slab_reclaimable 219568 [ 2547.106698][T25049] slab_unreclaimable 307848312 [ 2547.202411][T25049] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25049,uid=0 [ 2547.219886][T25049] Memory cgroup out of memory: Killed process 25049 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2547.239281][T25053] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2547.255187][T25053] CPU: 1 PID: 25053 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2547.265657][T25053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2547.275748][T25053] Call Trace: [ 2547.279054][T25053] [ 2547.282013][T25053] dump_stack_lvl+0xd1/0x138 [ 2547.286650][T25053] dump_header+0x10b/0x85f [ 2547.291123][T25053] oom_kill_process.cold+0x10/0x15 [ 2547.296295][T25053] out_of_memory+0x35c/0x14a0 [ 2547.301034][T25053] ? oom_killer_disable+0x280/0x280 [ 2547.306286][T25053] ? find_held_lock+0x2d/0x110 [ 2547.311106][T25053] mem_cgroup_out_of_memory+0x206/0x270 [ 2547.316703][T25053] ? mem_cgroup_margin+0x130/0x130 [ 2547.321860][T25053] ? lock_downgrade+0x6e0/0x6e0 [ 2547.326764][T25053] try_charge_memcg+0xefb/0x12f0 [ 2547.331744][T25053] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2547.337746][T25053] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2547.343496][T25053] ? lock_downgrade+0x6e0/0x6e0 [ 2547.348387][T25053] obj_cgroup_charge+0x2af/0x5e0 [ 2547.353348][T25053] ? vm_area_dup+0x7d/0x380 [ 2547.357869][T25053] kmem_cache_alloc+0xb5/0x430 [ 2547.362655][T25053] vm_area_dup+0x7d/0x380 [ 2547.367005][T25053] ? mt_slot+0xa1/0x170 [ 2547.371191][T25053] ? mas_next_nentry+0x610/0xab0 [ 2547.376155][T25053] ? mas_next_node+0x547/0xa00 [ 2547.380947][T25053] ? mas_find+0x211/0xd10 [ 2547.385392][T25053] ? vm_area_alloc+0x100/0x100 [ 2547.390174][T25053] ? validate_mm_mt+0x149/0x1b0 [ 2547.395049][T25053] ? remove_vma+0x130/0x130 [ 2547.399575][T25053] ? can_vma_merge_before+0x390/0x390 [ 2547.404973][T25053] __split_vma+0xae/0x5e0 [ 2547.409324][T25053] ? vma_merge+0x2cf/0x870 [ 2547.413767][T25053] split_vma+0xa3/0xe0 [ 2547.417861][T25053] mprotect_fixup+0x686/0x960 [ 2547.422569][T25053] ? mas_find+0x211/0xd10 [ 2547.426915][T25053] ? change_protection+0x3b30/0x3b30 [ 2547.432236][T25053] do_mprotect_pkey+0x6fd/0xa70 [ 2547.437115][T25053] ? mprotect_fixup+0x960/0x960 [ 2547.441986][T25053] ? up_write+0x1b0/0x520 [ 2547.446381][T25053] __x64_sys_mprotect+0x78/0xb0 [ 2547.451253][T25053] do_syscall_64+0x39/0xb0 [ 2547.455701][T25053] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2547.461622][T25053] RIP: 0033:0x7f909a68c1d7 [ 2547.466060][T25053] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2547.485682][T25053] RSP: 002b:00007ffc6e869e78 EFLAGS: 00000206 ORIG_RAX: 000000000000000a [ 2547.494113][T25053] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f909a68c1d7 [ 2547.502100][T25053] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f909b41a000 [ 2547.510084][T25053] RBP: 00007ffc6e869f50 R08: 00000000ffffffff R09: 00007f909b439700 [ 2547.518075][T25053] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffc6e86a070 [ 2547.526060][T25053] R13: 00007f909b439700 R14: 0000000000000000 R15: 0000000000022000 [ 2547.534070][T25053] [ 2547.547927][T25053] memory: usage 307200kB, limit 307200kB, failcnt 71509 [ 2547.555329][T25053] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2547.562627][T25053] Memory cgroup stats for /syz2: [ 2547.562880][T25053] anon 139264 [ 2547.562880][T25053] file 638976 [ 2547.562880][T25053] kernel 313794560 [ 2547.562880][T25053] kernel_stack 65536 [ 2547.562880][T25053] pagetables 81920 [ 2547.562880][T25053] sec_pagetables 0 [ 2547.562880][T25053] percpu 5611104 [ 2547.562880][T25053] sock 0 [ 2547.562880][T25053] vmalloc 0 [ 2547.562880][T25053] shmem 638976 [ 2547.562880][T25053] zswap 0 [ 2547.562880][T25053] zswapped 0 [ 2547.562880][T25053] file_mapped 638976 [ 2547.562880][T25053] file_dirty 0 [ 2547.562880][T25053] file_writeback 0 [ 2547.562880][T25053] swapcached 0 [ 2547.562880][T25053] anon_thp 0 [ 2547.562880][T25053] file_thp 0 [ 2547.562880][T25053] shmem_thp 0 [ 2547.562880][T25053] inactive_anon 372736 [ 2547.562880][T25053] active_anon 405504 [ 2547.562880][T25053] inactive_file 0 [ 2547.562880][T25053] active_file 0 [ 2547.562880][T25053] unevictable 0 [ 2547.562880][T25053] slab_reclaimable 233712 [ 2547.562880][T25053] slab_unreclaimable 307770328 [ 2547.661296][T25053] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=25053,uid=0 [ 2547.677742][T25053] Memory cgroup out of memory: Killed process 25053 (syz-executor.2) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2547.695897][T25060] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2547.716763][T25060] CPU: 0 PID: 25060 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2547.727240][T25060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2547.737328][T25060] Call Trace: [ 2547.740629][T25060] [ 2547.743626][T25060] dump_stack_lvl+0xd1/0x138 [ 2547.748262][T25060] dump_header+0x10b/0x85f [ 2547.752746][T25060] oom_kill_process.cold+0x10/0x15 [ 2547.757867][T25060] out_of_memory+0x35c/0x14a0 [ 2547.762557][T25060] ? oom_killer_disable+0x280/0x280 [ 2547.767763][T25060] ? find_held_lock+0x2d/0x110 [ 2547.772551][T25060] mem_cgroup_out_of_memory+0x206/0x270 [ 2547.778145][T25060] ? mem_cgroup_margin+0x130/0x130 [ 2547.783302][T25060] ? lock_downgrade+0x6e0/0x6e0 [ 2547.788204][T25060] try_charge_memcg+0xefb/0x12f0 [ 2547.793189][T25060] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2547.799301][T25060] ? lock_downgrade+0x6e0/0x6e0 [ 2547.804206][T25060] charge_memcg+0x90/0x3b0 [ 2547.808630][T25060] __mem_cgroup_charge+0x2b/0x90 [ 2547.813602][T25060] do_wp_page+0x7ec/0x3370 [ 2547.818054][T25060] ? lock_release+0x810/0x810 [ 2547.822744][T25060] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2547.828164][T25060] ? do_raw_spin_lock+0x124/0x2b0 [ 2547.833216][T25060] ? rwlock_bug.part.0+0x90/0x90 [ 2547.838174][T25060] ? lock_chain_count+0x20/0x20 [ 2547.843063][T25060] __handle_mm_fault+0x1f58/0x3c90 [ 2547.848229][T25060] ? vm_iomap_memory+0x190/0x190 [ 2547.853224][T25060] handle_mm_fault+0x1b6/0x850 [ 2547.858033][T25060] do_user_addr_fault+0x475/0x1210 [ 2547.863180][T25060] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2547.868771][T25060] exc_page_fault+0x98/0x170 [ 2547.873396][T25060] asm_exc_page_fault+0x26/0x30 [ 2547.878266][T25060] RIP: 0033:0x7f0b7de39570 [ 2547.882696][T25060] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2547.902421][T25060] RSP: 002b:00007fff06370110 EFLAGS: 00010246 [ 2547.908545][T25060] RAX: 0000000041637750 RBX: 00007f0b7dfac0e8 RCX: 0000001b31d20000 [ 2547.916550][T25060] RDX: 0000000000000000 RSI: 0000001b31d20018 RDI: 000000000c5be95e [ 2547.924544][T25060] RBP: 0000000041637750 R08: 0000000000001750 R09: 0000000041637754 [ 2547.932533][T25060] R10: 00007fff063702d0 R11: 0000000000000246 R12: 00007f0b7dfa0000 [ 2547.940517][T25060] R13: 0000000000000001 R14: 0000000000000002 R15: ffffffff87bf5059 [ 2547.948501][T25060] ? __sys_sendmsg+0x99/0x1c0 [ 2547.953232][T25060] [ 2547.958597][T25060] memory: usage 307200kB, limit 307200kB, failcnt 80916 [ 2547.966309][T25060] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2547.974323][T25060] Memory cgroup stats for /syz0: [ 2547.974585][T25060] anon 114688 [ 2547.974585][T25060] file 479232 [ 2547.974585][T25060] kernel 313978880 [ 2547.974585][T25060] kernel_stack 98304 [ 2547.974585][T25060] pagetables 77824 [ 2547.974585][T25060] sec_pagetables 0 [ 2547.974585][T25060] percpu 5614656 [ 2547.974585][T25060] sock 0 [ 2547.974585][T25060] vmalloc 8192 [ 2547.974585][T25060] shmem 479232 [ 2547.974585][T25060] zswap 0 [ 2547.974585][T25060] zswapped 0 [ 2547.974585][T25060] file_mapped 479232 [ 2547.974585][T25060] file_dirty 0 [ 2547.974585][T25060] file_writeback 0 [ 2547.974585][T25060] swapcached 0 [ 2547.974585][T25060] anon_thp 0 [ 2547.974585][T25060] file_thp 0 [ 2547.974585][T25060] shmem_thp 0 [ 2547.974585][T25060] inactive_anon 151552 [ 2547.974585][T25060] active_anon 442368 [ 2547.974585][T25060] inactive_file 0 [ 2547.974585][T25060] active_file 0 [ 2547.974585][T25060] unevictable 0 [ 2547.974585][T25060] slab_reclaimable 20384 [ 2547.974585][T25060] slab_unreclaimable 308126584 [ 2548.072561][T25060] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=25060,uid=0 09:54:02 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x1801000000000000}, 0x0) 09:54:02 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x5, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:02 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) 09:54:02 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) 09:54:02 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 09:54:02 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xf400) [ 2548.088380][T25060] Memory cgroup out of memory: Killed process 25060 (syz-executor.0) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:54:02 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) 09:54:02 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x6, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2548.250108][T25085] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2548.271368][T25079] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 09:54:02 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x8, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2548.308300][T25079] CPU: 0 PID: 25079 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2548.318791][T25079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2548.328886][T25079] Call Trace: [ 2548.332207][T25079] [ 2548.335171][T25079] dump_stack_lvl+0xd1/0x138 [ 2548.339822][T25079] dump_header+0x10b/0x85f [ 2548.344304][T25079] oom_kill_process.cold+0x10/0x15 [ 2548.349479][T25079] out_of_memory+0x35c/0x14a0 [ 2548.354229][T25079] ? find_held_lock+0x2d/0x110 [ 2548.359047][T25079] ? oom_killer_disable+0x280/0x280 [ 2548.364285][T25079] ? find_held_lock+0x2d/0x110 [ 2548.369095][T25079] mem_cgroup_out_of_memory+0x206/0x270 [ 2548.374673][T25079] ? mem_cgroup_margin+0x130/0x130 [ 2548.379810][T25079] ? lock_downgrade+0x6e0/0x6e0 [ 2548.384718][T25079] try_charge_memcg+0xefb/0x12f0 [ 2548.389684][T25079] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2548.395691][T25079] ? lock_downgrade+0x6e0/0x6e0 [ 2548.400574][T25079] charge_memcg+0x90/0x3b0 [ 2548.405013][T25079] __mem_cgroup_charge+0x2b/0x90 [ 2548.410149][T25079] do_wp_page+0x7ec/0x3370 [ 2548.414598][T25079] ? lock_release+0x810/0x810 [ 2548.419291][T25079] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2548.424690][T25079] ? do_raw_spin_lock+0x124/0x2b0 [ 2548.429733][T25079] ? rwlock_bug.part.0+0x90/0x90 [ 2548.434689][T25079] ? lock_chain_count+0x20/0x20 [ 2548.439560][T25079] __handle_mm_fault+0x1f58/0x3c90 [ 2548.444707][T25079] ? vm_iomap_memory+0x190/0x190 [ 2548.449702][T25079] handle_mm_fault+0x1b6/0x850 [ 2548.454500][T25079] do_user_addr_fault+0x475/0x1210 [ 2548.459635][T25079] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2548.465301][T25079] exc_page_fault+0x98/0x170 [ 2548.469913][T25079] asm_exc_page_fault+0x26/0x30 [ 2548.474780][T25079] RIP: 0033:0x7ff9f2039570 [ 2548.479209][T25079] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2548.498838][T25079] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2548.504925][T25079] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2548.512914][T25079] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2548.520900][T25079] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2548.528889][T25079] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2548.536871][T25079] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2548.544888][T25079] ? __sock_create+0x2c/0x790 [ 2548.549610][T25079] 09:54:02 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0xc, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:02 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, 0x0, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0) [ 2548.629387][T25093] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2548.656663][T25079] memory: usage 307200kB, limit 307200kB, failcnt 33883 09:54:03 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x10, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2548.789275][T25079] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2548.796384][T25079] Memory cgroup stats for /syz1: [ 2548.796628][T25079] anon 114688 [ 2548.796628][T25079] file 606208 [ 2548.796628][T25079] kernel 313851904 [ 2548.796628][T25079] kernel_stack 65536 [ 2548.796628][T25079] pagetables 73728 [ 2548.796628][T25079] sec_pagetables 0 [ 2548.796628][T25079] percpu 5612288 [ 2548.796628][T25079] sock 0 [ 2548.796628][T25079] vmalloc 0 [ 2548.796628][T25079] shmem 602112 [ 2548.796628][T25079] zswap 0 [ 2548.796628][T25079] zswapped 0 [ 2548.796628][T25079] file_mapped 602112 [ 2548.796628][T25079] file_dirty 4096 [ 2548.796628][T25079] file_writeback 0 [ 2548.796628][T25079] swapcached 0 [ 2548.796628][T25079] anon_thp 0 [ 2548.796628][T25079] file_thp 0 [ 2548.796628][T25079] shmem_thp 0 [ 2548.796628][T25079] inactive_anon 282624 [ 2548.796628][T25079] active_anon 434176 [ 2548.796628][T25079] inactive_file 0 [ 2548.796628][T25079] active_file 4096 [ 2548.796628][T25079] unevictable 0 [ 2548.796628][T25079] slab_reclaimable 219568 [ 2548.796628][T25079] slab_unreclaimable 307848312 [ 2548.896830][T25079] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25079,uid=0 [ 2548.926225][T25079] Memory cgroup out of memory: Killed process 25079 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2548.945547][T25080] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2548.961866][T25080] CPU: 0 PID: 25080 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2548.972340][T25080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2548.982429][T25080] Call Trace: [ 2548.985731][T25080] [ 2548.988707][T25080] dump_stack_lvl+0xd1/0x138 [ 2548.993336][T25080] dump_header+0x10b/0x85f [ 2548.997770][T25080] oom_kill_process.cold+0x10/0x15 [ 2549.002887][T25080] out_of_memory+0x35c/0x14a0 [ 2549.007579][T25080] ? oom_killer_disable+0x280/0x280 [ 2549.012783][T25080] ? find_held_lock+0x2d/0x110 [ 2549.017553][T25080] mem_cgroup_out_of_memory+0x206/0x270 [ 2549.023122][T25080] ? mem_cgroup_margin+0x130/0x130 [ 2549.028288][T25080] ? lock_downgrade+0x6e0/0x6e0 [ 2549.033194][T25080] try_charge_memcg+0xefb/0x12f0 [ 2549.038178][T25080] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2549.044203][T25080] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2549.049964][T25080] ? lock_downgrade+0x6e0/0x6e0 [ 2549.054829][T25080] obj_cgroup_charge+0x2af/0x5e0 [ 2549.059860][T25080] ? vm_area_dup+0x7d/0x380 [ 2549.064362][T25080] kmem_cache_alloc+0xb5/0x430 [ 2549.069146][T25080] vm_area_dup+0x7d/0x380 [ 2549.073505][T25080] ? mt_slot+0xa1/0x170 [ 2549.077712][T25080] ? mas_next_nentry+0x610/0xab0 [ 2549.082697][T25080] ? mas_next_node+0x547/0xa00 [ 2549.087507][T25080] ? mas_find+0x211/0xd10 [ 2549.091878][T25080] ? vm_area_alloc+0x100/0x100 [ 2549.096667][T25080] ? validate_mm_mt+0x149/0x1b0 [ 2549.101528][T25080] ? remove_vma+0x130/0x130 [ 2549.106055][T25080] ? can_vma_merge_before+0x390/0x390 [ 2549.111436][T25080] __split_vma+0xae/0x5e0 [ 2549.115762][T25080] ? vma_merge+0x2cf/0x870 [ 2549.120204][T25080] split_vma+0xa3/0xe0 [ 2549.124315][T25080] mprotect_fixup+0x686/0x960 [ 2549.129046][T25080] ? mas_find+0x211/0xd10 [ 2549.133406][T25080] ? change_protection+0x3b30/0x3b30 [ 2549.138742][T25080] do_mprotect_pkey+0x6fd/0xa70 [ 2549.143643][T25080] ? mprotect_fixup+0x960/0x960 [ 2549.148525][T25080] ? up_write+0x1b0/0x520 [ 2549.152917][T25080] __x64_sys_mprotect+0x78/0xb0 [ 2549.157774][T25080] do_syscall_64+0x39/0xb0 [ 2549.162195][T25080] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2549.168096][T25080] RIP: 0033:0x7f909a68c1d7 [ 2549.172522][T25080] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2549.192259][T25080] RSP: 002b:00007ffc6e869e78 EFLAGS: 00000206 ORIG_RAX: 000000000000000a [ 2549.200708][T25080] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f909a68c1d7 [ 2549.208767][T25080] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f909b41a000 [ 2549.216733][T25080] RBP: 00007ffc6e869f50 R08: 00000000ffffffff R09: 00007f909b439700 [ 2549.224717][T25080] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffc6e86a070 [ 2549.232721][T25080] R13: 00007f909b439700 R14: 0000000000000000 R15: 0000000000022000 [ 2549.240748][T25080] [ 2549.245958][T25080] memory: usage 307200kB, limit 307200kB, failcnt 71625 [ 2549.253823][T25080] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2549.261129][T25080] Memory cgroup stats for /syz2: [ 2549.261400][T25080] anon 139264 [ 2549.261400][T25080] file 638976 [ 2549.261400][T25080] kernel 313794560 [ 2549.261400][T25080] kernel_stack 65536 [ 2549.261400][T25080] pagetables 81920 [ 2549.261400][T25080] sec_pagetables 0 [ 2549.261400][T25080] percpu 5611104 [ 2549.261400][T25080] sock 0 [ 2549.261400][T25080] vmalloc 0 [ 2549.261400][T25080] shmem 638976 [ 2549.261400][T25080] zswap 0 [ 2549.261400][T25080] zswapped 0 [ 2549.261400][T25080] file_mapped 638976 [ 2549.261400][T25080] file_dirty 0 [ 2549.261400][T25080] file_writeback 0 [ 2549.261400][T25080] swapcached 0 [ 2549.261400][T25080] anon_thp 0 [ 2549.261400][T25080] file_thp 0 [ 2549.261400][T25080] shmem_thp 0 [ 2549.261400][T25080] inactive_anon 372736 [ 2549.261400][T25080] active_anon 405504 [ 2549.261400][T25080] inactive_file 0 [ 2549.261400][T25080] active_file 0 [ 2549.261400][T25080] unevictable 0 [ 2549.261400][T25080] slab_reclaimable 233712 [ 2549.261400][T25080] slab_unreclaimable 307770328 [ 2549.358841][T25080] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=25080,uid=0 [ 2549.375107][T25080] Memory cgroup out of memory: Killed process 25080 (syz-executor.2) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2549.393372][T25087] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2549.411240][T25087] CPU: 0 PID: 25087 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2549.421888][T25087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2549.431971][T25087] Call Trace: [ 2549.435267][T25087] [ 2549.438194][T25087] dump_stack_lvl+0xd1/0x138 [ 2549.442794][T25087] dump_header+0x10b/0x85f [ 2549.447235][T25087] oom_kill_process.cold+0x10/0x15 [ 2549.452410][T25087] out_of_memory+0x35c/0x14a0 [ 2549.457150][T25087] ? oom_killer_disable+0x280/0x280 [ 2549.462410][T25087] ? find_held_lock+0x2d/0x110 [ 2549.467216][T25087] mem_cgroup_out_of_memory+0x206/0x270 [ 2549.472787][T25087] ? mem_cgroup_margin+0x130/0x130 [ 2549.477951][T25087] ? lock_downgrade+0x6e0/0x6e0 [ 2549.482857][T25087] try_charge_memcg+0xefb/0x12f0 [ 2549.487843][T25087] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2549.493860][T25087] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2549.499633][T25087] ? lock_downgrade+0x6e0/0x6e0 [ 2549.504522][T25087] obj_cgroup_charge+0x2af/0x5e0 [ 2549.509464][T25087] ? vm_area_dup+0x7d/0x380 [ 2549.513966][T25087] kmem_cache_alloc+0xb5/0x430 [ 2549.518769][T25087] vm_area_dup+0x7d/0x380 [ 2549.523130][T25087] ? mt_slot+0xa1/0x170 [ 2549.527321][T25087] ? mas_next_nentry+0x610/0xab0 [ 2549.532296][T25087] ? mas_next_node+0x547/0xa00 [ 2549.537090][T25087] ? mas_find+0x211/0xd10 [ 2549.541465][T25087] ? vm_area_alloc+0x100/0x100 [ 2549.546250][T25087] ? validate_mm_mt+0x149/0x1b0 [ 2549.551126][T25087] ? remove_vma+0x130/0x130 [ 2549.555654][T25087] ? can_vma_merge_before+0x390/0x390 [ 2549.561088][T25087] __split_vma+0xae/0x5e0 [ 2549.565433][T25087] ? vma_merge+0x2cf/0x870 [ 2549.569874][T25087] split_vma+0xa3/0xe0 [ 2549.573965][T25087] mprotect_fixup+0x686/0x960 [ 2549.578676][T25087] ? mas_find+0x211/0xd10 [ 2549.583021][T25087] ? change_protection+0x3b30/0x3b30 [ 2549.588427][T25087] do_mprotect_pkey+0x6fd/0xa70 [ 2549.593315][T25087] ? mprotect_fixup+0x960/0x960 [ 2549.598186][T25087] ? up_write+0x1b0/0x520 [ 2549.602586][T25087] __x64_sys_mprotect+0x78/0xb0 [ 2549.607456][T25087] do_syscall_64+0x39/0xb0 [ 2549.611901][T25087] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2549.617814][T25087] RIP: 0033:0x7f0b7de8c1d7 [ 2549.622244][T25087] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2549.641871][T25087] RSP: 002b:00007fff06370108 EFLAGS: 00000206 ORIG_RAX: 000000000000000a [ 2549.650388][T25087] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f0b7de8c1d7 [ 2549.658375][T25087] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f0b7eb63000 [ 2549.666359][T25087] RBP: 00007fff063701e0 R08: 00000000ffffffff R09: 00007f0b7eb82700 [ 2549.674342][T25087] R10: 0000000000020022 R11: 0000000000000206 R12: 00007fff06370300 [ 2549.682323][T25087] R13: 00007f0b7eb82700 R14: 0000000000000000 R15: 0000000000022000 [ 2549.690344][T25087] [ 2549.696008][T25087] memory: usage 307200kB, limit 307200kB, failcnt 81050 [ 2549.703356][T25087] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2549.710428][T25087] Memory cgroup stats for /syz0: [ 2549.710671][T25087] anon 139264 [ 2549.710671][T25087] file 479232 [ 2549.710671][T25087] kernel 313954304 [ 2549.710671][T25087] kernel_stack 65536 [ 2549.710671][T25087] pagetables 77824 [ 2549.710671][T25087] sec_pagetables 0 [ 2549.710671][T25087] percpu 5614656 [ 2549.710671][T25087] sock 0 [ 2549.710671][T25087] vmalloc 8192 [ 2549.710671][T25087] shmem 479232 [ 2549.710671][T25087] zswap 0 [ 2549.710671][T25087] zswapped 0 [ 2549.710671][T25087] file_mapped 479232 [ 2549.710671][T25087] file_dirty 0 [ 2549.710671][T25087] file_writeback 0 [ 2549.710671][T25087] swapcached 0 [ 2549.710671][T25087] anon_thp 0 [ 2549.710671][T25087] file_thp 0 [ 2549.710671][T25087] shmem_thp 0 [ 2549.710671][T25087] inactive_anon 176128 [ 2549.710671][T25087] active_anon 442368 [ 2549.710671][T25087] inactive_file 0 [ 2549.710671][T25087] active_file 0 [ 2549.710671][T25087] unevictable 0 09:54:04 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0xed, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:04 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, 0x0, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0) 09:54:04 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xf600) 09:54:04 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x1888ffff00000000}, 0x0) 09:54:04 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) 09:54:04 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xf0ffff}, 0x0) [ 2549.710671][T25087] slab_reclaimable 28096 [ 2549.710671][T25087] slab_unreclaimable 308120488 [ 2549.808810][T25087] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=25087,uid=0 [ 2549.824660][T25087] Memory cgroup out of memory: Killed process 25087 (syz-executor.0) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:54:04 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0x7, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:04 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, 0x0, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0) 09:54:04 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local={0xac, 0x2}]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2550.033952][T25106] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2550.047503][T25114] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2550.067088][T25106] CPU: 0 PID: 25106 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2550.077577][T25106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2550.087667][T25106] Call Trace: [ 2550.090981][T25106] [ 2550.093940][T25106] dump_stack_lvl+0xd1/0x138 [ 2550.098585][T25106] dump_header+0x10b/0x85f [ 2550.103064][T25106] oom_kill_process.cold+0x10/0x15 [ 2550.108228][T25106] out_of_memory+0x35c/0x14a0 [ 2550.112969][T25106] ? find_held_lock+0x2d/0x110 [ 2550.117786][T25106] ? oom_killer_disable+0x280/0x280 [ 2550.123036][T25106] ? find_held_lock+0x2d/0x110 [ 2550.127841][T25106] mem_cgroup_out_of_memory+0x206/0x270 [ 2550.133425][T25106] ? mem_cgroup_margin+0x130/0x130 [ 2550.138572][T25106] ? lock_downgrade+0x6e0/0x6e0 [ 2550.143464][T25106] try_charge_memcg+0xefb/0x12f0 [ 2550.148456][T25106] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2550.154465][T25106] ? lock_downgrade+0x6e0/0x6e0 [ 2550.159447][T25106] charge_memcg+0x90/0x3b0 [ 2550.163896][T25106] __mem_cgroup_charge+0x2b/0x90 [ 2550.168857][T25106] do_wp_page+0x7ec/0x3370 [ 2550.173307][T25106] ? lock_release+0x810/0x810 [ 2550.178001][T25106] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2550.183402][T25106] ? do_raw_spin_lock+0x124/0x2b0 [ 2550.188455][T25106] ? rwlock_bug.part.0+0x90/0x90 [ 2550.193414][T25106] ? lock_chain_count+0x20/0x20 [ 2550.198291][T25106] __handle_mm_fault+0x1f58/0x3c90 [ 2550.203437][T25106] ? vm_iomap_memory+0x190/0x190 [ 2550.208430][T25106] handle_mm_fault+0x1b6/0x850 [ 2550.213227][T25106] do_user_addr_fault+0x475/0x1210 [ 2550.218368][T25106] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2550.223948][T25106] exc_page_fault+0x98/0x170 [ 2550.228560][T25106] asm_exc_page_fault+0x26/0x30 [ 2550.233429][T25106] RIP: 0033:0x7ff9f2039570 [ 2550.237859][T25106] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2550.257481][T25106] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2550.263565][T25106] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2550.271547][T25106] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 09:54:04 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r3, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0) [ 2550.279617][T25106] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2550.287599][T25106] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2550.295583][T25106] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2550.303564][T25106] ? __sock_create+0x2c/0x790 [ 2550.308287][T25106] 09:54:04 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local={0xac, 0x4}]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:04 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r3, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0) 09:54:04 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r3, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0) [ 2550.512494][T25106] memory: usage 307200kB, limit 307200kB, failcnt 33965 [ 2550.541230][T25106] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2550.558731][T25106] Memory cgroup stats for /syz1: [ 2550.559146][T25106] anon 114688 [ 2550.559146][T25106] file 606208 [ 2550.559146][T25106] kernel 313851904 [ 2550.559146][T25106] kernel_stack 65536 [ 2550.559146][T25106] pagetables 73728 [ 2550.559146][T25106] sec_pagetables 0 [ 2550.559146][T25106] percpu 5612288 [ 2550.559146][T25106] sock 0 [ 2550.559146][T25106] vmalloc 0 [ 2550.559146][T25106] shmem 602112 [ 2550.559146][T25106] zswap 0 [ 2550.559146][T25106] zswapped 0 [ 2550.559146][T25106] file_mapped 602112 [ 2550.559146][T25106] file_dirty 4096 [ 2550.559146][T25106] file_writeback 0 [ 2550.559146][T25106] swapcached 0 [ 2550.559146][T25106] anon_thp 0 [ 2550.559146][T25106] file_thp 0 [ 2550.559146][T25106] shmem_thp 0 [ 2550.559146][T25106] inactive_anon 282624 [ 2550.559146][T25106] active_anon 434176 [ 2550.559146][T25106] inactive_file 0 [ 2550.559146][T25106] active_file 4096 [ 2550.559146][T25106] unevictable 0 [ 2550.559146][T25106] slab_reclaimable 219568 [ 2550.559146][T25106] slab_unreclaimable 307848312 [ 2550.692613][T25106] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25106,uid=0 [ 2550.716981][T25106] Memory cgroup out of memory: Killed process 25106 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2550.755941][T25110] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2550.766413][T25110] CPU: 1 PID: 25110 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2550.776879][T25110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2550.786966][T25110] Call Trace: [ 2550.790269][T25110] [ 2550.793218][T25110] dump_stack_lvl+0xd1/0x138 [ 2550.797859][T25110] dump_header+0x10b/0x85f [ 2550.802316][T25110] oom_kill_process.cold+0x10/0x15 [ 2550.807466][T25110] out_of_memory+0x35c/0x14a0 [ 2550.812181][T25110] ? find_held_lock+0x2d/0x110 [ 2550.816978][T25110] ? oom_killer_disable+0x280/0x280 [ 2550.822214][T25110] ? find_held_lock+0x2d/0x110 [ 2550.827009][T25110] mem_cgroup_out_of_memory+0x206/0x270 [ 2550.832585][T25110] ? mem_cgroup_margin+0x130/0x130 [ 2550.837732][T25110] ? lock_downgrade+0x6e0/0x6e0 [ 2550.842615][T25110] try_charge_memcg+0xefb/0x12f0 [ 2550.847633][T25110] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2550.853660][T25110] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2550.859425][T25110] ? lock_downgrade+0x6e0/0x6e0 [ 2550.864309][T25110] ? lock_downgrade+0x6e0/0x6e0 [ 2550.869195][T25110] __memcg_kmem_charge_page+0x16e/0x3b0 [ 2550.874791][T25110] memcg_charge_kernel_stack.part.0+0x6c/0x150 [ 2550.880982][T25110] copy_process+0x4e3/0x7520 [ 2550.885604][T25110] ? __lock_acquire+0xbc3/0x56d0 [ 2550.890580][T25110] ? __cleanup_sighand+0xb0/0xb0 [ 2550.895553][T25110] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 2550.901561][T25110] ? psi_memstall_leave+0x174/0x250 [ 2550.906801][T25110] kernel_clone+0xeb/0x990 [ 2550.911243][T25110] ? create_io_thread+0xf0/0xf0 [ 2550.916119][T25110] ? percpu_ref_put_many.constprop.0+0x6a/0x1a0 [ 2550.922396][T25110] ? lock_downgrade+0x6e0/0x6e0 [ 2550.927363][T25110] __do_sys_clone+0xba/0x100 [ 2550.931974][T25110] ? kernel_clone+0x990/0x990 [ 2550.936689][T25110] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2550.942609][T25110] do_syscall_64+0x39/0xb0 [ 2550.947052][T25110] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2550.952967][T25110] RIP: 0033:0x7f0b7de8d4f1 [ 2550.957402][T25110] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2550.977027][T25110] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2550.985461][T25110] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2550.993443][T25110] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 [ 2551.001450][T25110] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2551.009434][T25110] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2551.017417][T25110] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2551.025424][T25110] [ 2551.041770][T25110] memory: usage 307200kB, limit 307200kB, failcnt 81168 [ 2551.049135][T25110] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2551.056012][T25110] Memory cgroup stats for /syz0: [ 2551.056259][T25110] anon 143360 [ 2551.056259][T25110] file 479232 [ 2551.056259][T25110] kernel 313950208 [ 2551.056259][T25110] kernel_stack 65536 [ 2551.056259][T25110] pagetables 77824 [ 2551.056259][T25110] sec_pagetables 0 [ 2551.056259][T25110] percpu 5614656 [ 2551.056259][T25110] sock 0 [ 2551.056259][T25110] vmalloc 8192 [ 2551.056259][T25110] shmem 479232 [ 2551.056259][T25110] zswap 0 [ 2551.056259][T25110] zswapped 0 [ 2551.056259][T25110] file_mapped 479232 [ 2551.056259][T25110] file_dirty 0 [ 2551.056259][T25110] file_writeback 0 [ 2551.056259][T25110] swapcached 0 [ 2551.056259][T25110] anon_thp 0 [ 2551.056259][T25110] file_thp 0 [ 2551.056259][T25110] shmem_thp 0 [ 2551.056259][T25110] inactive_anon 180224 [ 2551.056259][T25110] active_anon 442368 [ 2551.056259][T25110] inactive_file 0 [ 2551.056259][T25110] active_file 0 [ 2551.056259][T25110] unevictable 0 [ 2551.056259][T25110] slab_reclaimable 22312 [ 2551.056259][T25110] slab_unreclaimable 308126904 09:54:05 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x1f00000000000000}, 0x0) 09:54:05 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xf602) 09:54:05 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local={0xac, 0x6}]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:05 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r2, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x1c}}, 0x0) 09:54:05 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) 09:54:05 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x1000000}, 0x0) [ 2551.152656][T25110] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=25110,uid=0 [ 2551.168375][T25110] Memory cgroup out of memory: Killed process 25110 (syz-executor.0) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:54:05 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local={0xac, 0x8}]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:05 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r2, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x1c}}, 0x0) 09:54:05 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) 09:54:05 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local={0xac, 0xa}]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2551.365278][T25137] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2551.378091][T25131] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2551.413853][T25131] CPU: 0 PID: 25131 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2551.424339][T25131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2551.434438][T25131] Call Trace: [ 2551.437752][T25131] [ 2551.440718][T25131] dump_stack_lvl+0xd1/0x138 [ 2551.445359][T25131] dump_header+0x10b/0x85f [ 2551.449834][T25131] oom_kill_process.cold+0x10/0x15 [ 2551.455003][T25131] out_of_memory+0x35c/0x14a0 [ 2551.459738][T25131] ? find_held_lock+0x2d/0x110 [ 2551.464557][T25131] ? oom_killer_disable+0x280/0x280 [ 2551.469817][T25131] ? find_held_lock+0x2d/0x110 [ 2551.474637][T25131] mem_cgroup_out_of_memory+0x206/0x270 [ 2551.480219][T25131] ? mem_cgroup_margin+0x130/0x130 [ 2551.485358][T25131] ? lock_downgrade+0x6e0/0x6e0 [ 2551.490242][T25131] try_charge_memcg+0xefb/0x12f0 [ 2551.495206][T25131] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2551.501216][T25131] ? lock_downgrade+0x6e0/0x6e0 [ 2551.506118][T25131] charge_memcg+0x90/0x3b0 [ 2551.510557][T25131] __mem_cgroup_charge+0x2b/0x90 [ 2551.515527][T25131] do_wp_page+0x7ec/0x3370 [ 2551.519977][T25131] ? lock_release+0x810/0x810 [ 2551.524673][T25131] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2551.530070][T25131] ? do_raw_spin_lock+0x124/0x2b0 [ 2551.535113][T25131] ? rwlock_bug.part.0+0x90/0x90 [ 2551.540067][T25131] ? lock_chain_count+0x20/0x20 [ 2551.544939][T25131] __handle_mm_fault+0x1f58/0x3c90 [ 2551.550085][T25131] ? vm_iomap_memory+0x190/0x190 [ 2551.555073][T25131] handle_mm_fault+0x1b6/0x850 [ 2551.559868][T25131] do_user_addr_fault+0x475/0x1210 [ 2551.565003][T25131] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2551.570585][T25131] exc_page_fault+0x98/0x170 [ 2551.575195][T25131] asm_exc_page_fault+0x26/0x30 [ 2551.580063][T25131] RIP: 0033:0x7ff9f2039570 [ 2551.584493][T25131] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2551.604122][T25131] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 09:54:06 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local={0xac, 0xc}]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2551.610381][T25131] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2551.618452][T25131] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2551.626436][T25131] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2551.634424][T25131] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2551.642405][T25131] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2551.650392][T25131] ? __sock_create+0x2c/0x790 [ 2551.655117][T25131] 09:54:06 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local={0xac, 0xe}]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2551.747914][T25131] memory: usage 307200kB, limit 307200kB, failcnt 34032 [ 2551.786680][T25131] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2551.794461][T25131] Memory cgroup stats for /syz1: [ 2551.794707][T25131] anon 114688 [ 2551.794707][T25131] file 606208 [ 2551.794707][T25131] kernel 313851904 [ 2551.794707][T25131] kernel_stack 65536 [ 2551.794707][T25131] pagetables 73728 [ 2551.794707][T25131] sec_pagetables 0 [ 2551.794707][T25131] percpu 5612288 [ 2551.794707][T25131] sock 0 [ 2551.794707][T25131] vmalloc 