{{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4788]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1855.155381][ T5100] rss_huge 0
[ 1855.183906][ T5100] shmem 0
[ 1855.203211][ T5100] mapped_file 0
[ 1855.226487][ T5100] dirty 0
[ 1855.249498][ T5100] writeback 0
[ 1855.253650][T12693] sch_tbf: burst 5 is lower than device bridge3781 mtu (1514) !
[ 1855.264418][ T5100] workingset_refault_anon 7278
[ 1855.270128][ T5100] workingset_refault_file 1
[ 1855.274957][ T5100] swap 221184
[ 1855.279995][T12695] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1855.292067][ T5100] swapcached 4096
[ 1855.304672][ T5100] pgpgin 127669
[ 1855.316325][ T5100] pgpgout 127668
[ 1855.333541][ T5100] pgfault 333955
[ 1855.354966][ T5100] pgmajfault 7203
[ 1855.375305][ T5100] inactive_anon 0
[ 1855.387768][ T5100] active_anon 4096
[ 1855.431029][ T5100] inactive_file 0
[ 1855.453090][ T5100] active_file 0
[ 1855.465118][T12696] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1855.491446][T12701] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
00:46:41 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1855.497166][ T5100] unevictable 0
[ 1855.514408][ T5100] hierarchical_memory_limit 314572800
00:46:41 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
write$binfmt_misc(r3, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {}, 0x0, 0x0, 0x4}}]}}]}, 0x6c}}, 0x0)

[ 1855.544646][ T5100] hierarchical_memsw_limit 9223372036854771712
[ 1855.564599][ T5100] total_cache 0
[ 1855.611097][ T5100] total_rss 4096
[ 1855.621288][ T5100] total_rss_huge 0
[ 1855.649970][ T5100] total_shmem 0
[ 1855.658751][ T5100] total_mapped_file 0
[ 1855.669524][ T5100] total_dirty 0
[ 1855.681257][ T5100] total_writeback 0
[ 1855.691123][ T5100] total_workingset_refault_anon 7278
[ 1855.711387][ T5100] total_workingset_refault_file 1
[ 1855.728540][ T5100] total_swap 221184
[ 1855.737891][ T5100] total_swapcached 4096
[ 1855.744706][T12705] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1855.750249][ T5100] total_pgpgin 127669
00:46:42 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4888]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1855.800345][ T5100] total_pgpgout 127668
[ 1855.830503][ T5100] total_pgfault 333955
[ 1855.834657][ T5100] total_pgmajfault 7203
[ 1855.843163][T12706] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1855.861877][ T5100] total_inactive_anon 0
[ 1855.866112][ T5100] total_active_anon 4096
[ 1855.891084][ T5100] total_inactive_file 0
[ 1855.895328][ T5100] total_active_file 0
[ 1855.942724][ T5100] total_unevictable 0
[ 1855.946768][ T5100] anon_cost 0
[ 1855.991109][ T5100] file_cost 0
[ 1855.994539][ T5100] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12680,uid=0
00:46:42 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
r2 = socket(0x26, 0x2, 0xffffffff)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
r5 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r5)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x12cc0}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000012c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x1100, r6, {}, {}, {0xffff}}, [@filter_kind_options=@f_flow={{0x9}, {0x4, 0x2, [@TCA_FLOW_KEYS={0x8}]}}]}, 0x3c}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000380)={'syztnl0\x00', &(0x7f0000000400)={'sit0\x00', <r7=>0x0, 0x7800, 0x40, 0x100, 0xfffffffa, {{0xa, 0x4, 0x2, 0x10, 0x28, 0x66, 0x0, 0x5, 0x2f, 0x0, @empty, @loopback, {[@ssrr={0x89, 0x13, 0x92, [@multicast1, @loopback, @broadcast, @multicast2]}, @noop]}}}}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000480)={'ip6gre0\x00', &(0x7f0000000500)={'ip6tnl0\x00', <r8=>0x0, 0x0, 0x7, 0xff, 0x4, 0x0, @local, @private2={0xfc, 0x2, '\x00', 0x1}, 0x40, 0x10, 0x1, 0x8}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000600)={'syztnl1\x00', &(0x7f0000000580)={'ip6tnl0\x00', <r9=>0x0, 0x4, 0x20, 0xdf, 0x401, 0xfd, @private2={0xfc, 0x2, '\x00', 0x1}, @private1={0xfc, 0x1, '\x00', 0x1}, 0x7800, 0x8090, 0x2, 0x4}})
sendmsg$nl_route(r1, &(0x7f0000000700)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)=@ipv4_getnexthop={0x5c, 0x6a, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@NHA_OIF={0x8, 0x5, r6}, @NHA_ID={0x8}, @NHA_OIF={0x8, 0x5, r7}, @NHA_OIF={0x8, 0x5, r8}, @NHA_ID={0x8, 0x1, 0x2}, @NHA_FDB={0x4}, @NHA_OIF={0x8, 0x5, r9}, @NHA_FDB={0x4}, @NHA_GROUPS={0x4}, @NHA_ID={0x8, 0x1, 0x2}]}, 0x5c}, 0x1, 0x0, 0x0, 0x840}, 0x20044)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r1)
sendmsg$NL80211_CMD_START_SCHED_SCAN(r1, &(0x7f0000000300)={&(0x7f00000001c0), 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x38, r10, 0x300, 0x70bd26, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x80, 0x68}}}}, [@NL80211_ATTR_MEASUREMENT_DURATION={0x6}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x4040882}, 0xc1)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r11, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@delchain={0x3c, 0x65, 0x400, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r11, {0xd, 0xa}, {0x1, 0x10}, {0xd, 0x2}}, [@TCA_RATE={0x6, 0x5, {0x1, 0x2}}, @TCA_CHAIN={0x8, 0xb, 0x3e000}, @TCA_RATE={0x6, 0x5, {0x1, 0x2}}]}, 0x3c}}, 0x0)

00:46:42 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1856.033448][T12710] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1856.089526][ T5100] Memory cgroup out of memory: Killed process 12680 (syz-executor.0) total-vm:54640kB, anon-rss:424kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:46:42 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1856.334036][T12715] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
00:46:42 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1856.442569][T12718] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[ 1856.505303][T12718] CPU: 1 PID: 12718 Comm: syz-executor.0 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1856.515792][T12718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1856.525893][T12718] Call Trace:
[ 1856.529207][T12718]  <TASK>
[ 1856.532165][T12718]  dump_stack_lvl+0x1e7/0x2e0
[ 1856.536890][T12718]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1856.542131][T12718]  ? __pfx__printk+0x10/0x10
[ 1856.546769][T12718]  ? ___ratelimit+0x4c4/0x670
[ 1856.551497][T12718]  ? __pfx____ratelimit+0x10/0x10
[ 1856.556582][T12718]  dump_header+0xda/0x6a0
[ 1856.560968][T12718]  oom_kill_process+0x3a7/0x930
[ 1856.565878][T12718]  out_of_memory+0xf67/0x1320
[ 1856.570615][T12718]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1856.576306][T12718]  ? __pfx___mutex_lock+0x10/0x10
[ 1856.581380][T12718]  ? __pfx_out_of_memory+0x10/0x10
[ 1856.586554][T12718]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1856.592150][T12718]  ? __pfx_lock_release+0x10/0x10
[ 1856.597229][T12718]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1856.603361][T12718]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1856.608628][T12718]  ? mem_cgroup_iter+0x3e9/0x560
[ 1856.613618][T12718]  try_charge_memcg+0xda2/0x18a0
[ 1856.618726][T12718]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1856.624142][T12718]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1856.629975][T12718]  ? __pfx_lock_release+0x10/0x10
[ 1856.635148][T12718]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1856.641191][T12718]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1856.646955][T12718]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1856.652839][T12718]  obj_cgroup_charge+0x389/0x630
[ 1856.657840][T12718]  ? obj_cgroup_charge+0x121/0x630
[ 1856.663029][T12718]  ? __pfx_obj_cgroup_charge+0x10/0x10
[ 1856.668542][T12718]  ? kmalloc_trace+0x4e/0x360
[ 1856.673271][T12718]  ? __pfx___might_resched+0x10/0x10
[ 1856.678614][T12718]  __memcg_slab_pre_alloc_hook+0x28d/0x2b0
[ 1856.684495][T12718]  ? copy_semundo+0xb5/0x240
[ 1856.689138][T12718]  kmalloc_trace+0x216/0x360
[ 1856.693776][T12718]  ? __asan_memcpy+0x40/0x70
[ 1856.698421][T12718]  copy_semundo+0xb5/0x240
[ 1856.702896][T12718]  copy_process+0x1bc3/0x3fc0
[ 1856.707641][T12718]  ? copy_process+0x9c3/0x3fc0
[ 1856.712472][T12718]  ? __pfx_copy_process+0x10/0x10
[ 1856.717541][T12718]  ? __might_fault+0xc5/0x120
[ 1856.722270][T12718]  ? __asan_memset+0x23/0x50
[ 1856.726918][T12718]  kernel_clone+0x21d/0x8d0
[ 1856.731473][T12718]  ? __pfx_kernel_clone+0x10/0x10
[ 1856.736559][T12718]  __se_sys_clone3+0x2cb/0x350
[ 1856.741387][T12718]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1856.746748][T12718]  ? do_syscall_64+0x108/0x240
[ 1856.751566][T12718]  ? do_syscall_64+0xb4/0x240
[ 1856.756299][T12718]  do_syscall_64+0xf9/0x240
[ 1856.760867][T12718]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1856.766828][T12718] RIP: 0033:0x7fd21c6a9b99
[ 1856.771332][T12718] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1856.790986][T12718] RSP: 002b:00007ffdc1e200c8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1856.799454][T12718] RAX: ffffffffffffffda RBX: 00007fd21c652270 RCX: 00007fd21c6a9b99
[ 1856.807473][T12718] RDX: 00007fd21c652270 RSI: 0000000000000058 RDI: 00007ffdc1e20110
[ 1856.815495][T12718] RBP: 00007fd21d49d6c0 R08: 00007fd21d49d6c0 R09: 00007ffdc1e201f7
[ 1856.823520][T12718] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1856.831538][T12718] R13: 000000000000000b R14: 00007ffdc1e20110 R15: 00007ffdc1e201f8
[ 1856.839583][T12718]  </TASK>
00:46:43 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1856.908617][T12721] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1856.929537][T12718] memory: usage 307200kB, limit 307200kB, failcnt 23423
[ 1856.937888][T12718] memory+swap: usage 307472kB, limit 9007199254740988kB, failcnt 0
[ 1856.946265][T12718] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[ 1856.956034][T12718] Memory cgroup stats for /syz0:
[ 1856.956185][T12718] cache 4096
[ 1856.966532][T12718] rss 0
[ 1856.969771][T12718] rss_huge 0
[ 1856.973163][T12718] shmem 0
[ 1856.976272][T12718] mapped_file 0
[ 1856.985255][T12718] dirty 0
[ 1856.988546][T12718] writeback 0
[ 1856.991985][T12718] workingset_refault_anon 7416
[ 1856.996891][T12718] workingset_refault_file 1
00:46:43 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1857.021635][T12718] swap 278528
[ 1857.033704][T12718] swapcached 0
[ 1857.042040][T12718] pgpgin 127823
[ 1857.050419][T12718] pgpgout 127822
[ 1857.060405][T12718] pgfault 334186
[ 1857.069023][T12718] pgmajfault 7337
[ 1857.076403][T12718] inactive_anon 0
[ 1857.087892][T12718] active_anon 0
[ 1857.109484][T12718] inactive_file 0
00:46:43 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async, rerun: 32)
r2 = socket(0x26, 0x2, 0xffffffff) (rerun: 32)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0) (async)
r5 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r5)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x12cc0}, 0x0) (async)
sendmsg$nl_route_sched(r2, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000012c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x1100, r6, {}, {}, {0xffff}}, [@filter_kind_options=@f_flow={{0x9}, {0x4, 0x2, [@TCA_FLOW_KEYS={0x8}]}}]}, 0x3c}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000380)={'syztnl0\x00', &(0x7f0000000400)={'sit0\x00', <r7=>0x0, 0x7800, 0x40, 0x100, 0xfffffffa, {{0xa, 0x4, 0x2, 0x10, 0x28, 0x66, 0x0, 0x5, 0x2f, 0x0, @empty, @loopback, {[@ssrr={0x89, 0x13, 0x92, [@multicast1, @loopback, @broadcast, @multicast2]}, @noop]}}}}}) (async, rerun: 32)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000480)={'ip6gre0\x00', &(0x7f0000000500)={'ip6tnl0\x00', <r8=>0x0, 0x0, 0x7, 0xff, 0x4, 0x0, @local, @private2={0xfc, 0x2, '\x00', 0x1}, 0x40, 0x10, 0x1, 0x8}}) (rerun: 32)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000600)={'syztnl1\x00', &(0x7f0000000580)={'ip6tnl0\x00', <r9=>0x0, 0x4, 0x20, 0xdf, 0x401, 0xfd, @private2={0xfc, 0x2, '\x00', 0x1}, @private1={0xfc, 0x1, '\x00', 0x1}, 0x7800, 0x8090, 0x2, 0x4}})
sendmsg$nl_route(r1, &(0x7f0000000700)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)=@ipv4_getnexthop={0x5c, 0x6a, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@NHA_OIF={0x8, 0x5, r6}, @NHA_ID={0x8}, @NHA_OIF={0x8, 0x5, r7}, @NHA_OIF={0x8, 0x5, r8}, @NHA_ID={0x8, 0x1, 0x2}, @NHA_FDB={0x4}, @NHA_OIF={0x8, 0x5, r9}, @NHA_FDB={0x4}, @NHA_GROUPS={0x4}, @NHA_ID={0x8, 0x1, 0x2}]}, 0x5c}, 0x1, 0x0, 0x0, 0x840}, 0x20044)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r1)
sendmsg$NL80211_CMD_START_SCHED_SCAN(r1, &(0x7f0000000300)={&(0x7f00000001c0), 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x38, r10, 0x300, 0x70bd26, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x80, 0x68}}}}, [@NL80211_ATTR_MEASUREMENT_DURATION={0x6}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x4040882}, 0xc1) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r11, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@delchain={0x3c, 0x65, 0x400, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r11, {0xd, 0xa}, {0x1, 0x10}, {0xd, 0x2}}, [@TCA_RATE={0x6, 0x5, {0x1, 0x2}}, @TCA_CHAIN={0x8, 0xb, 0x3e000}, @TCA_RATE={0x6, 0x5, {0x1, 0x2}}]}, 0x3c}}, 0x0)

[ 1857.120176][T12718] active_file 4096
[ 1857.129104][T12718] unevictable 0
[ 1857.136986][T12718] hierarchical_memory_limit 314572800
[ 1857.150053][T12718] hierarchical_memsw_limit 9223372036854771712
[ 1857.166410][T12718] total_cache 4096
[ 1857.172315][T12718] total_rss 0
[ 1857.180254][T12718] total_rss_huge 0
[ 1857.204851][T12718] total_shmem 0
[ 1857.221114][T12718] total_mapped_file 0
[ 1857.247635][T12718] total_dirty 0
[ 1857.257590][T12718] total_writeback 0
[ 1857.274625][T12718] total_workingset_refault_anon 7416
[ 1857.287185][T12718] total_workingset_refault_file 1
[ 1857.292272][T12718] total_swap 278528
00:46:43 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1857.296114][T12718] total_swapcached 0
[ 1857.310069][T12718] total_pgpgin 127823
[ 1857.314512][T12718] total_pgpgout 127822
[ 1857.340133][T12718] total_pgfault 334186
[ 1857.344404][T12718] total_pgmajfault 7337
[ 1857.354859][T12718] total_inactive_anon 0
[ 1857.361868][T12718] total_active_anon 0
[ 1857.365983][T12718] total_inactive_file 0
[ 1857.387971][T12718] total_active_file 4096
[ 1857.392300][T12718] total_unevictable 0
[ 1857.396317][T12718] anon_cost 0
[ 1857.422927][T12718] file_cost 0
[ 1857.440104][T12718] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12718,uid=0
[ 1857.483344][T12718] Memory cgroup out of memory: Killed process 12718 (syz-executor.0) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:46:43 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42c]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1858.314994][T12741] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1858.330448][T12741] CPU: 1 PID: 12741 Comm: syz-executor.0 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1858.340950][T12741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1858.351051][T12741] Call Trace:
[ 1858.354368][T12741]  <TASK>
[ 1858.357337][T12741]  dump_stack_lvl+0x1e7/0x2e0
[ 1858.362078][T12741]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1858.365664][T12728] tbf_change: 6 callbacks suppressed
[ 1858.365683][T12728] sch_tbf: burst 0 is lower than device bridge4494 mtu (1514) !
[ 1858.367307][T12741]  ? __pfx__printk+0x10/0x10
[ 1858.367340][T12741]  ? ___ratelimit+0x4c4/0x670
[ 1858.367376][T12741]  ? __pfx____ratelimit+0x10/0x10
[ 1858.394713][T12741]  dump_header+0xda/0x6a0
[ 1858.399109][T12741]  oom_kill_process+0x3a7/0x930
[ 1858.404022][T12741]  out_of_memory+0xf67/0x1320
[ 1858.408757][T12741]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1858.414443][T12741]  ? __pfx___mutex_lock+0x10/0x10
[ 1858.419528][T12741]  ? __pfx_out_of_memory+0x10/0x10
[ 1858.424705][T12741]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1858.430299][T12741]  ? __pfx_lock_release+0x10/0x10
[ 1858.435386][T12741]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1858.441523][T12741]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1858.446776][T12741]  ? mem_cgroup_iter+0x3e9/0x560
[ 1858.451778][T12741]  try_charge_memcg+0xda2/0x18a0
[ 1858.456802][T12741]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1858.462230][T12741]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1858.468006][T12741]  ? __pfx_lock_release+0x10/0x10
[ 1858.473097][T12741]  ? memcg_account_kmem+0x1e7/0x210
[ 1858.478361][T12741]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1858.484224][T12741]  __memcg_kmem_charge_page+0xe1/0x250
[ 1858.489745][T12741]  memcg_charge_kernel_stack+0x28a/0x550
[ 1858.495469][T12741]  dup_task_struct+0x15d/0x7d0
[ 1858.500296][T12741]  copy_process+0x5d5/0x3fc0
[ 1858.504963][T12741]  ? __might_fault+0xa9/0x120
[ 1858.509696][T12741]  ? __pfx_lock_release+0x10/0x10
[ 1858.514788][T12741]  ? __pfx_copy_process+0x10/0x10
[ 1858.519860][T12741]  ? __might_fault+0xc5/0x120
[ 1858.524590][T12741]  ? __asan_memset+0x23/0x50
[ 1858.529237][T12741]  kernel_clone+0x21d/0x8d0
[ 1858.533794][T12741]  ? __pfx_kernel_clone+0x10/0x10
[ 1858.538879][T12741]  __se_sys_clone3+0x2cb/0x350
[ 1858.543700][T12741]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1858.549088][T12741]  ? do_syscall_64+0x108/0x240
[ 1858.553916][T12741]  ? do_syscall_64+0xb4/0x240
[ 1858.558650][T12741]  do_syscall_64+0xf9/0x240
[ 1858.563221][T12741]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1858.569173][T12741] RIP: 0033:0x7fd21c6a9b99
[ 1858.573642][T12741] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1858.593295][T12741] RSP: 002b:00007ffdc1e200c8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1858.601769][T12741] RAX: ffffffffffffffda RBX: 00007fd21c652270 RCX: 00007fd21c6a9b99
[ 1858.609788][T12741] RDX: 00007fd21c652270 RSI: 0000000000000058 RDI: 00007ffdc1e20110
[ 1858.617802][T12741] RBP: 00007fd21d49d6c0 R08: 00007fd21d49d6c0 R09: 00007ffdc1e201f7
[ 1858.625821][T12741] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1858.633839][T12741] R13: 000000000000000b R14: 00007ffdc1e20110 R15: 00007ffdc1e201f8
[ 1858.641879][T12741]  </TASK>
00:46:45 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c040000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1858.968140][T12741] memory: usage 307200kB, limit 307200kB, failcnt 23803
[ 1858.995170][T12741] memory+swap: usage 307384kB, limit 9007199254740988kB, failcnt 0
[ 1859.049761][T12741] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 1859.067475][T12741] Memory cgroup stats for /syz0:
[ 1859.067625][T12741] cache 8192
[ 1859.084066][T12741] rss 12288
00:46:45 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
r2 = socket(0x26, 0x2, 0xffffffff) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
r5 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r5) (async)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x12cc0}, 0x0) (async)
sendmsg$nl_route_sched(r2, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0) (async)
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000012c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x1100, r6, {}, {}, {0xffff}}, [@filter_kind_options=@f_flow={{0x9}, {0x4, 0x2, [@TCA_FLOW_KEYS={0x8}]}}]}, 0x3c}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000380)={'syztnl0\x00', &(0x7f0000000400)={'sit0\x00', <r7=>0x0, 0x7800, 0x40, 0x100, 0xfffffffa, {{0xa, 0x4, 0x2, 0x10, 0x28, 0x66, 0x0, 0x5, 0x2f, 0x0, @empty, @loopback, {[@ssrr={0x89, 0x13, 0x92, [@multicast1, @loopback, @broadcast, @multicast2]}, @noop]}}}}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000480)={'ip6gre0\x00', &(0x7f0000000500)={'ip6tnl0\x00', <r8=>0x0, 0x0, 0x7, 0xff, 0x4, 0x0, @local, @private2={0xfc, 0x2, '\x00', 0x1}, 0x40, 0x10, 0x1, 0x8}}) (async)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000600)={'syztnl1\x00', &(0x7f0000000580)={'ip6tnl0\x00', <r9=>0x0, 0x4, 0x20, 0xdf, 0x401, 0xfd, @private2={0xfc, 0x2, '\x00', 0x1}, @private1={0xfc, 0x1, '\x00', 0x1}, 0x7800, 0x8090, 0x2, 0x4}})
sendmsg$nl_route(r1, &(0x7f0000000700)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)=@ipv4_getnexthop={0x5c, 0x6a, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@NHA_OIF={0x8, 0x5, r6}, @NHA_ID={0x8}, @NHA_OIF={0x8, 0x5, r7}, @NHA_OIF={0x8, 0x5, r8}, @NHA_ID={0x8, 0x1, 0x2}, @NHA_FDB={0x4}, @NHA_OIF={0x8, 0x5, r9}, @NHA_FDB={0x4}, @NHA_GROUPS={0x4}, @NHA_ID={0x8, 0x1, 0x2}]}, 0x5c}, 0x1, 0x0, 0x0, 0x840}, 0x20044) (async)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r1)
sendmsg$NL80211_CMD_START_SCHED_SCAN(r1, &(0x7f0000000300)={&(0x7f00000001c0), 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x38, r10, 0x300, 0x70bd26, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x80, 0x68}}}}, [@NL80211_ATTR_MEASUREMENT_DURATION={0x6}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x4040882}, 0xc1) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r11, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@delchain={0x3c, 0x65, 0x400, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r11, {0xd, 0xa}, {0x1, 0x10}, {0xd, 0x2}}, [@TCA_RATE={0x6, 0x5, {0x1, 0x2}}, @TCA_CHAIN={0x8, 0xb, 0x3e000}, @TCA_RATE={0x6, 0x5, {0x1, 0x2}}]}, 0x3c}}, 0x0)

00:46:45 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6558]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1859.095271][T12740] sch_tbf: burst 0 is lower than device bridge4500 mtu (1514) !
[ 1859.110998][T12741] rss_huge 0
[ 1859.120138][T12741] shmem 0
[ 1859.125882][T12741] mapped_file 0
[ 1859.169552][T12741] dirty 0
[ 1859.172565][T12741] writeback 0
[ 1859.175886][T12741] workingset_refault_anon 7536
[ 1859.214365][T12741] workingset_refault_file 1
[ 1859.224488][T12741] swap 229376
[ 1859.235514][T12741] swapcached 8192
[ 1859.269250][T12741] pgpgin 127957
[ 1859.282399][T12741] pgpgout 127952
[ 1859.304352][T12741] pgfault 334389
[ 1859.315555][T12741] pgmajfault 7446
[ 1859.325550][T12744] sch_tbf: burst 0 is lower than device bridge4495 mtu (1514) !
[ 1859.326113][T12741] inactive_anon 0
[ 1859.340843][T12741] active_anon 12288
[ 1859.344804][T12741] inactive_file 0
[ 1859.349601][T12741] active_file 8192
[ 1859.353461][T12741] unevictable 0
[ 1859.357784][T12741] hierarchical_memory_limit 314572800
[ 1859.363311][T12741] hierarchical_memsw_limit 9223372036854771712
00:46:45 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x46150000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1859.399803][T12741] total_cache 8192
[ 1859.410378][T12741] total_rss 12288
[ 1859.425427][T12741] total_rss_huge 0
[ 1859.440878][T12741] total_shmem 0
00:46:45 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=@newqdisc={0x54, 0x24, 0x100, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x2, 0xfff7}, {0x5, 0xb}, {0xffe0, 0xffff}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x4e0a}, @TCA_RATE={0x6, 0x5, {0x8, 0x5}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x200}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x80000000}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x1}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x3}]}, 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x88c)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x44, r4, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_DEVKEY={0x24, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}, @NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}]}]}]}, 0x44}}, 0x0)
r5 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$NLBL_UNLABEL_C_ACCEPT(r3, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x44, r5, 0x8, 0x70bd2a, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @broadcast}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast2}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth1_to_bridge\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x44000}, 0x20088000)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x30, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0)

[ 1859.453105][T12741] total_mapped_file 0
[ 1859.480374][T12741] total_dirty 0
[ 1859.483906][T12741] total_writeback 0
[ 1859.500425][T12741] total_workingset_refault_anon 7536
[ 1859.505782][T12741] total_workingset_refault_file 1
[ 1859.550135][T12741] total_swap 229376
[ 1859.569067][T12753] sch_tbf: burst 0 is lower than device bridge4501 mtu (1514) !
[ 1859.577856][T12741] total_swapcached 8192
[ 1859.582076][T12741] total_pgpgin 127957
[ 1859.586087][T12741] total_pgpgout 127952
00:46:45 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8100]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1859.627125][T12741] total_pgfault 334389
[ 1859.631262][T12741] total_pgmajfault 7446
[ 1859.653016][T12741] total_inactive_anon 0
[ 1859.667200][T12741] total_active_anon 12288
[ 1859.671690][T12741] total_inactive_file 0
[ 1859.675909][T12741] total_active_file 8192
[ 1859.709302][T12741] total_unevictable 0
[ 1859.713377][T12741] anon_cost 0
[ 1859.716669][T12741] file_cost 0
[ 1859.732501][T12741] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12741,uid=0
[ 1859.749777][T12758] sch_tbf: burst 0 is lower than device bridge4496 mtu (1514) !
00:46:46 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=@newqdisc={0x54, 0x24, 0x100, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x2, 0xfff7}, {0x5, 0xb}, {0xffe0, 0xffff}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x4e0a}, @TCA_RATE={0x6, 0x5, {0x8, 0x5}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x200}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x80000000}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x1}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x3}]}, 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x88c)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x44, r4, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_DEVKEY={0x24, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}, @NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}]}]}]}, 0x44}}, 0x0)
r5 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$NLBL_UNLABEL_C_ACCEPT(r3, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x44, r5, 0x8, 0x70bd2a, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @broadcast}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast2}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth1_to_bridge\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x44000}, 0x20088000)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x30, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=@newqdisc={0x54, 0x24, 0x100, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x2, 0xfff7}, {0x5, 0xb}, {0xffe0, 0xffff}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x4e0a}, @TCA_RATE={0x6, 0x5, {0x8, 0x5}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x200}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x80000000}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x1}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x3}]}, 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x88c) (async)
socket(0x10, 0x3, 0x0) (async)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff) (async)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x44, r4, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_DEVKEY={0x24, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}, @NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}]}]}]}, 0x44}}, 0x0) (async)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000340), 0xffffffffffffffff) (async)
sendmsg$NLBL_UNLABEL_C_ACCEPT(r3, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x44, r5, 0x8, 0x70bd2a, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @broadcast}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast2}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth1_to_bridge\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x44000}, 0x20088000) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x30, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0) (async)

[ 1859.759686][T12741] Memory cgroup out of memory: Killed process 12741 (syz-executor.0) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:46:46 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:46:46 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1860.013242][T12761] sch_tbf: burst 0 is lower than device bridge4502 mtu (1514) !
[ 1860.038415][T12767] __nla_validate_parse: 7 callbacks suppressed
[ 1860.038431][T12767] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
00:46:46 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8847]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1860.184480][ T5100] syz-executor.0 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1860.209300][ T5100] CPU: 0 PID: 5100 Comm: syz-executor.0 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1860.219789][ T5100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1860.229883][ T5100] Call Trace:
[ 1860.233196][ T5100]  <TASK>
[ 1860.236157][ T5100]  dump_stack_lvl+0x1e7/0x2e0
[ 1860.240890][ T5100]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1860.246139][ T5100]  ? __pfx__printk+0x10/0x10
[ 1860.250774][ T5100]  ? ___ratelimit+0x4c4/0x670
[ 1860.255505][ T5100]  ? __pfx____ratelimit+0x10/0x10
[ 1860.260584][ T5100]  dump_header+0xda/0x6a0
[ 1860.264969][ T5100]  oom_kill_process+0x3a7/0x930
[ 1860.269882][ T5100]  out_of_memory+0xf67/0x1320
[ 1860.274607][ T5100]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1860.280290][ T5100]  ? __pfx___mutex_lock+0x10/0x10
[ 1860.285364][ T5100]  ? __pfx_out_of_memory+0x10/0x10
[ 1860.290536][ T5100]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1860.296125][ T5100]  ? __pfx_lock_release+0x10/0x10
[ 1860.301218][ T5100]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1860.307339][ T5100]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1860.312572][ T5100]  ? mem_cgroup_iter+0x3e9/0x560
[ 1860.317530][ T5100]  try_charge_memcg+0xda2/0x18a0
[ 1860.322481][ T5100]  ? mark_lock+0x9a/0x350
[ 1860.326836][ T5100]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1860.332248][ T5100]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1860.338409][ T5100]  charge_memcg+0xa2/0x160
[ 1860.342845][ T5100]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1860.348924][ T5100]  __read_swap_cache_async+0x480/0x8b0
[ 1860.354400][ T5100]  ? mark_lock+0x9a/0x350
[ 1860.358754][ T5100]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1860.364762][ T5100]  swap_cluster_readahead+0x67c/0x810
[ 1860.370159][ T5100]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1860.376073][ T5100]  ? __pfx_lock_release+0x10/0x10
[ 1860.381114][ T5100]  ? xas_descend+0x37e/0x470
[ 1860.385754][ T5100]  swapin_readahead+0x1ea/0x1070
[ 1860.390702][ T5100]  ? filemap_get_entry+0x127/0x4e0
[ 1860.395835][ T5100]  ? __pfx_swapin_readahead+0x10/0x10
[ 1860.401226][ T5100]  ? __filemap_get_folio+0x935/0xbc0
[ 1860.406525][ T5100]  ? swap_cache_get_folio+0x9f/0x570
[ 1860.411829][ T5100]  do_swap_page+0x791/0x3f40
[ 1860.416434][ T5100]  ? rcu_is_watching+0x15/0xb0
[ 1860.421221][ T5100]  ? do_swap_page+0x154/0x3f40
[ 1860.425987][ T5100]  ? __pfx_do_swap_page+0x10/0x10
[ 1860.431015][ T5100]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1860.436486][ T5100]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1860.442311][ T5100]  ? __pfx_validate_chain+0x10/0x10
[ 1860.447525][ T5100]  __handle_mm_fault+0x15e8/0x72d0
[ 1860.452677][ T5100]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1860.458153][ T5100]  ? mt_find+0x226/0x850
[ 1860.462417][ T5100]  ? __pfx_lock_release+0x10/0x10
[ 1860.467475][ T5100]  ? mt_find+0x62d/0x850
[ 1860.471735][ T5100]  ? mt_find+0x226/0x850
[ 1860.476028][ T5100]  ? find_vma+0x142/0x1c0
[ 1860.480366][ T5100]  ? __pfx_find_vma+0x10/0x10
[ 1860.485046][ T5100]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1860.491060][ T5100]  handle_mm_fault+0x3c1/0x8a0
[ 1860.495840][ T5100]  exc_page_fault+0x2ad/0x870
[ 1860.500539][ T5100]  asm_exc_page_fault+0x26/0x30
[ 1860.505393][ T5100] RIP: 0010:__get_user_8+0x11/0x20
[ 1860.510515][ T5100] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 1860.530136][ T5100] RSP: 0018:ffffc90003b7fd98 EFLAGS: 00050202
[ 1860.536215][ T5100] RAX: 00005555555bbda8 RBX: ffff88807f0ed0b8 RCX: ffffc90003b7fc03
[ 1860.544216][ T5100] RDX: 0000000000000000 RSI: ffffffff8baac7e0 RDI: ffffffff8bfe6de0
[ 1860.552191][ T5100] RBP: ffffc90003b7fec8 R08: ffffffff8f856baf R09: 1ffffffff1f0ad75
[ 1860.560176][ T5100] R10: dffffc0000000000 R11: fffffbfff1f0ad76 R12: ffffc90003b7fda0
[ 1860.568161][ T5100] R13: ffffc90003b7ffd8 R14: dffffc0000000000 R15: ffff88807f0ebb80
[ 1860.576160][ T5100]  __rseq_handle_notify_resume+0x158/0x1490
[ 1860.582087][ T5100]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 1860.588438][ T5100]  ? syscall_exit_to_user_mode+0xa2/0x360
[ 1860.594175][ T5100]  syscall_exit_to_user_mode+0x113/0x360
[ 1860.599831][ T5100]  do_syscall_64+0x108/0x240
[ 1860.604445][ T5100]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1860.610359][ T5100] RIP: 0033:0x7fd21c6a91b5
[ 1860.614784][ T5100] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[ 1860.634399][ T5100] RSP: 002b:00007ffdc1e204a0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 1860.642825][ T5100] RAX: 0000000000000000 RBX: 000000000000366c RCX: 00007fd21c6a91b5
[ 1860.650802][ T5100] RDX: 00007ffdc1e204e0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1860.658776][ T5100] RBP: 00007ffdc1e2056c R08: 0000000000000000 R09: 00007ffdc1e880b0
[ 1860.666752][ T5100] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 1860.674735][ T5100] R13: 00000000001c6134 R14: 00000000001c6134 R15: 0000000000000000
[ 1860.682733][ T5100]  </TASK>
00:46:47 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=@newqdisc={0x54, 0x24, 0x100, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x2, 0xfff7}, {0x5, 0xb}, {0xffe0, 0xffff}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x4e0a}, @TCA_RATE={0x6, 0x5, {0x8, 0x5}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x200}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x80000000}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x1}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x3}]}, 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x88c)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x44, r4, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_DEVKEY={0x24, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}, @NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}]}]}]}, 0x44}}, 0x0)
r5 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$NLBL_UNLABEL_C_ACCEPT(r3, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x44, r5, 0x8, 0x70bd2a, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @broadcast}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast2}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth1_to_bridge\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x44000}, 0x20088000)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x30, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=@newqdisc={0x54, 0x24, 0x100, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x2, 0xfff7}, {0x5, 0xb}, {0xffe0, 0xffff}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x4e0a}, @TCA_RATE={0x6, 0x5, {0x8, 0x5}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x200}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x80000000}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x1}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x3}]}, 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x88c) (async)
socket(0x10, 0x3, 0x0) (async)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff) (async)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x44, r4, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_DEVKEY={0x24, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}, @NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}]}]}]}, 0x44}}, 0x0) (async)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000340), 0xffffffffffffffff) (async)
sendmsg$NLBL_UNLABEL_C_ACCEPT(r3, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x44, r5, 0x8, 0x70bd2a, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @broadcast}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast2}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth1_to_bridge\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x44000}, 0x20088000) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x30, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0) (async)

[ 1860.743214][T12769] sch_tbf: burst 0 is lower than device bridge4497 mtu (1514) !
[ 1860.752603][ T5100] memory: usage 307200kB, limit 307200kB, failcnt 24015
[ 1860.765174][T12773] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1860.797265][ T5100] memory+swap: usage 307436kB, limit 9007199254740988kB, failcnt 0
[ 1860.805514][ T5100] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[ 1860.813602][ T5100] Memory cgroup stats for /syz0:
[ 1860.813757][ T5100] cache 8192
[ 1860.822277][ T5100] rss 0
[ 1860.825171][ T5100] rss_huge 0
[ 1860.829895][ T5100] shmem 0
[ 1860.832995][ T5100] mapped_file 0
[ 1860.836574][ T5100] dirty 4096
00:46:47 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ea]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:46:47 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1860.845548][ T5100] writeback 0
[ 1860.849061][ T5100] workingset_refault_anon 7592
[ 1860.853989][ T5100] workingset_refault_file 1
[ 1860.860949][ T5100] swap 241664
[ 1860.864369][ T5100] swapcached 0
[ 1860.868953][ T5100] pgpgin 128029
[ 1860.872900][ T5100] pgpgout 128027
[ 1860.876887][ T5100] pgfault 334508
[ 1860.880666][ T5100] pgmajfault 7496
[ 1860.884418][ T5100] inactive_anon 0
[ 1860.888632][ T5100] active_anon 0
[ 1860.892219][ T5100] inactive_file 0
[ 1860.895980][ T5100] active_file 8192
[ 1860.899910][ T5100] unevictable 0
[ 1860.903486][ T5100] hierarchical_memory_limit 314572800
[ 1860.910158][ T5100] hierarchical_memsw_limit 9223372036854771712
[ 1860.925524][ T5100] total_cache 8192
[ 1860.931259][ T5100] total_rss 0
[ 1860.935345][ T5100] total_rss_huge 0
[ 1860.940770][ T5100] total_shmem 0
[ 1860.944342][ T5100] total_mapped_file 0
[ 1860.951590][ T5100] total_dirty 4096
[ 1860.955448][ T5100] total_writeback 0
[ 1860.959909][ T5100] total_workingset_refault_anon 7592
[ 1860.965261][ T5100] total_workingset_refault_file 1
[ 1860.971799][ T5100] total_swap 241664
[ 1860.977284][ T5100] total_swapcached 0
[ 1860.981336][ T5100] total_pgpgin 128029
[ 1860.999818][ T5100] total_pgpgout 128027
[ 1861.007486][ T5100] total_pgfault 334508
[ 1861.014041][ T5100] total_pgmajfault 7496
[ 1861.020582][T12774] sch_tbf: burst 0 is lower than device bridge4503 mtu (1514) !
[ 1861.021445][ T5100] total_inactive_anon 0
[ 1861.038571][ T5100] total_active_anon 0
[ 1861.046021][ T5100] total_inactive_file 0
00:46:47 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8848]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1861.064544][ T5100] total_active_file 8192
[ 1861.068049][T12779] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1861.074432][ T5100] total_unevictable 0
[ 1861.091168][ T5100] anon_cost 0
[ 1861.094612][ T5100] file_cost 0
[ 1861.111044][ T5100] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12764,uid=0
[ 1861.142320][ T5100] Memory cgroup out of memory: Killed process 12764 (syz-executor.0) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 1861.182437][T12782] sch_tbf: burst 0 is lower than device bridge4498 mtu (1514) !
00:46:47 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000180)={@remote, @remote, r2}, 0xc)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000040)=@req3={0x8000, 0x200, 0x80, 0x20000}, 0x1c)
setsockopt$packet_int(r3, 0x107, 0xc, &(0x7f0000000180), 0x4)
ioctl$F2FS_IOC_DEFRAGMENT(r3, 0xc010f508, &(0x7f0000000040)={0x5, 0x6dd})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000001000017aa5008d8ed00400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="6c00000024000b0e00"/20, @ANYRES32=r2, @ANYBLOB="00000000ffffffff0000000008000100746266004000020008000600050000000c00040050ae26a136e940ea28000100000000000000000000000000000000000000000000000000000000800000000000000000"], 0x6c}}, 0x0)

00:46:47 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ea]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:46:47 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1861.246362][T12788] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1861.442759][T12790] sch_tbf: burst 0 is lower than device bridge4504 mtu (1514) !
[ 1861.451567][T12794] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
00:46:47 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xea05]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1861.573609][T12792] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
00:46:47 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x65580000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1861.624313][T12799] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
00:46:48 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1861.872822][T12802] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1861.912309][T12795] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1861.960193][T12795] CPU: 0 PID: 12795 Comm: syz-executor.0 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1861.970678][T12795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1861.980763][T12795] Call Trace:
[ 1861.984093][T12795]  <TASK>
[ 1861.987086][T12795]  dump_stack_lvl+0x1e7/0x2e0
[ 1861.991871][T12795]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1861.997125][T12795]  ? __pfx__printk+0x10/0x10
[ 1862.001786][T12795]  ? ___ratelimit+0x4c4/0x670
[ 1862.006527][T12795]  ? __pfx____ratelimit+0x10/0x10
[ 1862.011608][T12795]  dump_header+0xda/0x6a0
[ 1862.016003][T12795]  oom_kill_process+0x3a7/0x930
[ 1862.020921][T12795]  out_of_memory+0xf67/0x1320
[ 1862.025673][T12795]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1862.031354][T12795]  ? __pfx___mutex_lock+0x10/0x10
[ 1862.036436][T12795]  ? __pfx_out_of_memory+0x10/0x10
[ 1862.041604][T12795]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1862.047190][T12795]  ? __pfx_lock_release+0x10/0x10
[ 1862.052267][T12795]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1862.058378][T12795]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1862.063604][T12795]  ? mem_cgroup_iter+0x3e9/0x560
[ 1862.068566][T12795]  try_charge_memcg+0xda2/0x18a0
[ 1862.073573][T12795]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1862.078980][T12795]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1862.084717][T12795]  ? __pfx_lock_release+0x10/0x10
[ 1862.089786][T12795]  ? memcg_account_kmem+0x1e7/0x210
[ 1862.095029][T12795]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1862.100875][T12795]  __memcg_kmem_charge_page+0xe1/0x250
[ 1862.106368][T12795]  memcg_charge_kernel_stack+0x3f8/0x550
[ 1862.112027][T12795]  dup_task_struct+0x40d/0x7d0
[ 1862.116822][T12795]  copy_process+0x5d5/0x3fc0
[ 1862.121437][T12795]  ? __might_fault+0xa9/0x120
[ 1862.126133][T12795]  ? __pfx_lock_release+0x10/0x10
[ 1862.131179][T12795]  ? __pfx_copy_process+0x10/0x10
[ 1862.136214][T12795]  ? __might_fault+0xc5/0x120
[ 1862.140900][T12795]  ? __asan_memset+0x23/0x50
[ 1862.145511][T12795]  kernel_clone+0x21d/0x8d0
[ 1862.150031][T12795]  ? __pfx_kernel_clone+0x10/0x10
[ 1862.155084][T12795]  __se_sys_clone3+0x2cb/0x350
[ 1862.159861][T12795]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1862.165170][T12795]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1862.171175][T12795]  ? exc_page_fault+0x587/0x870
[ 1862.176042][T12795]  ? do_syscall_64+0xb4/0x240
[ 1862.180736][T12795]  do_syscall_64+0xf9/0x240
[ 1862.185254][T12795]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1862.191163][T12795] RIP: 0033:0x7fd21c6a9b99
[ 1862.195585][T12795] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1862.215209][T12795] RSP: 002b:00007ffdc1e200c8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1862.223638][T12795] RAX: ffffffffffffffda RBX: 00007fd21c652270 RCX: 00007fd21c6a9b99
[ 1862.231617][T12795] RDX: 00007fd21c652270 RSI: 0000000000000058 RDI: 00007ffdc1e20110
[ 1862.239599][T12795] RBP: 00007fd21d49d6c0 R08: 00007fd21d49d6c0 R09: 00007ffdc1e201f7
[ 1862.247579][T12795] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1862.255557][T12795] R13: 000000000000000b R14: 00007ffdc1e20110 R15: 00007ffdc1e201f8
[ 1862.263547][T12795]  </TASK>
[ 1862.327902][T12805] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1862.331064][T12795] memory: usage 307200kB, limit 307200kB, failcnt 24375
00:46:48 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:46:48 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000180)={@remote, @remote, r2}, 0xc) (async)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000180)={@remote, @remote, r2}, 0xc)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000040)=@req3={0x8000, 0x200, 0x80, 0x20000}, 0x1c) (async)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000040)=@req3={0x8000, 0x200, 0x80, 0x20000}, 0x1c)
setsockopt$packet_int(r3, 0x107, 0xc, &(0x7f0000000180), 0x4)
ioctl$F2FS_IOC_DEFRAGMENT(r3, 0xc010f508, &(0x7f0000000040)={0x5, 0x6dd})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000001000017aa5008d8ed00400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="6c00000024000b0e00"/20, @ANYRES32=r2, @ANYBLOB="00000000ffffffff0000000008000100746266004000020008000600050000000c00040050ae26a136e940ea28000100000000000000000000000000000000000000000000000000000000800000000000000000"], 0x6c}}, 0x0)

00:46:48 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400300]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1862.511439][T12795] memory+swap: usage 307432kB, limit 9007199254740988kB, failcnt 0
[ 1862.554954][T12809] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1862.564547][T12795] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[ 1862.576361][T12795] Memory cgroup stats for /syz0:
[ 1862.576530][T12795] cache 4096
[ 1862.584995][T12795] rss 4096
[ 1862.591690][T12795] rss_huge 0
[ 1862.595106][T12795] shmem 0
[ 1862.603425][T12795] mapped_file 0
[ 1862.607260][T12795] dirty 4096
[ 1862.612824][T12795] writeback 0
[ 1862.616325][T12795] workingset_refault_anon 7726
[ 1862.621767][T12795] workingset_refault_file 1
[ 1862.626482][T12795] swap 237568
[ 1862.630131][T12795] swapcached 4096
[ 1862.633968][T12795] pgpgin 128174
[ 1862.638023][T12795] pgpgout 128172
[ 1862.641761][T12795] pgfault 334727
[ 1862.645502][T12795] pgmajfault 7622
[ 1862.649514][T12795] inactive_anon 0
[ 1862.653353][T12795] active_anon 4096
[ 1862.657491][T12795] inactive_file 0
[ 1862.661323][T12795] active_file 4096
[ 1862.665301][T12795] unevictable 0
[ 1862.669155][T12795] hierarchical_memory_limit 314572800
[ 1862.675354][T12795] hierarchical_memsw_limit 9223372036854771712
[ 1862.686448][T12795] total_cache 4096
[ 1862.698732][T12795] total_rss 4096
[ 1862.714265][T12795] total_rss_huge 0
[ 1862.731655][T12795] total_shmem 0
[ 1862.746774][T12795] total_mapped_file 0
[ 1862.768760][T12795] total_dirty 4096
[ 1862.781503][T12795] total_writeback 0
[ 1862.804461][T12795] total_workingset_refault_anon 7726
[ 1862.823989][T12795] total_workingset_refault_file 1
[ 1862.842942][T12795] total_swap 237568
[ 1862.851897][T12795] total_swapcached 4096
[ 1862.882520][T12795] total_pgpgin 128174
[ 1862.888897][T12795] total_pgpgout 128172
[ 1862.896545][T12795] total_pgfault 334727
00:46:49 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:46:49 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1862.957206][T12795] total_pgmajfault 7622
[ 1862.975820][T12795] total_inactive_anon 0
[ 1862.998278][T12795] total_active_anon 4096
[ 1863.002590][T12795] total_inactive_file 0
[ 1863.006778][T12795] total_active_file 4096
[ 1863.072739][T12795] total_unevictable 0
[ 1863.076794][T12795] anon_cost 0
00:46:49 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000180)={@remote, @remote, r2}, 0xc)
socket$packet(0x11, 0x2, 0x300) (async)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000040)=@req3={0x8000, 0x200, 0x80, 0x20000}, 0x1c) (async)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000040)=@req3={0x8000, 0x200, 0x80, 0x20000}, 0x1c)
setsockopt$packet_int(r3, 0x107, 0xc, &(0x7f0000000180), 0x4)
ioctl$F2FS_IOC_DEFRAGMENT(r3, 0xc010f508, &(0x7f0000000040)={0x5, 0x6dd})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000001000017aa5008d8ed00400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="6c00000024000b0e00"/20, @ANYRES32=r2, @ANYBLOB="00000000ffffffff0000000008000100746266004000020008000600050000000c00040050ae26a136e940ea28000100000000000000000000000000000000000000000000000000000000800000000000000000"], 0x6c}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="6c00000024000b0e00"/20, @ANYRES32=r2, @ANYBLOB="00000000ffffffff0000000008000100746266004000020008000600050000000c00040050ae26a136e940ea28000100000000000000000000000000000000000000000000000000000000800000000000000000"], 0x6c}}, 0x0)

[ 1863.146551][T12795] file_cost 0
[ 1863.162041][T12795] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12795,uid=0
[ 1863.214008][T12795] Memory cgroup out of memory: Killed process 12795 (syz-executor.0) total-vm:54508kB, anon-rss:388kB, file-rss:8944kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:46:49 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1863.528471][T12827] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1863.547491][T12821] tbf_change: 5 callbacks suppressed
[ 1863.547514][T12821] sch_tbf: burst 0 is lower than device bridge4502 mtu (1514) !
[ 1863.561326][T12827] CPU: 0 PID: 12827 Comm: syz-executor.0 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1863.571816][T12827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1863.574214][T12822] sch_tbf: burst 0 is lower than device bridge4508 mtu (1514) !
[ 1863.581893][T12827] Call Trace:
[ 1863.581909][T12827]  <TASK>
[ 1863.581919][T12827]  dump_stack_lvl+0x1e7/0x2e0
[ 1863.581965][T12827]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1863.581999][T12827]  ? __pfx__printk+0x10/0x10
[ 1863.582026][T12827]  ? ___ratelimit+0x4c4/0x670
[ 1863.582060][T12827]  ? __pfx____ratelimit+0x10/0x10
[ 1863.582094][T12827]  dump_header+0xda/0x6a0
[ 1863.582130][T12827]  oom_kill_process+0x3a7/0x930
[ 1863.582162][T12827]  out_of_memory+0xf67/0x1320
[ 1863.582196][T12827]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1863.582224][T12827]  ? __pfx___mutex_lock+0x10/0x10
[ 1863.582251][T12827]  ? __pfx_out_of_memory+0x10/0x10
[ 1863.649906][T12827]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1863.655476][T12827]  ? __pfx_lock_release+0x10/0x10
[ 1863.660517][T12827]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1863.666607][T12827]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1863.671820][T12827]  ? mem_cgroup_iter+0x3e9/0x560
[ 1863.676779][T12827]  try_charge_memcg+0xda2/0x18a0
[ 1863.681753][T12827]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1863.687137][T12827]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1863.692871][T12827]  ? __pfx_lock_release+0x10/0x10
[ 1863.697916][T12827]  ? memcg_account_kmem+0x1e7/0x210
[ 1863.703140][T12827]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1863.708971][T12827]  __memcg_kmem_charge_page+0xe1/0x250
[ 1863.714464][T12827]  memcg_charge_kernel_stack+0x3f8/0x550
[ 1863.720132][T12827]  dup_task_struct+0x15d/0x7d0
[ 1863.724946][T12827]  copy_process+0x5d5/0x3fc0
[ 1863.729595][T12827]  ? __might_fault+0xa9/0x120
[ 1863.734313][T12827]  ? __pfx_lock_release+0x10/0x10
[ 1863.739403][T12827]  ? __pfx_copy_process+0x10/0x10
[ 1863.744465][T12827]  ? __might_fault+0xc5/0x120
[ 1863.749206][T12827]  ? __asan_memset+0x23/0x50
[ 1863.753847][T12827]  kernel_clone+0x21d/0x8d0
[ 1863.758402][T12827]  ? __pfx_kernel_clone+0x10/0x10
[ 1863.763488][T12827]  __se_sys_clone3+0x2cb/0x350
[ 1863.768309][T12827]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1863.773673][T12827]  ? do_syscall_64+0x108/0x240
[ 1863.778489][T12827]  ? do_syscall_64+0xb4/0x240
[ 1863.783235][T12827]  do_syscall_64+0xf9/0x240
[ 1863.787790][T12827]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1863.793728][T12827] RIP: 0033:0x7fd21c6a9b99
[ 1863.798181][T12827] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1863.817832][T12827] RSP: 002b:00007ffdc1e200c8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1863.826302][T12827] RAX: ffffffffffffffda RBX: 00007fd21c652270 RCX: 00007fd21c6a9b99
[ 1863.834320][T12827] RDX: 00007fd21c652270 RSI: 0000000000000058 RDI: 00007ffdc1e20110
[ 1863.842341][T12827] RBP: 00007fd21d49d6c0 R08: 00007fd21d49d6c0 R09: 00007ffdc1e201f7
[ 1863.850367][T12827] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1863.858386][T12827] R13: 000000000000000b R14: 00007ffdc1e20110 R15: 00007ffdc1e201f8
[ 1863.866425][T12827]  </TASK>
00:46:50 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x74000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:46:50 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1863.959738][T12827] memory: usage 307200kB, limit 307200kB, failcnt 24690
[ 1863.997344][T12827] memory+swap: usage 307396kB, limit 9007199254740988kB, failcnt 0
00:46:50 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1864.035096][T12827] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[ 1864.060703][T12827] Memory cgroup stats for /syz0:
[ 1864.060898][T12827] cache 8192
[ 1864.114535][T12827] rss 0
[ 1864.131481][T12827] rss_huge 0
[ 1864.151396][T12827] shmem 0
[ 1864.165797][T12827] mapped_file 0
[ 1864.180354][T12827] dirty 4096
[ 1864.195284][T12827] writeback 0
[ 1864.212504][T12827] workingset_refault_anon 7799
[ 1864.232215][T12827] workingset_refault_file 1
[ 1864.291654][T12827] swap 200704
[ 1864.303182][T12827] swapcached 0
[ 1864.320628][T12835] sch_tbf: burst 0 is lower than device bridge4509 mtu (1514) !
[ 1864.323335][T12827] pgpgin 128265
[ 1864.332315][T12834] sch_tbf: burst 0 is lower than device bridge4503 mtu (1514) !
[ 1864.349290][T12827] pgpgout 128263
00:46:50 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'macsec0\x00'})
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