0 [ 2551.794707][T25131] shmem 602112 [ 2551.794707][T25131] zswap 0 [ 2551.794707][T25131] zswapped 0 [ 2551.794707][T25131] file_mapped 602112 [ 2551.794707][T25131] file_dirty 4096 [ 2551.794707][T25131] file_writeback 0 [ 2551.794707][T25131] swapcached 0 [ 2551.794707][T25131] anon_thp 0 [ 2551.794707][T25131] file_thp 0 [ 2551.794707][T25131] shmem_thp 0 [ 2551.794707][T25131] inactive_anon 282624 [ 2551.794707][T25131] active_anon 434176 [ 2551.794707][T25131] inactive_file 0 [ 2551.794707][T25131] active_file 4096 [ 2551.794707][T25131] unevictable 0 [ 2551.794707][T25131] slab_reclaimable 219568 [ 2551.794707][T25131] slab_unreclaimable 307848312 [ 2551.893297][T25131] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25131,uid=0 [ 2551.910480][T25131] Memory cgroup out of memory: Killed process 25131 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2551.928202][T25128] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2551.944827][T25128] CPU: 0 PID: 25128 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2551.955303][T25128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2551.965385][T25128] Call Trace: [ 2551.968690][T25128] [ 2551.971645][T25128] dump_stack_lvl+0xd1/0x138 [ 2551.976281][T25128] dump_header+0x10b/0x85f [ 2551.980739][T25128] oom_kill_process.cold+0x10/0x15 [ 2551.985864][T25128] out_of_memory+0x35c/0x14a0 [ 2551.990553][T25128] ? oom_killer_disable+0x280/0x280 [ 2551.995759][T25128] ? find_held_lock+0x2d/0x110 [ 2552.000546][T25128] mem_cgroup_out_of_memory+0x206/0x270 [ 2552.006152][T25128] ? mem_cgroup_margin+0x130/0x130 [ 2552.011313][T25128] ? lock_downgrade+0x6e0/0x6e0 [ 2552.016218][T25128] try_charge_memcg+0xefb/0x12f0 [ 2552.021220][T25128] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2552.027240][T25128] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2552.033002][T25128] ? lock_downgrade+0x6e0/0x6e0 [ 2552.037858][T25128] ? lock_downgrade+0x6e0/0x6e0 [ 2552.042715][T25128] __memcg_kmem_charge_page+0x16e/0x3b0 [ 2552.048258][T25128] memcg_charge_kernel_stack.part.0+0x6c/0x150 [ 2552.054433][T25128] copy_process+0x4e3/0x7520 [ 2552.059063][T25128] ? find_held_lock+0x2d/0x110 [ 2552.063892][T25128] ? __cleanup_sighand+0xb0/0xb0 [ 2552.068869][T25128] ? lock_downgrade+0x6e0/0x6e0 [ 2552.073752][T25128] ? folio_flags.constprop.0+0x53/0x150 [ 2552.079330][T25128] ? folio_add_lru+0x37b/0x680 [ 2552.084100][T25128] kernel_clone+0xeb/0x990 [ 2552.088518][T25128] ? create_io_thread+0xf0/0xf0 [ 2552.093370][T25128] ? find_held_lock+0x2d/0x110 [ 2552.098144][T25128] __do_sys_clone+0xba/0x100 [ 2552.102747][T25128] ? kernel_clone+0x990/0x990 [ 2552.107483][T25128] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2552.113421][T25128] do_syscall_64+0x39/0xb0 [ 2552.117885][T25128] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2552.123813][T25128] RIP: 0033:0x7f909a68d4f1 [ 2552.128243][T25128] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2552.147849][T25128] RSP: 002b:00007ffc6e869e28 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2552.156280][T25128] RAX: ffffffffffffffda RBX: 00007f909b439700 RCX: 00007f909a68d4f1 [ 2552.164293][T25128] RDX: 00007f909b4399d0 RSI: 00007f909b4392f0 RDI: 00000000003d0f00 [ 2552.172292][T25128] RBP: 00007ffc6e86a070 R08: 00007f909b439700 R09: 00007f909b439700 [ 2552.180287][T25128] R10: 00007f909b4399d0 R11: 0000000000000206 R12: 00007ffc6e869ede [ 2552.188261][T25128] R13: 00007ffc6e869edf R14: 00007f909b439300 R15: 0000000000022000 [ 2552.196243][T25128] [ 2552.215285][T25128] memory: usage 307200kB, limit 307200kB, failcnt 71856 [ 2552.225070][T25128] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2552.232592][T25128] Memory cgroup stats for /syz2: [ 2552.232819][T25128] anon 143360 [ 2552.232819][T25128] file 638976 [ 2552.232819][T25128] kernel 313790464 [ 2552.232819][T25128] kernel_stack 65536 [ 2552.232819][T25128] pagetables 81920 [ 2552.232819][T25128] sec_pagetables 0 [ 2552.232819][T25128] percpu 5611040 [ 2552.232819][T25128] sock 0 [ 2552.232819][T25128] vmalloc 0 [ 2552.232819][T25128] shmem 638976 [ 2552.232819][T25128] zswap 0 [ 2552.232819][T25128] zswapped 0 [ 2552.232819][T25128] file_mapped 638976 [ 2552.232819][T25128] file_dirty 0 [ 2552.232819][T25128] file_writeback 0 [ 2552.232819][T25128] swapcached 0 [ 2552.232819][T25128] anon_thp 0 [ 2552.232819][T25128] file_thp 0 [ 2552.232819][T25128] shmem_thp 0 [ 2552.232819][T25128] inactive_anon 376832 [ 2552.232819][T25128] active_anon 405504 [ 2552.232819][T25128] inactive_file 0 [ 2552.232819][T25128] active_file 0 [ 2552.232819][T25128] unevictable 0 [ 2552.232819][T25128] slab_reclaimable 233712 [ 2552.232819][T25128] slab_unreclaimable 307766904 [ 2552.327723][T25128] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=25128,uid=0 [ 2552.344730][T25128] Memory cgroup out of memory: Killed process 25128 (syz-executor.2) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2552.384698][T25138] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2552.410667][T25138] CPU: 1 PID: 25138 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2552.421172][T25138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2552.431271][T25138] Call Trace: [ 2552.434569][T25138] [ 2552.437519][T25138] dump_stack_lvl+0xd1/0x138 [ 2552.442156][T25138] dump_header+0x10b/0x85f [ 2552.446623][T25138] oom_kill_process.cold+0x10/0x15 [ 2552.451787][T25138] out_of_memory+0x35c/0x14a0 [ 2552.456552][T25138] ? find_held_lock+0x2d/0x110 [ 2552.461375][T25138] ? oom_killer_disable+0x280/0x280 [ 2552.466735][T25138] ? find_held_lock+0x2d/0x110 [ 2552.471552][T25138] mem_cgroup_out_of_memory+0x206/0x270 [ 2552.477135][T25138] ? mem_cgroup_margin+0x130/0x130 [ 2552.482277][T25138] ? lock_downgrade+0x6e0/0x6e0 [ 2552.487164][T25138] try_charge_memcg+0xefb/0x12f0 [ 2552.492132][T25138] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2552.498134][T25138] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2552.503885][T25138] ? lock_downgrade+0x6e0/0x6e0 [ 2552.508762][T25138] ? lock_downgrade+0x6e0/0x6e0 [ 2552.513644][T25138] __memcg_kmem_charge_page+0x16e/0x3b0 [ 2552.519215][T25138] memcg_charge_kernel_stack.part.0+0x6c/0x150 [ 2552.525396][T25138] copy_process+0x4e3/0x7520 [ 2552.530017][T25138] ? __lock_acquire+0xbc3/0x56d0 [ 2552.534989][T25138] ? __cleanup_sighand+0xb0/0xb0 [ 2552.539953][T25138] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 2552.545957][T25138] ? psi_memstall_leave+0x174/0x250 [ 2552.551193][T25138] kernel_clone+0xeb/0x990 [ 2552.555634][T25138] ? create_io_thread+0xf0/0xf0 [ 2552.560511][T25138] ? percpu_ref_put_many.constprop.0+0x6a/0x1a0 [ 2552.566784][T25138] ? lock_downgrade+0x6e0/0x6e0 [ 2552.571667][T25138] __do_sys_clone+0xba/0x100 [ 2552.576283][T25138] ? kernel_clone+0x990/0x990 [ 2552.580997][T25138] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2552.586917][T25138] do_syscall_64+0x39/0xb0 [ 2552.591360][T25138] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2552.597272][T25138] RIP: 0033:0x7f0b7de8d4f1 [ 2552.601703][T25138] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2552.621324][T25138] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2552.629758][T25138] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2552.637741][T25138] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 [ 2552.645744][T25138] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2552.653738][T25138] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2552.661726][T25138] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2552.669737][T25138] [ 2552.695981][T25138] memory: usage 307200kB, limit 307200kB, failcnt 81326 [ 2552.703458][T25138] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2552.710972][T25138] Memory cgroup stats for /syz0: [ 2552.711211][T25138] anon 143360 [ 2552.711211][T25138] file 479232 [ 2552.711211][T25138] kernel 313950208 [ 2552.711211][T25138] kernel_stack 65536 [ 2552.711211][T25138] pagetables 77824 [ 2552.711211][T25138] sec_pagetables 0 [ 2552.711211][T25138] percpu 5614656 [ 2552.711211][T25138] sock 0 [ 2552.711211][T25138] vmalloc 8192 [ 2552.711211][T25138] shmem 479232 [ 2552.711211][T25138] zswap 0 [ 2552.711211][T25138] zswapped 0 [ 2552.711211][T25138] file_mapped 479232 [ 2552.711211][T25138] file_dirty 0 [ 2552.711211][T25138] file_writeback 0 [ 2552.711211][T25138] swapcached 0 [ 2552.711211][T25138] anon_thp 0 [ 2552.711211][T25138] file_thp 0 [ 2552.711211][T25138] shmem_thp 0 [ 2552.711211][T25138] inactive_anon 180224 [ 2552.711211][T25138] active_anon 442368 [ 2552.711211][T25138] inactive_file 0 [ 2552.711211][T25138] active_file 0 [ 2552.711211][T25138] unevictable 0 [ 2552.711211][T25138] slab_reclaimable 22312 [ 2552.711211][T25138] slab_unreclaimable 308126904 [ 2552.809864][T25138] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=25138,uid=0 [ 2552.825917][T25138] Memory cgroup out of memory: Killed process 25138 (syz-executor.0) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:54:07 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x2000000000000000}, 0x0) 09:54:07 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local={0xac, 0x10}]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:07 executing program 4: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:54:07 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) 09:54:07 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x2000000}, 0x0) 09:54:07 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xf603) 09:54:07 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local={0xac, 0x12}]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:07 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:54:07 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) [ 2553.002456][T25156] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2553.020324][T25162] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. 09:54:07 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local={0xac, 0x14, 0x2}]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2553.043706][T25156] CPU: 0 PID: 25156 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2553.054194][T25156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2553.064292][T25156] Call Trace: [ 2553.067603][T25156] [ 2553.070567][T25156] dump_stack_lvl+0xd1/0x138 [ 2553.075204][T25156] dump_header+0x10b/0x85f [ 2553.079676][T25156] oom_kill_process.cold+0x10/0x15 [ 2553.084852][T25156] out_of_memory+0x35c/0x14a0 [ 2553.089594][T25156] ? find_held_lock+0x2d/0x110 [ 2553.094415][T25156] ? oom_killer_disable+0x280/0x280 [ 2553.099670][T25156] ? find_held_lock+0x2d/0x110 [ 2553.104492][T25156] mem_cgroup_out_of_memory+0x206/0x270 [ 2553.110101][T25156] ? mem_cgroup_margin+0x130/0x130 [ 2553.115268][T25156] ? lock_downgrade+0x6e0/0x6e0 [ 2553.120179][T25156] try_charge_memcg+0xefb/0x12f0 [ 2553.125169][T25156] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2553.131209][T25156] ? lock_downgrade+0x6e0/0x6e0 [ 2553.136119][T25156] charge_memcg+0x90/0x3b0 [ 2553.140583][T25156] __mem_cgroup_charge+0x2b/0x90 [ 2553.145568][T25156] do_wp_page+0x7ec/0x3370 [ 2553.150040][T25156] ? lock_release+0x810/0x810 [ 2553.154748][T25156] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2553.160167][T25156] ? do_raw_spin_lock+0x124/0x2b0 [ 2553.165233][T25156] ? rwlock_bug.part.0+0x90/0x90 [ 2553.170221][T25156] ? lock_chain_count+0x20/0x20 [ 2553.175117][T25156] __handle_mm_fault+0x1f58/0x3c90 [ 2553.180292][T25156] ? vm_iomap_memory+0x190/0x190 [ 2553.185305][T25156] handle_mm_fault+0x1b6/0x850 [ 2553.190127][T25156] do_user_addr_fault+0x475/0x1210 [ 2553.195286][T25156] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2553.200895][T25156] exc_page_fault+0x98/0x170 [ 2553.205532][T25156] asm_exc_page_fault+0x26/0x30 [ 2553.210418][T25156] RIP: 0033:0x7ff9f2039570 [ 2553.214864][T25156] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2553.234528][T25156] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2553.240634][T25156] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 09:54:07 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local={0xac, 0x14, 0x4}]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2553.248639][T25156] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2553.256646][T25156] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2553.264650][T25156] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2553.272659][T25156] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2553.280667][T25156] ? __sock_create+0x2c/0x790 [ 2553.285427][T25156] 09:54:07 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) [ 2553.305425][T25156] memory: usage 307200kB, limit 307200kB, failcnt 34105 [ 2553.339956][T25156] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2553.351773][T25156] Memory cgroup stats for /syz1: [ 2553.352033][T25156] anon 114688 [ 2553.352033][T25156] file 606208 [ 2553.352033][T25156] kernel 313851904 [ 2553.352033][T25156] kernel_stack 65536 [ 2553.352033][T25156] pagetables 73728 [ 2553.352033][T25156] sec_pagetables 0 [ 2553.352033][T25156] percpu 5612288 [ 2553.352033][T25156] sock 0 [ 2553.352033][T25156] vmalloc 0 [ 2553.352033][T25156] shmem 602112 [ 2553.352033][T25156] zswap 0 [ 2553.352033][T25156] zswapped 0 [ 2553.352033][T25156] file_mapped 602112 [ 2553.352033][T25156] file_dirty 4096 [ 2553.352033][T25156] file_writeback 0 [ 2553.352033][T25156] swapcached 0 [ 2553.352033][T25156] anon_thp 0 [ 2553.352033][T25156] file_thp 0 [ 2553.352033][T25156] shmem_thp 0 [ 2553.352033][T25156] inactive_anon 282624 [ 2553.352033][T25156] active_anon 434176 [ 2553.352033][T25156] inactive_file 0 [ 2553.352033][T25156] active_file 4096 [ 2553.352033][T25156] unevictable 0 [ 2553.352033][T25156] slab_reclaimable 219568 [ 2553.352033][T25156] slab_unreclaimable 307848312 [ 2553.469963][T25156] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25156,uid=0 [ 2553.486628][T25156] Memory cgroup out of memory: Killed process 25156 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2553.504895][T25157] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2553.517002][T25157] CPU: 0 PID: 25157 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2553.527469][T25157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2553.537552][T25157] Call Trace: [ 2553.540856][T25157] [ 2553.543810][T25157] dump_stack_lvl+0xd1/0x138 [ 2553.548454][T25157] dump_header+0x10b/0x85f [ 2553.552909][T25157] oom_kill_process.cold+0x10/0x15 [ 2553.558026][T25157] out_of_memory+0x35c/0x14a0 [ 2553.562714][T25157] ? oom_killer_disable+0x280/0x280 [ 2553.567917][T25157] ? find_held_lock+0x2d/0x110 [ 2553.572702][T25157] mem_cgroup_out_of_memory+0x206/0x270 [ 2553.578281][T25157] ? mem_cgroup_margin+0x130/0x130 [ 2553.583423][T25157] ? lock_downgrade+0x6e0/0x6e0 [ 2553.588309][T25157] try_charge_memcg+0xefb/0x12f0 [ 2553.593274][T25157] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2553.599273][T25157] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2553.605028][T25157] ? lock_downgrade+0x6e0/0x6e0 [ 2553.609916][T25157] obj_cgroup_charge+0x2af/0x5e0 [ 2553.614878][T25157] ? vm_area_dup+0x7d/0x380 [ 2553.619404][T25157] kmem_cache_alloc+0xb5/0x430 [ 2553.624190][T25157] vm_area_dup+0x7d/0x380 [ 2553.628540][T25157] ? mt_slot+0xa1/0x170 [ 2553.632725][T25157] ? mas_next_nentry+0x610/0xab0 [ 2553.637689][T25157] ? mas_next_node+0x547/0xa00 [ 2553.642486][T25157] ? mas_find+0x211/0xd10 [ 2553.646846][T25157] ? vm_area_alloc+0x100/0x100 [ 2553.651630][T25157] ? validate_mm_mt+0x149/0x1b0 [ 2553.656501][T25157] ? remove_vma+0x130/0x130 [ 2553.661040][T25157] ? can_vma_merge_before+0x390/0x390 [ 2553.666456][T25157] __split_vma+0xae/0x5e0 [ 2553.670817][T25157] ? vma_merge+0x2cf/0x870 [ 2553.675290][T25157] split_vma+0xa3/0xe0 [ 2553.679392][T25157] mprotect_fixup+0x686/0x960 [ 2553.684110][T25157] ? mas_find+0x211/0xd10 [ 2553.688459][T25157] ? change_protection+0x3b30/0x3b30 [ 2553.693780][T25157] do_mprotect_pkey+0x6fd/0xa70 [ 2553.698667][T25157] ? mprotect_fixup+0x960/0x960 [ 2553.703538][T25157] ? up_write+0x1b0/0x520 [ 2553.707935][T25157] __x64_sys_mprotect+0x78/0xb0 [ 2553.712809][T25157] do_syscall_64+0x39/0xb0 [ 2553.717271][T25157] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2553.723201][T25157] RIP: 0033:0x7f909a68c1d7 [ 2553.727642][T25157] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2553.747277][T25157] RSP: 002b:00007ffc6e869e78 EFLAGS: 00000206 ORIG_RAX: 000000000000000a [ 2553.755886][T25157] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f909a68c1d7 [ 2553.763874][T25157] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f909b41a000 [ 2553.771857][T25157] RBP: 00007ffc6e869f50 R08: 00000000ffffffff R09: 00007f909b439700 [ 2553.779857][T25157] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffc6e86a070 [ 2553.787864][T25157] R13: 00007f909b439700 R14: 0000000000000000 R15: 0000000000022000 [ 2553.795895][T25157] [ 2553.802052][T25157] memory: usage 307200kB, limit 307200kB, failcnt 71959 [ 2553.809316][T25157] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2553.816286][T25157] Memory cgroup stats for /syz2: [ 2553.816563][T25157] anon 139264 [ 2553.816563][T25157] file 638976 [ 2553.816563][T25157] kernel 313794560 [ 2553.816563][T25157] kernel_stack 65536 [ 2553.816563][T25157] pagetables 81920 [ 2553.816563][T25157] sec_pagetables 0 [ 2553.816563][T25157] percpu 5611104 [ 2553.816563][T25157] sock 0 [ 2553.816563][T25157] vmalloc 0 [ 2553.816563][T25157] shmem 638976 [ 2553.816563][T25157] zswap 0 [ 2553.816563][T25157] zswapped 0 [ 2553.816563][T25157] file_mapped 638976 [ 2553.816563][T25157] file_dirty 0 [ 2553.816563][T25157] file_writeback 0 [ 2553.816563][T25157] swapcached 0 [ 2553.816563][T25157] anon_thp 0 [ 2553.816563][T25157] file_thp 0 [ 2553.816563][T25157] shmem_thp 0 [ 2553.816563][T25157] inactive_anon 372736 [ 2553.816563][T25157] active_anon 405504 [ 2553.816563][T25157] inactive_file 0 [ 2553.816563][T25157] active_file 0 [ 2553.816563][T25157] unevictable 0 [ 2553.816563][T25157] slab_reclaimable 233712 [ 2553.816563][T25157] slab_unreclaimable 307770328 [ 2553.913573][T25157] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=25157,uid=0 [ 2553.929577][T25157] Memory cgroup out of memory: Killed process 25157 (syz-executor.2) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2553.951670][T25169] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 09:54:08 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x2213000000000000}, 0x0) 09:54:08 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local={0xac, 0x14, 0x6}]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:08 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) 09:54:08 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:54:08 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x2010000}, 0x0) 09:54:08 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xf801) 09:54:08 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local={0xac, 0x14, 0x8}]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:08 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, 0x0, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0) 09:54:08 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) [ 2554.131118][T25182] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2554.177092][T25182] CPU: 1 PID: 25182 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2554.187579][T25182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2554.197669][T25182] Call Trace: [ 2554.201002][T25182] [ 2554.203959][T25182] dump_stack_lvl+0xd1/0x138 [ 2554.208597][T25182] dump_header+0x10b/0x85f [ 2554.213069][T25182] oom_kill_process.cold+0x10/0x15 [ 2554.218236][T25182] out_of_memory+0x35c/0x14a0 [ 2554.222972][T25182] ? find_held_lock+0x2d/0x110 [ 2554.224749][T25192] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2554.227762][T25182] ? oom_killer_disable+0x280/0x280 [ 2554.227823][T25182] ? find_held_lock+0x2d/0x110 [ 2554.247095][T25182] mem_cgroup_out_of_memory+0x206/0x270 [ 2554.252680][T25182] ? mem_cgroup_margin+0x130/0x130 [ 2554.257822][T25182] ? lock_downgrade+0x6e0/0x6e0 [ 2554.262706][T25182] try_charge_memcg+0xefb/0x12f0 [ 2554.267672][T25182] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2554.273684][T25182] ? lock_downgrade+0x6e0/0x6e0 [ 2554.278572][T25182] charge_memcg+0x90/0x3b0 [ 2554.283016][T25182] __mem_cgroup_charge+0x2b/0x90 [ 2554.287975][T25182] do_wp_page+0x7ec/0x3370 [ 2554.292426][T25182] ? lock_release+0x810/0x810 [ 2554.297116][T25182] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2554.302517][T25182] ? do_raw_spin_lock+0x124/0x2b0 [ 2554.307559][T25182] ? rwlock_bug.part.0+0x90/0x90 [ 2554.312514][T25182] ? lock_chain_count+0x20/0x20 [ 2554.317390][T25182] __handle_mm_fault+0x1f58/0x3c90 [ 2554.322533][T25182] ? vm_iomap_memory+0x190/0x190 [ 2554.327524][T25182] handle_mm_fault+0x1b6/0x850 [ 2554.332318][T25182] do_user_addr_fault+0x475/0x1210 [ 2554.337457][T25182] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2554.343043][T25182] exc_page_fault+0x98/0x170 [ 2554.347653][T25182] asm_exc_page_fault+0x26/0x30 [ 2554.352523][T25182] RIP: 0033:0x7ff9f2039570 [ 2554.356953][T25182] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2554.376580][T25182] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2554.382837][T25182] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2554.390819][T25182] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2554.398805][T25182] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2554.406791][T25182] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2554.414781][T25182] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2554.422762][T25182] ? __sock_create+0x2c/0x790 09:54:08 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, 0x0, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0) 09:54:08 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local={0xac, 0x14, 0xa}]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2554.427490][T25182] [ 2554.438679][T25182] memory: usage 307200kB, limit 307200kB, failcnt 34188 [ 2554.454482][T25182] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2554.475096][T25182] Memory cgroup stats for /syz1: [ 2554.475338][T25182] anon 114688 [ 2554.475338][T25182] file 606208 [ 2554.475338][T25182] kernel 313851904 [ 2554.475338][T25182] kernel_stack 65536 [ 2554.475338][T25182] pagetables 73728 [ 2554.475338][T25182] sec_pagetables 0 [ 2554.475338][T25182] percpu 5612288 [ 2554.475338][T25182] sock 0 [ 2554.475338][T25182] vmalloc 0 [ 2554.475338][T25182] shmem 602112 [ 2554.475338][T25182] zswap 0 [ 2554.475338][T25182] zswapped 0 [ 2554.475338][T25182] file_mapped 602112 [ 2554.475338][T25182] file_dirty 4096 09:54:08 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local={0xac, 0x14, 0xc}]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2554.475338][T25182] file_writeback 0 [ 2554.475338][T25182] swapcached 0 [ 2554.475338][T25182] anon_thp 0 [ 2554.475338][T25182] file_thp 0 [ 2554.475338][T25182] shmem_thp 0 [ 2554.475338][T25182] inactive_anon 282624 [ 2554.475338][T25182] active_anon 434176 [ 2554.475338][T25182] inactive_file 0 [ 2554.475338][T25182] active_file 4096 [ 2554.475338][T25182] unevictable 0 [ 2554.475338][T25182] slab_reclaimable 219568 [ 2554.475338][T25182] slab_unreclaimable 307848312 [ 2554.607011][T25182] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25182,uid=0 [ 2554.632973][T25182] Memory cgroup out of memory: Killed process 25182 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2554.652786][T25188] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000 [ 2554.655748][T25190] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2554.666521][T25188] CPU: 1 PID: 25188 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2554.682980][T25188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2554.693065][T25188] Call Trace: [ 2554.696367][T25188] [ 2554.699327][T25188] dump_stack_lvl+0xd1/0x138 [ 2554.703979][T25188] dump_header+0x10b/0x85f [ 2554.708448][T25188] oom_kill_process.cold+0x10/0x15 [ 2554.713618][T25188] out_of_memory+0x35c/0x14a0 [ 2554.718361][T25188] ? oom_killer_disable+0x280/0x280 [ 2554.723623][T25188] ? find_held_lock+0x2d/0x110 [ 2554.728443][T25188] mem_cgroup_out_of_memory+0x206/0x270 [ 2554.734046][T25188] ? mem_cgroup_margin+0x130/0x130 [ 2554.739207][T25188] ? lock_downgrade+0x6e0/0x6e0 [ 2554.744113][T25188] try_charge_memcg+0xefb/0x12f0 [ 2554.749102][T25188] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2554.755116][T25188] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2554.760887][T25188] ? lock_downgrade+0x6e0/0x6e0 [ 2554.765790][T25188] ? lock_downgrade+0x6e0/0x6e0 [ 2554.770673][T25188] ? rcu_read_unlock+0x9/0x60 [ 2554.775412][T25188] obj_cgroup_charge+0x2af/0x5e0 [ 2554.780393][T25188] ? copy_process+0x3aa/0x7520 [ 2554.785193][T25188] kmem_cache_alloc_node+0xb7/0x460 [ 2554.790435][T25188] copy_process+0x3aa/0x7520 [ 2554.795067][T25188] ? __lock_acquire+0xbc3/0x56d0 [ 2554.800049][T25188] ? __cleanup_sighand+0xb0/0xb0 [ 2554.805026][T25188] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 2554.811044][T25188] ? psi_memstall_leave+0x174/0x250 [ 2554.816307][T25188] kernel_clone+0xeb/0x990 [ 2554.820774][T25188] ? create_io_thread+0xf0/0xf0 [ 2554.825677][T25188] ? percpu_ref_put_many.constprop.0+0x6a/0x1a0 [ 2554.831971][T25188] ? lock_downgrade+0x6e0/0x6e0 [ 2554.836874][T25188] __do_sys_clone+0xba/0x100 [ 2554.841504][T25188] ? kernel_clone+0x990/0x990 [ 2554.846242][T25188] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2554.852187][T25188] do_syscall_64+0x39/0xb0 [ 2554.856651][T25188] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2554.862588][T25188] RIP: 0033:0x7f0b7de8d4f1 [ 2554.867034][T25188] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2554.886683][T25188] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2554.895138][T25188] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2554.903158][T25188] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 [ 2554.911164][T25188] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2554.919175][T25188] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2554.927180][T25188] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2554.935209][T25188] [ 2554.953669][T25188] memory: usage 307184kB, limit 307200kB, failcnt 81572 [ 2554.966073][T25188] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2554.975319][T25188] Memory cgroup stats for /syz0: [ 2554.975560][T25188] anon 143360 [ 2554.975560][T25188] file 479232 [ 2554.975560][T25188] kernel 313933824 [ 2554.975560][T25188] kernel_stack 65536 [ 2554.975560][T25188] pagetables 77824 [ 2554.975560][T25188] sec_pagetables 0 [ 2554.975560][T25188] percpu 5614592 [ 2554.975560][T25188] sock 0 [ 2554.975560][T25188] vmalloc 8192 [ 2554.975560][T25188] shmem 479232 [ 2554.975560][T25188] zswap 0 [ 2554.975560][T25188] zswapped 0 [ 2554.975560][T25188] file_mapped 479232 [ 2554.975560][T25188] file_dirty 0 [ 2554.975560][T25188] file_writeback 0 [ 2554.975560][T25188] swapcached 0 [ 2554.975560][T25188] anon_thp 0 [ 2554.975560][T25188] file_thp 0 [ 2554.975560][T25188] shmem_thp 0 [ 2554.975560][T25188] inactive_anon 180224 [ 2554.975560][T25188] active_anon 442368 [ 2554.975560][T25188] inactive_file 0 [ 2554.975560][T25188] active_file 0 [ 2554.975560][T25188] unevictable 0 [ 2554.975560][T25188] slab_reclaimable 28096 09:54:09 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x2403000000000000}, 0x0) 09:54:09 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:54:09 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, 0x0, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0) 09:54:09 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local={0xac, 0x14, 0xe}]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:09 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x3000000}, 0x0) 09:54:09 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xf802) [ 2554.975560][T25188] slab_unreclaimable 308109568 [ 2555.071479][T25188] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=25188,uid=0 [ 2555.088451][T25188] Memory cgroup out of memory: Killed process 25188 (syz-executor.0) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:54:09 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:54:09 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local={0xac, 0x14, 0x10}]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:09 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r3, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0) [ 2555.244786][T25214] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2555.264214][T25209] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 09:54:09 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local={0xac, 0x14, 0x12}]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2555.293698][T25209] CPU: 0 PID: 25209 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2555.304182][T25209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2555.314272][T25209] Call Trace: [ 2555.317577][T25209] [ 2555.320541][T25209] dump_stack_lvl+0xd1/0x138 [ 2555.325182][T25209] dump_header+0x10b/0x85f [ 2555.329663][T25209] oom_kill_process.cold+0x10/0x15 [ 2555.334835][T25209] out_of_memory+0x35c/0x14a0 [ 2555.339578][T25209] ? find_held_lock+0x2d/0x110 09:54:09 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x2}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2555.344404][T25209] ? oom_killer_disable+0x280/0x280 [ 2555.349662][T25209] ? find_held_lock+0x2d/0x110 [ 2555.354481][T25209] mem_cgroup_out_of_memory+0x206/0x270 [ 2555.360082][T25209] ? mem_cgroup_margin+0x130/0x130 [ 2555.365243][T25209] ? lock_downgrade+0x6e0/0x6e0 [ 2555.370148][T25209] try_charge_memcg+0xefb/0x12f0 [ 2555.375134][T25209] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2555.381180][T25209] ? lock_downgrade+0x6e0/0x6e0 [ 2555.386089][T25209] charge_memcg+0x90/0x3b0 [ 2555.390547][T25209] __mem_cgroup_charge+0x2b/0x90 09:54:09 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x4}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2555.395548][T25209] do_wp_page+0x7ec/0x3370 [ 2555.400021][T25209] ? lock_release+0x810/0x810 [ 2555.404741][T25209] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2555.410161][T25209] ? do_raw_spin_lock+0x124/0x2b0 [ 2555.415233][T25209] ? rwlock_bug.part.0+0x90/0x90 [ 2555.420219][T25209] ? lock_chain_count+0x20/0x20 [ 2555.425119][T25209] __handle_mm_fault+0x1f58/0x3c90 [ 2555.430298][T25209] ? vm_iomap_memory+0x190/0x190 [ 2555.435317][T25209] handle_mm_fault+0x1b6/0x850 [ 2555.440144][T25209] do_user_addr_fault+0x475/0x1210 [ 2555.445310][T25209] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2555.450917][T25209] exc_page_fault+0x98/0x170 [ 2555.455554][T25209] asm_exc_page_fault+0x26/0x30 [ 2555.460448][T25209] RIP: 0033:0x7ff9f2039570 [ 2555.464897][T25209] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2555.484544][T25209] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2555.490662][T25209] RAX: 000000004717ba0b RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2555.498669][T25209] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 0000000000000022 [ 2555.506676][T25209] RBP: 000000004717ba0b R08: 0000000000001a0b R09: 000000004717ba0f [ 2555.514684][T25209] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2555.522694][T25209] R13: 0000000000000001 R14: 0000000000000000 R15: ffffffff87bef361 [ 2555.530711][T25209] ? __x64_sys_socket+0x11/0xb0 [ 2555.535656][T25209] [ 2555.574578][T25209] memory: usage 307188kB, limit 307200kB, failcnt 34273 [ 2555.582146][T25209] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2555.593910][T25209] Memory cgroup stats for /syz1: [ 2555.594126][T25209] anon 102400 [ 2555.594126][T25209] file 606208 [ 2555.594126][T25209] kernel 313851904 [ 2555.594126][T25209] kernel_stack 65536 [ 2555.594126][T25209] pagetables 73728 [ 2555.594126][T25209] sec_pagetables 0 [ 2555.594126][T25209] percpu 5612288 [ 2555.594126][T25209] sock 0 [ 2555.594126][T25209] vmalloc 0 [ 2555.594126][T25209] shmem 602112 [ 2555.594126][T25209] zswap 0 [ 2555.594126][T25209] zswapped 0 [ 2555.594126][T25209] file_mapped 602112 [ 2555.594126][T25209] file_dirty 4096 [ 2555.594126][T25209] file_writeback 0 [ 2555.594126][T25209] swapcached 0 [ 2555.594126][T25209] anon_thp 0 [ 2555.594126][T25209] file_thp 0 [ 2555.594126][T25209] shmem_thp 0 [ 2555.594126][T25209] inactive_anon 270336 [ 2555.594126][T25209] active_anon 434176 [ 2555.594126][T25209] inactive_file 0 [ 2555.594126][T25209] active_file 4096 [ 2555.594126][T25209] unevictable 0 [ 2555.594126][T25209] slab_reclaimable 219568 [ 2555.594126][T25209] slab_unreclaimable 307848312 [ 2555.694461][T25209] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25209,uid=0 [ 2555.729649][T25209] Memory cgroup out of memory: Killed process 25209 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2555.762035][T25220] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000 [ 2555.780856][T25220] CPU: 1 PID: 25220 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2555.791344][T25220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2555.801436][T25220] Call Trace: [ 2555.804742][T25220] [ 2555.807707][T25220] dump_stack_lvl+0xd1/0x138 [ 2555.812355][T25220] dump_header+0x10b/0x85f [ 2555.816821][T25220] oom_kill_process.cold+0x10/0x15 [ 2555.821983][T25220] out_of_memory+0x35c/0x14a0 [ 2555.826713][T25220] ? find_held_lock+0x2d/0x110 [ 2555.831530][T25220] ? oom_killer_disable+0x280/0x280 [ 2555.836783][T25220] ? find_held_lock+0x2d/0x110 [ 2555.841608][T25220] mem_cgroup_out_of_memory+0x206/0x270 [ 2555.847212][T25220] ? mem_cgroup_margin+0x130/0x130 [ 2555.852373][T25220] ? lock_downgrade+0x6e0/0x6e0 [ 2555.857281][T25220] try_charge_memcg+0xefb/0x12f0 [ 2555.862272][T25220] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2555.868293][T25220] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2555.874066][T25220] ? lock_downgrade+0x6e0/0x6e0 [ 2555.878958][T25220] ? lock_downgrade+0x6e0/0x6e0 [ 2555.883842][T25220] ? rcu_read_unlock+0x9/0x60 [ 2555.888576][T25220] obj_cgroup_charge+0x2af/0x5e0 [ 2555.893553][T25220] ? copy_process+0x3aa/0x7520 [ 2555.898355][T25220] kmem_cache_alloc_node+0xb7/0x460 [ 2555.903593][T25220] copy_process+0x3aa/0x7520 [ 2555.908230][T25220] ? __lock_acquire+0xbc3/0x56d0 [ 2555.913233][T25220] ? __cleanup_sighand+0xb0/0xb0 [ 2555.918217][T25220] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 2555.924247][T25220] ? psi_memstall_leave+0x174/0x250 [ 2555.929508][T25220] kernel_clone+0xeb/0x990 [ 2555.933968][T25220] ? create_io_thread+0xf0/0xf0 [ 2555.938879][T25220] ? percpu_ref_put_many.constprop.0+0x6a/0x1a0 [ 2555.945181][T25220] ? lock_downgrade+0x6e0/0x6e0 [ 2555.950110][T25220] __do_sys_clone+0xba/0x100 [ 2555.954737][T25220] ? kernel_clone+0x990/0x990 [ 2555.959469][T25220] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2555.965416][T25220] do_syscall_64+0x39/0xb0 [ 2555.969888][T25220] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2555.975824][T25220] RIP: 0033:0x7f0b7de8d4f1 [ 2555.980270][T25220] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2555.999933][T25220] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2556.008393][T25220] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2556.016488][T25220] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 [ 2556.024497][T25220] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2556.032501][T25220] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2556.040510][T25220] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2556.048540][T25220] [ 2556.056150][T25220] memory: usage 307196kB, limit 307200kB, failcnt 81699 [ 2556.063856][T25220] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2556.070983][T25220] Memory cgroup stats for /syz0: [ 2556.071223][T25220] anon 143360 [ 2556.071223][T25220] file 479232 [ 2556.071223][T25220] kernel 313946112 [ 2556.071223][T25220] kernel_stack 65536 [ 2556.071223][T25220] pagetables 77824 [ 2556.071223][T25220] sec_pagetables 0 [ 2556.071223][T25220] percpu 5614656 [ 2556.071223][T25220] sock 0 [ 2556.071223][T25220] vmalloc 8192 [ 2556.071223][T25220] shmem 479232 [ 2556.071223][T25220] zswap 0 [ 2556.071223][T25220] zswapped 0 [ 2556.071223][T25220] file_mapped 479232 [ 2556.071223][T25220] file_dirty 0 [ 2556.071223][T25220] file_writeback 0 [ 2556.071223][T25220] swapcached 0 [ 2556.071223][T25220] anon_thp 0 [ 2556.071223][T25220] file_thp 0 [ 2556.071223][T25220] shmem_thp 0 [ 2556.071223][T25220] inactive_anon 180224 [ 2556.071223][T25220] active_anon 442368 [ 2556.071223][T25220] inactive_file 0 [ 2556.071223][T25220] active_file 0 [ 2556.071223][T25220] unevictable 0 [ 2556.071223][T25220] slab_reclaimable 24240 [ 2556.071223][T25220] slab_unreclaimable 308120056 09:54:10 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x25b0ffff00000000}, 0x0) 09:54:10 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r3, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0) 09:54:10 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:54:10 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x5}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:10 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xf803) 09:54:10 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) [ 2556.170699][T25220] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=25220,uid=0 [ 2556.186827][T25220] Memory cgroup out of memory: Killed process 25220 (syz-executor.0) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:54:10 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x6}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:10 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, 0x0) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) 09:54:10 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r3, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0) 09:54:10 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x7}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2556.376894][T25239] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. 09:54:10 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r2, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x1c}}, 0x0) 09:54:10 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, 0x0) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) [ 2556.436087][T25235] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2556.481234][T25235] CPU: 1 PID: 25235 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2556.491730][T25235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2556.501843][T25235] Call Trace: [ 2556.505143][T25235] [ 2556.508094][T25235] dump_stack_lvl+0xd1/0x138 [ 2556.512730][T25235] dump_header+0x10b/0x85f [ 2556.517199][T25235] oom_kill_process.cold+0x10/0x15 [ 2556.522366][T25235] out_of_memory+0x35c/0x14a0 [ 2556.527099][T25235] ? find_held_lock+0x2d/0x110 [ 2556.531910][T25235] ? oom_killer_disable+0x280/0x280 [ 2556.537164][T25235] ? find_held_lock+0x2d/0x110 [ 2556.541979][T25235] mem_cgroup_out_of_memory+0x206/0x270 [ 2556.547562][T25235] ? mem_cgroup_margin+0x130/0x130 [ 2556.552706][T25235] ? lock_downgrade+0x6e0/0x6e0 [ 2556.557600][T25235] try_charge_memcg+0xefb/0x12f0 [ 2556.562570][T25235] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2556.568581][T25235] ? lock_downgrade+0x6e0/0x6e0 [ 2556.573467][T25235] charge_memcg+0x90/0x3b0 [ 2556.577910][T25235] __mem_cgroup_charge+0x2b/0x90 [ 2556.582873][T25235] do_wp_page+0x7ec/0x3370 [ 2556.587322][T25235] ? lock_release+0x810/0x810 [ 2556.592015][T25235] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2556.597414][T25235] ? do_raw_spin_lock+0x124/0x2b0 [ 2556.602460][T25235] ? rwlock_bug.part.0+0x90/0x90 [ 2556.607452][T25235] ? lock_chain_count+0x20/0x20 [ 2556.612329][T25235] __handle_mm_fault+0x1f58/0x3c90 [ 2556.617476][T25235] ? vm_iomap_memory+0x190/0x190 [ 2556.622476][T25235] handle_mm_fault+0x1b6/0x850 [ 2556.627281][T25235] do_user_addr_fault+0x475/0x1210 [ 2556.632426][T25235] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2556.638018][T25235] exc_page_fault+0x98/0x170 [ 2556.642636][T25235] asm_exc_page_fault+0x26/0x30 [ 2556.647514][T25235] RIP: 0033:0x7ff9f2039570 [ 2556.651943][T25235] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2556.671567][T25235] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2556.677650][T25235] RAX: 000000004717ba0b RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2556.685635][T25235] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 0000000000000022 [ 2556.693628][T25235] RBP: 000000004717ba0b R08: 0000000000001a0b R09: 000000004717ba0f [ 2556.701611][T25235] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2556.709598][T25235] R13: 0000000000000001 R14: 0000000000000000 R15: ffffffff87bef361 [ 2556.717583][T25235] ? __x64_sys_socket+0x11/0xb0 [ 2556.722480][T25235] [ 2556.811282][T25235] memory: usage 307188kB, limit 307200kB, failcnt 34370 [ 2556.819760][T25235] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2556.828095][T25235] Memory cgroup stats for /syz1: [ 2556.828387][T25235] anon 102400 [ 2556.828387][T25235] file 606208 [ 2556.828387][T25235] kernel 313851904 [ 2556.828387][T25235] kernel_stack 65536 [ 2556.828387][T25235] pagetables 73728 [ 2556.828387][T25235] sec_pagetables 0 [ 2556.828387][T25235] percpu 5612288 [ 2556.828387][T25235] sock 0 [ 2556.828387][T25235] vmalloc 0 [ 2556.828387][T25235] shmem 602112 [ 2556.828387][T25235] zswap 0 [ 2556.828387][T25235] zswapped 0 [ 2556.828387][T25235] file_mapped 602112 [ 2556.828387][T25235] file_dirty 4096 [ 2556.828387][T25235] file_writeback 0 [ 2556.828387][T25235] swapcached 0 [ 2556.828387][T25235] anon_thp 0 [ 2556.828387][T25235] file_thp 0 [ 2556.828387][T25235] shmem_thp 0 [ 2556.828387][T25235] inactive_anon 270336 [ 2556.828387][T25235] active_anon 434176 [ 2556.828387][T25235] inactive_file 0 [ 2556.828387][T25235] active_file 4096 [ 2556.828387][T25235] unevictable 0 [ 2556.828387][T25235] slab_reclaimable 219568 [ 2556.828387][T25235] slab_unreclaimable 307848312 [ 2556.928352][T25235] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25235,uid=0 [ 2556.944551][T25235] Memory cgroup out of memory: Killed process 25235 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2556.963103][T25248] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2556.979219][T25248] CPU: 0 PID: 25248 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2556.989705][T25248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2556.999800][T25248] Call Trace: [ 2557.003124][T25248] [ 2557.006078][T25248] dump_stack_lvl+0xd1/0x138 [ 2557.010715][T25248] dump_header+0x10b/0x85f [ 2557.015171][T25248] oom_kill_process.cold+0x10/0x15 [ 2557.020314][T25248] out_of_memory+0x35c/0x14a0 [ 2557.025064][T25248] ? oom_killer_disable+0x280/0x280 [ 2557.030302][T25248] ? find_held_lock+0x2d/0x110 [ 2557.035111][T25248] mem_cgroup_out_of_memory+0x206/0x270 [ 2557.040702][T25248] ? mem_cgroup_margin+0x130/0x130 [ 2557.045883][T25248] ? lock_downgrade+0x6e0/0x6e0 [ 2557.050801][T25248] try_charge_memcg+0xefb/0x12f0 [ 2557.055791][T25248] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2557.061819][T25248] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2557.067601][T25248] ? lock_downgrade+0x6e0/0x6e0 [ 2557.072514][T25248] ? lock_downgrade+0x6e0/0x6e0 [ 2557.077409][T25248] obj_cgroup_charge+0x2af/0x5e0 [ 2557.082363][T25248] kmem_cache_alloc_lru+0x145/0x760 [ 2557.087640][T25248] ? sock_alloc_inode+0x27/0x1d0 [ 2557.092617][T25248] sock_alloc_inode+0x27/0x1d0 [ 2557.097432][T25248] ? sock_free_inode+0x30/0x30 [ 2557.102243][T25248] alloc_inode+0x61/0x230 [ 2557.106637][T25248] new_inode_pseudo+0x17/0x80 [ 2557.111383][T25248] sock_alloc+0x40/0x260 [ 2557.115678][T25248] __sock_create+0xbd/0x790 [ 2557.120243][T25248] __sys_socket+0x133/0x250 [ 2557.124783][T25248] ? __sys_socket_file+0x1f0/0x1f0 [ 2557.129918][T25248] __x64_sys_socket+0x73/0xb0 [ 2557.134612][T25248] do_syscall_64+0x39/0xb0 [ 2557.139054][T25248] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2557.144990][T25248] RIP: 0033:0x7f0b7de8c0c9 [ 2557.149439][T25248] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2557.169091][T25248] RSP: 002b:00007f0b7eba3168 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 2557.177550][T25248] RAX: ffffffffffffffda RBX: 00007f0b7dfabf80 RCX: 00007f0b7de8c0c9 [ 2557.185542][T25248] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000010 [ 2557.194075][T25248] RBP: 00007f0b7dee7ae9 R08: 0000000000000000 R09: 0000000000000000 [ 2557.202083][T25248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2557.210090][T25248] R13: 00007fff0637016f R14: 00007f0b7eba3300 R15: 0000000000022000 [ 2557.218131][T25248] [ 2557.230309][T25248] memory: usage 307200kB, limit 307200kB, failcnt 81832 [ 2557.238354][T25248] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2557.245705][T25248] Memory cgroup stats for /syz0: [ 2557.245971][T25248] anon 139264 [ 2557.245971][T25248] file 479232 [ 2557.245971][T25248] kernel 313937920 [ 2557.245971][T25248] kernel_stack 65536 [ 2557.245971][T25248] pagetables 77824 [ 2557.245971][T25248] sec_pagetables 0 [ 2557.245971][T25248] percpu 5614656 [ 2557.245971][T25248] sock 0 [ 2557.245971][T25248] vmalloc 8192 [ 2557.245971][T25248] shmem 479232 [ 2557.245971][T25248] zswap 0 [ 2557.245971][T25248] zswapped 0 [ 2557.245971][T25248] file_mapped 479232 [ 2557.245971][T25248] file_dirty 0 [ 2557.245971][T25248] file_writeback 0 [ 2557.245971][T25248] swapcached 0 [ 2557.245971][T25248] anon_thp 0 [ 2557.245971][T25248] file_thp 0 [ 2557.245971][T25248] shmem_thp 0 [ 2557.245971][T25248] inactive_anon 176128 [ 2557.245971][T25248] active_anon 442368 [ 2557.245971][T25248] inactive_file 0 [ 2557.245971][T25248] active_file 0 [ 2557.245971][T25248] unevictable 0 [ 2557.245971][T25248] slab_reclaimable 20384 [ 2557.245971][T25248] slab_unreclaimable 308120448 [ 2557.341476][T25248] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=25243,uid=0 09:54:11 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x3200000000000000}, 0x0) 09:54:11 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xfa02) 09:54:11 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x8}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:11 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, 0x0) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) 09:54:11 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r2, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x1c}}, 0x0) 09:54:11 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x5000000}, 0x0) [ 2557.361657][T25248] Memory cgroup out of memory: Killed process 25243 (syz-executor.0) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:54:11 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x10}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:11 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:54:11 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:54:11 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) [ 2557.510527][T25263] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. 09:54:11 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:11 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) [ 2557.561470][T25259] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2557.621254][T25259] CPU: 0 PID: 25259 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2557.631746][T25259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2557.641843][T25259] Call Trace: [ 2557.645156][T25259] [ 2557.648118][T25259] dump_stack_lvl+0xd1/0x138 [ 2557.652763][T25259] dump_header+0x10b/0x85f [ 2557.657242][T25259] oom_kill_process.cold+0x10/0x15 [ 2557.662421][T25259] out_of_memory+0x35c/0x14a0 [ 2557.667161][T25259] ? find_held_lock+0x2d/0x110 [ 2557.671982][T25259] ? oom_killer_disable+0x280/0x280 [ 2557.677250][T25259] ? find_held_lock+0x2d/0x110 [ 2557.682075][T25259] mem_cgroup_out_of_memory+0x206/0x270 [ 2557.687678][T25259] ? mem_cgroup_margin+0x130/0x130 [ 2557.692837][T25259] ? lock_downgrade+0x6e0/0x6e0 [ 2557.697757][T25259] try_charge_memcg+0xefb/0x12f0 [ 2557.702725][T25259] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2557.708713][T25259] ? lock_downgrade+0x6e0/0x6e0 [ 2557.713608][T25259] charge_memcg+0x90/0x3b0 [ 2557.718056][T25259] __mem_cgroup_charge+0x2b/0x90 [ 2557.723017][T25259] do_wp_page+0x7ec/0x3370 [ 2557.727470][T25259] ? lock_release+0x810/0x810 [ 2557.732165][T25259] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2557.737551][T25259] ? do_raw_spin_lock+0x124/0x2b0 [ 2557.742600][T25259] ? rwlock_bug.part.0+0x90/0x90 [ 2557.747569][T25259] ? lock_chain_count+0x20/0x20 [ 2557.752439][T25259] __handle_mm_fault+0x1f58/0x3c90 [ 2557.757592][T25259] ? vm_iomap_memory+0x190/0x190 [ 2557.762553][T25259] handle_mm_fault+0x1b6/0x850 [ 2557.767345][T25259] do_user_addr_fault+0x475/0x1210 [ 2557.772491][T25259] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2557.778051][T25259] exc_page_fault+0x98/0x170 [ 2557.782668][T25259] asm_exc_page_fault+0x26/0x30 [ 2557.787549][T25259] RIP: 0033:0x7ff9f2039570 [ 2557.791967][T25259] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2557.811592][T25259] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2557.817694][T25259] RAX: 000000004717ba0b RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2557.825675][T25259] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 0000000000000022 [ 2557.833767][T25259] RBP: 000000004717ba0b R08: 0000000000001a0b R09: 000000004717ba0f [ 2557.841775][T25259] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2557.849778][T25259] R13: 0000000000000001 R14: 0000000000000000 R15: ffffffff87bef361 [ 2557.857772][T25259] ? __x64_sys_socket+0x11/0xb0 [ 2557.862682][T25259] [ 2557.871632][T25259] memory: usage 307188kB, limit 307200kB, failcnt 34457 [ 2557.906391][T25259] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2557.942917][T25259] Memory cgroup stats for /syz1: [ 2557.943138][T25259] anon 102400 [ 2557.943138][T25259] file 606208 [ 2557.943138][T25259] kernel 313851904 [ 2557.943138][T25259] kernel_stack 65536 [ 2557.943138][T25259] pagetables 73728 [ 2557.943138][T25259] sec_pagetables 0 [ 2557.943138][T25259] percpu 5612288 [ 2557.943138][T25259] sock 0 [ 2557.943138][T25259] vmalloc 0 [ 2557.943138][T25259] shmem 602112 [ 2557.943138][T25259] zswap 0 [ 2557.943138][T25259] zswapped 0 [ 2557.943138][T25259] file_mapped 602112 [ 2557.943138][T25259] file_dirty 4096 [ 2557.943138][T25259] file_writeback 0 [ 2557.943138][T25259] swapcached 0 [ 2557.943138][T25259] anon_thp 0 [ 2557.943138][T25259] file_thp 0 [ 2557.943138][T25259] shmem_thp 0 [ 2557.943138][T25259] inactive_anon 270336 [ 2557.943138][T25259] active_anon 434176 [ 2557.943138][T25259] inactive_file 0 [ 2557.943138][T25259] active_file 4096 [ 2557.943138][T25259] unevictable 0 [ 2557.943138][T25259] slab_reclaimable 219568 [ 2557.943138][T25259] slab_unreclaimable 307848312 [ 2558.044251][T25259] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25259,uid=0 [ 2558.063205][T25259] Memory cgroup out of memory: Killed process 25259 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2558.084028][T25263] syz-executor.2 invoked oom-killer: gfp_mask=0x400cc0(GFP_KERNEL_ACCOUNT), order=2, oom_score_adj=1000 [ 2558.102896][T25263] CPU: 1 PID: 25263 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2558.113383][T25263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2558.123478][T25263] Call Trace: [ 2558.126785][T25263] [ 2558.129747][T25263] dump_stack_lvl+0xd1/0x138 [ 2558.134401][T25263] dump_header+0x10b/0x85f [ 2558.138879][T25263] oom_kill_process.cold+0x10/0x15 [ 2558.144045][T25263] out_of_memory+0x35c/0x14a0 [ 2558.148774][T25263] ? oom_killer_disable+0x280/0x280 [ 2558.154021][T25263] ? find_held_lock+0x2d/0x110 [ 2558.158833][T25263] mem_cgroup_out_of_memory+0x206/0x270 [ 2558.164425][T25263] ? mem_cgroup_margin+0x130/0x130 [ 2558.169573][T25263] ? lock_downgrade+0x6e0/0x6e0 [ 2558.174466][T25263] try_charge_memcg+0xefb/0x12f0 [ 2558.179434][T25263] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2558.185440][T25263] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2558.191198][T25263] ? lock_downgrade+0x6e0/0x6e0 [ 2558.196090][T25263] obj_cgroup_charge+0x2af/0x5e0 [ 2558.201058][T25263] __kmem_cache_alloc_node+0xb2/0x430 [ 2558.206454][T25263] ? __devinet_sysctl_register+0x98/0x280 [ 2558.212204][T25263] ? __devinet_sysctl_register+0x98/0x280 [ 2558.217947][T25263] __kmalloc_node_track_caller+0x4b/0xc0 [ 2558.223630][T25263] kmemdup+0x2c/0x60 [ 2558.227551][T25263] __devinet_sysctl_register+0x98/0x280 [ 2558.233126][T25263] ? inet_netconf_notify_devconf+0x260/0x260 [ 2558.239218][T25263] ? bochs_pipe_disable+0xd3/0x140 [ 2558.244369][T25263] ? __rtnl_newlink+0x10c2/0x1840 [ 2558.249424][T25263] ? rtnl_newlink+0x68/0xa0 [ 2558.253954][T25263] ? rtnetlink_rcv_msg+0x43e/0xca0 [ 2558.259094][T25263] ? netlink_rcv_skb+0x165/0x440 [ 2558.264068][T25263] ? netlink_unicast+0x547/0x7f0 [ 2558.269042][T25263] ? netlink_sendmsg+0x91b/0xe10 [ 2558.274010][T25263] ? sock_sendmsg+0xd3/0x120 [ 2558.278633][T25263] ? ____sys_sendmsg+0x712/0x8c0 [ 2558.283609][T25263] ? ___sys_sendmsg+0x110/0x1b0 [ 2558.288496][T25263] devinet_sysctl_register+0x160/0x230 [ 2558.293986][T25263] inetdev_init+0x286/0x580 [ 2558.298516][T25263] inetdev_event+0xe20/0x16c0 [ 2558.303223][T25263] ? devinet_init_net+0x650/0x650 [ 2558.308272][T25263] ? skb_dequeue+0x129/0x180 [ 2558.312893][T25263] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 2558.318828][T25263] notifier_call_chain+0xb5/0x200 [ 2558.323889][T25263] call_netdevice_notifiers_info+0xb5/0x130 [ 2558.329821][T25263] register_netdevice+0xfb4/0x1640 [ 2558.334975][T25263] ? unregister_netdevice_queue+0x3c0/0x3c0 [ 2558.340919][T25263] wg_newlink+0x492/0x8f0 [ 2558.345379][T25263] ? wg_pm_notification+0x180/0x180 [ 2558.350611][T25263] __rtnl_newlink+0x10c2/0x1840 [ 2558.355505][T25263] ? find_held_lock+0x2d/0x110 [ 2558.360306][T25263] ? rtnl_link_unregister+0x250/0x250 [ 2558.365714][T25263] ? __kmem_cache_alloc_node+0x48/0x430 [ 2558.371316][T25263] rtnl_newlink+0x68/0xa0 [ 2558.375679][T25263] ? __rtnl_newlink+0x1840/0x1840 [ 2558.380828][T25263] rtnetlink_rcv_msg+0x43e/0xca0 [ 2558.385805][T25263] ? rtnl_getlink+0xae0/0xae0 [ 2558.390508][T25263] ? __dev_queue_xmit+0xb54/0x3ba0 [ 2558.395668][T25263] netlink_rcv_skb+0x165/0x440 [ 2558.400469][T25263] ? rtnl_getlink+0xae0/0xae0 [ 2558.405187][T25263] ? netlink_ack+0x1370/0x1370 [ 2558.410010][T25263] ? netlink_deliver_tap+0x1b1/0xc50 [ 2558.415336][T25263] netlink_unicast+0x547/0x7f0 [ 2558.420147][T25263] ? netlink_attachskb+0x890/0x890 [ 2558.425290][T25263] ? __virt_addr_valid+0x61/0x2e0 [ 2558.430356][T25263] ? __phys_addr_symbol+0x30/0x70 [ 2558.435415][T25263] ? __check_object_size+0x2e2/0x5a0 [ 2558.440736][T25263] netlink_sendmsg+0x91b/0xe10 [ 2558.445542][T25263] ? netlink_unicast+0x7f0/0x7f0 [ 2558.450522][T25263] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 2558.455852][T25263] ? netlink_unicast+0x7f0/0x7f0 [ 2558.460826][T25263] sock_sendmsg+0xd3/0x120 [ 2558.465277][T25263] ____sys_sendmsg+0x712/0x8c0 [ 2558.470079][T25263] ? copy_msghdr_from_user+0xfc/0x150 [ 2558.475488][T25263] ? kernel_sendmsg+0x50/0x50 [ 2558.480212][T25263] ___sys_sendmsg+0x110/0x1b0 [ 2558.484927][T25263] ? do_recvmmsg+0x6e0/0x6e0 [ 2558.489553][T25263] ? __fget_files+0x248/0x440 [ 2558.494253][T25263] ? lock_downgrade+0x6e0/0x6e0 [ 2558.499129][T25263] ? futex_wake_mark+0x1a0/0x1a0 [ 2558.504105][T25263] ? __fget_files+0x26a/0x440 [ 2558.508813][T25263] ? __fget_light+0xe5/0x270 [ 2558.513432][T25263] __sys_sendmsg+0xf7/0x1c0 [ 2558.517970][T25263] ? __sys_sendmsg_sock+0x40/0x40 [ 2558.523028][T25263] ? restore_fpregs_from_fpstate+0xc1/0x1c0 [ 2558.528973][T25263] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2558.534894][T25263] ? lockdep_hardirqs_on+0x7d/0x100 [ 2558.540116][T25263] do_syscall_64+0x39/0xb0 [ 2558.544564][T25263] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2558.550480][T25263] RIP: 0033:0x7f909a68c0c9 [ 2558.554915][T25263] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2558.574718][T25263] RSP: 002b:00007f909b45a168 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2558.583156][T25263] RAX: ffffffffffffffda RBX: 00007f909a7abf80 RCX: 00007f909a68c0c9 [ 2558.591145][T25263] RDX: 000000000000fa02 RSI: 0000000020000a00 RDI: 0000000000000004 [ 2558.599134][T25263] RBP: 00007f909a6e7ae9 R08: 0000000000000000 R09: 0000000000000000 [ 2558.607121][T25263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2558.615109][T25263] R13: 00007ffc6e869edf R14: 00007f909b45a300 R15: 0000000000022000 [ 2558.623118][T25263] [ 2558.637343][T25263] memory: usage 307164kB, limit 307200kB, failcnt 72381 [ 2558.644982][T25263] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2558.652230][T25263] Memory cgroup stats for /syz2: [ 2558.652488][T25263] anon 139264 [ 2558.652488][T25263] file 638976 [ 2558.652488][T25263] kernel 313757696 [ 2558.652488][T25263] kernel_stack 32768 [ 2558.652488][T25263] pagetables 81920 [ 2558.652488][T25263] sec_pagetables 0 [ 2558.652488][T25263] percpu 5611040 [ 2558.652488][T25263] sock 0 [ 2558.652488][T25263] vmalloc 8192 [ 2558.652488][T25263] shmem 638976 [ 2558.652488][T25263] zswap 0 [ 2558.652488][T25263] zswapped 0 [ 2558.652488][T25263] file_mapped 638976 [ 2558.652488][T25263] file_dirty 0 [ 2558.652488][T25263] file_writeback 0 [ 2558.652488][T25263] swapcached 0 [ 2558.652488][T25263] anon_thp 0 [ 2558.652488][T25263] file_thp 0 [ 2558.652488][T25263] shmem_thp 0 [ 2558.652488][T25263] inactive_anon 372736 [ 2558.652488][T25263] active_anon 405504 [ 2558.652488][T25263] inactive_file 0 [ 2558.652488][T25263] active_file 0 [ 2558.652488][T25263] unevictable 0 [ 2558.652488][T25263] slab_reclaimable 232560 [ 2558.652488][T25263] slab_unreclaimable 307766000 [ 2558.751671][T25263] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=25255,uid=0 [ 2558.767595][T25263] Memory cgroup out of memory: Killed process 25263 (syz-executor.2) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2558.810865][T25266] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2558.821451][T25266] CPU: 1 PID: 25266 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2558.831905][T25266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2558.841994][T25266] Call Trace: [ 2558.845388][T25266] [ 2558.848377][T25266] dump_stack_lvl+0xd1/0x138 [ 2558.853023][T25266] dump_header+0x10b/0x85f [ 2558.857498][T25266] oom_kill_process.cold+0x10/0x15 [ 2558.862669][T25266] out_of_memory+0x35c/0x14a0 [ 2558.867408][T25266] ? find_held_lock+0x2d/0x110 [ 2558.872223][T25266] ? oom_killer_disable+0x280/0x280 [ 2558.877487][T25266] ? find_held_lock+0x2d/0x110 [ 2558.882315][T25266] mem_cgroup_out_of_memory+0x206/0x270 [ 2558.887913][T25266] ? mem_cgroup_margin+0x130/0x130 [ 2558.893071][T25266] ? lock_downgrade+0x6e0/0x6e0 [ 2558.897977][T25266] try_charge_memcg+0xefb/0x12f0 [ 2558.902966][T25266] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2558.908993][T25266] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2558.914779][T25266] ? lock_downgrade+0x6e0/0x6e0 [ 2558.919694][T25266] ? lock_downgrade+0x6e0/0x6e0 [ 2558.924607][T25266] __memcg_kmem_charge_page+0x16e/0x3b0 [ 2558.930205][T25266] memcg_charge_kernel_stack.part.0+0x6c/0x150 [ 2558.936422][T25266] copy_process+0x4e3/0x7520 [ 2558.941062][T25266] ? __lock_acquire+0xbc3/0x56d0 [ 2558.946056][T25266] ? __cleanup_sighand+0xb0/0xb0 [ 2558.951031][T25266] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 2558.957070][T25266] ? psi_memstall_leave+0x174/0x250 [ 2558.962384][T25266] kernel_clone+0xeb/0x990 [ 2558.966874][T25266] ? create_io_thread+0xf0/0xf0 [ 2558.971779][T25266] ? percpu_ref_put_many.constprop.0+0x6a/0x1a0 [ 2558.978087][T25266] ? lock_downgrade+0x6e0/0x6e0 [ 2558.982994][T25266] __do_sys_clone+0xba/0x100 [ 2558.987627][T25266] ? kernel_clone+0x990/0x990 [ 2558.992362][T25266] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2558.998298][T25266] do_syscall_64+0x39/0xb0 [ 2559.002761][T25266] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2559.008694][T25266] RIP: 0033:0x7f0b7de8d4f1 [ 2559.013141][T25266] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2559.032790][T25266] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2559.041250][T25266] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2559.049256][T25266] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 [ 2559.057273][T25266] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2559.065277][T25266] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2559.073279][T25266] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2559.081306][T25266] [ 2559.085926][T25266] memory: usage 307200kB, limit 307200kB, failcnt 81953 [ 2559.102379][T25266] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2559.119141][T25266] Memory cgroup stats for /syz0: [ 2559.119395][T25266] anon 143360 [ 2559.119395][T25266] file 479232 [ 2559.119395][T25266] kernel 313950208 [ 2559.119395][T25266] kernel_stack 65536 [ 2559.119395][T25266] pagetables 77824 [ 2559.119395][T25266] sec_pagetables 0 [ 2559.119395][T25266] percpu 5614656 [ 2559.119395][T25266] sock 0 [ 2559.119395][T25266] vmalloc 8192 [ 2559.119395][T25266] shmem 479232 [ 2559.119395][T25266] zswap 0 [ 2559.119395][T25266] zswapped 0 [ 2559.119395][T25266] file_mapped 479232 [ 2559.119395][T25266] file_dirty 0 [ 2559.119395][T25266] file_writeback 0 [ 2559.119395][T25266] swapcached 0 [ 2559.119395][T25266] anon_thp 0 [ 2559.119395][T25266] file_thp 0 [ 2559.119395][T25266] shmem_thp 0 [ 2559.119395][T25266] inactive_anon 180224 [ 2559.119395][T25266] active_anon 442368 [ 2559.119395][T25266] inactive_file 0 [ 2559.119395][T25266] active_file 0 [ 2559.119395][T25266] unevictable 0 [ 2559.119395][T25266] slab_reclaimable 22312 [ 2559.119395][T25266] slab_unreclaimable 308126904 09:54:13 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x3201000000000000}, 0x0) [ 2559.217199][T25266] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=25266,uid=0 [ 2559.233270][T25266] Memory cgroup out of memory: Killed process 25266 (syz-executor.0) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:54:13 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xfc03) 09:54:13 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:54:13 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3, 0x2}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:13 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x6000000}, 0x0) 09:54:13 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:54:13 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, 0x0, 0x0) 09:54:13 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:13 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:54:13 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3, 0x4}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:13 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) [ 2559.456321][T25283] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2559.499976][T25283] CPU: 1 PID: 25283 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2559.510458][T25283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2559.515000][T25296] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2559.520526][T25283] Call Trace: [ 2559.520540][T25283] [ 2559.520552][T25283] dump_stack_lvl+0xd1/0x138 [ 2559.520593][T25283] dump_header+0x10b/0x85f [ 2559.520635][T25283] oom_kill_process.cold+0x10/0x15 [ 2559.520680][T25283] out_of_memory+0x35c/0x14a0 [ 2559.520727][T25283] ? find_held_lock+0x2d/0x110 [ 2559.559818][T25283] ? oom_killer_disable+0x280/0x280 [ 2559.565076][T25283] ? find_held_lock+0x2d/0x110 [ 2559.569877][T25283] mem_cgroup_out_of_memory+0x206/0x270 [ 2559.575456][T25283] ? mem_cgroup_margin+0x130/0x130 [ 2559.580597][T25283] ? lock_downgrade+0x6e0/0x6e0 [ 2559.585482][T25283] try_charge_memcg+0xefb/0x12f0 [ 2559.590450][T25283] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2559.596461][T25283] ? lock_downgrade+0x6e0/0x6e0 [ 2559.601350][T25283] charge_memcg+0x90/0x3b0 [ 2559.605794][T25283] __mem_cgroup_charge+0x2b/0x90 [ 2559.610762][T25283] do_wp_page+0x7ec/0x3370 [ 2559.615244][T25283] ? lock_release+0x810/0x810 [ 2559.619970][T25283] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2559.625381][T25283] ? do_raw_spin_lock+0x124/0x2b0 [ 2559.630434][T25283] ? rwlock_bug.part.0+0x90/0x90 [ 2559.635402][T25283] ? lock_chain_count+0x20/0x20 [ 2559.640331][T25283] __handle_mm_fault+0x1f58/0x3c90 [ 2559.645506][T25283] ? vm_iomap_memory+0x190/0x190 [ 2559.650514][T25283] handle_mm_fault+0x1b6/0x850 [ 2559.655318][T25283] do_user_addr_fault+0x475/0x1210 [ 2559.660461][T25283] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2559.666068][T25283] exc_page_fault+0x98/0x170 [ 2559.670692][T25283] asm_exc_page_fault+0x26/0x30 [ 2559.675581][T25283] RIP: 0033:0x7ff9f2039570 [ 2559.680025][T25283] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2559.699656][T25283] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2559.705746][T25283] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2559.713746][T25283] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2559.721733][T25283] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2559.729728][T25283] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2559.737719][T25283] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2559.745716][T25283] ? __sock_create+0x2c/0x790 09:54:14 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, 0x0, 0x0) [ 2559.750442][T25283] 09:54:14 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x3c01000000000000}, 0x0) [ 2559.930017][T25283] memory: usage 307200kB, limit 307200kB, failcnt 34510 [ 2559.937216][T25283] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2559.945112][T25283] Memory cgroup stats for /syz1: [ 2559.945529][T25283] anon 114688 [ 2559.945529][T25283] file 606208 [ 2559.945529][T25283] kernel 313851904 [ 2559.945529][T25283] kernel_stack 65536 [ 2559.945529][T25283] pagetables 73728 [ 2559.945529][T25283] sec_pagetables 0 [ 2559.945529][T25283] percpu 5612288 [ 2559.945529][T25283] sock 0 [ 2559.945529][T25283] vmalloc 0 [ 2559.945529][T25283] shmem 602112 [ 2559.945529][T25283] zswap 0 [ 2559.945529][T25283] zswapped 0 [ 2559.945529][T25283] file_mapped 602112 [ 2559.945529][T25283] file_dirty 4096 [ 2559.945529][T25283] file_writeback 0 [ 2559.945529][T25283] swapcached 0 [ 2559.945529][T25283] anon_thp 0 [ 2559.945529][T25283] file_thp 0 [ 2559.945529][T25283] shmem_thp 0 [ 2559.945529][T25283] inactive_anon 282624 [ 2559.945529][T25283] active_anon 434176 [ 2559.945529][T25283] inactive_file 0 [ 2559.945529][T25283] active_file 4096 [ 2559.945529][T25283] unevictable 0 [ 2559.945529][T25283] slab_reclaimable 219568 [ 2559.945529][T25283] slab_unreclaimable 307848312 [ 2560.055603][T25283] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25283,uid=0 [ 2560.071948][T25283] Memory cgroup out of memory: Killed process 25283 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2560.090033][T25297] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2560.105533][T25297] CPU: 1 PID: 25297 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2560.116006][T25297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2560.126079][T25297] Call Trace: [ 2560.129399][T25297] [ 2560.132355][T25297] dump_stack_lvl+0xd1/0x138 [ 2560.136995][T25297] dump_header+0x10b/0x85f [ 2560.141469][T25297] oom_kill_process.cold+0x10/0x15 [ 2560.146642][T25297] out_of_memory+0x35c/0x14a0 [ 2560.151385][T25297] ? oom_killer_disable+0x280/0x280 [ 2560.156636][T25297] ? find_held_lock+0x2d/0x110 [ 2560.161546][T25297] mem_cgroup_out_of_memory+0x206/0x270 [ 2560.167234][T25297] ? mem_cgroup_margin+0x130/0x130 [ 2560.172416][T25297] ? lock_downgrade+0x6e0/0x6e0 [ 2560.177326][T25297] try_charge_memcg+0xefb/0x12f0 [ 2560.182315][T25297] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2560.188335][T25297] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2560.194107][T25297] ? lock_downgrade+0x6e0/0x6e0 [ 2560.199002][T25297] ? lock_downgrade+0x6e0/0x6e0 [ 2560.203905][T25297] obj_cgroup_charge+0x2af/0x5e0 [ 2560.208893][T25297] kmem_cache_alloc_lru+0x145/0x760 [ 2560.214123][T25297] ? sock_alloc_inode+0x27/0x1d0 [ 2560.219108][T25297] sock_alloc_inode+0x27/0x1d0 [ 2560.223905][T25297] ? sock_free_inode+0x30/0x30 [ 2560.228703][T25297] alloc_inode+0x61/0x230 [ 2560.233067][T25297] new_inode_pseudo+0x17/0x80 [ 2560.237788][T25297] sock_alloc+0x40/0x260 [ 2560.242058][T25297] __sock_create+0xbd/0x790 [ 2560.246599][T25297] __sys_socket+0x133/0x250 [ 2560.251131][T25297] ? __sys_socket_file+0x1f0/0x1f0 [ 2560.256288][T25297] __x64_sys_socket+0x73/0xb0 [ 2560.261001][T25297] do_syscall_64+0x39/0xb0 [ 2560.265448][T25297] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2560.271362][T25297] RIP: 0033:0x7f909a68c0c9 [ 2560.275797][T25297] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2560.295424][T25297] RSP: 002b:00007f909b45a168 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 2560.303863][T25297] RAX: ffffffffffffffda RBX: 00007f909a7abf80 RCX: 00007f909a68c0c9 [ 2560.311858][T25297] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000010 [ 2560.319845][T25297] RBP: 00007f909a6e7ae9 R08: 0000000000000000 R09: 0000000000000000 [ 2560.327836][T25297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2560.335820][T25297] R13: 00007ffc6e869edf R14: 00007f909b45a300 R15: 0000000000022000 [ 2560.343829][T25297] [ 2560.355200][T25297] memory: usage 307200kB, limit 307200kB, failcnt 72529 [ 2560.362311][T25297] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2560.369727][T25297] Memory cgroup stats for /syz2: [ 2560.370047][T25297] anon 139264 [ 2560.370047][T25297] file 638976 [ 2560.370047][T25297] kernel 313794560 [ 2560.370047][T25297] kernel_stack 65536 [ 2560.370047][T25297] pagetables 81920 [ 2560.370047][T25297] sec_pagetables 0 [ 2560.370047][T25297] percpu 5611104 [ 2560.370047][T25297] sock 0 [ 2560.370047][T25297] vmalloc 0 [ 2560.370047][T25297] shmem 638976 [ 2560.370047][T25297] zswap 0 [ 2560.370047][T25297] zswapped 0 [ 2560.370047][T25297] file_mapped 638976 [ 2560.370047][T25297] file_dirty 0 [ 2560.370047][T25297] file_writeback 0 [ 2560.370047][T25297] swapcached 0 [ 2560.370047][T25297] anon_thp 0 [ 2560.370047][T25297] file_thp 0 [ 2560.370047][T25297] shmem_thp 0 [ 2560.370047][T25297] inactive_anon 372736 [ 2560.370047][T25297] active_anon 405504 [ 2560.370047][T25297] inactive_file 0 [ 2560.370047][T25297] active_file 0 [ 2560.370047][T25297] unevictable 0 [ 2560.370047][T25297] slab_reclaimable 229856 [ 2560.370047][T25297] slab_unreclaimable 307777248 [ 2560.469161][T25297] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=25289,uid=0 [ 2560.485318][T25297] Memory cgroup out of memory: Killed process 25289 (syz-executor.2) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2560.514960][T25305] syz-executor.0 invoked oom-killer: gfp_mask=0xdc0(GFP_KERNEL|__GFP_ZERO), order=0, oom_score_adj=1000 09:54:14 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xfeff) 09:54:14 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:54:14 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3, 0x5}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:14 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, 0x0, 0x0) 09:54:14 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x7000000}, 0x0) [ 2560.533999][T25305] CPU: 1 PID: 25305 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2560.544492][T25305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2560.554590][T25305] Call Trace: [ 2560.558023][T25305] [ 2560.561007][T25305] dump_stack_lvl+0xd1/0x138 [ 