00:46:50 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1864.371916][T12827] pgfault 334870
[ 1864.375540][T12827] pgmajfault 7694
[ 1864.407719][T12827] inactive_anon 0
[ 1864.411501][T12827] active_anon 0
[ 1864.414994][T12827] inactive_file 4096
00:46:50 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1864.438295][T12827] active_file 4096
[ 1864.442090][T12827] unevictable 0
[ 1864.445590][T12827] hierarchical_memory_limit 314572800
[ 1864.488415][T12827] hierarchical_memsw_limit 9223372036854771712
[ 1864.494638][T12827] total_cache 8192
[ 1864.538729][T12827] total_rss 0
[ 1864.542092][T12827] total_rss_huge 0
[ 1864.545847][T12827] total_shmem 0
[ 1864.567306][T12827] total_mapped_file 0
[ 1864.571364][T12827] total_dirty 4096
[ 1864.575120][T12827] total_writeback 0
[ 1864.589382][T12827] total_workingset_refault_anon 7799
[ 1864.599474][T12827] total_workingset_refault_file 1
[ 1864.610417][T12827] total_swap 200704
[ 1864.614649][T12827] total_swapcached 0
[ 1864.621953][T12827] total_pgpgin 128265
[ 1864.626122][T12827] total_pgpgout 128263
[ 1864.634741][T12827] total_pgfault 334870
[ 1864.642015][T12827] total_pgmajfault 7694
[ 1864.646411][T12827] total_inactive_anon 0
[ 1864.654745][T12827] total_active_anon 0
[ 1864.663379][T12827] total_inactive_file 4096
[ 1864.669416][T12827] total_active_file 4096
[ 1864.675664][T12827] total_unevictable 0
[ 1864.682470][T12827] anon_cost 0
[ 1864.685908][T12827] file_cost 0
[ 1864.687616][T12839] sch_tbf: burst 5 is lower than device bridge3784 mtu (1514) !
[ 1864.690072][T12827] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12827,uid=0
[ 1864.714846][T12827] Memory cgroup out of memory: Killed process 12827 (syz-executor.0) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:46:51 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'macsec0\x00'}) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

00:46:51 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1865.096969][T12843] sch_tbf: burst 0 is lower than device bridge4510 mtu (1514) !
[ 1865.115244][T12844] sch_tbf: burst 0 is lower than device bridge4504 mtu (1514) !
00:46:51 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1865.184516][T12847] __nla_validate_parse: 10 callbacks suppressed
[ 1865.184538][T12847] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
00:46:51 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1865.449266][T12829] syz-executor.2 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 1865.469168][T12829] CPU: 0 PID: 12829 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1865.479659][T12829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1865.489760][T12829] Call Trace:
[ 1865.493086][T12829]  <TASK>
[ 1865.496061][T12829]  dump_stack_lvl+0x1e7/0x2e0
[ 1865.500791][T12829]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1865.506029][T12829]  ? __pfx__printk+0x10/0x10
[ 1865.510667][T12829]  ? ___ratelimit+0x4c4/0x670
[ 1865.515368][T12829]  ? __pfx____ratelimit+0x10/0x10
[ 1865.520413][T12829]  dump_header+0xda/0x6a0
[ 1865.524767][T12829]  oom_kill_process+0x3a7/0x930
[ 1865.529641][T12829]  out_of_memory+0xf67/0x1320
[ 1865.534340][T12829]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1865.539988][T12829]  ? __pfx___mutex_lock+0x10/0x10
[ 1865.545024][T12829]  ? __pfx_out_of_memory+0x10/0x10
[ 1865.550154][T12829]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1865.555713][T12829]  ? __pfx_lock_release+0x10/0x10
[ 1865.560765][T12829]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1865.566854][T12829]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1865.572068][T12829]  ? mem_cgroup_iter+0x3e9/0x560
[ 1865.577025][T12829]  try_charge_memcg+0xda2/0x18a0
[ 1865.581996][T12829]  ? mark_lock+0x9a/0x350
[ 1865.586373][T12829]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1865.591802][T12829]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1865.597965][T12829]  charge_memcg+0xa2/0x160
[ 1865.602399][T12829]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1865.608479][T12829]  __read_swap_cache_async+0x480/0x8b0
[ 1865.613950][T12829]  ? mark_lock+0x9a/0x350
[ 1865.618298][T12829]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1865.624300][T12829]  ? blk_start_plug+0x6f/0x1b0
[ 1865.629200][T12829]  swap_cluster_readahead+0x398/0x810
[ 1865.634595][T12829]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1865.640524][T12829]  ? __pfx_lock_release+0x10/0x10
[ 1865.645600][T12829]  ? xas_descend+0x37e/0x470
[ 1865.650222][T12829]  swapin_readahead+0x1ea/0x1070
[ 1865.655173][T12829]  ? filemap_get_entry+0x127/0x4e0
[ 1865.660312][T12829]  ? __pfx_swapin_readahead+0x10/0x10
[ 1865.665705][T12829]  ? __filemap_get_folio+0x935/0xbc0
[ 1865.671007][T12829]  ? swap_cache_get_folio+0x9f/0x570
[ 1865.676310][T12829]  do_swap_page+0x791/0x3f40
[ 1865.680923][T12829]  ? rcu_is_watching+0x15/0xb0
[ 1865.685719][T12829]  ? do_swap_page+0x154/0x3f40
[ 1865.690496][T12829]  ? __pfx_do_swap_page+0x10/0x10
[ 1865.695534][T12829]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1865.701008][T12829]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1865.706836][T12829]  __handle_mm_fault+0x15e8/0x72d0
[ 1865.712000][T12829]  ? reacquire_held_locks+0x3eb/0x690
[ 1865.717385][T12829]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1865.722867][T12829]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 1865.728612][T12829]  ? mtree_range_walk+0x6fd/0x8e0
[ 1865.733650][T12829]  ? lock_vma_under_rcu+0x18a/0x730
[ 1865.738873][T12829]  ? __pfx_lock_release+0x10/0x10
[ 1865.743909][T12829]  ? lock_vma_under_rcu+0x2f9/0x730
[ 1865.749138][T12829]  ? lock_vma_under_rcu+0x18a/0x730
[ 1865.754347][T12829]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 1865.759908][T12829]  handle_mm_fault+0x3c1/0x8a0
[ 1865.764717][T12829]  exc_page_fault+0x456/0x870
[ 1865.769424][T12829]  asm_exc_page_fault+0x26/0x30
[ 1865.774283][T12829] RIP: 0033:0x7fc736039ac7
[ 1865.778705][T12829] Code: 25 ff 0f 00 00 09 c5 80 3d 06 bc c9 00 00 0f 85 6f ff ff ff 44 0f b6 6c 24 0f 44 8d 55 04 89 e8 41 89 c1 41 81 e1 ff 1f 00 00 <43> 8b 14 8e 39 d5 0f 84 5e ff ff ff 85 d2 0f 84 65 01 00 00 83 c0
[ 1865.798331][T12829] RSP: 002b:00007ffeef0081f0 EFLAGS: 00010202
[ 1865.804413][T12829] RAX: 0000000081406479 RBX: 00007fc7361ac018 RCX: 0000000000000079
[ 1865.812394][T12829] RDX: ffffffff81406bd0 RSI: 0000000080000000 RDI: 000000000001ec82
[ 1865.820374][T12829] RBP: 0000000081406479 R08: 0000001b32420000 R09: 0000000000000479
[ 1865.828355][T12829] R10: 000000008140647d R11: 0000000000000246 R12: 0000000000000079
[ 1865.836330][T12829] R13: 0000000000000001 R14: 00007fc7361a0000 R15: ffffffff81406bd0
[ 1865.844310][T12829]  ? unwind_next_frame+0x1e80/0x29e0
[ 1865.849678][T12829]  ? unwind_next_frame+0x1e80/0x29e0
[ 1865.855011][T12829]  </TASK>
[ 1865.872600][T12849] sch_tbf: burst 5 is lower than device bridge3785 mtu (1514) !
00:46:52 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'macsec0\x00'}) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1865.900967][T12829] memory: usage 307200kB, limit 307200kB, failcnt 25044
[ 1865.913897][T12829] memory+swap: usage 307396kB, limit 9007199254740988kB, failcnt 0
[ 1865.929447][T12852] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1865.962948][T12829] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[ 1865.970575][T12829] Memory cgroup stats for /syz0:
[ 1865.970719][T12829] cache 8192
[ 1865.979759][T12829] rss 0
[ 1865.982715][T12829] rss_huge 0
[ 1865.986088][T12829] shmem 0
[ 1865.991663][T12829] mapped_file 0
[ 1865.995423][T12829] dirty 8192
[ 1866.001989][T12829] writeback 0
[ 1866.005451][T12829] workingset_refault_anon 7896
[ 1866.012691][T12829] workingset_refault_file 1
[ 1866.020899][T12829] swap 200704
[ 1866.024464][T12829] swapcached 0
[ 1866.030481][T12829] pgpgin 128380
[ 1866.034188][T12829] pgpgout 128378
[ 1866.036135][T12853] sch_tbf: burst 0 is lower than device bridge4511 mtu (1514) !
[ 1866.042750][T12829] pgfault 335046
[ 1866.049504][T12855] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1866.049855][T12829] pgmajfault 7792
00:46:52 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1866.068392][T12829] inactive_anon 0
[ 1866.075598][T12829] active_anon 0
[ 1866.082877][T12829] inactive_file 8192
[ 1866.090034][T12829] active_file 0
[ 1866.100200][T12829] unevictable 0
[ 1866.103882][T12829] hierarchical_memory_limit 314572800
[ 1866.109970][T12829] hierarchical_memsw_limit 9223372036854771712
[ 1866.116313][T12829] total_cache 8192
[ 1866.124404][T12829] total_rss 0
[ 1866.132742][T12829] total_rss_huge 0
[ 1866.141161][T12829] total_shmem 0
[ 1866.149301][T12829] total_mapped_file 0
[ 1866.158431][T12829] total_dirty 8192
[ 1866.164892][T12829] total_writeback 0
[ 1866.170615][T12829] total_workingset_refault_anon 7896
[ 1866.176402][T12829] total_workingset_refault_file 1
[ 1866.182506][T12829] total_swap 200704
[ 1866.184919][T12856] sch_tbf: burst 0 is lower than device bridge4505 mtu (1514) !
[ 1866.186523][T12829] total_swapcached 0
[ 1866.201423][T12829] total_pgpgin 128380
[ 1866.205637][T12829] total_pgpgout 128378
[ 1866.217211][T12829] total_pgfault 335046
[ 1866.221550][T12829] total_pgmajfault 7792
[ 1866.225964][T12829] total_inactive_anon 0
[ 1866.228852][T12858] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1866.231135][T12829] total_active_anon 0
[ 1866.245773][T12829] total_inactive_file 8192
[ 1866.250821][T12829] total_active_file 0
[ 1866.255037][T12829] total_unevictable 0
[ 1866.259856][T12829] anon_cost 0
[ 1866.263382][T12829] file_cost 0
00:46:52 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88470000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1866.266869][T12829] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12850,uid=0
[ 1866.314534][T12829] Memory cgroup out of memory: Killed process 12850 (syz-executor.0) total-vm:54508kB, anon-rss:412kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:46:52 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x900]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:46:52 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, 0x4, 0x1, 0x3, 0x0, 0x0, {0x1, 0x0, 0x6}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000c0}, 0x48)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYRESHEX=r0, @ANYRES16=r1, @ANYBLOB="1e7cb8ffdce2e64a51f88032f026871f9fb8a34e707bf888effd87f5c687847461743c2f8e24ebcd7c7aac9c1fbdc58aefa9625a3b971e039d23bb33508f48d537822b25a1df93e68a6e0aaf75d9c2d33715664ac30a31f1e8f105af891545dc451ef29d01741ec75d05e751512912ddeb43b175868ac7abe9e6ee456d53f5ae8dc042aa83ca18d24e2a47f7d582cd66687314a8b80efcc1a9c95d0bca26973fbfac3ab6924ae1cd650ccbecd9b747fce2f137b7e0ea0e100b276abe1ca29920920afdf82b4b1d70b7e41ab49b68ed13b6ae3fb93c89da39b489ac7559540776351a6a9ecb896e9657bdfc326b00b356676c071c0a1aec1d93cf2dbbf17a8f5d597955e2777a6d628aac5d86d2c5c29c8b00b16f54051ad435591cf01f22"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1866.368319][T12861] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
00:46:52 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1866.526464][T12864] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
00:46:52 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88480000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:46:52 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, 0x4, 0x1, 0x3, 0x0, 0x0, {0x1, 0x0, 0x6}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000c0}, 0x48) (async)
sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, 0x4, 0x1, 0x3, 0x0, 0x0, {0x1, 0x0, 0x6}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000c0}, 0x48)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYRESHEX=r0, @ANYRES16=r1, @ANYBLOB="1e7cb8ffdce2e64a51f88032f026871f9fb8a34e707bf888effd87f5c687847461743c2f8e24ebcd7c7aac9c1fbdc58aefa9625a3b971e039d23bb33508f48d537822b25a1df93e68a6e0aaf75d9c2d33715664ac30a31f1e8f105af891545dc451ef29d01741ec75d05e751512912ddeb43b175868ac7abe9e6ee456d53f5ae8dc042aa83ca18d24e2a47f7d582cd66687314a8b80efcc1a9c95d0bca26973fbfac3ab6924ae1cd650ccbecd9b747fce2f137b7e0ea0e100b276abe1ca29920920afdf82b4b1d70b7e41ab49b68ed13b6ae3fb93c89da39b489ac7559540776351a6a9ecb896e9657bdfc326b00b356676c071c0a1aec1d93cf2dbbf17a8f5d597955e2777a6d628aac5d86d2c5c29c8b00b16f54051ad435591cf01f22"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1866.728394][T12870] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1866.846033][T12868] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1866.861393][T12868] CPU: 0 PID: 12868 Comm: syz-executor.0 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1866.871883][T12868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1866.881986][T12868] Call Trace:
[ 1866.885295][T12868]  <TASK>
[ 1866.888258][T12868]  dump_stack_lvl+0x1e7/0x2e0
[ 1866.892997][T12868]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1866.898232][T12868]  ? __pfx__printk+0x10/0x10
[ 1866.902848][T12868]  ? ___ratelimit+0x4c4/0x670
[ 1866.907555][T12868]  ? __pfx____ratelimit+0x10/0x10
[ 1866.912619][T12868]  dump_header+0xda/0x6a0
[ 1866.916978][T12868]  oom_kill_process+0x3a7/0x930
[ 1866.921877][T12868]  out_of_memory+0xf67/0x1320
[ 1866.926604][T12868]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1866.932259][T12868]  ? __pfx___mutex_lock+0x10/0x10
[ 1866.937319][T12868]  ? __pfx_out_of_memory+0x10/0x10
[ 1866.942453][T12868]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1866.948011][T12868]  ? __pfx_lock_release+0x10/0x10
[ 1866.953054][T12868]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1866.959139][T12868]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1866.964353][T12868]  ? mem_cgroup_iter+0x3e9/0x560
[ 1866.969323][T12868]  try_charge_memcg+0xda2/0x18a0
[ 1866.974291][T12868]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1866.979672][T12868]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1866.985397][T12868]  ? __pfx_lock_release+0x10/0x10
[ 1866.990439][T12868]  ? memcg_account_kmem+0x1e7/0x210
[ 1866.995671][T12868]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1867.001519][T12868]  __memcg_kmem_charge_page+0xe1/0x250
[ 1867.007023][T12868]  memcg_charge_kernel_stack+0x28a/0x550
[ 1867.012697][T12868]  dup_task_struct+0x40d/0x7d0
[ 1867.017492][T12868]  copy_process+0x5d5/0x3fc0
[ 1867.022127][T12868]  ? __might_fault+0xa9/0x120
[ 1867.026818][T12868]  ? __pfx_lock_release+0x10/0x10
[ 1867.031866][T12868]  ? __pfx_copy_process+0x10/0x10
[ 1867.036901][T12868]  ? __might_fault+0xc5/0x120
[ 1867.041596][T12868]  ? __asan_memset+0x23/0x50
[ 1867.046210][T12868]  kernel_clone+0x21d/0x8d0
[ 1867.050817][T12868]  ? __pfx_kernel_clone+0x10/0x10
[ 1867.055869][T12868]  __se_sys_clone3+0x2cb/0x350
[ 1867.060657][T12868]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1867.065971][T12868]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1867.071989][T12868]  ? exc_page_fault+0x587/0x870
[ 1867.076858][T12868]  ? do_syscall_64+0xb4/0x240
[ 1867.081568][T12868]  do_syscall_64+0xf9/0x240
[ 1867.086187][T12868]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1867.092113][T12868] RIP: 0033:0x7fd21c6a9b99
[ 1867.096543][T12868] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1867.116161][T12868] RSP: 002b:00007ffdc1e200c8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1867.124592][T12868] RAX: ffffffffffffffda RBX: 00007fd21c652270 RCX: 00007fd21c6a9b99
[ 1867.132577][T12868] RDX: 00007fd21c652270 RSI: 0000000000000058 RDI: 00007ffdc1e20110
[ 1867.140562][T12868] RBP: 00007fd21d49d6c0 R08: 00007fd21d49d6c0 R09: 00007ffdc1e201f7
[ 1867.148543][T12868] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1867.156521][T12868] R13: 000000000000000b R14: 00007ffdc1e20110 R15: 00007ffdc1e201f8
[ 1867.164534][T12868]  </TASK>
[ 1867.198075][T12868] memory: usage 307200kB, limit 307200kB, failcnt 25274
[ 1867.223999][T12868] memory+swap: usage 307384kB, limit 9007199254740988kB, failcnt 0
[ 1867.244264][T12868] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 1867.259453][T12868] Memory cgroup stats for /syz0:
[ 1867.259623][T12868] cache 8192
[ 1867.270435][T12868] rss 12288
[ 1867.273965][T12868] rss_huge 0
[ 1867.282795][T12868] shmem 0
[ 1867.286171][T12868] mapped_file 0
00:46:53 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1867.290164][T12874] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1867.342025][T12868] dirty 8192
[ 1867.355777][T12868] writeback 0
[ 1867.373640][T12868] workingset_refault_anon 7996
[ 1867.409209][T12868] workingset_refault_file 1
[ 1867.429333][T12868] swap 229376
[ 1867.442294][T12868] swapcached 8192
[ 1867.455977][T12879] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1867.465345][T12868] pgpgin 128491
[ 1867.465364][T12868] pgpgout 128486
[ 1867.465374][T12868] pgfault 335214
[ 1867.465382][T12868] pgmajfault 7883
[ 1867.465390][T12868] inactive_anon 0
[ 1867.465399][T12868] active_anon 12288
[ 1867.465408][T12868] inactive_file 0
[ 1867.465417][T12868] active_file 8192
[ 1867.465426][T12868] unevictable 0
[ 1867.465435][T12868] hierarchical_memory_limit 314572800
00:46:53 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88a8ffff]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:46:53 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, 0x4, 0x1, 0x3, 0x0, 0x0, {0x1, 0x0, 0x6}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000c0}, 0x48) (async)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYRESHEX=r0, @ANYRES16=r1, @ANYBLOB="1e7cb8ffdce2e64a51f88032f026871f9fb8a34e707bf888effd87f5c687847461743c2f8e24ebcd7c7aac9c1fbdc58aefa9625a3b971e039d23bb33508f48d537822b25a1df93e68a6e0aaf75d9c2d33715664ac30a31f1e8f105af891545dc451ef29d01741ec75d05e751512912ddeb43b175868ac7abe9e6ee456d53f5ae8dc042aa83ca18d24e2a47f7d582cd66687314a8b80efcc1a9c95d0bca26973fbfac3ab6924ae1cd650ccbecd9b747fce2f137b7e0ea0e100b276abe1ca29920920afdf82b4b1d70b7e41ab49b68ed13b6ae3fb93c89da39b489ac7559540776351a6a9ecb896e9657bdfc326b00b356676c071c0a1aec1d93cf2dbbf17a8f5d597955e2777a6d628aac5d86d2c5c29c8b00b16f54051ad435591cf01f22"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1867.465445][T12868] hierarchical_memsw_limit 9223372036854771712
[ 1867.465455][T12868] total_cache 8192
[ 1867.465465][T12868] total_rss 12288
[ 1867.465472][T12868] total_rss_huge 0
[ 1867.465482][T12868] total_shmem 0
[ 1867.465491][T12868] total_mapped_file 0
[ 1867.465500][T12868] total_dirty 8192
[ 1867.465509][T12868] total_writeback 0
[ 1867.465518][T12868] total_workingset_refault_anon 7996
[ 1867.465528][T12868] total_workingset_refault_file 1
[ 1867.465538][T12868] total_swap 229376
[ 1867.465547][T12868] total_swapcached 8192
[ 1867.465555][T12868] total_pgpgin 128491
[ 1867.465565][T12868] total_pgpgout 128486
00:46:53 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765", @ANYRES64=r1], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1867.699682][T12868] total_pgfault 335214
[ 1867.703838][T12868] total_pgmajfault 7883
[ 1867.722170][T12868] total_inactive_anon 0
[ 1867.730908][T12885] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1867.742822][T12868] total_active_anon 12288
00:46:53 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1867.757210][T12868] total_inactive_file 0
[ 1867.767324][T12868] total_active_file 8192
[ 1867.772073][T12868] total_unevictable 0
[ 1867.783481][T12868] anon_cost 0
[ 1867.807291][T12868] file_cost 0
[ 1867.810760][T12868] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12868,uid=0
00:46:54 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1867.853376][T12868] Memory cgroup out of memory: Killed process 12868 (syz-executor.0) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:46:54 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88ee0000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:46:54 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:46:54 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:46:54 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765", @ANYRES64=r1], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket(0x10, 0x3, 0x0) (async)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765", @ANYRES64=r1], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0) (async)

00:46:54 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xea050000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:46:54 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1868.504450][T12899] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1868.606996][T12899] CPU: 0 PID: 12899 Comm: syz-executor.0 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1868.617496][T12899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1868.627612][T12899] Call Trace:
[ 1868.630936][T12899]  <TASK>
[ 1868.633902][T12899]  dump_stack_lvl+0x1e7/0x2e0
[ 1868.638647][T12899]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1868.643906][T12899]  ? __pfx__printk+0x10/0x10
[ 1868.648551][T12899]  ? ___ratelimit+0x4c4/0x670
[ 1868.653291][T12899]  ? __pfx____ratelimit+0x10/0x10
[ 1868.658385][T12899]  dump_header+0xda/0x6a0
[ 1868.662790][T12899]  oom_kill_process+0x3a7/0x930
[ 1868.667702][T12899]  out_of_memory+0xf67/0x1320
[ 1868.672622][T12899]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1868.678311][T12899]  ? __pfx___mutex_lock+0x10/0x10
[ 1868.683483][T12899]  ? __pfx_out_of_memory+0x10/0x10
[ 1868.688665][T12899]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1868.694262][T12899]  ? __pfx_lock_release+0x10/0x10
[ 1868.699353][T12899]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1868.705488][T12899]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1868.710741][T12899]  ? mem_cgroup_iter+0x3e9/0x560
[ 1868.715752][T12899]  try_charge_memcg+0xda2/0x18a0
[ 1868.720773][T12899]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1868.726203][T12899]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1868.731982][T12899]  ? __pfx_lock_release+0x10/0x10
[ 1868.737062][T12899]  ? memcg_account_kmem+0x1e7/0x210
[ 1868.742323][T12899]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1868.748176][T12899]  __memcg_kmem_charge_page+0xe1/0x250
[ 1868.753703][T12899]  memcg_charge_kernel_stack+0x3f8/0x550
[ 1868.759394][T12899]  dup_task_struct+0x15d/0x7d0
[ 1868.764212][T12899]  copy_process+0x5d5/0x3fc0
[ 1868.768860][T12899]  ? __might_fault+0xa9/0x120
[ 1868.773595][T12899]  ? __pfx_lock_release+0x10/0x10
[ 1868.778684][T12899]  ? __pfx_copy_process+0x10/0x10
[ 1868.783758][T12899]  ? __might_fault+0xc5/0x120
[ 1868.788487][T12899]  ? __asan_memset+0x23/0x50
[ 1868.793134][T12899]  kernel_clone+0x21d/0x8d0
[ 1868.797685][T12899]  ? __pfx_kernel_clone+0x10/0x10
[ 1868.802773][T12899]  __se_sys_clone3+0x2cb/0x350
[ 1868.807590][T12899]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1868.812970][T12899]  ? do_syscall_64+0x108/0x240
[ 1868.817790][T12899]  ? do_syscall_64+0xb4/0x240
[ 1868.822519][T12899]  do_syscall_64+0xf9/0x240
[ 1868.827078][T12899]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1868.833046][T12899] RIP: 0033:0x7fd21c6a9b99
[ 1868.837587][T12899] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1868.857329][T12899] RSP: 002b:00007ffdc1e200c8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1868.865802][T12899] RAX: ffffffffffffffda RBX: 00007fd21c652270 RCX: 00007fd21c6a9b99
[ 1868.873820][T12899] RDX: 00007fd21c652270 RSI: 0000000000000058 RDI: 00007ffdc1e20110
[ 1868.881844][T12899] RBP: 00007fd21d49d6c0 R08: 00007fd21d49d6c0 R09: 00007ffdc1e201f7
[ 1868.889856][T12899] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1868.897874][T12899] R13: 000000000000000b R14: 00007ffdc1e20110 R15: 00007ffdc1e201f8
[ 1868.905907][T12899]  </TASK>
00:46:55 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765", @ANYRES64=r1], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

00:46:55 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf1ffffff]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1869.058209][T12899] memory: usage 307200kB, limit 307200kB, failcnt 25595
[ 1869.085311][T12899] memory+swap: usage 307432kB, limit 9007199254740988kB, failcnt 0
[ 1869.131109][T12899] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[ 1869.139210][T12899] Memory cgroup stats for /syz0:
[ 1869.139356][T12899] cache 8192
[ 1869.152056][T12899] rss 0
[ 1869.154999][T12899] rss_huge 0
[ 1869.159805][T12899] shmem 0
[ 1869.164361][T12899] mapped_file 0
[ 1869.168601][T12899] dirty 8192
[ 1869.171972][T12899] writeback 0
[ 1869.175395][T12899] workingset_refault_anon 8071
[ 1869.181649][T12899] workingset_refault_file 1
[ 1869.186315][T12899] swap 237568
[ 1869.189882][T12899] swapcached 0
[ 1869.193950][T12899] pgpgin 128580
[ 1869.198584][T12899] pgpgout 128578
[ 1869.202280][T12899] pgfault 335356
[ 1869.205972][T12899] pgmajfault 7955
[ 1869.210473][T12899] inactive_anon 0
[ 1869.214233][T12899] active_anon 0
[ 1869.218481][T12899] inactive_file 0
[ 1869.222241][T12899] active_file 8192
[ 1869.226074][T12899] unevictable 0
[ 1869.247090][T12899] hierarchical_memory_limit 314572800
[ 1869.264061][T12899] hierarchical_memsw_limit 9223372036854771712
[ 1869.277359][T12899] total_cache 8192
[ 1869.286863][T12899] total_rss 0
[ 1869.298295][T12899] total_rss_huge 0
[ 1869.302074][T12899] total_shmem 0
[ 1869.313559][T12899] total_mapped_file 0
[ 1869.323817][T12899] total_dirty 8192
[ 1869.333057][T12899] total_writeback 0
[ 1869.336925][T12899] total_workingset_refault_anon 8071
[ 1869.354788][T12899] total_workingset_refault_file 1
[ 1869.365603][T12899] total_swap 237568
[ 1869.377207][T12899] total_swapcached 0
[ 1869.381156][T12899] total_pgpgin 128580
[ 1869.385156][T12899] total_pgpgout 128578
[ 1869.399943][T12899] total_pgfault 335356
00:46:55 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1869.407613][T12899] total_pgmajfault 7955
[ 1869.414688][T12899] total_inactive_anon 0
[ 1869.423335][T12899] total_active_anon 0
[ 1869.425394][T12915] tbf_change: 8 callbacks suppressed
[ 1869.425412][T12915] sch_tbf: burst 0 is lower than device bridge4517 mtu (1514) !
[ 1869.431171][T12899] total_inactive_file 0
[ 1869.455948][T12899] total_active_file 8192
[ 1869.470429][T12899] total_unevictable 0
[ 1869.521048][T12921] sch_tbf: burst 0 is lower than device bridge4511 mtu (1514) !
[ 1869.525100][T12899] anon_cost 0
[ 1869.535769][T12899] file_cost 0
[ 1869.542947][T12899] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12899,uid=0
00:46:55 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffa888]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1869.598502][T12899] Memory cgroup out of memory: Killed process 12899 (syz-executor.0) total-vm:54508kB, anon-rss:340kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:46:55 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r1, 0x8982, &(0x7f0000000040))
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
recvfrom$l2tp6(r2, &(0x7f0000000180)=""/78, 0x4e, 0x10100, &(0x7f0000000240)={0xa, 0x0, 0x0, @mcast1}, 0x20)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="320008000000bd125d5651c56ee87d35425edc00870000007d", @ANYRES16=r0, @ANYRES8=r2], 0x3c}}, 0x44804)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="6c00000024000b0e27bd70000000000000000000", @ANYRES32=r3, @ANYBLOB="0d001000ffffffff0000030008000100746266004000020008000600050000000c00edff4fae26a136e940ea28000100000000000000fcff000000000000002000000000000000000000000000000000000000005f8455ea51f888d4af4681e2024e9fd4"], 0x6c}, 0x1, 0x0, 0x0, 0x4000}, 0x40)

00:46:55 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1869.844342][T12926] sch_tbf: burst 0 is lower than device bridge4518 mtu (1514) !
00:46:56 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1870.000501][T12928] sch_tbf: burst 0 is lower than device bridge4512 mtu (1514) !
00:46:56 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffe000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1870.173801][ T5100] syz-executor.0 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1870.195212][ T5100] CPU: 1 PID: 5100 Comm: syz-executor.0 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1870.205610][ T5100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1870.215717][ T5100] Call Trace:
[ 1870.219034][ T5100]  <TASK>
[ 1870.222001][ T5100]  dump_stack_lvl+0x1e7/0x2e0
[ 1870.226739][ T5100]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1870.231994][ T5100]  ? __pfx__printk+0x10/0x10
[ 1870.236632][ T5100]  ? ___ratelimit+0x4c4/0x670
[ 1870.241363][ T5100]  ? __pfx____ratelimit+0x10/0x10
[ 1870.246453][ T5100]  dump_header+0xda/0x6a0
[ 1870.250840][ T5100]  oom_kill_process+0x3a7/0x930
[ 1870.255742][ T5100]  out_of_memory+0xf67/0x1320
[ 1870.260470][ T5100]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1870.266157][ T5100]  ? __pfx___mutex_lock+0x10/0x10
[ 1870.271224][ T5100]  ? __pfx_out_of_memory+0x10/0x10
[ 1870.276398][ T5100]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1870.281995][ T5100]  ? __pfx_lock_release+0x10/0x10
[ 1870.287074][ T5100]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1870.293201][ T5100]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1870.298456][ T5100]  ? mem_cgroup_iter+0x3e9/0x560
[ 1870.303445][ T5100]  try_charge_memcg+0xda2/0x18a0
[ 1870.308435][ T5100]  ? mark_lock+0x9a/0x350
[ 1870.312840][ T5100]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1870.318295][ T5100]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1870.324514][ T5100]  charge_memcg+0xa2/0x160
[ 1870.328994][ T5100]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1870.335117][ T5100]  __read_swap_cache_async+0x480/0x8b0
[ 1870.340630][ T5100]  ? mark_lock+0x9a/0x350
[ 1870.345012][ T5100]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1870.351054][ T5100]  swap_cluster_readahead+0x67c/0x810
[ 1870.356493][ T5100]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1870.362445][ T5100]  ? __pfx_lock_release+0x10/0x10
[ 1870.367529][ T5100]  ? xas_descend+0x37e/0x470
[ 1870.372196][ T5100]  swapin_readahead+0x1ea/0x1070
[ 1870.377186][ T5100]  ? filemap_get_entry+0x127/0x4e0
[ 1870.382356][ T5100]  ? __pfx_swapin_readahead+0x10/0x10
[ 1870.387804][ T5100]  ? __filemap_get_folio+0x935/0xbc0
[ 1870.393148][ T5100]  ? swap_cache_get_folio+0x9f/0x570
[ 1870.398492][ T5100]  do_swap_page+0x791/0x3f40
[ 1870.403131][ T5100]  ? rcu_is_watching+0x15/0xb0
[ 1870.407999][ T5100]  ? do_swap_page+0x154/0x3f40
[ 1870.412819][ T5100]  ? __pfx_do_swap_page+0x10/0x10
[ 1870.417890][ T5100]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1870.423400][ T5100]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1870.429260][ T5100]  __handle_mm_fault+0x15e8/0x72d0
[ 1870.434439][ T5100]  ? reacquire_held_locks+0x3eb/0x690
[ 1870.439850][ T5100]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1870.445374][ T5100]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 1870.451159][ T5100]  ? mtree_range_walk+0x6fd/0x8e0
[ 1870.456231][ T5100]  ? lock_vma_under_rcu+0x18a/0x730
[ 1870.461485][ T5100]  ? __pfx_lock_release+0x10/0x10
[ 1870.466569][ T5100]  ? lock_vma_under_rcu+0x2f9/0x730
[ 1870.471858][ T5100]  ? lock_vma_under_rcu+0x18a/0x730
[ 1870.477117][ T5100]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 1870.482725][ T5100]  handle_mm_fault+0x3c1/0x8a0
[ 1870.487561][ T5100]  exc_page_fault+0x456/0x870
[ 1870.492304][ T5100]  asm_exc_page_fault+0x26/0x30
[ 1870.497196][ T5100] RIP: 0033:0x7fd21c67a7a4
[ 1870.501652][ T5100] Code: 84 00 00 00 00 00 80 3d 71 57 10 00 00 49 89 ca 74 14 b8 3d 00 00 00 0f 05 48 3d 00 f0 ff ff 77 5d c3 0f 1f 40 00 48 83 ec 28 <89> 54 24 14 48 89 74 24 08 89 7c 24 10 48 89 4c 24 18 e8 d5 a3 02
[ 1870.521306][ T5100] RSP: 002b:00007ffdc1e204e0 EFLAGS: 00010202
[ 1870.527430][ T5100] RAX: 0000000000000124 RBX: 0000000000003674 RCX: 0000000000000000
[ 1870.535448][ T5100] RDX: 0000000040000001 RSI: 00007ffdc1e2056c RDI: 00000000ffffffff
[ 1870.543467][ T5100] RBP: 00007ffdc1e2056c R08: 0000000000000010 R09: 00007ffdc1e880b0
[ 1870.551486][ T5100] R10: 0000000000000000 R11: 0000000000059ad8 R12: 0000000000000032
[ 1870.559554][ T5100] R13: 00000000001c87c6 R14: 00000000001c87c6 R15: 0000000000000000
[ 1870.567654][ T5100]  </TASK>
00:46:56 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r1, 0x8982, &(0x7f0000000040)) (async)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
recvfrom$l2tp6(r2, &(0x7f0000000180)=""/78, 0x4e, 0x10100, &(0x7f0000000240)={0xa, 0x0, 0x0, @mcast1}, 0x20) (async)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="320008000000bd125d5651c56ee87d35425edc00870000007d", @ANYRES16=r0, @ANYRES8=r2], 0x3c}}, 0x44804) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="6c00000024000b0e27bd70000000000000000000", @ANYRES32=r3, @ANYBLOB="0d001000ffffffff0000030008000100746266004000020008000600050000000c00edff4fae26a136e940ea28000100000000000000fcff000000000000002000000000000000000000000000000000000000005f8455ea51f888d4af4681e2024e9fd4"], 0x6c}, 0x1, 0x0, 0x0, 0x4000}, 0x40)

[ 1870.605537][T12936] sch_tbf: burst 0 is lower than device bridge4519 mtu (1514) !
[ 1870.616652][ T5100] memory: usage 307200kB, limit 307200kB, failcnt 25847
[ 1870.624041][T12938] __nla_validate_parse: 12 callbacks suppressed
[ 1870.624060][T12938] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
00:46:56 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1870.662317][ T5100] memory+swap: usage 307436kB, limit 9007199254740988kB, failcnt 0
[ 1870.680265][ T5100] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[ 1870.713252][ T5100] Memory cgroup stats for /syz0:
[ 1870.713406][ T5100] cache 8192
[ 1870.732225][ T5100] rss 0
[ 1870.735058][ T5100] rss_huge 0
[ 1870.749402][ T5100] shmem 0
[ 1870.754793][ T5100] mapped_file 0
[ 1870.777212][ T5100] dirty 8192
[ 1870.780684][ T5100] writeback 0
[ 1870.784091][ T5100] workingset_refault_anon 8145
[ 1870.789609][ T5100] workingset_refault_file 1
[ 1870.794254][ T5100] swap 241664
[ 1870.797756][ T5100] swapcached 0
[ 1870.802733][ T5100] pgpgin 128665
[ 1870.806329][ T5100] pgpgout 128663
[ 1870.811297][ T5100] pgfault 335501
[ 1870.815000][ T5100] pgmajfault 8027
[ 1870.818857][ T5100] inactive_anon 0
[ 1870.822619][ T5100] active_anon 0
[ 1870.838130][T12939] sch_tbf: burst 0 is lower than device bridge4513 mtu (1514) !
[ 1870.846205][ T5100] inactive_file 0
[ 1870.850036][ T5100] active_file 8192
[ 1870.853784][ T5100] unevictable 0
[ 1870.859148][ T5100] hierarchical_memory_limit 314572800
[ 1870.864659][ T5100] hierarchical_memsw_limit 9223372036854771712
00:46:57 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff7f]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1870.885193][ T5100] total_cache 8192
[ 1870.895293][ T5100] total_rss 0
[ 1870.905006][ T5100] total_rss_huge 0
[ 1870.937510][ T5100] total_shmem 0
[ 1870.941067][ T5100] total_mapped_file 0
[ 1870.945077][ T5100] total_dirty 8192
[ 1870.957818][ T5100] total_writeback 0
[ 1870.961692][ T5100] total_workingset_refault_anon 8145
[ 1870.974883][ T5100] total_workingset_refault_file 1
00:46:57 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x900]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1870.990802][T12945] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1870.999418][ T5100] total_swap 241664
[ 1871.004000][ T5100] total_swapcached 0
[ 1871.030156][ T5100] total_pgpgin 128665
[ 1871.041306][ T5100] total_pgpgout 128663
[ 1871.050208][ T5100] total_pgfault 335501
[ 1871.060372][ T5100] total_pgmajfault 8027
[ 1871.070419][ T5100] total_inactive_anon 0
[ 1871.081007][ T5100] total_active_anon 0
[ 1871.090840][ T5100] total_inactive_file 0
[ 1871.095244][ T5100] total_active_file 8192
[ 1871.100264][ T5100] total_unevictable 0
[ 1871.104513][ T5100] anon_cost 0
[ 1871.114054][ T5100] file_cost 0
[ 1871.118951][ T5100] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12931,uid=0
00:46:57 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf89]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1871.147664][ T5100] Memory cgroup out of memory: Killed process 12931 (syz-executor.0) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 1871.156005][T12947] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1871.302469][T12948] sch_tbf: burst 0 is lower than device bridge4520 mtu (1514) !
[ 1871.318691][T12949] sch_tbf: burst 0 is lower than device bridge4514 mtu (1514) !
00:46:57 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:46:57 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff1]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1871.535759][T12954] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
00:46:57 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r1, 0x8982, &(0x7f0000000040))
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
recvfrom$l2tp6(r2, &(0x7f0000000180)=""/78, 0x4e, 0x10100, &(0x7f0000000240)={0xa, 0x0, 0x0, @mcast1}, 0x20)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="320008000000bd125d5651c56ee87d35425edc00870000007d", @ANYRES16=r0, @ANYRES8=r2], 0x3c}}, 0x44804)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="6c00000024000b0e27bd70000000000000000000", @ANYRES32=r3, @ANYBLOB="0d001000ffffffff0000030008000100746266004000020008000600050000000c00edff4fae26a136e940ea28000100000000000000fcff000000000000002000000000000000000000000000000000000000005f8455ea51f888d4af4681e2024e9fd4"], 0x6c}, 0x1, 0x0, 0x0, 0x4000}, 0x40)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$inet6_udp(0xa, 0x2, 0x0) (async)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r1, 0x8982, &(0x7f0000000040)) (async)
socket(0x10, 0x3, 0x0) (async)
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
recvfrom$l2tp6(r2, &(0x7f0000000180)=""/78, 0x4e, 0x10100, &(0x7f0000000240)={0xa, 0x0, 0x0, @mcast1}, 0x20) (async)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="320008000000bd125d5651c56ee87d35425edc00870000007d", @ANYRES16=r0, @ANYRES8=r2], 0x3c}}, 0x44804) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="6c00000024000b0e27bd70000000000000000000", @ANYRES32=r3, @ANYBLOB="0d001000ffffffff0000030008000100746266004000020008000600050000000c00edff4fae26a136e940ea28000100000000000000fcff000000000000002000000000000000000000000000000000000000005f8455ea51f888d4af4681e2024e9fd4"], 0x6c}, 0x1, 0x0, 0x0, 0x4000}, 0x40) (async)

[ 1871.805757][T12956] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1871.835967][T12952] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1871.854173][T12952] CPU: 1 PID: 12952 Comm: syz-executor.0 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1871.864655][T12952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1871.874755][T12952] Call Trace:
[ 1871.878059][T12952]  <TASK>
[ 1871.881029][T12952]  dump_stack_lvl+0x1e7/0x2e0
[ 1871.885774][T12952]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1871.891027][T12952]  ? __pfx__printk+0x10/0x10
[ 1871.895654][T12952]  ? ___ratelimit+0x4c4/0x670
[ 1871.900374][T12952]  ? __pfx____ratelimit+0x10/0x10
[ 1871.905443][T12952]  dump_header+0xda/0x6a0
[ 1871.909817][T12952]  oom_kill_process+0x3a7/0x930
[ 1871.914721][T12952]  out_of_memory+0xf67/0x1320
[ 1871.919120][T12957] sch_tbf: burst 0 is lower than device bridge4515 mtu (1514) !
[ 1871.919424][T12952]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1871.919461][T12952]  ? __pfx___mutex_lock+0x10/0x10
[ 1871.931010][T12958] sch_tbf: burst 0 is lower than device bridge4521 mtu (1514) !
[ 1871.932722][T12952]  ? __pfx_out_of_memory+0x10/0x10
[ 1871.932770][T12952]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1871.956187][T12952]  ? __pfx_lock_release+0x10/0x10
[ 1871.961264][T12952]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1871.967360][T12952]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1871.972574][T12952]  ? mem_cgroup_iter+0x3e9/0x560
[ 1871.977524][T12952]  try_charge_memcg+0xda2/0x18a0
[ 1871.982494][T12952]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1871.987912][T12952]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1871.993675][T12952]  ? __pfx_lock_release+0x10/0x10
[ 1871.998736][T12952]  ? memcg_account_kmem+0x1e7/0x210
[ 1872.003964][T12952]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1872.009819][T12952]  __memcg_kmem_charge_page+0xe1/0x250
[ 1872.015296][T12952]  memcg_charge_kernel_stack+0x3f8/0x550
[ 1872.020945][T12952]  dup_task_struct+0x40d/0x7d0
[ 1872.025720][T12952]  copy_process+0x5d5/0x3fc0
[ 1872.030334][T12952]  ? __might_fault+0xa9/0x120
[ 1872.035025][T12952]  ? __pfx_lock_release+0x10/0x10
[ 1872.040099][T12952]  ? __pfx_copy_process+0x10/0x10
[ 1872.045150][T12952]  ? __might_fault+0xc5/0x120
[ 1872.049856][T12952]  ? __asan_memset+0x23/0x50
[ 1872.054498][T12952]  kernel_clone+0x21d/0x8d0
[ 1872.059032][T12952]  ? __pfx_kernel_clone+0x10/0x10
[ 1872.064104][T12952]  __se_sys_clone3+0x2cb/0x350
[ 1872.068892][T12952]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1872.074222][T12952]  ? do_syscall_64+0x108/0x240
[ 1872.079116][T12952]  ? do_syscall_64+0xb4/0x240
[ 1872.083816][T12952]  do_syscall_64+0xf9/0x240
[ 1872.088339][T12952]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1872.094248][T12952] RIP: 0033:0x7fd21c6a9b99
[ 1872.098677][T12952] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1872.118381][T12952] RSP: 002b:00007ffdc1e200c8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1872.126804][T12952] RAX: ffffffffffffffda RBX: 00007fd21c652270 RCX: 00007fd21c6a9b99
[ 1872.134789][T12952] RDX: 00007fd21c652270 RSI: 0000000000000058 RDI: 00007ffdc1e20110
[ 1872.142774][T12952] RBP: 00007fd21d49d6c0 R08: 00007fd21d49d6c0 R09: 00007ffdc1e201f7
00:46:58 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1872.150759][T12952] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1872.158740][T12952] R13: 000000000000000b R14: 00007ffdc1e20110 R15: 00007ffdc1e201f8
[ 1872.166735][T12952]  </TASK>
[ 1872.197308][T12952] memory: usage 307200kB, limit 307200kB, failcnt 26212
[ 1872.204430][T12952] memory+swap: usage 307436kB, limit 9007199254740988kB, failcnt 0
00:46:58 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:46:58 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="87000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1872.244857][T12952] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[ 1872.283043][T12952] Memory cgroup stats for /syz0:
[ 1872.283188][T12952] cache 8192
[ 1872.308871][T12952] rss 0
[ 1872.311984][T12971] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1872.318020][T12952] rss_huge 0
[ 1872.337930][T12952] shmem 0
[ 1872.340930][T12952] mapped_file 0
[ 1872.344409][T12952] dirty 8192
[ 1872.356419][T12952] writeback 0
[ 1872.361459][T12952] workingset_refault_anon 8275
[ 1872.366350][T12952] workingset_refault_file 1
[ 1872.371253][T12952] swap 241664
[ 1872.374574][T12952] swapcached 0
[ 1872.380411][T12952] pgpgin 128806
[ 1872.387257][T12952] pgpgout 128804
[ 1872.391285][T12952] pgfault 335706
[ 1872.395262][T12952] pgmajfault 8146
[ 1872.404716][T12952] inactive_anon 0
[ 1872.412180][T12952] active_anon 0
[ 1872.415824][T12952] inactive_file 8192
[ 1872.426652][T12952] active_file 0
[ 1872.431636][T12952] unevictable 0
[ 1872.441070][T12952] hierarchical_memory_limit 314572800
[ 1872.448196][T12952] hierarchical_memsw_limit 9223372036854771712
[ 1872.454602][T12952] total_cache 8192
[ 1872.457990][T12976] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1872.467809][T12952] total_rss 0
[ 1872.467827][T12952] total_rss_huge 0
[ 1872.467835][T12952] total_shmem 0
[ 1872.467844][T12952] total_mapped_file 0
[ 1872.467853][T12952] total_dirty 8192
[ 1872.467862][T12952] total_writeback 0
[ 1872.467871][T12952] total_workingset_refault_anon 8275
[ 1872.467880][T12952] total_workingset_refault_file 1
[ 1872.467890][T12952] total_swap 241664
[ 1872.467900][T12952] total_swapcached 0
[ 1872.467908][T12952] total_pgpgin 128806
00:46:58 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="87000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

00:46:58 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1872.467916][T12952] total_pgpgout 128804
[ 1872.467924][T12952] total_pgfault 335706
[ 1872.467933][T12952] total_pgmajfault 8146
[ 1872.467942][T12952] total_inactive_anon 0
[ 1872.467952][T12952] total_active_anon 0
[ 1872.467960][T12952] total_inactive_file 8192
[ 1872.467968][T12952] total_active_file 0
[ 1872.467977][T12952] total_unevictable 0
[ 1872.467986][T12952] anon_cost 0
[ 1872.467995][T12952] file_cost 0
[ 1872.468004][T12952] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12952,uid=0
[ 1872.586202][T12952] Memory cgroup out of memory: Killed process 12952 (syz-executor.0) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 1872.660118][T12979] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
00:46:58 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:46:59 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="87000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async, rerun: 64)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0) (rerun: 64)

00:46:59 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:46:59 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1873.152285][T12988] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1873.297807][T12984] syz-executor.0 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 1873.311927][T12984] CPU: 0 PID: 12984 Comm: syz-executor.0 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1873.322412][T12984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1873.332516][T12984] Call Trace:
[ 1873.335833][T12984]  <TASK>
[ 1873.338796][T12984]  dump_stack_lvl+0x1e7/0x2e0
[ 1873.343521][T12984]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1873.348756][T12984]  ? __pfx__printk+0x10/0x10
[ 1873.353360][T12984]  ? ___ratelimit+0x4c4/0x670
[ 1873.358057][T12984]  ? __pfx____ratelimit+0x10/0x10
[ 1873.363099][T12984]  dump_header+0xda/0x6a0
[ 1873.367455][T12984]  oom_kill_process+0x3a7/0x930
[ 1873.372337][T12984]  out_of_memory+0xf67/0x1320
[ 1873.377041][T12984]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1873.382696][T12984]  ? __pfx___mutex_lock+0x10/0x10
[ 1873.387732][T12984]  ? __pfx_out_of_memory+0x10/0x10
[ 1873.392865][T12984]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1873.398426][T12984]  ? __pfx_lock_release+0x10/0x10
[ 1873.403478][T12984]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1873.409573][T12984]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1873.414780][T12984]  ? mem_cgroup_iter+0x3e9/0x560
[ 1873.419731][T12984]  try_charge_memcg+0xda2/0x18a0
[ 1873.424669][T12984]  ? mark_lock+0x9a/0x350
[ 1873.429018][T12984]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1873.434434][T12984]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1873.440596][T12984]  charge_memcg+0xa2/0x160
[ 1873.445032][T12984]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1873.451109][T12984]  __read_swap_cache_async+0x480/0x8b0
[ 1873.456573][T12984]  ? mark_lock+0x9a/0x350
[ 1873.460916][T12984]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1873.466942][T12984]  swap_cluster_readahead+0x67c/0x810
[ 1873.472344][T12984]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1873.478276][T12984]  ? __pfx_lock_release+0x10/0x10
[ 1873.483341][T12984]  ? xas_descend+0x37e/0x470
[ 1873.487952][T12984]  swapin_readahead+0x1ea/0x1070
[ 1873.492908][T12984]  ? filemap_get_entry+0x127/0x4e0
[ 1873.498077][T12984]  ? __pfx_swapin_readahead+0x10/0x10
[ 1873.503473][T12984]  ? __filemap_get_folio+0x935/0xbc0
[ 1873.508802][T12984]  ? swap_cache_get_folio+0x9f/0x570
[ 1873.514107][T12984]  do_swap_page+0x791/0x3f40
[ 1873.518714][T12984]  ? rcu_is_watching+0x15/0xb0
[ 1873.523505][T12984]  ? do_swap_page+0x154/0x3f40
[ 1873.528286][T12984]  ? __pfx_do_swap_page+0x10/0x10
[ 1873.533319][T12984]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1873.538791][T12984]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1873.544615][T12984]  __handle_mm_fault+0x15e8/0x72d0
[ 1873.549789][T12984]  ? reacquire_held_locks+0x3eb/0x690
[ 1873.555170][T12984]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1873.560656][T12984]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 1873.566416][T12984]  ? mtree_range_walk+0x6fd/0x8e0
[ 1873.571465][T12984]  ? lock_vma_under_rcu+0x18a/0x730
[ 1873.576678][T12984]  ? __pfx_lock_release+0x10/0x10
[ 1873.581717][T12984]  ? lock_vma_under_rcu+0x2f9/0x730
[ 1873.586960][T12984]  ? lock_vma_under_rcu+0x18a/0x730
[ 1873.592172][T12984]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 1873.597732][T12984]  handle_mm_fault+0x3c1/0x8a0
[ 1873.602519][T12984]  exc_page_fault+0x456/0x870
[ 1873.607218][T12984]  asm_exc_page_fault+0x26/0x30
[ 1873.612078][T12984] RIP: 0033:0x7fd21c6590fa
[ 1873.616502][T12984] Code: 48 85 ff 0f 84 0f 02 00 00 48 83 3d 2f 17 c8 00 1f 0f 87 31 01 00 00 b8 80 00 00 00 41 bd 02 00 00 00 bb 20 00 00 00 48 01 e8 <48> 8b 48 08 48 8d 70 f0 48 39 ce 0f 84 18 fe ff ff 48 8b 51 18 48
[ 1873.636115][T12984] RSP: 002b:00007ffdc1e200f0 EFLAGS: 00010202
[ 1873.642198][T12984] RAX: 00007fd21c77f7e0 RBX: 0000000000000120 RCX: 00007fd21c67de67
[ 1873.650189][T12984] RDX: 0000000000000001 RSI: 0000000000000110 RDI: 00007fd21c77f660
[ 1873.658170][T12984] RBP: 00007fd21c77f660 R08: 00000000ffffffff R09: 0000000000000000
[ 1873.666147][T12984] R10: 0000000000021000 R11: 0000000000000206 R12: 0000000000000110
[ 1873.674136][T12984] R13: 0000000000000012 R14: 0000000000001000 R15: 0000000000000000
[ 1873.682132][T12984]  </TASK>
[ 1873.693256][T12984] memory: usage 307180kB, limit 307200kB, failcnt 26524
[ 1873.700515][T12984] memory+swap: usage 307400kB, limit 9007199254740988kB, failcnt 0
[ 1873.708864][T12984] kmem: usage 307156kB, limit 9007199254740988kB, failcnt 0
[ 1873.716765][T12984] Memory cgroup stats for /syz0:
[ 1873.729455][T12984] cache 12288
[ 1873.739303][T12984] rss 12288
[ 1873.748989][T12984] rss_huge 0
[ 1873.753954][T12984] shmem 0
[ 1873.758739][T12984] mapped_file 0
[ 1873.762580][T12984] dirty 8192
[ 1873.766114][T12984] writeback 0
[ 1873.769844][T12984] workingset_refault_anon 8373
[ 1873.776040][T12984] workingset_refault_file 1
[ 1873.779385][T12991] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1873.782343][T12984] swap 225280
[ 1873.793663][T12984] swapcached 12288
00:47:00 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1873.801598][T12984] pgpgin 128916
[ 1873.805353][T12984] pgpgout 128910
[ 1873.834860][T12984] pgfault 335865
[ 1873.844522][T12984] pgmajfault 8232
[ 1873.853179][T12984] inactive_anon 8192
[ 1873.863358][T12984] active_anon 4096
[ 1873.872491][T12984] inactive_file 12288
[ 1873.886056][T12984] active_file 0
[ 1873.894136][T12984] unevictable 0
[ 1873.904564][T12984] hierarchical_memory_limit 314572800
[ 1873.924562][T12984] hierarchical_memsw_limit 9223372036854771712
[ 1873.944881][T12984] total_cache 12288
[ 1873.953989][T12984] total_rss 12288
00:47:00 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1874.132076][T12984] total_rss_huge 0
[ 1874.138787][T12984] total_shmem 0
[ 1874.142390][T12984] total_mapped_file 0
[ 1874.148871][T12984] total_dirty 8192
[ 1874.153044][T12984] total_writeback 0
[ 1874.177277][T12984] total_workingset_refault_anon 8373
[ 1874.183999][T12984] total_workingset_refault_file 1
[ 1874.208647][T12984] total_swap 225280
[ 1874.214857][T12984] total_swapcached 12288
[ 1874.223660][T12984] total_pgpgin 128916
[ 1874.230285][T12984] total_pgpgout 128910
[ 1874.237010][T12984] total_pgfault 335865
[ 1874.242736][T12984] total_pgmajfault 8232
[ 1874.249569][T12984] total_inactive_anon 8192
[ 1874.256575][T12984] total_active_anon 4096
[ 1874.263481][T12984] total_inactive_file 12288
[ 1874.272362][T12984] total_active_file 0
[ 1874.290149][T12984] total_unevictable 0
[ 1874.303543][T12984] anon_cost 0
[ 1874.311649][T12984] file_cost 0
[ 1874.323177][T12984] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12984,uid=0
[ 1874.351504][T12984] Memory cgroup out of memory: Killed process 12984 (syz-executor.0) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:47:00 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1400]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:47:00 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
getpeername$packet(r1, &(0x7f0000000380)={0x11, 0x0, <r3=>0x0}, &(0x7f0000000400)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000440)={&(0x7f0000000580)=@ipv6_newaddrlabel={0x98, 0x48, 0x402, 0x70bd27, 0x25dfdbfd, {0xa, 0x0, 0x10, 0x0, r3, 0x4}, [@IFAL_ADDRESS={0x14, 0x1, @remote}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @private=0x3}}, @IFAL_ADDRESS={0x14, 0x1, @private0}, @IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_LABEL={0x8, 0x2, 0x5}, @IFAL_LABEL={0x8, 0x2, 0xc}, @IFAL_ADDRESS={0x14, 0x1, @mcast1}, @IFAL_ADDRESS={0x14, 0x1, @mcast2}]}, 0x98}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)
socket(0x11, 0x5, 0x40)
r5 = syz_genetlink_get_family_id$gtp(&(0x7f00000001c0), r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff})
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
setsockopt$sock_attach_bpf(r6, 0x1, 0x2a, &(0x7f0000000100)=r7, 0x4)
r8 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
r9 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x68, r5, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@GTPA_NET_NS_FD={0x8, 0x7, r7}, @GTPA_TID={0xc, 0x3, 0x4}, @GTPA_FLOW={0x6}, @GTPA_O_TEI={0x8, 0x9, 0x4}, @GTPA_MS_ADDRESS={0x8, 0x5, @private=0xfffffeff}, @GTPA_NET_NS_FD={0x8, 0x7, r8}, @GTPA_I_TEI={0x8, 0x8, 0x1}, @GTPA_NET_NS_FD={0x8, 0x7, r9}, @GTPA_NET_NS_FD={0x8, 0x7, r1}, @GTPA_LINK={0x8, 0x1, r4}]}, 0x68}, 0x1, 0x0, 0x0, 0x80}, 0x0)

[ 1874.538808][T12996] tbf_change: 5 callbacks suppressed
[ 1874.538829][T12996] sch_tbf: burst 0 is lower than device bridge4519 mtu (1514) !
00:47:00 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1874.623453][ T5099] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1874.672960][ T5099] CPU: 0 PID: 5099 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1874.683365][ T5099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1874.693470][ T5099] Call Trace:
[ 1874.696787][ T5099]  <TASK>
[ 1874.699768][ T5099]  dump_stack_lvl+0x1e7/0x2e0
[ 1874.704533][ T5099]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1874.709786][ T5099]  ? __pfx__printk+0x10/0x10
[ 1874.714445][ T5099]  ? ___ratelimit+0x4c4/0x670
[ 1874.719176][ T5099]  ? __pfx____ratelimit+0x10/0x10
[ 1874.724280][ T5099]  dump_header+0xda/0x6a0
[ 1874.728664][ T5099]  oom_kill_process+0x3a7/0x930
[ 1874.733570][ T5099]  out_of_memory+0xf67/0x1320
[ 1874.738295][ T5099]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1874.743977][ T5099]  ? __pfx___mutex_lock+0x10/0x10
[ 1874.749054][ T5099]  ? __pfx_out_of_memory+0x10/0x10
[ 1874.754233][ T5099]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1874.759859][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1874.764938][ T5099]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1874.771060][ T5099]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1874.776308][ T5099]  ? mem_cgroup_iter+0x3e9/0x560
[ 1874.781303][ T5099]  try_charge_memcg+0xda2/0x18a0
[ 1874.786285][ T5099]  ? mark_lock+0x9a/0x350
[ 1874.790685][ T5099]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1874.796234][ T5099]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1874.802443][ T5099]  charge_memcg+0xa2/0x160
[ 1874.806925][ T5099]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1874.813047][ T5099]  __read_swap_cache_async+0x480/0x8b0
[ 1874.818561][ T5099]  ? mark_lock+0x9a/0x350
[ 1874.822960][ T5099]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1874.829010][ T5099]  swap_cluster_readahead+0x67c/0x810
[ 1874.834455][ T5099]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1874.840417][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1874.845523][ T5099]  ? xas_descend+0x37e/0x470
[ 1874.850176][ T5099]  swapin_readahead+0x1ea/0x1070
[ 1874.855187][ T5099]  ? filemap_get_entry+0x127/0x4e0
[ 1874.860369][ T5099]  ? __pfx_swapin_readahead+0x10/0x10
[ 1874.865795][ T5099]  ? __filemap_get_folio+0x935/0xbc0
[ 1874.871137][ T5099]  ? swap_cache_get_folio+0x9f/0x570
[ 1874.876484][ T5099]  do_swap_page+0x791/0x3f40
[ 1874.881128][ T5099]  ? rcu_is_watching+0x15/0xb0
[ 1874.885972][ T5099]  ? do_swap_page+0x154/0x3f40
[ 1874.890788][ T5099]  ? __pfx_do_swap_page+0x10/0x10
[ 1874.895880][ T5099]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1874.901396][ T5099]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1874.907256][ T5099]  ? __pfx_validate_chain+0x10/0x10
[ 1874.912514][ T5099]  __handle_mm_fault+0x15e8/0x72d0
[ 1874.917717][ T5099]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1874.923247][ T5099]  ? mt_find+0x226/0x850
[ 1874.927551][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1874.932650][ T5099]  ? mt_find+0x62d/0x850
[ 1874.936944][ T5099]  ? mt_find+0x226/0x850
[ 1874.941269][ T5099]  ? find_vma+0x142/0x1c0
[ 1874.945653][ T5099]  ? __pfx_find_vma+0x10/0x10
[ 1874.950379][ T5099]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1874.956439][ T5099]  handle_mm_fault+0x3c1/0x8a0
[ 1874.961277][ T5099]  exc_page_fault+0x2ad/0x870
[ 1874.966035][ T5099]  asm_exc_page_fault+0x26/0x30
[ 1874.971029][ T5099] RIP: 0010:__get_user_8+0x11/0x20
[ 1874.976200][ T5099] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 1874.995865][ T5099] RSP: 0018:ffffc90003dffd98 EFLAGS: 00050202
[ 1875.000069][T13002] sch_tbf: burst 5 is lower than device bridge3787 mtu (1514) !
[ 1875.001976][ T5099] RAX: 0000555556d69da8 RBX: ffff888021c59538 RCX: ffffc90003dffc03
[ 1875.002000][ T5099] RDX: 0000000000000000 RSI: ffffffff8baac7e0 RDI: ffffffff8bfe6de0
[ 1875.025632][ T5099] RBP: ffffc90003dffec8 R08: ffffffff8f856baf R09: 1ffffffff1f0ad75
[ 1875.033655][ T5099] R10: dffffc0000000000 R11: fffffbfff1f0ad76 R12: ffffc90003dffda0
[ 1875.041683][ T5099] R13: ffffc90003dfffd8 R14: dffffc0000000000 R15: ffff888021c58000
[ 1875.049743][ T5099]  __rseq_handle_notify_resume+0x158/0x1490
[ 1875.057281][ T5099]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 1875.063686][ T5099]  ? syscall_exit_to_user_mode+0xa2/0x360
[ 1875.069482][ T5099]  syscall_exit_to_user_mode+0x113/0x360
[ 1875.075183][ T5099]  do_syscall_64+0x108/0x240
[ 1875.079865][ T5099]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1875.085830][ T5099] RIP: 0033:0x7fa936ca91b5
[ 1875.090287][ T5099] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[ 1875.109939][ T5099] RSP: 002b:00007fff55d50a80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 1875.118402][ T5099] RAX: 0000000000000000 RBX: 000000000000386f RCX: 00007fa936ca91b5
[ 1875.126520][ T5099] RDX: 00007fff55d50ac0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1875.134536][ T5099] RBP: 00007fff55d50b4c R08: 0000000000000000 R09: 00007fff55de70b0
[ 1875.142552][ T5099] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 1875.150566][ T5099] R13: 00000000001c9507 R14: 00000000001c94b3 R15: 0000000000000004
[ 1875.158600][ T5099]  </TASK>
[ 1875.195550][ T5099] memory: usage 307200kB, limit 307200kB, failcnt 1201
00:47:01 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0) (async)
getpeername$packet(r1, &(0x7f0000000380)={0x11, 0x0, <r3=>0x0}, &(0x7f0000000400)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000440)={&(0x7f0000000580)=@ipv6_newaddrlabel={0x98, 0x48, 0x402, 0x70bd27, 0x25dfdbfd, {0xa, 0x0, 0x10, 0x0, r3, 0x4}, [@IFAL_ADDRESS={0x14, 0x1, @remote}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @private=0x3}}, @IFAL_ADDRESS={0x14, 0x1, @private0}, @IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_LABEL={0x8, 0x2, 0x5}, @IFAL_LABEL={0x8, 0x2, 0xc}, @IFAL_ADDRESS={0x14, 0x1, @mcast1}, @IFAL_ADDRESS={0x14, 0x1, @mcast2}]}, 0x98}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)
socket(0x11, 0x5, 0x40)
r5 = syz_genetlink_get_family_id$gtp(&(0x7f00000001c0), r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff}) (async)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
setsockopt$sock_attach_bpf(r6, 0x1, 0x2a, &(0x7f0000000100)=r7, 0x4) (async)
r8 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) (async)
r9 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x68, r5, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@GTPA_NET_NS_FD={0x8, 0x7, r7}, @GTPA_TID={0xc, 0x3, 0x4}, @GTPA_FLOW={0x6}, @GTPA_O_TEI={0x8, 0x9, 0x4}, @GTPA_MS_ADDRESS={0x8, 0x5, @private=0xfffffeff}, @GTPA_NET_NS_FD={0x8, 0x7, r8}, @GTPA_I_TEI={0x8, 0x8, 0x1}, @GTPA_NET_NS_FD={0x8, 0x7, r9}, @GTPA_NET_NS_FD={0x8, 0x7, r1}, @GTPA_LINK={0x8, 0x1, r4}]}, 0x68}, 0x1, 0x0, 0x0, 0x80}, 0x0)

00:47:01 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1875.249287][ T5099] memory+swap: usage 307396kB, limit 9007199254740988kB, failcnt 0
[ 1875.343729][ T5099] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 1875.362067][ T5099] Memory cgroup stats for /syz1:
[ 1875.362228][ T5099] cache 8192
[ 1875.406393][ T5099] rss 12288
[ 1875.424827][ T5099] rss_huge 0
[ 1875.439705][ T5099] shmem 0
[ 1875.454391][ T5099] mapped_file 0
[ 1875.472517][ T5099] dirty 8192
[ 1875.482224][ T5099] writeback 0
[ 1875.492678][ T5099] workingset_refault_anon 424
[ 1875.513905][ T5099] workingset_refault_file 1
[ 1875.528430][ T5099] swap 200704
[ 1875.539011][ T5099] swapcached 12288
[ 1875.550719][ T5099] pgpgin 125783
[ 1875.559163][ T5099] pgpgout 125778
00:47:01 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1875.563010][ T5099] pgfault 334180
[ 1875.569315][ T5099] pgmajfault 377
[ 1875.580543][T13010] sch_tbf: burst 0 is lower than device bridge4520 mtu (1514) !
[ 1875.580791][ T5099] inactive_anon 0
[ 1875.592640][ T5099] active_anon 12288
[ 1875.596759][ T5099] inactive_file 0
[ 1875.649736][ T5099] active_file 8192
[ 1875.666304][ T5099] unevictable 0
[ 1875.683833][ T5099] hierarchical_memory_limit 314572800
[ 1875.709495][ T5099] hierarchical_memsw_limit 9223372036854771712
[ 1875.714103][T13012] sch_tbf: burst 5 is lower than device bridge3788 mtu (1514) !
[ 1875.718292][ T5099] total_cache 8192
[ 1875.733070][ T5099] total_rss 12288
[ 1875.736965][ T5099] total_rss_huge 0
[ 1875.746182][ T5099] total_shmem 0
00:47:02 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
getpeername$packet(r1, &(0x7f0000000380)={0x11, 0x0, <r3=>0x0}, &(0x7f0000000400)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000440)={&(0x7f0000000580)=@ipv6_newaddrlabel={0x98, 0x48, 0x402, 0x70bd27, 0x25dfdbfd, {0xa, 0x0, 0x10, 0x0, r3, 0x4}, [@IFAL_ADDRESS={0x14, 0x1, @remote}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @private=0x3}}, @IFAL_ADDRESS={0x14, 0x1, @private0}, @IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_LABEL={0x8, 0x2, 0x5}, @IFAL_LABEL={0x8, 0x2, 0xc}, @IFAL_ADDRESS={0x14, 0x1, @mcast1}, @IFAL_ADDRESS={0x14, 0x1, @mcast2}]}, 0x98}}, 0x0) (async)
sendmsg$nl_route(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000440)={&(0x7f0000000580)=@ipv6_newaddrlabel={0x98, 0x48, 0x402, 0x70bd27, 0x25dfdbfd, {0xa, 0x0, 0x10, 0x0, r3, 0x4}, [@IFAL_ADDRESS={0x14, 0x1, @remote}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @private=0x3}}, @IFAL_ADDRESS={0x14, 0x1, @private0}, @IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_LABEL={0x8, 0x2, 0x5}, @IFAL_LABEL={0x8, 0x2, 0xc}, @IFAL_ADDRESS={0x14, 0x1, @mcast1}, @IFAL_ADDRESS={0x14, 0x1, @mcast2}]}, 0x98}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)
socket(0x11, 0x5, 0x40)
r5 = syz_genetlink_get_family_id$gtp(&(0x7f00000001c0), r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) (async)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
setsockopt$sock_attach_bpf(r6, 0x1, 0x2a, &(0x7f0000000100)=r7, 0x4)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) (async)
r8 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
r9 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x68, r5, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@GTPA_NET_NS_FD={0x8, 0x7, r7}, @GTPA_TID={0xc, 0x3, 0x4}, @GTPA_FLOW={0x6}, @GTPA_O_TEI={0x8, 0x9, 0x4}, @GTPA_MS_ADDRESS={0x8, 0x5, @private=0xfffffeff}, @GTPA_NET_NS_FD={0x8, 0x7, r8}, @GTPA_I_TEI={0x8, 0x8, 0x1}, @GTPA_NET_NS_FD={0x8, 0x7, r9}, @GTPA_NET_NS_FD={0x8, 0x7, r1}, @GTPA_LINK={0x8, 0x1, r4}]}, 0x68}, 0x1, 0x0, 0x0, 0x80}, 0x0)

[ 1875.782204][ T5099] total_mapped_file 0
[ 1875.790263][T13018] __nla_validate_parse: 4 callbacks suppressed
[ 1875.790283][T13018] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1875.806155][ T5099] total_dirty 8192
[ 1875.857531][ T5099] total_writeback 0
[ 1875.865666][ T5099] total_workingset_refault_anon 424
[ 1875.874840][ T5099] total_workingset_refault_file 1
[ 1875.893246][ T5099] total_swap 200704
[ 1875.900758][ T5099] total_swapcached 12288
[ 1875.905311][ T5099] total_pgpgin 125783
[ 1875.919641][ T5099] total_pgpgout 125778
[ 1875.926644][ T5099] total_pgfault 334180
[ 1875.936274][ T5099] total_pgmajfault 377
[ 1875.944070][ T5099] total_inactive_anon 0
[ 1875.955103][ T5099] total_active_anon 12288
[ 1875.960606][ T5099] total_inactive_file 0
[ 1875.965036][ T5099] total_active_file 8192
[ 1875.970076][ T5099] total_unevictable 0
[ 1875.974315][ T5099] anon_cost 0
[ 1875.978125][ T5099] file_cost 0
[ 1875.981764][ T5099] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=12990,uid=0
[ 1876.010944][ T5099] Memory cgroup out of memory: Killed process 12990 (syz-executor.1) total-vm:54640kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 1876.015930][T13019] sch_tbf: burst 0 is lower than device bridge4521 mtu (1514) !
[ 1876.030178][T13001] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1876.047759][T13001] CPU: 0 PID: 13001 Comm: syz-executor.0 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1876.058229][T13001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1876.068329][T13001] Call Trace:
[ 1876.071636][T13001]  <TASK>
[ 1876.074576][T13001]  dump_stack_lvl+0x1e7/0x2e0
[ 1876.079279][T13001]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1876.084494][T13001]  ? __pfx__printk+0x10/0x10
[ 1876.089099][T13001]  ? ___ratelimit+0x4c4/0x670
[ 1876.093798][T13001]  ? __pfx____ratelimit+0x10/0x10
[ 1876.098839][T13001]  dump_header+0xda/0x6a0
[ 1876.103189][T13001]  oom_kill_process+0x3a7/0x930
[ 1876.108059][T13001]  out_of_memory+0xf67/0x1320
[ 1876.112759][T13001]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1876.118407][T13001]  ? __pfx___mutex_lock+0x10/0x10
[ 1876.123443][T13001]  ? __pfx_out_of_memory+0x10/0x10
[ 1876.128582][T13001]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1876.134145][T13001]  ? __pfx_lock_release+0x10/0x10
[ 1876.139190][T13001]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1876.145273][T13001]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1876.150485][T13001]  ? mem_cgroup_iter+0x3e9/0x560
[ 1876.155439][T13001]  try_charge_memcg+0xda2/0x18a0
[ 1876.160412][T13001]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1876.165798][T13001]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1876.171528][T13001]  ? __pfx_lock_release+0x10/0x10
[ 1876.176569][T13001]  ? memcg_account_kmem+0x1e7/0x210
[ 1876.181789][T13001]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1876.187608][T13001]  __memcg_kmem_charge_page+0xe1/0x250
[ 1876.193089][T13001]  memcg_charge_kernel_stack+0x37e/0x550
[ 1876.198755][T13001]  dup_task_struct+0x15d/0x7d0
[ 1876.203537][T13001]  copy_process+0x5d5/0x3fc0
[ 1876.208150][T13001]  ? __might_fault+0xa9/0x120
[ 1876.212846][T13001]  ? __pfx_lock_release+0x10/0x10
[ 1876.217892][T13001]  ? __pfx_copy_process+0x10/0x10
[ 1876.222941][T13001]  ? __might_fault+0xc5/0x120
[ 1876.227635][T13001]  ? __asan_memset+0x23/0x50
[ 1876.232250][T13001]  kernel_clone+0x21d/0x8d0
[ 1876.236769][T13001]  ? __pfx_kernel_clone+0x10/0x10
[ 1876.241825][T13001]  __se_sys_clone3+0x2cb/0x350
[ 1876.246604][T13001]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1876.251927][T13001]  ? do_syscall_64+0x108/0x240
[ 1876.256714][T13001]  ? do_syscall_64+0xb4/0x240
[ 1876.261415][T13001]  do_syscall_64+0xf9/0x240
[ 1876.265972][T13001]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1876.271890][T13001] RIP: 0033:0x7fd21c6a9b99
[ 1876.276314][T13001] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1876.295929][T13001] RSP: 002b:00007ffdc1e200c8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1876.304358][T13001] RAX: ffffffffffffffda RBX: 00007fd21c652270 RCX: 00007fd21c6a9b99
[ 1876.312339][T13001] RDX: 00007fd21c652270 RSI: 0000000000000058 RDI: 00007ffdc1e20110
[ 1876.320319][T13001] RBP: 00007fd21d49d6c0 R08: 00007fd21d49d6c0 R09: 00007ffdc1e201f7
[ 1876.328297][T13001] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1876.336275][T13001] R13: 000000000000000b R14: 00007ffdc1e20110 R15: 00007ffdc1e201f8
[ 1876.344271][T13001]  </TASK>
[ 1876.350804][T13021] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
00:47:02 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x15000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:47:02 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1876.400972][T13001] memory: usage 307200kB, limit 307200kB, failcnt 26736
[ 1876.414596][T13001] memory+swap: usage 307396kB, limit 9007199254740988kB, failcnt 0
[ 1876.422911][T13001] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[ 1876.430524][T13001] Memory cgroup stats for /syz0:
[ 1876.430652][T13001] cache 12288
00:47:02 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
bind$packet(r1, &(0x7f0000000180)={0x11, 0x19, r2, 0x1, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}}, 0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1876.558493][T13001] rss 0
[ 1876.561337][T13001] rss_huge 0
[ 1876.578420][T13001] shmem 0
[ 1876.581457][T13001] mapped_file 0
[ 1876.584950][T13001] dirty 12288
[ 1876.606518][T13001] writeback 0
[ 1876.619141][T13001] workingset_refault_anon 8451
[ 1876.622263][T13027] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1876.623950][T13001] workingset_refault_file 1
[ 1876.623964][T13001] swap 200704
[ 1876.623974][T13001] swapcached 0
[ 1876.623984][T13001] pgpgin 129006
[ 1876.623993][T13001] pgpgout 129003
[ 1876.624003][T13001] pgfault 335997
[ 1876.624012][T13001] pgmajfault 8306
[ 1876.624022][T13001] inactive_anon 0
[ 1876.704255][T13001] active_anon 0
[ 1876.712288][T13001] inactive_file 12288
[ 1876.721049][T13001] active_file 0
[ 1876.728419][T13001] unevictable 0
[ 1876.735425][T13001] hierarchical_memory_limit 314572800
[ 1876.750160][T13001] hierarchical_memsw_limit 9223372036854771712
[ 1876.764774][T13001] total_cache 12288
[ 1876.773620][T13001] total_rss 0
[ 1876.781966][T13001] total_rss_huge 0
[ 1876.790673][T13001] total_shmem 0
[ 1876.801140][T13001] total_mapped_file 0
[ 1876.809865][T13001] total_dirty 12288
[ 1876.818122][T13001] total_writeback 0
[ 1876.834799][T13029] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1876.838382][T13001] total_workingset_refault_anon 8451
[ 1876.873745][T13001] total_workingset_refault_file 1
[ 1876.886857][T13001] total_swap 200704
[ 1876.903406][T13001] total_swapcached 0
[ 1876.915282][T13001] total_pgpgin 129006
[ 1876.927314][T13001] total_pgpgout 129003
[ 1876.936970][T13001] total_pgfault 335997
[ 1876.950828][T13001] total_pgmajfault 8306
[ 1876.960345][T13001] total_inactive_anon 0
[ 1876.969436][T13001] total_active_anon 0
[ 1876.978601][T13001] total_inactive_file 12288
[ 1876.987751][T13001] total_active_file 0
[ 1876.996046][T13001] total_unevictable 0
[ 1877.002828][T13030] sch_tbf: burst 0 is lower than device bridge4522 mtu (1514) !
[ 1877.009853][T13001] anon_cost 0
[ 1877.020696][T13001] file_cost 0
00:47:03 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1877.024477][T13001] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=13001,uid=0
[ 1877.034723][T13032] sch_tbf: burst 5 is lower than device bridge3790 mtu (1514) !
[ 1877.060554][T13001] Memory cgroup out of memory: Killed process 13001 (syz-executor.0) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:47:03 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
bind$packet(r1, &(0x7f0000000180)={0x11, 0x19, r2, 0x1, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}}, 0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

00:47:03 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1500]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:47:03 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1877.282317][T13035] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1877.543278][T13037] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1877.581431][T13040] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1877.625784][T13040] CPU: 0 PID: 13040 Comm: syz-executor.0 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1877.636281][T13040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1877.646398][T13040] Call Trace:
[ 1877.649717][T13040]  <TASK>
[ 1877.652692][T13040]  dump_stack_lvl+0x1e7/0x2e0
[ 1877.657433][T13040]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1877.662683][T13040]  ? __pfx__printk+0x10/0x10
[ 1877.667323][T13040]  ? ___ratelimit+0x4c4/0x670
[ 1877.672043][T13040]  ? __pfx____ratelimit+0x10/0x10
[ 1877.677094][T13040]  dump_header+0xda/0x6a0
[ 1877.681457][T13040]  oom_kill_process+0x3a7/0x930
[ 1877.686326][T13040]  out_of_memory+0xf67/0x1320
[ 1877.691025][T13040]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1877.696670][T13040]  ? __pfx___mutex_lock+0x10/0x10
[ 1877.701709][T13040]  ? __pfx_out_of_memory+0x10/0x10
[ 1877.706842][T13040]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1877.712401][T13040]  ? __pfx_lock_release+0x10/0x10
[ 1877.717447][T13040]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1877.723529][T13040]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1877.728744][T13040]  ? mem_cgroup_iter+0x3e9/0x560
[ 1877.733696][T13040]  try_charge_memcg+0xda2/0x18a0
[ 1877.738665][T13040]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1877.744044][T13040]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1877.749770][T13040]  ? __pfx_lock_release+0x10/0x10
[ 1877.754992][T13040]  ? memcg_account_kmem+0x1e7/0x210
[ 1877.760210][T13040]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1877.766029][T13040]  __memcg_kmem_charge_page+0xe1/0x250
[ 1877.771511][T13040]  memcg_charge_kernel_stack+0x210/0x550
[ 1877.777169][T13040]  dup_task_struct+0x40d/0x7d0
[ 1877.781954][T13040]  copy_process+0x5d5/0x3fc0
[ 1877.786563][T13040]  ? __might_fault+0xa9/0x120
[ 1877.791251][T13040]  ? __pfx_lock_release+0x10/0x10
[ 1877.796296][T13040]  ? __pfx_copy_process+0x10/0x10
[ 1877.806129][T13040]  ? __might_fault+0xc5/0x120
[ 1877.810830][T13040]  ? __asan_memset+0x23/0x50
[ 1877.815451][T13040]  kernel_clone+0x21d/0x8d0
[ 1877.819969][T13040]  ? __pfx_kernel_clone+0x10/0x10
[ 1877.825020][T13040]  __se_sys_clone3+0x2cb/0x350
[ 1877.829796][T13040]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1877.835124][T13040]  ? do_syscall_64+0x108/0x240
[ 1877.839913][T13040]  ? do_syscall_64+0xb4/0x240
[ 1877.844613][T13040]  do_syscall_64+0xf9/0x240
[ 1877.849139][T13040]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1877.855050][T13040] RIP: 0033:0x7fd21c6a9b99
[ 1877.859475][T13040] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1877.879196][T13040] RSP: 002b:00007ffdc1e200c8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1877.887643][T13040] RAX: ffffffffffffffda RBX: 00007fd21c652270 RCX: 00007fd21c6a9b99
[ 1877.895630][T13040] RDX: 00007fd21c652270 RSI: 0000000000000058 RDI: 00007ffdc1e20110
[ 1877.903609][T13040] RBP: 00007fd21d49d6c0 R08: 00007fd21d49d6c0 R09: 00007ffdc1e201f7
[ 1877.911601][T13040] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1877.919589][T13040] R13: 000000000000000b R14: 00007ffdc1e20110 R15: 00007ffdc1e201f8
[ 1877.927587][T13040]  </TASK>
[ 1877.942652][T13040] memory: usage 307200kB, limit 307200kB, failcnt 26893
[ 1877.949759][T13040] memory+swap: usage 307384kB, limit 9007199254740988kB, failcnt 0
[ 1877.958139][T13040] kmem: usage 307176kB, limit 9007199254740988kB, failcnt 0
[ 1877.965475][T13040] Memory cgroup stats for /syz0:
[ 1877.965627][T13040] cache 12288
[ 1877.974946][T13040] rss 12288
[ 1877.978173][T13040] rss_huge 0
[ 1877.981401][T13040] shmem 0
[ 1877.984363][T13040] mapped_file 0
[ 1878.014826][T13040] dirty 12288
[ 1878.029905][T13040] writeback 0
[ 1878.043361][T13040] workingset_refault_anon 8511
[ 1878.061461][T13040] workingset_refault_file 1
[ 1878.066216][T13040] swap 188416
[ 1878.090968][T13039] sch_tbf: burst 0 is lower than device bridge4523 mtu (1514) !
[ 1878.092214][T13040] swapcached 8192
[ 1878.109564][T13040] pgpgin 129079
[ 1878.115297][T13040] pgpgout 129073
[ 1878.120960][T13038] sch_tbf: burst 5 is lower than device bridge3791 mtu (1514) !
[ 1878.125031][T13040] pgfault 336120
00:47:04 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1878.138167][T13040] pgmajfault 8364
[ 1878.144004][T13040] inactive_anon 0
[ 1878.151913][T13040] active_anon 12288
[ 1878.156244][T13040] inactive_file 0
00:47:04 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async, rerun: 32)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (rerun: 32)
bind$packet(r1, &(0x7f0000000180)={0x11, 0x19, r2, 0x1, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}}, 0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async, rerun: 64)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0) (rerun: 64)

[ 1878.185222][T13040] active_file 12288
[ 1878.198539][T13040] unevictable 0
[ 1878.212542][T13040] hierarchical_memory_limit 314572800
[ 1878.234816][T13040] hierarchical_memsw_limit 9223372036854771712
[ 1878.255959][T13040] total_cache 12288
[ 1878.275426][T13040] total_rss 12288
[ 1878.290088][T13040] total_rss_huge 0
[ 1878.310593][T13040] total_shmem 0
[ 1878.316722][T13040] total_mapped_file 0
[ 1878.323754][T13044] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1878.336727][T13040] total_dirty 12288
[ 1878.347246][T13040] total_writeback 0
[ 1878.361573][T13040] total_workingset_refault_anon 8511
[ 1878.376083][T13040] total_workingset_refault_file 1
[ 1878.388932][T13040] total_swap 188416
[ 1878.401621][T13040] total_swapcached 8192
[ 1878.410969][T13040] total_pgpgin 129079
[ 1878.421467][T13040] total_pgpgout 129073
[ 1878.430896][T13040] total_pgfault 336120
[ 1878.440890][T13040] total_pgmajfault 8364
[ 1878.452615][T13040] total_inactive_anon 0
[ 1878.463237][T13040] total_active_anon 12288
[ 1878.473706][T13040] total_inactive_file 0
[ 1878.487681][T13040] total_active_file 12288
[ 1878.499745][T13040] total_unevictable 0
[ 1878.506399][T13040] anon_cost 0
[ 1878.550577][T13040] file_cost 0
[ 1878.553939][T13040] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=13040,uid=0
[ 1878.569838][T13047] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1878.615521][T13040] Memory cgroup out of memory: Killed process 13040 (syz-executor.0) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 1878.709858][T13048] sch_tbf: burst 0 is lower than device bridge4524 mtu (1514) !
00:47:05 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1878.771762][T13047] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1878.821235][T13047] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
00:47:05 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c04]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:47:05 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000001c0)={<r1=>0x0, @broadcast, @empty}, &(0x7f0000000240)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=@deltclass={0x2c, 0x29, 0xc00, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0x1, 0x5}, {0x10}, {0x5, 0xfff3}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x7}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040004}, 0x4)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000006c0)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_TARGET_NETNSID={0x8}]}, 0x28}}, 0x0)
sendmmsg$inet(r2, &(0x7f0000001000)=[{{&(0x7f0000000340)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000400)="2528935048d8edea92c026ca6270e1c5c532f1450b291a7109623581654ca136b5485f1995cc604444d45f7fcc5472483953271a87b3455182c64016e24383ac4e91143a69d30d1be077abe24d1375c9838a94be9664814ad8c0606c5669aaa86c", 0x61}, {&(0x7f0000000580)="207ab586b903178d7f338d519609d065c75ab4715210d960e683d07f3c89144048ee0600017d1af17011ff7bab1de1253443fca10a0a8686c5df01e562f57dbe5abe847c6de8a86c56e0182f89fc3fdd398d9db3109379d2ca000d545afd9113242afdcd2ff558698b57515899fe218b0025563fc0182f95a2e3834ac153ddbd3076d1abff8a82dca5ea2c1d62312c5341c50989f43e7df847dfffc704638577af4ca0f9b804b31d3694d33d16084140d405abadbf", 0xb5}], 0x2, &(0x7f0000000640)=[@ip_ttl={{0x14, 0x0, 0x2, 0x1}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @broadcast, @private=0xa010100}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x3f}}], 0x68}}, {{&(0x7f0000000480)={0x2, 0x4e21, @multicast2}, 0x10, &(0x7f0000000780)=[{&(0x7f00000006c0)="2234483126c051693b3dcb2889bf3b1c71691122ea0ec56c00e4bdb4c61a2e43e7451f5789ba2cb3e7b91291e2b281ab93204717fcb20334b65a4b6b877bb949b7db42838f5060d8e15001d4e3831f3cbcbf08927b73263dc2199373652aa668512af4673870bfdc04d0c85681d906ce3d2b175f25570bc3def381a15c67a5f53133b65f24fa52b4e35ab10c71e6a11e75dddba16299d105e800c2101253836e51f4b55ffd62de5e3afdbbe8a7511999c47892c9c0ca03a37cb0d572", 0xbc}], 0x1, &(0x7f00000007c0)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x93}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xff}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x3ff}}], 0x48}}, {{&(0x7f0000000840)={0x2, 0x4e23, @multicast1}, 0x10, &(0x7f0000000a40)=[{&(0x7f0000000880)="9ddc43d15be585eec17417081fc7e3402f919ead4c0949ad52bf5f3a2f2e877f68c4a8da096e0978282165d65eda68838bb57287606aff5316ca7afacb1a9e325a43d999e5c195b83338e239b6ccdc152923a26f05c0259f23355a75a7139112", 0x60}, {&(0x7f0000000900)="54a5deed5d7879a35d5545bd3bbdad2a2bdaa5a61a5f33ae833b182f36daf84d8a681f2ede5084f482d9615855edb25287ca8e5f2815962b4bc5d607c8d7b8bf4f", 0x41}, {&(0x7f0000000980)="0b6233c22272cb1eafadd96fc965520ce9e301d275bded2175537fe3f72aa9fe14d1bfa63ba6241d292fed9a93f2ec0af5cf05739577d9709d27965d0b556a1412ace48d7b0cb1d6b72c465f167f2a1967bec04f802bfe3e04562cf1312bbd068d0c115736953d481c40a83cdde40d0bd854325878ca817615153e1216f51bdc354802ec0b7b66e16945384a40c23873ccde1c9d88d2ec0eacebe0e3b0dfea5473430d020e968f75853ca9b82db7abb29604fec24b629443d95a0593b8", 0xbd}], 0x3}}, {{&(0x7f0000000a80)={0x2, 0x4e21, @empty}, 0x10, &(0x7f0000000d00)=[{&(0x7f0000000ac0)="5816a9e4f018349bd7a5866b7d8d27e868f6022e66567ca417945e033dfb47f831471ce5490d936c39a130ea1382a1990c9a5b7012a9c1294b92dcd2b9cb0b6f199b16d039c4abeb9e64f55b6f1086bbbfca3a358f091fbd927e4f68949c9142fd8b9d0e28bb3a11d02f0e5d8de90cf26a5c496ee3fb9e439fadd7ffc8a9ea74508df6c67bb8a116c1326bd6d10ae02ab9c78b9cff08dd352c5ccc60d7d55b14f2f43bcf5a107a624becf43aabfa9ee23a99ccb55df1edf6d10b93414118b9bac2eb682339f7be7b723550d440b04e2f4adf5a50b63b38f547da646de454be97cdfe5a8e1de9331bdd53d1ef1261807a13133c9a740a1c06e11345", 0xfb}, {&(0x7f0000000bc0)="f9b2e0c1e90ba8c323c8af8e346e958933d504c620210c127d0bfab10e09f73300af48d2f5564530d077703233905e80d5e1def2ddd51981efcd22067d45143725119fccbffb94470437d15f23ee99620c6014f8887448b2670941e32131191c3ab19665705594c3b7a2f9", 0x6b}, {&(0x7f0000000c40)="438ce91baa1cb97c5fadafbcea3287644b403b94bcf9bc71837926e90876b59fd681683a1f9a4b0129af7ac4888c511b84ab79a9900bd3757f01da53f31a7d42b457b9533f9cf250a119b6b60970091e6a999531d426a3c1856265836eab7b3168d775c5102d007ad01e853a88240c0701871064ae75f9c10e768ab920461868c31045f0c3", 0x85}], 0x3}}, {{&(0x7f0000000d40)={0x2, 0x4e24, @rand_addr=0x64010100}, 0x10, &(0x7f0000000f40)=[{&(0x7f0000000d80)}, {&(0x7f0000000dc0)="5bebb17e0fa8fb9e1e53aab02f4316709db3ced474973d3aec0029af06dee6c0baf4d716b08f332669995233de0effa7b9cd0739029889a573da17443b2fb64957a019caddb1fd22c3bf22c764e3c08ce879945e6477bddc798c7d4e3fafc74f9fbf4005a2a89894d7ac1168cf3758aeeb818a851a63c702028af219e85e1a1c9be6ecd9472e1769ce", 0x89}, {&(0x7f0000000e80)="727ce5496f6ae2f082d5366b84c6d49b18287ee7c12b0a663974cb41637f9ebf6cd1428311de4699b6deddab1b0bdb2a87e517ce9707768bff8e1e9487bd23a6043045aa44da534bc65306f37c327234466df3fbde12e1b2ca2c3a11f8c9ecacb715eda6f03e1f2538e4ff5a5ff715918c57a55648e9cd9dd8f82bd67c07dc9d34a064a4ca74a46c40fb101fd8161226236494eab14e02fd1e54f18df028381ef6e042", 0xa3}], 0x3, &(0x7f0000000f80)=[@ip_retopts={{0x70, 0x0, 0x7, {[@lsrr={0x83, 0x23, 0xcd, [@local, @rand_addr=0x64010102, @local, @broadcast, @multicast2, @loopback, @private=0xa010100, @local]}, @lsrr={0x83, 0x17, 0xed, [@multicast2, @private=0xa010101, @broadcast, @broadcast, @remote]}, @end, @timestamp_addr={0x44, 0x14, 0x91, 0x1, 0xd, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x401}, {@dev={0xac, 0x14, 0x14, 0x39}, 0x1}]}, @noop, @timestamp={0x44, 0x8, 0x6e, 0x0, 0x3, [0x7]}, @end, @ra={0x94, 0x4}, @generic={0xde2595373fc7d92d, 0x3, 'J'}]}}}], 0x70}}], 0x5, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000d80)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c0001006272696427366765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1879.519450][T13050] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
00:47:05 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000001c0)={<r1=>0x0, @broadcast, @empty}, &(0x7f0000000240)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=@deltclass={0x2c, 0x29, 0xc00, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0x1, 0x5}, {0x10}, {0x5, 0xfff3}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x7}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040004}, 0x4)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000006c0)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_TARGET_NETNSID={0x8}]}, 0x28}}, 0x0) (async)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000006c0)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_TARGET_NETNSID={0x8}]}, 0x28}}, 0x0)
sendmmsg$inet(r2, &(0x7f0000001000)=[{{&(0x7f0000000340)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000400)="2528935048d8edea92c026ca6270e1c5c532f1450b291a7109623581654ca136b5485f1995cc604444d45f7fcc5472483953271a87b3455182c64016e24383ac4e91143a69d30d1be077abe24d1375c9838a94be9664814ad8c0606c5669aaa86c", 0x61}, {&(0x7f0000000580)="207ab586b903178d7f338d519609d065c75ab4715210d960e683d07f3c89144048ee0600017d1af17011ff7bab1de1253443fca10a0a8686c5df01e562f57dbe5abe847c6de8a86c56e0182f89fc3fdd398d9db3109379d2ca000d545afd9113242afdcd2ff558698b57515899fe218b0025563fc0182f95a2e3834ac153ddbd3076d1abff8a82dca5ea2c1d62312c5341c50989f43e7df847dfffc704638577af4ca0f9b804b31d3694d33d16084140d405abadbf", 0xb5}], 0x2, &(0x7f0000000640)=[@ip_ttl={{0x14, 0x0, 0x2, 0x1}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @broadcast, @private=0xa010100}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x3f}}], 0x68}}, {{&(0x7f0000000480)={0x2, 0x4e21, @multicast2}, 0x10, &(0x7f0000000780)=[{&(0x7f00000006c0)="2234483126c051693b3dcb2889bf3b1c71691122ea0ec56c00e4bdb4c61a2e43e7451f5789ba2cb3e7b91291e2b281ab93204717fcb20334b65a4b6b877bb949b7db42838f5060d8e15001d4e3831f3cbcbf08927b73263dc2199373652aa668512af4673870bfdc04d0c85681d906ce3d2b175f25570bc3def381a15c67a5f53133b65f24fa52b4e35ab10c71e6a11e75dddba16299d105e800c2101253836e51f4b55ffd62de5e3afdbbe8a7511999c47892c9c0ca03a37cb0d572", 0xbc}], 0x1, &(0x7f00000007c0)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x93}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xff}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x3ff}}], 0x48}}, {{&(0x7f0000000840)={0x2, 0x4e23, @multicast1}, 0x10, &(0x7f0000000a40)=[{&(0x7f0000000880)="9ddc43d15be585eec17417081fc7e3402f919ead4c0949ad52bf5f3a2f2e877f68c4a8da096e0978282165d65eda68838bb57287606aff5316ca7afacb1a9e325a43d999e5c195b83338e239b6ccdc152923a26f05c0259f23355a75a7139112", 0x60}, {&(0x7f0000000900)="54a5deed5d7879a35d5545bd3bbdad2a2bdaa5a61a5f33ae833b182f36daf84d8a681f2ede5084f482d9615855edb25287ca8e5f2815962b4bc5d607c8d7b8bf4f", 0x41}, {&(0x7f0000000980)="0b6233c22272cb1eafadd96fc965520ce9e301d275bded2175537fe3f72aa9fe14d1bfa63ba6241d292fed9a93f2ec0af5cf05739577d9709d27965d0b556a1412ace48d7b0cb1d6b72c465f167f2a1967bec04f802bfe3e04562cf1312bbd068d0c115736953d481c40a83cdde40d0bd854325878ca817615153e1216f51bdc354802ec0b7b66e16945384a40c23873ccde1c9d88d2ec0eacebe0e3b0dfea5473430d020e968f75853ca9b82db7abb29604fec24b629443d95a0593b8", 0xbd}], 0x3}}, {{&(0x7f0000000a80)={0x2, 0x4e21, @empty}, 0x10, &(0x7f0000000d00)=[{&(0x7f0000000ac0)="5816a9e4f018349bd7a5866b7d8d27e868f6022e66567ca417945e033dfb47f831471ce5490d936c39a130ea1382a1990c9a5b7012a9c1294b92dcd2b9cb0b6f199b16d039c4abeb9e64f55b6f1086bbbfca3a358f091fbd927e4f68949c9142fd8b9d0e28bb3a11d02f0e5d8de90cf26a5c496ee3fb9e439fadd7ffc8a9ea74508df6c67bb8a116c1326bd6d10ae02ab9c78b9cff08dd352c5ccc60d7d55b14f2f43bcf5a107a624becf43aabfa9ee23a99ccb55df1edf6d10b93414118b9bac2eb682339f7be7b723550d440b04e2f4adf5a50b63b38f547da646de454be97cdfe5a8e1de9331bdd53d1ef1261807a13133c9a740a1c06e11345", 0xfb}, {&(0x7f0000000bc0)="f9b2e0c1e90ba8c323c8af8e346e958933d504c620210c127d0bfab10e09f73300af48d2f5564530d077703233905e80d5e1def2ddd51981efcd22067d45143725119fccbffb94470437d15f23ee99620c6014f8887448b2670941e32131191c3ab19665705594c3b7a2f9", 0x6b}, {&(0x7f0000000c40)="438ce91baa1cb97c5fadafbcea3287644b403b94bcf9bc71837926e90876b59fd681683a1f9a4b0129af7ac4888c511b84ab79a9900bd3757f01da53f31a7d42b457b9533f9cf250a119b6b60970091e6a999531d426a3c1856265836eab7b3168d775c5102d007ad01e853a88240c0701871064ae75f9c10e768ab920461868c31045f0c3", 0x85}], 0x3}}, {{&(0x7f0000000d40)={0x2, 0x4e24, @rand_addr=0x64010100}, 0x10, &(0x7f0000000f40)=[{&(0x7f0000000d80)}, {&(0x7f0000000dc0)="5bebb17e0fa8fb9e1e53aab02f4316709db3ced474973d3aec0029af06dee6c0baf4d716b08f332669995233de0effa7b9cd0739029889a573da17443b2fb64957a019caddb1fd22c3bf22c764e3c08ce879945e6477bddc798c7d4e3fafc74f9fbf4005a2a89894d7ac1168cf3758aeeb818a851a63c702028af219e85e1a1c9be6ecd9472e1769ce", 0x89}, {&(0x7f0000000e80)="727ce5496f6ae2f082d5366b84c6d49b18287ee7c12b0a663974cb41637f9ebf6cd1428311de4699b6deddab1b0bdb2a87e517ce9707768bff8e1e9487bd23a6043045aa44da534bc65306f37c327234466df3fbde12e1b2ca2c3a11f8c9ecacb715eda6f03e1f2538e4ff5a5ff715918c57a55648e9cd9dd8f82bd67c07dc9d34a064a4ca74a46c40fb101fd8161226236494eab14e02fd1e54f18df028381ef6e042", 0xa3}], 0x3, &(0x7f0000000f80)=[@ip_retopts={{0x70, 0x0, 0x7, {[@lsrr={0x83, 0x23, 0xcd, [@local, @rand_addr=0x64010102, @local, @broadcast, @multicast2, @loopback, @private=0xa010100, @local]}, @lsrr={0x83, 0x17, 0xed, [@multicast2, @private=0xa010101, @broadcast, @broadcast, @remote]}, @end, @timestamp_addr={0x44, 0x14, 0x91, 0x1, 0xd, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x401}, {@dev={0xac, 0x14, 0x14, 0x39}, 0x1}]}, @noop, @timestamp={0x44, 0x8, 0x6e, 0x0, 0x3, [0x7]}, @end, @ra={0x94, 0x4}, @generic={0xde2595373fc7d92d, 0x3, 'J'}]}}}], 0x70}}], 0x5, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000d80)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c0001006272696427366765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1879.573107][T13050] CPU: 0 PID: 13050 Comm: syz-executor.3 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1879.583629][T13050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1879.593747][T13050] Call Trace:
[ 1879.597059][T13050]  <TASK>
[ 1879.600021][T13050]  dump_stack_lvl+0x1e7/0x2e0
[ 1879.604757][T13050]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1879.610006][T13050]  ? __pfx__printk+0x10/0x10
[ 1879.614643][T13050]  ? ___ratelimit+0x4c4/0x670
[ 1879.619401][T13050]  ? __pfx____ratelimit+0x10/0x10
[ 1879.624493][T13050]  dump_header+0xda/0x6a0
[ 1879.628889][T13050]  oom_kill_process+0x3a7/0x930
[ 1879.633814][T13050]  out_of_memory+0xf67/0x1320
[ 1879.638552][T13050]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1879.644245][T13050]  ? __pfx___mutex_lock+0x10/0x10
[ 1879.649327][T13050]  ? __pfx_out_of_memory+0x10/0x10
[ 1879.654512][T13050]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1879.660112][T13050]  ? __pfx_lock_release+0x10/0x10
[ 1879.665197][T13050]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1879.671326][T13050]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1879.676589][T13050]  ? mem_cgroup_iter+0x3e9/0x560
[ 1879.681590][T13050]  try_charge_memcg+0xda2/0x18a0
[ 1879.686606][T13050]  ? mark_lock+0x9a/0x350
[ 1879.691013][T13050]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1879.696479][T13050]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1879.702692][T13050]  charge_memcg+0xa2/0x160
[ 1879.707183][T13050]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1879.713318][T13050]  __read_swap_cache_async+0x480/0x8b0
[ 1879.718845][T13050]  ? mark_lock+0x9a/0x350
[ 1879.723253][T13050]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1879.729314][T13050]  ? blk_start_plug+0x6f/0x1b0
[ 1879.734147][T13050]  swap_cluster_readahead+0x398/0x810
[ 1879.739595][T13050]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1879.745562][T13050]  ? __pfx_lock_release+0x10/0x10
[ 1879.750652][T13050]  ? xas_descend+0x37e/0x470
[ 1879.755314][T13050]  swapin_readahead+0x1ea/0x1070
[ 1879.760312][T13050]  ? filemap_get_entry+0x127/0x4e0
[ 1879.765592][T13050]  ? __pfx_swapin_readahead+0x10/0x10
[ 1879.771041][T13050]  ? __filemap_get_folio+0x935/0xbc0
[ 1879.776396][T13050]  ? swap_cache_get_folio+0x9f/0x570
[ 1879.781751][T13050]  do_swap_page+0x791/0x3f40
[ 1879.786411][T13050]  ? rcu_is_watching+0x15/0xb0
[ 1879.791292][T13050]  ? do_swap_page+0x154/0x3f40
[ 1879.796128][T13050]  ? __pfx_do_swap_page+0x10/0x10
[ 1879.801204][T13050]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1879.806725][T13050]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1879.812777][T13050]  __handle_mm_fault+0x15e8/0x72d0
[ 1879.817989][T13050]  ? reacquire_held_locks+0x3eb/0x690
[ 1879.823424][T13050]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1879.828965][T13050]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 1879.834743][T13050]  ? mtree_range_walk+0x6fd/0x8e0
[ 1879.839804][T13050]  ? lock_vma_under_rcu+0x18a/0x730
[ 1879.845034][T13050]  ? __pfx_lock_release+0x10/0x10
[ 1879.850100][T13050]  ? lock_vma_under_rcu+0x2f9/0x730
[ 1879.855370][T13050]  ? lock_vma_under_rcu+0x18a/0x730
[ 1879.860623][T13050]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 1879.866317][T13050]  handle_mm_fault+0x3c1/0x8a0
[ 1879.871144][T13050]  exc_page_fault+0x456/0x870
[ 1879.875883][T13050]  asm_exc_page_fault+0x26/0x30
[ 1879.880783][T13050] RIP: 0033:0x7f1eee439ac7
[ 1879.885332][T13050] Code: 25 ff 0f 00 00 09 c5 80 3d 06 bc c9 00 00 0f 85 6f ff ff ff 44 0f b6 6c 24 0f 44 8d 55 04 89 e8 41 89 c1 41 81 e1 ff 1f 00 00 <43> 8b 14 8e 39 d5 0f 84 5e ff ff ff 85 d2 0f 84 65 01 00 00 83 c0
[ 1879.904985][T13050] RSP: 002b:00007ffc334af570 EFLAGS: 00010206
[ 1879.911115][T13050] RAX: 000000008934e484 RBX: 00007f1eee5ac018 RCX: 0000000000000019
[ 1879.919146][T13050] RDX: ffffffff8934e7f6 RSI: 0000000080000000 RDI: 0000000000005b5e
[ 1879.927158][T13050] RBP: 000000008934e484 R08: 0000001b32720000 R09: 0000000000000484
[ 1879.935170][T13050] R10: 000000008934e488 R11: 0000000000000293 R12: 0000000000000019
[ 1879.943187][T13050] R13: 0000000000000001 R14: 00007f1eee5a0000 R15: ffffffff8934e7f6
[ 1879.951988][T13050]  ? __sys_sendmsg+0x296/0x3a0
[ 1879.956831][T13050]  ? __sys_sendmsg+0x296/0x3a0
[ 1879.961661][T13050]  </TASK>
00:47:06 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000001c0)={<r1=>0x0, @broadcast, @empty}, &(0x7f0000000240)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=@deltclass={0x2c, 0x29, 0xc00, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0x1, 0x5}, {0x10}, {0x5, 0xfff3}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x7}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040004}, 0x4) (async)
r2 = socket(0x10, 0x3, 0x0) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000006c0)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_TARGET_NETNSID={0x8}]}, 0x28}}, 0x0) (async, rerun: 32)
sendmmsg$inet(r2, &(0x7f0000001000)=[{{&(0x7f0000000340)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000400)="2528935048d8edea92c026ca6270e1c5c532f1450b291a7109623581654ca136b5485f1995cc604444d45f7fcc5472483953271a87b3455182c64016e24383ac4e91143a69d30d1be077abe24d1375c9838a94be9664814ad8c0606c5669aaa86c", 0x61}, {&(0x7f0000000580)="207ab586b903178d7f338d519609d065c75ab4715210d960e683d07f3c89144048ee0600017d1af17011ff7bab1de1253443fca10a0a8686c5df01e562f57dbe5abe847c6de8a86c56e0182f89fc3fdd398d9db3109379d2ca000d545afd9113242afdcd2ff558698b57515899fe218b0025563fc0182f95a2e3834ac153ddbd3076d1abff8a82dca5ea2c1d62312c5341c50989f43e7df847dfffc704638577af4ca0f9b804b31d3694d33d16084140d405abadbf", 0xb5}], 0x2, &(0x7f0000000640)=[@ip_ttl={{0x14, 0x0, 0x2, 0x1}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @broadcast, @private=0xa010100}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x3f}}], 0x68}}, {{&(0x7f0000000480)={0x2, 0x4e21, @multicast2}, 0x10, &(0x7f0000000780)=[{&(0x7f00000006c0)="2234483126c051693b3dcb2889bf3b1c71691122ea0ec56c00e4bdb4c61a2e43e7451f5789ba2cb3e7b91291e2b281ab93204717fcb20334b65a4b6b877bb949b7db42838f5060d8e15001d4e3831f3cbcbf08927b73263dc2199373652aa668512af4673870bfdc04d0c85681d906ce3d2b175f25570bc3def381a15c67a5f53133b65f24fa52b4e35ab10c71e6a11e75dddba16299d105e800c2101253836e51f4b55ffd62de5e3afdbbe8a7511999c47892c9c0ca03a37cb0d572", 0xbc}], 0x1, &(0x7f00000007c0)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x93}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xff}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x3ff}}], 0x48}}, {{&(0x7f0000000840)={0x2, 0x4e23, @multicast1}, 0x10, &(0x7f0000000a40)=[{&(0x7f0000000880)="9ddc43d15be585eec17417081fc7e3402f919ead4c0949ad52bf5f3a2f2e877f68c4a8da096e0978282165d65eda68838bb57287606aff5316ca7afacb1a9e325a43d999e5c195b83338e239b6ccdc152923a26f05c0259f23355a75a7139112", 0x60}, {&(0x7f0000000900)="54a5deed5d7879a35d5545bd3bbdad2a2bdaa5a61a5f33ae833b182f36daf84d8a681f2ede5084f482d9615855edb25287ca8e5f2815962b4bc5d607c8d7b8bf4f", 0x41}, {&(0x7f0000000980)="0b6233c22272cb1eafadd96fc965520ce9e301d275bded2175537fe3f72aa9fe14d1bfa63ba6241d292fed9a93f2ec0af5cf05739577d9709d27965d0b556a1412ace48d7b0cb1d6b72c465f167f2a1967bec04f802bfe3e04562cf1312bbd068d0c115736953d481c40a83cdde40d0bd854325878ca817615153e1216f51bdc354802ec0b7b66e16945384a40c23873ccde1c9d88d2ec0eacebe0e3b0dfea5473430d020e968f75853ca9b82db7abb29604fec24b629443d95a0593b8", 0xbd}], 0x3}}, {{&(0x7f0000000a80)={0x2, 0x4e21, @empty}, 0x10, &(0x7f0000000d00)=[{&(0x7f0000000ac0)="5816a9e4f018349bd7a5866b7d8d27e868f6022e66567ca417945e033dfb47f831471ce5490d936c39a130ea1382a1990c9a5b7012a9c1294b92dcd2b9cb0b6f199b16d039c4abeb9e64f55b6f1086bbbfca3a358f091fbd927e4f68949c9142fd8b9d0e28bb3a11d02f0e5d8de90cf26a5c496ee3fb9e439fadd7ffc8a9ea74508df6c67bb8a116c1326bd6d10ae02ab9c78b9cff08dd352c5ccc60d7d55b14f2f43bcf5a107a624becf43aabfa9ee23a99ccb55df1edf6d10b93414118b9bac2eb682339f7be7b723550d440b04e2f4adf5a50b63b38f547da646de454be97cdfe5a8e1de9331bdd53d1ef1261807a13133c9a740a1c06e11345", 0xfb}, {&(0x7f0000000bc0)="f9b2e0c1e90ba8c323c8af8e346e958933d504c620210c127d0bfab10e09f73300af48d2f5564530d077703233905e80d5e1def2ddd51981efcd22067d45143725119fccbffb94470437d15f23ee99620c6014f8887448b2670941e32131191c3ab19665705594c3b7a2f9", 0x6b}, {&(0x7f0000000c40)="438ce91baa1cb97c5fadafbcea3287644b403b94bcf9bc71837926e90876b59fd681683a1f9a4b0129af7ac4888c511b84ab79a9900bd3757f01da53f31a7d42b457b9533f9cf250a119b6b60970091e6a999531d426a3c1856265836eab7b3168d775c5102d007ad01e853a88240c0701871064ae75f9c10e768ab920461868c31045f0c3", 0x85}], 0x3}}, {{&(0x7f0000000d40)={0x2, 0x4e24, @rand_addr=0x64010100}, 0x10, &(0x7f0000000f40)=[{&(0x7f0000000d80)}, {&(0x7f0000000dc0)="5bebb17e0fa8fb9e1e53aab02f4316709db3ced474973d3aec0029af06dee6c0baf4d716b08f332669995233de0effa7b9cd0739029889a573da17443b2fb64957a019caddb1fd22c3bf22c764e3c08ce879945e6477bddc798c7d4e3fafc74f9fbf4005a2a89894d7ac1168cf3758aeeb818a851a63c702028af219e85e1a1c9be6ecd9472e1769ce", 0x89}, {&(0x7f0000000e80)="727ce5496f6ae2f082d5366b84c6d49b18287ee7c12b0a663974cb41637f9ebf6cd1428311de4699b6deddab1b0bdb2a87e517ce9707768bff8e1e9487bd23a6043045aa44da534bc65306f37c327234466df3fbde12e1b2ca2c3a11f8c9ecacb715eda6f03e1f2538e4ff5a5ff715918c57a55648e9cd9dd8f82bd67c07dc9d34a064a4ca74a46c40fb101fd8161226236494eab14e02fd1e54f18df028381ef6e042", 0xa3}], 0x3, &(0x7f0000000f80)=[@ip_retopts={{0x70, 0x0, 0x7, {[@lsrr={0x83, 0x23, 0xcd, [@local, @rand_addr=0x64010102, @local, @broadcast, @multicast2, @loopback, @private=0xa010100, @local]}, @lsrr={0x83, 0x17, 0xed, [@multicast2, @private=0xa010101, @broadcast, @broadcast, @remote]}, @end, @timestamp_addr={0x44, 0x14, 0x91, 0x1, 0xd, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x401}, {@dev={0xac, 0x14, 0x14, 0x39}, 0x1}]}, @noop, @timestamp={0x44, 0x8, 0x6e, 0x0, 0x3, [0x7]}, @end, @ra={0x94, 0x4}, @generic={0xde2595373fc7d92d, 0x3, 'J'}]}}}], 0x70}}], 0x5, 0x0) (async, rerun: 32)
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000d80)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c0001006272696427366765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1880.009302][T13050] memory: usage 307200kB, limit 307200kB, failcnt 27219
[ 1880.046953][T13050] memory+swap: usage 307432kB, limit 9007199254740988kB, failcnt 0
[ 1880.086912][T13050] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[ 1880.113570][T13050] Memory cgroup stats for /syz0:
[ 1880.113730][T13050] cache 12288
[ 1880.124828][T13050] rss 0
[ 1880.134374][T13050] rss_huge 0
[ 1880.137958][T13050] shmem 0
[ 1880.141247][T13050] mapped_file 0
[ 1880.144826][T13050] dirty 12288
[ 1880.151078][T13050] writeback 0
[ 1880.160887][T13050] workingset_refault_anon 8588
[ 1880.169588][T13050] workingset_refault_file 1
[ 1880.224020][T13050] swap 237568
[ 1880.241222][T13050] swapcached 0
[ 1880.266176][T13050] pgpgin 129169
[ 1880.279520][T13050] pgpgout 129166
[ 1880.283146][T13050] pgfault 336263
[ 1880.286738][T13050] pgmajfault 8431
[ 1880.331571][T13050] inactive_anon 0
[ 1880.341547][T13050] active_anon 0
[ 1880.350174][T13050] inactive_file 0
[ 1880.353957][T13050] active_file 12288
[ 1880.375332][T13050] unevictable 0
[ 1880.379926][T13050] hierarchical_memory_limit 314572800
[ 1880.385510][T13050] hierarchical_memsw_limit 9223372036854771712
00:47:06 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c040000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1880.424188][T13050] total_cache 12288
[ 1880.434419][T13050] total_rss 0
[ 1880.441000][T13050] total_rss_huge 0
[ 1880.444907][T13050] total_shmem 0
00:47:06 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1880.478310][T13050] total_mapped_file 0
[ 1880.484839][T13050] total_dirty 12288
[ 1880.500492][T13050] total_writeback 0
[ 1880.514262][T13050] total_workingset_refault_anon 8588
00:47:06 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="6c00000f24000b0e00020000b064d4d650fc79aecb9afc61c3c0e17efe72fe9ced5bdf6d5f0bdf1c960ca2ea6a7c6dfb8beff69c4dae48719cec380667ac944db39c67b3f23f3df9ab17b454a2326eb3d05c7393381e2ccfce1e75b9ace06e35eb12c0e18bee89d7d1766e41a975a63db95c7537122e8e62b5e3ef452201a06584e0123b10672eb178d51ee96f7f819c", @ANYRES32=r2, @ANYBLOB="00000000ffffffff0000000008000100746266004000020008000600050000000c00040050ae26a136e940ea28000100"/84], 0x6c}}, 0x0)