2560.565663][T25305] dump_header+0x10b/0x85f [ 2560.570150][T25305] oom_kill_process.cold+0x10/0x15 [ 2560.575317][T25305] out_of_memory+0x35c/0x14a0 [ 2560.580046][T25305] ? oom_killer_disable+0x280/0x280 [ 2560.585289][T25305] ? find_held_lock+0x2d/0x110 [ 2560.590094][T25305] mem_cgroup_out_of_memory+0x206/0x270 [ 2560.595683][T25305] ? mem_cgroup_margin+0x130/0x130 [ 2560.600831][T25305] ? lock_downgrade+0x6e0/0x6e0 [ 2560.605723][T25305] try_charge_memcg+0xefb/0x12f0 [ 2560.610693][T25305] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2560.616701][T25305] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2560.622460][T25305] ? lock_downgrade+0x6e0/0x6e0 [ 2560.627337][T25305] ? lock_downgrade+0x6e0/0x6e0 [ 2560.632208][T25305] ? rcu_read_unlock+0x9/0x60 [ 2560.636926][T25305] obj_cgroup_charge+0x2af/0x5e0 [ 2560.641907][T25305] ? __alloc_file+0x21/0x270 [ 2560.646537][T25305] kmem_cache_alloc+0xb5/0x430 [ 2560.651351][T25305] ? d_instantiate+0x79/0xa0 [ 2560.655983][T25305] __alloc_file+0x21/0x270 [ 2560.660436][T25305] alloc_empty_file+0x71/0x170 [ 2560.665244][T25305] alloc_file+0x59/0x800 [ 2560.669526][T25305] alloc_file_pseudo+0x169/0x250 [ 2560.674504][T25305] ? alloc_file+0x800/0x800 [ 2560.679037][T25305] ? alloc_fd+0x2d8/0x6d0 [ 2560.683394][T25305] sock_alloc_file+0x53/0x190 [ 2560.688104][T25305] __sys_socket+0x1a8/0x250 [ 2560.692640][T25305] ? __sys_socket_file+0x1f0/0x1f0 [ 2560.697792][T25305] __x64_sys_socket+0x73/0xb0 [ 2560.702500][T25305] do_syscall_64+0x39/0xb0 [ 2560.706969][T25305] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2560.712900][T25305] RIP: 0033:0x7f0b7de8c0c9 [ 2560.717345][T25305] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2560.737162][T25305] RSP: 002b:00007f0b7eba3168 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 2560.745607][T25305] RAX: ffffffffffffffda RBX: 00007f0b7dfabf80 RCX: 00007f0b7de8c0c9 [ 2560.753594][T25305] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000010 [ 2560.761580][T25305] RBP: 00007f0b7dee7ae9 R08: 0000000000000000 R09: 0000000000000000 [ 2560.769580][T25305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 09:54:15 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) [ 2560.777583][T25305] R13: 00007fff0637016f R14: 00007f0b7eba3300 R15: 0000000000022000 [ 2560.785611][T25305] [ 2560.792213][T25305] memory: usage 307200kB, limit 307200kB, failcnt 82159 [ 2560.805858][T25305] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2560.832337][T25305] Memory cgroup stats for /syz0: [ 2560.832576][T25305] anon 143360 [ 2560.832576][T25305] file 479232 [ 2560.832576][T25305] kernel 313950208 [ 2560.832576][T25305] kernel_stack 65536 [ 2560.832576][T25305] pagetables 77824 [ 2560.832576][T25305] sec_pagetables 0 [ 2560.832576][T25305] percpu 5614656 [ 2560.832576][T25305] sock 0 [ 2560.832576][T25305] vmalloc 8192 [ 2560.832576][T25305] shmem 479232 [ 2560.832576][T25305] zswap 0 [ 2560.832576][T25305] zswapped 0 [ 2560.832576][T25305] file_mapped 479232 [ 2560.832576][T25305] file_dirty 0 09:54:15 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3, 0x6}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:15 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0) [ 2560.832576][T25305] file_writeback 0 [ 2560.832576][T25305] swapcached 0 [ 2560.832576][T25305] anon_thp 0 [ 2560.832576][T25305] file_thp 0 [ 2560.832576][T25305] shmem_thp 0 [ 2560.832576][T25305] inactive_anon 180224 [ 2560.832576][T25305] active_anon 442368 [ 2560.832576][T25305] inactive_file 0 [ 2560.832576][T25305] active_file 0 [ 2560.832576][T25305] unevictable 0 [ 2560.832576][T25305] slab_reclaimable 22312 [ 2560.832576][T25305] slab_unreclaimable 308126256 09:54:15 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3, 0x7}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:15 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0) 09:54:15 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) [ 2561.018855][T25319] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2561.087968][T25305] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=25304,uid=0 [ 2561.105305][T25305] Memory cgroup out of memory: Killed process 25304 (syz-executor.0) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:54:15 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x4000000000000000}, 0x0) [ 2561.161701][T25308] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2561.178738][T25308] CPU: 1 PID: 25308 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2561.189220][T25308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2561.199308][T25308] Call Trace: [ 2561.202611][T25308] [ 2561.205567][T25308] dump_stack_lvl+0xd1/0x138 [ 2561.210206][T25308] dump_header+0x10b/0x85f [ 2561.214684][T25308] oom_kill_process.cold+0x10/0x15 [ 2561.219856][T25308] out_of_memory+0x35c/0x14a0 [ 2561.224589][T25308] ? oom_killer_disable+0x280/0x280 [ 2561.229837][T25308] ? find_held_lock+0x2d/0x110 [ 2561.234653][T25308] mem_cgroup_out_of_memory+0x206/0x270 [ 2561.240275][T25308] ? mem_cgroup_margin+0x130/0x130 [ 2561.245520][T25308] ? lock_downgrade+0x6e0/0x6e0 [ 2561.250430][T25308] try_charge_memcg+0xefb/0x12f0 [ 2561.255416][T25308] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2561.261478][T25308] ? lock_downgrade+0x6e0/0x6e0 [ 2561.266399][T25308] charge_memcg+0x90/0x3b0 [ 2561.270860][T25308] __mem_cgroup_charge+0x2b/0x90 [ 2561.275842][T25308] do_wp_page+0x7ec/0x3370 [ 2561.280317][T25308] ? lock_release+0x810/0x810 [ 2561.285027][T25308] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2561.290454][T25308] ? do_raw_spin_lock+0x124/0x2b0 [ 2561.295556][T25308] ? rwlock_bug.part.0+0x90/0x90 [ 2561.300544][T25308] ? lock_chain_count+0x20/0x20 [ 2561.305449][T25308] __handle_mm_fault+0x1f58/0x3c90 [ 2561.310624][T25308] ? vm_iomap_memory+0x190/0x190 [ 2561.315643][T25308] handle_mm_fault+0x1b6/0x850 [ 2561.320461][T25308] do_user_addr_fault+0x475/0x1210 [ 2561.325626][T25308] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2561.331232][T25308] exc_page_fault+0x98/0x170 [ 2561.335948][T25308] asm_exc_page_fault+0x26/0x30 [ 2561.340835][T25308] RIP: 0033:0x7ff9f2039570 [ 2561.345283][T25308] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2561.364937][T25308] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2561.371055][T25308] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2561.379061][T25308] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2561.387064][T25308] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2561.395070][T25308] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2561.403075][T25308] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2561.411081][T25308] ? __sock_create+0x2c/0x790 [ 2561.415834][T25308] [ 2561.451844][T25308] memory: usage 307200kB, limit 307200kB, failcnt 34601 [ 2561.459187][T25308] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2561.466157][T25308] Memory cgroup stats for /syz1: [ 2561.466355][T25308] anon 114688 [ 2561.466355][T25308] file 606208 [ 2561.466355][T25308] kernel 313851904 [ 2561.466355][T25308] kernel_stack 65536 [ 2561.466355][T25308] pagetables 73728 [ 2561.466355][T25308] sec_pagetables 0 [ 2561.466355][T25308] percpu 5612288 [ 2561.466355][T25308] sock 0 [ 2561.466355][T25308] vmalloc 0 [ 2561.466355][T25308] shmem 602112 [ 2561.466355][T25308] zswap 0 [ 2561.466355][T25308] zswapped 0 [ 2561.466355][T25308] file_mapped 602112 [ 2561.466355][T25308] file_dirty 4096 [ 2561.466355][T25308] file_writeback 0 [ 2561.466355][T25308] swapcached 0 [ 2561.466355][T25308] anon_thp 0 [ 2561.466355][T25308] file_thp 0 [ 2561.466355][T25308] shmem_thp 0 [ 2561.466355][T25308] inactive_anon 282624 [ 2561.466355][T25308] active_anon 434176 [ 2561.466355][T25308] inactive_file 0 [ 2561.466355][T25308] active_file 4096 [ 2561.466355][T25308] unevictable 0 [ 2561.466355][T25308] slab_reclaimable 219568 [ 2561.466355][T25308] slab_unreclaimable 307848312 [ 2561.564544][T25308] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25308,uid=0 [ 2561.565193][T25329] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2561.580832][T25308] Memory cgroup out of memory: Killed process 25308 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2561.609041][T25313] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2561.628784][T25313] CPU: 1 PID: 25313 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2561.639272][T25313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2561.649371][T25313] Call Trace: [ 2561.652682][T25313] [ 2561.655647][T25313] dump_stack_lvl+0xd1/0x138 [ 2561.660288][T25313] dump_header+0x10b/0x85f [ 2561.664772][T25313] oom_kill_process.cold+0x10/0x15 [ 2561.669952][T25313] out_of_memory+0x35c/0x14a0 [ 2561.674705][T25313] ? oom_killer_disable+0x280/0x280 [ 2561.679967][T25313] ? find_held_lock+0x2d/0x110 [ 2561.684796][T25313] mem_cgroup_out_of_memory+0x206/0x270 [ 2561.690407][T25313] ? mem_cgroup_margin+0x130/0x130 [ 2561.695573][T25313] ? lock_downgrade+0x6e0/0x6e0 [ 2561.700487][T25313] try_charge_memcg+0xefb/0x12f0 [ 2561.705510][T25313] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2561.711546][T25313] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2561.717324][T25313] ? lock_downgrade+0x6e0/0x6e0 [ 2561.722248][T25313] obj_cgroup_charge+0x2af/0x5e0 [ 2561.727234][T25313] ? vm_area_dup+0x7d/0x380 [ 2561.731784][T25313] kmem_cache_alloc+0xb5/0x430 [ 2561.736946][T25313] vm_area_dup+0x7d/0x380 [ 2561.741328][T25313] ? mt_slot+0xa1/0x170 [ 2561.745543][T25313] ? mas_next_nentry+0x610/0xab0 [ 2561.750545][T25313] ? mas_next_node+0x547/0xa00 [ 2561.755373][T25313] ? mas_find+0x211/0xd10 [ 2561.759775][T25313] ? vm_area_alloc+0x100/0x100 [ 2561.764580][T25313] ? validate_mm_mt+0x149/0x1b0 [ 2561.769475][T25313] ? remove_vma+0x130/0x130 [ 2561.774028][T25313] ? can_vma_merge_before+0x390/0x390 [ 2561.779541][T25313] __split_vma+0xae/0x5e0 [ 2561.783908][T25313] ? vma_merge+0x2cf/0x870 [ 2561.788364][T25313] split_vma+0xa3/0xe0 [ 2561.792474][T25313] mprotect_fixup+0x686/0x960 [ 2561.797208][T25313] ? mas_find+0x211/0xd10 [ 2561.801578][T25313] ? change_protection+0x3b30/0x3b30 [ 2561.806932][T25313] do_mprotect_pkey+0x6fd/0xa70 [ 2561.811836][T25313] ? mprotect_fixup+0x960/0x960 [ 2561.816726][T25313] ? up_write+0x1b0/0x520 [ 2561.821115][T25313] ? xfd_validate_state+0x5d/0x180 [ 2561.826311][T25313] __x64_sys_mprotect+0x78/0xb0 [ 2561.831208][T25313] do_syscall_64+0x39/0xb0 [ 2561.835675][T25313] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2561.841603][T25313] RIP: 0033:0x7f909a68c1d7 [ 2561.846052][T25313] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2561.865876][T25313] RSP: 002b:00007ffc6e869e78 EFLAGS: 00000206 ORIG_RAX: 000000000000000a [ 2561.874333][T25313] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f909a68c1d7 [ 2561.882340][T25313] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f909b41a000 [ 2561.890345][T25313] RBP: 00007ffc6e869f50 R08: 00000000ffffffff R09: 00007f909b439700 [ 2561.898358][T25313] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffc6e86a070 [ 2561.906363][T25313] R13: 00007f909b439700 R14: 0000000000000000 R15: 0000000000022000 [ 2561.914399][T25313] [ 2561.921030][T25313] memory: usage 307200kB, limit 307200kB, failcnt 72668 [ 2561.928328][T25313] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2561.936337][T25313] Memory cgroup stats for /syz2: [ 2561.936589][T25313] anon 139264 [ 2561.936589][T25313] file 638976 [ 2561.936589][T25313] kernel 313794560 [ 2561.936589][T25313] kernel_stack 65536 [ 2561.936589][T25313] pagetables 81920 [ 2561.936589][T25313] sec_pagetables 0 [ 2561.936589][T25313] percpu 5611104 [ 2561.936589][T25313] sock 0 [ 2561.936589][T25313] vmalloc 0 [ 2561.936589][T25313] shmem 638976 [ 2561.936589][T25313] zswap 0 [ 2561.936589][T25313] zswapped 0 [ 2561.936589][T25313] file_mapped 638976 [ 2561.936589][T25313] file_dirty 0 [ 2561.936589][T25313] file_writeback 0 [ 2561.936589][T25313] swapcached 0 [ 2561.936589][T25313] anon_thp 0 [ 2561.936589][T25313] file_thp 0 [ 2561.936589][T25313] shmem_thp 0 [ 2561.936589][T25313] inactive_anon 372736 [ 2561.936589][T25313] active_anon 405504 [ 2561.936589][T25313] inactive_file 0 [ 2561.936589][T25313] active_file 0 [ 2561.936589][T25313] unevictable 0 [ 2561.936589][T25313] slab_reclaimable 233712 [ 2561.936589][T25313] slab_unreclaimable 307770328 [ 2562.032889][T25313] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=25313,uid=0 [ 2562.049287][T25313] Memory cgroup out of memory: Killed process 25313 (syz-executor.2) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:54:16 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xff0f) 09:54:16 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0) 09:54:16 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3, 0x8}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:16 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:54:16 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8000000}, 0x0) [ 2562.067026][T25328] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2562.098706][T25328] CPU: 1 PID: 25328 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2562.109195][T25328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2562.119298][T25328] Call Trace: [ 2562.122607][T25328] [ 2562.125575][T25328] dump_stack_lvl+0xd1/0x138 [ 2562.130218][T25328] dump_header+0x10b/0x85f [ 2562.134693][T25328] oom_kill_process.cold+0x10/0x15 [ 2562.139865][T25328] out_of_memory+0x35c/0x14a0 [ 2562.144606][T25328] ? oom_killer_disable+0x280/0x280 [ 2562.149854][T25328] ? find_held_lock+0x2d/0x110 [ 2562.154662][T25328] mem_cgroup_out_of_memory+0x206/0x270 [ 2562.160338][T25328] ? mem_cgroup_margin+0x130/0x130 [ 2562.165499][T25328] ? lock_downgrade+0x6e0/0x6e0 [ 2562.170398][T25328] try_charge_memcg+0xefb/0x12f0 [ 2562.175379][T25328] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2562.181410][T25328] ? lock_downgrade+0x6e0/0x6e0 [ 2562.186320][T25328] charge_memcg+0x90/0x3b0 [ 2562.190769][T25328] __mem_cgroup_charge+0x2b/0x90 [ 2562.195745][T25328] ? _compound_head+0x5d/0x150 [ 2562.200554][T25328] __handle_mm_fault+0x187d/0x3c90 [ 2562.205722][T25328] ? vm_iomap_memory+0x190/0x190 [ 2562.210726][T25328] handle_mm_fault+0x1b6/0x850 [ 2562.215532][T25328] do_user_addr_fault+0x475/0x1210 [ 2562.220678][T25328] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2562.226258][T25328] exc_page_fault+0x98/0x170 [ 2562.230868][T25328] asm_exc_page_fault+0x26/0x30 [ 2562.235738][T25328] RIP: 0033:0x7f0b7de3b8cf [ 2562.240181][T25328] Code: ff ff 4d 89 cd 48 85 c0 74 19 8b 95 44 ff ff ff 48 29 c6 48 01 c7 e8 10 09 05 00 85 c0 0f 85 0b 03 00 00 48 8b 85 48 ff ff ff <41> c7 45 18 01 00 00 00 4c 89 ef 49 89 85 90 06 00 00 48 8b 85 50 [ 2562.259816][T25328] RSP: 002b:00007fff06370110 EFLAGS: 00010246 [ 2562.265904][T25328] RAX: 00007f0b7eb62000 RBX: 0000000000021000 RCX: 00007f0b7de8c1d7 [ 2562.273978][T25328] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f0b7eb63000 [ 2562.281963][T25328] RBP: 00007fff063701e0 R08: 00000000ffffffff R09: 00007f0b7eb82700 [ 2562.289946][T25328] R10: 0000000000020022 R11: 0000000000000206 R12: 00007fff06370300 [ 2562.297926][T25328] R13: 00007f0b7eb82700 R14: 0000000000000000 R15: 0000000000022000 [ 2562.305930][T25328] 09:54:16 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3, 0xb}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:16 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, 0x0) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) 09:54:16 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={0x0}}, 0x0) 09:54:16 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, 0x0) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) 09:54:16 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={0x0}}, 0x0) 09:54:16 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3, 0xe}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2562.521237][T25328] memory: usage 307200kB, limit 307200kB, failcnt 82287 [ 2562.532393][T25328] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2562.548045][T25328] Memory cgroup stats for /syz0: [ 2562.548314][T25328] anon 139264 [ 2562.548314][T25328] file 479232 [ 2562.548314][T25328] kernel 313954304 [ 2562.548314][T25328] kernel_stack 65536 [ 2562.548314][T25328] pagetables 77824 [ 2562.548314][T25328] sec_pagetables 0 [ 2562.548314][T25328] percpu 5614656 [ 2562.548314][T25328] sock 0 [ 2562.548314][T25328] vmalloc 8192 [ 2562.548314][T25328] shmem 479232 [ 2562.548314][T25328] zswap 0 [ 2562.548314][T25328] zswapped 0 [ 2562.548314][T25328] file_mapped 479232 [ 2562.548314][T25328] file_dirty 0 [ 2562.548314][T25328] file_writeback 0 [ 2562.548314][T25328] swapcached 0 [ 2562.548314][T25328] anon_thp 0 [ 2562.548314][T25328] file_thp 0 [ 2562.548314][T25328] shmem_thp 0 [ 2562.548314][T25328] inactive_anon 176128 [ 2562.548314][T25328] active_anon 442368 [ 2562.548314][T25328] inactive_file 0 [ 2562.548314][T25328] active_file 0 [ 2562.548314][T25328] unevictable 0 [ 2562.548314][T25328] slab_reclaimable 28096 [ 2562.548314][T25328] slab_unreclaimable 308121352 [ 2562.662313][T25328] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=25328,uid=0 [ 2562.678802][T25328] Memory cgroup out of memory: Killed process 25328 (syz-executor.0) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2562.697066][T25331] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2562.716730][T25331] CPU: 1 PID: 25331 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2562.727209][T25331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2562.737302][T25331] Call Trace: [ 2562.740605][T25331] [ 2562.743556][T25331] dump_stack_lvl+0xd1/0x138 [ 2562.748194][T25331] dump_header+0x10b/0x85f [ 2562.752663][T25331] oom_kill_process.cold+0x10/0x15 [ 2562.757837][T25331] out_of_memory+0x35c/0x14a0 [ 2562.762582][T25331] ? oom_killer_disable+0x280/0x280 [ 2562.767843][T25331] ? find_held_lock+0x2d/0x110 [ 2562.772666][T25331] mem_cgroup_out_of_memory+0x206/0x270 [ 2562.778263][T25331] ? mem_cgroup_margin+0x130/0x130 [ 2562.783417][T25331] ? lock_downgrade+0x6e0/0x6e0 [ 2562.788327][T25331] try_charge_memcg+0xefb/0x12f0 [ 2562.793316][T25331] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2562.799437][T25331] ? lock_downgrade+0x6e0/0x6e0 [ 2562.804344][T25331] charge_memcg+0x90/0x3b0 [ 2562.808804][T25331] __mem_cgroup_charge+0x2b/0x90 [ 2562.813793][T25331] do_wp_page+0x7ec/0x3370 [ 2562.818272][T25331] ? lock_release+0x810/0x810 [ 2562.822989][T25331] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2562.828415][T25331] ? do_raw_spin_lock+0x124/0x2b0 [ 2562.833478][T25331] ? rwlock_bug.part.0+0x90/0x90 [ 2562.838459][T25331] ? lock_chain_count+0x20/0x20 [ 2562.843361][T25331] __handle_mm_fault+0x1f58/0x3c90 [ 2562.848537][T25331] ? vm_iomap_memory+0x190/0x190 [ 2562.853550][T25331] handle_mm_fault+0x1b6/0x850 [ 2562.858372][T25331] do_user_addr_fault+0x475/0x1210 [ 2562.863528][T25331] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2562.869133][T25331] exc_page_fault+0x98/0x170 [ 2562.873760][T25331] asm_exc_page_fault+0x26/0x30 [ 2562.878640][T25331] RIP: 0033:0x7ff9f2039570 [ 2562.883087][T25331] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2562.902730][T25331] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2562.908830][T25331] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2562.916828][T25331] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2562.924830][T25331] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2562.932830][T25331] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2562.940920][T25331] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2562.948926][T25331] ? __sock_create+0x2c/0x790 [ 2562.953671][T25331] 09:54:17 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x4800000000000000}, 0x0) [ 2562.971029][T25331] memory: usage 307200kB, limit 307200kB, failcnt 34702 [ 2562.980696][T25331] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2562.987584][T25331] Memory cgroup stats for /syz1: [ 2562.987794][T25331] anon 114688 [ 2562.987794][T25331] file 606208 [ 2562.987794][T25331] kernel 313851904 [ 2562.987794][T25331] kernel_stack 65536 [ 2562.987794][T25331] pagetables 73728 [ 2562.987794][T25331] sec_pagetables 0 [ 2562.987794][T25331] percpu 5612288 [ 2562.987794][T25331] sock 0 [ 2562.987794][T25331] vmalloc 0 [ 2562.987794][T25331] shmem 602112 [ 2562.987794][T25331] zswap 0 [ 2562.987794][T25331] zswapped 0 [ 2562.987794][T25331] file_mapped 602112 [ 2562.987794][T25331] file_dirty 4096 [ 2562.987794][T25331] file_writeback 0 [ 2562.987794][T25331] swapcached 0 [ 2562.987794][T25331] anon_thp 0 [ 2562.987794][T25331] file_thp 0 [ 2562.987794][T25331] shmem_thp 0 [ 2562.987794][T25331] inactive_anon 282624 [ 2562.987794][T25331] active_anon 434176 [ 2562.987794][T25331] inactive_file 0 [ 2562.987794][T25331] active_file 4096 [ 2562.987794][T25331] unevictable 0 [ 2562.987794][T25331] slab_reclaimable 219568 [ 2562.987794][T25331] slab_unreclaimable 307848312 [ 2563.129723][T25331] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25331,uid=0 [ 2563.146251][T25331] Memory cgroup out of memory: Killed process 25331 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2563.164255][T25352] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 2563.167453][T25339] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2563.184304][T25352] CPU: 0 PID: 25352 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2563.197183][T25352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2563.207277][T25352] Call Trace: [ 2563.210587][T25352] [ 2563.213549][T25352] dump_stack_lvl+0xd1/0x138 [ 2563.218194][T25352] dump_header+0x10b/0x85f [ 2563.222673][T25352] oom_kill_process.cold+0x10/0x15 [ 2563.227852][T25352] out_of_memory+0x35c/0x14a0 [ 2563.232598][T25352] ? oom_killer_disable+0x280/0x280 [ 2563.237837][T25352] ? find_held_lock+0x2d/0x110 [ 2563.242641][T25352] mem_cgroup_out_of_memory+0x206/0x270 [ 2563.248219][T25352] ? mem_cgroup_margin+0x130/0x130 [ 2563.253356][T25352] ? lock_downgrade+0x6e0/0x6e0 [ 2563.258244][T25352] try_charge_memcg+0xefb/0x12f0 [ 2563.263209][T25352] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2563.269213][T25352] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2563.274966][T25352] ? lock_downgrade+0x6e0/0x6e0 [ 2563.279836][T25352] ? lock_downgrade+0x6e0/0x6e0 [ 2563.284720][T25352] __memcg_kmem_charge_page+0x16e/0x3b0 [ 2563.290289][T25352] __alloc_pages+0x1f3/0x5b0 [ 2563.294905][T25352] ? __alloc_pages_slowpath.constprop.0+0x23d0/0x23d0 [ 2563.301717][T25352] alloc_pages+0x1aa/0x270 [ 2563.306157][T25352] __pmd_alloc+0x3f/0x5d0 [ 2563.310516][T25352] __handle_mm_fault+0x932/0x3c90 [ 2563.315577][T25352] ? vm_iomap_memory+0x190/0x190 [ 2563.320570][T25352] handle_mm_fault+0x1b6/0x850 [ 2563.325370][T25352] do_user_addr_fault+0x475/0x1210 [ 2563.330510][T25352] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2563.336092][T25352] exc_page_fault+0x98/0x170 [ 2563.340715][T25352] asm_exc_page_fault+0x26/0x30 [ 2563.345583][T25352] RIP: 0033:0x7f0b7de2bd49 [ 2563.350015][T25352] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85 [ 2563.369726][T25352] RSP: 002b:00007fff063701b0 EFLAGS: 00010246 [ 2563.375809][T25352] RAX: 0000000020000200 RBX: 0000000000000000 RCX: 0000000000000000 [ 2563.383796][T25352] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000555556e892e8 [ 2563.391783][T25352] RBP: 00007fff063702a8 R08: 0000000000000000 R09: 0000000000000000 [ 2563.399765][T25352] R10: 00007f0b7da00068 R11: 0000000000000246 R12: 0000000000271bf9 [ 2563.407750][T25352] R13: 00007fff063702d0 R14: 00007f0b7dfabf80 R15: 0000000000000032 [ 2563.415757][T25352] [ 2563.422395][T25352] memory: usage 307188kB, limit 307200kB, failcnt 82370 [ 2563.430092][T25352] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2563.437294][T25352] Memory cgroup stats for /syz0: [ 2563.437508][T25352] anon 135168 [ 2563.437508][T25352] file 479232 [ 2563.437508][T25352] kernel 313929728 [ 2563.437508][T25352] kernel_stack 65536 [ 2563.437508][T25352] pagetables 69632 [ 2563.437508][T25352] sec_pagetables 0 [ 2563.437508][T25352] percpu 5614656 [ 2563.437508][T25352] sock 0 [ 2563.437508][T25352] vmalloc 8192 [ 2563.437508][T25352] shmem 479232 [ 2563.437508][T25352] zswap 0 [ 2563.437508][T25352] zswapped 0 [ 2563.437508][T25352] file_mapped 479232 [ 2563.437508][T25352] file_dirty 0 [ 2563.437508][T25352] file_writeback 0 [ 2563.437508][T25352] swapcached 0 [ 2563.437508][T25352] anon_thp 0 [ 2563.437508][T25352] file_thp 0 [ 2563.437508][T25352] shmem_thp 0 [ 2563.437508][T25352] inactive_anon 172032 [ 2563.437508][T25352] active_anon 442368 [ 2563.437508][T25352] inactive_file 0 [ 2563.437508][T25352] active_file 0 [ 2563.437508][T25352] unevictable 0 [ 2563.437508][T25352] slab_reclaimable 20384 [ 2563.437508][T25352] slab_unreclaimable 308117800 [ 2563.535604][T25352] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=25352,uid=0 [ 2563.551413][T25352] Memory cgroup out of memory: Killed process 25352 (syz-executor.0) total-vm:54540kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2563.569470][T25335] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2563.580340][T25335] CPU: 0 PID: 25335 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2563.590812][T25335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2563.600907][T25335] Call Trace: [ 2563.604209][T25335] [ 2563.607162][T25335] dump_stack_lvl+0xd1/0x138 [ 2563.611805][T25335] dump_header+0x10b/0x85f [ 2563.616276][T25335] oom_kill_process.cold+0x10/0x15 [ 2563.621440][T25335] out_of_memory+0x35c/0x14a0 [ 2563.626169][T25335] ? oom_killer_disable+0x280/0x280 [ 2563.631375][T25335] ? find_held_lock+0x2d/0x110 [ 2563.636146][T25335] mem_cgroup_out_of_memory+0x206/0x270 [ 2563.641715][T25335] ? mem_cgroup_margin+0x130/0x130 [ 2563.646862][T25335] ? lock_downgrade+0x6e0/0x6e0 [ 2563.651747][T25335] try_charge_memcg+0xefb/0x12f0 [ 2563.656719][T25335] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2563.662738][T25335] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2563.668500][T25335] ? lock_downgrade+0x6e0/0x6e0 [ 2563.673409][T25335] obj_cgroup_charge+0x2af/0x5e0 [ 2563.678380][T25335] ? vm_area_dup+0x7d/0x380 [ 2563.682929][T25335] kmem_cache_alloc+0xb5/0x430 [ 2563.687723][T25335] vm_area_dup+0x7d/0x380 [ 2563.692099][T25335] ? mt_slot+0xa1/0x170 [ 2563.696296][T25335] ? mas_next_nentry+0x610/0xab0 [ 2563.701271][T25335] ? mas_next_node+0x547/0xa00 [ 2563.706079][T25335] ? mas_find+0x211/0xd10 [ 2563.710534][T25335] ? vm_area_alloc+0x100/0x100 [ 2563.715322][T25335] ? validate_mm_mt+0x149/0x1b0 [ 2563.720200][T25335] ? remove_vma+0x130/0x130 [ 2563.724903][T25335] ? can_vma_merge_before+0x390/0x390 [ 2563.730321][T25335] __split_vma+0xae/0x5e0 [ 2563.734843][T25335] ? vma_merge+0x2cf/0x870 [ 2563.739282][T25335] split_vma+0xa3/0xe0 [ 2563.743371][T25335] mprotect_fixup+0x686/0x960 [ 2563.748088][T25335] ? mas_find+0x211/0xd10 [ 2563.752447][T25335] ? change_protection+0x3b30/0x3b30 [ 2563.757766][T25335] do_mprotect_pkey+0x6fd/0xa70 [ 2563.762648][T25335] ? mprotect_fixup+0x960/0x960 [ 2563.767519][T25335] ? up_write+0x1b0/0x520 [ 2563.771913][T25335] __x64_sys_mprotect+0x78/0xb0 [ 2563.776806][T25335] do_syscall_64+0x39/0xb0 [ 2563.781276][T25335] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2563.787204][T25335] RIP: 0033:0x7f909a68c1d7 [ 2563.791649][T25335] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2563.811276][T25335] RSP: 002b:00007ffc6e869e78 EFLAGS: 00000206 ORIG_RAX: 000000000000000a [ 2563.819709][T25335] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f909a68c1d7 [ 2563.827718][T25335] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f909b41a000 [ 2563.835709][T25335] RBP: 00007ffc6e869f50 R08: 00000000ffffffff R09: 00007f909b439700 [ 2563.843711][T25335] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffc6e86a070 [ 2563.851724][T25335] R13: 00007f909b439700 R14: 0000000000000000 R15: 0000000000022000 [ 2563.859734][T25335] [ 2563.865351][T25335] memory: usage 307200kB, limit 307200kB, failcnt 72830 [ 2563.873187][T25335] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2563.880189][T25335] Memory cgroup stats for /syz2: [ 2563.880434][T25335] anon 139264 [ 2563.880434][T25335] file 638976 [ 2563.880434][T25335] kernel 313794560 [ 2563.880434][T25335] kernel_stack 65536 [ 2563.880434][T25335] pagetables 81920 [ 2563.880434][T25335] sec_pagetables 0 [ 2563.880434][T25335] percpu 5611104 [ 2563.880434][T25335] sock 0 [ 2563.880434][T25335] vmalloc 0 [ 2563.880434][T25335] shmem 638976 [ 2563.880434][T25335] zswap 0 [ 2563.880434][T25335] zswapped 0 [ 2563.880434][T25335] file_mapped 638976 [ 2563.880434][T25335] file_dirty 0 [ 2563.880434][T25335] file_writeback 0 [ 2563.880434][T25335] swapcached 0 [ 2563.880434][T25335] anon_thp 0 [ 2563.880434][T25335] file_thp 0 [ 2563.880434][T25335] shmem_thp 0 [ 2563.880434][T25335] inactive_anon 372736 [ 2563.880434][T25335] active_anon 405504 [ 2563.880434][T25335] inactive_file 0 [ 2563.880434][T25335] active_file 0 [ 2563.880434][T25335] unevictable 0 [ 2563.880434][T25335] slab_reclaimable 233712 [ 2563.880434][T25335] slab_unreclaimable 307770328 09:54:18 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xff7f) 09:54:18 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3, 0x11}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:18 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={0x0}}, 0x0) 09:54:18 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, 0x0) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) 09:54:18 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8020000}, 0x0) 09:54:18 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x4801000000000000}, 0x0) [ 2563.979748][T25335] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=25335,uid=0 [ 2563.996847][T25335] Memory cgroup out of memory: Killed process 25335 (syz-executor.2) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:54:18 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, 0x0, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}]}, 0x1c}}, 0x0) 09:54:18 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3, 0x29}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:18 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:54:18 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3, 0x38}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2564.161216][T25364] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2564.190932][T25357] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2564.239000][T25357] CPU: 1 PID: 25357 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2564.249487][T25357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2564.259578][T25357] Call Trace: [ 2564.262880][T25357] [ 2564.265837][T25357] dump_stack_lvl+0xd1/0x138 [ 2564.270474][T25357] dump_header+0x10b/0x85f [ 2564.274944][T25357] oom_kill_process.cold+0x10/0x15 [ 2564.280110][T25357] out_of_memory+0x35c/0x14a0 09:54:18 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xfffe) [ 2564.284841][T25357] ? find_held_lock+0x2d/0x110 [ 2564.289659][T25357] ? oom_killer_disable+0x280/0x280 [ 2564.294909][T25357] ? find_held_lock+0x2d/0x110 [ 2564.299726][T25357] mem_cgroup_out_of_memory+0x206/0x270 [ 2564.305329][T25357] ? mem_cgroup_margin+0x130/0x130 [ 2564.310489][T25357] ? lock_downgrade+0x6e0/0x6e0 [ 2564.315399][T25357] try_charge_memcg+0xefb/0x12f0 [ 2564.320389][T25357] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2564.326434][T25357] ? lock_downgrade+0x6e0/0x6e0 [ 2564.331345][T25357] charge_memcg+0x90/0x3b0 [ 2564.335801][T25357] __mem_cgroup_charge+0x2b/0x90 [ 2564.340787][T25357] do_wp_page+0x7ec/0x3370 [ 2564.345258][T25357] ? lock_release+0x810/0x810 [ 2564.349986][T25357] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2564.355405][T25357] ? do_raw_spin_lock+0x124/0x2b0 [ 2564.360467][T25357] ? rwlock_bug.part.0+0x90/0x90 [ 2564.365446][T25357] ? lock_chain_count+0x20/0x20 [ 2564.370339][T25357] __handle_mm_fault+0x1f58/0x3c90 [ 2564.375506][T25357] ? vm_iomap_memory+0x190/0x190 [ 2564.380523][T25357] handle_mm_fault+0x1b6/0x850 [ 2564.385340][T25357] do_user_addr_fault+0x475/0x1210 [ 2564.390498][T25357] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2564.396101][T25357] exc_page_fault+0x98/0x170 [ 2564.400730][T25357] asm_exc_page_fault+0x26/0x30 [ 2564.405633][T25357] RIP: 0033:0x7ff9f2039570 [ 2564.410081][T25357] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2564.429738][T25357] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 09:54:18 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, 0x0, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}]}, 0x1c}}, 0x0) [ 2564.435849][T25357] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2564.443852][T25357] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2564.451939][T25357] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2564.459957][T25357] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2564.467961][T25357] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2564.475971][T25357] ? __sock_create+0x2c/0x790 [ 2564.480721][T25357] 09:54:18 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:54:18 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, 0x0, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}]}, 0x1c}}, 0x0) 09:54:18 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3, 0x5c}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:18 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) [ 2564.587058][T25377] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2564.728518][T25357] memory: usage 307200kB, limit 307200kB, failcnt 34783 [ 2564.736351][T25357] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2564.743325][T25357] Memory cgroup stats for /syz1: [ 2564.744079][T25357] anon 114688 [ 2564.744079][T25357] file 606208 [ 2564.744079][T25357] kernel 313851904 [ 2564.744079][T25357] kernel_stack 65536 [ 2564.744079][T25357] pagetables 73728 [ 2564.744079][T25357] sec_pagetables 0 [ 2564.744079][T25357] percpu 5612288 [ 2564.744079][T25357] sock 0 [ 2564.744079][T25357] vmalloc 0 [ 2564.744079][T25357] shmem 602112 [ 2564.744079][T25357] zswap 0 [ 2564.744079][T25357] zswapped 0 [ 2564.744079][T25357] file_mapped 602112 [ 2564.744079][T25357] file_dirty 4096 [ 2564.744079][T25357] file_writeback 0 [ 2564.744079][T25357] swapcached 0 [ 2564.744079][T25357] anon_thp 0 [ 2564.744079][T25357] file_thp 0 [ 2564.744079][T25357] shmem_thp 0 [ 2564.744079][T25357] inactive_anon 282624 [ 2564.744079][T25357] active_anon 434176 [ 2564.744079][T25357] inactive_file 0 [ 2564.744079][T25357] active_file 4096 [ 2564.744079][T25357] unevictable 0 [ 2564.744079][T25357] slab_reclaimable 219568 [ 2564.744079][T25357] slab_unreclaimable 307848312 [ 2564.850184][T25357] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25357,uid=0 09:54:19 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x9000000}, 0x0) [ 2564.867721][T25357] Memory cgroup out of memory: Killed process 25357 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2564.890429][T25366] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 09:54:19 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x4a02000000000000}, 0x0) 09:54:19 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3, 0xc8}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:19 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x0, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:54:19 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, 0x0, 0x0) 09:54:19 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0x20000) 09:54:19 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, 0x0, 0x0) 09:54:19 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x0, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:54:19 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3, 0xe0}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2565.051236][T25386] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2565.065985][T25395] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. 