[ 1880.558738][T13050] total_workingset_refault_file 1
[ 1880.568802][T13050] total_swap 237568
[ 1880.587723][T13050] total_swapcached 0
[ 1880.608328][T13050] total_pgpgin 129169
[ 1880.638520][T13050] total_pgpgout 129166
[ 1880.652334][T13050] total_pgfault 336263
[ 1880.676943][T13050] total_pgmajfault 8431
[ 1880.703983][T13050] total_inactive_anon 0
[ 1880.718485][T13050] total_active_anon 0
[ 1880.722701][T13050] total_inactive_file 0
[ 1880.731143][T13050] total_active_file 12288
[ 1880.750240][T13050] total_unevictable 0
[ 1880.764629][T13050] anon_cost 0
[ 1880.775089][T13050] file_cost 0
[ 1880.785166][T13050] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=13052,uid=0
00:47:07 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="6c00000f24000b0e00020000b064d4d650fc79aecb9afc61c3c0e17efe72fe9ced5bdf6d5f0bdf1c960ca2ea6a7c6dfb8beff69c4dae48719cec380667ac944db39c67b3f23f3df9ab17b454a2326eb3d05c7393381e2ccfce1e75b9ace06e35eb12c0e18bee89d7d1766e41a975a63db95c7537122e8e62b5e3ef452201a06584e0123b10672eb178d51ee96f7f819c", @ANYRES32=r2, @ANYBLOB="00000000ffffffff0000000008000100746266004000020008000600050000000c00040050ae26a136e940ea28000100"/84], 0x6c}}, 0x0)

[ 1880.857311][T13050] Memory cgroup out of memory: Killed process 13052 (syz-executor.0) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:47:07 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8100]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1881.045408][T13074] __nla_validate_parse: 54 callbacks suppressed
[ 1881.045432][T13074] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
00:47:07 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="6c00000f24000b0e00020000b064d4d650fc79aecb9afc61c3c0e17efe72fe9ced5bdf6d5f0bdf1c960ca2ea6a7c6dfb8beff69c4dae48719cec380667ac944db39c67b3f23f3df9ab17b454a2326eb3d05c7393381e2ccfce1e75b9ace06e35eb12c0e18bee89d7d1766e41a975a63db95c7537122e8e62b5e3ef452201a06584e0123b10672eb178d51ee96f7f819c", @ANYRES32=r2, @ANYBLOB="00000000ffffffff0000000008000100746266004000020008000600050000000c00040050ae26a136e940ea28000100"/84], 0x6c}}, 0x0)

[ 1881.254025][T13067] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1881.474027][T13075] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1881.504891][T13075] CPU: 0 PID: 13075 Comm: syz-executor.0 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1881.515376][T13075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1881.525476][T13075] Call Trace:
[ 1881.528807][T13075]  <TASK>
[ 1881.531780][T13075]  dump_stack_lvl+0x1e7/0x2e0
[ 1881.536542][T13075]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1881.541820][T13075]  ? __pfx__printk+0x10/0x10
[ 1881.546463][T13075]  ? ___ratelimit+0x4c4/0x670
[ 1881.551208][T13075]  ? __pfx____ratelimit+0x10/0x10
[ 1881.556307][T13075]  dump_header+0xda/0x6a0
[ 1881.560712][T13075]  oom_kill_process+0x3a7/0x930
[ 1881.565656][T13075]  out_of_memory+0xf67/0x1320
[ 1881.570428][T13075]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1881.576116][T13075]  ? __pfx___mutex_lock+0x10/0x10
[ 1881.581193][T13075]  ? __pfx_out_of_memory+0x10/0x10
[ 1881.586367][T13075]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1881.591965][T13075]  ? __pfx_lock_release+0x10/0x10
[ 1881.597059][T13075]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1881.603174][T13075]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1881.608414][T13075]  ? mem_cgroup_iter+0x3e9/0x560
[ 1881.613419][T13075]  try_charge_memcg+0xda2/0x18a0
[ 1881.618423][T13075]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1881.623842][T13075]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1881.629609][T13075]  ? __pfx_lock_release+0x10/0x10
[ 1881.634694][T13075]  ? memcg_account_kmem+0x1e7/0x210
[ 1881.639950][T13075]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1881.645850][T13075]  __memcg_kmem_charge_page+0xe1/0x250
[ 1881.651364][T13075]  memcg_charge_kernel_stack+0x196/0x550
[ 1881.657055][T13075]  dup_task_struct+0x40d/0x7d0
[ 1881.661879][T13075]  copy_process+0x5d5/0x3fc0
[ 1881.666535][T13075]  ? __might_fault+0xa9/0x120
[ 1881.671265][T13075]  ? __pfx_lock_release+0x10/0x10
[ 1881.676352][T13075]  ? __pfx_copy_process+0x10/0x10
[ 1881.681421][T13075]  ? __might_fault+0xc5/0x120
[ 1881.686154][T13075]  ? __asan_memset+0x23/0x50
[ 1881.690810][T13075]  kernel_clone+0x21d/0x8d0
[ 1881.695372][T13075]  ? __pfx_kernel_clone+0x10/0x10
[ 1881.700466][T13075]  __se_sys_clone3+0x2cb/0x350
[ 1881.705465][T13075]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1881.710823][T13075]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1881.716875][T13075]  ? exc_page_fault+0x587/0x870
[ 1881.721806][T13075]  ? do_syscall_64+0xb4/0x240
[ 1881.726515][T13075]  do_syscall_64+0xf9/0x240
[ 1881.731036][T13075]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1881.736947][T13075] RIP: 0033:0x7fd21c6a9b99
[ 1881.745965][T13075] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1881.765578][T13075] RSP: 002b:00007ffdc1e200c8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1881.774025][T13075] RAX: ffffffffffffffda RBX: 00007fd21c652270 RCX: 00007fd21c6a9b99
[ 1881.782009][T13075] RDX: 00007fd21c652270 RSI: 0000000000000058 RDI: 00007ffdc1e20110
[ 1881.790177][T13075] RBP: 00007fd21d49d6c0 R08: 00007fd21d49d6c0 R09: 00007ffdc1e201f7
[ 1881.798154][T13075] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1881.806305][T13075] R13: 000000000000000b R14: 00007ffdc1e20110 R15: 00007ffdc1e201f8
[ 1881.814312][T13075]  </TASK>
[ 1881.847294][T13075] memory: usage 307200kB, limit 307200kB, failcnt 27453
[ 1881.854393][T13075] memory+swap: usage 307384kB, limit 9007199254740988kB, failcnt 0
[ 1881.871423][T13075] kmem: usage 307172kB, limit 9007199254740988kB, failcnt 0
[ 1881.886475][T13075] Memory cgroup stats for /syz0:
[ 1881.886633][T13075] cache 16384
[ 1881.900916][T13075] rss 12288
[ 1881.904089][T13075] rss_huge 0
[ 1881.910304][T13075] shmem 0
[ 1881.913442][T13075] mapped_file 0
[ 1881.924926][T13075] dirty 12288
[ 1881.930176][T13075] writeback 0
[ 1881.933687][T13075] workingset_refault_anon 8675
[ 1881.945488][T13075] workingset_refault_file 1
[ 1881.953206][T13075] swap 188416
[ 1881.956710][T13075] swapcached 0
[ 1881.977754][T13075] pgpgin 129270
[ 1881.985084][T13075] pgpgout 129263
[ 1881.990680][T13075] pgfault 336425
[ 1881.994436][T13075] pgmajfault 8513
[ 1882.003873][T13075] inactive_anon 0
[ 1882.009426][T13075] active_anon 12288
[ 1882.013427][T13075] inactive_file 0
[ 1882.022888][T13075] active_file 16384
[ 1882.026934][T13075] unevictable 0
[ 1882.032532][T13075] hierarchical_memory_limit 314572800
[ 1882.045594][T13075] hierarchical_memsw_limit 9223372036854771712
[ 1882.055193][T13075] total_cache 16384
[ 1882.066979][T13075] total_rss 12288
[ 1882.072527][T13075] total_rss_huge 0
[ 1882.076466][T13075] total_shmem 0
[ 1882.085498][T13075] total_mapped_file 0
[ 1882.091396][T13075] total_dirty 12288
[ 1882.095488][T13075] total_writeback 0
[ 1882.104843][T13075] total_workingset_refault_anon 8675
[ 1882.112236][T13075] total_workingset_refault_file 1
[ 1882.122724][T13075] total_swap 188416
[ 1882.126745][T13075] total_swapcached 0
[ 1882.137870][T13075] total_pgpgin 129270
[ 1882.146569][T13075] total_pgpgout 129263
[ 1882.152687][T13075] total_pgfault 336425
[ 1882.163343][T13075] total_pgmajfault 8513
[ 1882.171999][T13075] total_inactive_anon 0
[ 1882.176537][T13075] total_active_anon 12288
[ 1882.186033][T13075] total_inactive_file 0
[ 1882.193467][T13075] total_active_file 16384
[ 1882.203171][T13075] total_unevictable 0
[ 1882.210219][T13075] anon_cost 0
[ 1882.213694][T13075] file_cost 0
[ 1882.221891][T13075] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=13075,uid=0
00:47:08 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xea05]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1882.244232][T13075] Memory cgroup out of memory: Killed process 13075 (syz-executor.0) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 1882.272222][T13066] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1882.384288][T13066] CPU: 1 PID: 13066 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1882.394780][T13066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1882.404875][T13066] Call Trace:
[ 1882.408199][T13066]  <TASK>
[ 1882.411166][T13066]  dump_stack_lvl+0x1e7/0x2e0
[ 1882.415908][T13066]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1882.421161][T13066]  ? __pfx__printk+0x10/0x10
[ 1882.425812][T13066]  ? ___ratelimit+0x4c4/0x670
[ 1882.430536][T13066]  ? __pfx____ratelimit+0x10/0x10
[ 1882.435579][T13066]  dump_header+0xda/0x6a0
[ 1882.440007][T13066]  oom_kill_process+0x3a7/0x930
[ 1882.444873][T13066]  out_of_memory+0xf67/0x1320
[ 1882.449562][T13066]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1882.455201][T13066]  ? __pfx___mutex_lock+0x10/0x10
[ 1882.460235][T13066]  ? __pfx_out_of_memory+0x10/0x10
[ 1882.465362][T13066]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1882.470911][T13066]  ? __pfx_lock_release+0x10/0x10
[ 1882.475954][T13066]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1882.482075][T13066]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1882.487291][T13066]  ? mem_cgroup_iter+0x3e9/0x560
[ 1882.492242][T13066]  try_charge_memcg+0xda2/0x18a0
[ 1882.497217][T13066]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1882.502595][T13066]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1882.508322][T13066]  ? __pfx_lock_release+0x10/0x10
[ 1882.513357][T13066]  ? memcg_account_kmem+0x1e7/0x210
[ 1882.518572][T13066]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1882.524385][T13066]  __memcg_kmem_charge_page+0xe1/0x250
[ 1882.529866][T13066]  memcg_charge_kernel_stack+0x3f8/0x550
[ 1882.535516][T13066]  dup_task_struct+0x15d/0x7d0
[ 1882.540293][T13066]  copy_process+0x5d5/0x3fc0
[ 1882.544899][T13066]  ? __might_fault+0xa9/0x120
[ 1882.549593][T13066]  ? __pfx_lock_release+0x10/0x10
[ 1882.554644][T13066]  ? __pfx_copy_process+0x10/0x10
[ 1882.559677][T13066]  ? __might_fault+0xc5/0x120
[ 1882.564456][T13066]  ? __asan_memset+0x23/0x50
[ 1882.569064][T13066]  kernel_clone+0x21d/0x8d0
[ 1882.573582][T13066]  ? __pfx_kernel_clone+0x10/0x10
[ 1882.578638][T13066]  __se_sys_clone3+0x2cb/0x350
[ 1882.583420][T13066]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1882.588742][T13066]  ? do_syscall_64+0x108/0x240
[ 1882.593525][T13066]  ? do_syscall_64+0xb4/0x240
[ 1882.598219][T13066]  do_syscall_64+0xf9/0x240
[ 1882.602742][T13066]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1882.608652][T13066] RIP: 0033:0x7fa936ca9b99
[ 1882.613076][T13066] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1882.632698][T13066] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1882.641128][T13066] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1882.649110][T13066] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1882.657086][T13066] RBP: 00007fa93794d6c0 R08: 00007fa93794d6c0 R09: 00007fff55d507d7
[ 1882.665063][T13066] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1882.673040][T13066] R13: 000000000000006e R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1882.681035][T13066]  </TASK>
[ 1882.738775][T13066] memory: usage 307200kB, limit 307200kB, failcnt 3989
[ 1882.745806][T13066] memory+swap: usage 307408kB, limit 9007199254740988kB, failcnt 0
[ 1882.763458][T13066] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[ 1882.773872][T13066] Memory cgroup stats for /syz1:
[ 1882.774041][T13066] cache 8192
[ 1882.792128][T13066] rss 0
[ 1882.796993][T13066] rss_huge 0
[ 1882.804839][T13066] shmem 0
[ 1882.821108][T13066] mapped_file 0
[ 1882.826679][T13066] dirty 8192
[ 1882.834875][T13066] writeback 0
[ 1882.842165][T13066] workingset_refault_anon 2373
[ 1882.849697][T13066] workingset_refault_file 1
[ 1882.857778][T13066] swap 212992
[ 1882.863013][T13066] swapcached 0
[ 1882.869049][T13066] pgpgin 127814
[ 1882.874884][T13066] pgpgout 127812
[ 1882.880850][T13066] pgfault 336830
[ 1882.889996][T13066] pgmajfault 2180
[ 1882.899453][T13066] inactive_anon 0
[ 1882.912016][T13066] active_anon 0
00:47:09 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1882.948935][T13066] inactive_file 8192
[ 1882.952899][T13066] active_file 0
[ 1882.960585][T13066] unevictable 0
[ 1882.964233][T13066] hierarchical_memory_limit 314572800
[ 1882.973008][T13066] hierarchical_memsw_limit 9223372036854771712
[ 1882.979398][T13066] total_cache 8192
[ 1882.983156][T13066] total_rss 0
[ 1883.010333][T13066] total_rss_huge 0
[ 1883.024398][T13066] total_shmem 0
[ 1883.032928][T13066] total_mapped_file 0
[ 1883.041881][T13066] total_dirty 8192
[ 1883.046559][T13066] total_writeback 0
[ 1883.051151][T13066] total_workingset_refault_anon 2373
[ 1883.056866][T13066] total_workingset_refault_file 1
[ 1883.068249][T13066] total_swap 212992
[ 1883.072292][T13066] total_swapcached 0
[ 1883.076757][T13066] total_pgpgin 127814
[ 1883.090672][T13066] total_pgpgout 127812
[ 1883.094976][T13066] total_pgfault 336830
[ 1883.099473][T13066] total_pgmajfault 2180
[ 1883.103811][T13066] total_inactive_anon 0
[ 1883.108558][T13066] total_active_anon 0
[ 1883.112668][T13066] total_inactive_file 8192
[ 1883.118178][T13066] total_active_file 0
[ 1883.122286][T13066] total_unevictable 0
[ 1883.126352][T13066] anon_cost 0
[ 1883.130402][T13066] file_cost 0
[ 1883.133729][T13066] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13066,uid=0
[ 1883.151155][T13066] Memory cgroup out of memory: Killed process 13066 (syz-executor.1) total-vm:54640kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 1883.173167][T13081] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1883.201175][T13081] CPU: 0 PID: 13081 Comm: syz-executor.0 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1883.211661][T13081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1883.221774][T13081] Call Trace:
[ 1883.225083][T13081]  <TASK>
[ 1883.228032][T13081]  dump_stack_lvl+0x1e7/0x2e0
[ 1883.232770][T13081]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1883.238015][T13081]  ? __pfx__printk+0x10/0x10
[ 1883.242648][T13081]  ? ___ratelimit+0x4c4/0x670
[ 1883.247371][T13081]  ? __pfx____ratelimit+0x10/0x10
[ 1883.252445][T13081]  dump_header+0xda/0x6a0
[ 1883.256824][T13081]  oom_kill_process+0x3a7/0x930
[ 1883.261724][T13081]  out_of_memory+0xf67/0x1320
[ 1883.266449][T13081]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1883.272131][T13081]  ? __pfx___mutex_lock+0x10/0x10
[ 1883.277197][T13081]  ? __pfx_out_of_memory+0x10/0x10
[ 1883.282349][T13081]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1883.287911][T13081]  ? __pfx_lock_release+0x10/0x10
[ 1883.292960][T13081]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1883.299064][T13081]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1883.304274][T13081]  ? mem_cgroup_iter+0x3e9/0x560
[ 1883.309229][T13081]  try_charge_memcg+0xda2/0x18a0
[ 1883.314198][T13081]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1883.319588][T13081]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1883.325318][T13081]  ? __pfx_lock_release+0x10/0x10
[ 1883.330385][T13081]  ? memcg_account_kmem+0x1e7/0x210
[ 1883.335608][T13081]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1883.341430][T13081]  __memcg_kmem_charge_page+0xe1/0x250
[ 1883.346913][T13081]  memcg_charge_kernel_stack+0x304/0x550
[ 1883.352562][T13081]  dup_task_struct+0x15d/0x7d0
[ 1883.357352][T13081]  copy_process+0x5d5/0x3fc0
[ 1883.361980][T13081]  ? __might_fault+0xa9/0x120
[ 1883.366703][T13081]  ? __pfx_lock_release+0x10/0x10
[ 1883.371788][T13081]  ? __pfx_copy_process+0x10/0x10
[ 1883.376824][T13081]  ? __might_fault+0xc5/0x120
[ 1883.381523][T13081]  ? __asan_memset+0x23/0x50
[ 1883.386154][T13081]  kernel_clone+0x21d/0x8d0
[ 1883.390685][T13081]  ? __pfx_kernel_clone+0x10/0x10
[ 1883.395747][T13081]  __se_sys_clone3+0x2cb/0x350
[ 1883.400577][T13081]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1883.405945][T13081]  ? do_syscall_64+0x108/0x240
[ 1883.410776][T13081]  ? do_syscall_64+0xb4/0x240
[ 1883.415492][T13081]  do_syscall_64+0xf9/0x240
[ 1883.420030][T13081]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1883.425963][T13081] RIP: 0033:0x7fd21c6a9b99
[ 1883.430399][T13081] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1883.450033][T13081] RSP: 002b:00007ffdc1e200c8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1883.458471][T13081] RAX: ffffffffffffffda RBX: 00007fd21c652270 RCX: 00007fd21c6a9b99
[ 1883.466476][T13081] RDX: 00007fd21c652270 RSI: 0000000000000058 RDI: 00007ffdc1e20110
[ 1883.474461][T13081] RBP: 00007fd21d49d6c0 R08: 00007fd21d49d6c0 R09: 00007ffdc1e201f7
[ 1883.482443][T13081] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1883.490426][T13081] R13: 000000000000000b R14: 00007ffdc1e20110 R15: 00007ffdc1e201f8
[ 1883.498438][T13081]  </TASK>
[ 1883.510766][T13079] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1883.519789][T13081] memory: usage 307200kB, limit 307200kB, failcnt 27782
[ 1883.527733][T13081] memory+swap: usage 307396kB, limit 9007199254740988kB, failcnt 0
[ 1883.535672][T13081] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[ 1883.543645][T13081] Memory cgroup stats for /syz0:
[ 1883.543798][T13081] cache 16384
[ 1883.552935][T13081] rss 0
[ 1883.555727][T13081] rss_huge 0
[ 1883.575281][T13081] shmem 0
[ 1883.578369][T13081] mapped_file 0
[ 1883.581862][T13081] dirty 12288
[ 1883.585170][T13081] writeback 0
[ 1883.590195][T13081] workingset_refault_anon 8788
[ 1883.595089][T13081] workingset_refault_file 1
[ 1883.599701][T13081] swap 241664
[ 1883.605228][T13081] swapcached 0
[ 1883.613638][T13081] pgpgin 129407
00:47:09 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x14, r3, 0xb05}, 0x14}}, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x2c, r3, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x100}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x850}, 0x4040050)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000400)={&(0x7f00000002c0), 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x2c, r4, 0x8, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xe0bd}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x80c1)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1883.622507][T13081] pgpgout 129403
[ 1883.625949][T13083] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1883.626080][T13081] pgfault 336627
[ 1883.646524][T13081] pgmajfault 8630
[ 1883.650360][T13081] inactive_anon 0
[ 1883.654028][T13081] active_anon 0
[ 1883.667849][T13081] inactive_file 0
[ 1883.671540][T13081] active_file 16384
[ 1883.675374][T13081] unevictable 0
[ 1883.684139][T13081] hierarchical_memory_limit 314572800
[ 1883.691136][T13081] hierarchical_memsw_limit 9223372036854771712
[ 1883.702472][T13081] total_cache 16384
[ 1883.709725][T13081] total_rss 0
[ 1883.713122][T13081] total_rss_huge 0
[ 1883.732509][T13081] total_shmem 0
[ 1883.736038][T13081] total_mapped_file 0
[ 1883.746623][T13081] total_dirty 12288
[ 1883.753608][T13081] total_writeback 0
[ 1883.781104][T13081] total_workingset_refault_anon 8788
[ 1883.796030][T13081] total_workingset_refault_file 1
[ 1883.809093][T13081] total_swap 241664
[ 1883.812970][T13081] total_swapcached 0
[ 1883.816910][T13081] total_pgpgin 129407
[ 1883.821892][T13086] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1883.829782][T13081] total_pgpgout 129403
[ 1883.835308][T13081] total_pgfault 336627
[ 1883.850607][T13081] total_pgmajfault 8630
[ 1883.854809][T13081] total_inactive_anon 0
[ 1883.862248][T13081] total_active_anon 0
[ 1883.866284][T13081] total_inactive_file 0
[ 1883.874094][T13081] total_active_file 16384
[ 1883.891230][T13081] total_unevictable 0
[ 1883.895275][T13081] anon_cost 0
[ 1883.899578][T13081] file_cost 0
[ 1883.902904][T13081] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=13081,uid=0
[ 1883.935172][T13081] Memory cgroup out of memory: Killed process 13081 (syz-executor.0) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:47:10 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1883.993334][T13087] tbf_change: 2 callbacks suppressed
[ 1883.993358][T13087] sch_tbf: burst 5 is lower than device bridge3796 mtu (1514) !
00:47:10 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x14, r3, 0xb05}, 0x14}}, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x2c, r3, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x100}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x850}, 0x4040050)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000400)={&(0x7f00000002c0), 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x2c, r4, 0x8, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xe0bd}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x80c1)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket(0x10, 0x3, 0x0) (async)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000100), 0xffffffffffffffff) (async)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x14, r3, 0xb05}, 0x14}}, 0x0) (async)
sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x2c, r3, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x100}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x850}, 0x4040050) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000300), 0xffffffffffffffff) (async)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000400)={&(0x7f00000002c0), 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x2c, r4, 0x8, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xe0bd}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x80c1) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0) (async)

[ 1884.126258][T13068] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
00:47:10 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1884.345750][T13068] CPU: 0 PID: 13068 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1884.356275][T13068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1884.366381][T13068] Call Trace:
[ 1884.369695][T13068]  <TASK>
[ 1884.372751][T13068]  dump_stack_lvl+0x1e7/0x2e0
[ 1884.377502][T13068]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1884.382758][T13068]  ? __pfx__printk+0x10/0x10
[ 1884.387394][T13068]  ? ___ratelimit+0x4c4/0x670
[ 1884.392128][T13068]  ? __pfx____ratelimit+0x10/0x10
[ 1884.397214][T13068]  dump_header+0xda/0x6a0
[ 1884.401602][T13068]  oom_kill_process+0x3a7/0x930
[ 1884.406538][T13068]  out_of_memory+0xf67/0x1320
[ 1884.411280][T13068]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1884.417059][T13068]  ? __pfx___mutex_lock+0x10/0x10
[ 1884.422146][T13068]  ? __pfx_out_of_memory+0x10/0x10
[ 1884.427374][T13068]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1884.432992][T13068]  ? __pfx_lock_release+0x10/0x10
[ 1884.438089][T13068]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1884.444230][T13068]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1884.449501][T13068]  ? mem_cgroup_iter+0x3e9/0x560
[ 1884.454499][T13068]  try_charge_memcg+0xda2/0x18a0
[ 1884.459520][T13068]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1884.464953][T13068]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1884.470716][T13068]  ? __pfx_lock_release+0x10/0x10
[ 1884.475805][T13068]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1884.481856][T13068]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1884.487652][T13068]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1884.493524][T13068]  obj_cgroup_charge+0x389/0x630
[ 1884.498530][T13068]  ? obj_cgroup_charge+0x121/0x630
[ 1884.503703][T13068]  ? __pfx_obj_cgroup_charge+0x10/0x10
[ 1884.509221][T13068]  ? kmem_cache_alloc+0x4f/0x340
[ 1884.514219][T13068]  ? __pfx___might_resched+0x10/0x10
[ 1884.519551][T13068]  ? __local_bh_enable_ip+0x168/0x200
[ 1884.524989][T13068]  ? preempt_count_add+0x93/0x190
[ 1884.530077][T13068]  __memcg_slab_pre_alloc_hook+0x28d/0x2b0
[ 1884.535943][T13068]  ? alloc_pid+0xa0/0xc50
[ 1884.540331][T13068]  kmem_cache_alloc+0x202/0x340
[ 1884.545251][T13068]  alloc_pid+0xa0/0xc50
[ 1884.549457][T13068]  ? copy_thread+0x631/0x980
[ 1884.554212][T13068]  copy_process+0x2299/0x3fc0
[ 1884.558989][T13068]  ? copy_process+0x9c3/0x3fc0
[ 1884.563816][T13068]  ? __pfx_copy_process+0x10/0x10
[ 1884.568905][T13068]  ? __might_fault+0xc5/0x120
[ 1884.573648][T13068]  ? __asan_memset+0x23/0x50
[ 1884.578303][T13068]  kernel_clone+0x21d/0x8d0
[ 1884.582868][T13068]  ? __pfx_kernel_clone+0x10/0x10
[ 1884.587982][T13068]  __se_sys_clone3+0x2cb/0x350
[ 1884.592798][T13068]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1884.598187][T13068]  ? do_syscall_64+0x108/0x240
[ 1884.603033][T13068]  ? do_syscall_64+0xb4/0x240
[ 1884.607773][T13068]  do_syscall_64+0xf9/0x240
[ 1884.612342][T13068]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1884.618293][T13068] RIP: 0033:0x7fc7360a9b99
[ 1884.622752][T13068] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1884.642405][T13068] RSP: 002b:00007ffeef0080a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1884.650878][T13068] RAX: ffffffffffffffda RBX: 00007fc736052270 RCX: 00007fc7360a9b99
[ 1884.658925][T13068] RDX: 00007fc736052270 RSI: 0000000000000058 RDI: 00007ffeef0080f0
[ 1884.666944][T13068] RBP: 00007fc736ea66c0 R08: 00007fc736ea66c0 R09: 00007ffeef0081d7
[ 1884.674965][T13068] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1884.682982][T13068] R13: 000000000000006e R14: 00007ffeef0080f0 R15: 00007ffeef0081d8
[ 1884.691020][T13068]  </TASK>
[ 1884.715000][T13090] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1884.717006][T13068] memory: usage 307200kB, limit 307200kB, failcnt 69404
[ 1884.724513][T13068] memory+swap: usage 307424kB, limit 9007199254740988kB, failcnt 0
[ 1884.724536][T13068] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[ 1884.724549][T13068] Memory cgroup stats for /syz2:
[ 1884.724754][T13068] cache 8192
[ 1884.724763][T13068] rss 0
[ 1884.724772][T13068] rss_huge 0
[ 1884.724781][T13068] shmem 0
[ 1884.724790][T13068] mapped_file 0
[ 1884.724800][T13068] dirty 8192
[ 1884.724808][T13068] writeback 0
[ 1884.724816][T13068] workingset_refault_anon 47559
[ 1884.724826][T13068] workingset_refault_file 1
[ 1884.724836][T13068] swap 229376
[ 1884.724843][T13068] swapcached 0
[ 1884.724852][T13068] pgpgin 173041
[ 1884.724861][T13068] pgpgout 173039
[ 1884.724870][T13068] pgfault 384756
[ 1884.724878][T13068] pgmajfault 43840
[ 1884.724887][T13068] inactive_anon 0
[ 1884.724896][T13068] active_anon 0
[ 1884.724905][T13068] inactive_file 8192
[ 1884.724913][T13068] active_file 0
[ 1884.724922][T13068] unevictable 0
[ 1884.724929][T13068] hierarchical_memory_limit 314572800
[ 1884.724939][T13068] hierarchical_memsw_limit 9223372036854771712
[ 1884.724950][T13068] total_cache 8192
[ 1884.724959][T13068] total_rss 0
[ 1884.724968][T13068] total_rss_huge 0
[ 1884.724977][T13068] total_shmem 0
[ 1884.724986][T13068] total_mapped_file 0
[ 1884.724995][T13068] total_dirty 8192
[ 1884.725005][T13068] total_writeback 0
[ 1885.041448][T13092] sch_tbf: burst 5 is lower than device bridge3797 mtu (1514) !
[ 1885.042344][T13068] total_workingset_refault_anon 47559
[ 1885.061882][T13068] total_workingset_refault_file 1
[ 1885.073472][T13068] total_swap 229376
[ 1885.097772][T13068] total_swapcached 0
[ 1885.102895][T13068] total_pgpgin 173041
[ 1885.123011][T13068] total_pgpgout 173039
[ 1885.141440][T13068] total_pgfault 384756
00:47:11 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x14, r3, 0xb05}, 0x14}}, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x2c, r3, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x100}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x850}, 0x4040050)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000400)={&(0x7f00000002c0), 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x2c, r4, 0x8, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xe0bd}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x80c1)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket(0x10, 0x3, 0x0) (async)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000100), 0xffffffffffffffff) (async)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x14, r3, 0xb05}, 0x14}}, 0x0) (async)
sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x2c, r3, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x100}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x850}, 0x4040050) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000300), 0xffffffffffffffff) (async)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000400)={&(0x7f00000002c0), 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x2c, r4, 0x8, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xe0bd}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x80c1) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0) (async)