09:54:19 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:19 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x0, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) [ 2565.095289][T25386] CPU: 1 PID: 25386 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2565.105769][T25386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2565.115858][T25386] Call Trace: [ 2565.119164][T25386] [ 2565.122129][T25386] dump_stack_lvl+0xd1/0x138 [ 2565.126772][T25386] dump_header+0x10b/0x85f [ 2565.131244][T25386] oom_kill_process.cold+0x10/0x15 [ 2565.136415][T25386] out_of_memory+0x35c/0x14a0 [ 2565.141153][T25386] ? find_held_lock+0x2d/0x110 [ 2565.145967][T25386] ? oom_killer_disable+0x280/0x280 [ 2565.151222][T25386] ? find_held_lock+0x2d/0x110 [ 2565.156046][T25386] mem_cgroup_out_of_memory+0x206/0x270 [ 2565.161650][T25386] ? mem_cgroup_margin+0x130/0x130 [ 2565.166814][T25386] ? lock_downgrade+0x6e0/0x6e0 [ 2565.171730][T25386] try_charge_memcg+0xefb/0x12f0 [ 2565.176720][T25386] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2565.182755][T25386] ? lock_downgrade+0x6e0/0x6e0 [ 2565.187669][T25386] charge_memcg+0x90/0x3b0 09:54:19 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x2, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2565.192130][T25386] __mem_cgroup_charge+0x2b/0x90 [ 2565.197111][T25386] do_wp_page+0x7ec/0x3370 [ 2565.201583][T25386] ? lock_release+0x810/0x810 [ 2565.206297][T25386] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2565.211718][T25386] ? do_raw_spin_lock+0x124/0x2b0 [ 2565.216781][T25386] ? rwlock_bug.part.0+0x90/0x90 [ 2565.221757][T25386] ? lock_chain_count+0x20/0x20 [ 2565.226646][T25386] __handle_mm_fault+0x1f58/0x3c90 [ 2565.231816][T25386] ? vm_iomap_memory+0x190/0x190 [ 2565.236834][T25386] handle_mm_fault+0x1b6/0x850 [ 2565.241653][T25386] do_user_addr_fault+0x475/0x1210 [ 2565.246826][T25386] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2565.252428][T25386] exc_page_fault+0x98/0x170 [ 2565.257059][T25386] asm_exc_page_fault+0x26/0x30 [ 2565.261946][T25386] RIP: 0033:0x7ff9f2039570 [ 2565.266394][T25386] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2565.286041][T25386] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2565.292148][T25386] RAX: 000000004717ba0b RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2565.300153][T25386] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 0000000000000022 [ 2565.308151][T25386] RBP: 000000004717ba0b R08: 0000000000001a0b R09: 000000004717ba0f [ 2565.316145][T25386] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2565.324141][T25386] R13: 0000000000000001 R14: 0000000000000000 R15: ffffffff87bef361 [ 2565.332142][T25386] ? __x64_sys_socket+0x11/0xb0 [ 2565.337063][T25386] [ 2565.355641][T25386] memory: usage 307188kB, limit 307200kB, failcnt 34872 [ 2565.369876][T25386] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2565.378296][T25386] Memory cgroup stats for /syz1: [ 2565.378507][T25386] anon 102400 [ 2565.378507][T25386] file 606208 [ 2565.378507][T25386] kernel 313851904 [ 2565.378507][T25386] kernel_stack 65536 [ 2565.378507][T25386] pagetables 73728 [ 2565.378507][T25386] sec_pagetables 0 [ 2565.378507][T25386] percpu 5612288 [ 2565.378507][T25386] sock 0 [ 2565.378507][T25386] vmalloc 0 [ 2565.378507][T25386] shmem 602112 [ 2565.378507][T25386] zswap 0 [ 2565.378507][T25386] zswapped 0 [ 2565.378507][T25386] file_mapped 602112 [ 2565.378507][T25386] file_dirty 4096 [ 2565.378507][T25386] file_writeback 0 [ 2565.378507][T25386] swapcached 0 [ 2565.378507][T25386] anon_thp 0 [ 2565.378507][T25386] file_thp 0 [ 2565.378507][T25386] shmem_thp 0 [ 2565.378507][T25386] inactive_anon 270336 [ 2565.378507][T25386] active_anon 434176 [ 2565.378507][T25386] inactive_file 0 [ 2565.378507][T25386] active_file 4096 [ 2565.378507][T25386] unevictable 0 [ 2565.378507][T25386] slab_reclaimable 219568 [ 2565.378507][T25386] slab_unreclaimable 307848616 [ 2565.476439][T25386] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25386,uid=0 09:54:19 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xa000000}, 0x0) [ 2565.503010][T25386] Memory cgroup out of memory: Killed process 25386 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2565.521759][T25397] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2565.538919][T25397] CPU: 1 PID: 25397 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2565.549385][T25397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2565.559478][T25397] Call Trace: [ 2565.562777][T25397] [ 2565.565731][T25397] dump_stack_lvl+0xd1/0x138 [ 2565.570372][T25397] dump_header+0x10b/0x85f [ 2565.574840][T25397] oom_kill_process.cold+0x10/0x15 [ 2565.580004][T25397] out_of_memory+0x35c/0x14a0 [ 2565.584735][T25397] ? oom_killer_disable+0x280/0x280 [ 2565.589986][T25397] ? find_held_lock+0x2d/0x110 [ 2565.594803][T25397] mem_cgroup_out_of_memory+0x206/0x270 [ 2565.600393][T25397] ? mem_cgroup_margin+0x130/0x130 [ 2565.605533][T25397] ? lock_downgrade+0x6e0/0x6e0 [ 2565.610420][T25397] try_charge_memcg+0xefb/0x12f0 [ 2565.615384][T25397] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2565.621382][T25397] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2565.627154][T25397] ? lock_downgrade+0x6e0/0x6e0 [ 2565.632032][T25397] ? lock_downgrade+0x6e0/0x6e0 [ 2565.636921][T25397] __memcg_kmem_charge_page+0x16e/0x3b0 [ 2565.642504][T25397] memcg_charge_kernel_stack.part.0+0x6c/0x150 [ 2565.648704][T25397] copy_process+0x4e3/0x7520 [ 2565.653329][T25397] ? find_held_lock+0x2d/0x110 [ 2565.658143][T25397] ? __cleanup_sighand+0xb0/0xb0 [ 2565.663105][T25397] ? lock_downgrade+0x6e0/0x6e0 [ 2565.667970][T25397] ? folio_flags.constprop.0+0x53/0x150 [ 2565.673543][T25397] ? folio_add_lru+0x37b/0x680 [ 2565.678334][T25397] kernel_clone+0xeb/0x990 [ 2565.682860][T25397] ? create_io_thread+0xf0/0xf0 [ 2565.687742][T25397] ? find_held_lock+0x2d/0x110 [ 2565.692553][T25397] __do_sys_clone+0xba/0x100 [ 2565.697168][T25397] ? kernel_clone+0x990/0x990 [ 2565.701877][T25397] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2565.707796][T25397] do_syscall_64+0x39/0xb0 [ 2565.712245][T25397] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2565.718153][T25397] RIP: 0033:0x7f0b7de8d4f1 [ 2565.722581][T25397] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2565.742204][T25397] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2565.750668][T25397] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2565.758658][T25397] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 [ 2565.766643][T25397] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2565.774632][T25397] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2565.782623][T25397] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2565.790629][T25397] [ 2565.804449][T25397] memory: usage 307188kB, limit 307200kB, failcnt 82513 [ 2565.811633][T25397] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2565.818584][T25397] Memory cgroup stats for /syz0: [ 2565.820089][T25397] anon 143360 [ 2565.820089][T25397] file 479232 [ 2565.820089][T25397] kernel 313929728 [ 2565.820089][T25397] kernel_stack 65536 [ 2565.820089][T25397] pagetables 77824 [ 2565.820089][T25397] sec_pagetables 0 [ 2565.820089][T25397] percpu 5614592 [ 2565.820089][T25397] sock 0 [ 2565.820089][T25397] vmalloc 8192 [ 2565.820089][T25397] shmem 479232 [ 2565.820089][T25397] zswap 0 [ 2565.820089][T25397] zswapped 0 [ 2565.820089][T25397] file_mapped 479232 [ 2565.820089][T25397] file_dirty 0 [ 2565.820089][T25397] file_writeback 0 [ 2565.820089][T25397] swapcached 0 [ 2565.820089][T25397] anon_thp 0 [ 2565.820089][T25397] file_thp 0 [ 2565.820089][T25397] shmem_thp 0 [ 2565.820089][T25397] inactive_anon 180224 [ 2565.820089][T25397] active_anon 442368 [ 2565.820089][T25397] inactive_file 0 [ 2565.820089][T25397] active_file 0 [ 2565.820089][T25397] unevictable 0 09:54:20 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x4a03000000000000}, 0x0) 09:54:20 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x14, r1, 0x309}, 0x14}}, 0x0) 09:54:20 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x3, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:20 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, 0x0, 0x0) 09:54:20 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0x30000) [ 2565.820089][T25397] slab_reclaimable 20384 [ 2565.820089][T25397] slab_unreclaimable 308114776 [ 2565.921056][T25397] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=25397,uid=0 [ 2565.937108][T25397] Memory cgroup out of memory: Killed process 25397 (syz-executor.0) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:54:20 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x4, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:20 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0) 09:54:20 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x14, r1, 0x309}, 0x14}}, 0x0) [ 2566.097218][T25411] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2566.110113][T25422] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2566.129996][T25411] CPU: 1 PID: 25411 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2566.140478][T25411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2566.150570][T25411] Call Trace: [ 2566.153860][T25411] [ 2566.156807][T25411] dump_stack_lvl+0xd1/0x138 [ 2566.161431][T25411] dump_header+0x10b/0x85f [ 2566.165886][T25411] oom_kill_process.cold+0x10/0x15 [ 2566.171032][T25411] out_of_memory+0x35c/0x14a0 [ 2566.175746][T25411] ? find_held_lock+0x2d/0x110 [ 2566.180548][T25411] ? oom_killer_disable+0x280/0x280 [ 2566.185790][T25411] ? find_held_lock+0x2d/0x110 [ 2566.190585][T25411] mem_cgroup_out_of_memory+0x206/0x270 [ 2566.196236][T25411] ? mem_cgroup_margin+0x130/0x130 [ 2566.201373][T25411] ? lock_downgrade+0x6e0/0x6e0 [ 2566.206258][T25411] try_charge_memcg+0xefb/0x12f0 [ 2566.211222][T25411] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2566.217232][T25411] ? lock_downgrade+0x6e0/0x6e0 [ 2566.222115][T25411] charge_memcg+0x90/0x3b0 [ 2566.226557][T25411] __mem_cgroup_charge+0x2b/0x90 [ 2566.231520][T25411] do_wp_page+0x7ec/0x3370 [ 2566.235976][T25411] ? lock_release+0x810/0x810 [ 2566.240667][T25411] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2566.246066][T25411] ? do_raw_spin_lock+0x124/0x2b0 [ 2566.251119][T25411] ? rwlock_bug.part.0+0x90/0x90 [ 2566.256079][T25411] ? lock_chain_count+0x20/0x20 [ 2566.260950][T25411] __handle_mm_fault+0x1f58/0x3c90 [ 2566.266102][T25411] ? vm_iomap_memory+0x190/0x190 [ 2566.271091][T25411] handle_mm_fault+0x1b6/0x850 [ 2566.275886][T25411] do_user_addr_fault+0x475/0x1210 [ 2566.281023][T25411] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2566.286604][T25411] exc_page_fault+0x98/0x170 [ 2566.291210][T25411] asm_exc_page_fault+0x26/0x30 [ 2566.296075][T25411] RIP: 0033:0x7ff9f2039570 [ 2566.300501][T25411] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2566.320134][T25411] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2566.326213][T25411] RAX: 000000004717ba0b RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2566.334194][T25411] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 0000000000000022 09:54:20 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x5, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2566.342178][T25411] RBP: 000000004717ba0b R08: 0000000000001a0b R09: 000000004717ba0f [ 2566.350160][T25411] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2566.358140][T25411] R13: 0000000000000001 R14: 0000000000000000 R15: ffffffff87bef361 [ 2566.366119][T25411] ? __x64_sys_socket+0x11/0xb0 [ 2566.371013][T25411] 09:54:20 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0) [ 2566.400742][T25411] memory: usage 307200kB, limit 307200kB, failcnt 34991 [ 2566.416384][T25411] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2566.425160][T25411] Memory cgroup stats for /syz1: [ 2566.425382][T25411] anon 102400 [ 2566.425382][T25411] file 606208 [ 2566.425382][T25411] kernel 313864192 [ 2566.425382][T25411] kernel_stack 65536 [ 2566.425382][T25411] pagetables 73728 [ 2566.425382][T25411] sec_pagetables 0 [ 2566.425382][T25411] percpu 5612352 [ 2566.425382][T25411] sock 0 [ 2566.425382][T25411] vmalloc 0 [ 2566.425382][T25411] shmem 602112 [ 2566.425382][T25411] zswap 0 [ 2566.425382][T25411] zswapped 0 [ 2566.425382][T25411] file_mapped 602112 [ 2566.425382][T25411] file_dirty 4096 [ 2566.425382][T25411] file_writeback 0 [ 2566.425382][T25411] swapcached 0 [ 2566.425382][T25411] anon_thp 0 [ 2566.425382][T25411] file_thp 0 [ 2566.425382][T25411] shmem_thp 0 [ 2566.425382][T25411] inactive_anon 270336 [ 2566.425382][T25411] active_anon 434176 09:54:20 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x14, r1, 0x309}, 0x14}}, 0x0) [ 2566.425382][T25411] inactive_file 0 [ 2566.425382][T25411] active_file 4096 [ 2566.425382][T25411] unevictable 0 [ 2566.425382][T25411] slab_reclaimable 219568 [ 2566.425382][T25411] slab_unreclaimable 307860096 [ 2566.456084][T25430] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2566.520732][T25411] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25411,uid=0 09:54:20 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xa4a0000}, 0x0) [ 2566.581031][T25411] Memory cgroup out of memory: Killed process 25411 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2566.659839][T25424] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000 [ 2566.687335][T25424] CPU: 0 PID: 25424 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2566.697831][T25424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2566.707914][T25424] Call Trace: [ 2566.711221][T25424] [ 2566.714177][T25424] dump_stack_lvl+0xd1/0x138 [ 2566.718816][T25424] dump_header+0x10b/0x85f [ 2566.723290][T25424] oom_kill_process.cold+0x10/0x15 [ 2566.728503][T25424] out_of_memory+0x35c/0x14a0 [ 2566.733246][T25424] ? find_held_lock+0x2d/0x110 [ 2566.738057][T25424] ? oom_killer_disable+0x280/0x280 [ 2566.743315][T25424] ? find_held_lock+0x2d/0x110 [ 2566.748131][T25424] mem_cgroup_out_of_memory+0x206/0x270 [ 2566.753732][T25424] ? mem_cgroup_margin+0x130/0x130 [ 2566.758895][T25424] ? lock_downgrade+0x6e0/0x6e0 [ 2566.763812][T25424] try_charge_memcg+0xefb/0x12f0 [ 2566.768799][T25424] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2566.774819][T25424] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2566.780692][T25424] ? lock_downgrade+0x6e0/0x6e0 [ 2566.785588][T25424] ? lock_downgrade+0x6e0/0x6e0 [ 2566.790479][T25424] ? rcu_read_unlock+0x9/0x60 [ 2566.795219][T25424] obj_cgroup_charge+0x2af/0x5e0 [ 2566.800205][T25424] ? copy_process+0x3aa/0x7520 [ 2566.805006][T25424] kmem_cache_alloc_node+0xb7/0x460 [ 2566.810252][T25424] copy_process+0x3aa/0x7520 [ 2566.814893][T25424] ? find_held_lock+0x2d/0x110 [ 2566.819742][T25424] ? __cleanup_sighand+0xb0/0xb0 [ 2566.824716][T25424] ? lock_downgrade+0x6e0/0x6e0 [ 2566.829599][T25424] ? folio_flags.constprop.0+0x53/0x150 [ 2566.835178][T25424] ? folio_add_lru+0x37b/0x680 [ 2566.839966][T25424] kernel_clone+0xeb/0x990 [ 2566.844425][T25424] ? create_io_thread+0xf0/0xf0 [ 2566.849321][T25424] ? find_held_lock+0x2d/0x110 [ 2566.854159][T25424] __do_sys_clone+0xba/0x100 [ 2566.858790][T25424] ? kernel_clone+0x990/0x990 [ 2566.863544][T25424] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2566.869486][T25424] do_syscall_64+0x39/0xb0 [ 2566.873953][T25424] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2566.879891][T25424] RIP: 0033:0x7f0b7de8d4f1 [ 2566.884337][T25424] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2566.904008][T25424] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2566.912465][T25424] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2566.920470][T25424] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 [ 2566.928474][T25424] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2566.936479][T25424] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2566.944478][T25424] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2566.952500][T25424] [ 2566.965541][T25424] memory: usage 307200kB, limit 307200kB, failcnt 82639 [ 2566.972967][T25424] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2566.980598][T25424] Memory cgroup stats for /syz0: [ 2566.981080][T25424] anon 143360 [ 2566.981080][T25424] file 479232 [ 2566.981080][T25424] kernel 313950208 [ 2566.981080][T25424] kernel_stack 65536 [ 2566.981080][T25424] pagetables 77824 [ 2566.981080][T25424] sec_pagetables 0 [ 2566.981080][T25424] percpu 5614656 [ 2566.981080][T25424] sock 0 [ 2566.981080][T25424] vmalloc 8192 [ 2566.981080][T25424] shmem 479232 [ 2566.981080][T25424] zswap 0 [ 2566.981080][T25424] zswapped 0 [ 2566.981080][T25424] file_mapped 479232 [ 2566.981080][T25424] file_dirty 0 [ 2566.981080][T25424] file_writeback 0 [ 2566.981080][T25424] swapcached 0 [ 2566.981080][T25424] anon_thp 0 [ 2566.981080][T25424] file_thp 0 [ 2566.981080][T25424] shmem_thp 0 [ 2566.981080][T25424] inactive_anon 180224 [ 2566.981080][T25424] active_anon 442368 [ 2566.981080][T25424] inactive_file 0 [ 2566.981080][T25424] active_file 0 [ 2566.981080][T25424] unevictable 0 [ 2566.981080][T25424] slab_reclaimable 28096 [ 2566.981080][T25424] slab_unreclaimable 308121352 [ 2567.081157][T25424] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=25424,uid=0 [ 2567.097493][T25424] Memory cgroup out of memory: Killed process 25424 (syz-executor.0) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2567.127847][T25439] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2567.146336][T25439] CPU: 0 PID: 25439 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2567.156836][T25439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2567.167013][T25439] Call Trace: [ 2567.170318][T25439] [ 2567.173273][T25439] dump_stack_lvl+0xd1/0x138 [ 2567.177907][T25439] dump_header+0x10b/0x85f [ 2567.182380][T25439] oom_kill_process.cold+0x10/0x15 [ 2567.187540][T25439] out_of_memory+0x35c/0x14a0 [ 2567.192267][T25439] ? find_held_lock+0x2d/0x110 [ 2567.197076][T25439] ? oom_killer_disable+0x280/0x280 [ 2567.202416][T25439] ? find_held_lock+0x2d/0x110 [ 2567.207241][T25439] mem_cgroup_out_of_memory+0x206/0x270 [ 2567.212838][T25439] ? mem_cgroup_margin+0x130/0x130 [ 2567.217980][T25439] ? lock_downgrade+0x6e0/0x6e0 [ 2567.222865][T25439] try_charge_memcg+0xefb/0x12f0 [ 2567.227827][T25439] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2567.233832][T25439] ? lock_downgrade+0x6e0/0x6e0 [ 2567.238713][T25439] charge_memcg+0x90/0x3b0 [ 2567.243150][T25439] __mem_cgroup_charge+0x2b/0x90 [ 2567.248107][T25439] do_wp_page+0x7ec/0x3370 [ 2567.252554][T25439] ? lock_release+0x810/0x810 [ 2567.257247][T25439] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2567.262644][T25439] ? do_raw_spin_lock+0x124/0x2b0 [ 2567.267684][T25439] ? rwlock_bug.part.0+0x90/0x90 [ 2567.272640][T25439] ? lock_chain_count+0x20/0x20 [ 2567.277512][T25439] __handle_mm_fault+0x1f58/0x3c90 [ 2567.282656][T25439] ? vm_iomap_memory+0x190/0x190 [ 2567.287646][T25439] handle_mm_fault+0x1b6/0x850 [ 2567.292441][T25439] do_user_addr_fault+0x475/0x1210 [ 2567.297580][T25439] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2567.303158][T25439] exc_page_fault+0x98/0x170 [ 2567.307769][T25439] asm_exc_page_fault+0x26/0x30 [ 2567.312635][T25439] RIP: 0033:0x7ff9f2039570 [ 2567.317063][T25439] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2567.336684][T25439] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2567.342767][T25439] RAX: 000000004717ba0b RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2567.350750][T25439] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 0000000000000022 [ 2567.358731][T25439] RBP: 000000004717ba0b R08: 0000000000001a0b R09: 000000004717ba0f [ 2567.366711][T25439] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 09:54:21 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x4c00000000000000}, 0x0) 09:54:21 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x6, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:21 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) 09:54:21 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0) 09:54:21 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0x40000) [ 2567.374692][T25439] R13: 0000000000000001 R14: 0000000000000000 R15: ffffffff87bef361 [ 2567.382672][T25439] ? __x64_sys_socket+0x11/0xb0 [ 2567.387568][T25439] [ 2567.401395][T25439] memory: usage 307200kB, limit 307200kB, failcnt 35085 [ 2567.453267][T25439] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2567.474715][T25439] Memory cgroup stats for /syz1: [ 2567.474964][T25439] anon 102400 [ 2567.474964][T25439] file 606208 [ 2567.474964][T25439] kernel 313864192 [ 2567.474964][T25439] kernel_stack 65536 [ 2567.474964][T25439] pagetables 73728 [ 2567.474964][T25439] sec_pagetables 0 [ 2567.474964][T25439] percpu 5612352 [ 2567.474964][T25439] sock 0 [ 2567.474964][T25439] vmalloc 0 [ 2567.474964][T25439] shmem 602112 [ 2567.474964][T25439] zswap 0 [ 2567.474964][T25439] zswapped 0 [ 2567.474964][T25439] file_mapped 602112 [ 2567.474964][T25439] file_dirty 4096 [ 2567.474964][T25439] file_writeback 0 [ 2567.474964][T25439] swapcached 0 [ 2567.474964][T25439] anon_thp 0 [ 2567.474964][T25439] file_thp 0 [ 2567.474964][T25439] shmem_thp 0 [ 2567.474964][T25439] inactive_anon 270336 [ 2567.474964][T25439] active_anon 434176 [ 2567.474964][T25439] inactive_file 0 09:54:21 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) 09:54:21 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x7, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:21 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={0x0}}, 0x0) [ 2567.474964][T25439] active_file 4096 [ 2567.474964][T25439] unevictable 0 [ 2567.474964][T25439] slab_reclaimable 219568 [ 2567.474964][T25439] slab_unreclaimable 307860096 09:54:21 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x8, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2567.633829][T25451] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. 09:54:22 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0xb, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:22 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) [ 2567.676236][T25439] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25439,uid=0 09:54:22 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xc000000}, 0x0) [ 2567.732342][T25439] Memory cgroup out of memory: Killed process 25439 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2567.787184][T25449] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2567.827035][T25449] CPU: 1 PID: 25449 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2567.837524][T25449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2567.847614][T25449] Call Trace: [ 2567.850917][T25449] [ 2567.853870][T25449] dump_stack_lvl+0xd1/0x138 [ 2567.858511][T25449] dump_header+0x10b/0x85f [ 2567.862978][T25449] oom_kill_process.cold+0x10/0x15 [ 2567.868659][T25449] out_of_memory+0x35c/0x14a0 [ 2567.873389][T25449] ? find_held_lock+0x2d/0x110 [ 2567.878221][T25449] ? oom_killer_disable+0x280/0x280 [ 2567.883480][T25449] ? find_held_lock+0x2d/0x110 [ 2567.888306][T25449] mem_cgroup_out_of_memory+0x206/0x270 [ 2567.893929][T25449] ? mem_cgroup_margin+0x130/0x130 [ 2567.899090][T25449] ? lock_downgrade+0x6e0/0x6e0 [ 2567.903994][T25449] try_charge_memcg+0xefb/0x12f0 [ 2567.908985][T25449] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2567.915004][T25449] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2567.920818][T25449] ? lock_downgrade+0x6e0/0x6e0 [ 2567.925707][T25449] ? lock_downgrade+0x6e0/0x6e0 [ 2567.930606][T25449] __memcg_kmem_charge_page+0x16e/0x3b0 [ 2567.936203][T25449] memcg_charge_kernel_stack.part.0+0x6c/0x150 [ 2567.942415][T25449] copy_process+0x4e3/0x7520 [ 2567.947055][T25449] ? __lock_acquire+0xbc3/0x56d0 [ 2567.952045][T25449] ? __cleanup_sighand+0xb0/0xb0 [ 2567.957027][T25449] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 2567.963051][T25449] ? psi_memstall_leave+0x174/0x250 [ 2567.968313][T25449] kernel_clone+0xeb/0x990 [ 2567.972775][T25449] ? create_io_thread+0xf0/0xf0 [ 2567.977671][T25449] ? percpu_ref_put_many.constprop.0+0x6a/0x1a0 [ 2567.983963][T25449] ? lock_downgrade+0x6e0/0x6e0 [ 2567.988872][T25449] __do_sys_clone+0xba/0x100 [ 2567.993501][T25449] ? kernel_clone+0x990/0x990 [ 2567.998236][T25449] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2568.004182][T25449] do_syscall_64+0x39/0xb0 [ 2568.008637][T25449] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2568.014561][T25449] RIP: 0033:0x7f909a68d4f1 [ 2568.019006][T25449] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2568.038649][T25449] RSP: 002b:00007ffc6e869e28 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2568.047101][T25449] RAX: ffffffffffffffda RBX: 00007f909b439700 RCX: 00007f909a68d4f1 [ 2568.055102][T25449] RDX: 00007f909b4399d0 RSI: 00007f909b4392f0 RDI: 00000000003d0f00 [ 2568.063098][T25449] RBP: 00007ffc6e86a070 R08: 00007f909b439700 R09: 00007f909b439700 [ 2568.071090][T25449] R10: 00007f909b4399d0 R11: 0000000000000206 R12: 00007ffc6e869ede [ 2568.079087][T25449] R13: 00007ffc6e869edf R14: 00007f909b439300 R15: 0000000000022000 [ 2568.087109][T25449] [ 2568.113149][T25449] memory: usage 307200kB, limit 307200kB, failcnt 73438 [ 2568.122060][T25449] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2568.129494][T25449] Memory cgroup stats for /syz2: [ 2568.129707][T25449] anon 143360 [ 2568.129707][T25449] file 638976 [ 2568.129707][T25449] kernel 313790464 [ 2568.129707][T25449] kernel_stack 65536 [ 2568.129707][T25449] pagetables 81920 [ 2568.129707][T25449] sec_pagetables 0 [ 2568.129707][T25449] percpu 5611040 [ 2568.129707][T25449] sock 0 [ 2568.129707][T25449] vmalloc 0 [ 2568.129707][T25449] shmem 638976 [ 2568.129707][T25449] zswap 0 [ 2568.129707][T25449] zswapped 0 [ 2568.129707][T25449] file_mapped 638976 [ 2568.129707][T25449] file_dirty 0 [ 2568.129707][T25449] file_writeback 0 [ 2568.129707][T25449] swapcached 0 [ 2568.129707][T25449] anon_thp 0 [ 2568.129707][T25449] file_thp 0 [ 2568.129707][T25449] shmem_thp 0 [ 2568.129707][T25449] inactive_anon 376832 [ 2568.129707][T25449] active_anon 405504 [ 2568.129707][T25449] inactive_file 0 [ 2568.129707][T25449] active_file 0 [ 2568.129707][T25449] unevictable 0 [ 2568.129707][T25449] slab_reclaimable 233712 [ 2568.129707][T25449] slab_unreclaimable 307766904 [ 2568.232836][T25449] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=25449,uid=0 [ 2568.256197][T25449] Memory cgroup out of memory: Killed process 25449 (syz-executor.2) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2568.279037][T25465] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2568.317452][T25465] CPU: 0 PID: 25465 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2568.327944][T25465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2568.338027][T25465] Call Trace: [ 2568.341306][T25465] [ 2568.344236][T25465] dump_stack_lvl+0xd1/0x138 [ 2568.348831][T25465] dump_header+0x10b/0x85f [ 2568.353278][T25465] oom_kill_process.cold+0x10/0x15 [ 2568.358402][T25465] out_of_memory+0x35c/0x14a0 [ 2568.363119][T25465] ? oom_killer_disable+0x280/0x280 [ 2568.368378][T25465] ? find_held_lock+0x2d/0x110 [ 2568.373197][T25465] mem_cgroup_out_of_memory+0x206/0x270 [ 2568.378792][T25465] ? mem_cgroup_margin+0x130/0x130 [ 2568.383951][T25465] ? lock_downgrade+0x6e0/0x6e0 [ 2568.388860][T25465] try_charge_memcg+0xefb/0x12f0 [ 2568.393826][T25465] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2568.399822][T25465] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2568.405561][T25465] ? lock_downgrade+0x6e0/0x6e0 [ 2568.410427][T25465] ? lock_downgrade+0x6e0/0x6e0 [ 2568.415409][T25465] obj_cgroup_charge+0x2af/0x5e0 [ 2568.420377][T25465] kmem_cache_alloc_lru+0x145/0x760 [ 2568.425592][T25465] ? sock_alloc_inode+0x27/0x1d0 [ 2568.430564][T25465] sock_alloc_inode+0x27/0x1d0 [ 2568.435348][T25465] ? sock_free_inode+0x30/0x30 [ 2568.440133][T25465] alloc_inode+0x61/0x230 [ 2568.444493][T25465] new_inode_pseudo+0x17/0x80 [ 2568.449199][T25465] sock_alloc+0x40/0x260 [ 2568.453554][T25465] __sock_create+0xbd/0x790 [ 2568.458093][T25465] __sys_socket+0x133/0x250 [ 2568.462629][T25465] ? __sys_socket_file+0x1f0/0x1f0 [ 2568.467778][T25465] __x64_sys_socket+0x73/0xb0 [ 2568.472481][T25465] do_syscall_64+0x39/0xb0 [ 2568.476926][T25465] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2568.482876][T25465] RIP: 0033:0x7ff9f208c0c9 [ 2568.487306][T25465] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2568.506944][T25465] RSP: 002b:00007ff9f2e64168 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 2568.515378][T25465] RAX: ffffffffffffffda RBX: 00007ff9f21abf80 RCX: 00007ff9f208c0c9 [ 2568.523363][T25465] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000010 [ 2568.531345][T25465] RBP: 00007ff9f20e7ae9 R08: 0000000000000000 R09: 0000000000000000 [ 2568.539329][T25465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2568.547311][T25465] R13: 00007fffc68a93ef R14: 00007ff9f2e64300 R15: 0000000000022000 [ 2568.555322][T25465] [ 2568.572528][T25465] memory: usage 307200kB, limit 307200kB, failcnt 35187 [ 2568.581055][T25465] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2568.588389][T25465] Memory cgroup stats for /syz1: [ 2568.588981][T25465] anon 98304 [ 2568.588981][T25465] file 606208 [ 2568.588981][T25465] kernel 313868288 [ 2568.588981][T25465] kernel_stack 65536 [ 2568.588981][T25465] pagetables 77824 [ 2568.588981][T25465] sec_pagetables 0 [ 2568.588981][T25465] percpu 5612352 [ 2568.588981][T25465] sock 0 [ 2568.588981][T25465] vmalloc 0 [ 2568.588981][T25465] shmem 602112 [ 2568.588981][T25465] zswap 0 [ 2568.588981][T25465] zswapped 0 [ 2568.588981][T25465] file_mapped 602112 [ 2568.588981][T25465] file_dirty 4096 [ 2568.588981][T25465] file_writeback 0 [ 2568.588981][T25465] swapcached 0 [ 2568.588981][T25465] anon_thp 0 [ 2568.588981][T25465] file_thp 0 [ 2568.588981][T25465] shmem_thp 0 [ 2568.588981][T25465] inactive_anon 266240 [ 2568.588981][T25465] active_anon 434176 [ 2568.588981][T25465] inactive_file 0 [ 2568.588981][T25465] active_file 4096 [ 2568.588981][T25465] unevictable 0 [ 2568.588981][T25465] slab_reclaimable 217640 [ 2568.588981][T25465] slab_unreclaimable 307859448 [ 2568.685185][T25465] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25464,uid=0 [ 2568.704917][T25465] Memory cgroup out of memory: Killed process 25464 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 [ 2568.724521][T25442] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2568.731857][T25465] socket: no more sockets [ 2568.746265][T25442] CPU: 1 PID: 25442 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2568.756739][T25442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2568.766838][T25442] Call Trace: [ 2568.770143][T25442] [ 2568.773096][T25442] dump_stack_lvl+0xd1/0x138 [ 2568.777734][T25442] dump_header+0x10b/0x85f [ 2568.782204][T25442] oom_kill_process.cold+0x10/0x15 [ 2568.787367][T25442] out_of_memory+0x35c/0x14a0 [ 2568.792105][T25442] ? oom_killer_disable+0x280/0x280 [ 2568.797355][T25442] ? find_held_lock+0x2d/0x110 [ 2568.802171][T25442] mem_cgroup_out_of_memory+0x206/0x270 [ 2568.807773][T25442] ? mem_cgroup_margin+0x130/0x130 [ 2568.812932][T25442] ? lock_downgrade+0x6e0/0x6e0 [ 2568.817842][T25442] try_charge_memcg+0xefb/0x12f0 [ 2568.822826][T25442] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2568.828854][T25442] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2568.834624][T25442] ? lock_downgrade+0x6e0/0x6e0 [ 2568.839533][T25442] ? lock_downgrade+0x6e0/0x6e0 [ 2568.844458][T25442] __memcg_kmem_charge_page+0x16e/0x3b0 [ 2568.850053][T25442] memcg_charge_kernel_stack.part.0+0x6c/0x150 [ 2568.856255][T25442] copy_process+0x4e3/0x7520 [ 2568.860895][T25442] ? __lock_acquire+0xbc3/0x56d0 [ 2568.865883][T25442] ? __cleanup_sighand+0xb0/0xb0 [ 2568.870862][T25442] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 2568.876881][T25442] ? psi_memstall_leave+0x174/0x250 [ 2568.882134][T25442] kernel_clone+0xeb/0x990 [ 2568.886590][T25442] ? create_io_thread+0xf0/0xf0 [ 2568.891479][T25442] ? percpu_ref_put_many.constprop.0+0x6a/0x1a0 [ 2568.897780][T25442] ? lock_downgrade+0x6e0/0x6e0 [ 2568.902682][T25442] __do_sys_clone+0xba/0x100 [ 2568.907313][T25442] ? kernel_clone+0x990/0x990 [ 2568.912078][T25442] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2568.918018][T25442] do_syscall_64+0x39/0xb0 [ 2568.922479][T25442] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2568.928407][T25442] RIP: 0033:0x7f0b7de8d4f1 [ 2568.932850][T25442] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2568.952494][T25442] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2568.960945][T25442] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2568.968950][T25442] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 [ 2568.976954][T25442] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2568.984955][T25442] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2568.992951][T25442] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2569.000976][T25442] [ 2569.007617][T25442] memory: usage 307200kB, limit 307200kB, failcnt 82829 [ 2569.015486][T25442] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2569.022447][T25442] Memory cgroup stats for /syz0: [ 2569.022676][T25442] anon 143360 [ 2569.022676][T25442] file 479232 [ 2569.022676][T25442] kernel 313950208 [ 2569.022676][T25442] kernel_stack 65536 [ 2569.022676][T25442] pagetables 77824 [ 2569.022676][T25442] sec_pagetables 0 [ 2569.022676][T25442] percpu 5614656 [ 2569.022676][T25442] sock 0 [ 2569.022676][T25442] vmalloc 8192 [ 2569.022676][T25442] shmem 479232 [ 2569.022676][T25442] zswap 0 [ 2569.022676][T25442] zswapped 0 [ 2569.022676][T25442] file_mapped 479232 [ 2569.022676][T25442] file_dirty 0 [ 2569.022676][T25442] file_writeback 0 [ 2569.022676][T25442] swapcached 0 [ 2569.022676][T25442] anon_thp 0 [ 2569.022676][T25442] file_thp 0 [ 2569.022676][T25442] shmem_thp 0 [ 2569.022676][T25442] inactive_anon 176128 [ 2569.022676][T25442] active_anon 442368 [ 2569.022676][T25442] inactive_file 0 [ 2569.022676][T25442] active_file 0 [ 2569.022676][T25442] unevictable 0 [ 2569.022676][T25442] slab_reclaimable 22312 [ 2569.022676][T25442] slab_unreclaimable 308126904 09:54:23 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x4e00000000000000}, 0x0) 09:54:23 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={0x0}}, 0x0) 09:54:23 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0xe, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:23 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0x20000) 09:54:23 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xf0ffff) 09:54:23 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0xe000000}, 0x0) [ 2569.120266][T25442] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=25442,uid=0 [ 2569.136082][T25442] Memory cgroup out of memory: Killed process 25442 (syz-executor.0) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:54:23 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x11, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:23 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={0x0}}, 0x0) [ 2569.222712][T25473] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. 