[ 1885.160752][T13068] total_pgmajfault 43840
[ 1885.171647][T13068] total_inactive_anon 0
[ 1885.205664][T13068] total_active_anon 0
[ 1885.227357][T13068] total_inactive_file 8192
[ 1885.248747][T13068] total_active_file 0
[ 1885.260486][T13068] total_unevictable 0
[ 1885.285725][T13068] anon_cost 0
[ 1885.299436][T13068] file_cost 0
[ 1885.303315][T13096] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1885.316248][T13068] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13068,uid=0
[ 1885.335553][T13068] Memory cgroup out of memory: Killed process 13068 (syz-executor.2) total-vm:54640kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 1885.488652][ T5100] syz-executor.0 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1885.513729][ T5100] CPU: 0 PID: 5100 Comm: syz-executor.0 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1885.524217][ T5100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1885.534312][ T5100] Call Trace:
[ 1885.537629][ T5100]  <TASK>
[ 1885.540590][ T5100]  dump_stack_lvl+0x1e7/0x2e0
[ 1885.545320][ T5100]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1885.550568][ T5100]  ? __pfx__printk+0x10/0x10
[ 1885.555206][ T5100]  ? ___ratelimit+0x4c4/0x670
[ 1885.559938][ T5100]  ? __pfx____ratelimit+0x10/0x10
[ 1885.565016][ T5100]  dump_header+0xda/0x6a0
[ 1885.569388][ T5100]  oom_kill_process+0x3a7/0x930
[ 1885.574293][ T5100]  out_of_memory+0xf67/0x1320
[ 1885.579093][ T5100]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1885.584909][ T5100]  ? __pfx___mutex_lock+0x10/0x10
[ 1885.589981][ T5100]  ? __pfx_out_of_memory+0x10/0x10
[ 1885.595146][ T5100]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1885.600730][ T5100]  ? __pfx_lock_release+0x10/0x10
[ 1885.605807][ T5100]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1885.611928][ T5100]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1885.617168][ T5100]  ? mem_cgroup_iter+0x3e9/0x560
[ 1885.622152][ T5100]  try_charge_memcg+0xda2/0x18a0
[ 1885.627129][ T5100]  ? mark_lock+0x9a/0x350
[ 1885.631523][ T5100]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1885.636963][ T5100]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1885.643161][ T5100]  charge_memcg+0xa2/0x160
[ 1885.647629][ T5100]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1885.653740][ T5100]  __read_swap_cache_async+0x480/0x8b0
[ 1885.659244][ T5100]  ? mark_lock+0x9a/0x350
[ 1885.663623][ T5100]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1885.669662][ T5100]  swap_cluster_readahead+0x67c/0x810
[ 1885.675104][ T5100]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1885.681077][ T5100]  ? __pfx_lock_release+0x10/0x10
[ 1885.686174][ T5100]  ? xas_descend+0x37e/0x470
[ 1885.690822][ T5100]  swapin_readahead+0x1ea/0x1070
[ 1885.695812][ T5100]  ? filemap_get_entry+0x127/0x4e0
[ 1885.700986][ T5100]  ? __pfx_swapin_readahead+0x10/0x10
[ 1885.706419][ T5100]  ? __filemap_get_folio+0x935/0xbc0
[ 1885.711781][ T5100]  ? swap_cache_get_folio+0x9f/0x570
[ 1885.717125][ T5100]  do_swap_page+0x791/0x3f40
[ 1885.721771][ T5100]  ? rcu_is_watching+0x15/0xb0
[ 1885.726604][ T5100]  ? do_swap_page+0x154/0x3f40
[ 1885.731415][ T5100]  ? __pfx_do_swap_page+0x10/0x10
[ 1885.736480][ T5100]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1885.741991][ T5100]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1885.747863][ T5100]  __handle_mm_fault+0x15e8/0x72d0
[ 1885.753062][ T5100]  ? reacquire_held_locks+0x3eb/0x690
[ 1885.758481][ T5100]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1885.764002][ T5100]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 1885.769783][ T5100]  ? mtree_range_walk+0x6fd/0x8e0
[ 1885.774866][ T5100]  ? lock_vma_under_rcu+0x18a/0x730
[ 1885.780116][ T5100]  ? __pfx_lock_release+0x10/0x10
[ 1885.785217][ T5100]  ? lock_vma_under_rcu+0x2f9/0x730
[ 1885.790489][ T5100]  ? lock_vma_under_rcu+0x18a/0x730
[ 1885.795735][ T5100]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 1885.803159][ T5100]  handle_mm_fault+0x3c1/0x8a0
[ 1885.807992][ T5100]  exc_page_fault+0x456/0x870
[ 1885.812731][ T5100]  asm_exc_page_fault+0x26/0x30
[ 1885.817620][ T5100] RIP: 0033:0x7fd21c6a4c20
[ 1885.822875][ T5100] Code: 48 8b 3c 25 00 03 00 00 e8 1d 13 00 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 83 e7 02 74 0b c3 66 2e 0f 1f 84 00 00 00 00 00 <64> 48 8b 04 25 10 00 00 00 8b 90 08 03 00 00 48 8d b8 08 03 00 00
[ 1885.831110][T13097] sch_tbf: burst 5 is lower than device bridge3798 mtu (1514) !
[ 1885.842507][ T5100] RSP: 002b:00007ffdc1e204d8 EFLAGS: 00010246
[ 1885.842534][ T5100] RAX: 0000000000000000 RBX: 000000000000367d RCX: 00007fd21c67a7d7
[ 1885.842549][ T5100] RDX: 0000000040000001 RSI: 00007ffdc1e2056c RDI: 0000000000000000
[ 1885.842565][ T5100] RBP: 00007ffdc1e2056c R08: 0000000000000000 R09: 00007ffdc1e880b0
[ 1885.842580][ T5100] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 1885.842595][ T5100] R13: 00000000001cc0fd R14: 00000000001cc0fd R15: 0000000000000000
[ 1885.842629][ T5100]  </TASK>
00:47:12 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf00]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1885.963206][ T5100] memory: usage 307200kB, limit 307200kB, failcnt 28261
00:47:12 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, 0x4, 0x1, 0x5, 0x0, 0x0, {0x5, 0x0, 0x9}, ["", "", "", "", "", "", ""]}, 0x14}}, 0x4048000)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1886.004923][ T5100] memory+swap: usage 307396kB, limit 9007199254740988kB, failcnt 0
[ 1886.022127][ T5100] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 1886.068841][ T5100] Memory cgroup stats for /syz0:
[ 1886.069013][ T5100] cache 20480
[ 1886.090110][ T5100] rss 0
[ 1886.092939][ T5100] rss_huge 0
[ 1886.096168][ T5100] shmem 0
00:47:12 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1886.147413][ T5100] mapped_file 0
[ 1886.150979][ T5100] dirty 12288
[ 1886.154291][ T5100] writeback 0
[ 1886.172224][ T5100] workingset_refault_anon 8961
[ 1886.192569][ T5100] workingset_refault_file 1
[ 1886.215880][ T5100] swap 200704
[ 1886.228590][ T5100] swapcached 0
[ 1886.232087][ T5100] pgpgin 129600
[ 1886.235581][ T5100] pgpgout 129595
[ 1886.243147][T13102] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1886.261492][ T5100] pgfault 336901
[ 1886.267580][ T5100] pgmajfault 8798
[ 1886.271256][ T5100] inactive_anon 0
[ 1886.274910][ T5100] active_anon 0
[ 1886.299021][ T5100] inactive_file 16384
[ 1886.303279][ T5100] active_file 4096
[ 1886.314530][ T5100] unevictable 0
[ 1886.321063][ T5100] hierarchical_memory_limit 314572800
[ 1886.336434][ T5100] hierarchical_memsw_limit 9223372036854771712
[ 1886.347908][ T5100] total_cache 20480
[ 1886.355390][T13105] sch_tbf: burst 5 is lower than device bridge3799 mtu (1514) !
[ 1886.365389][ T5100] total_rss 0
[ 1886.371848][ T5100] total_rss_huge 0
[ 1886.375613][ T5100] total_shmem 0
[ 1886.389216][T13106] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1886.398583][ T5100] total_mapped_file 0
[ 1886.398599][ T5100] total_dirty 12288
[ 1886.398609][ T5100] total_writeback 0
[ 1886.398617][ T5100] total_workingset_refault_anon 8961
[ 1886.398627][ T5100] total_workingset_refault_file 1
00:47:12 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 32)
r1 = socket(0x10, 0x3, 0x0) (rerun: 32)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, 0x4, 0x1, 0x5, 0x0, 0x0, {0x5, 0x0, 0x9}, ["", "", "", "", "", "", ""]}, 0x14}}, 0x4048000) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1886.398637][ T5100] total_swap 200704
[ 1886.398646][ T5100] total_swapcached 0
[ 1886.398654][ T5100] total_pgpgin 129600
[ 1886.398663][ T5100] total_pgpgout 129595
[ 1886.398672][ T5100] total_pgfault 336901
[ 1886.398681][ T5100] total_pgmajfault 8798
[ 1886.398691][ T5100] total_inactive_anon 0
[ 1886.398701][ T5100] total_active_anon 0
[ 1886.398709][ T5100] total_inactive_file 16384
[ 1886.398719][ T5100] total_active_file 4096
[ 1886.398729][ T5100] total_unevictable 0
[ 1886.398761][ T5100] anon_cost 0
[ 1886.398770][ T5100] file_cost 0
[ 1886.398780][ T5100] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=13091,uid=0
[ 1886.640366][ T5100] Memory cgroup out of memory: Killed process 13091 (syz-executor.0) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:47:12 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400300]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1886.688684][ T5099] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1886.717355][ T5099] CPU: 1 PID: 5099 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1886.727757][ T5099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1886.737858][ T5099] Call Trace:
[ 1886.741180][ T5099]  <TASK>
[ 1886.744149][ T5099]  dump_stack_lvl+0x1e7/0x2e0
[ 1886.748883][ T5099]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1886.754155][ T5099]  ? __pfx__printk+0x10/0x10
[ 1886.758800][ T5099]  ? ___ratelimit+0x4c4/0x670
[ 1886.763533][ T5099]  ? __pfx____ratelimit+0x10/0x10
[ 1886.768703][ T5099]  dump_header+0xda/0x6a0
[ 1886.773087][ T5099]  oom_kill_process+0x3a7/0x930
[ 1886.777991][ T5099]  out_of_memory+0xf67/0x1320
[ 1886.782726][ T5099]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1886.788414][ T5099]  ? __pfx___mutex_lock+0x10/0x10
[ 1886.793485][ T5099]  ? __pfx_out_of_memory+0x10/0x10
[ 1886.798650][ T5099]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1886.804260][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1886.809335][ T5099]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1886.815450][ T5099]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1886.820703][ T5099]  ? mem_cgroup_iter+0x3e9/0x560
[ 1886.825697][ T5099]  try_charge_memcg+0xda2/0x18a0
[ 1886.830695][ T5099]  ? mark_lock+0x9a/0x350
[ 1886.835104][ T5099]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1886.840551][ T5099]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1886.846744][ T5099]  charge_memcg+0xa2/0x160
[ 1886.851213][ T5099]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1886.857327][ T5099]  __read_swap_cache_async+0x480/0x8b0
[ 1886.862829][ T5099]  ? mark_lock+0x9a/0x350
[ 1886.867224][ T5099]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1886.873271][ T5099]  swap_cluster_readahead+0x67c/0x810
[ 1886.878719][ T5099]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1886.884689][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1886.889783][ T5099]  ? xas_descend+0x37e/0x470
[ 1886.894438][ T5099]  swapin_readahead+0x1ea/0x1070
[ 1886.899508][ T5099]  ? filemap_get_entry+0x127/0x4e0
[ 1886.904682][ T5099]  ? __pfx_swapin_readahead+0x10/0x10
[ 1886.910127][ T5099]  ? __filemap_get_folio+0x935/0xbc0
[ 1886.915572][ T5099]  ? swap_cache_get_folio+0x9f/0x570
[ 1886.920929][ T5099]  do_swap_page+0x791/0x3f40
[ 1886.925569][ T5099]  ? rcu_is_watching+0x15/0xb0
[ 1886.930403][ T5099]  ? do_swap_page+0x154/0x3f40
[ 1886.935219][ T5099]  ? __pfx_do_swap_page+0x10/0x10
[ 1886.940293][ T5099]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1886.945809][ T5099]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1886.951778][ T5099]  ? __pfx_validate_chain+0x10/0x10
[ 1886.957037][ T5099]  __handle_mm_fault+0x15e8/0x72d0
[ 1886.962248][ T5099]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1886.967864][ T5099]  ? mt_find+0x226/0x850
[ 1886.972163][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1886.977272][ T5099]  ? mt_find+0x62d/0x850
[ 1886.981574][ T5099]  ? mt_find+0x226/0x850
[ 1886.985903][ T5099]  ? find_vma+0x142/0x1c0
[ 1886.990521][ T5099]  ? __pfx_find_vma+0x10/0x10
[ 1886.995249][ T5099]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1887.001294][ T5099]  handle_mm_fault+0x3c1/0x8a0
[ 1887.006129][ T5099]  exc_page_fault+0x2ad/0x870
[ 1887.010890][ T5099]  asm_exc_page_fault+0x26/0x30
[ 1887.015794][ T5099] RIP: 0010:__get_user_8+0x11/0x20
[ 1887.020962][ T5099] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 1887.040620][ T5099] RSP: 0018:ffffc90003dffd98 EFLAGS: 00050202
[ 1887.046750][ T5099] RAX: 0000555556d69da8 RBX: ffff888021c59538 RCX: ffffc90003dffc03
[ 1887.059377][ T5099] RDX: 0000000000000000 RSI: ffffffff8baac7e0 RDI: ffffffff8bfe6de0
[ 1887.067401][ T5099] RBP: ffffc90003dffec8 R08: ffffffff8f856baf R09: 1ffffffff1f0ad75
[ 1887.075423][ T5099] R10: dffffc0000000000 R11: fffffbfff1f0ad76 R12: ffffc90003dffda0
[ 1887.083440][ T5099] R13: ffffc90003dfffd8 R14: dffffc0000000000 R15: ffff888021c58000
[ 1887.091479][ T5099]  __rseq_handle_notify_resume+0x158/0x1490
[ 1887.097451][ T5099]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 1887.103857][ T5099]  ? syscall_exit_to_user_mode+0xa2/0x360
[ 1887.109644][ T5099]  syscall_exit_to_user_mode+0x113/0x360
[ 1887.115357][ T5099]  do_syscall_64+0x108/0x240
[ 1887.120021][ T5099]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1887.125976][ T5099] RIP: 0033:0x7fa936ca91b5
[ 1887.130431][ T5099] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[ 1887.150091][ T5099] RSP: 002b:00007fff55d50a80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 1887.158562][ T5099] RAX: 0000000000000000 RBX: 0000000000003876 RCX: 00007fa936ca91b5
[ 1887.166580][ T5099] RDX: 00007fff55d50ac0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1887.174599][ T5099] RBP: 00007fff55d50b4c R08: 0000000000000000 R09: 00007fff55de70b0
[ 1887.182625][ T5099] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 1887.190647][ T5099] R13: 00000000001cbff0 R14: 00000000001cbff0 R15: 0000000000000000
[ 1887.198709][ T5099]  </TASK>
[ 1887.419522][ T5099] memory: usage 307200kB, limit 307200kB, failcnt 4259
[ 1887.429105][ T5099] memory+swap: usage 307356kB, limit 9007199254740988kB, failcnt 0
[ 1887.437309][ T5099] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[ 1887.444798][ T5099] Memory cgroup stats for /syz1:
[ 1887.444951][ T5099] cache 8192
[ 1887.455411][ T5099] rss 0
[ 1887.458738][ T5099] rss_huge 0
[ 1887.462093][ T5099] shmem 0
[ 1887.465166][ T5099] mapped_file 0
[ 1887.469455][ T5099] dirty 8192
[ 1887.472803][ T5099] writeback 0
[ 1887.476216][ T5099] workingset_refault_anon 2443
[ 1887.482302][ T5099] workingset_refault_file 1
[ 1887.486946][ T5099] swap 159744
[ 1887.493222][ T5099] swapcached 0
[ 1887.496753][ T5099] pgpgin 127897
[ 1887.500931][ T5099] pgpgout 127895
[ 1887.504631][ T5099] pgfault 336961
[ 1887.509026][ T5099] pgmajfault 2239
[ 1887.512867][ T5099] inactive_anon 0
[ 1887.516696][ T5099] active_anon 0
[ 1887.521260][ T5099] inactive_file 8192
[ 1887.525927][ T5099] active_file 0
[ 1887.530182][ T5099] unevictable 0
[ 1887.534450][ T5099] hierarchical_memory_limit 314572800
[ 1887.540921][ T5099] hierarchical_memsw_limit 9223372036854771712
[ 1887.547684][ T5099] total_cache 8192
[ 1887.551616][ T5099] total_rss 0
[ 1887.555093][ T5099] total_rss_huge 0
[ 1887.560625][ T5099] total_shmem 0
[ 1887.564290][ T5099] total_mapped_file 0
[ 1887.569071][ T5099] total_dirty 8192
[ 1887.573633][ T5099] total_writeback 0
[ 1887.578270][ T5099] total_workingset_refault_anon 2443
[ 1887.584093][ T5099] total_workingset_refault_file 1
[ 1887.589934][ T5099] total_swap 159744
[ 1887.593964][ T5099] total_swapcached 0
[ 1887.600381][ T5099] total_pgpgin 127897
[ 1887.604512][ T5099] total_pgpgout 127895
[ 1887.609131][ T5099] total_pgfault 336961
[ 1887.613339][ T5099] total_pgmajfault 2239
[ 1887.617817][ T5099] total_inactive_anon 0
[ 1887.622114][ T5099] total_active_anon 0
[ 1887.626230][ T5099] total_inactive_file 8192
[ 1887.630979][ T5099] total_active_file 0
[ 1887.635052][ T5099] total_unevictable 0
[ 1887.639636][ T5099] anon_cost 0
[ 1887.643111][ T5099] file_cost 0
[ 1887.646507][ T5099] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13088,uid=0
[ 1887.670735][ T5099] Memory cgroup out of memory: Killed process 13088 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
[ 1887.698639][T13106] syz-executor.3 invoked oom-killer: gfp_mask=0x400cc0(GFP_KERNEL_ACCOUNT), order=2, oom_score_adj=1000
[ 1887.722292][T13106] CPU: 0 PID: 13106 Comm: syz-executor.3 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1887.732797][T13106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1887.742901][T13106] Call Trace:
[ 1887.746227][T13106]  <TASK>
[ 1887.749199][T13106]  dump_stack_lvl+0x1e7/0x2e0
[ 1887.753944][T13106]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1887.759204][T13106]  ? __pfx__printk+0x10/0x10
[ 1887.763849][T13106]  ? ___ratelimit+0x4c4/0x670
[ 1887.768593][T13106]  ? __pfx____ratelimit+0x10/0x10
[ 1887.773685][T13106]  dump_header+0xda/0x6a0
[ 1887.778078][T13106]  oom_kill_process+0x3a7/0x930
[ 1887.782998][T13106]  out_of_memory+0xf67/0x1320
[ 1887.787730][T13106]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1887.793422][T13106]  ? __pfx___mutex_lock+0x10/0x10
[ 1887.798491][T13106]  ? __pfx_out_of_memory+0x10/0x10
[ 1887.803672][T13106]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1887.809256][T13106]  ? __pfx_lock_release+0x10/0x10
[ 1887.814348][T13106]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1887.820448][T13106]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1887.825670][T13106]  ? mem_cgroup_iter+0x3e9/0x560
[ 1887.830636][T13106]  try_charge_memcg+0xda2/0x18a0
[ 1887.835608][T13106]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1887.841000][T13106]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1887.846729][T13106]  ? __pfx_lock_release+0x10/0x10
[ 1887.851789][T13106]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1887.857791][T13106]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1887.863549][T13106]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1887.869400][T13106]  obj_cgroup_charge+0x389/0x630
[ 1887.874383][T13106]  ? obj_cgroup_charge+0x121/0x630
[ 1887.879534][T13106]  ? __pfx_obj_cgroup_charge+0x10/0x10
[ 1887.885025][T13106]  ? __kmalloc_node_track_caller+0xc1/0x4e0
[ 1887.890933][T13106]  ? __pfx___might_resched+0x10/0x10
[ 1887.896238][T13106]  __memcg_slab_pre_alloc_hook+0x28d/0x2b0
[ 1887.902070][T13106]  __kmalloc_node_track_caller+0x310/0x4e0
[ 1887.907897][T13106]  ? __addrconf_sysctl_register+0xb1/0x3f0
[ 1887.913722][T13106]  kmemdup+0x2a/0x60
[ 1887.917651][T13106]  __addrconf_sysctl_register+0xb1/0x3f0
[ 1887.923303][T13106]  ? __pfx_ndisc_ifinfo_sysctl_change+0x10/0x10
[ 1887.929663][T13106]  ? __pfx_neigh_sysctl_register+0x10/0x10
[ 1887.935486][T13106]  ? __pfx___addrconf_sysctl_register+0x10/0x10
[ 1887.941740][T13106]  ? __raw_spin_lock_init+0x45/0x100
[ 1887.947064][T13106]  addrconf_sysctl_register+0x167/0x1c0
[ 1887.952628][T13106]  ipv6_add_dev+0xd64/0x1290
[ 1887.957255][T13106]  addrconf_notify+0x6a7/0x1020
[ 1887.962132][T13106]  notifier_call_chain+0x18f/0x3b0
[ 1887.967276][T13106]  register_netdevice+0x151f/0x19c0
[ 1887.972502][T13106]  ? __pfx_register_netdevice+0x10/0x10
[ 1887.978063][T13106]  ? __xdp_rxq_info_reg+0x142/0x290
[ 1887.983301][T13106]  br_dev_newlink+0x27/0x100
[ 1887.987930][T13106]  ? __pfx_br_dev_newlink+0x10/0x10
[ 1887.993191][T13106]  rtnl_newlink+0x158f/0x20a0
[ 1887.997913][T13106]  ? rtnl_newlink+0x4d1/0x20a0
[ 1888.002715][T13106]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1888.007771][T13106]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1888.012994][T13106]  ? __mutex_lock+0x9a4/0xd70
[ 1888.017685][T13106]  ? __mutex_lock+0x526/0xd70
[ 1888.022393][T13106]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1888.027430][T13106]  rtnetlink_rcv_msg+0x885/0x1040
[ 1888.032481][T13106]  ? rtnetlink_rcv_msg+0x208/0x1040
[ 1888.037709][T13106]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1888.043232][T13106]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1888.049261][T13106]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1888.055620][T13106]  ? __local_bh_enable_ip+0x168/0x200
[ 1888.061022][T13106]  ? lockdep_hardirqs_on+0x98/0x140
[ 1888.066240][T13106]  ? __local_bh_enable_ip+0x168/0x200
[ 1888.071632][T13106]  ? __dev_queue_xmit+0x2c4/0x3b10
[ 1888.076762][T13106]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1888.082508][T13106]  ? __dev_queue_xmit+0x2c4/0x3b10
[ 1888.087638][T13106]  ? __dev_queue_xmit+0x15fd/0x3b10
[ 1888.092867][T13106]  ? __dev_queue_xmit+0x2c4/0x3b10
[ 1888.098000][T13106]  ? ref_tracker_free+0x643/0x7e0
[ 1888.103047][T13106]  netlink_rcv_skb+0x1e3/0x430
[ 1888.107832][T13106]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1888.113315][T13106]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1888.118649][T13106]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1888.123863][T13106]  netlink_unicast+0x7ea/0x980
[ 1888.128654][T13106]  ? __pfx_netlink_unicast+0x10/0x10
[ 1888.133954][T13106]  ? __virt_addr_valid+0x44e/0x520
[ 1888.139081][T13106]  ? __phys_addr_symbol+0x2f/0x70
[ 1888.144132][T13106]  ? __check_object_size+0x4bb/0xa00
[ 1888.149432][T13106]  ? bpf_lsm_netlink_send+0x9/0x10
[ 1888.154556][T13106]  netlink_sendmsg+0xa3b/0xd70
[ 1888.159342][T13106]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1888.164639][T13106]  ? __import_iovec+0x552/0x890
[ 1888.169508][T13106]  ? aa_sock_msg_perm+0x91/0x160
[ 1888.174463][T13106]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1888.179763][T13106]  ? security_socket_sendmsg+0x87/0xb0
[ 1888.185236][T13106]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1888.190526][T13106]  __sock_sendmsg+0x221/0x270
[ 1888.195227][T13106]  ____sys_sendmsg+0x525/0x7d0
[ 1888.200017][T13106]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1888.205331][T13106]  __sys_sendmsg+0x2b0/0x3a0
[ 1888.209938][T13106]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1888.215088][T13106]  ? restore_fpregs_from_fpstate+0x100/0x250
[ 1888.221095][T13106]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1888.227447][T13106]  ? do_syscall_64+0x108/0x240
[ 1888.232238][T13106]  ? do_syscall_64+0xb4/0x240
[ 1888.236933][T13106]  do_syscall_64+0xf9/0x240
[ 1888.241458][T13106]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1888.247373][T13106] RIP: 0033:0x7f1eee47dda9
[ 1888.251805][T13106] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1888.271420][T13106] RSP: 002b:00007f1eef2a60c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1888.279847][T13106] RAX: ffffffffffffffda RBX: 00007f1eee5abf80 RCX: 00007f1eee47dda9
[ 1888.287828][T13106] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1888.295802][T13106] RBP: 00007f1eee4ca47a R08: 0000000000000000 R09: 0000000000000000
[ 1888.303778][T13106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1888.311761][T13106] R13: 000000000000000b R14: 00007f1eee5abf80 R15: 00007ffc334af558
[ 1888.319775][T13106]  </TASK>
[ 1888.375830][T13106] memory: usage 307200kB, limit 307200kB, failcnt 3737
[ 1888.422208][T13106] memory+swap: usage 307412kB, limit 9007199254740988kB, failcnt 0
[ 1888.436352][T13106] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 1888.466982][T13106] Memory cgroup stats for /syz3:
[ 1888.469889][T13106] cache 16384
[ 1888.486384][T13106] rss 0
[ 1888.489425][T13106] rss_huge 0
[ 1888.492815][T13106] shmem 0
[ 1888.495955][T13106] mapped_file 0
[ 1888.505657][T13106] dirty 16384
[ 1888.509214][T13106] writeback 0
[ 1888.512700][T13106] workingset_refault_anon 2155
[ 1888.520987][T13106] workingset_refault_file 1
[ 1888.525695][T13106] swap 221184
[ 1888.529236][T13106] swapcached 0
[ 1888.532789][T13106] pgpgin 129022
[ 1888.536421][T13106] pgpgout 129018
[ 1888.540252][T13106] pgfault 344969
[ 1888.543986][T13106] pgmajfault 1896
[ 1888.547858][T13106] inactive_anon 0
[ 1888.551671][T13106] active_anon 0
[ 1888.555306][T13106] inactive_file 8192
[ 1888.559595][T13106] active_file 8192
[ 1888.563506][T13106] unevictable 0
[ 1888.567201][T13106] hierarchical_memory_limit 314572800
[ 1888.572765][T13106] hierarchical_memsw_limit 9223372036854771712
[ 1888.581659][T13106] total_cache 16384
[ 1888.585774][T13106] total_rss 0
[ 1888.589240][T13106] total_rss_huge 0
[ 1888.592989][T13106] total_shmem 0
[ 1888.596470][T13106] total_mapped_file 0
[ 1888.601681][T13106] total_dirty 16384
[ 1888.608908][T13106] total_writeback 0
[ 1888.612952][T13106] total_workingset_refault_anon 2155
[ 1888.619706][T13106] total_workingset_refault_file 1
[ 1888.626248][T13106] total_swap 221184
[ 1888.630413][T13106] total_swapcached 0
[ 1888.634547][T13106] total_pgpgin 129022
[ 1888.639162][T13106] total_pgpgout 129018
[ 1888.643853][T13106] total_pgfault 344969
[ 1888.650414][T13106] total_pgmajfault 1896
[ 1888.654853][T13106] total_inactive_anon 0
[ 1888.659332][T13106] total_active_anon 0
[ 1888.663716][T13106] total_inactive_file 8192
[ 1888.668869][T13106] total_active_file 8192
[ 1888.673395][T13106] total_unevictable 0
[ 1888.694449][T13106] anon_cost 0
[ 1888.698175][T13106] file_cost 0
[ 1888.702461][T13106] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=13104,uid=0
[ 1888.740332][T13106] Memory cgroup out of memory: Killed process 13104 (syz-executor.3) total-vm:54640kB, anon-rss:440kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:92kB oom_score_adj:1000
[ 1888.766621][T13114] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1888.803418][T13114] CPU: 1 PID: 13114 Comm: syz-executor.0 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1888.813907][T13114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1888.824007][T13114] Call Trace:
[ 1888.827326][T13114]  <TASK>
[ 1888.830295][T13114]  dump_stack_lvl+0x1e7/0x2e0
[ 1888.835038][T13114]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1888.840295][T13114]  ? __pfx__printk+0x10/0x10
[ 1888.844933][T13114]  ? ___ratelimit+0x4c4/0x670
[ 1888.849752][T13114]  ? __pfx____ratelimit+0x10/0x10
[ 1888.854812][T13114]  dump_header+0xda/0x6a0
[ 1888.859172][T13114]  oom_kill_process+0x3a7/0x930
[ 1888.864051][T13114]  out_of_memory+0xf67/0x1320
[ 1888.868775][T13114]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1888.874432][T13114]  ? __pfx___mutex_lock+0x10/0x10
[ 1888.879472][T13114]  ? __pfx_out_of_memory+0x10/0x10
[ 1888.884626][T13114]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1888.890213][T13114]  ? __pfx_lock_release+0x10/0x10
[ 1888.895281][T13114]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1888.901383][T13114]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1888.906633][T13114]  ? mem_cgroup_iter+0x3e9/0x560
[ 1888.911615][T13114]  try_charge_memcg+0xda2/0x18a0
[ 1888.916622][T13114]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1888.922116][T13114]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1888.927864][T13114]  ? __pfx_lock_release+0x10/0x10
[ 1888.932928][T13114]  ? memcg_account_kmem+0x1e7/0x210
[ 1888.938165][T13114]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1888.943987][T13114]  __memcg_kmem_charge_page+0xe1/0x250
[ 1888.949487][T13114]  memcg_charge_kernel_stack+0x11c/0x550
[ 1888.955179][T13114]  dup_task_struct+0x15d/0x7d0
[ 1888.959996][T13114]  copy_process+0x5d5/0x3fc0
[ 1888.964664][T13114]  ? __might_fault+0xa9/0x120
[ 1888.969369][T13114]  ? __pfx_lock_release+0x10/0x10
[ 1888.974419][T13114]  ? __pfx_copy_process+0x10/0x10
[ 1888.979466][T13114]  ? __might_fault+0xc5/0x120
[ 1888.984204][T13114]  ? __asan_memset+0x23/0x50
[ 1888.988831][T13114]  kernel_clone+0x21d/0x8d0
[ 1888.993382][T13114]  ? __pfx_kernel_clone+0x10/0x10
[ 1888.998467][T13114]  __se_sys_clone3+0x2cb/0x350
[ 1889.003302][T13114]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1889.008616][T13114]  ? rcu_is_watching+0x15/0xb0
[ 1889.013423][T13114]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1889.019449][T13114]  ? exc_page_fault+0x587/0x870
[ 1889.024343][T13114]  ? do_syscall_64+0xb4/0x240
[ 1889.029087][T13114]  do_syscall_64+0xf9/0x240
[ 1889.033663][T13114]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1889.039583][T13114] RIP: 0033:0x7fd21c6a9b99
[ 1889.044009][T13114] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1889.063628][T13114] RSP: 002b:00007ffdc1e200c8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1889.072074][T13114] RAX: ffffffffffffffda RBX: 00007fd21c652270 RCX: 00007fd21c6a9b99
[ 1889.080102][T13114] RDX: 00007fd21c652270 RSI: 0000000000000058 RDI: 00007ffdc1e20110
[ 1889.088114][T13114] RBP: 00007fd21d49d6c0 R08: 00007fd21d49d6c0 R09: 00007ffdc1e201f7
[ 1889.096106][T13114] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1889.104111][T13114] R13: 000000000000000b R14: 00007ffdc1e20110 R15: 00007ffdc1e201f8
[ 1889.112134][T13114]  </TASK>
[ 1889.119531][T13114] memory: usage 307200kB, limit 307200kB, failcnt 28559
[ 1889.126709][T13114] memory+swap: usage 307384kB, limit 9007199254740988kB, failcnt 0
[ 1889.135485][T13114] kmem: usage 307148kB, limit 9007199254740988kB, failcnt 0
[ 1889.143370][T13114] Memory cgroup stats for /syz0:
[ 1889.143519][T13114] cache 20480
00:47:15 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1889.152755][T13114] rss 0
[ 1889.155559][T13114] rss_huge 0
[ 1889.159537][T13114] shmem 0
[ 1889.162506][T13114] mapped_file 0
[ 1889.165985][T13114] dirty 12288
[ 1889.170056][T13114] writeback 0
[ 1889.173396][T13114] workingset_refault_anon 9072
[ 1889.186595][T13114] workingset_refault_file 1
[ 1889.195297][T13114] swap 237568
[ 1889.201550][T13114] swapcached 4096
[ 1889.205550][T13114] pgpgin 129729
[ 1889.220829][T13114] pgpgout 129723
[ 1889.224857][T13114] pgfault 337099
[ 1889.238639][T13114] pgmajfault 8903
[ 1889.251615][T13110] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1889.261580][T13114] inactive_anon 4096
[ 1889.265700][T13114] active_anon 0
[ 1889.289824][T13114] inactive_file 0
[ 1889.293632][T13114] active_file 20480
[ 1889.299942][T13114] unevictable 0
00:47:15 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1889.305644][T13114] hierarchical_memory_limit 314572800
[ 1889.437258][T13114] hierarchical_memsw_limit 9223372036854771712
[ 1889.452778][T13114] total_cache 20480
[ 1889.456779][T13114] total_rss 0
[ 1889.460431][T13114] total_rss_huge 0
[ 1889.464297][T13114] total_shmem 0
[ 1889.468665][T13114] total_mapped_file 0
[ 1889.473112][T13114] total_dirty 12288
[ 1889.498387][T13114] total_writeback 0
[ 1889.507297][T13114] total_workingset_refault_anon 9072
[ 1889.526409][T13114] total_workingset_refault_file 1
[ 1889.536338][T13114] total_swap 237568
[ 1889.544762][T13114] total_swapcached 4096
[ 1889.558379][T13114] total_pgpgin 129729
[ 1889.562475][T13114] total_pgpgout 129723
[ 1889.566583][T13114] total_pgfault 337099
[ 1889.627327][T13114] total_pgmajfault 8903
00:47:15 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, 0x4, 0x1, 0x5, 0x0, 0x0, {0x5, 0x0, 0x9}, ["", "", "", "", "", "", ""]}, 0x14}}, 0x4048000)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1889.652793][T13114] total_inactive_anon 4096
[ 1889.698773][T13114] total_active_anon 0
[ 1889.702840][T13114] total_inactive_file 0
[ 1889.749628][T13114] total_active_file 20480
[ 1889.754029][T13114] total_unevictable 0
[ 1889.769524][T13114] anon_cost 0
[ 1889.793890][T13114] file_cost 0
[ 1889.803589][T13114] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=13114,uid=0
[ 1889.833427][T13118] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
00:47:16 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x65580000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1889.852347][T13114] Memory cgroup out of memory: Killed process 13114 (syz-executor.0) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:47:16 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1890.178640][T13123] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1890.213618][T13123] CPU: 0 PID: 13123 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1890.224107][T13123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1890.234201][T13123] Call Trace:
[ 1890.237518][T13123]  <TASK>
[ 1890.240478][T13123]  dump_stack_lvl+0x1e7/0x2e0
[ 1890.245206][T13123]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1890.250443][T13123]  ? __pfx__printk+0x10/0x10
[ 1890.255072][T13123]  ? ___ratelimit+0x4c4/0x670
[ 1890.259797][T13123]  ? __pfx____ratelimit+0x10/0x10
[ 1890.264877][T13123]  dump_header+0xda/0x6a0
[ 1890.269267][T13123]  oom_kill_process+0x3a7/0x930
[ 1890.274170][T13123]  out_of_memory+0xf67/0x1320
[ 1890.278899][T13123]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1890.284605][T13123]  ? __pfx___mutex_lock+0x10/0x10
[ 1890.289678][T13123]  ? __pfx_out_of_memory+0x10/0x10
[ 1890.294850][T13123]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1890.300442][T13123]  ? __pfx_lock_release+0x10/0x10
[ 1890.305554][T13123]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1890.311680][T13123]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1890.316930][T13123]  ? mem_cgroup_iter+0x3e9/0x560
[ 1890.321934][T13123]  try_charge_memcg+0xda2/0x18a0
[ 1890.326934][T13123]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1890.332337][T13123]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1890.338072][T13123]  ? __pfx_lock_release+0x10/0x10
[ 1890.343110][T13123]  ? memcg_account_kmem+0x1e7/0x210
[ 1890.348333][T13123]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1890.354151][T13123]  __memcg_kmem_charge_page+0xe1/0x250
[ 1890.359643][T13123]  memcg_charge_kernel_stack+0x3f8/0x550
[ 1890.365309][T13123]  dup_task_struct+0x15d/0x7d0
[ 1890.370089][T13123]  copy_process+0x5d5/0x3fc0
[ 1890.374701][T13123]  ? __might_fault+0xa9/0x120
[ 1890.379394][T13123]  ? __pfx_lock_release+0x10/0x10
[ 1890.384440][T13123]  ? __pfx_copy_process+0x10/0x10
[ 1890.389478][T13123]  ? __might_fault+0xc5/0x120
[ 1890.394173][T13123]  ? __asan_memset+0x23/0x50
[ 1890.398783][T13123]  kernel_clone+0x21d/0x8d0
[ 1890.403303][T13123]  ? __pfx_kernel_clone+0x10/0x10
[ 1890.408354][T13123]  __se_sys_clone3+0x2cb/0x350
[ 1890.413126][T13123]  ? __might_fault+0xa9/0x120
[ 1890.417815][T13123]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1890.423132][T13123]  ? do_syscall_64+0x108/0x240
[ 1890.427917][T13123]  ? do_syscall_64+0xb4/0x240
[ 1890.432617][T13123]  do_syscall_64+0xf9/0x240
[ 1890.437145][T13123]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1890.443074][T13123] RIP: 0033:0x7fa936ca9b99
[ 1890.447505][T13123] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1890.467130][T13123] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1890.475564][T13123] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1890.483545][T13123] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1890.492741][T13123] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
[ 1890.500810][T13123] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1890.508813][T13123] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1890.516829][T13123]  </TASK>
[ 1890.562331][T13123] memory: usage 307200kB, limit 307200kB, failcnt 4417
[ 1890.584630][T13123] memory+swap: usage 307344kB, limit 9007199254740988kB, failcnt 0
[ 1890.603250][T13123] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[ 1890.613367][T13123] Memory cgroup stats for /syz1:
[ 1890.613545][T13123] cache 0
[ 1890.629504][T13123] rss 12288
[ 1890.637641][T13123] rss_huge 0
[ 1890.644776][T13123] shmem 0
[ 1890.652810][T13123] mapped_file 0
[ 1890.661105][T13123] dirty 0
[ 1890.669763][T13123] writeback 0
[ 1890.679713][T13123] workingset_refault_anon 2475
[ 1890.692155][T13123] workingset_refault_file 1
[ 1890.700170][T13123] swap 147456
[ 1890.703735][T13123] swapcached 4096
[ 1890.707734][T13123] pgpgin 127942
[ 1890.711471][T13123] pgpgout 127939
[ 1890.715299][T13123] pgfault 337037
[ 1890.719826][T13123] pgmajfault 2269
[ 1890.723733][T13123] inactive_anon 0
[ 1890.727739][T13123] active_anon 12288
[ 1890.731831][T13123] inactive_file 0
[ 1890.735745][T13123] active_file 0
[ 1890.741073][T13123] unevictable 0
[ 1890.744810][T13123] hierarchical_memory_limit 314572800
[ 1890.750585][T13123] hierarchical_memsw_limit 9223372036854771712
[ 1890.761618][T13123] total_cache 0
[ 1890.770639][T13123] total_rss 12288
[ 1890.775041][T13123] total_rss_huge 0
[ 1890.779113][T13123] total_shmem 0
[ 1890.782847][T13123] total_mapped_file 0
[ 1890.792679][T13123] total_dirty 0
[ 1890.796412][T13123] total_writeback 0
[ 1890.802257][T13123] total_workingset_refault_anon 2475
[ 1890.814579][T13123] total_workingset_refault_file 1
[ 1890.820047][T13123] total_swap 147456
[ 1890.824181][T13123] total_swapcached 4096
[ 1890.834705][T13123] total_pgpgin 127942
[ 1890.840625][T13123] total_pgpgout 127939
[ 1890.844970][T13123] total_pgfault 337037
[ 1890.855585][T13123] total_pgmajfault 2269
[ 1890.861521][T13123] total_inactive_anon 0
[ 1890.865991][T13123] total_active_anon 12288
[ 1890.873913][T13123] total_inactive_file 0
[ 1890.878550][T13123] total_active_file 0
[ 1890.882827][T13123] total_unevictable 0
[ 1890.887248][T13123] anon_cost 0
[ 1890.890832][T13123] file_cost 0
[ 1890.894394][T13123] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13123,uid=0
[ 1890.910404][T13123] Memory cgroup out of memory: Killed process 13123 (syz-executor.1) total-vm:54508kB, anon-rss:360kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
[ 1890.948989][T13118] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=2, oom_score_adj=1000
[ 1890.975390][T13118] CPU: 1 PID: 13118 Comm: syz-executor.3 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1890.985896][T13118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1890.995985][T13118] Call Trace:
[ 1890.999276][T13118]  <TASK>
[ 1891.002216][T13118]  dump_stack_lvl+0x1e7/0x2e0
[ 1891.006925][T13118]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1891.012141][T13118]  ? __pfx__printk+0x10/0x10
[ 1891.016753][T13118]  ? ___ratelimit+0x4c4/0x670
[ 1891.021452][T13118]  ? __pfx____ratelimit+0x10/0x10
[ 1891.026501][T13118]  dump_header+0xda/0x6a0
[ 1891.030853][T13118]  oom_kill_process+0x3a7/0x930
[ 1891.035722][T13118]  out_of_memory+0xf67/0x1320
[ 1891.040426][T13118]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1891.046069][T13118]  ? __pfx___mutex_lock+0x10/0x10
[ 1891.051106][T13118]  ? __pfx_out_of_memory+0x10/0x10
[ 1891.056236][T13118]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1891.061796][T13118]  ? __pfx_lock_release+0x10/0x10
[ 1891.066843][T13118]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1891.072944][T13118]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1891.078174][T13118]  ? mem_cgroup_iter+0x3e9/0x560
[ 1891.083161][T13118]  try_charge_memcg+0xda2/0x18a0
[ 1891.088139][T13118]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1891.093528][T13118]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1891.099258][T13118]  ? __pfx_lock_release+0x10/0x10
[ 1891.104299][T13118]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1891.110296][T13118]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1891.116026][T13118]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1891.121851][T13118]  obj_cgroup_charge+0x389/0x630
[ 1891.126816][T13118]  ? obj_cgroup_charge+0x121/0x630
[ 1891.131943][T13118]  ? __pfx_obj_cgroup_charge+0x10/0x10
[ 1891.137422][T13118]  ? kmalloc_trace+0x4e/0x360
[ 1891.142115][T13118]  ? __pfx___might_resched+0x10/0x10
[ 1891.147508][T13118]  __memcg_slab_pre_alloc_hook+0x28d/0x2b0
[ 1891.153342][T13118]  ? ipv6_add_dev+0x5bd/0x1290
[ 1891.158123][T13118]  kmalloc_trace+0x216/0x360
[ 1891.162728][T13118]  ? ipv6_add_dev+0x55c/0x1290
[ 1891.167606][T13118]  ipv6_add_dev+0x5bd/0x1290
[ 1891.172231][T13118]  addrconf_notify+0x6a7/0x1020
[ 1891.177100][T13118]  notifier_call_chain+0x18f/0x3b0
[ 1891.182242][T13118]  register_netdevice+0x151f/0x19c0
[ 1891.187474][T13118]  ? __pfx_register_netdevice+0x10/0x10
[ 1891.193029][T13118]  ? __xdp_rxq_info_reg+0x142/0x290
[ 1891.198261][T13118]  br_dev_newlink+0x27/0x100
[ 1891.202887][T13118]  ? __pfx_br_dev_newlink+0x10/0x10
[ 1891.208107][T13118]  rtnl_newlink+0x158f/0x20a0
[ 1891.212808][T13118]  ? rtnl_newlink+0x4d1/0x20a0
[ 1891.217598][T13118]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1891.222642][T13118]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1891.227863][T13118]  ? __mutex_lock+0x9a4/0xd70
[ 1891.232557][T13118]  ? __mutex_lock+0x526/0xd70
[ 1891.237263][T13118]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1891.242303][T13118]  rtnetlink_rcv_msg+0x885/0x1040
[ 1891.247348][T13118]  ? rtnetlink_rcv_msg+0x208/0x1040
[ 1891.252572][T13118]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1891.258055][T13118]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1891.264051][T13118]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1891.270417][T13118]  ? __local_bh_enable_ip+0x168/0x200
[ 1891.275829][T13118]  ? lockdep_hardirqs_on+0x98/0x140
[ 1891.281061][T13118]  ? __local_bh_enable_ip+0x168/0x200
[ 1891.286468][T13118]  ? __dev_queue_xmit+0x2c4/0x3b10
[ 1891.291596][T13118]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1891.297339][T13118]  ? __dev_queue_xmit+0x2c4/0x3b10
[ 1891.302469][T13118]  ? __dev_queue_xmit+0x15fd/0x3b10
[ 1891.307686][T13118]  ? __dev_queue_xmit+0x2c4/0x3b10
[ 1891.312816][T13118]  ? ref_tracker_free+0x643/0x7e0
[ 1891.317879][T13118]  netlink_rcv_skb+0x1e3/0x430
[ 1891.322669][T13118]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1891.328160][T13118]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1891.333489][T13118]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1891.338705][T13118]  netlink_unicast+0x7ea/0x980
[ 1891.343495][T13118]  ? __pfx_netlink_unicast+0x10/0x10
[ 1891.348796][T13118]  ? __virt_addr_valid+0x44e/0x520
[ 1891.353927][T13118]  ? __phys_addr_symbol+0x2f/0x70
[ 1891.358973][T13118]  ? __check_object_size+0x4bb/0xa00
[ 1891.364355][T13118]  ? bpf_lsm_netlink_send+0x9/0x10
[ 1891.369483][T13118]  netlink_sendmsg+0xa3b/0xd70
[ 1891.374273][T13118]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1891.379568][T13118]  ? __import_iovec+0x552/0x890
[ 1891.384441][T13118]  ? aa_sock_msg_perm+0x91/0x160
[ 1891.389492][T13118]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1891.394793][T13118]  ? security_socket_sendmsg+0x87/0xb0
[ 1891.400271][T13118]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1891.405566][T13118]  __sock_sendmsg+0x221/0x270
[ 1891.410268][T13118]  ____sys_sendmsg+0x525/0x7d0
[ 1891.415058][T13118]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1891.420470][T13118]  __sys_sendmsg+0x2b0/0x3a0
[ 1891.425080][T13118]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1891.430233][T13118]  ? restore_fpregs_from_fpstate+0x100/0x250
[ 1891.436236][T13118]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1891.442582][T13118]  ? do_syscall_64+0x108/0x240
[ 1891.447369][T13118]  ? do_syscall_64+0xb4/0x240
[ 1891.452066][T13118]  do_syscall_64+0xf9/0x240
[ 1891.456591][T13118]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1891.462507][T13118] RIP: 0033:0x7f1eee47dda9
[ 1891.466938][T13118] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1891.486565][T13118] RSP: 002b:00007f1eef2a60c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
00:47:17 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1891.495007][T13118] RAX: ffffffffffffffda RBX: 00007f1eee5abf80 RCX: 00007f1eee47dda9
[ 1891.503014][T13118] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1891.510992][T13118] RBP: 00007f1eee4ca47a R08: 0000000000000000 R09: 0000000000000000
[ 1891.518980][T13118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1891.526980][T13118] R13: 000000000000000b R14: 00007f1eee5abf80 R15: 00007ffc334af558
[ 1891.535007][T13118]  </TASK>
[ 1891.592058][T13118] memory: usage 307192kB, limit 307200kB, failcnt 4528
[ 1891.600440][T13118] memory+swap: usage 307388kB, limit 9007199254740988kB, failcnt 0
[ 1891.611141][T13118] kmem: usage 307168kB, limit 9007199254740988kB, failcnt 0
[ 1891.627505][T13118] Memory cgroup stats for /syz3:
[ 1891.627673][T13118] cache 4096
[ 1891.643080][T13118] rss 28672
[ 1891.650632][T13118] rss_huge 0
[ 1891.654420][T13118] shmem 0
[ 1891.660651][T13118] mapped_file 0
[ 1891.664297][T13118] dirty 4096
[ 1891.672423][T13118] writeback 0
[ 1891.675910][T13118] workingset_refault_anon 2435
[ 1891.682697][T13118] workingset_refault_file 1
[ 1891.694291][T13118] swap 192512
[ 1891.699178][T13118] swapcached 24576
[ 1891.703108][T13118] pgpgin 129377
[ 1891.706735][T13118] pgpgout 129369
[ 1891.715236][T13118] pgfault 345488
[ 1891.720835][T13118] pgmajfault 2192
[ 1891.724656][T13118] inactive_anon 28672
[ 1891.738331][T13118] active_anon 0
[ 1891.750994][T13118] inactive_file 4096
[ 1891.761444][T13118] active_file 0
[ 1891.765143][T13118] unevictable 0
[ 1891.771743][T13118] hierarchical_memory_limit 314572800
[ 1891.782274][T13118] hierarchical_memsw_limit 9223372036854771712
[ 1891.791071][T13118] total_cache 4096
[ 1891.811586][T13118] total_rss 28672
[ 1891.815380][T13118] total_rss_huge 0
[ 1891.820696][T13118] total_shmem 0
[ 1891.824302][T13118] total_mapped_file 0
[ 1891.833346][T13118] total_dirty 4096
[ 1891.838651][T13118] total_writeback 0
[ 1891.842618][T13118] total_workingset_refault_anon 2435
[ 1891.853151][T13118] total_workingset_refault_file 1
[ 1891.859854][T13118] total_swap 192512
[ 1891.863812][T13118] total_swapcached 24576
[ 1891.872984][T13118] total_pgpgin 129377
[ 1891.899995][T13118] total_pgpgout 129369
[ 1891.904903][T13118] total_pgfault 345488
[ 1891.912894][T13118] total_pgmajfault 2192
[ 1891.919686][T13118] total_inactive_anon 28672
[ 1891.924366][T13118] total_active_anon 0
[ 1891.933954][T13118] total_inactive_file 4096
[ 1891.941004][T13118] total_active_file 0
[ 1891.945133][T13118] total_unevictable 0
[ 1891.950095][T13118] anon_cost 0
[ 1891.953609][T13118] file_cost 0
[ 1891.957984][T13118] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=13117,uid=0
[ 1891.974700][T13118] Memory cgroup out of memory: Killed process 13117 (syz-executor.3) total-vm:54640kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:92kB oom_score_adj:1000
[ 1892.067521][T13120] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
00:47:18 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1400]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1892.179743][T13121] sch_tbf: burst 5 is lower than device bridge3801 mtu (1514) !
[ 1892.203802][T13122] sch_tbf: burst 0 is lower than device bridge4526 mtu (1514) !
00:47:18 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f00000002c0)={'tunl0\x00', &(0x7f0000000240)={'syztnl2\x00', <r3=>r2, 0x40, 0x10, 0x7, 0xffffffff, {{0x9, 0x4, 0x2, 0x36, 0x24, 0x64, 0x0, 0x2, 0x2b, 0x0, @private=0xa010101, @loopback, {[@lsrr={0x83, 0xf, 0x56, [@loopback, @empty, @local]}]}}}}})
sendmsg$nl_route(r0, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)=@bridge_setlink={0x60, 0x13, 0x20, 0x70bd2c, 0x25dfdbfc, {0x7, 0x0, 0x0, r3, 0x20000, 0x202}, [@IFLA_MAP={0x24, 0xe, {0x31bf, 0x20, 0x8000000000000000, 0x2, 0x2}}, @IFLA_PHYS_SWITCH_ID={0x4}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x9}, @IFLA_TARGET_NETNSID={0x8, 0x2e, 0x3}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0x88dc}]}, 0x60}, 0x1, 0x0, 0x0, 0x20000000}, 0x4001)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@gettclass={0x24, 0x2a, 0x808, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xfff1, 0xffe0}, {0x2, 0x3}, {0x4, 0x8}}, ["", "", ""]}, 0x24}}, 0x0)

00:47:18 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1892.362872][T13127] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1892.410226][T13127] CPU: 1 PID: 13127 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1892.420719][T13127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1892.430810][T13127] Call Trace:
[ 1892.434120][T13127]  <TASK>
[ 1892.437080][T13127]  dump_stack_lvl+0x1e7/0x2e0
[ 1892.441805][T13127]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1892.447066][T13127]  ? __pfx__printk+0x10/0x10
[ 1892.451692][T13127]  ? ___ratelimit+0x4c4/0x670
[ 1892.456431][T13127]  ? __pfx____ratelimit+0x10/0x10
[ 1892.461499][T13127]  dump_header+0xda/0x6a0
[ 1892.465877][T13127]  oom_kill_process+0x3a7/0x930
[ 1892.470781][T13127]  out_of_memory+0xf67/0x1320
[ 1892.475496][T13127]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1892.481149][T13127]  ? __pfx___mutex_lock+0x10/0x10
[ 1892.486197][T13127]  ? __pfx_out_of_memory+0x10/0x10
[ 1892.491331][T13127]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1892.496890][T13127]  ? __pfx_lock_release+0x10/0x10
[ 1892.501932][T13127]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1892.508017][T13127]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1892.513231][T13127]  ? mem_cgroup_iter+0x3e9/0x560
[ 1892.518296][T13127]  try_charge_memcg+0xda2/0x18a0
[ 1892.523305][T13127]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1892.528802][T13127]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1892.534545][T13127]  ? __pfx_lock_release+0x10/0x10
[ 1892.539586][T13127]  ? memcg_account_kmem+0x1e7/0x210
[ 1892.544806][T13127]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1892.550620][T13127]  __memcg_kmem_charge_page+0xe1/0x250
[ 1892.556200][T13127]  memcg_charge_kernel_stack+0x304/0x550
[ 1892.561856][T13127]  dup_task_struct+0x15d/0x7d0
[ 1892.566632][T13127]  copy_process+0x5d5/0x3fc0
[ 1892.571253][T13127]  ? __might_fault+0xa9/0x120
[ 1892.575942][T13127]  ? __pfx_lock_release+0x10/0x10
[ 1892.580981][T13127]  ? __pfx_copy_process+0x10/0x10
[ 1892.586011][T13127]  ? __might_fault+0xc5/0x120
[ 1892.590792][T13127]  ? __asan_memset+0x23/0x50
[ 1892.595401][T13127]  kernel_clone+0x21d/0x8d0
[ 1892.599917][T13127]  ? __pfx_kernel_clone+0x10/0x10
[ 1892.604964][T13127]  __se_sys_clone3+0x2cb/0x350
[ 1892.609738][T13127]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1892.615064][T13127]  ? do_syscall_64+0x108/0x240
[ 1892.619870][T13127]  ? do_syscall_64+0xb4/0x240
[ 1892.624564][T13127]  do_syscall_64+0xf9/0x240
[ 1892.629101][T13127]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1892.635007][T13127] RIP: 0033:0x7fa936ca9b99
[ 1892.639445][T13127] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1892.659054][T13127] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1892.667477][T13127] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1892.675455][T13127] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1892.683428][T13127] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
[ 1892.691406][T13127] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1892.699386][T13127] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1892.707381][T13127]  </TASK>
00:47:19 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f00000002c0)={'tunl0\x00', &(0x7f0000000240)={'syztnl2\x00', <r3=>r2, 0x40, 0x10, 0x7, 0xffffffff, {{0x9, 0x4, 0x2, 0x36, 0x24, 0x64, 0x0, 0x2, 0x2b, 0x0, @private=0xa010101, @loopback, {[@lsrr={0x83, 0xf, 0x56, [@loopback, @empty, @local]}]}}}}})
sendmsg$nl_route(r0, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)=@bridge_setlink={0x60, 0x13, 0x20, 0x70bd2c, 0x25dfdbfc, {0x7, 0x0, 0x0, r3, 0x20000, 0x202}, [@IFLA_MAP={0x24, 0xe, {0x31bf, 0x20, 0x8000000000000000, 0x2, 0x2}}, @IFLA_PHYS_SWITCH_ID={0x4}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x9}, @IFLA_TARGET_NETNSID={0x8, 0x2e, 0x3}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0x88dc}]}, 0x60}, 0x1, 0x0, 0x0, 0x20000000}, 0x4001) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@gettclass={0x24, 0x2a, 0x808, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xfff1, 0xffe0}, {0x2, 0x3}, {0x4, 0x8}}, ["", "", ""]}, 0x24}}, 0x0)

[ 1893.057428][T13139] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1893.147742][T13127] memory: usage 307180kB, limit 307200kB, failcnt 4644
[ 1893.154845][T13127] memory+swap: usage 307336kB, limit 9007199254740988kB, failcnt 0
[ 1893.180328][T13127] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 1893.188206][T13127] Memory cgroup stats for /syz1:
[ 1893.188369][T13127] cache 0
[ 1893.196290][T13127] rss 20480
[ 1893.217469][T13127] rss_huge 0
[ 1893.220736][T13127] shmem 0
[ 1893.223696][T13127] mapped_file 0
[ 1893.233582][T13127] dirty 0
[ 1893.236567][T13127] writeback 0
[ 1893.269543][T13127] workingset_refault_anon 2552
[ 1893.274363][T13127] workingset_refault_file 1
[ 1893.286117][T13127] swap 139264
[ 1893.295387][T13127] swapcached 12288
[ 1893.304704][T13127] pgpgin 128030
[ 1893.315467][T13127] pgpgout 128025
00:47:19 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f00000002c0)={'tunl0\x00', &(0x7f0000000240)={'syztnl2\x00', <r3=>r2, 0x40, 0x10, 0x7, 0xffffffff, {{0x9, 0x4, 0x2, 0x36, 0x24, 0x64, 0x0, 0x2, 0x2b, 0x0, @private=0xa010101, @loopback, {[@lsrr={0x83, 0xf, 0x56, [@loopback, @empty, @local]}]}}}}})
sendmsg$nl_route(r0, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)=@bridge_setlink={0x60, 0x13, 0x20, 0x70bd2c, 0x25dfdbfc, {0x7, 0x0, 0x0, r3, 0x20000, 0x202}, [@IFLA_MAP={0x24, 0xe, {0x31bf, 0x20, 0x8000000000000000, 0x2, 0x2}}, @IFLA_PHYS_SWITCH_ID={0x4}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x9}, @IFLA_TARGET_NETNSID={0x8, 0x2e, 0x3}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0x88dc}]}, 0x60}, 0x1, 0x0, 0x0, 0x20000000}, 0x4001) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@gettclass={0x24, 0x2a, 0x808, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xfff1, 0xffe0}, {0x2, 0x3}, {0x4, 0x8}}, ["", "", ""]}, 0x24}}, 0x0)

[ 1893.321159][T13127] pgfault 337180
[ 1893.324769][T13127] pgmajfault 2342
00:47:19 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1893.373376][T13127] inactive_anon 0
[ 1893.381678][T13127] active_anon 20480
[ 1893.385555][T13127] inactive_file 0
[ 1893.396678][T13127] active_file 0
[ 1893.397428][T13132] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1893.411159][T13127] unevictable 0
[ 1893.414668][T13127] hierarchical_memory_limit 314572800
[ 1893.456076][T13127] hierarchical_memsw_limit 9223372036854771712
[ 1893.471974][T13127] total_cache 0
[ 1893.481658][T13127] total_rss 20480
[ 1893.489911][T13127] total_rss_huge 0
[ 1893.499379][T13127] total_shmem 0
[ 1893.506885][T13127] total_mapped_file 0
[ 1893.516227][T13127] total_dirty 0
[ 1893.535033][T13127] total_writeback 0
[ 1893.541480][T13127] total_workingset_refault_anon 2552
[ 1893.560797][T13127] total_workingset_refault_file 1
[ 1893.579049][T13127] total_swap 139264
[ 1893.586859][T13127] total_swapcached 12288
[ 1893.606287][T13127] total_pgpgin 128030
[ 1893.621250][T13127] total_pgpgout 128025
[ 1893.633301][T13127] total_pgfault 337180
[ 1893.647902][T13127] total_pgmajfault 2342
[ 1893.659230][T13127] total_inactive_anon 0
[ 1893.671442][T13127] total_active_anon 20480
[ 1893.682863][T13127] total_inactive_file 0
[ 1893.695577][T13127] total_active_file 0
[ 1893.710917][T13127] total_unevictable 0
[ 1893.714964][T13127] anon_cost 0
[ 1893.733869][T13127] file_cost 0
[ 1893.737647][T13127] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13127,uid=0
[ 1893.804963][T13145] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1893.828959][T13127] Memory cgroup out of memory: Killed process 13127 (syz-executor.1) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
[ 1893.898315][T13130] syz-executor.2 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 1893.939248][T13130] CPU: 0 PID: 13130 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1893.949735][T13130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1893.959831][T13130] Call Trace:
[ 1893.963145][T13130]  <TASK>
[ 1893.966101][T13130]  dump_stack_lvl+0x1e7/0x2e0
[ 1893.970840][T13130]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1893.976084][T13130]  ? __pfx__printk+0x10/0x10
[ 1893.980713][T13130]  ? ___ratelimit+0x4c4/0x670
[ 1893.985439][T13130]  ? __pfx____ratelimit+0x10/0x10
[ 1893.990519][T13130]  dump_header+0xda/0x6a0
[ 1893.994913][T13130]  oom_kill_process+0x3a7/0x930
[ 1893.999814][T13130]  out_of_memory+0xf67/0x1320
[ 1894.004546][T13130]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1894.010240][T13130]  ? __pfx___mutex_lock+0x10/0x10
[ 1894.015315][T13130]  ? __pfx_out_of_memory+0x10/0x10
[ 1894.020491][T13130]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1894.026093][T13130]  ? __pfx_lock_release+0x10/0x10
[ 1894.031172][T13130]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1894.037293][T13130]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1894.042542][T13130]  ? mem_cgroup_iter+0x3e9/0x560
[ 1894.047540][T13130]  try_charge_memcg+0xda2/0x18a0
[ 1894.052525][T13130]  ? mark_lock+0x9a/0x350
[ 1894.056933][T13130]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1894.062386][T13130]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1894.068593][T13130]  charge_memcg+0xa2/0x160
[ 1894.073075][T13130]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1894.079203][T13130]  __read_swap_cache_async+0x480/0x8b0
[ 1894.084723][T13130]  ? mark_lock+0x9a/0x350
[ 1894.089120][T13130]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1894.095179][T13130]  swap_cluster_readahead+0x67c/0x810
[ 1894.100625][T13130]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1894.106598][T13130]  ? __pfx_lock_release+0x10/0x10
[ 1894.111689][T13130]  ? xas_descend+0x37e/0x470
[ 1894.116366][T13130]  swapin_readahead+0x1ea/0x1070
[ 1894.121363][T13130]  ? filemap_get_entry+0x127/0x4e0
[ 1894.126539][T13130]  ? __pfx_swapin_readahead+0x10/0x10
[ 1894.131975][T13130]  ? __filemap_get_folio+0x935/0xbc0
[ 1894.137321][T13130]  ? swap_cache_get_folio+0x9f/0x570
[ 1894.142658][T13130]  do_swap_page+0x791/0x3f40
[ 1894.147288][T13130]  ? __lock_acquire+0x1345/0x1fd0
[ 1894.152369][T13130]  ? rcu_is_watching+0x15/0xb0
[ 1894.157203][T13130]  ? do_swap_page+0x154/0x3f40
[ 1894.162009][T13130]  ? __pfx_do_swap_page+0x10/0x10
[ 1894.167087][T13130]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1894.172598][T13130]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1894.178458][T13130]  ? __pfx_validate_chain+0x10/0x10
[ 1894.183707][T13130]  __handle_mm_fault+0x15e8/0x72d0
[ 1894.188901][T13130]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1894.194416][T13130]  ? mt_find+0x226/0x850
[ 1894.198706][T13130]  ? __pfx_lock_release+0x10/0x10
[ 1894.203806][T13130]  ? mt_find+0x62d/0x850
[ 1894.208115][T13130]  ? mt_find+0x226/0x850
[ 1894.212439][T13130]  ? find_vma+0x142/0x1c0
[ 1894.216800][T13130]  ? __pfx_find_vma+0x10/0x10
[ 1894.221514][T13130]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1894.227555][T13130]  handle_mm_fault+0x3c1/0x8a0
[ 1894.232378][T13130]  exc_page_fault+0x2ad/0x870
[ 1894.237108][T13130]  asm_exc_page_fault+0x26/0x30
[ 1894.241996][T13130] RIP: 0010:__get_user_8+0x11/0x20
[ 1894.247164][T13130] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 1894.266815][T13130] RSP: 0018:ffffc9001646fd78 EFLAGS: 00050202
[ 1894.272933][T13130] RAX: 0000555555f24da8 RBX: ffff88801fd41538 RCX: ffffc9001646fc03
[ 1894.280959][T13130] RDX: 0000000000000000 RSI: ffffffff8baac7e0 RDI: ffffffff8bfe6de0
[ 1894.288970][T13130] RBP: ffffc9001646fec0 R08: ffffffff8f856baf R09: 1ffffffff1f0ad75
[ 1894.296980][T13130] R10: dffffc0000000000 R11: fffffbfff1f0ad76 R12: ffffc9001646fd80
[ 1894.304987][T13130] R13: ffffc9001646ffd8 R14: dffffc0000000000 R15: ffff88801fd40000
[ 1894.313040][T13130]  __rseq_handle_notify_resume+0x158/0x1490
[ 1894.319008][T13130]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 1894.325413][T13130]  ? irqentry_exit_to_user_mode+0x52/0x270
[ 1894.331275][T13130]  irqentry_exit_to_user_mode+0xbb/0x270
[ 1894.336984][T13130]  exc_page_fault+0x587/0x870
[ 1894.341729][T13130]  asm_exc_page_fault+0x26/0x30
[ 1894.346618][T13130] RIP: 0033:0x7fc73603755c
[ 1894.351072][T13130] Code: 78 40 88 7c 1a 04 8b 5c 24 44 4c 89 3d 2d 4a 17 00 89 98 80 00 00 00 0f 1f 80 00 00 00 00 48 8b 94 2c a0 01 00 00 48 83 c5 08 <48> 89 54 05 28 48 83 fd 48 75 e9 4b 8d 04 76 48 8d 15 0e 4a 17 00
[ 1894.370724][T13130] RSP: 002b:00007ffeef0082c0 EFLAGS: 00010212
[ 1894.376839][T13130] RAX: 00007fc7361ac050 RBX: 0000000000000000 RCX: 0000000000000000
[ 1894.384862][T13130] RDX: 0000000020000080 RSI: 00007fc7361ac058 RDI: 0000000000000000
[ 1894.392871][T13130] RBP: 0000000000000010 R08: 0000000000000000 R09: 00007fc7361ac05c
[ 1894.400883][T13130] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fc7361abf80
[ 1894.408895][T13130] R13: 0000000000000e0d R14: 0000000000000001 R15: 00007fc7361ac050
[ 1894.416923][T13130]  </TASK>
00:47:20 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88470000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:47:20 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=@ipv6_getanyicast={0x14, 0x3e, 0x800, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20008090}, 0x800)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1894.547601][T13130] memory: usage 307200kB, limit 307200kB, failcnt 72626
[ 1894.555784][T13130] memory+swap: usage 307416kB, limit 9007199254740988kB, failcnt 0
[ 1894.565379][T13130] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[ 1894.636000][T13130] Memory cgroup stats for /syz2:
[ 1894.636160][T13130] cache 0
[ 1894.679451][T13130] rss 8192
[ 1894.682554][T13130] rss_huge 0
[ 1894.685790][T13130] shmem 0
[ 1894.729119][T13130] mapped_file 0
[ 1894.734976][T13130] dirty 0
[ 1894.746674][T13130] writeback 0
[ 1894.756314][T13130] workingset_refault_anon 49550
[ 1894.777772][T13130] workingset_refault_file 1
[ 1894.782353][T13130] swap 221184
[ 1894.785682][T13130] swapcached 8192
[ 1894.797344][T13153] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1894.815535][T13130] pgpgin 175268
[ 1894.824576][T13130] pgpgout 175266
[ 1894.839096][T13130] pgfault 387670
[ 1894.842715][T13130] pgmajfault 45745
[ 1894.873079][T13130] inactive_anon 0
[ 1894.881234][T13130] active_anon 8192
[ 1894.893443][T13130] inactive_file 0
[ 1894.913441][T13130] active_file 0
[ 1894.916976][T13130] unevictable 0
[ 1894.933594][T13130] hierarchical_memory_limit 314572800
[ 1894.959675][T13130] hierarchical_memsw_limit 9223372036854771712
[ 1894.965897][T13130] total_cache 0
[ 1894.993104][T13130] total_rss 8192
[ 1894.996722][T13130] total_rss_huge 0
[ 1895.014921][T13130] total_shmem 0
[ 1895.023747][T13130] total_mapped_file 0
[ 1895.046182][T13130] total_dirty 0
[ 1895.067582][T13130] total_writeback 0
[ 1895.072350][T13130] total_workingset_refault_anon 49550
[ 1895.093859][T13154] sch_tbf: burst 5 is lower than device bridge3804 mtu (1514) !
[ 1895.098410][T13130] total_workingset_refault_file 1
[ 1895.108267][T13130] total_swap 221184
[ 1895.112570][T13130] total_swapcached 8192
[ 1895.122016][T13130] total_pgpgin 175268
[ 1895.126121][T13130] total_pgpgout 175266
[ 1895.131080][T13130] total_pgfault 387670
[ 1895.135307][T13130] total_pgmajfault 45745
00:47:21 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
r1 = socket(0x10, 0x3, 0x0) (rerun: 64)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=@ipv6_getanyicast={0x14, 0x3e, 0x800, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20008090}, 0x800) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1895.171014][T13130] total_inactive_anon 0
[ 1895.210076][T13130] total_active_anon 8192
[ 1895.233172][T13130] total_inactive_file 0
[ 1895.242549][T13130] total_active_file 0
[ 1895.246594][T13130] total_unevictable 0
[ 1895.287423][T13130] anon_cost 0
[ 1895.290788][T13130] file_cost 0
[ 1895.294190][T13130] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13130,uid=0
[ 1895.351191][T13130] Memory cgroup out of memory: Killed process 13130 (syz-executor.2) total-vm:54640kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
00:47:21 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1500]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1895.457622][ T5100] syz-executor.0 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1895.579655][ T5100] CPU: 1 PID: 5100 Comm: syz-executor.0 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1895.590091][ T5100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1895.600196][ T5100] Call Trace:
[ 1895.603512][ T5100]  <TASK>
[ 1895.606474][ T5100]  dump_stack_lvl+0x1e7/0x2e0
[ 1895.611210][ T5100]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1895.616467][ T5100]  ? __pfx__printk+0x10/0x10
[ 1895.621105][ T5100]  ? ___ratelimit+0x4c4/0x670
[ 1895.625866][ T5100]  ? __pfx____ratelimit+0x10/0x10
[ 1895.630958][ T5100]  dump_header+0xda/0x6a0
[ 1895.635421][ T5100]  oom_kill_process+0x3a7/0x930
[ 1895.640321][ T5100]  out_of_memory+0xf67/0x1320
[ 1895.645053][ T5100]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1895.650736][ T5100]  ? __pfx___mutex_lock+0x10/0x10
[ 1895.655813][ T5100]  ? __pfx_out_of_memory+0x10/0x10
[ 1895.660986][ T5100]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1895.666582][ T5100]  ? __pfx_lock_release+0x10/0x10
[ 1895.671654][ T5100]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1895.677775][ T5100]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1895.683042][ T5100]  ? mem_cgroup_iter+0x3e9/0x560
[ 1895.688038][ T5100]  try_charge_memcg+0xda2/0x18a0
[ 1895.693023][ T5100]  ? mark_lock+0x9a/0x350
[ 1895.697421][ T5100]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1895.702872][ T5100]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1895.709075][ T5100]  charge_memcg+0xa2/0x160
[ 1895.713539][ T5100]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1895.719644][ T5100]  __read_swap_cache_async+0x480/0x8b0
[ 1895.725156][ T5100]  ? mark_lock+0x9a/0x350
[ 1895.729540][ T5100]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1895.735591][ T5100]  swap_cluster_readahead+0x67c/0x810
[ 1895.741034][ T5100]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1895.746983][ T5100]  ? __pfx_lock_release+0x10/0x10
[ 1895.752063][ T5100]  ? xas_descend+0x37e/0x470
[ 1895.756705][ T5100]  swapin_readahead+0x1ea/0x1070
[ 1895.761684][ T5100]  ? filemap_get_entry+0x127/0x4e0
[ 1895.766873][ T5100]  ? __pfx_swapin_readahead+0x10/0x10
[ 1895.772318][ T5100]  ? __filemap_get_folio+0x935/0xbc0
[ 1895.777667][ T5100]  ? swap_cache_get_folio+0x9f/0x570
[ 1895.783018][ T5100]  do_swap_page+0x791/0x3f40
[ 1895.787683][ T5100]  ? rcu_is_watching+0x15/0xb0
[ 1895.792512][ T5100]  ? do_swap_page+0x154/0x3f40
[ 1895.797322][ T5100]  ? __pfx_do_swap_page+0x10/0x10
[ 1895.802401][ T5100]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1895.807911][ T5100]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1895.813789][ T5100]  __handle_mm_fault+0x15e8/0x72d0
[ 1895.818990][ T5100]  ? reacquire_held_locks+0x3eb/0x690
[ 1895.824413][ T5100]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1895.829944][ T5100]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 1895.835736][ T5100]  ? mtree_range_walk+0x6fd/0x8e0
[ 1895.840812][ T5100]  ? lock_vma_under_rcu+0x18a/0x730
[ 1895.846101][ T5100]  ? __pfx_lock_release+0x10/0x10
[ 1895.851172][ T5100]  ? lock_vma_under_rcu+0x2f9/0x730
[ 1895.856445][ T5100]  ? lock_vma_under_rcu+0x18a/0x730
[ 1895.862663][ T5100]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 1895.868273][ T5100]  handle_mm_fault+0x3c1/0x8a0
[ 1895.873105][ T5100]  exc_page_fault+0x456/0x870
[ 1895.877843][ T5100]  asm_exc_page_fault+0x26/0x30
[ 1895.882849][ T5100] RIP: 0033:0x7fd21c6a9184
[ 1895.887299][ T5100] Code: ff ff ff 49 89 ca 0f 44 f8 80 3d 8e 6d 0d 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 <48> 89 54 24 10 89 74 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff
[ 1895.906954][ T5100] RSP: 002b:00007ffdc1e204a0 EFLAGS: 00010206
[ 1895.913077][ T5100] RAX: 00000000fffffffa RBX: 0000000000003683 RCX: 0000000000000000
[ 1895.921094][ T5100] RDX: 00007ffdc1e204e0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1895.929119][ T5100] RBP: 00007ffdc1e2056c R08: 0000000000000000 R09: 00007ffdc1e880b0
[ 1895.937136][ T5100] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 1895.945149][ T5100] R13: 00000000001ce493 R14: 00000000001ce493 R15: 0000000000000000
[ 1895.953275][ T5100]  </TASK>
00:47:22 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=@ipv6_getanyicast={0x14, 0x3e, 0x800, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20008090}, 0x800)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket(0x10, 0x3, 0x0) (async)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
sendmsg$nl_route(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=@ipv6_getanyicast={0x14, 0x3e, 0x800, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20008090}, 0x800) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0) (async)