09:54:23 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x29, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:23 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, 0x0, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}]}, 0x1c}}, 0x0) [ 2569.333192][T25471] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2569.365725][T25471] CPU: 0 PID: 25471 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2569.376208][T25471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2569.386381][T25471] Call Trace: [ 2569.389696][T25471] [ 2569.392655][T25471] dump_stack_lvl+0xd1/0x138 [ 2569.397393][T25471] dump_header+0x10b/0x85f [ 2569.401871][T25471] oom_kill_process.cold+0x10/0x15 [ 2569.407044][T25471] out_of_memory+0x35c/0x14a0 [ 2569.411784][T25471] ? find_held_lock+0x2d/0x110 [ 2569.416605][T25471] ? oom_killer_disable+0x280/0x280 [ 2569.421872][T25471] ? find_held_lock+0x2d/0x110 [ 2569.426674][T25471] mem_cgroup_out_of_memory+0x206/0x270 [ 2569.432264][T25471] ? mem_cgroup_margin+0x130/0x130 [ 2569.437421][T25471] ? lock_downgrade+0x6e0/0x6e0 [ 2569.442327][T25471] try_charge_memcg+0xefb/0x12f0 [ 2569.447312][T25471] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2569.453343][T25471] ? lock_downgrade+0x6e0/0x6e0 [ 2569.458252][T25471] charge_memcg+0x90/0x3b0 [ 2569.462709][T25471] __mem_cgroup_charge+0x2b/0x90 [ 2569.467692][T25471] do_wp_page+0x7ec/0x3370 [ 2569.472170][T25471] ? lock_release+0x810/0x810 [ 2569.476884][T25471] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2569.482308][T25471] ? do_raw_spin_lock+0x124/0x2b0 [ 2569.487383][T25471] ? rwlock_bug.part.0+0x90/0x90 [ 2569.492363][T25471] ? lock_chain_count+0x20/0x20 [ 2569.497261][T25471] __handle_mm_fault+0x1f58/0x3c90 [ 2569.502426][T25471] ? vm_iomap_memory+0x190/0x190 [ 2569.507446][T25471] handle_mm_fault+0x1b6/0x850 [ 2569.512267][T25471] do_user_addr_fault+0x475/0x1210 [ 2569.517422][T25471] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2569.523027][T25471] exc_page_fault+0x98/0x170 [ 2569.527669][T25471] asm_exc_page_fault+0x26/0x30 [ 2569.532565][T25471] RIP: 0033:0x7ff9f2039570 [ 2569.537007][T25471] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2569.556660][T25471] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2569.562767][T25471] RAX: 000000004717ba0b RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2569.570769][T25471] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 0000000000000022 09:54:23 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, 0x0, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}]}, 0x1c}}, 0x0) 09:54:24 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x38, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2569.578776][T25471] RBP: 000000004717ba0b R08: 0000000000001a0b R09: 000000004717ba0f [ 2569.586780][T25471] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2569.594784][T25471] R13: 0000000000000001 R14: 0000000000000000 R15: ffffffff87bef361 [ 2569.602790][T25471] ? __x64_sys_socket+0x11/0xb0 [ 2569.607723][T25471] [ 2569.659377][T25471] memory: usage 307200kB, limit 307200kB, failcnt 35292 [ 2569.686965][T25471] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2569.694682][T25476] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2569.694786][T25471] Memory cgroup stats for /syz1: [ 2569.705014][T25471] anon 102400 [ 2569.705014][T25471] file 606208 [ 2569.705014][T25471] kernel 313864192 [ 2569.705014][T25471] kernel_stack 65536 [ 2569.705014][T25471] pagetables 73728 [ 2569.705014][T25471] sec_pagetables 0 [ 2569.705014][T25471] percpu 5612352 [ 2569.705014][T25471] sock 0 [ 2569.705014][T25471] vmalloc 0 [ 2569.705014][T25471] shmem 602112 [ 2569.705014][T25471] zswap 0 [ 2569.705014][T25471] zswapped 0 [ 2569.705014][T25471] file_mapped 602112 [ 2569.705014][T25471] file_dirty 4096 [ 2569.705014][T25471] file_writeback 0 [ 2569.705014][T25471] swapcached 0 [ 2569.705014][T25471] anon_thp 0 [ 2569.705014][T25471] file_thp 0 [ 2569.705014][T25471] shmem_thp 0 [ 2569.705014][T25471] inactive_anon 270336 [ 2569.705014][T25471] active_anon 434176 [ 2569.705014][T25471] inactive_file 0 [ 2569.705014][T25471] active_file 4096 [ 2569.705014][T25471] unevictable 0 [ 2569.705014][T25471] slab_reclaimable 219568 [ 2569.705014][T25471] slab_unreclaimable 307860096 [ 2569.773740][T25483] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2569.831291][T25471] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25471,uid=0 [ 2569.847302][T25471] Memory cgroup out of memory: Killed process 25471 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2569.865341][T25469] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2569.878957][T25469] CPU: 0 PID: 25469 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2569.889432][T25469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2569.899518][T25469] Call Trace: [ 2569.902824][T25469] [ 2569.905778][T25469] dump_stack_lvl+0xd1/0x138 [ 2569.910425][T25469] dump_header+0x10b/0x85f [ 2569.914891][T25469] oom_kill_process.cold+0x10/0x15 [ 2569.920070][T25469] out_of_memory+0x35c/0x14a0 [ 2569.924816][T25469] ? oom_killer_disable+0x280/0x280 [ 2569.930078][T25469] ? find_held_lock+0x2d/0x110 [ 2569.934903][T25469] mem_cgroup_out_of_memory+0x206/0x270 [ 2569.940507][T25469] ? mem_cgroup_margin+0x130/0x130 [ 2569.945674][T25469] ? lock_downgrade+0x6e0/0x6e0 [ 2569.950580][T25469] try_charge_memcg+0xefb/0x12f0 [ 2569.955575][T25469] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2569.961600][T25469] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2569.967379][T25469] ? lock_downgrade+0x6e0/0x6e0 [ 2569.972297][T25469] obj_cgroup_charge+0x2af/0x5e0 [ 2569.977270][T25469] ? vm_area_dup+0x7d/0x380 [ 2569.981790][T25469] kmem_cache_alloc+0xb5/0x430 [ 2569.986599][T25469] vm_area_dup+0x7d/0x380 [ 2569.990978][T25469] ? mt_slot+0xa1/0x170 [ 2569.995247][T25469] ? mas_next_nentry+0x610/0xab0 [ 2570.000246][T25469] ? mas_next_node+0x547/0xa00 [ 2570.005068][T25469] ? mas_find+0x211/0xd10 [ 2570.009427][T25469] ? vm_area_alloc+0x100/0x100 [ 2570.014199][T25469] ? validate_mm_mt+0x149/0x1b0 [ 2570.019075][T25469] ? remove_vma+0x130/0x130 [ 2570.023584][T25469] ? can_vma_merge_before+0x390/0x390 [ 2570.028985][T25469] __split_vma+0xae/0x5e0 [ 2570.033347][T25469] ? vma_merge+0x2cf/0x870 [ 2570.037816][T25469] split_vma+0xa3/0xe0 [ 2570.041926][T25469] mprotect_fixup+0x686/0x960 [ 2570.046655][T25469] ? mas_find+0x211/0xd10 [ 2570.051024][T25469] ? change_protection+0x3b30/0x3b30 [ 2570.056363][T25469] do_mprotect_pkey+0x6fd/0xa70 [ 2570.061260][T25469] ? mprotect_fixup+0x960/0x960 [ 2570.066142][T25469] ? up_write+0x1b0/0x520 [ 2570.070530][T25469] __x64_sys_mprotect+0x78/0xb0 [ 2570.075385][T25469] do_syscall_64+0x39/0xb0 [ 2570.079821][T25469] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2570.085751][T25469] RIP: 0033:0x7f909a68c1d7 [ 2570.090194][T25469] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2570.109840][T25469] RSP: 002b:00007ffc6e869e78 EFLAGS: 00000206 ORIG_RAX: 000000000000000a [ 2570.118283][T25469] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f909a68c1d7 [ 2570.126252][T25469] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f909b41a000 [ 2570.134237][T25469] RBP: 00007ffc6e869f50 R08: 00000000ffffffff R09: 00007f909b439700 [ 2570.142243][T25469] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffc6e86a070 [ 2570.150247][T25469] R13: 00007f909b439700 R14: 0000000000000000 R15: 0000000000022000 [ 2570.158271][T25469] [ 2570.163727][T25469] memory: usage 307200kB, limit 307200kB, failcnt 73544 [ 2570.171260][T25469] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2570.178322][T25469] Memory cgroup stats for /syz2: [ 2570.178560][T25469] anon 139264 [ 2570.178560][T25469] file 638976 [ 2570.178560][T25469] kernel 313794560 [ 2570.178560][T25469] kernel_stack 65536 [ 2570.178560][T25469] pagetables 81920 [ 2570.178560][T25469] sec_pagetables 0 [ 2570.178560][T25469] percpu 5611104 [ 2570.178560][T25469] sock 0 [ 2570.178560][T25469] vmalloc 0 [ 2570.178560][T25469] shmem 638976 [ 2570.178560][T25469] zswap 0 [ 2570.178560][T25469] zswapped 0 [ 2570.178560][T25469] file_mapped 638976 [ 2570.178560][T25469] file_dirty 0 [ 2570.178560][T25469] file_writeback 0 [ 2570.178560][T25469] swapcached 0 [ 2570.178560][T25469] anon_thp 0 [ 2570.178560][T25469] file_thp 0 [ 2570.178560][T25469] shmem_thp 0 [ 2570.178560][T25469] inactive_anon 372736 [ 2570.178560][T25469] active_anon 405504 [ 2570.178560][T25469] inactive_file 0 [ 2570.178560][T25469] active_file 0 [ 2570.178560][T25469] unevictable 0 [ 2570.178560][T25469] slab_reclaimable 233712 [ 2570.178560][T25469] slab_unreclaimable 307770328 [ 2570.280354][T25469] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=25469,uid=0 [ 2570.296369][T25469] Memory cgroup out of memory: Killed process 25469 (syz-executor.2) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2570.315129][T25480] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000 [ 2570.332631][T25480] CPU: 1 PID: 25480 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2570.343094][T25480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2570.353174][T25480] Call Trace: [ 2570.356461][T25480] [ 2570.359402][T25480] dump_stack_lvl+0xd1/0x138 [ 2570.364063][T25480] dump_header+0x10b/0x85f [ 2570.368520][T25480] oom_kill_process.cold+0x10/0x15 [ 2570.373674][T25480] out_of_memory+0x35c/0x14a0 [ 2570.378392][T25480] ? oom_killer_disable+0x280/0x280 [ 2570.383624][T25480] ? find_held_lock+0x2d/0x110 [ 2570.388421][T25480] mem_cgroup_out_of_memory+0x206/0x270 [ 2570.394001][T25480] ? mem_cgroup_margin+0x130/0x130 [ 2570.399141][T25480] ? lock_downgrade+0x6e0/0x6e0 [ 2570.404115][T25480] try_charge_memcg+0xefb/0x12f0 [ 2570.409082][T25480] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2570.415089][T25480] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2570.420839][T25480] ? lock_downgrade+0x6e0/0x6e0 [ 2570.425710][T25480] ? lock_downgrade+0x6e0/0x6e0 [ 2570.430575][T25480] ? rcu_read_unlock+0x9/0x60 [ 2570.435289][T25480] obj_cgroup_charge+0x2af/0x5e0 [ 2570.440254][T25480] ? copy_process+0x3aa/0x7520 [ 2570.445039][T25480] kmem_cache_alloc_node+0xb7/0x460 [ 2570.450263][T25480] copy_process+0x3aa/0x7520 [ 2570.454882][T25480] ? find_held_lock+0x2d/0x110 [ 2570.459688][T25480] ? __cleanup_sighand+0xb0/0xb0 [ 2570.464643][T25480] ? lock_downgrade+0x6e0/0x6e0 [ 2570.469505][T25480] ? folio_flags.constprop.0+0x53/0x150 [ 2570.475081][T25480] ? folio_add_lru+0x37b/0x680 [ 2570.479872][T25480] kernel_clone+0xeb/0x990 [ 2570.484312][T25480] ? create_io_thread+0xf0/0xf0 [ 2570.489191][T25480] ? find_held_lock+0x2d/0x110 [ 2570.493995][T25480] __do_sys_clone+0xba/0x100 [ 2570.498607][T25480] ? kernel_clone+0x990/0x990 [ 2570.503324][T25480] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2570.509244][T25480] do_syscall_64+0x39/0xb0 [ 2570.513687][T25480] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2570.519598][T25480] RIP: 0033:0x7f0b7de8d4f1 [ 2570.524026][T25480] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2570.543657][T25480] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2570.552092][T25480] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2570.560083][T25480] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 [ 2570.568072][T25480] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2570.576054][T25480] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2570.584042][T25480] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2570.592050][T25480] [ 2570.614932][T25480] memory: usage 307200kB, limit 307200kB, failcnt 82977 [ 2570.622192][T25480] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2570.630181][T25480] Memory cgroup stats for /syz0: [ 2570.630418][T25480] anon 143360 [ 2570.630418][T25480] file 479232 [ 2570.630418][T25480] kernel 313950208 [ 2570.630418][T25480] kernel_stack 65536 [ 2570.630418][T25480] pagetables 77824 [ 2570.630418][T25480] sec_pagetables 0 [ 2570.630418][T25480] percpu 5614656 [ 2570.630418][T25480] sock 0 [ 2570.630418][T25480] vmalloc 8192 [ 2570.630418][T25480] shmem 479232 [ 2570.630418][T25480] zswap 0 [ 2570.630418][T25480] zswapped 0 [ 2570.630418][T25480] file_mapped 479232 [ 2570.630418][T25480] file_dirty 0 [ 2570.630418][T25480] file_writeback 0 [ 2570.630418][T25480] swapcached 0 [ 2570.630418][T25480] anon_thp 0 [ 2570.630418][T25480] file_thp 0 [ 2570.630418][T25480] shmem_thp 0 [ 2570.630418][T25480] inactive_anon 180224 [ 2570.630418][T25480] active_anon 442368 [ 2570.630418][T25480] inactive_file 0 [ 2570.630418][T25480] active_file 0 [ 2570.630418][T25480] unevictable 0 [ 2570.630418][T25480] slab_reclaimable 28096 [ 2570.630418][T25480] slab_unreclaimable 308121352 [ 2570.732755][T25480] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=25480,uid=0 [ 2570.748843][T25480] Memory cgroup out of memory: Killed process 25480 (syz-executor.0) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:54:25 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x4e88ffff00000000}, 0x0) 09:54:25 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, 0x0, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}]}, 0x1c}}, 0x0) 09:54:25 executing program 4: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3, 0xe}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:25 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x5c, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:25 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x10000000}, 0x0) 09:54:25 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0x1000000) 09:54:25 executing program 4: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3, 0xe}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:25 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0xc8, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:25 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x0, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) [ 2570.912762][T25501] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2570.946989][T25495] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2570.966592][T25495] CPU: 1 PID: 25495 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2570.977069][T25495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2570.987162][T25495] Call Trace: [ 2570.990465][T25495] [ 2570.993416][T25495] dump_stack_lvl+0xd1/0x138 [ 2570.998036][T25495] dump_header+0x10b/0x85f [ 2571.002488][T25495] oom_kill_process.cold+0x10/0x15 [ 2571.007632][T25495] out_of_memory+0x35c/0x14a0 [ 2571.012349][T25495] ? find_held_lock+0x2d/0x110 [ 2571.017144][T25495] ? oom_killer_disable+0x280/0x280 [ 2571.022379][T25495] ? find_held_lock+0x2d/0x110 [ 2571.027172][T25495] mem_cgroup_out_of_memory+0x206/0x270 [ 2571.032750][T25495] ? mem_cgroup_margin+0x130/0x130 [ 2571.037889][T25495] ? lock_downgrade+0x6e0/0x6e0 [ 2571.042773][T25495] try_charge_memcg+0xefb/0x12f0 [ 2571.047745][T25495] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2571.053752][T25495] ? lock_downgrade+0x6e0/0x6e0 [ 2571.058640][T25495] charge_memcg+0x90/0x3b0 [ 2571.063091][T25495] __mem_cgroup_charge+0x2b/0x90 [ 2571.068053][T25495] do_wp_page+0x7ec/0x3370 [ 2571.072506][T25495] ? lock_release+0x810/0x810 [ 2571.077201][T25495] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2571.082603][T25495] ? do_raw_spin_lock+0x124/0x2b0 [ 2571.087648][T25495] ? rwlock_bug.part.0+0x90/0x90 [ 2571.092609][T25495] ? lock_chain_count+0x20/0x20 [ 2571.097484][T25495] __handle_mm_fault+0x1f58/0x3c90 [ 2571.102629][T25495] ? vm_iomap_memory+0x190/0x190 [ 2571.107632][T25495] handle_mm_fault+0x1b6/0x850 [ 2571.112436][T25495] do_user_addr_fault+0x475/0x1210 [ 2571.117576][T25495] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2571.123156][T25495] exc_page_fault+0x98/0x170 [ 2571.127769][T25495] asm_exc_page_fault+0x26/0x30 [ 2571.132636][T25495] RIP: 0033:0x7ff9f2039570 [ 2571.137067][T25495] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2571.156709][T25495] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 09:54:25 executing program 4: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3, 0xe}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:25 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0xe0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2571.162799][T25495] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2571.170787][T25495] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2571.178789][T25495] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2571.186781][T25495] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2571.194769][T25495] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2571.202761][T25495] ? __sock_create+0x2c/0x790 [ 2571.207490][T25495] 09:54:25 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x0, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) [ 2571.263406][T25495] memory: usage 307200kB, limit 307200kB, failcnt 35352 [ 2571.279125][T25495] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2571.286038][T25495] Memory cgroup stats for /syz1: [ 2571.286256][T25495] anon 114688 [ 2571.286256][T25495] file 606208 [ 2571.286256][T25495] kernel 313851904 [ 2571.286256][T25495] kernel_stack 65536 [ 2571.286256][T25495] pagetables 73728 [ 2571.286256][T25495] sec_pagetables 0 [ 2571.286256][T25495] percpu 5612288 [ 2571.286256][T25495] sock 0 [ 2571.286256][T25495] vmalloc 0 [ 2571.286256][T25495] shmem 602112 [ 2571.286256][T25495] zswap 0 [ 2571.286256][T25495] zswapped 0 [ 2571.286256][T25495] file_mapped 602112 [ 2571.286256][T25495] file_dirty 4096 [ 2571.286256][T25495] file_writeback 0 [ 2571.286256][T25495] swapcached 0 [ 2571.286256][T25495] anon_thp 0 [ 2571.286256][T25495] file_thp 0 [ 2571.286256][T25495] shmem_thp 0 [ 2571.286256][T25495] inactive_anon 282624 [ 2571.286256][T25495] active_anon 434176 [ 2571.286256][T25495] inactive_file 0 [ 2571.286256][T25495] active_file 4096 [ 2571.286256][T25495] unevictable 0 [ 2571.286256][T25495] slab_reclaimable 219568 [ 2571.286256][T25495] slab_unreclaimable 307848312 [ 2571.399535][T25495] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25495,uid=0 [ 2571.423482][T25495] Memory cgroup out of memory: Killed process 25495 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2571.443711][T25496] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2571.461792][T25496] CPU: 1 PID: 25496 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2571.472274][T25496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2571.482360][T25496] Call Trace: [ 2571.485657][T25496] [ 2571.488610][T25496] dump_stack_lvl+0xd1/0x138 [ 2571.493238][T25496] dump_header+0x10b/0x85f [ 2571.497707][T25496] oom_kill_process.cold+0x10/0x15 [ 2571.502870][T25496] out_of_memory+0x35c/0x14a0 [ 2571.507608][T25496] ? oom_killer_disable+0x280/0x280 [ 2571.512859][T25496] ? find_held_lock+0x2d/0x110 [ 2571.517671][T25496] mem_cgroup_out_of_memory+0x206/0x270 [ 2571.523262][T25496] ? mem_cgroup_margin+0x130/0x130 [ 2571.528419][T25496] ? lock_downgrade+0x6e0/0x6e0 [ 2571.533332][T25496] try_charge_memcg+0xefb/0x12f0 [ 2571.538326][T25496] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2571.544347][T25496] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2571.550122][T25496] ? lock_downgrade+0x6e0/0x6e0 [ 2571.555029][T25496] obj_cgroup_charge+0x2af/0x5e0 [ 2571.560009][T25496] ? vm_area_dup+0x7d/0x380 [ 2571.564544][T25496] kmem_cache_alloc+0xb5/0x430 [ 2571.569348][T25496] vm_area_dup+0x7d/0x380 [ 2571.573719][T25496] ? mt_slot+0xa1/0x170 [ 2571.577921][T25496] ? mas_next_nentry+0x610/0xab0 [ 2571.582905][T25496] ? mas_next_node+0x547/0xa00 [ 2571.587714][T25496] ? mas_find+0x211/0xd10 [ 2571.592094][T25496] ? vm_area_alloc+0x100/0x100 [ 2571.596895][T25496] ? validate_mm_mt+0x149/0x1b0 [ 2571.601784][T25496] ? remove_vma+0x130/0x130 [ 2571.606326][T25496] ? can_vma_merge_before+0x390/0x390 [ 2571.611739][T25496] __split_vma+0xae/0x5e0 [ 2571.616095][T25496] ? vma_merge+0x2cf/0x870 [ 2571.620548][T25496] split_vma+0xa3/0xe0 [ 2571.624653][T25496] mprotect_fixup+0x686/0x960 [ 2571.629375][T25496] ? mas_find+0x211/0xd10 [ 2571.633738][T25496] ? change_protection+0x3b30/0x3b30 [ 2571.639078][T25496] do_mprotect_pkey+0x6fd/0xa70 [ 2571.643975][T25496] ? mprotect_fixup+0x960/0x960 [ 2571.648870][T25496] ? up_write+0x1b0/0x520 [ 2571.653309][T25496] __x64_sys_mprotect+0x78/0xb0 [ 2571.658208][T25496] do_syscall_64+0x39/0xb0 [ 2571.662673][T25496] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2571.668604][T25496] RIP: 0033:0x7f909a68c1d7 [ 2571.673045][T25496] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2571.692698][T25496] RSP: 002b:00007ffc6e869e78 EFLAGS: 00000206 ORIG_RAX: 000000000000000a [ 2571.701161][T25496] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f909a68c1d7 [ 2571.709170][T25496] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f909b41a000 [ 2571.717256][T25496] RBP: 00007ffc6e869f50 R08: 00000000ffffffff R09: 00007f909b439700 [ 2571.725260][T25496] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffc6e86a070 [ 2571.733256][T25496] R13: 00007f909b439700 R14: 0000000000000000 R15: 0000000000022000 [ 2571.741283][T25496] [ 2571.756504][T25496] memory: usage 307200kB, limit 307200kB, failcnt 73643 [ 2571.763717][T25496] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2571.771269][T25496] Memory cgroup stats for /syz2: [ 2571.771517][T25496] anon 139264 [ 2571.771517][T25496] file 638976 [ 2571.771517][T25496] kernel 313794560 [ 2571.771517][T25496] kernel_stack 65536 [ 2571.771517][T25496] pagetables 81920 [ 2571.771517][T25496] sec_pagetables 0 [ 2571.771517][T25496] percpu 5611104 [ 2571.771517][T25496] sock 0 [ 2571.771517][T25496] vmalloc 0 [ 2571.771517][T25496] shmem 638976 [ 2571.771517][T25496] zswap 0 [ 2571.771517][T25496] zswapped 0 [ 2571.771517][T25496] file_mapped 638976 [ 2571.771517][T25496] file_dirty 0 [ 2571.771517][T25496] file_writeback 0 [ 2571.771517][T25496] swapcached 0 [ 2571.771517][T25496] anon_thp 0 [ 2571.771517][T25496] file_thp 0 [ 2571.771517][T25496] shmem_thp 0 [ 2571.771517][T25496] inactive_anon 372736 [ 2571.771517][T25496] active_anon 405504 [ 2571.771517][T25496] inactive_file 0 [ 2571.771517][T25496] active_file 0 [ 2571.771517][T25496] unevictable 0 [ 2571.771517][T25496] slab_reclaimable 233712 [ 2571.771517][T25496] slab_unreclaimable 307770328 [ 2571.870224][T25496] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=25496,uid=0 [ 2571.887264][T25496] Memory cgroup out of memory: Killed process 25496 (syz-executor.2) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2571.905235][T25503] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000 [ 2571.921786][T25503] CPU: 0 PID: 25503 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2571.932261][T25503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2571.942348][T25503] Call Trace: [ 2571.945649][T25503] [ 2571.948591][T25503] dump_stack_lvl+0xd1/0x138 [ 2571.953202][T25503] dump_header+0x10b/0x85f [ 2571.957623][T25503] oom_kill_process.cold+0x10/0x15 [ 2571.962736][T25503] out_of_memory+0x35c/0x14a0 [ 2571.967508][T25503] ? oom_killer_disable+0x280/0x280 [ 2571.972730][T25503] ? find_held_lock+0x2d/0x110 [ 2571.977551][T25503] mem_cgroup_out_of_memory+0x206/0x270 [ 2571.983152][T25503] ? mem_cgroup_margin+0x130/0x130 [ 2571.988308][T25503] ? lock_downgrade+0x6e0/0x6e0 [ 2571.993207][T25503] try_charge_memcg+0xe89/0x12f0 [ 2571.998173][T25503] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2572.004147][T25503] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2572.009868][T25503] ? lock_downgrade+0x6e0/0x6e0 [ 2572.014713][T25503] ? lock_downgrade+0x6e0/0x6e0 [ 2572.019574][T25503] ? rcu_read_unlock+0x9/0x60 [ 2572.024307][T25503] obj_cgroup_charge+0x2af/0x5e0 [ 2572.029282][T25503] ? copy_process+0x3aa/0x7520 [ 2572.034068][T25503] kmem_cache_alloc_node+0xb7/0x460 [ 2572.039297][T25503] copy_process+0x3aa/0x7520 [ 2572.043919][T25503] ? find_held_lock+0x2d/0x110 [ 2572.048725][T25503] ? __cleanup_sighand+0xb0/0xb0 [ 2572.053689][T25503] ? lock_downgrade+0x6e0/0x6e0 [ 2572.058556][T25503] ? folio_flags.constprop.0+0x53/0x150 [ 2572.064130][T25503] ? folio_add_lru+0x37b/0x680 [ 2572.068951][T25503] kernel_clone+0xeb/0x990 [ 2572.073406][T25503] ? create_io_thread+0xf0/0xf0 [ 2572.078299][T25503] ? find_held_lock+0x2d/0x110 [ 2572.083120][T25503] __do_sys_clone+0xba/0x100 [ 2572.087756][T25503] ? kernel_clone+0x990/0x990 [ 2572.092482][T25503] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2572.098420][T25503] do_syscall_64+0x39/0xb0 [ 2572.102875][T25503] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2572.108794][T25503] RIP: 0033:0x7f0b7de8d4f1 [ 2572.113227][T25503] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2572.132850][T25503] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2572.141281][T25503] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2572.149267][T25503] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 [ 2572.157249][T25503] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2572.165320][T25503] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2572.173324][T25503] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2572.181338][T25503] [ 2572.192781][T25503] memory: usage 307196kB, limit 307200kB, failcnt 83140 [ 2572.199843][T25503] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2572.206715][T25503] Memory cgroup stats for /syz0: [ 2572.206923][T25503] anon 143360 [ 2572.206923][T25503] file 479232 [ 2572.206923][T25503] kernel 313946112 [ 2572.206923][T25503] kernel_stack 65536 [ 2572.206923][T25503] pagetables 77824 [ 2572.206923][T25503] sec_pagetables 0 [ 2572.206923][T25503] percpu 5614656 [ 2572.206923][T25503] sock 0 [ 2572.206923][T25503] vmalloc 8192 [ 2572.206923][T25503] shmem 479232 [ 2572.206923][T25503] zswap 0 [ 2572.206923][T25503] zswapped 0 [ 2572.206923][T25503] file_mapped 479232 [ 2572.206923][T25503] file_dirty 0 [ 2572.206923][T25503] file_writeback 0 [ 2572.206923][T25503] swapcached 0 [ 2572.206923][T25503] anon_thp 0 [ 2572.206923][T25503] file_thp 0 [ 2572.206923][T25503] shmem_thp 0 [ 2572.206923][T25503] inactive_anon 180224 [ 2572.206923][T25503] active_anon 442368 [ 2572.206923][T25503] inactive_file 0 [ 2572.206923][T25503] active_file 0 [ 2572.206923][T25503] unevictable 0 [ 2572.206923][T25503] slab_reclaimable 26168 [ 2572.206923][T25503] slab_unreclaimable 308120704 [ 2572.306755][T25503] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=25503,uid=0 09:54:26 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x5400000000000000}, 0x0) 09:54:26 executing program 4: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3, 0x6}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:26 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x0, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:54:26 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x1f4, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2572.323673][T25503] Memory cgroup out of memory: Killed process 25503 (syz-executor.0) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:54:26 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x10020000}, 0x0) 09:54:26 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0x2000000) 09:54:26 executing program 4: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3, 0x6}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:26 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x14, r1, 0x309}, 0x14}}, 0x0) 09:54:26 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x300, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2572.483912][T25521] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. 09:54:26 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x14, r1, 0x309}, 0x14}}, 0x0) 09:54:26 executing program 4: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3, 0x6}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2572.525786][T25523] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2572.563906][T25523] CPU: 0 PID: 25523 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2572.574402][T25523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2572.584496][T25523] Call Trace: [ 2572.587803][T25523] [ 2572.590765][T25523] dump_stack_lvl+0xd1/0x138 [ 2572.595412][T25523] dump_header+0x10b/0x85f [ 2572.599891][T25523] oom_kill_process.cold+0x10/0x15 [ 2572.605064][T25523] out_of_memory+0x35c/0x14a0 [ 2572.609813][T25523] ? find_held_lock+0x2d/0x110 [ 2572.614640][T25523] ? oom_killer_disable+0x280/0x280 [ 2572.619900][T25523] ? find_held_lock+0x2d/0x110 [ 2572.624718][T25523] mem_cgroup_out_of_memory+0x206/0x270 [ 2572.630300][T25523] ? mem_cgroup_margin+0x130/0x130 [ 2572.635441][T25523] ? lock_downgrade+0x6e0/0x6e0 [ 2572.640326][T25523] try_charge_memcg+0xefb/0x12f0 [ 2572.645290][T25523] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2572.651297][T25523] ? lock_downgrade+0x6e0/0x6e0 [ 2572.656181][T25523] charge_memcg+0x90/0x3b0 [ 2572.660620][T25523] __mem_cgroup_charge+0x2b/0x90 [ 2572.665580][T25523] do_wp_page+0x7ec/0x3370 [ 2572.670042][T25523] ? lock_release+0x810/0x810 [ 2572.674762][T25523] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2572.680190][T25523] ? do_raw_spin_lock+0x124/0x2b0 [ 2572.685249][T25523] ? rwlock_bug.part.0+0x90/0x90 [ 2572.690216][T25523] ? lock_chain_count+0x20/0x20 [ 2572.695097][T25523] __handle_mm_fault+0x1f58/0x3c90 [ 2572.700252][T25523] ? vm_iomap_memory+0x190/0x190 [ 2572.705268][T25523] handle_mm_fault+0x1b6/0x850 [ 2572.710339][T25523] do_user_addr_fault+0x475/0x1210 [ 2572.715486][T25523] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2572.721166][T25523] exc_page_fault+0x98/0x170 [ 2572.725787][T25523] asm_exc_page_fault+0x26/0x30 [ 2572.730662][T25523] RIP: 0033:0x7ff9f2039570 [ 2572.735090][T25523] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2572.754715][T25523] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2572.760799][T25523] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2572.768781][T25523] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 09:54:27 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) [ 2572.776765][T25523] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2572.784749][T25523] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2572.792730][T25523] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2572.800731][T25523] ? __sock_create+0x2c/0x790 [ 2572.805483][T25523] [ 2572.871267][T25523] memory: usage 307200kB, limit 307200kB, failcnt 35420 [ 2572.871888][T25533] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2572.884721][T25523] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2572.895883][T25523] Memory cgroup stats for /syz1: [ 2572.896144][T25523] anon 114688 [ 2572.896144][T25523] file 606208 [ 2572.896144][T25523] kernel 313851904 [ 2572.896144][T25523] kernel_stack 65536 [ 2572.896144][T25523] pagetables 73728 [ 2572.896144][T25523] sec_pagetables 0 [ 2572.896144][T25523] percpu 5612288 [ 2572.896144][T25523] sock 0 [ 2572.896144][T25523] vmalloc 0 [ 2572.896144][T25523] shmem 602112 [ 2572.896144][T25523] zswap 0 [ 2572.896144][T25523] zswapped 0 [ 2572.896144][T25523] file_mapped 602112 [ 2572.896144][T25523] file_dirty 0 [ 2572.896144][T25523] file_writeback 0 [ 2572.896144][T25523] swapcached 0 [ 2572.896144][T25523] anon_thp 0 [ 2572.896144][T25523] file_thp 0 [ 2572.896144][T25523] shmem_thp 0 [ 2572.896144][T25523] inactive_anon 282624 [ 2572.896144][T25523] active_anon 434176 09:54:27 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x5a02000000000000}, 0x0) 09:54:27 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x14, r1, 0x309}, 0x14}}, 0x0) 09:54:27 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x3e8, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:27 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xfa02) [ 2572.896144][T25523] inactive_file 0 [ 2572.896144][T25523] active_file 4096 [ 2572.896144][T25523] unevictable 0 [ 2572.896144][T25523] slab_reclaimable 219568 [ 2572.896144][T25523] slab_unreclaimable 307848312 [ 2573.023015][T25546] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2573.089536][T25548] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2573.089550][T25523] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25523,uid=0 [ 2573.133028][T25523] Memory cgroup out of memory: Killed process 25523 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 09:54:27 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x14000000}, 0x0) [ 2573.185704][T25520] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2573.197841][T25520] CPU: 0 PID: 25520 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2573.208314][T25520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2573.218407][T25520] Call Trace: [ 2573.221724][T25520] [ 2573.224680][T25520] dump_stack_lvl+0xd1/0x138 [ 2573.229321][T25520] dump_header+0x10b/0x85f [ 2573.233792][T25520] oom_kill_process.cold+0x10/0x15 [ 2573.238965][T25520] out_of_memory+0x35c/0x14a0 [ 2573.243728][T25520] ? oom_killer_disable+0x280/0x280 [ 2573.248997][T25520] ? find_held_lock+0x2d/0x110 [ 2573.253819][T25520] mem_cgroup_out_of_memory+0x206/0x270 [ 2573.259402][T25520] ? mem_cgroup_margin+0x130/0x130 [ 2573.264540][T25520] ? lock_downgrade+0x6e0/0x6e0 [ 2573.269426][T25520] try_charge_memcg+0xefb/0x12f0 [ 2573.274389][T25520] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2573.280392][T25520] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2573.286141][T25520] ? lock_downgrade+0x6e0/0x6e0 [ 2573.291031][T25520] obj_cgroup_charge+0x2af/0x5e0 [ 2573.296000][T25520] ? vm_area_dup+0x7d/0x380 [ 2573.300524][T25520] kmem_cache_alloc+0xb5/0x430 [ 2573.305312][T25520] vm_area_dup+0x7d/0x380 [ 2573.309661][T25520] ? mt_slot+0xa1/0x170 [ 2573.313848][T25520] ? mas_next_nentry+0x610/0xab0 [ 2573.318819][T25520] ? mas_next_node+0x547/0xa00 [ 2573.323614][T25520] ? mas_find+0x211/0xd10 [ 2573.327969][T25520] ? vm_area_alloc+0x100/0x100 [ 2573.332752][T25520] ? validate_mm_mt+0x149/0x1b0 [ 2573.337624][T25520] ? remove_vma+0x130/0x130 [ 2573.342150][T25520] ? can_vma_merge_before+0x390/0x390 [ 2573.347551][T25520] __split_vma+0xae/0x5e0 [ 2573.351909][T25520] ? vma_merge+0x2cf/0x870 [ 2573.356349][T25520] split_vma+0xa3/0xe0 [ 2573.360442][T25520] mprotect_fixup+0x686/0x960 [ 2573.365149][T25520] ? mas_find+0x211/0xd10 [ 2573.369492][T25520] ? change_protection+0x3b30/0x3b30 [ 2573.374814][T25520] do_mprotect_pkey+0x6fd/0xa70 [ 2573.380052][T25520] ? mprotect_fixup+0x960/0x960 [ 2573.384923][T25520] ? up_write+0x1b0/0x520 [ 2573.389320][T25520] __x64_sys_mprotect+0x78/0xb0 [ 2573.394192][T25520] do_syscall_64+0x39/0xb0 [ 2573.398639][T25520] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2573.404554][T25520] RIP: 0033:0x7f909a68c1d7 [ 2573.408985][T25520] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2573.428609][T25520] RSP: 002b:00007ffc6e869e78 EFLAGS: 00000206 ORIG_RAX: 000000000000000a [ 2573.437047][T25520] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f909a68c1d7 [ 2573.445029][T25520] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f909b41a000 [ 2573.453012][T25520] RBP: 00007ffc6e869f50 R08: 00000000ffffffff R09: 00007f909b439700 [ 2573.461002][T25520] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffc6e86a070 [ 2573.468991][T25520] R13: 00007f909b439700 R14: 0000000000000000 R15: 0000000000022000 [ 2573.476993][T25520] [ 2573.505545][T25520] memory: usage 307200kB, limit 307200kB, failcnt 73729 [ 2573.527096][T25520] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2573.534919][T25520] Memory cgroup stats for /syz2: [ 2573.535136][T25520] anon 139264 [ 2573.535136][T25520] file 638976 [ 2573.535136][T25520] kernel 313794560 [ 2573.535136][T25520] kernel_stack 65536 [ 2573.535136][T25520] pagetables 81920 [ 2573.535136][T25520] sec_pagetables 0 [ 2573.535136][T25520] percpu 5611104 [ 2573.535136][T25520] sock 0 [ 2573.535136][T25520] vmalloc 0 [ 2573.535136][T25520] shmem 638976 [ 2573.535136][T25520] zswap 0 [ 2573.535136][T25520] zswapped 0 [ 2573.535136][T25520] file_mapped 638976 [ 2573.535136][T25520] file_dirty 0 [ 2573.535136][T25520] file_writeback 0 [ 2573.535136][T25520] swapcached 0 [ 2573.535136][T25520] anon_thp 0 [ 2573.535136][T25520] file_thp 0 [ 2573.535136][T25520] shmem_thp 0 [ 2573.535136][T25520] inactive_anon 372736 [ 2573.535136][T25520] active_anon 405504 [ 2573.535136][T25520] inactive_file 0 [ 2573.535136][T25520] active_file 0 [ 2573.535136][T25520] unevictable 