00:47:22 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1896.047490][ T5100] memory: usage 307200kB, limit 307200kB, failcnt 29928
[ 1896.073579][ T5100] memory+swap: usage 307408kB, limit 9007199254740988kB, failcnt 0
[ 1896.113922][ T5100] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[ 1896.174388][ T5100] Memory cgroup stats for /syz0:
[ 1896.174547][ T5100] cache 8192
[ 1896.193644][T13162] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1896.211962][ T5100] rss 0
[ 1896.218279][ T5100] rss_huge 0
[ 1896.229575][ T5100] shmem 0
[ 1896.232722][ T5100] mapped_file 0
[ 1896.243565][ T5100] dirty 4096
[ 1896.251516][ T5100] writeback 0
[ 1896.259675][ T5100] workingset_refault_anon 9467
[ 1896.270321][ T5100] workingset_refault_file 2
[ 1896.279721][ T5100] swap 212992
[ 1896.283467][ T5100] swapcached 0
[ 1896.290162][ T5100] pgpgin 130234
[ 1896.293827][ T5100] pgpgout 130232
[ 1896.303785][ T5100] pgfault 337814
[ 1896.309499][ T5100] pgmajfault 9346
[ 1896.313351][ T5100] inactive_anon 0
[ 1896.328044][ T5100] active_anon 0
[ 1896.331730][ T5100] inactive_file 8192
[ 1896.335848][ T5100] active_file 0
[ 1896.353776][ T5100] unevictable 0
[ 1896.371875][ T5100] hierarchical_memory_limit 314572800
[ 1896.378342][ T5100] hierarchical_memsw_limit 9223372036854771712
[ 1896.384723][ T5100] total_cache 8192
[ 1896.389327][ T5100] total_rss 0
[ 1896.392825][ T5100] total_rss_huge 0
[ 1896.396759][ T5100] total_shmem 0
[ 1896.403054][T13165] sch_tbf: burst 5 is lower than device bridge3805 mtu (1514) !
[ 1896.423269][ T5100] total_mapped_file 0
[ 1896.428639][ T5100] total_dirty 4096
[ 1896.436023][ T5100] total_writeback 0
[ 1896.456402][ T5100] total_workingset_refault_anon 9467
00:47:22 executing program 4:
r0 = socket$bt_bnep(0x1f, 0x3, 0x4)
r1 = socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_bnep_BNEPCONNADD(r0, 0x400442c8, &(0x7f00000002c0)={r1, 0x2, 0x8000, "91de3ed78632506a84e75c208fb3245439c48021be00d86f6059a5c3e3badc4680b25e2289eb0cdacd9da281e9a0ce28edeb05f4aa5aa2c54deec6c31ca8b02644a197ef5efe4a1b6c9a38e8ab14de83f048c0f0eea9ee340d7ea80a1a2eac87354d7622a99764efd7d5bca4fa9fbc831527e6159b62bfe96aa738b10112901be9f93d88136c95248f802ab990324d14a099e3866d94f591574f987b771d8c751b3d528d8bc70513e6e614d9e8fe57a10e8281549032720fcc0727a6183a408aead3ca7b841a7204ef51cf"})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
ioctl$SIOCAX25OPTRT(r3, 0x89e7, &(0x7f0000000400)={@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, 0x2, 0x56})
sendmsg$nl_route(r3, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=@ipv6_getmulticast={0x14, 0x3a, 0x200, 0x70bd28, 0x25dfdbfb, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x81}, 0x4088010)
socket(0x23, 0x80000, 0x2)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=@newqdisc={0x448, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x41c, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_RTAB={0x404, 0x2, [0x5, 0xe13, 0x8, 0x9, 0x3, 0x2, 0x1, 0x3, 0x5, 0xfffffff8, 0x0, 0xa4eb, 0x6, 0x800, 0x3, 0x2, 0x4310, 0x1, 0x1, 0x7, 0x2, 0xffff7fff, 0x6, 0x5, 0x399, 0xd7, 0xaafd, 0x200, 0xfffffff7, 0x0, 0xca, 0x2, 0x8001, 0x5, 0x4, 0x800, 0x1, 0xe2b9, 0x9, 0x2, 0x7e5, 0x2, 0x6, 0x0, 0x1ff, 0x6, 0x401, 0x2000, 0x1ff, 0x8, 0x101, 0x9, 0xfff, 0x7, 0x2, 0x40, 0x1000, 0x4, 0x4, 0x3ff, 0x0, 0x4, 0x9, 0xfffffffa, 0x28d, 0x4, 0x82e, 0xa59, 0x3, 0xec5, 0xea1, 0x0, 0x9, 0x7, 0x2ee, 0x3, 0x24, 0x800, 0x8, 0x5, 0x53b, 0x9378, 0x7, 0x7, 0x9, 0x99d5, 0x4, 0x3f, 0x200, 0x4, 0x40, 0xfff, 0x609, 0x0, 0x80000000, 0x1, 0x6, 0x0, 0xca, 0x80000000, 0x7f, 0xdae, 0x0, 0xdc, 0x5, 0x0, 0xffffc609, 0x8, 0x9, 0xcaf8, 0x9, 0x2, 0xff, 0x2d7, 0xfffffffe, 0x8, 0x100, 0x6, 0x4, 0xff, 0xfffffc01, 0x8, 0x7f, 0x8b620bb, 0x4, 0x8, 0x1, 0x6, 0x9, 0xa8b, 0xffffffcb, 0x7fff, 0x3, 0x4, 0x2, 0x80, 0xf1, 0x101, 0x40, 0x1000, 0x4, 0x1ff, 0x5, 0x6, 0x101, 0xfe, 0x9, 0x1f, 0x0, 0xfffffff9, 0x9, 0x10001, 0x7, 0x5, 0xffff, 0x7, 0xf0c1, 0x1, 0x75, 0x1, 0x4, 0xffffe9b0, 0xfffffc01, 0x7ff, 0x9, 0x7, 0x1, 0x6dc2, 0x800, 0x200, 0xa384bddd, 0x7f, 0x5, 0x0, 0x8000, 0x32ff, 0x6, 0x6, 0xfffeffff, 0x7fff, 0x3, 0x3, 0x6, 0xfffffff8, 0x0, 0x0, 0x7, 0x4, 0x0, 0xfd, 0x7, 0xffffff60, 0x100, 0x5, 0x3, 0x822f, 0x5, 0x1, 0x800, 0x0, 0x46f, 0x1, 0xb4b, 0x4fc, 0x5, 0xffffffff, 0x5627, 0x7fffffff, 0x3ff, 0xd00, 0xe4, 0x101, 0x10000, 0x800, 0x1000, 0x1, 0x10000, 0x2, 0x15, 0x33, 0x8395, 0x9, 0x7b6, 0xffff4f5e, 0xffffffff, 0x80, 0x40000000, 0xfff, 0x1, 0x10001, 0x0, 0x1, 0x1b, 0x5, 0xa518, 0x9, 0x0, 0x10000, 0x1, 0x200, 0x0, 0xbb4a, 0x9, 0x33bf, 0x6, 0x7ff, 0xff, 0x5, 0xb1, 0x80000001, 0x27e, 0x5, 0x81, 0x40, 0x8, 0x4000]}]}}]}, 0x448}}, 0x1010)
socket$nl_route(0x10, 0x3, 0x0)

[ 1896.479280][ T5100] total_workingset_refault_file 2
[ 1896.493962][ T5100] total_swap 212992
[ 1896.520762][ T5100] total_swapcached 0
[ 1896.540218][ T5100] total_pgpgin 130234
[ 1896.557605][ T5100] total_pgpgout 130232
[ 1896.578591][ T5100] total_pgfault 337814
[ 1896.587669][ T5100] total_pgmajfault 9346
[ 1896.592834][ T5100] total_inactive_anon 0
[ 1896.599417][ T5100] total_active_anon 0
[ 1896.609641][ T5100] total_inactive_file 8192
[ 1896.638985][ T5100] total_active_file 0
[ 1896.643300][T13170] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1896.655052][ T5100] total_unevictable 0
[ 1896.659754][ T5100] anon_cost 0
[ 1896.663182][ T5100] file_cost 0
[ 1896.669079][ T5100] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=13144,uid=0
[ 1896.701893][ T5100] Memory cgroup out of memory: Killed process 13144 (syz-executor.0) total-vm:54640kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 1896.761505][T13160] syz-executor.2 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 1896.787258][T13160] CPU: 0 PID: 13160 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1896.797752][T13160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1896.807890][T13160] Call Trace:
[ 1896.811201][T13160]  <TASK>
[ 1896.814171][T13160]  dump_stack_lvl+0x1e7/0x2e0
[ 1896.818914][T13160]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1896.824175][T13160]  ? __pfx__printk+0x10/0x10
[ 1896.828818][T13160]  ? ___ratelimit+0x4c4/0x670
[ 1896.833546][T13160]  ? __pfx____ratelimit+0x10/0x10
[ 1896.838624][T13160]  dump_header+0xda/0x6a0
[ 1896.843013][T13160]  oom_kill_process+0x3a7/0x930
[ 1896.847923][T13160]  out_of_memory+0xf67/0x1320
[ 1896.852659][T13160]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1896.858342][T13160]  ? __pfx___mutex_lock+0x10/0x10
[ 1896.863416][T13160]  ? __pfx_out_of_memory+0x10/0x10
[ 1896.868585][T13160]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1896.874180][T13160]  ? __pfx_lock_release+0x10/0x10
[ 1896.879258][T13160]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1896.885413][T13160]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1896.890665][T13160]  ? mem_cgroup_iter+0x3e9/0x560
[ 1896.895666][T13160]  try_charge_memcg+0xda2/0x18a0
[ 1896.900649][T13160]  ? mark_lock+0x9a/0x350
[ 1896.905048][T13160]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1896.910496][T13160]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1896.916692][T13160]  charge_memcg+0xa2/0x160
[ 1896.921171][T13160]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1896.927285][T13160]  __read_swap_cache_async+0x480/0x8b0
[ 1896.932791][T13160]  ? mark_lock+0x9a/0x350
[ 1896.937176][T13160]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1896.943219][T13160]  ? blk_start_plug+0x6f/0x1b0
[ 1896.948043][T13160]  swap_cluster_readahead+0x398/0x810
[ 1896.953482][T13160]  ? __pfx_swap_cluster_readahead+0x10/0x10
00:47:23 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1896.959432][T13160]  ? __pfx_lock_release+0x10/0x10
[ 1896.964517][T13160]  ? xas_descend+0x37e/0x470
[ 1896.969162][T13160]  swapin_readahead+0x1ea/0x1070
[ 1896.974151][T13160]  ? filemap_get_entry+0x127/0x4e0
[ 1896.979332][T13160]  ? __pfx_swapin_readahead+0x10/0x10
[ 1896.984757][T13160]  ? __filemap_get_folio+0x935/0xbc0
[ 1896.990117][T13160]  ? swap_cache_get_folio+0x9f/0x570
[ 1896.995461][T13160]  do_swap_page+0x791/0x3f40
[ 1897.000093][T13160]  ? __lock_acquire+0x1345/0x1fd0
[ 1897.006044][T13160]  ? rcu_is_watching+0x15/0xb0
[ 1897.010878][T13160]  ? do_swap_page+0x154/0x3f40
[ 1897.015696][T13160]  ? __pfx_do_swap_page+0x10/0x10
[ 1897.020775][T13160]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1897.026296][T13160]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1897.032162][T13160]  ? __pfx_validate_chain+0x10/0x10
[ 1897.037428][T13160]  __handle_mm_fault+0x15e8/0x72d0
[ 1897.042625][T13160]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1897.048150][T13160]  ? mt_find+0x226/0x850
[ 1897.052458][T13160]  ? __pfx_lock_release+0x10/0x10
[ 1897.057560][T13160]  ? mt_find+0x62d/0x850
[ 1897.061880][T13160]  ? mt_find+0x226/0x850
[ 1897.066550][T13160]  ? find_vma+0x142/0x1c0
[ 1897.070924][T13160]  ? __pfx_find_vma+0x10/0x10
[ 1897.075649][T13160]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1897.081694][T13160]  handle_mm_fault+0x3c1/0x8a0
[ 1897.086521][T13160]  exc_page_fault+0x2ad/0x870
[ 1897.091259][T13160]  asm_exc_page_fault+0x26/0x30
[ 1897.096162][T13160] RIP: 0010:__get_user_8+0x11/0x20
[ 1897.101318][T13160] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 1897.120971][T13160] RSP: 0000:ffffc9000353fd78 EFLAGS: 00050202
[ 1897.127085][T13160] RAX: 0000555555f24da8 RBX: ffff8880232e9538 RCX: ffffc9000353fc03
[ 1897.135103][T13160] RDX: 0000000000000000 RSI: ffffffff8baac7e0 RDI: ffffffff8bfe6de0
[ 1897.143122][T13160] RBP: ffffc9000353fec0 R08: ffffffff8f856baf R09: 1ffffffff1f0ad75
[ 1897.151136][T13160] R10: dffffc0000000000 R11: fffffbfff1f0ad76 R12: ffffc9000353fd80
[ 1897.159155][T13160] R13: ffffc9000353ffd8 R14: dffffc0000000000 R15: ffff8880232e8000
[ 1897.167200][T13160]  __rseq_handle_notify_resume+0x158/0x1490
[ 1897.173165][T13160]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 1897.179571][T13160]  ? irqentry_exit_to_user_mode+0x52/0x270
[ 1897.185442][T13160]  irqentry_exit_to_user_mode+0xbb/0x270
[ 1897.191138][T13160]  exc_page_fault+0x587/0x870
[ 1897.195881][T13160]  asm_exc_page_fault+0x26/0x30
[ 1897.200775][T13160] RIP: 0033:0x7fc736039ac7
[ 1897.205244][T13160] Code: 25 ff 0f 00 00 09 c5 80 3d 06 bc c9 00 00 0f 85 6f ff ff ff 44 0f b6 6c 24 0f 44 8d 55 04 89 e8 41 89 c1 41 81 e1 ff 1f 00 00 <43> 8b 14 8e 39 d5 0f 84 5e ff ff ff 85 d2 0f 84 65 01 00 00 83 c0
[ 1897.224907][T13160] RSP: 002b:00007ffeef0081f0 EFLAGS: 00010206
[ 1897.231031][T13160] RAX: 00000000818bd227 RBX: 00007fc7361ac018 RCX: 000000000000002a
[ 1897.239051][T13160] RDX: ffffffff818bdce6 RSI: 0000000080000000 RDI: 0000000000013e37
[ 1897.247333][T13160] RBP: 00000000818bd227 R08: 0000001b32420000 R09: 0000000000001227
[ 1897.255354][T13160] R10: 00000000818bd22b R11: 0000000000000246 R12: 000000000000002a
[ 1897.263374][T13160] R13: 0000000000000001 R14: 00007fc7361a0000 R15: ffffffff818bdce6
[ 1897.271404][T13160]  ? cgroup_rstat_updated+0x26/0x360
[ 1897.276784][T13160]  ? cgroup_rstat_updated+0x26/0x360
[ 1897.282122][T13160]  </TASK>
[ 1897.373575][T13160] memory: usage 307120kB, limit 307200kB, failcnt 29974
00:47:23 executing program 4:
r0 = socket$bt_bnep(0x1f, 0x3, 0x4)
r1 = socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_bnep_BNEPCONNADD(r0, 0x400442c8, &(0x7f00000002c0)={r1, 0x2, 0x8000, "91de3ed78632506a84e75c208fb3245439c48021be00d86f6059a5c3e3badc4680b25e2289eb0cdacd9da281e9a0ce28edeb05f4aa5aa2c54deec6c31ca8b02644a197ef5efe4a1b6c9a38e8ab14de83f048c0f0eea9ee340d7ea80a1a2eac87354d7622a99764efd7d5bca4fa9fbc831527e6159b62bfe96aa738b10112901be9f93d88136c95248f802ab990324d14a099e3866d94f591574f987b771d8c751b3d528d8bc70513e6e614d9e8fe57a10e8281549032720fcc0727a6183a408aead3ca7b841a7204ef51cf"})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
ioctl$SIOCAX25OPTRT(r3, 0x89e7, &(0x7f0000000400)={@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, 0x2, 0x56})
sendmsg$nl_route(r3, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=@ipv6_getmulticast={0x14, 0x3a, 0x200, 0x70bd28, 0x25dfdbfb, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x81}, 0x4088010)
socket(0x23, 0x80000, 0x2)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=@newqdisc={0x448, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x41c, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_RTAB={0x404, 0x2, [0x5, 0xe13, 0x8, 0x9, 0x3, 0x2, 0x1, 0x3, 0x5, 0xfffffff8, 0x0, 0xa4eb, 0x6, 0x800, 0x3, 0x2, 0x4310, 0x1, 0x1, 0x7, 0x2, 0xffff7fff, 0x6, 0x5, 0x399, 0xd7, 0xaafd, 0x200, 0xfffffff7, 0x0, 0xca, 0x2, 0x8001, 0x5, 0x4, 0x800, 0x1, 0xe2b9, 0x9, 0x2, 0x7e5, 0x2, 0x6, 0x0, 0x1ff, 0x6, 0x401, 0x2000, 0x1ff, 0x8, 0x101, 0x9, 0xfff, 0x7, 0x2, 0x40, 0x1000, 0x4, 0x4, 0x3ff, 0x0, 0x4, 0x9, 0xfffffffa, 0x28d, 0x4, 0x82e, 0xa59, 0x3, 0xec5, 0xea1, 0x0, 0x9, 0x7, 0x2ee, 0x3, 0x24, 0x800, 0x8, 0x5, 0x53b, 0x9378, 0x7, 0x7, 0x9, 0x99d5, 0x4, 0x3f, 0x200, 0x4, 0x40, 0xfff, 0x609, 0x0, 0x80000000, 0x1, 0x6, 0x0, 0xca, 0x80000000, 0x7f, 0xdae, 0x0, 0xdc, 0x5, 0x0, 0xffffc609, 0x8, 0x9, 0xcaf8, 0x9, 0x2, 0xff, 0x2d7, 0xfffffffe, 0x8, 0x100, 0x6, 0x4, 0xff, 0xfffffc01, 0x8, 0x7f, 0x8b620bb, 0x4, 0x8, 0x1, 0x6, 0x9, 0xa8b, 0xffffffcb, 0x7fff, 0x3, 0x4, 0x2, 0x80, 0xf1, 0x101, 0x40, 0x1000, 0x4, 0x1ff, 0x5, 0x6, 0x101, 0xfe, 0x9, 0x1f, 0x0, 0xfffffff9, 0x9, 0x10001, 0x7, 0x5, 0xffff, 0x7, 0xf0c1, 0x1, 0x75, 0x1, 0x4, 0xffffe9b0, 0xfffffc01, 0x7ff, 0x9, 0x7, 0x1, 0x6dc2, 0x800, 0x200, 0xa384bddd, 0x7f, 0x5, 0x0, 0x8000, 0x32ff, 0x6, 0x6, 0xfffeffff, 0x7fff, 0x3, 0x3, 0x6, 0xfffffff8, 0x0, 0x0, 0x7, 0x4, 0x0, 0xfd, 0x7, 0xffffff60, 0x100, 0x5, 0x3, 0x822f, 0x5, 0x1, 0x800, 0x0, 0x46f, 0x1, 0xb4b, 0x4fc, 0x5, 0xffffffff, 0x5627, 0x7fffffff, 0x3ff, 0xd00, 0xe4, 0x101, 0x10000, 0x800, 0x1000, 0x1, 0x10000, 0x2, 0x15, 0x33, 0x8395, 0x9, 0x7b6, 0xffff4f5e, 0xffffffff, 0x80, 0x40000000, 0xfff, 0x1, 0x10001, 0x0, 0x1, 0x1b, 0x5, 0xa518, 0x9, 0x0, 0x10000, 0x1, 0x200, 0x0, 0xbb4a, 0x9, 0x33bf, 0x6, 0x7ff, 0xff, 0x5, 0xb1, 0x80000001, 0x27e, 0x5, 0x81, 0x40, 0x8, 0x4000]}]}}]}, 0x448}}, 0x1010)
socket$nl_route(0x10, 0x3, 0x0)
socket$bt_bnep(0x1f, 0x3, 0x4) (async)
socket$bt_hidp(0x1f, 0x3, 0x6) (async)
ioctl$sock_bt_bnep_BNEPCONNADD(r0, 0x400442c8, &(0x7f00000002c0)={r1, 0x2, 0x8000, "91de3ed78632506a84e75c208fb3245439c48021be00d86f6059a5c3e3badc4680b25e2289eb0cdacd9da281e9a0ce28edeb05f4aa5aa2c54deec6c31ca8b02644a197ef5efe4a1b6c9a38e8ab14de83f048c0f0eea9ee340d7ea80a1a2eac87354d7622a99764efd7d5bca4fa9fbc831527e6159b62bfe96aa738b10112901be9f93d88136c95248f802ab990324d14a099e3866d94f591574f987b771d8c751b3d528d8bc70513e6e614d9e8fe57a10e8281549032720fcc0727a6183a408aead3ca7b841a7204ef51cf"}) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket(0x10, 0x3, 0x0) (async)
sendmsg$nl_route_sched(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
ioctl$SIOCAX25OPTRT(r3, 0x89e7, &(0x7f0000000400)={@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, 0x2, 0x56}) (async)
sendmsg$nl_route(r3, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=@ipv6_getmulticast={0x14, 0x3a, 0x200, 0x70bd28, 0x25dfdbfb, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x81}, 0x4088010) (async)
socket(0x23, 0x80000, 0x2) (async)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=@newqdisc={0x448, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x41c, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_RTAB={0x404, 0x2, [0x5, 0xe13, 0x8, 0x9, 0x3, 0x2, 0x1, 0x3, 0x5, 0xfffffff8, 0x0, 0xa4eb, 0x6, 0x800, 0x3, 0x2, 0x4310, 0x1, 0x1, 0x7, 0x2, 0xffff7fff, 0x6, 0x5, 0x399, 0xd7, 0xaafd, 0x200, 0xfffffff7, 0x0, 0xca, 0x2, 0x8001, 0x5, 0x4, 0x800, 0x1, 0xe2b9, 0x9, 0x2, 0x7e5, 0x2, 0x6, 0x0, 0x1ff, 0x6, 0x401, 0x2000, 0x1ff, 0x8, 0x101, 0x9, 0xfff, 0x7, 0x2, 0x40, 0x1000, 0x4, 0x4, 0x3ff, 0x0, 0x4, 0x9, 0xfffffffa, 0x28d, 0x4, 0x82e, 0xa59, 0x3, 0xec5, 0xea1, 0x0, 0x9, 0x7, 0x2ee, 0x3, 0x24, 0x800, 0x8, 0x5, 0x53b, 0x9378, 0x7, 0x7, 0x9, 0x99d5, 0x4, 0x3f, 0x200, 0x4, 0x40, 0xfff, 0x609, 0x0, 0x80000000, 0x1, 0x6, 0x0, 0xca, 0x80000000, 0x7f, 0xdae, 0x0, 0xdc, 0x5, 0x0, 0xffffc609, 0x8, 0x9, 0xcaf8, 0x9, 0x2, 0xff, 0x2d7, 0xfffffffe, 0x8, 0x100, 0x6, 0x4, 0xff, 0xfffffc01, 0x8, 0x7f, 0x8b620bb, 0x4, 0x8, 0x1, 0x6, 0x9, 0xa8b, 0xffffffcb, 0x7fff, 0x3, 0x4, 0x2, 0x80, 0xf1, 0x101, 0x40, 0x1000, 0x4, 0x1ff, 0x5, 0x6, 0x101, 0xfe, 0x9, 0x1f, 0x0, 0xfffffff9, 0x9, 0x10001, 0x7, 0x5, 0xffff, 0x7, 0xf0c1, 0x1, 0x75, 0x1, 0x4, 0xffffe9b0, 0xfffffc01, 0x7ff, 0x9, 0x7, 0x1, 0x6dc2, 0x800, 0x200, 0xa384bddd, 0x7f, 0x5, 0x0, 0x8000, 0x32ff, 0x6, 0x6, 0xfffeffff, 0x7fff, 0x3, 0x3, 0x6, 0xfffffff8, 0x0, 0x0, 0x7, 0x4, 0x0, 0xfd, 0x7, 0xffffff60, 0x100, 0x5, 0x3, 0x822f, 0x5, 0x1, 0x800, 0x0, 0x46f, 0x1, 0xb4b, 0x4fc, 0x5, 0xffffffff, 0x5627, 0x7fffffff, 0x3ff, 0xd00, 0xe4, 0x101, 0x10000, 0x800, 0x1000, 0x1, 0x10000, 0x2, 0x15, 0x33, 0x8395, 0x9, 0x7b6, 0xffff4f5e, 0xffffffff, 0x80, 0x40000000, 0xfff, 0x1, 0x10001, 0x0, 0x1, 0x1b, 0x5, 0xa518, 0x9, 0x0, 0x10000, 0x1, 0x200, 0x0, 0xbb4a, 0x9, 0x33bf, 0x6, 0x7ff, 0xff, 0x5, 0xb1, 0x80000001, 0x27e, 0x5, 0x81, 0x40, 0x8, 0x4000]}]}}]}, 0x448}}, 0x1010) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)

[ 1897.461221][T13160] memory+swap: usage 307248kB, limit 9007199254740988kB, failcnt 0
[ 1897.503056][T13160] kmem: usage 307004kB, limit 9007199254740988kB, failcnt 0
[ 1897.541730][T13160] Memory cgroup stats for /syz0:
[ 1897.542105][T13160] cache 8192
[ 1897.585423][T13175] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1897.589049][T13160] rss 45056
[ 1897.615450][T13160] rss_huge 0
[ 1897.627609][T13160] shmem 0
[ 1897.658089][T13160] mapped_file 0
[ 1897.661916][T13160] dirty 4096
[ 1897.665183][T13160] writeback 0
[ 1897.671910][T13160] workingset_refault_anon 9478
[ 1897.688152][T13160] workingset_refault_file 2
[ 1897.702183][T13160] swap 163840
[ 1897.712368][T13160] swapcached 28672
[ 1897.724330][T13160] pgpgin 130249
[ 1897.733998][T13160] pgpgout 130236
[ 1897.743452][T13160] pgfault 337837
[ 1897.752937][T13160] pgmajfault 9361
[ 1897.762332][T13160] inactive_anon 0
[ 1897.772952][T13160] active_anon 45056
[ 1897.789804][T13160] inactive_file 0
[ 1897.793588][T13160] active_file 8192
[ 1897.804737][T13160] unevictable 0
00:47:24 executing program 4:
r0 = socket$bt_bnep(0x1f, 0x3, 0x4)
r1 = socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_bnep_BNEPCONNADD(r0, 0x400442c8, &(0x7f00000002c0)={r1, 0x2, 0x8000, "91de3ed78632506a84e75c208fb3245439c48021be00d86f6059a5c3e3badc4680b25e2289eb0cdacd9da281e9a0ce28edeb05f4aa5aa2c54deec6c31ca8b02644a197ef5efe4a1b6c9a38e8ab14de83f048c0f0eea9ee340d7ea80a1a2eac87354d7622a99764efd7d5bca4fa9fbc831527e6159b62bfe96aa738b10112901be9f93d88136c95248f802ab990324d14a099e3866d94f591574f987b771d8c751b3d528d8bc70513e6e614d9e8fe57a10e8281549032720fcc0727a6183a408aead3ca7b841a7204ef51cf"}) (async, rerun: 64)
r2 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 64)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
ioctl$SIOCAX25OPTRT(r3, 0x89e7, &(0x7f0000000400)={@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, 0x2, 0x56}) (async)
sendmsg$nl_route(r3, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=@ipv6_getmulticast={0x14, 0x3a, 0x200, 0x70bd28, 0x25dfdbfb, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x81}, 0x4088010)
socket(0x23, 0x80000, 0x2) (async)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async, rerun: 32)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=@newqdisc={0x448, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x41c, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_RTAB={0x404, 0x2, [0x5, 0xe13, 0x8, 0x9, 0x3, 0x2, 0x1, 0x3, 0x5, 0xfffffff8, 0x0, 0xa4eb, 0x6, 0x800, 0x3, 0x2, 0x4310, 0x1, 0x1, 0x7, 0x2, 0xffff7fff, 0x6, 0x5, 0x399, 0xd7, 0xaafd, 0x200, 0xfffffff7, 0x0, 0xca, 0x2, 0x8001, 0x5, 0x4, 0x800, 0x1, 0xe2b9, 0x9, 0x2, 0x7e5, 0x2, 0x6, 0x0, 0x1ff, 0x6, 0x401, 0x2000, 0x1ff, 0x8, 0x101, 0x9, 0xfff, 0x7, 0x2, 0x40, 0x1000, 0x4, 0x4, 0x3ff, 0x0, 0x4, 0x9, 0xfffffffa, 0x28d, 0x4, 0x82e, 0xa59, 0x3, 0xec5, 0xea1, 0x0, 0x9, 0x7, 0x2ee, 0x3, 0x24, 0x800, 0x8, 0x5, 0x53b, 0x9378, 0x7, 0x7, 0x9, 0x99d5, 0x4, 0x3f, 0x200, 0x4, 0x40, 0xfff, 0x609, 0x0, 0x80000000, 0x1, 0x6, 0x0, 0xca, 0x80000000, 0x7f, 0xdae, 0x0, 0xdc, 0x5, 0x0, 0xffffc609, 0x8, 0x9, 0xcaf8, 0x9, 0x2, 0xff, 0x2d7, 0xfffffffe, 0x8, 0x100, 0x6, 0x4, 0xff, 0xfffffc01, 0x8, 0x7f, 0x8b620bb, 0x4, 0x8, 0x1, 0x6, 0x9, 0xa8b, 0xffffffcb, 0x7fff, 0x3, 0x4, 0x2, 0x80, 0xf1, 0x101, 0x40, 0x1000, 0x4, 0x1ff, 0x5, 0x6, 0x101, 0xfe, 0x9, 0x1f, 0x0, 0xfffffff9, 0x9, 0x10001, 0x7, 0x5, 0xffff, 0x7, 0xf0c1, 0x1, 0x75, 0x1, 0x4, 0xffffe9b0, 0xfffffc01, 0x7ff, 0x9, 0x7, 0x1, 0x6dc2, 0x800, 0x200, 0xa384bddd, 0x7f, 0x5, 0x0, 0x8000, 0x32ff, 0x6, 0x6, 0xfffeffff, 0x7fff, 0x3, 0x3, 0x6, 0xfffffff8, 0x0, 0x0, 0x7, 0x4, 0x0, 0xfd, 0x7, 0xffffff60, 0x100, 0x5, 0x3, 0x822f, 0x5, 0x1, 0x800, 0x0, 0x46f, 0x1, 0xb4b, 0x4fc, 0x5, 0xffffffff, 0x5627, 0x7fffffff, 0x3ff, 0xd00, 0xe4, 0x101, 0x10000, 0x800, 0x1000, 0x1, 0x10000, 0x2, 0x15, 0x33, 0x8395, 0x9, 0x7b6, 0xffff4f5e, 0xffffffff, 0x80, 0x40000000, 0xfff, 0x1, 0x10001, 0x0, 0x1, 0x1b, 0x5, 0xa518, 0x9, 0x0, 0x10000, 0x1, 0x200, 0x0, 0xbb4a, 0x9, 0x33bf, 0x6, 0x7ff, 0xff, 0x5, 0xb1, 0x80000001, 0x27e, 0x5, 0x81, 0x40, 0x8, 0x4000]}]}}]}, 0x448}}, 0x1010) (async, rerun: 32)
socket$nl_route(0x10, 0x3, 0x0)

[ 1897.825611][T13160] hierarchical_memory_limit 314572800
[ 1897.847145][T13160] hierarchical_memsw_limit 9223372036854771712
[ 1897.853367][T13160] total_cache 8192
[ 1897.908446][T13160] total_rss 45056
[ 1897.912148][T13160] total_rss_huge 0
[ 1897.915898][T13160] total_shmem 0
[ 1897.943961][T13160] total_mapped_file 0
[ 1897.951983][T13160] total_dirty 4096
[ 1897.977563][T13160] total_writeback 0
[ 1897.985058][T13160] total_workingset_refault_anon 9478
[ 1898.009235][T13160] total_workingset_refault_file 2
[ 1898.014497][T13160] total_swap 163840
[ 1898.034493][T13160] total_swapcached 28672
[ 1898.047680][T13160] total_pgpgin 130249
[ 1898.060217][T13160] total_pgpgout 130236
[ 1898.069711][T13160] total_pgfault 337837
[ 1898.075643][T13160] total_pgmajfault 9361
[ 1898.087552][T13160] total_inactive_anon 0
[ 1898.107447][T13160] total_active_anon 45056
[ 1898.113466][T13160] total_inactive_file 0
[ 1898.116764][T13180] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1898.124659][T13160] total_active_file 8192
[ 1898.131474][T13160] total_unevictable 0
00:47:24 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88480000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1898.135600][T13160] anon_cost 0
[ 1898.139839][T13160] file_cost 0
[ 1898.146446][T13160] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5100,uid=0
[ 1898.168970][T13160] Memory cgroup out of memory: Killed process 5100 (syz-executor.0) total-vm:50536kB, anon-rss:504kB, file-rss:9088kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:0
00:47:24 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=@newqdisc={0x24, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x2000c890}, 0x0)

00:47:24 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=@newqdisc={0x24, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x2000c890}, 0x0)

[ 1898.560138][T13184] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1898.617228][T13184] CPU: 0 PID: 13184 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1898.627724][T13184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1898.637818][T13184] Call Trace:
[ 1898.641127][T13184]  <TASK>
[ 1898.644077][T13184]  dump_stack_lvl+0x1e7/0x2e0
[ 1898.648817][T13184]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1898.654066][T13184]  ? __pfx__printk+0x10/0x10
[ 1898.658704][T13184]  ? ___ratelimit+0x4c4/0x670
[ 1898.663460][T13184]  ? __pfx____ratelimit+0x10/0x10
[ 1898.668539][T13184]  dump_header+0xda/0x6a0
[ 1898.673093][T13184]  oom_kill_process+0x3a7/0x930
[ 1898.677993][T13184]  out_of_memory+0xf67/0x1320
[ 1898.682738][T13184]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1898.688413][T13184]  ? __pfx___mutex_lock+0x10/0x10
[ 1898.694700][T13184]  ? __pfx_out_of_memory+0x10/0x10
[ 1898.699870][T13184]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1898.705469][T13184]  ? __pfx_lock_release+0x10/0x10
[ 1898.710546][T13184]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1898.716751][T13184]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1898.722004][T13184]  ? mem_cgroup_iter+0x3e9/0x560
[ 1898.726996][T13184]  try_charge_memcg+0xda2/0x18a0
[ 1898.732020][T13184]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1898.737432][T13184]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1898.743207][T13184]  ? __pfx_lock_release+0x10/0x10
[ 1898.748274][T13184]  ? memcg_account_kmem+0x1e7/0x210
[ 1898.753520][T13184]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1898.759361][T13184]  __memcg_kmem_charge_page+0xe1/0x250
[ 1898.764867][T13184]  memcg_charge_kernel_stack+0x304/0x550
[ 1898.770542][T13184]  dup_task_struct+0x40d/0x7d0
[ 1898.775349][T13184]  copy_process+0x5d5/0x3fc0
[ 1898.779991][T13184]  ? __might_fault+0xa9/0x120
[ 1898.784712][T13184]  ? __pfx_lock_release+0x10/0x10
[ 1898.789827][T13184]  ? __pfx_copy_process+0x10/0x10
[ 1898.794891][T13184]  ? __might_fault+0xc5/0x120
[ 1898.799612][T13184]  ? __asan_memset+0x23/0x50
[ 1898.804247][T13184]  kernel_clone+0x21d/0x8d0
[ 1898.808795][T13184]  ? __pfx_kernel_clone+0x10/0x10
[ 1898.813885][T13184]  __se_sys_clone3+0x2cb/0x350
[ 1898.818705][T13184]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1898.824056][T13184]  ? do_syscall_64+0x108/0x240
[ 1898.828867][T13184]  ? do_syscall_64+0xb4/0x240
[ 1898.833600][T13184]  do_syscall_64+0xf9/0x240
[ 1898.838161][T13184]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1898.844103][T13184] RIP: 0033:0x7fa936ca9b99
[ 1898.848547][T13184] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1898.868204][T13184] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1898.876685][T13184] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1898.884714][T13184] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1898.892745][T13184] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
[ 1898.900775][T13184] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1898.908811][T13184] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1898.916912][T13184]  </TASK>
00:47:25 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=@newqdisc={0x24, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x2000c890}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket(0x10, 0x3, 0x0) (async)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=@newqdisc={0x24, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x2000c890}, 0x0) (async)

00:47:25 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1899.039082][T13184] memory: usage 307200kB, limit 307200kB, failcnt 6164
[ 1899.086720][T13184] memory+swap: usage 307348kB, limit 9007199254740988kB, failcnt 0
00:47:25 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c04]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1899.133943][T13184] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 1899.151542][T13184] Memory cgroup stats for /syz1:
[ 1899.151704][T13184] cache 8192
00:47:25 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1)
r2 = socket(0x10, 0x3, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

00:47:25 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1899.250039][T13184] rss 12288
[ 1899.253227][T13184] rss_huge 0
[ 1899.256457][T13184] shmem 0
[ 1899.267266][T13184] mapped_file 0
[ 1899.271714][T13184] dirty 4096
[ 1899.286522][T13184] writeback 0
[ 1899.299948][T13184] workingset_refault_anon 2860
[ 1899.313639][T13184] workingset_refault_file 1
[ 1899.329581][T13184] swap 151552
[ 1899.342595][T13184] swapcached 8192
[ 1899.353893][T13184] pgpgin 128410
[ 1899.378925][T13184] pgpgout 128405
[ 1899.416342][T13184] pgfault 337752
[ 1899.431115][T13184] pgmajfault 2684
[ 1899.435144][T13184] inactive_anon 12288
[ 1899.436046][T13202] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1899.457404][T13184] active_anon 0
[ 1899.473014][T13184] inactive_file 0
[ 1899.479322][T13184] active_file 8192
[ 1899.487149][T13184] unevictable 0
[ 1899.517141][T13184] hierarchical_memory_limit 314572800
[ 1899.527542][T13184] hierarchical_memsw_limit 9223372036854771712
[ 1899.957266][T13184] total_cache 8192
00:47:26 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f00000001c0)) (async)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1)
r2 = socket(0x10, 0x3, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1899.979477][T13184] total_rss 12288
[ 1900.036233][T13184] total_rss_huge 0
[ 1900.041385][T13184] total_shmem 0
[ 1900.047560][T13184] total_mapped_file 0
[ 1900.067452][T13184] total_dirty 4096
[ 1900.077596][T13184] total_writeback 0
[ 1900.090020][T13184] total_workingset_refault_anon 2860
[ 1900.119676][T13184] total_workingset_refault_file 1
[ 1900.137418][T13184] total_swap 151552
[ 1900.155569][T13184] total_swapcached 8192
[ 1900.164626][T13184] total_pgpgin 128410
[ 1900.213530][T13184] total_pgpgout 128405
[ 1900.224719][T13208] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1900.254262][T13184] total_pgfault 337752
[ 1900.278183][T13184] total_pgmajfault 2684
[ 1900.282415][T13184] total_inactive_anon 12288
[ 1900.286950][T13184] total_active_anon 0
[ 1900.324762][T13184] total_inactive_file 0
[ 1900.339716][T13184] total_active_file 8192
[ 1900.369578][T13184] total_unevictable 0
[ 1900.385410][T13184] anon_cost 0
[ 1900.401797][T13184] file_cost 0
[ 1900.418020][T13184] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13184,uid=0
[ 1900.495175][T13184] Memory cgroup out of memory: Killed process 13184 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
00:47:26 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1)
r2 = socket(0x10, 0x3, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
pipe(&(0x7f00000001c0)) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1) (async)
socket(0x10, 0x3, 0x0) (async)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0) (async)