0 [ 2573.535136][T25520] slab_reclaimable 233712 [ 2573.535136][T25520] slab_unreclaimable 307770328 [ 2573.632864][T25520] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=25520,uid=0 [ 2573.649553][T25520] Memory cgroup out of memory: Killed process 25520 (syz-executor.2) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2573.667959][T25545] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000 [ 2573.688406][T25545] CPU: 0 PID: 25545 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2573.698883][T25545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2573.708994][T25545] Call Trace: [ 2573.712301][T25545] [ 2573.715255][T25545] dump_stack_lvl+0xd1/0x138 [ 2573.719897][T25545] dump_header+0x10b/0x85f [ 2573.724375][T25545] oom_kill_process.cold+0x10/0x15 [ 2573.729549][T25545] out_of_memory+0x35c/0x14a0 [ 2573.734294][T25545] ? oom_killer_disable+0x280/0x280 [ 2573.739555][T25545] ? find_held_lock+0x2d/0x110 [ 2573.744378][T25545] mem_cgroup_out_of_memory+0x206/0x270 [ 2573.749980][T25545] ? mem_cgroup_margin+0x130/0x130 [ 2573.755145][T25545] ? lock_downgrade+0x6e0/0x6e0 [ 2573.760058][T25545] try_charge_memcg+0xefb/0x12f0 [ 2573.765045][T25545] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2573.771066][T25545] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2573.776857][T25545] ? lock_downgrade+0x6e0/0x6e0 [ 2573.781752][T25545] ? lock_downgrade+0x6e0/0x6e0 [ 2573.786641][T25545] ? rcu_read_unlock+0x9/0x60 [ 2573.791378][T25545] obj_cgroup_charge+0x2af/0x5e0 [ 2573.796363][T25545] ? copy_process+0x3aa/0x7520 [ 2573.801162][T25545] kmem_cache_alloc_node+0xb7/0x460 [ 2573.806405][T25545] copy_process+0x3aa/0x7520 [ 2573.811039][T25545] ? find_held_lock+0x2d/0x110 [ 2573.815864][T25545] ? __cleanup_sighand+0xb0/0xb0 [ 2573.820847][T25545] ? lock_downgrade+0x6e0/0x6e0 [ 2573.825737][T25545] ? perf_trace_mm_lru_insertion+0xae0/0xae0 [ 2573.831766][T25545] ? folio_add_lru+0x37b/0x680 [ 2573.836594][T25545] kernel_clone+0xeb/0x990 [ 2573.841070][T25545] ? create_io_thread+0xf0/0xf0 [ 2573.845974][T25545] ? find_held_lock+0x2d/0x110 [ 2573.850807][T25545] __do_sys_clone+0xba/0x100 [ 2573.855437][T25545] ? kernel_clone+0x990/0x990 [ 2573.860172][T25545] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2573.866109][T25545] do_syscall_64+0x39/0xb0 [ 2573.870586][T25545] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2573.876516][T25545] RIP: 0033:0x7f0b7de8d4f1 [ 2573.880964][T25545] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 09:54:28 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0x3000000) 09:54:28 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x500, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:28 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) 09:54:28 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x5400000000000000}, 0x0) [ 2573.900610][T25545] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2573.909060][T25545] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2573.917063][T25545] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 [ 2573.925058][T25545] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2573.933031][T25545] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2573.941015][T25545] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2573.949043][T25545] [ 2573.993769][T25545] memory: usage 307200kB, limit 307200kB, failcnt 83342 [ 2574.010426][T25545] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2574.012646][T25558] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2574.029508][T25545] Memory cgroup stats for /syz0: [ 2574.029812][T25545] anon 143360 [ 2574.029812][T25545] file 479232 [ 2574.029812][T25545] kernel 313950208 [ 2574.029812][T25545] kernel_stack 65536 [ 2574.029812][T25545] pagetables 77824 [ 2574.029812][T25545] sec_pagetables 0 [ 2574.029812][T25545] percpu 5614656 [ 2574.029812][T25545] sock 0 [ 2574.029812][T25545] vmalloc 8192 [ 2574.029812][T25545] shmem 479232 [ 2574.029812][T25545] zswap 0 [ 2574.029812][T25545] zswapped 0 [ 2574.029812][T25545] file_mapped 479232 [ 2574.029812][T25545] file_dirty 0 [ 2574.029812][T25545] file_writeback 0 [ 2574.029812][T25545] swapcached 0 [ 2574.029812][T25545] anon_thp 0 [ 2574.029812][T25545] file_thp 0 09:54:28 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x600, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:28 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) [ 2574.029812][T25545] shmem_thp 0 [ 2574.029812][T25545] inactive_anon 180224 [ 2574.029812][T25545] active_anon 442368 [ 2574.029812][T25545] inactive_file 0 [ 2574.029812][T25545] active_file 0 [ 2574.029812][T25545] unevictable 0 [ 2574.029812][T25545] slab_reclaimable 28096 [ 2574.029812][T25545] slab_unreclaimable 308121352 09:54:28 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x700, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2574.182758][T25545] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=25545,uid=0 [ 2574.225129][T25545] Memory cgroup out of memory: Killed process 25545 (syz-executor.0) total-vm:54672kB, anon-rss:484kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2574.281506][T25560] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2574.287433][T25551] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2574.319533][T25551] CPU: 1 PID: 25551 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2574.330025][T25551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2574.340120][T25551] Call Trace: [ 2574.343426][T25551] [ 2574.346382][T25551] dump_stack_lvl+0xd1/0x138 [ 2574.351027][T25551] dump_header+0x10b/0x85f [ 2574.355504][T25551] oom_kill_process.cold+0x10/0x15 [ 2574.360679][T25551] out_of_memory+0x35c/0x14a0 [ 2574.365418][T25551] ? find_held_lock+0x2d/0x110 [ 2574.370236][T25551] ? oom_killer_disable+0x280/0x280 [ 2574.375491][T25551] ? find_held_lock+0x2d/0x110 [ 2574.380313][T25551] mem_cgroup_out_of_memory+0x206/0x270 [ 2574.385911][T25551] ? mem_cgroup_margin+0x130/0x130 [ 2574.391068][T25551] ? lock_downgrade+0x6e0/0x6e0 [ 2574.395975][T25551] try_charge_memcg+0xefb/0x12f0 [ 2574.400962][T25551] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2574.406994][T25551] ? lock_downgrade+0x6e0/0x6e0 [ 2574.411900][T25551] charge_memcg+0x90/0x3b0 [ 2574.416368][T25551] __mem_cgroup_charge+0x2b/0x90 [ 2574.421354][T25551] do_wp_page+0x7ec/0x3370 [ 2574.425824][T25551] ? lock_release+0x810/0x810 09:54:28 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x6000000000000000}, 0x0) 09:54:28 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xf802) 09:54:28 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r1, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) 09:54:28 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0xb00, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2574.430536][T25551] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2574.435962][T25551] ? do_raw_spin_lock+0x124/0x2b0 [ 2574.441023][T25551] ? rwlock_bug.part.0+0x90/0x90 [ 2574.445998][T25551] ? lock_chain_count+0x20/0x20 [ 2574.450892][T25551] __handle_mm_fault+0x1f58/0x3c90 [ 2574.456057][T25551] ? vm_iomap_memory+0x190/0x190 [ 2574.461064][T25551] handle_mm_fault+0x1b6/0x850 [ 2574.465880][T25551] do_user_addr_fault+0x475/0x1210 [ 2574.471042][T25551] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2574.476647][T25551] exc_page_fault+0x98/0x170 [ 2574.481279][T25551] asm_exc_page_fault+0x26/0x30 [ 2574.486162][T25551] RIP: 0033:0x7ff9f2039570 [ 2574.490614][T25551] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2574.510261][T25551] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2574.516349][T25551] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2574.524330][T25551] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2574.532313][T25551] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2574.540297][T25551] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2574.548280][T25551] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2574.556260][T25551] ? __sock_create+0x2c/0x790 [ 2574.561012][T25551] [ 2574.566296][T25551] memory: usage 307200kB, limit 307200kB, failcnt 35523 [ 2574.590531][T25551] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2574.605055][T25572] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2574.605651][T25551] Memory cgroup stats for /syz1: [ 2574.625240][T25551] anon 114688 [ 2574.625240][T25551] file 606208 [ 2574.625240][T25551] kernel 313851904 [ 2574.625240][T25551] kernel_stack 65536 [ 2574.625240][T25551] pagetables 73728 [ 2574.625240][T25551] sec_pagetables 0 [ 2574.625240][T25551] percpu 5612288 [ 2574.625240][T25551] sock 0 [ 2574.625240][T25551] vmalloc 0 [ 2574.625240][T25551] shmem 602112 [ 2574.625240][T25551] zswap 0 [ 2574.625240][T25551] zswapped 0 [ 2574.625240][T25551] file_mapped 602112 [ 2574.625240][T25551] file_dirty 0 [ 2574.625240][T25551] file_writeback 0 [ 2574.625240][T25551] swapcached 0 [ 2574.625240][T25551] anon_thp 0 [ 2574.625240][T25551] file_thp 0 [ 2574.625240][T25551] shmem_thp 0 [ 2574.625240][T25551] inactive_anon 282624 [ 2574.625240][T25551] active_anon 434176 [ 2574.625240][T25551] inactive_file 0 [ 2574.625240][T25551] active_file 4096 [ 2574.625240][T25551] unevictable 0 [ 2574.625240][T25551] slab_reclaimable 219568 [ 2574.625240][T25551] slab_unreclaimable 307848312 [ 2574.723932][T25551] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25551,uid=0 [ 2574.739917][T25551] Memory cgroup out of memory: Killed process 25551 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 09:54:29 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x1f000000}, 0x0) 09:54:29 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0x4000000) 09:54:29 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0xe00, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:29 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0x3000000) 09:54:29 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x1100, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2574.872444][T25574] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000 [ 2574.906316][T25574] CPU: 1 PID: 25574 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2574.916804][T25574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2574.926899][T25574] Call Trace: [ 2574.930206][T25574] [ 2574.933172][T25574] dump_stack_lvl+0xd1/0x138 [ 2574.937810][T25574] dump_header+0x10b/0x85f [ 2574.942282][T25574] oom_kill_process.cold+0x10/0x15 [ 2574.947454][T25574] out_of_memory+0x35c/0x14a0 [ 2574.952184][T25574] ? find_held_lock+0x2d/0x110 [ 2574.956981][T25574] ? oom_killer_disable+0x280/0x280 [ 2574.962217][T25574] ? find_held_lock+0x2d/0x110 [ 2574.967011][T25574] mem_cgroup_out_of_memory+0x206/0x270 [ 2574.972590][T25574] ? mem_cgroup_margin+0x130/0x130 [ 2574.977727][T25574] ? lock_downgrade+0x6e0/0x6e0 [ 2574.982608][T25574] try_charge_memcg+0xefb/0x12f0 [ 2574.987572][T25574] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2574.993571][T25574] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2574.999323][T25574] ? lock_downgrade+0x6e0/0x6e0 [ 2575.004193][T25574] ? lock_downgrade+0x6e0/0x6e0 [ 2575.009058][T25574] ? rcu_read_unlock+0x9/0x60 [ 2575.013774][T25574] obj_cgroup_charge+0x2af/0x5e0 [ 2575.018741][T25574] ? copy_process+0x3aa/0x7520 [ 2575.023522][T25574] kmem_cache_alloc_node+0xb7/0x460 [ 2575.028753][T25574] copy_process+0x3aa/0x7520 [ 2575.033375][T25574] ? find_held_lock+0x2d/0x110 [ 2575.038179][T25574] ? __cleanup_sighand+0xb0/0xb0 [ 2575.043137][T25574] ? lock_downgrade+0x6e0/0x6e0 [ 2575.048001][T25574] ? folio_flags.constprop.0+0x53/0x150 [ 2575.053578][T25574] ? folio_add_lru+0x37b/0x680 [ 2575.058369][T25574] kernel_clone+0xeb/0x990 [ 2575.062809][T25574] ? create_io_thread+0xf0/0xf0 [ 2575.067696][T25574] ? find_held_lock+0x2d/0x110 [ 2575.072504][T25574] __do_sys_clone+0xba/0x100 [ 2575.077114][T25574] ? kernel_clone+0x990/0x990 [ 2575.081828][T25574] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2575.087748][T25574] do_syscall_64+0x39/0xb0 [ 2575.092189][T25574] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2575.098108][T25574] RIP: 0033:0x7f0b7de8d4f1 [ 2575.102538][T25574] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 09:54:29 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x1f00, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2575.122159][T25574] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2575.130591][T25574] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2575.138573][T25574] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 [ 2575.146561][T25574] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2575.154544][T25574] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2575.162525][T25574] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2575.170527][T25574] 09:54:29 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x2000, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:29 executing program 4: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0xe00, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2575.198086][T25576] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2575.286652][T25582] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 2575.360222][T25574] memory: usage 307200kB, limit 307200kB, failcnt 83469 [ 2575.367379][T25574] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2575.375484][T25574] Memory cgroup stats for /syz0: [ 2575.376230][T25574] anon 143360 [ 2575.376230][T25574] file 479232 [ 2575.376230][T25574] kernel 313950208 [ 2575.376230][T25574] kernel_stack 65536 [ 2575.376230][T25574] pagetables 77824 [ 2575.376230][T25574] sec_pagetables 0 [ 2575.376230][T25574] percpu 5614656 [ 2575.376230][T25574] sock 0 [ 2575.376230][T25574] vmalloc 8192 [ 2575.376230][T25574] shmem 479232 [ 2575.376230][T25574] zswap 0 [ 2575.376230][T25574] zswapped 0 [ 2575.376230][T25574] file_mapped 479232 [ 2575.376230][T25574] file_dirty 0 [ 2575.376230][T25574] file_writeback 0 [ 2575.376230][T25574] swapcached 0 [ 2575.376230][T25574] anon_thp 0 [ 2575.376230][T25574] file_thp 0 [ 2575.376230][T25574] shmem_thp 0 [ 2575.376230][T25574] inactive_anon 180224 [ 2575.376230][T25574] active_anon 442368 [ 2575.376230][T25574] inactive_file 0 [ 2575.376230][T25574] active_file 0 [ 2575.376230][T25574] unevictable 0 [ 2575.376230][T25574] slab_reclaimable 28096 [ 2575.376230][T25574] slab_unreclaimable 308121352 [ 2575.473175][T25574] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=25574,uid=0 [ 2575.489139][T25574] Memory cgroup out of memory: Killed process 25574 (syz-executor.0) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:54:29 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x6558000000000000}, 0x0) 09:54:29 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x2900, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:29 executing program 4: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0xe00, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2575.518974][T25578] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 09:54:29 executing program 4: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0xe00, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2575.559181][T25578] CPU: 1 PID: 25578 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2575.569672][T25578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2575.579767][T25578] Call Trace: [ 2575.583079][T25578] [ 2575.586047][T25578] dump_stack_lvl+0xd1/0x138 [ 2575.590698][T25578] dump_header+0x10b/0x85f [ 2575.595173][T25578] oom_kill_process.cold+0x10/0x15 [ 2575.600348][T25578] out_of_memory+0x35c/0x14a0 [ 2575.605092][T25578] ? oom_killer_disable+0x280/0x280 [ 2575.610356][T25578] ? find_held_lock+0x2d/0x110 [ 2575.615181][T25578] mem_cgroup_out_of_memory+0x206/0x270 [ 2575.620791][T25578] ? mem_cgroup_margin+0x130/0x130 [ 2575.625953][T25578] ? lock_downgrade+0x6e0/0x6e0 [ 2575.630868][T25578] try_charge_memcg+0xefb/0x12f0 [ 2575.635869][T25578] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2575.641902][T25578] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2575.647688][T25578] ? lock_downgrade+0x6e0/0x6e0 [ 2575.652611][T25578] obj_cgroup_charge+0x2af/0x5e0 [ 2575.657600][T25578] ? vm_area_dup+0x7d/0x380 [ 2575.662146][T25578] kmem_cache_alloc+0xb5/0x430 [ 2575.666958][T25578] vm_area_dup+0x7d/0x380 [ 2575.671334][T25578] ? mt_slot+0xa1/0x170 [ 2575.675537][T25578] ? mas_next_nentry+0x610/0xab0 [ 2575.681059][T25578] ? mas_next_node+0x547/0xa00 [ 2575.685888][T25578] ? mas_find+0x211/0xd10 [ 2575.690265][T25578] ? vm_area_alloc+0x100/0x100 [ 2575.695099][T25578] ? validate_mm_mt+0x149/0x1b0 [ 2575.700013][T25578] ? remove_vma+0x130/0x130 [ 2575.704560][T25578] ? can_vma_merge_before+0x390/0x390 [ 2575.709989][T25578] __split_vma+0xae/0x5e0 [ 2575.714354][T25578] ? vma_merge+0x2cf/0x870 [ 2575.718828][T25578] split_vma+0xa3/0xe0 [ 2575.722935][T25578] mprotect_fixup+0x686/0x960 [ 2575.727662][T25578] ? mas_find+0x211/0xd10 [ 2575.732026][T25578] ? change_protection+0x3b30/0x3b30 [ 2575.737367][T25578] do_mprotect_pkey+0x6fd/0xa70 [ 2575.742270][T25578] ? mprotect_fixup+0x960/0x960 [ 2575.747162][T25578] ? up_write+0x1b0/0x520 [ 2575.751581][T25578] __x64_sys_mprotect+0x78/0xb0 [ 2575.756474][T25578] do_syscall_64+0x39/0xb0 [ 2575.760935][T25578] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2575.766873][T25578] RIP: 0033:0x7f909a68c1d7 [ 2575.771333][T25578] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2575.791064][T25578] RSP: 002b:00007ffc6e869e78 EFLAGS: 00000206 ORIG_RAX: 000000000000000a [ 2575.799517][T25578] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f909a68c1d7 [ 2575.807524][T25578] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f909b41a000 [ 2575.815543][T25578] RBP: 00007ffc6e869f50 R08: 00000000ffffffff R09: 00007f909b439700 [ 2575.823556][T25578] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffc6e86a070 [ 2575.831571][T25578] R13: 00007f909b439700 R14: 0000000000000000 R15: 0000000000022000 [ 2575.839603][T25578] [ 2575.848082][T25583] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2575.848140][T25578] memory: usage 307184kB, limit 307200kB, failcnt 73950 [ 2575.873500][T25578] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2575.880999][T25578] Memory cgroup stats for /syz2: [ 2575.881242][T25578] anon 139264 [ 2575.881242][T25578] file 638976 [ 2575.881242][T25578] kernel 313778176 [ 2575.881242][T25578] kernel_stack 65536 [ 2575.881242][T25578] pagetables 81920 [ 2575.881242][T25578] sec_pagetables 0 [ 2575.881242][T25578] percpu 5611040 [ 2575.881242][T25578] sock 0 [ 2575.881242][T25578] vmalloc 0 [ 2575.881242][T25578] shmem 638976 [ 2575.881242][T25578] zswap 0 [ 2575.881242][T25578] zswapped 0 [ 2575.881242][T25578] file_mapped 638976 [ 2575.881242][T25578] file_dirty 0 [ 2575.881242][T25578] file_writeback 0 [ 2575.881242][T25578] swapcached 0 [ 2575.881242][T25578] anon_thp 0 [ 2575.881242][T25578] file_thp 0 [ 2575.881242][T25578] shmem_thp 0 [ 2575.881242][T25578] inactive_anon 372736 [ 2575.881242][T25578] active_anon 405504 [ 2575.881242][T25578] inactive_file 0 [ 2575.881242][T25578] active_file 0 [ 2575.881242][T25578] unevictable 0 [ 2575.881242][T25578] slab_reclaimable 233712 [ 2575.881242][T25578] slab_unreclaimable 307758544 [ 2575.980706][T25578] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=25578,uid=0 [ 2575.996765][T25578] Memory cgroup out of memory: Killed process 25578 (syz-executor.2) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2576.014811][T25584] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2576.032950][T25584] CPU: 1 PID: 25584 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2576.043428][T25584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2576.053520][T25584] Call Trace: [ 2576.056829][T25584] [ 2576.059792][T25584] dump_stack_lvl+0xd1/0x138 [ 2576.064431][T25584] dump_header+0x10b/0x85f [ 2576.068905][T25584] oom_kill_process.cold+0x10/0x15 [ 2576.074069][T25584] out_of_memory+0x35c/0x14a0 [ 2576.078923][T25584] ? oom_killer_disable+0x280/0x280 [ 2576.084173][T25584] ? find_held_lock+0x2d/0x110 [ 2576.088972][T25584] mem_cgroup_out_of_memory+0x206/0x270 [ 2576.094553][T25584] ? mem_cgroup_margin+0x130/0x130 [ 2576.099698][T25584] ? lock_downgrade+0x6e0/0x6e0 [ 2576.104583][T25584] try_charge_memcg+0xefb/0x12f0 [ 2576.109548][T25584] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2576.115559][T25584] ? lock_downgrade+0x6e0/0x6e0 [ 2576.120445][T25584] charge_memcg+0x90/0x3b0 [ 2576.124894][T25584] __mem_cgroup_charge+0x2b/0x90 [ 2576.129873][T25584] do_wp_page+0x7ec/0x3370 [ 2576.134337][T25584] ? lock_release+0x810/0x810 [ 2576.139042][T25584] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2576.144461][T25584] ? do_raw_spin_lock+0x124/0x2b0 [ 2576.149517][T25584] ? rwlock_bug.part.0+0x90/0x90 [ 2576.154501][T25584] ? lock_chain_count+0x20/0x20 [ 2576.159381][T25584] __handle_mm_fault+0x1f58/0x3c90 [ 2576.164529][T25584] ? vm_iomap_memory+0x190/0x190 [ 2576.169525][T25584] handle_mm_fault+0x1b6/0x850 [ 2576.174328][T25584] do_user_addr_fault+0x475/0x1210 [ 2576.179483][T25584] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2576.185068][T25584] exc_page_fault+0x98/0x170 [ 2576.189682][T25584] asm_exc_page_fault+0x26/0x30 [ 2576.194550][T25584] RIP: 0033:0x7ff9f2039570 [ 2576.198985][T25584] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2576.218609][T25584] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2576.224696][T25584] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2576.232680][T25584] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2576.240661][T25584] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2576.248645][T25584] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2576.256637][T25584] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2576.264619][T25584] ? __sock_create+0x2c/0x790 [ 2576.269345][T25584] [ 2576.273924][T25584] memory: usage 307200kB, limit 307200kB, failcnt 35645 [ 2576.292811][T25584] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2576.300296][T25584] Memory cgroup stats for /syz1: [ 2576.300567][T25584] anon 114688 [ 2576.300567][T25584] file 606208 [ 2576.300567][T25584] kernel 313851904 [ 2576.300567][T25584] kernel_stack 65536 [ 2576.300567][T25584] pagetables 73728 [ 2576.300567][T25584] sec_pagetables 0 [ 2576.300567][T25584] percpu 5612288 [ 2576.300567][T25584] sock 0 [ 2576.300567][T25584] vmalloc 0 [ 2576.300567][T25584] shmem 602112 [ 2576.300567][T25584] zswap 0 [ 2576.300567][T25584] zswapped 0 [ 2576.300567][T25584] file_mapped 602112 [ 2576.300567][T25584] file_dirty 0 [ 2576.300567][T25584] file_writeback 0 [ 2576.300567][T25584] swapcached 0 [ 2576.300567][T25584] anon_thp 0 [ 2576.300567][T25584] file_thp 0 [ 2576.300567][T25584] shmem_thp 0 [ 2576.300567][T25584] inactive_anon 282624 [ 2576.300567][T25584] active_anon 434176 [ 2576.300567][T25584] inactive_file 0 [ 2576.300567][T25584] active_file 4096 [ 2576.300567][T25584] unevictable 0 [ 2576.300567][T25584] slab_reclaimable 219568 [ 2576.300567][T25584] slab_unreclaimable 307848312 [ 2576.403707][T25584] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25584,uid=0 09:54:30 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 09:54:30 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xf802) 09:54:30 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x34c0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:30 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) 09:54:30 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0x5000000) [ 2576.419794][T25584] Memory cgroup out of memory: Killed process 25584 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2576.456231][T25603] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 09:54:30 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x3800, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2576.526515][T25610] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2576.566187][T25599] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2576.597386][T25599] CPU: 1 PID: 25599 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2576.607878][T25599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2576.617957][T25599] Call Trace: [ 2576.621247][T25599] [ 2576.624188][T25599] dump_stack_lvl+0xd1/0x138 [ 2576.628822][T25599] dump_header+0x10b/0x85f [ 2576.633293][T25599] oom_kill_process.cold+0x10/0x15 [ 2576.638456][T25599] out_of_memory+0x35c/0x14a0 [ 2576.643183][T25599] ? find_held_lock+0x2d/0x110 [ 2576.647987][T25599] ? oom_killer_disable+0x280/0x280 [ 2576.653226][T25599] ? find_held_lock+0x2d/0x110 [ 2576.658032][T25599] mem_cgroup_out_of_memory+0x206/0x270 [ 2576.663617][T25599] ? mem_cgroup_margin+0x130/0x130 [ 2576.668754][T25599] ? lock_downgrade+0x6e0/0x6e0 [ 2576.673660][T25599] try_charge_memcg+0xefb/0x12f0 [ 2576.678637][T25599] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2576.684664][T25599] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2576.690428][T25599] ? lock_downgrade+0x6e0/0x6e0 [ 2576.695351][T25599] obj_cgroup_charge+0x2af/0x5e0 [ 2576.700323][T25599] ? vm_area_dup+0x7d/0x380 [ 2576.704845][T25599] kmem_cache_alloc+0xb5/0x430 [ 2576.709631][T25599] vm_area_dup+0x7d/0x380 [ 2576.713984][T25599] ? mt_slot+0xa1/0x170 [ 2576.718168][T25599] ? mas_next_nentry+0x610/0xab0 [ 2576.723132][T25599] ? mas_next_node+0x547/0xa00 [ 2576.727924][T25599] ? mas_find+0x211/0xd10 [ 2576.732285][T25599] ? vm_area_alloc+0x100/0x100 [ 2576.737068][T25599] ? validate_mm_mt+0x149/0x1b0 [ 2576.741953][T25599] ? remove_vma+0x130/0x130 [ 2576.746494][T25599] ? can_vma_merge_before+0x390/0x390 [ 2576.751904][T25599] __split_vma+0xae/0x5e0 [ 2576.756257][T25599] ? vma_merge+0x2cf/0x870 [ 2576.760727][T25599] split_vma+0xa3/0xe0 [ 2576.764843][T25599] mprotect_fixup+0x686/0x960 [ 2576.769558][T25599] ? mas_find+0x211/0xd10 [ 2576.773909][T25599] ? change_protection+0x3b30/0x3b30 [ 2576.779249][T25599] do_mprotect_pkey+0x6fd/0xa70 [ 2576.784139][T25599] ? mprotect_fixup+0x960/0x960 [ 2576.789013][T25599] ? up_write+0x1b0/0x520 [ 2576.793409][T25599] __x64_sys_mprotect+0x78/0xb0 [ 2576.798283][T25599] do_syscall_64+0x39/0xb0 [ 2576.802727][T25599] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2576.808640][T25599] RIP: 0033:0x7f0b7de8c1d7 [ 2576.813069][T25599] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2576.832706][T25599] RSP: 002b:00007fff06370108 EFLAGS: 00000206 ORIG_RAX: 000000000000000a [ 2576.841143][T25599] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f0b7de8c1d7 [ 2576.849132][T25599] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f0b7eb63000 [ 2576.857119][T25599] RBP: 00007fff063701e0 R08: 00000000ffffffff R09: 00007f0b7eb82700 [ 2576.865109][T25599] R10: 0000000000020022 R11: 0000000000000206 R12: 00007fff06370300 [ 2576.873092][T25599] R13: 00007f0b7eb82700 R14: 0000000000000000 R15: 0000000000022000 [ 2576.881098][T25599] 09:54:31 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x3f00, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2576.948859][T25599] memory: usage 307200kB, limit 307200kB, failcnt 83654 [ 2576.955951][T25599] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2576.964872][T25612] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2576.978914][T25599] Memory cgroup stats for /syz0: [ 2576.979175][T25599] anon 139264 [ 2576.979175][T25599] file 479232 [ 2576.979175][T25599] kernel 313954304 [ 2576.979175][T25599] kernel_stack 65536 [ 2576.979175][T25599] pagetables 77824 [ 2576.979175][T25599] sec_pagetables 0 [ 2576.979175][T25599] percpu 5614656 [ 2576.979175][T25599] sock 0 [ 2576.979175][T25599] vmalloc 8192 [ 2576.979175][T25599] shmem 479232 [ 2576.979175][T25599] zswap 0 [ 2576.979175][T25599] zswapped 0 [ 2576.979175][T25599] file_mapped 479232 [ 2576.979175][T25599] file_dirty 0 [ 2576.979175][T25599] file_writeback 0 [ 2576.979175][T25599] swapcached 0 [ 2576.979175][T25599] anon_thp 0 [ 2576.979175][T25599] file_thp 0 [ 2576.979175][T25599] shmem_thp 0 09:54:31 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) [ 2576.979175][T25599] inactive_anon 176128 [ 2576.979175][T25599] active_anon 442368 [ 2576.979175][T25599] inactive_file 0 [ 2576.979175][T25599] active_file 0 [ 2576.979175][T25599] unevictable 0 [ 2576.979175][T25599] slab_reclaimable 28096 [ 2576.979175][T25599] slab_unreclaimable 308120488 [ 2577.083261][T25599] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=25599,uid=0 [ 2577.138906][T25599] Memory cgroup out of memory: Killed process 25599 (syz-executor.0) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 09:54:31 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x6800000000000000}, 0x0) 09:54:31 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x4000, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:31 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r3, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0) [ 2577.197270][T25609] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2577.236210][T25609] CPU: 1 PID: 25609 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 09:54:31 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x1801000000000000}, 0x0) [ 2577.246703][T25609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2577.256791][T25609] Call Trace: [ 2577.260113][T25609] [ 2577.263083][T25609] dump_stack_lvl+0xd1/0x138 [ 2577.267720][T25609] dump_header+0x10b/0x85f [ 2577.272184][T25609] oom_kill_process.cold+0x10/0x15 [ 2577.277349][T25609] out_of_memory+0x35c/0x14a0 [ 2577.282081][T25609] ? find_held_lock+0x2d/0x110 [ 2577.286898][T25609] ? oom_killer_disable+0x280/0x280 [ 2577.292152][T25609] ? find_held_lock+0x2d/0x110 [ 2577.297061][T25609] mem_cgroup_out_of_memory+0x206/0x270 [ 2577.302662][T25609] ? mem_cgroup_margin+0x130/0x130 [ 2577.307827][T25609] ? lock_downgrade+0x6e0/0x6e0 [ 2577.312739][T25609] try_charge_memcg+0xefb/0x12f0 [ 2577.317732][T25609] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2577.323767][T25609] ? lock_downgrade+0x6e0/0x6e0 [ 2577.328670][T25609] charge_memcg+0x90/0x3b0 [ 2577.333127][T25609] __mem_cgroup_charge+0x2b/0x90 [ 2577.338104][T25609] do_wp_page+0x7ec/0x3370 [ 2577.342587][T25609] ? lock_release+0x810/0x810 [ 2577.347297][T25609] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2577.352718][T25609] ? do_raw_spin_lock+0x124/0x2b0 [ 2577.357783][T25609] ? rwlock_bug.part.0+0x90/0x90 [ 2577.362755][T25609] ? lock_chain_count+0x20/0x20 [ 2577.367651][T25609] __handle_mm_fault+0x1f58/0x3c90 [ 2577.372817][T25609] ? vm_iomap_memory+0x190/0x190 [ 2577.377832][T25609] handle_mm_fault+0x1b6/0x850 [ 2577.382642][T25609] do_user_addr_fault+0x475/0x1210 [ 2577.387791][T25609] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2577.393392][T25609] exc_page_fault+0x98/0x170 [ 2577.398017][T25609] asm_exc_page_fault+0x26/0x30 [ 2577.402907][T25609] RIP: 0033:0x7ff9f2039570 [ 2577.407350][T25609] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2577.427002][T25609] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2577.433115][T25609] RAX: 00000000359b6b55 RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2577.441122][T25609] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 000000000c5b2288 [ 2577.449124][T25609] RBP: 00000000359b6b55 R08: 0000000000000b55 R09: 00000000359b6b59 [ 2577.455809][T25629] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2577.457104][T25609] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2577.457127][T25609] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff87becd1c [ 2577.457148][T25609] ? __sock_create+0x2c/0x790 [ 2577.487635][T25609] [ 2577.511402][T25609] memory: usage 307200kB, limit 307200kB, failcnt 35767 [ 2577.519228][T25609] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2577.526300][T25609] Memory cgroup stats for /syz1: [ 2577.526565][T25609] anon 114688 [ 2577.526565][T25609] file 606208 [ 2577.526565][T25609] kernel 313851904 [ 2577.526565][T25609] kernel_stack 65536 [ 2577.526565][T25609] pagetables 73728 [ 2577.526565][T25609] sec_pagetables 0 [ 2577.526565][T25609] percpu 5612288 [ 2577.526565][T25609] sock 0 [ 2577.526565][T25609] vmalloc 0 [ 2577.526565][T25609] shmem 602112 [ 2577.526565][T25609] zswap 0 [ 2577.526565][T25609] zswapped 0 [ 2577.526565][T25609] file_mapped 602112 [ 2577.526565][T25609] file_dirty 0 [ 2577.526565][T25609] file_writeback 0 [ 2577.526565][T25609] swapcached 0 [ 2577.526565][T25609] anon_thp 0 [ 2577.526565][T25609] file_thp 0 [ 2577.526565][T25609] shmem_thp 0 [ 2577.526565][T25609] inactive_anon 282624 [ 2577.526565][T25609] active_anon 434176 [ 2577.526565][T25609] inactive_file 0 [ 2577.526565][T25609] active_file 4096 [ 2577.526565][T25609] unevictable 0 [ 2577.526565][T25609] slab_reclaimable 219568 [ 2577.526565][T25609] slab_unreclaimable 307848312 [ 2577.665467][T25609] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25609,uid=0 [ 2577.681980][T25609] Memory cgroup out of memory: Killed process 25609 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2577.707641][T25604] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2577.725322][T25604] CPU: 1 PID: 25604 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2577.735810][T25604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2577.745903][T25604] Call Trace: [ 2577.749212][T25604] [ 2577.752167][T25604] dump_stack_lvl+0xd1/0x138 [ 2577.756805][T25604] dump_header+0x10b/0x85f [ 2577.761282][T25604] oom_kill_process.cold+0x10/0x15 [ 2577.766458][T25604] out_of_memory+0x35c/0x14a0 [ 2577.771199][T25604] ? oom_killer_disable+0x280/0x280 [ 2577.776454][T25604] ? find_held_lock+0x2d/0x110 [ 2577.781275][T25604] mem_cgroup_out_of_memory+0x206/0x270 [ 2577.786873][T25604] ? mem_cgroup_margin+0x130/0x130 [ 2577.792039][T25604] ? lock_downgrade+0x6e0/0x6e0 [ 2577.796951][T25604] try_charge_memcg+0xefb/0x12f0 [ 2577.801943][T25604] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2577.807965][T25604] ? get_mem_cgroup_from_objcg+0xa1/0x260 09:54:32 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x32000000}, 0x0) 09:54:32 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x5c00, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:32 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x1801000000000000}, 0x0) [ 2577.813741][T25604] ? lock_downgrade+0x6e0/0x6e0 [ 2577.818659][T25604] obj_cgroup_charge+0x2af/0x5e0 [ 2577.823646][T25604] ? vm_area_dup+0x7d/0x380 [ 2577.828195][T25604] kmem_cache_alloc+0xb5/0x430 [ 2577.833009][T25604] vm_area_dup+0x7d/0x380 [ 2577.837388][T25604] ? mt_slot+0xa1/0x170 [ 2577.841599][T25604] ? mas_next_nentry+0x610/0xab0 [ 2577.846585][T25604] ? mas_next_node+0x547/0xa00 [ 2577.851408][T25604] ? mas_find+0x211/0xd10 [ 2577.855797][T25604] ? vm_area_alloc+0x100/0x100 [ 2577.860630][T25604] ? validate_mm_mt+0x149/0x1b0 [ 2577.865528][T25604] ? remove_vma+0x130/0x130 [ 2577.870078][T25604] ? can_vma_merge_before+0x390/0x390 [ 2577.875684][T25604] __split_vma+0xae/0x5e0 [ 2577.880578][T25604] ? vma_merge+0x2cf/0x870 [ 2577.885044][T25604] split_vma+0xa3/0xe0 [ 2577.889159][T25604] mprotect_fixup+0x686/0x960 [ 2577.893893][T25604] ? mas_find+0x211/0xd10 [ 2577.898265][T25604] ? change_protection+0x3b30/0x3b30 [ 2577.899759][T25634] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2577.903587][T25604] do_mprotect_pkey+0x6fd/0xa70 [ 2577.903635][T25604] ? mprotect_fixup+0x960/0x960 [ 2577.903667][T25604] ? up_write+0x1b0/0x520 [ 2577.927048][T25604] __x64_sys_mprotect+0x78/0xb0 [ 2577.931950][T25604] do_syscall_64+0x39/0xb0 [ 2577.936413][T25604] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2577.942343][T25604] RIP: 0033:0x7f909a68c1d7 [ 2577.946789][T25604] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2577.966433][T25604] RSP: 002b:00007ffc6e869e78 EFLAGS: 00000206 ORIG_RAX: 000000000000000a [ 2577.974888][T25604] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f909a68c1d7 [ 2577.982891][T25604] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f909b41a000 [ 2577.990903][T25604] RBP: 00007ffc6e869f50 R08: 00000000ffffffff R09: 00007f909b439700 [ 2577.998910][T25604] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffc6e86a070 [ 2578.006914][T25604] R13: 00007f909b439700 R14: 0000000000000000 R15: 0000000000022000 09:54:32 executing program 3: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x8, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2578.015038][T25604] [ 2578.056599][T25604] memory: usage 307200kB, limit 307200kB, failcnt 74046 [ 2578.072440][T25604] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2578.085862][T25604] Memory cgroup stats for /syz2: [ 2578.086135][T25604] anon 139264 [ 2578.086135][T25604] file 638976 [ 2578.086135][T25604] kernel 313778176 [ 2578.086135][T25604] kernel_stack 65536 [ 2578.086135][T25604] pagetables 81920 [ 2578.086135][T25604] sec_pagetables 0 [ 2578.086135][T25604] percpu 5611040 [ 2578.086135][T25604] sock 0 [ 2578.086135][T25604] vmalloc 0 [ 2578.086135][T25604] shmem 638976 [ 2578.086135][T25604] zswap 0 [ 2578.086135][T25604] zswapped 0 [ 2578.086135][T25604] file_mapped 638976 [ 2578.086135][T25604] file_dirty 0 [ 2578.086135][T25604] file_writeback 0 [ 2578.086135][T25604] swapcached 0 [ 2578.086135][T25604] anon_thp 0 [ 2578.086135][T25604] file_thp 0 [ 2578.086135][T25604] shmem_thp 0 [ 2578.086135][T25604] inactive_anon 372736 [ 2578.086135][T25604] active_anon 405504 [ 2578.086135][T25604] inactive_file 0 [ 2578.086135][T25604] active_file 0 [ 2578.086135][T25604] unevictable 0 [ 2578.086135][T25604] slab_reclaimable 233712 [ 2578.086135][T25604] slab_unreclaimable 307758544 [ 2578.191087][T25604] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=25604,uid=0 09:54:32 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0x6000000) 09:54:32 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0xc034, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:32 executing program 3: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x8, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:32 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) [ 2578.207161][T25604] Memory cgroup out of memory: Killed process 25604 (syz-executor.2) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2578.291275][T25633] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2578.338996][T25633] CPU: 1 PID: 25633 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2578.349490][T25633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2578.359576][T25633] Call Trace: [ 2578.362887][T25633] [ 2578.365842][T25633] dump_stack_lvl+0xd1/0x138 [ 2578.370481][T25633] dump_header+0x10b/0x85f [ 2578.374953][T25633] oom_kill_process.cold+0x10/0x15 [ 2578.380123][T25633] out_of_memory+0x35c/0x14a0 [ 2578.384859][T25633] ? find_held_lock+0x2d/0x110 [ 2578.389682][T25633] ? oom_killer_disable+0x280/0x280 [ 2578.394933][T25633] ? find_held_lock+0x2d/0x110 [ 2578.399764][T25633] mem_cgroup_out_of_memory+0x206/0x270 [ 2578.405362][T25633] ? mem_cgroup_margin+0x130/0x130 [ 2578.410518][T25633] ? lock_downgrade+0x6e0/0x6e0 [ 2578.415426][T25633] try_charge_memcg+0xefb/0x12f0 [ 2578.420407][T25633] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2578.426420][T25633] ? lock_downgrade+0x6e0/0x6e0 [ 2578.431311][T25633] charge_memcg+0x90/0x3b0 [ 2578.435752][T25633] __mem_cgroup_charge+0x2b/0x90 [ 2578.440714][T25633] ? copy_mc_to_kernel+0x3e/0x90 [ 2578.445668][T25633] do_wp_page+0x7ec/0x3370 [ 2578.450116][T25633] ? lock_release+0x810/0x810 [ 2578.454808][T25633] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2578.460210][T25633] ? do_raw_spin_lock+0x124/0x2b0 [ 2578.465254][T25633] ? rwlock_bug.part.0+0x90/0x90 [ 2578.470211][T25633] ? lock_chain_count+0x20/0x20 [ 2578.475087][T25633] __handle_mm_fault+0x1f58/0x3c90 [ 2578.480231][T25633] ? vm_iomap_memory+0x190/0x190 [ 2578.485222][T25633] handle_mm_fault+0x1b6/0x850 [ 2578.490017][T25633] do_user_addr_fault+0x475/0x1210 [ 2578.495153][T25633] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2578.500733][T25633] exc_page_fault+0x98/0x170 [ 2578.505342][T25633] asm_exc_page_fault+0x26/0x30 [ 2578.510211][T25633] RIP: 0033:0x7ff9f2036645 [ 2578.514637][T25633] Code: 0f 1f 44 00 00 48 8b 57 18 48 83 fa ff 74 22 48 81 fa e7 03 00 00 0f 87 ee 00 00 00 48 c1 e2 04 48 8d 0d 7e 1a 17 00 48 01 ca 02 01 48 89 42 08 48 8b 0d 2d 73 17 00 48 8b 53 10 4c 8d 81 00 [ 2578.534259][T25633] RSP: 002b:00007fffc68a9440 EFLAGS: 00010206 [ 2578.540340][T25633] RAX: 0000000000000003 RBX: 00007ff9f21abf80 RCX: 00007ff9f21a80c0 [ 2578.548321][T25633] RDX: 00007ff9f21a80c0 RSI: 0000000000000080 RDI: 00007ff9f21abf80 [ 2578.556305][T25633] RBP: 00007ff9f21abf80 R08: 00007fffc695b080 R09: 0000000000000000 [ 2578.564286][T25633] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 000000000027571a [ 2578.572270][T25633] R13: 00007fffc68a9550 R14: 00007ff9f21abf80 R15: 0000000000000032 [ 2578.580274][T25633] [ 2578.593709][T25633] memory: usage 307188kB, limit 307200kB, failcnt 35865 [ 2578.601105][T25633] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2578.608147][T25633] Memory cgroup stats for /syz1: [ 2578.608402][T25633] anon 98304 [ 2578.608402][T25633] file 606208 [ 2578.608402][T25633] kernel 313851904 [ 2578.608402][T25633] kernel_stack 65536 [ 2578.608402][T25633] pagetables 73728 [ 2578.608402][T25633] sec_pagetables 0 [ 2578.608402][T25633] percpu 5612288 [ 2578.608402][T25633] sock 0 [ 2578.608402][T25633] vmalloc 0 [ 2578.608402][T25633] shmem 602112 [ 2578.608402][T25633] zswap 0 [ 2578.608402][T25633] zswapped 0 [ 2578.608402][T25633] file_mapped 602112 [ 2578.608402][T25633] file_dirty 0 [ 2578.608402][T25633] file_writeback 0 [ 2578.608402][T25633] swapcached 0 [ 2578.608402][T25633] anon_thp 0 [ 2578.608402][T25633] file_thp 0 [ 2578.608402][T25633] shmem_thp 0 [ 2578.608402][T25633] inactive_anon 266240 [ 2578.608402][T25633] active_anon 434176 [ 2578.608402][T25633] inactive_file 0 [ 2578.608402][T25633] active_file 4096 [ 2578.608402][T25633] unevictable 0 [ 2578.608402][T25633] slab_reclaimable 219568 [ 2578.608402][T25633] slab_unreclaimable 307848616 [ 2578.616768][T25647] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2578.703954][T25633] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25633,uid=0 [ 2578.730790][T25633] Memory cgroup out of memory: Killed process 25633 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 09:54:33 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x6900000000000000}, 0x0) 09:54:33 executing program 3: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x8, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:33 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0xc800, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2578.768171][T25649] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. 09:54:33 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0xe000, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2578.878348][T25648] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2578.930107][T25648] CPU: 0 PID: 25648 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2578.940603][T25648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2578.950696][T25648] Call Trace: [ 2578.954013][T25648] [ 2578.956971][T25648] dump_stack_lvl+0xd1/0x138 [ 2578.961612][T25648] dump_header+0x10b/0x85f [ 2578.966087][T25648] oom_kill_process.cold+0x10/0x15 [ 2578.971257][T25648] out_of_memory+0x35c/0x14a0 [ 2578.975997][T25648] ? find_held_lock+0x2d/0x110 [ 2578.980816][T25648] ? oom_killer_disable+0x280/0x280 [ 2578.986075][T25648] ? find_held_lock+0x2d/0x110 [ 2578.990897][T25648] mem_cgroup_out_of_memory+0x206/0x270 [ 2578.996505][T25648] ? mem_cgroup_margin+0x130/0x130 [ 2579.001674][T25648] ? lock_downgrade+0x6e0/0x6e0 [ 2579.006587][T25648] try_charge_memcg+0xefb/0x12f0 [ 2579.011578][T25648] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2579.017604][T25648] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2579.023388][T25648] ? lock_downgrade+0x6e0/0x6e0 [ 2579.028299][T25648] obj_cgroup_charge+0x2af/0x5e0 [ 2579.033279][T25648] ? vm_area_dup+0x7d/0x380 [ 2579.037822][T25648] kmem_cache_alloc+0xb5/0x430 [ 2579.042633][T25648] vm_area_dup+0x7d/0x380 [ 2579.047009][T25648] ? mt_slot+0xa1/0x170 [ 2579.051219][T25648] ? mas_next_nentry+0x610/0xab0 [ 2579.056202][T25648] ? mas_next_node+0x547/0xa00 [ 2579.061015][T25648] ? mas_find+0x211/0xd10 [ 2579.065392][T25648] ? vm_area_alloc+0x100/0x100 [ 2579.070190][T25648] ? validate_mm_mt+0x149/0x1b0 [ 2579.075075][T25648] ? remove_vma+0x130/0x130 [ 2579.079620][T25648] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 2579.085817][T25648] ? lockdep_hardirqs_on+0x7d/0x100 [ 2579.091066][T25648] __split_vma+0xae/0x5e0 [ 2579.095437][T25648] split_vma+0xa3/0xe0 [ 2579.099544][T25648] mprotect_fixup+0x686/0x960 [ 2579.104280][T25648] ? mas_find+0x211/0xd10 [ 2579.108645][T25648] ? change_protection+0x3b30/0x3b30 [ 2579.113982][T25648] do_mprotect_pkey+0x6fd/0xa70 [ 2579.118883][T25648] ? mprotect_fixup+0x960/0x960 [ 2579.123769][T25648] ? up_write+0x1b0/0x520 [ 2579.128188][T25648] __x64_sys_mprotect+0x78/0xb0 [ 2579.133080][T25648] do_syscall_64+0x39/0xb0 [ 2579.137539][T25648] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2579.143472][T25648] RIP: 0033:0x7f909a68c1d7 [ 2579.147912][T25648] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2579.167649][T25648] RSP: 002b:00007ffc6e869e78 EFLAGS: 00000206 ORIG_RAX: 000000000000000a [ 2579.176104][T25648] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f909a68c1d7 [ 2579.184097][T25648] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f909b41a000 [ 2579.192083][T25648] RBP: 00007ffc6e869f50 R08: 00000000ffffffff R09: 00007f909b439700 [ 2579.200084][T25648] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffc6e86a070 [ 2579.208082][T25648] R13: 00007f909b439700 R14: 0000000000000000 R15: 0000000000022000 [ 2579.216105][T25648] 09:54:33 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x32020000}, 0x0) 09:54:33 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 09:54:33 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0xf200) 09:54:33 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0xe803, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2579.229150][T25648] memory: usage 307200kB, limit 307200kB, failcnt 74115 [ 2579.236141][T25648] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2579.270959][T25648] Memory cgroup stats for /syz2: [ 2579.271195][T25648] anon 139264 [ 2579.271195][T25648] file 638976 [ 2579.271195][T25648] kernel 313794560 [ 2579.271195][T25648] kernel_stack 65536 [ 2579.271195][T25648] pagetables 81920 [ 2579.271195][T25648] sec_pagetables 0 [ 2579.271195][T25648] percpu 5611104 [ 2579.271195][T25648] sock 0 [ 2579.271195][T25648] vmalloc 0 [ 2579.271195][T25648] shmem 638976 [ 2579.271195][T25648] zswap 0 [ 2579.271195][T25648] zswapped 0 [ 2579.271195][T25648] file_mapped 638976 [ 2579.271195][T25648] file_dirty 0 [ 2579.271195][T25648] file_writeback 0 [ 2579.271195][T25648] swapcached 0 [ 2579.271195][T25648] anon_thp 0 [ 2579.271195][T25648] file_thp 0 [ 2579.271195][T25648] shmem_thp 0 [ 2579.271195][T25648] inactive_anon 372736 [ 2579.271195][T25648] active_anon 405504 [ 2579.271195][T25648] inactive_file 0 [ 2579.271195][T25648] active_file 0 [ 2579.271195][T25648] unevictable 0 [ 2579.271195][T25648] slab_reclaimable 233712 [ 2579.271195][T25648] slab_unreclaimable 307770328 [ 2579.401108][T25648] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=25648,uid=0 [ 2579.417368][T25648] Memory cgroup out of memory: Killed process 25648 (syz-executor.2) total-vm:54672kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2579.494890][T25663] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2579.518867][T25663] CPU: 0 PID: 25663 Comm: syz-executor.1 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2579.529871][T25663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2579.539962][T25663] Call Trace: [ 2579.543270][T25663] [ 2579.546229][T25663] dump_stack_lvl+0xd1/0x138 [ 2579.550869][T25663] dump_header+0x10b/0x85f [ 2579.555348][T25663] oom_kill_process.cold+0x10/0x15 [ 2579.560521][T25663] out_of_memory+0x35c/0x14a0 [ 2579.565257][T25663] ? find_held_lock+0x2d/0x110 [ 2579.570077][T25663] ? oom_killer_disable+0x280/0x280 [ 2579.575337][T25663] ? find_held_lock+0x2d/0x110 [ 2579.580163][T25663] mem_cgroup_out_of_memory+0x206/0x270 [ 2579.585764][T25663] ? mem_cgroup_margin+0x130/0x130 [ 2579.590945][T25663] ? lock_downgrade+0x6e0/0x6e0 [ 2579.595857][T25663] try_charge_memcg+0xefb/0x12f0 [ 2579.600841][T25663] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2579.606869][T25663] ? lock_downgrade+0x6e0/0x6e0 [ 2579.611776][T25663] charge_memcg+0x90/0x3b0 [ 2579.616256][T25663] __mem_cgroup_charge+0x2b/0x90 [ 2579.621233][T25663] do_wp_page+0x7ec/0x3370 [ 2579.625702][T25663] ? lock_release+0x810/0x810 [ 2579.630414][T25663] ? finish_mkwrite_fault+0x3d0/0x3d0 [ 2579.635830][T25663] ? do_raw_spin_lock+0x124/0x2b0 [ 2579.640893][T25663] ? rwlock_bug.part.0+0x90/0x90 [ 2579.645872][T25663] ? lock_chain_count+0x20/0x20 [ 2579.650768][T25663] __handle_mm_fault+0x1f58/0x3c90 [ 2579.655938][T25663] ? vm_iomap_memory+0x190/0x190 [ 2579.660954][T25663] handle_mm_fault+0x1b6/0x850 [ 2579.665773][T25663] do_user_addr_fault+0x475/0x1210 [ 2579.670931][T25663] ? rcu_read_lock_sched_held+0x3e/0x70 [ 2579.676536][T25663] exc_page_fault+0x98/0x170 [ 2579.681163][T25663] asm_exc_page_fault+0x26/0x30 [ 2579.686052][T25663] RIP: 0033:0x7ff9f2039570 09:54:34 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0x7000000) 09:54:34 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0xf401, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:34 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x1000000000000000}, 0x0) [ 2579.690499][T25663] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2579.710141][T25663] RSP: 002b:00007fffc68a9390 EFLAGS: 00010246 [ 2579.716237][T25663] RAX: 000000004717ba0b RBX: 00007ff9f21ac018 RCX: 0000001b31c20000 [ 2579.724235][T25663] RDX: 0000000000000000 RSI: 0000001b31c20018 RDI: 0000000000000022 [ 2579.732253][T25663] RBP: 000000004717ba0b R08: 0000000000001a0b R09: 000000004717ba0f 09:54:34 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2579.740254][T25663] R10: 00007fffc68a9550 R11: 0000000000000246 R12: 00007ff9f21a0000 [ 2579.748253][T25663] R13: 0000000000000001 R14: 0000000000000000 R15: ffffffff87bef361 [ 2579.756263][T25663] ? __x64_sys_socket+0x11/0xb0 [ 2579.761185][T25663] [ 2579.800418][T25663] memory: usage 307188kB, limit 307200kB, failcnt 35976 [ 2579.822191][T25663] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2579.838358][T25663] Memory cgroup stats for /syz1: [ 2579.838560][T25663] anon 102400 [ 2579.838560][T25663] file 606208 [ 2579.838560][T25663] kernel 313851904 [ 2579.838560][T25663] kernel_stack 65536 [ 2579.838560][T25663] pagetables 73728 [ 2579.838560][T25663] sec_pagetables 0 [ 2579.838560][T25663] percpu 5612288 [ 2579.838560][T25663] sock 0 [ 2579.838560][T25663] vmalloc 0 [ 2579.838560][T25663] shmem 602112 [ 2579.838560][T25663] zswap 0 [ 2579.838560][T25663] zswapped 0 [ 2579.838560][T25663] file_mapped 602112 [ 2579.838560][T25663] file_dirty 4096 [ 2579.838560][T25663] file_writeback 0 [ 2579.838560][T25663] swapcached 0 [ 2579.838560][T25663] anon_thp 0 [ 2579.838560][T25663] file_thp 0 [ 2579.838560][T25663] shmem_thp 0 [ 2579.838560][T25663] inactive_anon 270336 [ 2579.838560][T25663] active_anon 434176 [ 2579.838560][T25663] inactive_file 0 [ 2579.838560][T25663] active_file 4096 [ 2579.838560][T25663] unevictable 0 [ 2579.838560][T25663] slab_reclaimable 219568 [ 2579.838560][T25663] slab_unreclaimable 307848312 [ 2579.957883][T25663] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=25663,uid=0 [ 2579.974626][T25663] Memory cgroup out of memory: Killed process 25663 (syz-executor.1) total-vm:54540kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2579.993396][T25654] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2580.016745][T25654] CPU: 1 PID: 25654 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2580.027220][T25654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2580.037306][T25654] Call Trace: [ 2580.040609][T25654] [ 2580.043562][T25654] dump_stack_lvl+0xd1/0x138 [ 2580.048197][T25654] dump_header+0x10b/0x85f [ 2580.052661][T25654] oom_kill_process.cold+0x10/0x15 [ 2580.057820][T25654] out_of_memory+0x35c/0x14a0 [ 2580.062554][T25654] ? oom_killer_disable+0x280/0x280 [ 2580.067810][T25654] ? find_held_lock+0x2d/0x110 [ 2580.072631][T25654] mem_cgroup_out_of_memory+0x206/0x270 [ 2580.078230][T25654] ? mem_cgroup_margin+0x130/0x130 [ 2580.083559][T25654] ? lock_downgrade+0x6e0/0x6e0 [ 2580.088469][T25654] try_charge_memcg+0xefb/0x12f0 [ 2580.093452][T25654] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2580.099471][T25654] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2580.105245][T25654] ? lock_downgrade+0x6e0/0x6e0 [ 2580.110131][T25654] ? lock_downgrade+0x6e0/0x6e0 [ 2580.115028][T25654] __memcg_kmem_charge_page+0x16e/0x3b0 [ 2580.120623][T25654] memcg_charge_kernel_stack.part.0+0x6c/0x150 [ 2580.126820][T25654] copy_process+0x4e3/0x7520 [ 2580.131448][T25654] ? __lock_acquire+0xbc3/0x56d0 [ 2580.136438][T25654] ? __cleanup_sighand+0xb0/0xb0 [ 2580.141412][T25654] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 2580.147438][T25654] ? psi_memstall_leave+0x174/0x250 [ 2580.154343][T25654] kernel_clone+0xeb/0x990 [ 2580.158812][T25654] ? create_io_thread+0xf0/0xf0 [ 2580.163796][T25654] ? percpu_ref_put_many.constprop.0+0x6a/0x1a0 [ 2580.170091][T25654] ? lock_downgrade+0x6e0/0x6e0 [ 2580.174997][T25654] __do_sys_clone+0xba/0x100 [ 2580.179626][T25654] ? kernel_clone+0x990/0x990 [ 2580.184356][T25654] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2580.190295][T25654] do_syscall_64+0x39/0xb0 [ 2580.194752][T25654] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2580.200679][T25654] RIP: 0033:0x7f0b7de8d4f1 [ 2580.205119][T25654] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2580.224848][T25654] RSP: 002b:00007fff063700b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2580.233298][T25654] RAX: ffffffffffffffda RBX: 00007f0b7eb82700 RCX: 00007f0b7de8d4f1 [ 2580.241294][T25654] RDX: 00007f0b7eb829d0 RSI: 00007f0b7eb822f0 RDI: 00000000003d0f00 [ 2580.249299][T25654] RBP: 00007fff06370300 R08: 00007f0b7eb82700 R09: 00007f0b7eb82700 [ 2580.257297][T25654] R10: 00007f0b7eb829d0 R11: 0000000000000206 R12: 00007fff0637016e [ 2580.265296][T25654] R13: 00007fff0637016f R14: 00007f0b7eb82300 R15: 0000000000022000 [ 2580.273321][T25654] [ 2580.286207][T25654] memory: usage 307200kB, limit 307200kB, failcnt 83876 [ 2580.293812][T25654] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2580.301238][T25654] Memory cgroup stats for /syz0: [ 2580.301484][T25654] anon 143360 [ 2580.301484][T25654] file 479232 [ 2580.301484][T25654] kernel 313950208 [ 2580.301484][T25654] kernel_stack 65536 [ 2580.301484][T25654] pagetables 77824 [ 2580.301484][T25654] sec_pagetables 0 [ 2580.301484][T25654] percpu 5614592 [ 2580.301484][T25654] sock 0 [ 2580.301484][T25654] vmalloc 8192 [ 2580.301484][T25654] shmem 479232 [ 2580.301484][T25654] zswap 0 [ 2580.301484][T25654] zswapped 0 [ 2580.301484][T25654] file_mapped 479232 [ 2580.301484][T25654] file_dirty 0 [ 2580.301484][T25654] file_writeback 0 [ 2580.301484][T25654] swapcached 0 [ 2580.301484][T25654] anon_thp 0 [ 2580.301484][T25654] file_thp 0 [ 2580.301484][T25654] shmem_thp 0 [ 2580.301484][T25654] inactive_anon 180224 [ 2580.301484][T25654] active_anon 442368 [ 2580.301484][T25654] inactive_file 0 [ 2580.301484][T25654] active_file 0 [ 2580.301484][T25654] unevictable 0 [ 2580.301484][T25654] slab_reclaimable 28096 [ 2580.301484][T25654] slab_unreclaimable 308117064 [ 2580.401025][T25654] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=25654,uid=0 [ 2580.417218][T25654] Memory cgroup out of memory: Killed process 25654 (syz-executor.0) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2580.438585][T25677] __nla_validate_parse: 3 callbacks suppressed 09:54:34 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x6c00000000000000}, 0x0) 09:54:34 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00'}) 09:54:34 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r1, 0x10, 0x70bd2b, 0x2}, 0x14}}, 0x40) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r4, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000470700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r2) sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="004e0af7ff99aac215b797808612", @ANYRES16=r6, @ANYBLOB="000426bd7000fbdbdf251900000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44015}, 0xe85ea66a7372ebdc) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x1c, r8, 0x309, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) 09:54:34 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x2, 0x18, 0x0, @wg=@data}}}}}, 0x0) 09:54:34 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f00000001c0), 0xc, &(0x7f0000000600)={0x0, 0x148}}, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000e100892ba8d2000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000a00)={0x0, 0x5, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000000}, 0x0) [ 2580.460586][T25677] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. 09:54:34 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev, {[@lsrr={0x83, 0x7, 0xed, [@local]}, @lsrr={0x83, 0x3}]}}, {0x0, 0x3, 0x18, 0x0, @wg=@data}}}}}, 0x0) [ 2580.551731][T25669] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2580.596718][T25669] CPU: 1 PID: 25669 Comm: syz-executor.2 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2580.607206][T25669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2580.617301][T25669] Call Trace: [ 2580.620609][T25669] [ 2580.623572][T25669] dump_stack_lvl+0xd1/0x138 [ 2580.628219][T25669] dump_header+0x10b/0x85f [ 2580.632687][T25669] oom_kill_process.cold+0x10/0x15 [ 2580.637843][T25669] out_of_memory+0x35c/0x14a0 [ 2580.642564][T25669] ? find_held_lock+0x2d/0x110 [ 2580.647357][T25669] ? oom_killer_disable+0x280/0x280 [ 2580.652592][T25669] ? find_held_lock+0x2d/0x110 [ 2580.657389][T25669] mem_cgroup_out_of_memory+0x206/0x270 [ 2580.662969][T25669] ? mem_cgroup_margin+0x130/0x130 [ 2580.668125][T25669] ? lock_downgrade+0x6e0/0x6e0 [ 2580.673035][T25669] try_charge_memcg+0xefb/0x12f0 [ 2580.678017][T25669] ? mem_cgroup_handle_over_high+0x520/0x520 [ 2580.684034][T25669] ? get_mem_cgroup_from_objcg+0xa1/0x260 [ 2580.689807][T25669] ? lock_downgrade+0x6e0/0x6e0 [ 2580.694731][T25669] obj_cgroup_charge+0x2af/0x5e0 [ 2580.699704][T25669] ? vm_area_dup+0x7d/0x380 [ 2580.704229][T25669] kmem_cache_alloc+0xb5/0x430 [ 2580.709024][T25669] vm_area_dup+0x7d/0x380 [ 2580.713387][T25669] ? mt_slot+0xa1/0x170 [ 2580.717582][T25669] ? mas_next_nentry+0x610/0xab0 [ 2580.722554][T25669] ? mas_next_node+0x547/0xa00 [ 2580.727350][T25669] ? mas_find+0x211/0xd10 [ 2580.731798][T25669] ? vm_area_alloc+0x100/0x100 [ 2580.736587][T25669] ? validate_mm_mt+0x149/0x1b0 [ 2580.741458][T25669] ? remove_vma+0x130/0x130 [ 2580.745988][T25669] ? can_vma_merge_before+0x390/0x390 [ 2580.751391][T25669] __split_vma+0xae/0x5e0 [ 2580.755736][T25669] ? vma_merge+0x2cf/0x870 [ 2580.760174][T25669] split_vma+0xa3/0xe0 [ 2580.764266][T25669] mprotect_fixup+0x686/0x960 [ 2580.768983][T25669] ? mas_find+0x211/0xd10 [ 2580.773331][T25669] ? change_protection+0x3b30/0x3b30 [ 2580.778653][T25669] do_mprotect_pkey+0x6fd/0xa70 [ 2580.783534][T25669] ? mprotect_fixup+0x960/0x960 [ 2580.788404][T25669] ? up_write+0x1b0/0x520 [ 2580.792797][T25669] __x64_sys_mprotect+0x78/0xb0 [ 2580.797693][T25669] do_syscall_64+0x39/0xb0 [ 2580.802156][T25669] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2580.808094][T25669] RIP: 0033:0x7f909a68c1d7 [ 2580.812531][T25669] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2580.832173][T25669] RSP: 002b:00007ffc6e869e78 EFLAGS: 00000206 ORIG_RAX: 000000000000000a [ 2580.840619][T25669] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f909a68c1d7 [ 2580.848605][T25669] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f909b41a000 [ 2580.856607][T25669] RBP: 00007ffc6e869f50 R08: 00000000ffffffff R09: 00007f909b439700 [ 2580.864595][T25669] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffc6e86a070 [ 2580.872581][T25669] R13: 00007f909b439700 R14: 0000000000000000 R15: 0000000000022000 [ 2580.880592][T25669] [ 2580.887107][T25692] ------------[ cut here ]------------ [ 2580.890194][T25669] memory: usage 307200kB, limit 307200kB, failcnt 74255 [ 2580.892621][T25692] WARNING: CPU: 1 PID: 25692 at net/ipv4/route.c:1259 ip_rt_bug+0x28/0x120 [ 2580.892684][T25692] Modules linked in: [ 2580.892700][T25692] CPU: 1 PID: 25692 Comm: syz-executor.5 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2580.921179][T25669] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2580.922641][T25692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2580.922662][T25692] RIP: 0010:ip_rt_bug+0x28/0x120 [ 2580.944693][T25692] Code: 00 00 f3 0f 1e fa 41 54 55 48 89 d5 53 48 83 ec 08 e8 0c dd 37 f9 66 90 e8 05 dd 37 f9 be 02 00 00 00 48 89 ef e8 88 e4 78 ff <0f> 0b 48 83 c4 08 31 c0 5b 5d 41 5c c3 e8 e6 dc 37 f9 48 8d 7d 10 [ 2580.959213][T25669] Memory cgroup stats for [ 2580.964429][T25692] RSP: 0018:ffffc9000379f470 EFLAGS: 00010212 [ 2580.975003][T25692] RAX: 000000000000106f RBX: ffff8880792d8000 RCX: ffffc9000cb0c000 [ 2580.982776][T25669] /syz2: [ 2580.983045][T25692] RDX: 0000000000040000 RSI: ffffffff88497568 RDI: 0000000000000000 [ 2580.985057][T25669] anon 139264 [ 2580.985057][T25669] file 638976 [ 2580.985057][T25669] kernel 313794560 [ 2580.985057][T25669] kernel_stack 65536 [ 2580.985057][T25669] pagetables 81920 [ 2580.985057][T25669] sec_pagetables 0 [ 2580.985057][T25669] percpu 5611104 [ 2580.985057][T25669] sock 0 [ 2580.985057][T25669] vmalloc 0 [ 2580.985057][T25669] shmem 638976 [ 2580.985057][T25669] zswap 0 [ 2580.985057][T25669] zswapped 0 [ 2580.985057][T25669] file_mapped 638976 [ 2580.985057][T25669] file_dirty 0 [ 2580.985057][T25669] file_writeback 0 [ 2580.985057][T25669] swapcached 0 [ 2580.985057][T25669] anon_thp 0 [ 2580.985057][T25669] file_thp 0 [ 2580.985057][T25669] shmem_thp 0 [ 2580.985057][T25669] inactive_anon 372736 [ 2580.985057][T25669] active_anon 405504 [ 2580.985057][T25669] inactive_file 0 [ 2580.985057][T25669] active_file 0 [ 2580.985057][T25669] unevictable 0 [ 2580.985057][T25669] slab_reclaimable 233712 [ 2580.985057][T25669] slab_unreclaimable 307770328 [ 2580.985914][T25692] RBP: ffff88808240b8c0 R08: 0000000000000000 R09: ffffffff91339b57 [ 2581.029088][T25669] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null) [ 2581.082238][T25692] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88802976c500 [ 2581.082266][T25692] R13: ffff88808240b8c0 R14: 0000000000000000 R15: ffff88808240b918 [ 2581.082287][T25692] FS: 00007f3c33169700(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 2581.082315][T25692] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2581.082338][T25692] CR2: 0000000000000000 CR3: 000000016a519000 CR4: 00000000003506e0 [ 2581.082357][T25692] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 2581.082373][T25692] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 2581.082391][T25692] Call Trace: [ 2581.082400][T25692] [ 2581.082415][T25692] ip_push_pending_frames+0x129/0x2b0 [ 2581.082461][T25692] icmp_push_reply+0x319/0x440 [ 2581.082497][T25692] __icmp_send+0xb80/0x13f0 [ 2581.082547][T25692] ? icmp_route_lookup.constprop.0+0x1310/0x1310 [ 2581.082579][T25692] ? fib_multipath_hash+0x11a0/0x11a0 [ 2581.082620][T25692] ? find_held_lock+0x2d/0x110 [ 2581.190742][T25692] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 2581.196731][T25692] ? ip_route_input_noref+0x15d/0x2a0 [ 2581.202221][T25692] ip_options_compile+0xb1/0xf0 [ 2581.207122][T25692] ? __ip_options_compile+0x1570/0x1570 [ 2581.212776][T25692] ? nf_hook.constprop.0+0x3e9/0x650 [ 2581.218104][T25692] ? ip_sublist_rcv+0x980/0x980 [ 2581.223067][T25692] ip_rcv_finish_core.constprop.0+0x573/0x2110 [ 2581.229317][T25692] ip_rcv_finish+0x139/0x2f0 [ 2581.233957][T25692] ip_rcv+0xae/0xd0 [ 2581.237802][T25692] ? ip_local_deliver+0x200/0x200 [ 2581.242934][T25692] __netif_receive_skb_one_core+0x114/0x180 [ 2581.248914][T25692] ? __netif_receive_skb_core+0x3940/0x3940 [ 2581.254859][T25692] ? ktime_get_with_offset+0x3f6/0x500 [ 2581.260440][T25692] ? lockdep_hardirqs_on+0x7d/0x100 [ 2581.265690][T25692] ? ktime_get_with_offset+0x3f6/0x500 [ 2581.271259][T25692] ? ktime_get_with_offset+0x371/0x500 [ 2581.276779][T25692] __netif_receive_skb+0x1f/0x1c0 [ 2581.281920][T25692] netif_receive_skb+0x16e/0x9e0 [ 2581.286908][T25692] ? __netif_receive_skb+0x1c0/0x1c0 [ 2581.292306][T25692] ? skb_set_owner_w+0x26d/0x420 [ 2581.297302][T25692] tun_rx_batched+0x4b3/0x7a0 [ 2581.302084][T25692] ? tun_flow_cleanup+0x2a0/0x2a0 [ 2581.307153][T25692] ? lock_release+0x810/0x810 [ 2581.311558][T25669] ,cpuset= [ 2581.311907][T25692] ? tun_get_user+0x21e2/0x3870 [ 2581.312854][T25669] syz2 [ 2581.315121][T25692] ? lock_downgrade+0x6e0/0x6e0 [ 2581.327796][T25692] ? __local_bh_enable_ip+0xa4/0x130 [ 2581.333197][T25692] tun_get_user+0x23c3/0x3870 [ 2581.337943][T25692] ? tun_build_skb+0x1160/0x1160 [ 2581.342998][T25692] ? lock_downgrade+0x6e0/0x6e0 [ 2581.347340][T25669] ,mems_allowed=0-1,oom_memcg= [ 2581.347885][T25692] tun_chr_write_iter+0xdf/0x200 [ 2581.347904][T25669] /syz2 [ 2581.347929][T25692] vfs_write+0x9ed/0xdd0 [ 2581.364764][T25692] ? kernel_write+0x630/0x630 [ 2581.369566][T25692] ? __fget_files+0x26a/0x440 [ 2581.373468][T25669] ,task_memcg=/syz2 [ 2581.374289][T25692] ? __fget_light+0xe5/0x270 [ 2581.382805][T25692] ksys_write+0x12b/0x250 [ 2581.387184][T25692] ? __ia32_sys_read+0xb0/0xb0 [ 2581.392061][T25692] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2581.396337][T25669] ,task=syz-executor.2,pid=25669,uid=0 [ 2581.397979][T25692] do_syscall_64+0x39/0xb0 [ 2581.398027][T25692] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2581.413938][T25692] RIP: 0033:0x7f3c3243de4f [ 2581.418394][T25692] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2581.430211][T25669] Memory cgroup out of memory: Killed process 25669 (syz-executor.2) total-vm:54672kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2581.438083][T25692] RSP: 002b:00007f3c33169130 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2581.463836][T25692] RAX: ffffffffffffffda RBX: 00007f3c325abf80 RCX: 00007f3c3243de4f [ 2581.471883][T25692] RDX: 0000000000000046 RSI: 0000000020000280 RDI: 00000000000000c8 [ 2581.479931][T25692] RBP: 00007f3c324e7ae9 R08: 0000000000000000 R09: 0000000000000000 [ 2581.487943][T25692] R10: 0000000000000046 R11: 0000000000000293 R12: 0000000000000000 [ 2581.496038][T25692] R13: 00007ffcc8d7202f R14: 00007f3c33169300 R15: 0000000000022000 [ 2581.504124][T25692] [ 2581.507184][T25692] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 2581.514499][T25692] CPU: 1 PID: 25692 Comm: syz-executor.5 Not tainted 6.2.0-rc2-syzkaller-00232-g7d6ceeb1875c #0 [ 2581.524949][T25692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2581.535035][T25692] Call Trace: [ 2581.538328][T25692] [ 2581.541274][T25692] dump_stack_lvl+0xd1/0x138 [ 2581.545897][T25692] panic+0x2cc/0x626 [ 2581.549866][T25692] ? panic_print_sys_info.part.0+0x110/0x110 [ 2581.555898][T25692] ? ip_rt_bug+0x28/0x120 [ 2581.560264][T25692] check_panic_on_warn.cold+0x19/0x35 [ 2581.565671][T25692] __warn+0xf2/0x1a0 [ 2581.569593][T25692] ? ip_rt_bug+0x28/0x120 [ 2581.573953][T25692] report_bug+0x1c0/0x210 [ 2581.578312][T25692] handle_bug+0x3c/0x70 [ 2581.582499][T25692] exc_invalid_op+0x18/0x50 [ 2581.587031][T25692] asm_exc_invalid_op+0x1a/0x20 [ 2581.591903][T25692] RIP: 0010:ip_rt_bug+0x28/0x120 [ 2581.596872][T25692] Code: 00 00 f3 0f 1e fa 41 54 55 48 89 d5 53 48 83 ec 08 e8 0c dd 37 f9 66 90 e8 05 dd 37 f9 be 02 00 00 00 48 89 ef e8 88 e4 78 ff <0f> 0b 48 83 c4 08 31 c0 5b 5d 41 5c c3 e8 e6 dc 37 f9 48 8d 7d 10 [ 2581.616500][T25692] RSP: 0018:ffffc9000379f470 EFLAGS: 00010212 [ 2581.622617][T25692] RAX: 000000000000106f RBX: ffff8880792d8000 RCX: ffffc9000cb0c000 [ 2581.630613][T25692] RDX: 0000000000040000 RSI: ffffffff88497568 RDI: 0000000000000000 [ 2581.638617][T25692] RBP: ffff88808240b8c0 R08: 0000000000000000 R09: ffffffff91339b57 [ 2581.646614][T25692] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88802976c500 [ 2581.654612][T25692] R13: ffff88808240b8c0 R14: 0000000000000000 R15: ffff88808240b918 [ 2581.662620][T25692] ? ip_rt_bug+0x28/0x120 [ 2581.667000][T25692] ip_push_pending_frames+0x129/0x2b0 [ 2581.672404][T25692] icmp_push_reply+0x319/0x440 [ 2581.677193][T25692] __icmp_send+0xb80/0x13f0 [ 2581.681724][T25692] ? icmp_route_lookup.constprop.0+0x1310/0x1310 [ 2581.688073][T25692] ? fib_multipath_hash+0x11a0/0x11a0 [ 2581.693479][T25692] ? find_held_lock+0x2d/0x110 [ 2581.698275][T25692] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 2581.704225][T25692] ? ip_route_input_noref+0x15d/0x2a0 [ 2581.709629][T25692] ip_options_compile+0xb1/0xf0 [ 2581.714504][T25692] ? __ip_options_compile+0x1570/0x1570 [ 2581.720071][T25692] ? nf_hook.constprop.0+0x3e9/0x650 [ 2581.725379][T25692] ? ip_sublist_rcv+0x980/0x980 [ 2581.730254][T25692] ip_rcv_finish_core.constprop.0+0x573/0x2110 [ 2581.736445][T25692] ip_rcv_finish+0x139/0x2f0 [ 2581.741056][T25692] ip_rcv+0xae/0xd0 [ 2581.744884][T25692] ? ip_local_deliver+0x200/0x200 [ 2581.749926][T25692] __netif_receive_skb_one_core+0x114/0x180 [ 2581.755853][T25692] ? __netif_receive_skb_core+0x3940/0x3940 [ 2581.761775][T25692] ? ktime_get_with_offset+0x3f6/0x500 [ 2581.767269][T25692] ? lockdep_hardirqs_on+0x7d/0x100 [ 2581.772488][T25692] ? ktime_get_with_offset+0x3f6/0x500 [ 2581.777980][T25692] ? ktime_get_with_offset+0x371/0x500 [ 2581.783475][T25692] __netif_receive_skb+0x1f/0x1c0 [ 2581.788527][T25692] netif_receive_skb+0x16e/0x9e0 [ 2581.793489][T25692] ? __netif_receive_skb+0x1c0/0x1c0 [ 2581.798801][T25692] ? skb_set_owner_w+0x26d/0x420 [ 2581.803772][T25692] tun_rx_batched+0x4b3/0x7a0 [ 2581.808483][T25692] ? tun_flow_cleanup+0x2a0/0x2a0 [ 2581.813535][T25692] ? lock_release+0x810/0x810 [ 2581.818236][T25692] ? tun_get_user+0x21e2/0x3870 [ 2581.823128][T25692] ? lock_downgrade+0x6e0/0x6e0 [ 2581.828020][T25692] ? __local_bh_enable_ip+0xa4/0x130 [ 2581.833346][T25692] tun_get_user+0x23c3/0x3870 [ 2581.838079][T25692] ? tun_build_skb+0x1160/0x1160 [ 2581.843067][T25692] ? lock_downgrade+0x6e0/0x6e0 [ 2581.847963][T25692] tun_chr_write_iter+0xdf/0x200 [ 2581.852930][T25692] vfs_write+0x9ed/0xdd0 [ 2581.857197][T25692] ? kernel_write+0x630/0x630 [ 2581.861900][T25692] ? __fget_files+0x26a/0x440 [ 2581.866608][T25692] ? __fget_light+0xe5/0x270 [ 2581.871221][T25692] ksys_write+0x12b/0x250 [ 2581.875571][T25692] ? __ia32_sys_read+0xb0/0xb0 [ 2581.880355][T25692] ? syscall_enter_from_user_mode+0x26/0xb0 [ 2581.886274][T25692] do_syscall_64+0x39/0xb0 [ 2581.890720][T25692] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2581.896632][T25692] RIP: 0033:0x7f3c3243de4f [ 2581.901060][T25692] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2581.920686][T25692] RSP: 002b:00007f3c33169130 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2581.929118][T25692] RAX: ffffffffffffffda RBX: 00007f3c325abf80 RCX: 00007f3c3243de4f [ 2581.937110][T25692] RDX: 0000000000000046 RSI: 0000000020000280 RDI: 00000000000000c8 [ 2581.945093][T25692] RBP: 00007f3c324e7ae9 R08: 0000000000000000 R09: 0000000000000000 [ 2581.953077][T25692] R10: 0000000000000046 R11: 0000000000000293 R12: 0000000000000000 [ 2581.961076][T25692] R13: 00007ffcc8d7202f R14: 00007f3c33169300 R15: 0000000000022000 [ 2581.969097][T25692] [ 2581.972277][T25692] Kernel Offset: disabled [ 2581.976612][T25692] Rebooting in 86400 seconds..