00:47:27 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88a8ffff]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1900.738121][T13210] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
00:47:27 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=@getchain={0x64, 0x66, 0x400, 0x70bd28, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0x4, 0xfff1}, {0x1a, 0xe}, {0x4}}, [{0x8, 0xb, 0x2}, {0x8, 0xb, 0x9}, {0x8, 0xb, 0x3}, {0x8, 0xb, 0x7fff}, {0x8, 0xb, 0xffffffff}, {0x8, 0xb, 0x100}, {0x8, 0xb, 0x10000}, {0x8, 0xb, 0x6}]}, 0x64}, 0x1, 0x0, 0x0, 0xc0c4}, 0x14)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1901.235436][T13200] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1901.556675][T13200] syz-executor.2 invoked oom-killer: gfp_mask=0x400cc0(GFP_KERNEL_ACCOUNT), order=2, oom_score_adj=1000
[ 1901.638258][T13200] CPU: 1 PID: 13200 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1901.648761][T13200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1901.658852][T13200] Call Trace:
[ 1901.662147][T13200]  <TASK>
[ 1901.665083][T13200]  dump_stack_lvl+0x1e7/0x2e0
[ 1901.669791][T13200]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1901.675011][T13200]  ? __pfx__printk+0x10/0x10
[ 1901.679617][T13200]  ? ___ratelimit+0x4c4/0x670
[ 1901.684316][T13200]  ? __pfx____ratelimit+0x10/0x10
[ 1901.689363][T13200]  dump_header+0xda/0x6a0
[ 1901.693713][T13200]  oom_kill_process+0x3a7/0x930
[ 1901.698593][T13200]  out_of_memory+0xf67/0x1320
[ 1901.703300][T13200]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1901.708951][T13200]  ? __pfx___mutex_lock+0x10/0x10
[ 1901.713995][T13200]  ? __pfx_out_of_memory+0x10/0x10
[ 1901.719135][T13200]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1901.724695][T13200]  ? __pfx_lock_release+0x10/0x10
[ 1901.729748][T13200]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1901.735839][T13200]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1901.741052][T13200]  ? mem_cgroup_iter+0x3e9/0x560
[ 1901.746012][T13200]  try_charge_memcg+0xda2/0x18a0
[ 1901.751002][T13200]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1901.756399][T13200]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1901.762133][T13200]  ? __pfx_lock_release+0x10/0x10
[ 1901.767197][T13200]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1901.773202][T13200]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1901.778933][T13200]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1901.784760][T13200]  obj_cgroup_charge+0x389/0x630
[ 1901.789723][T13200]  ? obj_cgroup_charge+0x121/0x630
[ 1901.794851][T13200]  ? __pfx_obj_cgroup_charge+0x10/0x10
[ 1901.800339][T13200]  ? __kmalloc_node_track_caller+0xc1/0x4e0
[ 1901.806251][T13200]  ? __pfx___might_resched+0x10/0x10
[ 1901.811552][T13200]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1901.816771][T13200]  __memcg_slab_pre_alloc_hook+0x28d/0x2b0
[ 1901.822608][T13200]  __kmalloc_node_track_caller+0x310/0x4e0
[ 1901.828439][T13200]  ? __devinet_sysctl_register+0xb0/0x2b0
[ 1901.834193][T13200]  kmemdup+0x2a/0x60
[ 1901.838103][T13200]  __devinet_sysctl_register+0xb0/0x2b0
[ 1901.843657][T13200]  ? __pfx_neigh_sysctl_register+0x10/0x10
[ 1901.849487][T13200]  ? __pfx___devinet_sysctl_register+0x10/0x10
[ 1901.855681][T13200]  ? netlink_unicast+0x7ea/0x980
[ 1901.860668][T13200]  ? netlink_sendmsg+0xa3b/0xd70
[ 1901.865621][T13200]  ? __sock_sendmsg+0x221/0x270
[ 1901.870490][T13200]  ? ____sys_sendmsg+0x525/0x7d0
[ 1901.875444][T13200]  ? do_syscall_64+0xf9/0x240
[ 1901.880139][T13200]  ? entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1901.886232][T13200]  devinet_sysctl_register+0x17e/0x1f0
[ 1901.891713][T13200]  inetdev_init+0x296/0x4d0
[ 1901.896231][T13200]  inetdev_event+0x338/0x15c0
[ 1901.900941][T13200]  ? __pfx_inetdev_event+0x10/0x10
[ 1901.906071][T13200]  ? __pfx_add_netdev_ips+0x10/0x10
[ 1901.911293][T13200]  ? __pfx_is_eth_port_of_netdev_filter+0x10/0x10
[ 1901.917729][T13200]  ? cfg802154_netdev_notifier_call+0xde/0x8f0
[ 1901.923913][T13200]  notifier_call_chain+0x18f/0x3b0
[ 1901.929063][T13200]  register_netdevice+0x151f/0x19c0
[ 1901.934296][T13200]  ? __pfx_register_netdevice+0x10/0x10
[ 1901.939869][T13200]  ? __xdp_rxq_info_reg+0x142/0x290
[ 1901.945109][T13200]  br_dev_newlink+0x27/0x100
[ 1901.949733][T13200]  ? __pfx_br_dev_newlink+0x10/0x10
[ 1901.954960][T13200]  rtnl_newlink+0x158f/0x20a0
[ 1901.959670][T13200]  ? rtnl_newlink+0x4d1/0x20a0
[ 1901.964463][T13200]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1901.969518][T13200]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1901.974739][T13200]  ? __mutex_lock+0x9a4/0xd70
[ 1901.979438][T13200]  ? __mutex_lock+0x526/0xd70
[ 1901.984156][T13200]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1901.989193][T13200]  rtnetlink_rcv_msg+0x885/0x1040
[ 1901.994246][T13200]  ? rtnetlink_rcv_msg+0x208/0x1040
[ 1901.999474][T13200]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1902.005120][T13200]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1902.011140][T13200]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1902.017534][T13200]  ? __local_bh_enable_ip+0x168/0x200
[ 1902.022935][T13200]  ? lockdep_hardirqs_on+0x98/0x140
[ 1902.028155][T13200]  ? __local_bh_enable_ip+0x168/0x200
[ 1902.033563][T13200]  ? __dev_queue_xmit+0x2c4/0x3b10
[ 1902.038722][T13200]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1902.044488][T13200]  ? __dev_queue_xmit+0x2c4/0x3b10
[ 1902.049625][T13200]  ? __dev_queue_xmit+0x15fd/0x3b10
[ 1902.054945][T13200]  ? __dev_queue_xmit+0x2c4/0x3b10
[ 1902.060086][T13200]  ? ref_tracker_free+0x643/0x7e0
[ 1902.065141][T13200]  netlink_rcv_skb+0x1e3/0x430
[ 1902.069920][T13200]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1902.075403][T13200]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1902.080720][T13200]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1902.085932][T13200]  netlink_unicast+0x7ea/0x980
[ 1902.090724][T13200]  ? __pfx_netlink_unicast+0x10/0x10
[ 1902.096025][T13200]  ? __virt_addr_valid+0x44e/0x520
[ 1902.101181][T13200]  ? __phys_addr_symbol+0x2f/0x70
[ 1902.106227][T13200]  ? __check_object_size+0x4bb/0xa00
[ 1902.111523][T13200]  ? bpf_lsm_netlink_send+0x9/0x10
[ 1902.116651][T13200]  netlink_sendmsg+0xa3b/0xd70
[ 1902.121442][T13200]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1902.126737][T13200]  ? __import_iovec+0x552/0x890
[ 1902.131609][T13200]  ? aa_sock_msg_perm+0x91/0x160
[ 1902.136574][T13200]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1902.141880][T13200]  ? security_socket_sendmsg+0x87/0xb0
[ 1902.147367][T13200]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1902.152780][T13200]  __sock_sendmsg+0x221/0x270
[ 1902.157525][T13200]  ____sys_sendmsg+0x525/0x7d0
[ 1902.162335][T13200]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1902.167652][T13200]  __sys_sendmsg+0x2b0/0x3a0
[ 1902.172287][T13200]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1902.177468][T13200]  ? restore_fpregs_from_fpstate+0x100/0x250
[ 1902.183483][T13200]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1902.189852][T13200]  ? do_syscall_64+0x108/0x240
[ 1902.194663][T13200]  ? do_syscall_64+0xb4/0x240
[ 1902.199758][T13200]  do_syscall_64+0xf9/0x240
[ 1902.204320][T13200]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1902.210261][T13200] RIP: 0033:0x7fc73607dda9
[ 1902.214700][T13200] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1902.234321][T13200] RSP: 002b:00007fc736ec70c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1902.242775][T13200] RAX: ffffffffffffffda RBX: 00007fc7361abf80 RCX: 00007fc73607dda9
[ 1902.250777][T13200] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1902.258862][T13200] RBP: 00007fc7360ca47a R08: 0000000000000000 R09: 0000000000000000
[ 1902.266853][T13200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1902.274860][T13200] R13: 000000000000000b R14: 00007fc7361abf80 R15: 00007ffeef0081d8
[ 1902.282884][T13200]  </TASK>
[ 1902.366982][T13200] memory: usage 307200kB, limit 307200kB, failcnt 73834
[ 1902.374207][T13200] memory+swap: usage 307400kB, limit 9007199254740988kB, failcnt 0
[ 1902.406269][T13200] kmem: usage 307176kB, limit 9007199254740988kB, failcnt 0
00:47:28 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1902.557184][T13200] Memory cgroup stats for /syz2:
[ 1902.557377][T13200] cache 0
[ 1902.565619][T13200] rss 20480
[ 1902.569648][T13200] rss_huge 0
[ 1902.573005][T13200] shmem 0
[ 1902.580622][T13200] mapped_file 0
[ 1902.593656][T13200] dirty 0
[ 1902.603766][T13200] writeback 0
[ 1902.614893][T13200] workingset_refault_anon 50248
[ 1902.632194][T13200] workingset_refault_file 1
[ 1902.651398][T13200] swap 204800
[ 1902.662385][T13200] swapcached 20480
[ 1902.676758][T13200] pgpgin 176135
[ 1902.698064][T13200] pgpgout 176129
[ 1902.710840][T13200] pgfault 388995
[ 1902.721464][T13200] pgmajfault 46479
[ 1902.747106][T13200] inactive_anon 20480
[ 1902.752374][T13200] active_anon 0
[ 1902.755888][T13200] inactive_file 0
[ 1902.805068][T13200] active_file 0
[ 1902.810790][T13200] unevictable 0
[ 1902.814310][T13200] hierarchical_memory_limit 314572800
[ 1902.820536][T13200] hierarchical_memsw_limit 9223372036854771712
[ 1902.826739][T13200] total_cache 0
[ 1902.830918][T13200] total_rss 20480
[ 1902.834591][T13200] total_rss_huge 0
[ 1902.839140][T13200] total_shmem 0
[ 1902.842646][T13200] total_mapped_file 0
[ 1902.846660][T13200] total_dirty 0
[ 1902.850991][T13200] total_writeback 0
[ 1902.855797][T13200] total_workingset_refault_anon 50248
[ 1902.861790][T13200] total_workingset_refault_file 1
[ 1902.866865][T13200] total_swap 204800
[ 1902.871525][T13200] total_swapcached 20480
[ 1902.875949][T13200] total_pgpgin 176135
[ 1902.880580][T13200] total_pgpgout 176129
[ 1902.884689][T13200] total_pgfault 388995
[ 1902.891181][T13200] total_pgmajfault 46479
[ 1902.895487][T13200] total_inactive_anon 20480
[ 1902.901905][T13200] total_active_anon 0
[ 1902.905936][T13200] total_inactive_file 0
[ 1902.916858][T13200] total_active_file 0
[ 1902.921514][T13200] total_unevictable 0
[ 1902.925538][T13200] anon_cost 0
[ 1902.929656][T13200] file_cost 0
[ 1902.932979][T13200] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13199,uid=0
[ 1902.949278][T13200] Memory cgroup out of memory: Killed process 13200 (syz-executor.2) total-vm:54640kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 1902.977028][T13215] syz-executor.1 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[ 1903.021868][T13215] CPU: 1 PID: 13215 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1903.032371][T13215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1903.042476][T13215] Call Trace:
[ 1903.045795][T13215]  <TASK>
[ 1903.048763][T13215]  dump_stack_lvl+0x1e7/0x2e0
[ 1903.053501][T13215]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1903.058763][T13215]  ? __pfx__printk+0x10/0x10
[ 1903.063425][T13215]  ? ___ratelimit+0x4c4/0x670
[ 1903.068181][T13215]  ? __pfx____ratelimit+0x10/0x10
[ 1903.073276][T13215]  dump_header+0xda/0x6a0
[ 1903.077667][T13215]  oom_kill_process+0x3a7/0x930
[ 1903.082569][T13215]  out_of_memory+0xf67/0x1320
[ 1903.087282][T13215]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1903.092954][T13215]  ? __pfx___mutex_lock+0x10/0x10
[ 1903.097992][T13215]  ? __pfx_out_of_memory+0x10/0x10
[ 1903.103126][T13215]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1903.108682][T13215]  ? __pfx_lock_release+0x10/0x10
[ 1903.113720][T13215]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1903.119806][T13215]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1903.125016][T13215]  ? mem_cgroup_iter+0x3e9/0x560
[ 1903.129969][T13215]  try_charge_memcg+0xda2/0x18a0
[ 1903.134944][T13215]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1903.140335][T13215]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1903.146063][T13215]  ? __pfx_lock_release+0x10/0x10
[ 1903.151129][T13215]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1903.157160][T13215]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1903.162933][T13215]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1903.168764][T13215]  obj_cgroup_charge+0x389/0x630
[ 1903.173724][T13215]  ? obj_cgroup_charge+0x121/0x630
[ 1903.178855][T13215]  ? __pfx_obj_cgroup_charge+0x10/0x10
[ 1903.184333][T13215]  ? kmalloc_trace+0x4e/0x360
[ 1903.189020][T13215]  ? __pfx___might_resched+0x10/0x10
[ 1903.194325][T13215]  __memcg_slab_pre_alloc_hook+0x28d/0x2b0
[ 1903.200156][T13215]  ? copy_semundo+0xb5/0x240
[ 1903.204767][T13215]  kmalloc_trace+0x216/0x360
[ 1903.209370][T13215]  ? __asan_memcpy+0x40/0x70
[ 1903.213973][T13215]  copy_semundo+0xb5/0x240
[ 1903.218414][T13215]  copy_process+0x1bc3/0x3fc0
[ 1903.223113][T13215]  ? copy_process+0x9c3/0x3fc0
[ 1903.227898][T13215]  ? __pfx_copy_process+0x10/0x10
[ 1903.232933][T13215]  ? __might_fault+0xc5/0x120
[ 1903.237627][T13215]  ? __asan_memset+0x23/0x50
[ 1903.242236][T13215]  kernel_clone+0x21d/0x8d0
[ 1903.246784][T13215]  ? __pfx_kernel_clone+0x10/0x10
[ 1903.251865][T13215]  __se_sys_clone3+0x2cb/0x350
[ 1903.256676][T13215]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1903.262019][T13215]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1903.268053][T13215]  ? exc_page_fault+0x587/0x870
[ 1903.272927][T13215]  ? do_syscall_64+0xb4/0x240
[ 1903.277648][T13215]  do_syscall_64+0xf9/0x240
[ 1903.282192][T13215]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1903.288108][T13215] RIP: 0033:0x7fa936ca9b99
[ 1903.292536][T13215] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1903.312155][T13215] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1903.320590][T13215] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1903.328583][T13215] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1903.336565][T13215] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
[ 1903.344550][T13215] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1903.352538][T13215] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1903.360532][T13215]  </TASK>
00:47:29 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4788]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1903.380909][T13215] memory: usage 307200kB, limit 307200kB, failcnt 6672
[ 1903.433033][T13215] memory+swap: usage 307356kB, limit 9007199254740988kB, failcnt 0
[ 1903.455367][T13217] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1903.455701][T13215] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[ 1903.490073][T13215] Memory cgroup stats for /syz1:
[ 1903.490214][T13215] cache 8192
[ 1903.504016][T13215] rss 0
[ 1903.521121][T13215] rss_huge 0
[ 1903.527696][T13215] shmem 0
[ 1903.536809][T13215] mapped_file 0
[ 1903.550430][T13215] dirty 8192
[ 1903.557571][T13215] writeback 0
[ 1903.564764][T13215] workingset_refault_anon 3005
[ 1903.592073][T13215] workingset_refault_file 1
[ 1903.602747][T13215] swap 159744
[ 1903.610861][T13218] sch_tbf: burst 5 is lower than device bridge3812 mtu (1514) !
[ 1903.628278][T13215] swapcached 0
00:47:29 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=@getchain={0x64, 0x66, 0x400, 0x70bd28, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0x4, 0xfff1}, {0x1a, 0xe}, {0x4}}, [{0x8, 0xb, 0x2}, {0x8, 0xb, 0x9}, {0x8, 0xb, 0x3}, {0x8, 0xb, 0x7fff}, {0x8, 0xb, 0xffffffff}, {0x8, 0xb, 0x100}, {0x8, 0xb, 0x10000}, {0x8, 0xb, 0x6}]}, 0x64}, 0x1, 0x0, 0x0, 0xc0c4}, 0x14)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1903.709018][T13215] pgpgin 128579
[ 1903.729794][T13215] pgpgout 128577
[ 1903.733409][T13215] pgfault 337998
[ 1903.736980][T13215] pgmajfault 2825
[ 1903.790478][T13228] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1903.794296][T13215] inactive_anon 0
[ 1903.817342][T13215] active_anon 0
[ 1903.820872][T13215] inactive_file 8192
[ 1903.824795][T13215] active_file 0
[ 1903.850888][T13215] unevictable 0
[ 1903.854405][T13215] hierarchical_memory_limit 314572800
[ 1903.877304][T13215] hierarchical_memsw_limit 9223372036854771712
[ 1903.883521][T13215] total_cache 8192
[ 1903.897305][T13215] total_rss 0
[ 1903.900666][T13215] total_rss_huge 0
[ 1903.904413][T13215] total_shmem 0
[ 1903.927257][T13215] total_mapped_file 0
[ 1903.931307][T13215] total_dirty 8192
[ 1903.935048][T13215] total_writeback 0
[ 1903.971624][T13215] total_workingset_refault_anon 3005
[ 1904.017317][T13215] total_workingset_refault_file 1
[ 1904.022411][T13215] total_swap 159744
[ 1904.026257][T13215] total_swapcached 0
[ 1904.067077][T13215] total_pgpgin 128579
[ 1904.071136][T13215] total_pgpgout 128577
[ 1904.075239][T13215] total_pgfault 337998
[ 1904.107614][T13227] sch_tbf: burst 5 is lower than device bridge3813 mtu (1514) !
[ 1904.108955][T13215] total_pgmajfault 2825
[ 1904.147249][T13215] total_inactive_anon 0
00:47:30 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=@getchain={0x64, 0x66, 0x400, 0x70bd28, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0x4, 0xfff1}, {0x1a, 0xe}, {0x4}}, [{0x8, 0xb, 0x2}, {0x8, 0xb, 0x9}, {0x8, 0xb, 0x3}, {0x8, 0xb, 0x7fff}, {0x8, 0xb, 0xffffffff}, {0x8, 0xb, 0x100}, {0x8, 0xb, 0x10000}, {0x8, 0xb, 0x6}]}, 0x64}, 0x1, 0x0, 0x0, 0xc0c4}, 0x14)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1904.160175][T13215] total_active_anon 0
[ 1904.164224][T13215] total_inactive_file 8192
[ 1904.200759][T13215] total_active_file 0
[ 1904.204810][T13215] total_unevictable 0
[ 1904.234255][T13215] anon_cost 0
[ 1904.247787][T13215] file_cost 0
[ 1904.251141][T13215] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13215,uid=0
[ 1904.332803][T13215] Memory cgroup out of memory: Killed process 13215 (syz-executor.1) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
[ 1904.370531][T13232] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
00:47:30 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8b0e0000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1904.560178][T13233] sch_tbf: burst 5 is lower than device bridge3814 mtu (1514) !
[ 1904.620684][T13223] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000
[ 1904.651226][T13223] CPU: 0 PID: 13223 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1904.661727][T13223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1904.671828][T13223] Call Trace:
[ 1904.675149][T13223]  <TASK>
[ 1904.678122][T13223]  dump_stack_lvl+0x1e7/0x2e0
[ 1904.682870][T13223]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1904.688120][T13223]  ? __pfx__printk+0x10/0x10
[ 1904.692757][T13223]  ? ___ratelimit+0x4c4/0x670
[ 1904.697510][T13223]  ? __pfx____ratelimit+0x10/0x10
[ 1904.702586][T13223]  dump_header+0xda/0x6a0
[ 1904.706968][T13223]  oom_kill_process+0x3a7/0x930
[ 1904.711877][T13223]  out_of_memory+0xf67/0x1320
[ 1904.716607][T13223]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1904.722283][T13223]  ? __pfx___mutex_lock+0x10/0x10
[ 1904.727353][T13223]  ? __pfx_out_of_memory+0x10/0x10
[ 1904.732521][T13223]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1904.738109][T13223]  ? __pfx_lock_release+0x10/0x10
[ 1904.743191][T13223]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1904.749307][T13223]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1904.754559][T13223]  ? mem_cgroup_iter+0x3e9/0x560
[ 1904.759542][T13223]  try_charge_memcg+0xda2/0x18a0
[ 1904.764544][T13223]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1904.769951][T13223]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1904.775706][T13223]  ? __pfx_lock_release+0x10/0x10
[ 1904.780787][T13223]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1904.786823][T13223]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1904.792586][T13223]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1904.798435][T13223]  obj_cgroup_charge+0x389/0x630
[ 1904.803428][T13223]  ? obj_cgroup_charge+0x121/0x630
[ 1904.808588][T13223]  ? __pfx_obj_cgroup_charge+0x10/0x10
[ 1904.814105][T13223]  ? __pfx___might_resched+0x10/0x10
[ 1904.819464][T13223]  __memcg_slab_pre_alloc_hook+0x28d/0x2b0
[ 1904.825342][T13223]  kmem_cache_alloc_node+0x284/0x380
[ 1904.830682][T13223]  ? dup_task_struct+0x57/0x7d0
[ 1904.835596][T13223]  dup_task_struct+0x57/0x7d0
[ 1904.840320][T13223]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1904.845634][T13223]  ? lockdep_hardirqs_on+0x98/0x140
[ 1904.850888][T13223]  copy_process+0x5d5/0x3fc0
[ 1904.855554][T13223]  ? __might_fault+0xa9/0x120
[ 1904.860277][T13223]  ? __pfx_lock_release+0x10/0x10
[ 1904.865364][T13223]  ? __pfx_copy_process+0x10/0x10
[ 1904.870438][T13223]  ? __might_fault+0xc5/0x120
[ 1904.875163][T13223]  ? __asan_memset+0x23/0x50
[ 1904.879804][T13223]  kernel_clone+0x21d/0x8d0
[ 1904.884369][T13223]  ? __pfx_kernel_clone+0x10/0x10
[ 1904.889467][T13223]  __se_sys_clone3+0x2cb/0x350
[ 1904.894283][T13223]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1904.899631][T13223]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1904.905673][T13223]  ? exc_page_fault+0x587/0x870
[ 1904.910598][T13223]  ? do_syscall_64+0xb4/0x240
[ 1904.915341][T13223]  do_syscall_64+0xf9/0x240
[ 1904.919900][T13223]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1904.925845][T13223] RIP: 0033:0x7fc7360a9b99
[ 1904.930310][T13223] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1904.949979][T13223] RSP: 002b:00007ffeef0080a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1904.958439][T13223] RAX: ffffffffffffffda RBX: 00007fc736052270 RCX: 00007fc7360a9b99
[ 1904.966451][T13223] RDX: 00007fc736052270 RSI: 0000000000000058 RDI: 00007ffeef0080f0
[ 1904.974465][T13223] RBP: 00007fc736ec76c0 R08: 00007fc736ec76c0 R09: 00007ffeef0081d7
[ 1904.982481][T13223] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1904.990501][T13223] R13: 000000000000000b R14: 00007ffeef0080f0 R15: 00007ffeef0081d8
[ 1904.998552][T13223]  </TASK>
[ 1905.082995][T13223] memory: usage 307196kB, limit 307200kB, failcnt 74327
[ 1905.090299][T13223] memory+swap: usage 307356kB, limit 9007199254740988kB, failcnt 0
[ 1905.098513][T13223] kmem: usage 307168kB, limit 9007199254740988kB, failcnt 0
[ 1905.111808][T13223] Memory cgroup stats for /syz2:
[ 1905.111943][T13223] cache 0
[ 1905.158718][T13237] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1905.190456][T13237] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1905.199951][T13237] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1905.212637][T13237] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1905.221166][T13237] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1905.229227][T13223] rss 12288
[ 1905.230033][T13237] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1905.264277][T13223] rss_huge 0
00:47:31 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=@newlink={0xb8, 0x10, 0x200, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x30, 0xa80a}, [@IFLA_MAP={0x24, 0xe, {0x3, 0xddb2, 0x20, 0x1f, 0x4, 0x4}}, @IFLA_VF_PORTS={0x28, 0x18, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@IFLA_PORT_PROFILE={0x8, 0x2, 'tbf\x00'}]}, {0x18, 0x1, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "bfd3eed83376bf2455d2a65d461eec2c"}]}]}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x10001}, @IFLA_EXT_MASK={0x8, 0x1d, 0x8}, @IFLA_PHYS_PORT_ID={0x1a, 0x22, "6052aab32214507ea792e812f966006a149f2a7528ac"}, @IFLA_IFALIAS={0x14, 0x14, 'macvlan0\x00'}, @IFLA_ADDRESS={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3a}}]}, 0xb8}, 0x1, 0x0, 0x0, 0x4010}, 0x20000000)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$team(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$TEAM_CMD_PORT_LIST_GET(r4, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f00000006c0)={0x14, r5, 0x1}, 0x14}}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000380)={&(0x7f0000000580)={0x32c, r5, 0x4, 0x70bd25, 0x25dfdbff, {}, [{{0x8, 0x1, r2}, {0x1ac, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r2}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xd8000000}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x3ff}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r2}}}]}}, {{0x8, 0x1, r2}, {0x15c, 0x2, 0x0, 0x1, [{0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0xfffe, 0x7d, 0x8, 0x81}, {0xfff, 0x20, 0x20, 0xff}, {0x8ed, 0x1, 0x83, 0x8}, {0xea45, 0x4}]}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1f}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}]}}]}, 0x32c}, 0x1, 0x0, 0x0, 0x40080c5}, 0x1)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x68, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_BURST={0x8, 0x6, 0x1}, @TCA_TBF_PARMS={0x28}]}}]}, 0x68}}, 0x0)

[ 1905.297389][T13223] shmem 0
[ 1905.334184][T13223] mapped_file 0
[ 1905.350313][T13223] dirty 0
[ 1905.353406][T13223] writeback 0
[ 1905.356814][T13223] workingset_refault_anon 50443
[ 1905.363434][T13223] workingset_refault_file 1
[ 1905.374055][T13223] swap 163840
[ 1905.379672][T13223] swapcached 8192
[ 1905.383447][T13223] pgpgin 176342
[ 1905.392859][T13223] pgpgout 176339
[ 1905.419661][T13223] pgfault 389311
[ 1905.436695][T13223] pgmajfault 46668
[ 1905.458920][T13223] inactive_anon 0
[ 1905.471501][T13239] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1905.472561][T13223] active_anon 12288
[ 1905.504451][T13223] inactive_file 0
[ 1905.522709][T13223] active_file 0
[ 1905.534870][T13223] unevictable 0
[ 1905.545413][T13223] hierarchical_memory_limit 314572800
[ 1905.560599][T13223] hierarchical_memsw_limit 9223372036854771712
[ 1905.571441][T13223] total_cache 0
[ 1905.575128][T13223] total_rss 12288
[ 1905.583580][T13223] total_rss_huge 0
[ 1905.588883][T13223] total_shmem 0
[ 1905.592534][T13223] total_mapped_file 0
[ 1905.596697][T13223] total_dirty 0
[ 1905.605364][T13223] total_writeback 0
[ 1905.613001][T13223] total_workingset_refault_anon 50443
[ 1905.632806][T13223] total_workingset_refault_file 1
00:47:31 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1905.683326][T13240] sch_tbf: burst 1 is lower than device bridge3815 mtu (1514) !
[ 1905.706593][T13223] total_swap 163840
00:47:32 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
sendmsg$nl_route(r1, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=@newlink={0xb8, 0x10, 0x200, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x30, 0xa80a}, [@IFLA_MAP={0x24, 0xe, {0x3, 0xddb2, 0x20, 0x1f, 0x4, 0x4}}, @IFLA_VF_PORTS={0x28, 0x18, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@IFLA_PORT_PROFILE={0x8, 0x2, 'tbf\x00'}]}, {0x18, 0x1, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "bfd3eed83376bf2455d2a65d461eec2c"}]}]}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x10001}, @IFLA_EXT_MASK={0x8, 0x1d, 0x8}, @IFLA_PHYS_PORT_ID={0x1a, 0x22, "6052aab32214507ea792e812f966006a149f2a7528ac"}, @IFLA_IFALIAS={0x14, 0x14, 'macvlan0\x00'}, @IFLA_ADDRESS={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3a}}]}, 0xb8}, 0x1, 0x0, 0x0, 0x4010}, 0x20000000) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$team(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$TEAM_CMD_PORT_LIST_GET(r4, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f00000006c0)={0x14, r5, 0x1}, 0x14}}, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000380)={&(0x7f0000000580)={0x32c, r5, 0x4, 0x70bd25, 0x25dfdbff, {}, [{{0x8, 0x1, r2}, {0x1ac, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r2}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xd8000000}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x3ff}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r2}}}]}}, {{0x8, 0x1, r2}, {0x15c, 0x2, 0x0, 0x1, [{0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0xfffe, 0x7d, 0x8, 0x81}, {0xfff, 0x20, 0x20, 0xff}, {0x8ed, 0x1, 0x83, 0x8}, {0xea45, 0x4}]}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1f}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}]}}]}, 0x32c}, 0x1, 0x0, 0x0, 0x40080c5}, 0x1) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x68, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_BURST={0x8, 0x6, 0x1}, @TCA_TBF_PARMS={0x28}]}}]}, 0x68}}, 0x0)

[ 1905.761275][T13223] total_swapcached 8192
[ 1905.765514][T13223] total_pgpgin 176342
[ 1905.791927][T13223] total_pgpgout 176339
[ 1905.813591][T13223] total_pgfault 389311
[ 1905.847170][T13223] total_pgmajfault 46668
[ 1905.862028][T13223] total_inactive_anon 0
[ 1905.868139][T13223] total_active_anon 12288
[ 1905.872554][T13223] total_inactive_file 0
[ 1905.876732][T13223] total_active_file 0
[ 1905.909092][T13223] total_unevictable 0
[ 1905.929981][T13223] anon_cost 0
[ 1905.961341][T13223] file_cost 0
[ 1905.964807][T13223] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13223,uid=0
[ 1906.002564][T13223] Memory cgroup out of memory: Killed process 13223 (syz-executor.2) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 1906.042103][T13234] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
00:47:32 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4888]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1906.066299][T13246] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1906.087294][T13234] CPU: 1 PID: 13234 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1906.097776][T13234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1906.107847][T13234] Call Trace:
[ 1906.111137][T13234]  <TASK>
[ 1906.114076][T13234]  dump_stack_lvl+0x1e7/0x2e0
[ 1906.118783][T13234]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1906.124000][T13234]  ? __pfx__printk+0x10/0x10
[ 1906.128605][T13234]  ? ___ratelimit+0x4c4/0x670
[ 1906.133323][T13234]  ? __pfx____ratelimit+0x10/0x10
[ 1906.138373][T13234]  dump_header+0xda/0x6a0
[ 1906.142727][T13234]  oom_kill_process+0x3a7/0x930
[ 1906.147596][T13234]  out_of_memory+0xf67/0x1320
[ 1906.152295][T13234]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1906.157945][T13234]  ? __pfx___mutex_lock+0x10/0x10
[ 1906.163033][T13234]  ? __pfx_out_of_memory+0x10/0x10
[ 1906.168191][T13234]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1906.173760][T13234]  ? __pfx_lock_release+0x10/0x10
[ 1906.178812][T13234]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1906.184915][T13234]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1906.190146][T13234]  ? mem_cgroup_iter+0x3e9/0x560
[ 1906.195105][T13234]  try_charge_memcg+0xda2/0x18a0
[ 1906.200084][T13234]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1906.205468][T13234]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1906.211198][T13234]  ? __pfx_lock_release+0x10/0x10
[ 1906.216242][T13234]  ? memcg_account_kmem+0x1e7/0x210
[ 1906.221464][T13234]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1906.227287][T13234]  __memcg_kmem_charge_page+0xe1/0x250
[ 1906.232769][T13234]  memcg_charge_kernel_stack+0x196/0x550
[ 1906.238439][T13234]  dup_task_struct+0x15d/0x7d0
[ 1906.243232][T13234]  copy_process+0x5d5/0x3fc0
[ 1906.247857][T13234]  ? __might_fault+0xa9/0x120
[ 1906.252557][T13234]  ? __pfx_lock_release+0x10/0x10
[ 1906.257611][T13234]  ? __pfx_copy_process+0x10/0x10
[ 1906.262648][T13234]  ? __might_fault+0xc5/0x120
[ 1906.267343][T13234]  ? __asan_memset+0x23/0x50
[ 1906.271957][T13234]  kernel_clone+0x21d/0x8d0
[ 1906.276482][T13234]  ? __pfx_kernel_clone+0x10/0x10
[ 1906.281535][T13234]  __se_sys_clone3+0x2cb/0x350
[ 1906.286315][T13234]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1906.291625][T13234]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1906.297632][T13234]  ? exc_page_fault+0x587/0x870
[ 1906.302500][T13234]  ? do_syscall_64+0xb4/0x240
[ 1906.307191][T13234]  do_syscall_64+0xf9/0x240
[ 1906.311732][T13234]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1906.317674][T13234] RIP: 0033:0x7fa936ca9b99
[ 1906.322096][T13234] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1906.341739][T13234] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1906.350188][T13234] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1906.358168][T13234] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1906.366157][T13234] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
[ 1906.374135][T13234] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1906.382113][T13234] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1906.390109][T13234]  </TASK>
[ 1906.442319][T13244] sch_tbf: burst 1 is lower than device bridge3816 mtu (1514) !
00:47:32 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=@newlink={0xb8, 0x10, 0x200, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x30, 0xa80a}, [@IFLA_MAP={0x24, 0xe, {0x3, 0xddb2, 0x20, 0x1f, 0x4, 0x4}}, @IFLA_VF_PORTS={0x28, 0x18, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@IFLA_PORT_PROFILE={0x8, 0x2, 'tbf\x00'}]}, {0x18, 0x1, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "bfd3eed83376bf2455d2a65d461eec2c"}]}]}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x10001}, @IFLA_EXT_MASK={0x8, 0x1d, 0x8}, @IFLA_PHYS_PORT_ID={0x1a, 0x22, "6052aab32214507ea792e812f966006a149f2a7528ac"}, @IFLA_IFALIAS={0x14, 0x14, 'macvlan0\x00'}, @IFLA_ADDRESS={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3a}}]}, 0xb8}, 0x1, 0x0, 0x0, 0x4010}, 0x20000000)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$team(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$TEAM_CMD_PORT_LIST_GET(r4, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f00000006c0)={0x14, r5, 0x1}, 0x14}}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000380)={&(0x7f0000000580)={0x32c, r5, 0x4, 0x70bd25, 0x25dfdbff, {}, [{{0x8, 0x1, r2}, {0x1ac, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r2}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xd8000000}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x3ff}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r2}}}]}}, {{0x8, 0x1, r2}, {0x15c, 0x2, 0x0, 0x1, [{0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0xfffe, 0x7d, 0x8, 0x81}, {0xfff, 0x20, 0x20, 0xff}, {0x8ed, 0x1, 0x83, 0x8}, {0xea45, 0x4}]}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1f}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}]}}]}, 0x32c}, 0x1, 0x0, 0x0, 0x40080c5}, 0x1)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x68, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_BURST={0x8, 0x6, 0x1}, @TCA_TBF_PARMS={0x28}]}}]}, 0x68}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket(0x10, 0x3, 0x0) (async)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
sendmsg$nl_route(r1, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=@newlink={0xb8, 0x10, 0x200, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x30, 0xa80a}, [@IFLA_MAP={0x24, 0xe, {0x3, 0xddb2, 0x20, 0x1f, 0x4, 0x4}}, @IFLA_VF_PORTS={0x28, 0x18, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@IFLA_PORT_PROFILE={0x8, 0x2, 'tbf\x00'}]}, {0x18, 0x1, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "bfd3eed83376bf2455d2a65d461eec2c"}]}]}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x10001}, @IFLA_EXT_MASK={0x8, 0x1d, 0x8}, @IFLA_PHYS_PORT_ID={0x1a, 0x22, "6052aab32214507ea792e812f966006a149f2a7528ac"}, @IFLA_IFALIAS={0x14, 0x14, 'macvlan0\x00'}, @IFLA_ADDRESS={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3a}}]}, 0xb8}, 0x1, 0x0, 0x0, 0x4010}, 0x20000000) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$team(&(0x7f0000000240), 0xffffffffffffffff) (async)
sendmsg$TEAM_CMD_PORT_LIST_GET(r4, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f00000006c0)={0x14, r5, 0x1}, 0x14}}, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000380)={&(0x7f0000000580)={0x32c, r5, 0x4, 0x70bd25, 0x25dfdbff, {}, [{{0x8, 0x1, r2}, {0x1ac, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r2}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xd8000000}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x3ff}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r2}}}]}}, {{0x8, 0x1, r2}, {0x15c, 0x2, 0x0, 0x1, [{0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0xfffe, 0x7d, 0x8, 0x81}, {0xfff, 0x20, 0x20, 0xff}, {0x8ed, 0x1, 0x83, 0x8}, {0xea45, 0x4}]}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1f}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}]}}]}, 0x32c}, 0x1, 0x0, 0x0, 0x40080c5}, 0x1) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x68, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_BURST={0x8, 0x6, 0x1}, @TCA_TBF_PARMS={0x28}]}}]}, 0x68}}, 0x0) (async)

[ 1906.634005][T13234] memory: usage 307180kB, limit 307200kB, failcnt 7127
[ 1906.685056][T13234] memory+swap: usage 307336kB, limit 9007199254740988kB, failcnt 0
[ 1906.717808][T13234] kmem: usage 307168kB, limit 9007199254740988kB, failcnt 0
[ 1906.726501][T13234] Memory cgroup stats for /syz1:
[ 1906.726651][T13234] cache 12288
[ 1906.735284][T13234] rss 0
[ 1906.738225][T13234] rss_huge 0
[ 1906.741448][T13234] shmem 0
[ 1906.745389][T13234] mapped_file 0
[ 1906.749126][T13234] dirty 12288
[ 1906.752525][T13234] writeback 0
[ 1906.755944][T13234] workingset_refault_anon 3145
[ 1906.761747][T13234] workingset_refault_file 1
[ 1906.766406][T13234] swap 159744
[ 1906.769963][T13234] swapcached 0
[ 1906.773471][T13234] pgpgin 128732
[ 1906.780833][T13234] pgpgout 128729
[ 1906.784534][T13234] pgfault 338230
[ 1906.788257][T13234] pgmajfault 2962
[ 1906.791938][T13234] inactive_anon 0
[ 1906.795603][T13234] active_anon 0
[ 1906.819938][T13234] inactive_file 8192
[ 1906.827486][T13234] active_file 4096
[ 1906.843255][T13251] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1906.866922][T13234] unevictable 0
[ 1906.874026][T13234] hierarchical_memory_limit 314572800
[ 1906.883114][T13234] hierarchical_memsw_limit 9223372036854771712
[ 1906.902624][T13234] total_cache 12288
[ 1906.906495][T13234] total_rss 0
[ 1906.924624][T13234] total_rss_huge 0
[ 1906.932355][T13234] total_shmem 0
[ 1906.940289][T13234] total_mapped_file 0
[ 1906.952313][T13234] total_dirty 12288
[ 1906.960796][T13234] total_writeback 0
[ 1906.971256][T13234] total_workingset_refault_anon 3145
[ 1906.992689][T13234] total_workingset_refault_file 1
[ 1907.007212][T13234] total_swap 159744
[ 1907.018027][T13234] total_swapcached 0
[ 1907.033899][T13252] sch_tbf: burst 1 is lower than device bridge3817 mtu (1514) !
[ 1907.034751][T13234] total_pgpgin 128732
00:47:33 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cpuacct.stat\x00', 0x0, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xfe84)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendto$unix(r1, &(0x7f0000000180)="5df0e0e4950a669757a8cdaf93238fae8c616b1d50cd87dca90477f5ec6640b2e06e4f69edf627dbd8a623d6485087683ceaf440dc", 0x35, 0x8010, &(0x7f0000000240)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
r4 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000580)={{{@in=@multicast1, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@local}, 0x0, @in6=@ipv4={""/10, ""/2, @private}}}, &(0x7f0000000300)=0xe8)
sendmsg$nl_route(r4, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)=@ipmr_newroute={0x48, 0x18, 0x1, 0x70bd29, 0x25dfdbfb, {0x80, 0x10, 0x14, 0x3, 0xff, 0x0, 0xc8, 0x0, 0x1600}, [@RTA_PRIORITY={0x8, 0x6, 0x9}, @RTA_UID={0x8, 0x19, r5}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @ILA_ATTR_HOOK_TYPE={0x5}}, @RTA_SPORT={0x6, 0x1c, 0x4e23}, @RTA_DPORT={0x6, 0x1d, 0x4e20}]}, 0x48}, 0x1, 0x0, 0x0, 0x40004}, 0x4000)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1907.067277][T13234] total_pgpgout 128729
[ 1907.073826][T13234] total_pgfault 338230
[ 1907.084018][T13234] total_pgmajfault 2962
[ 1907.107290][T13234] total_inactive_anon 0
[ 1907.111603][T13234] total_active_anon 0
[ 1907.151823][T13234] total_inactive_file 8192
[ 1907.169143][T13234] total_active_file 4096
[ 1907.192929][T13234] total_unevictable 0
[ 1907.196993][T13234] anon_cost 0
[ 1907.260975][T13234] file_cost 0
[ 1907.264327][T13234] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13234,uid=0
[ 1907.293799][T13234] Memory cgroup out of memory: Killed process 13234 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
[ 1907.327678][T13237] Bluetooth: hci0: command 0x0409 tx timeout
[ 1907.362456][T13249] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1907.466421][T13249] CPU: 1 PID: 13249 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1907.476914][T13249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1907.487018][T13249] Call Trace:
[ 1907.490338][T13249]  <TASK>
[ 1907.493307][T13249]  dump_stack_lvl+0x1e7/0x2e0
[ 1907.498142][T13249]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1907.503406][T13249]  ? __pfx__printk+0x10/0x10
[ 1907.508046][T13249]  ? ___ratelimit+0x4c4/0x670
[ 1907.512776][T13249]  ? __pfx____ratelimit+0x10/0x10
[ 1907.517850][T13249]  dump_header+0xda/0x6a0
[ 1907.522227][T13249]  oom_kill_process+0x3a7/0x930
[ 1907.527307][T13249]  out_of_memory+0xf67/0x1320
[ 1907.532042][T13249]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1907.537723][T13249]  ? __pfx___mutex_lock+0x10/0x10
[ 1907.542801][T13249]  ? __pfx_out_of_memory+0x10/0x10
[ 1907.547984][T13249]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1907.553586][T13249]  ? __pfx_lock_release+0x10/0x10
[ 1907.558667][T13249]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1907.564784][T13249]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1907.570027][T13249]  ? mem_cgroup_iter+0x3e9/0x560
[ 1907.575007][T13249]  try_charge_memcg+0xda2/0x18a0
[ 1907.580018][T13249]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1907.585444][T13249]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1907.591211][T13249]  ? __pfx_lock_release+0x10/0x10
[ 1907.596294][T13249]  ? memcg_account_kmem+0x1e7/0x210
[ 1907.601589][T13249]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1907.607453][T13249]  __memcg_kmem_charge_page+0xe1/0x250
[ 1907.612965][T13249]  memcg_charge_kernel_stack+0x196/0x550
[ 1907.618649][T13249]  dup_task_struct+0x40d/0x7d0
[ 1907.623465][T13249]  copy_process+0x5d5/0x3fc0
[ 1907.628119][T13249]  ? __might_fault+0xa9/0x120
[ 1907.632843][T13249]  ? __pfx_lock_release+0x10/0x10
[ 1907.637928][T13249]  ? __pfx_copy_process+0x10/0x10
[ 1907.643005][T13249]  ? __might_fault+0xc5/0x120
[ 1907.647732][T13249]  ? __asan_memset+0x23/0x50
[ 1907.652380][T13249]  kernel_clone+0x21d/0x8d0
[ 1907.656942][T13249]  ? __pfx_kernel_clone+0x10/0x10
[ 1907.662039][T13249]  __se_sys_clone3+0x2cb/0x350
[ 1907.666865][T13249]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1907.672221][T13249]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1907.678273][T13249]  ? exc_page_fault+0x587/0x870
[ 1907.683187][T13249]  ? do_syscall_64+0xb4/0x240
[ 1907.687925][T13249]  do_syscall_64+0xf9/0x240
[ 1907.692492][T13249]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1907.698446][T13249] RIP: 0033:0x7fc7360a9b99
[ 1907.702905][T13249] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1907.723338][T13249] RSP: 002b:00007ffeef0080a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1907.731861][T13249] RAX: ffffffffffffffda RBX: 00007fc736052270 RCX: 00007fc7360a9b99
[ 1907.739907][T13249] RDX: 00007fc736052270 RSI: 0000000000000058 RDI: 00007ffeef0080f0
[ 1907.747929][T13249] RBP: 00007fc736ec76c0 R08: 00007fc736ec76c0 R09: 00007ffeef0081d7
[ 1907.755948][T13249] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1907.763972][T13249] R13: 000000000000000b R14: 00007ffeef0080f0 R15: 00007ffeef0081d8
[ 1907.772010][T13249]  </TASK>
[ 1907.796948][T13249] memory: usage 307200kB, limit 307200kB, failcnt 74724
00:47:34 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cpuacct.stat\x00', 0x0, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cpuacct.stat\x00', 0x0, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xfe84)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendto$unix(r1, &(0x7f0000000180)="5df0e0e4950a669757a8cdaf93238fae8c616b1d50cd87dca90477f5ec6640b2e06e4f69edf627dbd8a623d6485087683ceaf440dc", 0x35, 0x8010, &(0x7f0000000240)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
socket$nl_route(0x10, 0x3, 0x0) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000580)={{{@in=@multicast1, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@local}, 0x0, @in6=@ipv4={""/10, ""/2, @private}}}, &(0x7f0000000300)=0xe8)
sendmsg$nl_route(r4, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)=@ipmr_newroute={0x48, 0x18, 0x1, 0x70bd29, 0x25dfdbfb, {0x80, 0x10, 0x14, 0x3, 0xff, 0x0, 0xc8, 0x0, 0x1600}, [@RTA_PRIORITY={0x8, 0x6, 0x9}, @RTA_UID={0x8, 0x19, r5}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @ILA_ATTR_HOOK_TYPE={0x5}}, @RTA_SPORT={0x6, 0x1c, 0x4e23}, @RTA_DPORT={0x6, 0x1d, 0x4e20}]}, 0x48}, 0x1, 0x0, 0x0, 0x40004}, 0x4000)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1907.810239][T13249] memory+swap: usage 307372kB, limit 9007199254740988kB, failcnt 0
[ 1907.821702][T13249] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1907.834300][T13249] Memory cgroup stats for /syz2:
[ 1907.834577][T13249] cache 0
[ 1907.843239][T13249] rss 4096
[ 1907.846291][T13249] rss_huge 0
[ 1907.850576][T13249] shmem 0
[ 1907.853646][T13249] mapped_file 0
[ 1907.857821][T13249] dirty 0
[ 1907.860892][T13249] writeback 0
[ 1907.870729][T13249] workingset_refault_anon 50556
[ 1907.901751][T13249] workingset_refault_file 1
[ 1907.906308][T13249] swap 172032
[ 1907.910305][T13249] swapcached 4096
[ 1907.915294][T13249] pgpgin 176515
[ 1907.955050][T13249] pgpgout 176514
[ 1907.970610][T13249] pgfault 389559
[ 1907.992743][T13249] pgmajfault 46811
[ 1907.996562][T13249] inactive_anon 0
[ 1908.000497][T13249] active_anon 4096
[ 1908.004261][T13249] inactive_file 0
[ 1908.009739][T13249] active_file 0
[ 1908.013242][T13249] unevictable 0
[ 1908.016730][T13249] hierarchical_memory_limit 314572800
[ 1908.026180][T13249] hierarchical_memsw_limit 9223372036854771712
[ 1908.032723][T13249] total_cache 0
[ 1908.036309][T13249] total_rss 4096
[ 1908.040101][T13249] total_rss_huge 0
[ 1908.043845][T13249] total_shmem 0
[ 1908.047410][T13249] total_mapped_file 0
[ 1908.051507][T13249] total_dirty 0
[ 1908.054994][T13249] total_writeback 0
[ 1908.058944][T13249] total_workingset_refault_anon 50556
[ 1908.064352][T13249] total_workingset_refault_file 1
[ 1908.072771][T13249] total_swap 172032
[ 1908.077592][T13249] total_swapcached 4096
[ 1908.081781][T13249] total_pgpgin 176515
[ 1908.085779][T13249] total_pgpgout 176514
[ 1908.090057][T13249] total_pgfault 389559
[ 1908.094147][T13249] total_pgmajfault 46811
[ 1908.098589][T13249] total_inactive_anon 0
00:47:34 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async, rerun: 32)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cpuacct.stat\x00', 0x0, 0x0) (rerun: 32)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xfe84)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
sendto$unix(r1, &(0x7f0000000180)="5df0e0e4950a669757a8cdaf93238fae8c616b1d50cd87dca90477f5ec6640b2e06e4f69edf627dbd8a623d6485087683ceaf440dc", 0x35, 0x8010, &(0x7f0000000240)=@abs={0x1, 0x0, 0x4e21}, 0x6e) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000580)={{{@in=@multicast1, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@local}, 0x0, @in6=@ipv4={""/10, ""/2, @private}}}, &(0x7f0000000300)=0xe8)
sendmsg$nl_route(r4, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)=@ipmr_newroute={0x48, 0x18, 0x1, 0x70bd29, 0x25dfdbfb, {0x80, 0x10, 0x14, 0x3, 0xff, 0x0, 0xc8, 0x0, 0x1600}, [@RTA_PRIORITY={0x8, 0x6, 0x9}, @RTA_UID={0x8, 0x19, r5}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @ILA_ATTR_HOOK_TYPE={0x5}}, @RTA_SPORT={0x6, 0x1c, 0x4e23}, @RTA_DPORT={0x6, 0x1d, 0x4e20}]}, 0x48}, 0x1, 0x0, 0x0, 0x40004}, 0x4000)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

[ 1908.102777][T13249] total_active_anon 4096
[ 1908.107190][T13249] total_inactive_file 0
[ 1908.111422][T13249] total_active_file 0
[ 1908.115430][T13249] total_unevictable 0
[ 1908.125152][T13249] anon_cost 0
[ 1908.128652][T13249] file_cost 0
[ 1908.131963][T13249] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13249,uid=0
00:47:34 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xea050000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1908.149247][T13249] Memory cgroup out of memory: Killed process 13249 (syz-executor.2) total-vm:54508kB, anon-rss:368kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 1908.175627][T13241] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1908.233561][T13241] CPU: 0 PID: 13241 Comm: syz-executor.3 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1908.244043][T13241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1908.254114][T13241] Call Trace:
[ 1908.257419][T13241]  <TASK>
[ 1908.260360][T13241]  dump_stack_lvl+0x1e7/0x2e0
[ 1908.265067][T13241]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1908.270284][T13241]  ? __pfx__printk+0x10/0x10
[ 1908.274893][T13241]  ? ___ratelimit+0x4c4/0x670
[ 1908.279606][T13241]  ? __pfx____ratelimit+0x10/0x10
[ 1908.284664][T13241]  dump_header+0xda/0x6a0
[ 1908.289107][T13241]  oom_kill_process+0x3a7/0x930
[ 1908.293977][T13241]  out_of_memory+0xf67/0x1320
[ 1908.298675][T13241]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1908.304414][T13241]  ? __pfx___mutex_lock+0x10/0x10
[ 1908.309465][T13241]  ? __pfx_out_of_memory+0x10/0x10
[ 1908.314598][T13241]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1908.320157][T13241]  ? __pfx_lock_release+0x10/0x10
[ 1908.325209][T13241]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1908.331360][T13241]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1908.336596][T13241]  ? mem_cgroup_iter+0x3e9/0x560
[ 1908.341553][T13241]  try_charge_memcg+0xda2/0x18a0
[ 1908.346528][T13241]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1908.351910][T13241]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1908.357638][T13241]  ? __pfx_lock_release+0x10/0x10
[ 1908.362679][T13241]  ? memcg_account_kmem+0x1e7/0x210
[ 1908.367898][T13241]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1908.373729][T13241]  __memcg_kmem_charge_page+0xe1/0x250
[ 1908.379233][T13241]  memcg_charge_kernel_stack+0x3f8/0x550
[ 1908.384897][T13241]  dup_task_struct+0x40d/0x7d0
[ 1908.389684][T13241]  copy_process+0x5d5/0x3fc0
[ 1908.394307][T13241]  ? __might_fault+0xa9/0x120
[ 1908.399008][T13241]  ? __pfx_lock_release+0x10/0x10
[ 1908.404062][T13241]  ? __pfx_copy_process+0x10/0x10
[ 1908.409098][T13241]  ? __might_fault+0xc5/0x120
[ 1908.413794][T13241]  ? __asan_memset+0x23/0x50
[ 1908.418413][T13241]  kernel_clone+0x21d/0x8d0
[ 1908.422941][T13241]  ? __pfx_kernel_clone+0x10/0x10
[ 1908.427991][T13241]  __se_sys_clone3+0x2cb/0x350
[ 1908.432772][T13241]  ? __might_fault+0xa9/0x120
[ 1908.437464][T13241]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1908.442802][T13241]  ? do_syscall_64+0x108/0x240
[ 1908.447583][T13241]  ? do_syscall_64+0xb4/0x240
[ 1908.452286][T13241]  do_syscall_64+0xf9/0x240
[ 1908.456809][T13241]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1908.462721][T13241] RIP: 0033:0x7f1eee4a9b99
[ 1908.467145][T13241] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1908.486762][T13241] RSP: 002b:00007ffc334af428 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1908.495190][T13241] RAX: ffffffffffffffda RBX: 00007f1eee452270 RCX: 00007f1eee4a9b99
[ 1908.503171][T13241] RDX: 00007f1eee452270 RSI: 0000000000000058 RDI: 00007ffc334af470
[ 1908.511156][T13241] RBP: 00007f1eef2856c0 R08: 00007f1eef2856c0 R09: 00007ffc334af557
[ 1908.519146][T13241] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1908.527160][T13241] R13: 000000000000006e R14: 00007ffc334af470 R15: 00007ffc334af558
[ 1908.535174][T13241]  </TASK>
00:47:34 executing program 4:
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000005c0)={0x0, 0xb04d}, 0xc)
setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000400)={{0x62, @private=0xa010102, 0x4e24, 0x2, 'lblc\x00', 0xc, 0x0, 0x3a}, {@rand_addr=0x64010100, 0x4e20, 0x4, 0x1, 0x8, 0x3}}, 0x44)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000640)={0x0, 0x3}, 0x8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCINQ(r3, 0x541b, &(0x7f0000000600))
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r4, @ANYBLOB="f900295ff2ad130ce7ffffffffffffff00"], 0x3c}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000700)={'ip6gre0\x00', &(0x7f0000000680)={'syztnl2\x00', <r5=>r4, 0x4, 0x5, 0x36, 0xfff, 0x8, @ipv4={'\x00', '\xff\xff', @local}, @private0, 0x7800, 0x7868, 0x210d}})
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="ac00000028016cf027bd7000fedbdf2500000000", @ANYRES32=r5, @ANYBLOB="f1ff02000f00f3ff0900030006000500811f00000b000100636c736163740000060005001b00000006000500070400000600050080080000080001006874620044000200040009000c00070005000000000000003000010008010900ff0707000002000008030300040003000100000006000000a50d0000ffffff7fb2000000000000080d00010066715f636f64656c00000000"], 0xac}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f0000000240)={'gretap0\x00', <r6=>r4, 0x700, 0x40, 0x1, 0x7, {{0x25, 0x4, 0x0, 0x5, 0x94, 0x66, 0x0, 0x3, 0x29, 0x0, @local, @remote, {[@lsrr={0x83, 0xb, 0xbc, [@multicast1, @private=0xa010102]}, @timestamp_addr={0x44, 0x4c, 0x82, 0x1, 0x1, [{@remote, 0x3ff}, {@rand_addr=0x64010102, 0x20}, {@private=0xa010100, 0x7}, {@private=0xa010101, 0x5}, {@broadcast, 0x7}, {@empty, 0x4}, {@local, 0x1f}, {@local, 0x7f}, {@empty, 0x8}]}, @timestamp={0x44, 0x1c, 0x4d, 0x0, 0xf, [0x7, 0x2, 0x5, 0x1000, 0x80, 0x1]}, @generic={0x7, 0xd, "70872f11b08f98aa29b173"}]}}}}})
sendmsg$nl_route(r1, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=@ipv6_deladdrlabel={0x40, 0x49, 0x8, 0x70bd2a, 0x25dfdbfd, {0xa, 0x0, 0x10, 0x0, r6, 0x7}, [@IFAL_LABEL={0x8, 0x2, 0x1}, @IFAL_LABEL={0x8}, @IFAL_ADDRESS={0x14, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x800)

[ 1908.687069][T13241] memory: usage 307200kB, limit 307200kB, failcnt 10735
[ 1908.694866][T13241] memory+swap: usage 307368kB, limit 9007199254740988kB, failcnt 0
[ 1908.731626][T13241] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 1908.741142][T13282] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1908.781561][T13241] Memory cgroup stats for /syz3:
[ 1908.781721][T13241] cache 12288
[ 1908.824244][T13241] rss 4096
[ 1908.843458][T13241] rss_huge 0
[ 1908.864207][T13241] shmem 0
[ 1908.903205][T13241] mapped_file 0
[ 1908.906743][T13241] dirty 8192
[ 1908.925253][T13241] writeback 0
[ 1908.934559][T13241] workingset_refault_anon 6492
[ 1908.946265][T13241] workingset_refault_file 1
00:47:35 executing program 4:
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000005c0)={0x0, 0xb04d}, 0xc)
setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000400)={{0x62, @private=0xa010102, 0x4e24, 0x2, 'lblc\x00', 0xc, 0x0, 0x3a}, {@rand_addr=0x64010100, 0x4e20, 0x4, 0x1, 0x8, 0x3}}, 0x44) (async)
setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000400)={{0x62, @private=0xa010102, 0x4e24, 0x2, 'lblc\x00', 0xc, 0x0, 0x3a}, {@rand_addr=0x64010100, 0x4e20, 0x4, 0x1, 0x8, 0x3}}, 0x44)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000640)={0x0, 0x3}, 0x8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0) (async)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCINQ(r3, 0x541b, &(0x7f0000000600))
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r4, @ANYBLOB="f900295ff2ad130ce7ffffffffffffff00"], 0x3c}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000700)={'ip6gre0\x00', &(0x7f0000000680)={'syztnl2\x00', <r5=>r4, 0x4, 0x5, 0x36, 0xfff, 0x8, @ipv4={'\x00', '\xff\xff', @local}, @private0, 0x7800, 0x7868, 0x210d}})
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="ac00000028016cf027bd7000fedbdf2500000000", @ANYRES32=r5, @ANYBLOB="f1ff02000f00f3ff0900030006000500811f00000b000100636c736163740000060005001b00000006000500070400000600050080080000080001006874620044000200040009000c00070005000000000000003000010008010900ff0707000002000008030300040003000100000006000000a50d0000ffffff7fb2000000000000080d00010066715f636f64656c00000000"], 0xac}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f0000000240)={'gretap0\x00', r4, 0x700, 0x40, 0x1, 0x7, {{0x25, 0x4, 0x0, 0x5, 0x94, 0x66, 0x0, 0x3, 0x29, 0x0, @local, @remote, {[@lsrr={0x83, 0xb, 0xbc, [@multicast1, @private=0xa010102]}, @timestamp_addr={0x44, 0x4c, 0x82, 0x1, 0x1, [{@remote, 0x3ff}, {@rand_addr=0x64010102, 0x20}, {@private=0xa010100, 0x7}, {@private=0xa010101, 0x5}, {@broadcast, 0x7}, {@empty, 0x4}, {@local, 0x1f}, {@local, 0x7f}, {@empty, 0x8}]}, @timestamp={0x44, 0x1c, 0x4d, 0x0, 0xf, [0x7, 0x2, 0x5, 0x1000, 0x80, 0x1]}, @generic={0x7, 0xd, "70872f11b08f98aa29b173"}]}}}}}) (async)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f0000000240)={'gretap0\x00', <r6=>r4, 0x700, 0x40, 0x1, 0x7, {{0x25, 0x4, 0x0, 0x5, 0x94, 0x66, 0x0, 0x3, 0x29, 0x0, @local, @remote, {[@lsrr={0x83, 0xb, 0xbc, [@multicast1, @private=0xa010102]}, @timestamp_addr={0x44, 0x4c, 0x82, 0x1, 0x1, [{@remote, 0x3ff}, {@rand_addr=0x64010102, 0x20}, {@private=0xa010100, 0x7}, {@private=0xa010101, 0x5}, {@broadcast, 0x7}, {@empty, 0x4}, {@local, 0x1f}, {@local, 0x7f}, {@empty, 0x8}]}, @timestamp={0x44, 0x1c, 0x4d, 0x0, 0xf, [0x7, 0x2, 0x5, 0x1000, 0x80, 0x1]}, @generic={0x7, 0xd, "70872f11b08f98aa29b173"}]}}}}})
sendmsg$nl_route(r1, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=@ipv6_deladdrlabel={0x40, 0x49, 0x8, 0x70bd2a, 0x25dfdbfd, {0xa, 0x0, 0x10, 0x0, r6, 0x7}, [@IFAL_LABEL={0x8, 0x2, 0x1}, @IFAL_LABEL={0x8}, @IFAL_ADDRESS={0x14, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x800)

[ 1908.951453][T13241] swap 172032
[ 1908.991087][T13241] swapcached 4096
[ 1909.021318][T13241] pgpgin 133862
[ 1909.024845][T13241] pgpgout 133857
[ 1909.048023][T13241] pgfault 351507
[ 1909.051644][T13241] pgmajfault 6341
[ 1909.068710][T13241] inactive_anon 0
[ 1909.072412][T13241] active_anon 0
[ 1909.076698][T13241] inactive_file 4096
[ 1909.094114][T13241] active_file 8192
[ 1909.109065][T13289] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1909.127321][T13241] unevictable 0
[ 1909.130865][T13241] hierarchical_memory_limit 314572800
[ 1909.136277][T13241] hierarchical_memsw_limit 9223372036854771712
[ 1909.179553][T13241] total_cache 12288
[ 1909.189246][T13241] total_rss 4096
[ 1909.245978][T13241] total_rss_huge 0
[ 1909.251393][T13241] total_shmem 0
[ 1909.255028][T13241] total_mapped_file 0
[ 1909.270154][T13241] total_dirty 8192
[ 1909.280810][T13241] total_writeback 0
[ 1909.289297][T13241] total_workingset_refault_anon 6492
[ 1909.317998][T13241] total_workingset_refault_file 1
[ 1909.323271][T13241] total_swap 172032
[ 1909.352736][T13241] total_swapcached 4096
[ 1909.387286][T13241] total_pgpgin 133862
[ 1909.397536][T13237] Bluetooth: hci0: command 0x041b tx timeout
[ 1909.427193][T13241] total_pgpgout 133857
[ 1909.431454][T13241] total_pgfault 351507
[ 1909.435656][T13241] total_pgmajfault 6341
[ 1909.440000][T13241] total_inactive_anon 0
[ 1909.444307][T13241] total_active_anon 0
[ 1909.448553][T13241] total_inactive_file 4096
[ 1909.453100][T13241] total_active_file 8192
[ 1909.457538][T13241] total_unevictable 0
[ 1909.461654][T13241] anon_cost 0
[ 1909.466693][T13241] file_cost 0
[ 1909.486843][T13241] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=13241,uid=0
[ 1909.538914][T13241] Memory cgroup out of memory: Killed process 13241 (syz-executor.3) total-vm:54640kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
00:47:35 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:47:35 executing program 4:
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000005c0)={0x0, 0xb04d}, 0xc) (async)
setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000400)={{0x62, @private=0xa010102, 0x4e24, 0x2, 'lblc\x00', 0xc, 0x0, 0x3a}, {@rand_addr=0x64010100, 0x4e20, 0x4, 0x1, 0x8, 0x3}}, 0x44)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000640)={0x0, 0x3}, 0x8) (async, rerun: 64)
r1 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCINQ(r3, 0x541b, &(0x7f0000000600)) (async)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r4, @ANYBLOB="f900295ff2ad130ce7ffffffffffffff00"], 0x3c}}, 0x0) (async)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000700)={'ip6gre0\x00', &(0x7f0000000680)={'syztnl2\x00', <r5=>r4, 0x4, 0x5, 0x36, 0xfff, 0x8, @ipv4={'\x00', '\xff\xff', @local}, @private0, 0x7800, 0x7868, 0x210d}})
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="ac00000028016cf027bd7000fedbdf2500000000", @ANYRES32=r5, @ANYBLOB="f1ff02000f00f3ff0900030006000500811f00000b000100636c736163740000060005001b00000006000500070400000600050080080000080001006874620044000200040009000c00070005000000000000003000010008010900ff0707000002000008030300040003000100000006000000a50d0000ffffff7fb2000000000000080d00010066715f636f64656c00000000"], 0xac}}, 0x0) (async)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f0000000240)={'gretap0\x00', <r6=>r4, 0x700, 0x40, 0x1, 0x7, {{0x25, 0x4, 0x0, 0x5, 0x94, 0x66, 0x0, 0x3, 0x29, 0x0, @local, @remote, {[@lsrr={0x83, 0xb, 0xbc, [@multicast1, @private=0xa010102]}, @timestamp_addr={0x44, 0x4c, 0x82, 0x1, 0x1, [{@remote, 0x3ff}, {@rand_addr=0x64010102, 0x20}, {@private=0xa010100, 0x7}, {@private=0xa010101, 0x5}, {@broadcast, 0x7}, {@empty, 0x4}, {@local, 0x1f}, {@local, 0x7f}, {@empty, 0x8}]}, @timestamp={0x44, 0x1c, 0x4d, 0x0, 0xf, [0x7, 0x2, 0x5, 0x1000, 0x80, 0x1]}, @generic={0x7, 0xd, "70872f11b08f98aa29b173"}]}}}}})
sendmsg$nl_route(r1, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=@ipv6_deladdrlabel={0x40, 0x49, 0x8, 0x70bd2a, 0x25dfdbfd, {0xa, 0x0, 0x10, 0x0, r6, 0x7}, [@IFAL_LABEL={0x8, 0x2, 0x1}, @IFAL_LABEL={0x8}, @IFAL_ADDRESS={0x14, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x800)

[ 1909.647255][T13279] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
00:47:35 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x15]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1909.699193][T13279] CPU: 1 PID: 13279 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1909.709692][T13279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1909.719793][T13279] Call Trace:
[ 1909.723111][T13279]  <TASK>
[ 1909.726066][T13279]  dump_stack_lvl+0x1e7/0x2e0
[ 1909.730809][T13279]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1909.736071][T13279]  ? __pfx__printk+0x10/0x10
[ 1909.745223][T13279]  ? ___ratelimit+0x4c4/0x670
[ 1909.749936][T13279]  ? __pfx____ratelimit+0x10/0x10
[ 1909.755085][T13279]  dump_header+0xda/0x6a0
[ 1909.759433][T13279]  oom_kill_process+0x3a7/0x930
[ 1909.764298][T13279]  out_of_memory+0xf67/0x1320
[ 1909.768990][T13279]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1909.774632][T13279]  ? __pfx___mutex_lock+0x10/0x10
[ 1909.779669][T13279]  ? __pfx_out_of_memory+0x10/0x10
[ 1909.784805][T13279]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1909.790365][T13279]  ? __pfx_lock_release+0x10/0x10
[ 1909.795407][T13279]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1909.801508][T13279]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1909.806747][T13279]  ? mem_cgroup_iter+0x3e9/0x560
[ 1909.811736][T13279]  try_charge_memcg+0xda2/0x18a0
[ 1909.816748][T13279]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1909.822161][T13279]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1909.827926][T13279]  ? __pfx_lock_release+0x10/0x10
[ 1909.833002][T13279]  ? memcg_account_kmem+0x1e7/0x210
[ 1909.838258][T13279]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1909.844111][T13279]  __memcg_kmem_charge_page+0xe1/0x250
[ 1909.849631][T13279]  memcg_charge_kernel_stack+0x3f8/0x550
[ 1909.855316][T13279]  dup_task_struct+0x15d/0x7d0
[ 1909.860142][T13279]  copy_process+0x5d5/0x3fc0
[ 1909.864796][T13279]  ? __might_fault+0xa9/0x120
[ 1909.869512][T13279]  ? __pfx_lock_release+0x10/0x10
[ 1909.874590][T13279]  ? __pfx_copy_process+0x10/0x10
[ 1909.879672][T13279]  ? __might_fault+0xc5/0x120
[ 1909.884401][T13279]  ? __asan_memset+0x23/0x50
[ 1909.889046][T13279]  kernel_clone+0x21d/0x8d0
[ 1909.893596][T13279]  ? __pfx_kernel_clone+0x10/0x10
[ 1909.898682][T13279]  __se_sys_clone3+0x2cb/0x350
[ 1909.903493][T13279]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1909.908837][T13279]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1909.914883][T13279]  ? exc_page_fault+0x587/0x870
[ 1909.919786][T13279]  ? do_syscall_64+0xb4/0x240
[ 1909.924511][T13279]  do_syscall_64+0xf9/0x240
[ 1909.929071][T13279]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1909.935012][T13279] RIP: 0033:0x7fa936ca9b99
[ 1909.939467][T13279] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1909.959119][T13279] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1909.967556][T13279] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1909.975539][T13279] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1909.983520][T13279] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
[ 1909.991501][T13279] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1909.999481][T13279] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1910.007497][T13279]  </TASK>
[ 1910.156444][T13279] memory: usage 307200kB, limit 307200kB, failcnt 7602
[ 1910.174287][T13279] memory+swap: usage 307356kB, limit 9007199254740988kB, failcnt 0
[ 1910.182577][T13279] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[ 1910.267206][T13279] Memory cgroup stats for /syz1:
[ 1910.267357][T13279] cache 12288
[ 1910.304886][T13279] rss 0
[ 1910.312661][T13279] rss_huge 0
[ 1910.322048][T13279] shmem 0
[ 1910.345461][T13279] mapped_file 0
[ 1910.362523][T13279] dirty 12288
[ 1910.377629][T13279] writeback 0
[ 1910.393017][T13279] workingset_refault_anon 3298
[ 1910.419697][T13279] workingset_refault_file 1
[ 1910.459155][T13279] swap 159744
[ 1910.462523][T13279] swapcached 0
[ 1910.465925][T13279] pgpgin 128917
[ 1910.505311][T13279] pgpgout 128914
[ 1910.527241][T13279] pgfault 338499
[ 1910.546542][T13279] pgmajfault 3121
[ 1910.557361][T13279] inactive_anon 0
[ 1910.561255][T13279] active_anon 0
[ 1910.569038][T13279] inactive_file 4096
[ 1910.577736][T13279] active_file 8192
[ 1910.586210][T13279] unevictable 0
[ 1910.596063][T13279] hierarchical_memory_limit 314572800
[ 1910.610156][T13279] hierarchical_memsw_limit 9223372036854771712
[ 1910.623379][T13279] total_cache 12288
[ 1910.631959][T13279] total_rss 0
[ 1910.642002][T13279] total_rss_huge 0
[ 1910.650639][T13279] total_shmem 0
[ 1910.658812][T13279] total_mapped_file 0
[ 1910.667668][T13279] total_dirty 12288
[ 1910.676207][T13279] total_writeback 0
[ 1910.695179][T13279] total_workingset_refault_anon 3298
[ 1910.717236][T13279] total_workingset_refault_file 1
[ 1910.733739][T13279] total_swap 159744
[ 1910.750345][T13279] total_swapcached 0
[ 1910.764654][T13279] total_pgpgin 128917
[ 1910.773533][T13279] total_pgpgout 128914
[ 1910.782612][T13279] total_pgfault 338499
[ 1910.790139][T13279] total_pgmajfault 3121
[ 1910.794513][T13279] total_inactive_anon 0
[ 1910.801329][T13279] total_active_anon 0
[ 1910.811100][T13279] total_inactive_file 4096
[ 1910.815720][T13279] total_active_file 8192
[ 1910.824836][T13279] total_unevictable 0
[ 1910.838141][T13279] anon_cost 0
[ 1910.855141][T13279] file_cost 0
[ 1910.862480][T13279] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13279,uid=0
[ 1910.897159][T13279] Memory cgroup out of memory: Killed process 13279 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
[ 1910.947206][T13309] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1910.977136][T13309] CPU: 0 PID: 13309 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1910.987621][T13309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1910.999206][T13309] Call Trace:
[ 1911.002532][T13309]  <TASK>
[ 1911.005498][T13309]  dump_stack_lvl+0x1e7/0x2e0
[ 1911.010244][T13309]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1911.015502][T13309]  ? __pfx__printk+0x10/0x10
[ 1911.020148][T13309]  ? ___ratelimit+0x4c4/0x670
[ 1911.024903][T13309]  ? __pfx____ratelimit+0x10/0x10
[ 1911.029992][T13309]  dump_header+0xda/0x6a0
[ 1911.034385][T13309]  oom_kill_process+0x3a7/0x930
[ 1911.039282][T13309]  out_of_memory+0xf67/0x1320
[ 1911.043995][T13309]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1911.049657][T13309]  ? __pfx___mutex_lock+0x10/0x10
[ 1911.054704][T13309]  ? __pfx_out_of_memory+0x10/0x10
[ 1911.059845][T13309]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1911.065405][T13309]  ? __pfx_lock_release+0x10/0x10
[ 1911.070447][T13309]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1911.076616][T13309]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1911.081844][T13309]  ? mem_cgroup_iter+0x3e9/0x560
[ 1911.086821][T13309]  try_charge_memcg+0xda2/0x18a0
[ 1911.091796][T13309]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1911.097179][T13309]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1911.102907][T13309]  ? __pfx_lock_release+0x10/0x10
[ 1911.107950][T13309]  ? memcg_account_kmem+0x1e7/0x210
[ 1911.113170][T13309]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1911.118988][T13309]  __memcg_kmem_charge_page+0xe1/0x250
[ 1911.124468][T13309]  memcg_charge_kernel_stack+0x3f8/0x550
[ 1911.130136][T13309]  dup_task_struct+0x15d/0x7d0
[ 1911.134913][T13309]  copy_process+0x5d5/0x3fc0
[ 1911.139534][T13309]  ? __might_fault+0xa9/0x120
[ 1911.144218][T13309]  ? __pfx_lock_release+0x10/0x10
[ 1911.149267][T13309]  ? __pfx_copy_process+0x10/0x10
[ 1911.154301][T13309]  ? __might_fault+0xc5/0x120
[ 1911.158996][T13309]  ? __asan_memset+0x23/0x50
[ 1911.163607][T13309]  kernel_clone+0x21d/0x8d0
[ 1911.168134][T13309]  ? __pfx_kernel_clone+0x10/0x10
[ 1911.173183][T13309]  __se_sys_clone3+0x2cb/0x350
[ 1911.177961][T13309]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1911.183279][T13309]  ? do_syscall_64+0x108/0x240
[ 1911.188057][T13309]  ? do_syscall_64+0xb4/0x240
[ 1911.192749][T13309]  do_syscall_64+0xf9/0x240
[ 1911.197275][T13309]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1911.203186][T13309] RIP: 0033:0x7fc7360a9b99
[ 1911.207646][T13309] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1911.227264][T13309] RSP: 002b:00007ffeef0080a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1911.235688][T13309] RAX: ffffffffffffffda RBX: 00007fc736052270 RCX: 00007fc7360a9b99
[ 1911.243664][T13309] RDX: 00007fc736052270 RSI: 0000000000000058 RDI: 00007ffeef0080f0
[ 1911.251655][T13309] RBP: 00007fc736ec76c0 R08: 00007fc736ec76c0 R09: 00007ffeef0081d7
[ 1911.259647][T13309] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1911.267630][T13309] R13: 000000000000000b R14: 00007ffeef0080f0 R15: 00007ffeef0081d8
[ 1911.275625][T13309]  </TASK>
00:47:37 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf1ffffff]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1911.444961][T13309] memory: usage 307200kB, limit 307200kB, failcnt 74994
[ 1911.471797][T13309] memory+swap: usage 307372kB, limit 9007199254740988kB, failcnt 0
[ 1911.487739][T13237] Bluetooth: hci0: command 0x040f tx timeout
[ 1911.505647][T13309] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1911.534901][T13309] Memory cgroup stats for /syz2:
[ 1911.535060][T13309] cache 0
[ 1911.556868][T13309] rss 0
[ 1911.578522][T13309] rss_huge 0
[ 1911.581790][T13309] shmem 0
[ 1911.584759][T13309] mapped_file 0
[ 1911.590400][T13309] dirty 0
[ 1911.593391][T13309] writeback 0
[ 1911.596709][T13309] workingset_refault_anon 50622
[ 1911.620147][T13309] workingset_refault_file 1
[ 1911.624806][T13309] swap 176128
[ 1911.638213][T13309] swapcached 0
[ 1911.641644][T13309] pgpgin 176598
[ 1911.659112][T13309] pgpgout 176598
[ 1911.662810][T13309] pgfault 389685
[ 1911.666389][T13309] pgmajfault 46869
[ 1911.679270][T13309] inactive_anon 0
[ 1911.682981][T13309] active_anon 0
[ 1911.686473][T13309] inactive_file 0
[ 1911.736072][T13309] active_file 0
[ 1911.744793][T13309] unevictable 0
[ 1911.759038][T13309] hierarchical_memory_limit 314572800
[ 1911.773852][T13309] hierarchical_memsw_limit 9223372036854771712
[ 1911.788388][T13309] total_cache 0
[ 1911.796252][T13309] total_rss 0
[ 1911.805022][T13309] total_rss_huge 0
[ 1911.813945][T13309] total_shmem 0
[ 1911.822558][T13309] total_mapped_file 0
[ 1911.837558][T13309] total_dirty 0
[ 1911.841225][T13309] total_writeback 0
[ 1911.845182][T13309] total_workingset_refault_anon 50622
[ 1911.856593][T13309] total_workingset_refault_file 1
[ 1911.872239][T13309] total_swap 176128
[ 1911.880470][T13309] total_swapcached 0
[ 1911.889098][T13309] total_pgpgin 176598
[ 1911.897565][T13309] total_pgpgout 176598
[ 1911.906507][T13309] total_pgfault 389685
[ 1911.915379][T13309] total_pgmajfault 46869
[ 1911.925129][T13309] total_inactive_anon 0
[ 1911.933770][T13309] total_active_anon 0
[ 1911.942700][T13309] total_inactive_file 0
[ 1911.951637][T13309] total_active_file 0
[ 1911.960311][T13309] total_unevictable 0
[ 1911.973424][T13309] anon_cost 0
[ 1911.982319][T13309] file_cost 0
[ 1911.990087][T13309] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13309,uid=0
[ 1912.024844][T13309] Memory cgroup out of memory: Killed process 13309 (syz-executor.2) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:47:38 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1912.988223][ T5110] syz-executor.2 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1913.069880][ T5110] CPU: 1 PID: 5110 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1913.080292][ T5110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1913.090397][ T5110] Call Trace:
[ 1913.093718][ T5110]  <TASK>
[ 1913.096701][ T5110]  dump_stack_lvl+0x1e7/0x2e0
[ 1913.101448][ T5110]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1913.106706][ T5110]  ? __pfx__printk+0x10/0x10
[ 1913.111360][ T5110]  ? ___ratelimit+0x4c4/0x670
[ 1913.116096][ T5110]  ? __pfx____ratelimit+0x10/0x10
[ 1913.121181][ T5110]  dump_header+0xda/0x6a0
[ 1913.125560][ T5110]  oom_kill_process+0x3a7/0x930
[ 1913.130464][ T5110]  out_of_memory+0xf67/0x1320
[ 1913.135196][ T5110]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1913.140872][ T5110]  ? __pfx___mutex_lock+0x10/0x10
[ 1913.145943][ T5110]  ? __pfx_out_of_memory+0x10/0x10
[ 1913.151113][ T5110]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1913.156710][ T5110]  ? __pfx_lock_release+0x10/0x10
[ 1913.161785][ T5110]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1913.167905][ T5110]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1913.173135][ T5110]  ? mem_cgroup_iter+0x3e9/0x560
[ 1913.178088][ T5110]  try_charge_memcg+0xda2/0x18a0
[ 1913.183033][ T5110]  ? mark_lock+0x9a/0x350
[ 1913.187390][ T5110]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1913.192798][ T5110]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1913.198965][ T5110]  charge_memcg+0xa2/0x160
[ 1913.203402][ T5110]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1913.209564][ T5110]  __read_swap_cache_async+0x480/0x8b0
[ 1913.215035][ T5110]  ? mark_lock+0x9a/0x350
[ 1913.219384][ T5110]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1913.225387][ T5110]  swap_cluster_readahead+0x67c/0x810
[ 1913.230783][ T5110]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1913.236691][ T5110]  ? __pfx_lock_release+0x10/0x10
[ 1913.241738][ T5110]  ? xas_descend+0x37e/0x470
[ 1913.246356][ T5110]  swapin_readahead+0x1ea/0x1070
[ 1913.251312][ T5110]  ? filemap_get_entry+0x127/0x4e0
[ 1913.256454][ T5110]  ? __pfx_swapin_readahead+0x10/0x10
[ 1913.261853][ T5110]  ? __filemap_get_folio+0x935/0xbc0
[ 1913.267173][ T5110]  ? swap_cache_get_folio+0x9f/0x570
[ 1913.272488][ T5110]  do_swap_page+0x791/0x3f40
[ 1913.277092][ T5110]  ? rcu_is_watching+0x15/0xb0
[ 1913.281886][ T5110]  ? do_swap_page+0x154/0x3f40
[ 1913.286660][ T5110]  ? __pfx_do_swap_page+0x10/0x10
[ 1913.291694][ T5110]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1913.297182][ T5110]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1913.303027][ T5110]  __handle_mm_fault+0x15e8/0x72d0
[ 1913.308181][ T5110]  ? reacquire_held_locks+0x3eb/0x690
[ 1913.313563][ T5110]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1913.319046][ T5110]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 1913.324793][ T5110]  ? mtree_range_walk+0x6fd/0x8e0
[ 1913.329834][ T5110]  ? lock_vma_under_rcu+0x18a/0x730
[ 1913.335042][ T5110]  ? __pfx_lock_release+0x10/0x10
[ 1913.340078][ T5110]  ? lock_vma_under_rcu+0x2f9/0x730
[ 1913.345305][ T5110]  ? lock_vma_under_rcu+0x18a/0x730
[ 1913.350518][ T5110]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 1913.356077][ T5110]  handle_mm_fault+0x3c1/0x8a0
[ 1913.360861][ T5110]  exc_page_fault+0x456/0x870
[ 1913.365557][ T5110]  asm_exc_page_fault+0x26/0x30
[ 1913.370415][ T5110] RIP: 0033:0x7fc73607a780
[ 1913.374836][ T5110] Code: ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 <80> 3d 71 57 10 00 00 49 89 ca 74 14 b8 3d 00 00 00 0f 05 48 3d 00
[ 1913.394450][ T5110] RSP: 002b:00007ffeef0084e8 EFLAGS: 00010246
[ 1913.400531][ T5110] RAX: 000000000000027e RBX: 00000000000035b4 RCX: 0000000000000000
[ 1913.408511][ T5110] RDX: 0000000040000001 RSI: 00007ffeef00854c RDI: 00000000ffffffff
[ 1913.416485][ T5110] RBP: 00007ffeef00854c R08: 0000000000000010 R09: 00007ffeef05f0b0
[ 1913.424462][ T5110] R10: 00007ffeef05f080 R11: 000000000005b8a0 R12: 0000000000000032
[ 1913.432440][ T5110] R13: 00000000001d2dc0 R14: 00000000001d2dc0 R15: 0000000000000000
[ 1913.440435][ T5110]  </TASK>
[ 1913.479176][ T5110] memory: usage 307200kB, limit 307200kB, failcnt 75515
[ 1913.497345][ T5110] memory+swap: usage 307376kB, limit 9007199254740988kB, failcnt 0
[ 1913.521072][ T5110] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1913.549836][ T5110] Memory cgroup stats for /syz2:
[ 1913.549994][ T5110] cache 0
[ 1913.558659][T13237] Bluetooth: hci0: command 0x0419 tx timeout
[ 1913.576578][ T5110] rss 16384
[ 1913.621516][ T5110] rss_huge 0
[ 1913.624907][ T5110] shmem 0
[ 1913.635775][ T5110] mapped_file 0
[ 1913.654976][ T5110] dirty 0
[ 1913.660683][ T5110] writeback 0
[ 1913.664182][ T5110] workingset_refault_anon 50812
[ 1913.673718][ T5110] workingset_refault_file 1
[ 1913.680250][ T5110] swap 163840
[ 1913.683786][ T5110] swapcached 8192
[ 1913.692979][ T5110] pgpgin 176800
[ 1913.696648][ T5110] pgpgout 176796
[ 1913.700968][ T5110] pgfault 389964
[ 1913.704704][ T5110] pgmajfault 47036
[ 1913.710138][ T5110] inactive_anon 0
[ 1913.713993][ T5110] active_anon 16384
[ 1913.721572][ T5110] inactive_file 0
[ 1913.725389][ T5110] active_file 0
[ 1913.730738][ T5110] unevictable 0
[ 1913.734394][ T5110] hierarchical_memory_limit 314572800
[ 1913.746980][ T5110] hierarchical_memsw_limit 9223372036854771712
[ 1913.753843][ T5110] total_cache 0
[ 1913.761195][ T5110] total_rss 16384
[ 1913.768859][ T5110] total_rss_huge 0
[ 1913.776130][ T5110] total_shmem 0
[ 1913.784523][ T5110] total_mapped_file 0
[ 1913.793660][ T5110] total_dirty 0
[ 1913.804652][ T5110] total_writeback 0
[ 1913.813867][ T5110] total_workingset_refault_anon 50812
[ 1913.824119][ T5110] total_workingset_refault_file 1
[ 1913.829912][ T5110] total_swap 163840
[ 1913.833913][ T5110] total_swapcached 8192
[ 1913.838874][ T5110] total_pgpgin 176800
[ 1913.844235][ T5110] total_pgpgout 176796
[ 1913.853122][ T5110] total_pgfault 389964
[ 1913.858658][ T5110] total_pgmajfault 47036
[ 1913.863672][ T5110] total_inactive_anon 0
[ 1913.873968][ T5110] total_active_anon 16384
[ 1913.882253][ T5110] total_inactive_file 0
[ 1913.892348][ T5110] total_active_file 0
[ 1913.902949][ T5110] total_unevictable 0
[ 1913.913791][ T5110] anon_cost 0
[ 1913.922701][ T5110] file_cost 0
[ 1913.928121][ T5110] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13321,uid=0
[ 1913.949400][ T5110] Memory cgroup out of memory: Killed process 13321 (syz-executor.2) total-vm:54508kB, anon-rss:516kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 1913.976156][T13320] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1913.990801][T13320] CPU: 0 PID: 13320 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1914.001368][T13320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1914.011467][T13320] Call Trace:
[ 1914.014779][T13320]  <TASK>
[ 1914.017740][T13320]  dump_stack_lvl+0x1e7/0x2e0
[ 1914.022475][T13320]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1914.027724][T13320]  ? __pfx__printk+0x10/0x10
[ 1914.032451][T13320]  ? ___ratelimit+0x4c4/0x670
[ 1914.037184][T13320]  ? __pfx____ratelimit+0x10/0x10
[ 1914.042274][T13320]  dump_header+0xda/0x6a0
[ 1914.046668][T13320]  oom_kill_process+0x3a7/0x930
[ 1914.051566][T13320]  out_of_memory+0xf67/0x1320
[ 1914.056333][T13320]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1914.062012][T13320]  ? __pfx___mutex_lock+0x10/0x10
[ 1914.067077][T13320]  ? __pfx_out_of_memory+0x10/0x10
[ 1914.072250][T13320]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1914.077844][T13320]  ? __pfx_lock_release+0x10/0x10
[ 1914.082916][T13320]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1914.089040][T13320]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1914.094279][T13320]  ? mem_cgroup_iter+0x3e9/0x560
[ 1914.099269][T13320]  try_charge_memcg+0xda2/0x18a0
[ 1914.104278][T13320]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1914.109694][T13320]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1914.115453][T13320]  ? __pfx_lock_release+0x10/0x10
[ 1914.120531][T13320]  ? memcg_account_kmem+0x1e7/0x210
[ 1914.125785][T13320]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1914.131634][T13320]  __memcg_kmem_charge_page+0xe1/0x250
[ 1914.137143][T13320]  memcg_charge_kernel_stack+0x28a/0x550
[ 1914.142820][T13320]  dup_task_struct+0x15d/0x7d0
[ 1914.147627][T13320]  copy_process+0x5d5/0x3fc0
[ 1914.152298][T13320]  ? __might_fault+0xa9/0x120
[ 1914.157013][T13320]  ? __pfx_lock_release+0x10/0x10
[ 1914.162088][T13320]  ? __pfx_copy_process+0x10/0x10
[ 1914.167155][T13320]  ? __might_fault+0xc5/0x120
[ 1914.171886][T13320]  ? __asan_memset+0x23/0x50
[ 1914.176520][T13320]  kernel_clone+0x21d/0x8d0
[ 1914.181063][T13320]  ? __pfx_kernel_clone+0x10/0x10
[ 1914.186165][T13320]  __se_sys_clone3+0x2cb/0x350
[ 1914.190971][T13320]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1914.196333][T13320]  ? do_syscall_64+0x108/0x240
[ 1914.201149][T13320]  ? do_syscall_64+0xb4/0x240
[ 1914.205878][T13320]  do_syscall_64+0xf9/0x240
[ 1914.210437][T13320]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1914.216386][T13320] RIP: 0033:0x7fa936ca9b99
[ 1914.220839][T13320] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1914.240494][T13320] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1914.248960][T13320] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1914.256972][T13320] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1914.264986][T13320] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
00:47:40 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6558]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1914.273005][T13320] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1914.281027][T13320] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1914.289072][T13320]  </TASK>
[ 1914.310648][T13320] memory: usage 307200kB, limit 307200kB, failcnt 8545
[ 1914.322328][T13320] memory+swap: usage 307344kB, limit 9007199254740988kB, failcnt 0
00:47:40 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1914.331772][T13320] kmem: usage 307176kB, limit 9007199254740988kB, failcnt 0
[ 1914.339529][T13320] Memory cgroup stats for /syz1:
[ 1914.339676][T13320] cache 12288
[ 1914.349526][T13320] rss 12288
[ 1914.352692][T13320] rss_huge 0
[ 1914.355934][T13320] shmem 0
[ 1914.370207][T13320] mapped_file 0
[ 1914.373749][T13320] dirty 12288
[ 1914.388730][T13320] writeback 0
[ 1914.402039][T13320] workingset_refault_anon 3631
[ 1914.422344][T13320] workingset_refault_file 1
[ 1914.428242][T13320] swap 147456
[ 1914.436384][T13320] swapcached 8192
[ 1914.445133][T13320] pgpgin 129266
[ 1914.453333][T13320] pgpgout 129260
[ 1914.471309][T13320] pgfault 339002
[ 1914.480595][T13320] pgmajfault 3427
[ 1914.490262][T13320] inactive_anon 12288
[ 1914.499848][T13320] active_anon 0
[ 1914.509017][T13320] inactive_file 12288
[ 1914.518900][T13320] active_file 0
[ 1914.531385][T13320] unevictable 0
[ 1914.543500][T13320] hierarchical_memory_limit 314572800
[ 1914.556054][T13320] hierarchical_memsw_limit 9223372036854771712
[ 1914.575897][T13320] total_cache 12288
[ 1914.581410][T13320] total_rss 12288
[ 1914.590683][T13320] total_rss_huge 0
[ 1914.600437][T13320] total_shmem 0
[ 1914.609732][T13320] total_mapped_file 0
[ 1914.619666][T13320] total_dirty 12288
[ 1914.629845][T13320] total_writeback 0
[ 1914.643289][T13320] total_workingset_refault_anon 3631
[ 1914.657588][T13320] total_workingset_refault_file 1
[ 1914.666544][T13320] total_swap 147456
[ 1914.676165][T13320] total_swapcached 8192
[ 1914.686303][T13320] total_pgpgin 129266
[ 1914.695957][T13320] total_pgpgout 129260
[ 1914.707235][T13320] total_pgfault 339002
[ 1914.718131][T13320] total_pgmajfault 3427
[ 1914.726964][T13320] total_inactive_anon 12288
[ 1914.739800][T13320] total_active_anon 0
[ 1914.749677][T13320] total_inactive_file 12288
[ 1914.769103][T13320] total_active_file 0
[ 1914.779139][T13320] total_unevictable 0
[ 1914.790273][T13320] anon_cost 0
[ 1914.798844][T13320] file_cost 0
[ 1914.806827][T13320] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13320,uid=0
[ 1914.842779][T13320] Memory cgroup out of memory: Killed process 13320 (syz-executor.1) total-vm:54508kB, anon-rss:404kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
[ 1915.036245][ T1239] ieee802154 phy0 wpan0: encryption failed: -22
[ 1915.043312][ T1239] ieee802154 phy1 wpan1: encryption failed: -22
00:47:41 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffa888]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1915.583412][T13322] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1915.629222][T13322] CPU: 0 PID: 13322 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1915.639710][T13322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1915.649801][T13322] Call Trace:
[ 1915.653093][T13322]  <TASK>
[ 1915.656050][T13322]  dump_stack_lvl+0x1e7/0x2e0
[ 1915.660758][T13322]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1915.665975][T13322]  ? __pfx__printk+0x10/0x10
[ 1915.670581][T13322]  ? ___ratelimit+0x4c4/0x670
[ 1915.675275][T13322]  ? __pfx____ratelimit+0x10/0x10
[ 1915.680321][T13322]  dump_header+0xda/0x6a0
[ 1915.684671][T13322]  oom_kill_process+0x3a7/0x930
[ 1915.689540][T13322]  out_of_memory+0xf67/0x1320
[ 1915.694233][T13322]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1915.699883][T13322]  ? __pfx___mutex_lock+0x10/0x10
[ 1915.704918][T13322]  ? __pfx_out_of_memory+0x10/0x10
[ 1915.710138][T13322]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1915.715727][T13322]  ? __pfx_lock_release+0x10/0x10
[ 1915.720775][T13322]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1915.726860][T13322]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1915.732075][T13322]  ? mem_cgroup_iter+0x3e9/0x560
[ 1915.737033][T13322]  try_charge_memcg+0xda2/0x18a0
[ 1915.742008][T13322]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1915.747389][T13322]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1915.753118][T13322]  ? __pfx_lock_release+0x10/0x10
[ 1915.758252][T13322]  ? memcg_account_kmem+0x1e7/0x210
[ 1915.763474][T13322]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1915.769294][T13322]  __memcg_kmem_charge_page+0xe1/0x250
[ 1915.774773][T13322]  memcg_charge_kernel_stack+0x196/0x550
[ 1915.780420][T13322]  dup_task_struct+0x15d/0x7d0
[ 1915.785203][T13322]  copy_process+0x5d5/0x3fc0
[ 1915.789818][T13322]  ? __might_fault+0xa9/0x120
[ 1915.794519][T13322]  ? __pfx_lock_release+0x10/0x10
[ 1915.799562][T13322]  ? __pfx_copy_process+0x10/0x10
[ 1915.804596][T13322]  ? __might_fault+0xc5/0x120
[ 1915.809286][T13322]  ? __asan_memset+0x23/0x50
[ 1915.813893][T13322]  kernel_clone+0x21d/0x8d0
[ 1915.818413][T13322]  ? __pfx_kernel_clone+0x10/0x10
[ 1915.823462][T13322]  __se_sys_clone3+0x2cb/0x350
[ 1915.828255][T13322]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1915.833575][T13322]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1915.839586][T13322]  ? exc_page_fault+0x587/0x870
[ 1915.844463][T13322]  ? do_syscall_64+0xb4/0x240
[ 1915.849249][T13322]  do_syscall_64+0xf9/0x240
[ 1915.853774][T13322]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1915.859693][T13322] RIP: 0033:0x7fc7360a9b99
[ 1915.864119][T13322] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1915.883731][T13322] RSP: 002b:00007ffeef0080a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1915.892182][T13322] RAX: ffffffffffffffda RBX: 00007fc736052270 RCX: 00007fc7360a9b99
[ 1915.900263][T13322] RDX: 00007fc736052270 RSI: 0000000000000058 RDI: 00007ffeef0080f0
[ 1915.908248][T13322] RBP: 00007fc736ec76c0 R08: 00007fc736ec76c0 R09: 00007ffeef0081d7
[ 1915.916231][T13322] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1915.924209][T13322] R13: 000000000000000b R14: 00007ffeef0080f0 R15: 00007ffeef0081d8
[ 1915.932227][T13322]  </TASK>
[ 1915.970278][T13322] memory: usage 307200kB, limit 307200kB, failcnt 76180
[ 1915.991196][T13322] memory+swap: usage 307372kB, limit 9007199254740988kB, failcnt 0
[ 1916.006478][T13322] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1916.021494][T13322] Memory cgroup stats for /syz2:
[ 1916.021651][T13322] cache 0
[ 1916.050633][T13322] rss 4096
[ 1916.056520][T13322] rss_huge 0
[ 1916.065474][T13322] shmem 0
[ 1916.086647][T13322] mapped_file 0
[ 1916.114041][T13322] dirty 0
[ 1916.125556][T13322] writeback 0
[ 1916.139486][T13322] workingset_refault_anon 51053
[ 1916.145473][T13322] workingset_refault_file 1
[ 1916.194892][T13322] swap 172032
[ 1916.222273][T13322] swapcached 4096
[ 1916.225980][T13322] pgpgin 177054
[ 1916.238140][T13322] pgpgout 177053
[ 1916.241753][T13322] pgfault 390342
[ 1916.245333][T13322] pgmajfault 47264
[ 1916.262389][T13322] inactive_anon 0
[ 1916.266091][T13322] active_anon 4096
[ 1916.284669][T13322] inactive_file 0
[ 1916.292913][T13322] active_file 0
[ 1916.296476][T13322] unevictable 0
[ 1916.309583][T13322] hierarchical_memory_limit 314572800
[ 1916.315027][T13322] hierarchical_memsw_limit 9223372036854771712
[ 1916.330248][T13322] total_cache 0
[ 1916.333875][T13322] total_rss 4096
[ 1916.339996][T13322] total_rss_huge 0
[ 1916.344399][T13322] total_shmem 0
[ 1916.351886][T13322] total_mapped_file 0
[ 1916.356056][T13322] total_dirty 0
[ 1916.360127][T13322] total_writeback 0
[ 1916.366438][T13322] total_workingset_refault_anon 51053
[ 1916.382642][T13322] total_workingset_refault_file 1
[ 1916.389549][T13322] total_swap 172032
[ 1916.393529][T13322] total_swapcached 4096
[ 1916.403182][T13322] total_pgpgin 177054
[ 1916.408915][T13322] total_pgpgout 177053
[ 1916.413162][T13322] total_pgfault 390342
[ 1916.422804][T13322] total_pgmajfault 47264
[ 1916.439535][T13322] total_inactive_anon 0
[ 1916.449702][T13322] total_active_anon 4096
[ 1916.460156][T13322] total_inactive_file 0
[ 1916.470068][T13322] total_active_file 0
[ 1916.490782][T13322] total_unevictable 0
[ 1916.494835][T13322] anon_cost 0
[ 1916.500120][T13322] file_cost 0
[ 1916.503447][T13322] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13322,uid=0
[ 1916.542659][T13322] Memory cgroup out of memory: Killed process 13322 (syz-executor.2) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 1916.589120][T13325] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1916.607080][T13325] CPU: 1 PID: 13325 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1916.617561][T13325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1916.627668][T13325] Call Trace:
[ 1916.630985][T13325]  <TASK>
[ 1916.633944][T13325]  dump_stack_lvl+0x1e7/0x2e0
[ 1916.638672][T13325]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1916.643922][T13325]  ? __pfx__printk+0x10/0x10
[ 1916.648562][T13325]  ? ___ratelimit+0x4c4/0x670
[ 1916.653297][T13325]  ? __pfx____ratelimit+0x10/0x10
[ 1916.658377][T13325]  dump_header+0xda/0x6a0
[ 1916.662755][T13325]  oom_kill_process+0x3a7/0x930
[ 1916.667654][T13325]  out_of_memory+0xf67/0x1320
[ 1916.672373][T13325]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1916.678088][T13325]  ? __pfx___mutex_lock+0x10/0x10
[ 1916.683157][T13325]  ? __pfx_out_of_memory+0x10/0x10
[ 1916.688331][T13325]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1916.693924][T13325]  ? __pfx_lock_release+0x10/0x10
[ 1916.699005][T13325]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1916.705122][T13325]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1916.710384][T13325]  ? mem_cgroup_iter+0x3e9/0x560
[ 1916.715377][T13325]  try_charge_memcg+0xda2/0x18a0
[ 1916.720388][T13325]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1916.725802][T13325]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1916.731566][T13325]  ? __pfx_lock_release+0x10/0x10
[ 1916.736641][T13325]  ? memcg_account_kmem+0x1e7/0x210
[ 1916.741897][T13325]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1916.747761][T13325]  __memcg_kmem_charge_page+0xe1/0x250
[ 1916.753277][T13325]  memcg_charge_kernel_stack+0x196/0x550
[ 1916.758968][T13325]  dup_task_struct+0x15d/0x7d0
[ 1916.763780][T13325]  copy_process+0x5d5/0x3fc0
[ 1916.768419][T13325]  ? __might_fault+0xa9/0x120
[ 1916.773143][T13325]  ? __pfx_lock_release+0x10/0x10
[ 1916.778222][T13325]  ? __pfx_copy_process+0x10/0x10
[ 1916.783290][T13325]  ? __might_fault+0xc5/0x120
[ 1916.788013][T13325]  ? __asan_memset+0x23/0x50
[ 1916.792643][T13325]  kernel_clone+0x21d/0x8d0
[ 1916.797189][T13325]  ? __pfx_kernel_clone+0x10/0x10
[ 1916.802275][T13325]  __se_sys_clone3+0x2cb/0x350
[ 1916.807086][T13325]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1916.812425][T13325]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1916.820210][T13325]  ? exc_page_fault+0x587/0x870
[ 1916.825121][T13325]  ? do_syscall_64+0xb4/0x240
[ 1916.829853][T13325]  do_syscall_64+0xf9/0x240
[ 1916.834419][T13325]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1916.840377][T13325] RIP: 0033:0x7fa936ca9b99
[ 1916.844831][T13325] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1916.864487][T13325] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1916.872960][T13325] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1916.880997][T13325] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1916.889028][T13325] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
[ 1916.897048][T13325] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1916.905068][T13325] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1916.913108][T13325]  </TASK>
00:47:43 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8100]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1916.957332][T13325] memory: usage 307200kB, limit 307200kB, failcnt 8884
[ 1916.964252][T13325] memory+swap: usage 307360kB, limit 9007199254740988kB, failcnt 0
[ 1916.973451][T13325] kmem: usage 307168kB, limit 9007199254740988kB, failcnt 0
[ 1916.981943][T13325] Memory cgroup stats for /syz1:
[ 1916.982098][T13325] cache 12288
[ 1916.993794][T13325] rss 0
[ 1916.997859][T13325] rss_huge 0
[ 1917.001349][T13325] shmem 0
[ 1917.004650][T13325] mapped_file 0
[ 1917.037373][T13325] dirty 12288
[ 1917.041041][T13325] writeback 0
[ 1917.044537][T13325] workingset_refault_anon 3751
[ 1917.057140][T13325] workingset_refault_file 1
[ 1917.062877][T13325] swap 172032
[ 1917.066200][T13325] swapcached 0
[ 1917.077582][T13325] pgpgin 129399
[ 1917.081109][T13325] pgpgout 129396
[ 1917.084689][T13325] pgfault 339200
[ 1917.103164][T13325] pgmajfault 3535
[ 1917.111462][T13325] inactive_anon 0
[ 1917.119621][T13325] active_anon 0
[ 1917.140771][T13325] inactive_file 8192
[ 1917.149179][T13325] active_file 4096
[ 1917.158295][T13325] unevictable 0
[ 1917.168993][T13325] hierarchical_memory_limit 314572800
[ 1917.184321][T13325] hierarchical_memsw_limit 9223372036854771712
[ 1917.221853][T13325] total_cache 12288
[ 1917.225721][T13325] total_rss 0
[ 1917.241729][T13325] total_rss_huge 0
[ 1917.245528][T13325] total_shmem 0
[ 1917.262608][T13325] total_mapped_file 0
[ 1917.266650][T13325] total_dirty 12288
[ 1917.276561][T13325] total_writeback 0
[ 1917.289416][T13325] total_workingset_refault_anon 3751
[ 1917.295579][T13325] total_workingset_refault_file 1
[ 1917.322724][T13325] total_swap 172032
[ 1917.326599][T13325] total_swapcached 0
[ 1917.337280][T13325] total_pgpgin 129399
[ 1917.341313][T13325] total_pgpgout 129396
[ 1917.345403][T13325] total_pgfault 339200
00:47:43 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1917.375021][T13325] total_pgmajfault 3535
[ 1917.382579][T13325] total_inactive_anon 0
[ 1917.386785][T13325] total_active_anon 0
[ 1917.412522][T13325] total_inactive_file 8192
[ 1917.419379][T13325] total_active_file 4096
[ 1917.423833][T13325] total_unevictable 0
[ 1917.434027][T13325] anon_cost 0
[ 1917.440348][T13325] file_cost 0
[ 1917.443702][T13325] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13325,uid=0
[ 1917.488231][T13325] Memory cgroup out of memory: Killed process 13325 (syz-executor.1) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
00:47:43 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff7f]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1918.249750][ T5110] syz-executor.2 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1918.300357][ T5110] CPU: 1 PID: 5110 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1918.310760][ T5110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1918.320862][ T5110] Call Trace:
[ 1918.324174][ T5110]  <TASK>
[ 1918.327145][ T5110]  dump_stack_lvl+0x1e7/0x2e0
[ 1918.331900][ T5110]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1918.337159][ T5110]  ? __pfx__printk+0x10/0x10
[ 1918.341803][ T5110]  ? ___ratelimit+0x4c4/0x670
[ 1918.346536][ T5110]  ? __pfx____ratelimit+0x10/0x10
[ 1918.351615][ T5110]  dump_header+0xda/0x6a0
[ 1918.355993][ T5110]  oom_kill_process+0x3a7/0x930
[ 1918.360913][ T5110]  out_of_memory+0xf67/0x1320
[ 1918.365644][ T5110]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1918.371317][ T5110]  ? __pfx___mutex_lock+0x10/0x10
[ 1918.376388][ T5110]  ? __pfx_out_of_memory+0x10/0x10
[ 1918.381590][ T5110]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1918.387183][ T5110]  ? __pfx_lock_release+0x10/0x10
[ 1918.392255][ T5110]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1918.398377][ T5110]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1918.403621][ T5110]  ? mem_cgroup_iter+0x3e9/0x560
[ 1918.408603][ T5110]  try_charge_memcg+0xda2/0x18a0
[ 1918.413586][ T5110]  ? mark_lock+0x9a/0x350
[ 1918.417989][ T5110]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1918.423441][ T5110]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1918.429638][ T5110]  charge_memcg+0xa2/0x160
[ 1918.434106][ T5110]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1918.440213][ T5110]  __read_swap_cache_async+0x480/0x8b0
[ 1918.445716][ T5110]  ? mark_lock+0x9a/0x350
[ 1918.450096][ T5110]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1918.456141][ T5110]  swap_cluster_readahead+0x67c/0x810
[ 1918.461668][ T5110]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1918.467618][ T5110]  ? __pfx_lock_release+0x10/0x10
[ 1918.472700][ T5110]  ? xas_descend+0x37e/0x470
[ 1918.477357][ T5110]  swapin_readahead+0x1ea/0x1070
[ 1918.482357][ T5110]  ? filemap_get_entry+0x127/0x4e0
[ 1918.487539][ T5110]  ? __pfx_swapin_readahead+0x10/0x10
[ 1918.492989][ T5110]  ? __filemap_get_folio+0x935/0xbc0
[ 1918.498343][ T5110]  ? swap_cache_get_folio+0x9f/0x570
[ 1918.503686][ T5110]  do_swap_page+0x791/0x3f40
[ 1918.508352][ T5110]  ? rcu_is_watching+0x15/0xb0
[ 1918.513182][ T5110]  ? do_swap_page+0x154/0x3f40
[ 1918.517991][ T5110]  ? __pfx_do_swap_page+0x10/0x10
[ 1918.523059][ T5110]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1918.528567][ T5110]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1918.534440][ T5110]  __handle_mm_fault+0x15e8/0x72d0
[ 1918.539634][ T5110]  ? reacquire_held_locks+0x3eb/0x690
[ 1918.545058][ T5110]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1918.550604][ T5110]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 1918.556391][ T5110]  ? mtree_range_walk+0x6fd/0x8e0
[ 1918.561475][ T5110]  ? lock_vma_under_rcu+0x18a/0x730
[ 1918.566726][ T5110]  ? __pfx_lock_release+0x10/0x10
[ 1918.571803][ T5110]  ? lock_vma_under_rcu+0x2f9/0x730
[ 1918.577077][ T5110]  ? lock_vma_under_rcu+0x18a/0x730
[ 1918.582343][ T5110]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 1918.587952][ T5110]  handle_mm_fault+0x3c1/0x8a0
[ 1918.592781][ T5110]  exc_page_fault+0x456/0x870
[ 1918.598310][ T5110]  asm_exc_page_fault+0x26/0x30
[ 1918.603211][ T5110] RIP: 0033:0x7fc73607dd36
[ 1918.607672][ T5110] Code: fb e8 5e f6 01 00 85 c0 b8 00 00 00 00 48 0f 45 d8 48 89 d8 5b c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 83 ec 28 31 f6 <64> 48 8b 04 25 28 00 00 00 48 89 44 24 18 31 c0 89 f8 48 69 c0 83
[ 1918.627330][ T5110] RSP: 002b:00007ffeef0084c0 EFLAGS: 00010246
[ 1918.633456][ T5110] RAX: 0000000000000000 RBX: 00000000000035b6 RCX: 0000000000000000
[ 1918.641474][ T5110] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000000003e8
[ 1918.649491][ T5110] RBP: 00007ffeef00854c R08: 0000000000000000 R09: 00007ffeef05f0b0
[ 1918.657511][ T5110] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 1918.665791][ T5110] R13: 00000000001d4074 R14: 00000000001d4074 R15: 0000000000000000
[ 1918.673867][ T5110]  </TASK>
[ 1918.755985][ T5110] memory: usage 307192kB, limit 307200kB, failcnt 76830
[ 1918.766994][ T5110] memory+swap: usage 307364kB, limit 9007199254740988kB, failcnt 0
[ 1918.785066][ T5110] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 1918.793364][ T5110] Memory cgroup stats for /syz2:
[ 1918.793516][ T5110] cache 0
[ 1918.821093][ T5110] rss 4096
[ 1918.825701][ T5110] rss_huge 0
[ 1918.834041][ T5110] shmem 0
[ 1918.842081][ T5110] mapped_file 0
[ 1918.849453][ T5110] dirty 0
[ 1918.856300][ T5110] writeback 0
[ 1918.863261][ T5110] workingset_refault_anon 51295
[ 1918.873875][ T5110] workingset_refault_file 1
[ 1918.883422][ T5110] swap 172032
[ 1918.886770][ T5110] swapcached 4096
[ 1918.898265][ T5110] pgpgin 177310
[ 1918.901795][ T5110] pgpgout 177309
[ 1918.905371][ T5110] pgfault 390728
[ 1918.912879][ T5110] pgmajfault 47486
[ 1918.924632][ T5110] inactive_anon 0
[ 1918.934533][ T5110] active_anon 4096
[ 1918.941918][ T5110] inactive_file 0
[ 1918.945604][ T5110] active_file 0
[ 1918.959268][ T5110] unevictable 0
[ 1918.962857][ T5110] hierarchical_memory_limit 314572800
[ 1918.977810][ T5110] hierarchical_memsw_limit 9223372036854771712
[ 1918.991139][ T5110] total_cache 0
[ 1918.994662][ T5110] total_rss 4096
[ 1919.017157][ T5110] total_rss_huge 0
[ 1919.020945][ T5110] total_shmem 0
[ 1919.024469][ T5110] total_mapped_file 0
[ 1919.037240][ T5110] total_dirty 0
[ 1919.044982][ T5110] total_writeback 0
[ 1919.055450][ T5110] total_workingset_refault_anon 51295
[ 1919.068477][ T5110] total_workingset_refault_file 1
[ 1919.073567][ T5110] total_swap 172032
[ 1919.087143][ T5110] total_swapcached 4096
[ 1919.095978][ T5110] total_pgpgin 177310
[ 1919.104673][ T5110] total_pgpgout 177309
[ 1919.113433][ T5110] total_pgfault 390728
[ 1919.122283][ T5110] total_pgmajfault 47486
[ 1919.126591][ T5110] total_inactive_anon 0
[ 1919.141224][ T5110] total_active_anon 4096
[ 1919.145537][ T5110] total_inactive_file 0
[ 1919.160038][ T5110] total_active_file 0
[ 1919.164121][ T5110] total_unevictable 0
[ 1919.178014][ T5110] anon_cost 0
[ 1919.185851][ T5110] file_cost 0
[ 1919.192569][ T5110] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13326,uid=0
[ 1919.208877][ T5110] Memory cgroup out of memory: Killed process 13326 (syz-executor.2) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 1919.244518][T13329] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1919.255112][T13329] CPU: 1 PID: 13329 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1919.265575][T13329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1919.275677][T13329] Call Trace:
[ 1919.279004][T13329]  <TASK>
[ 1919.281971][T13329]  dump_stack_lvl+0x1e7/0x2e0
[ 1919.286707][T13329]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1919.291988][T13329]  ? __pfx__printk+0x10/0x10
[ 1919.296630][T13329]  ? ___ratelimit+0x4c4/0x670
[ 1919.301361][T13329]  ? __pfx____ratelimit+0x10/0x10
[ 1919.306444][T13329]  dump_header+0xda/0x6a0
[ 1919.310827][T13329]  oom_kill_process+0x3a7/0x930
[ 1919.315735][T13329]  out_of_memory+0xf67/0x1320
[ 1919.320468][T13329]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1919.326115][T13329]  ? __pfx___mutex_lock+0x10/0x10
[ 1919.331152][T13329]  ? __pfx_out_of_memory+0x10/0x10
[ 1919.336284][T13329]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1919.341849][T13329]  ? __pfx_lock_release+0x10/0x10
[ 1919.346926][T13329]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1919.353011][T13329]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1919.358225][T13329]  ? mem_cgroup_iter+0x3e9/0x560
[ 1919.363180][T13329]  try_charge_memcg+0xda2/0x18a0
[ 1919.368153][T13329]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1919.373536][T13329]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1919.379268][T13329]  ? __pfx_lock_release+0x10/0x10
[ 1919.384313][T13329]  ? memcg_account_kmem+0x1e7/0x210
[ 1919.389545][T13329]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1919.395365][T13329]  __memcg_kmem_charge_page+0xe1/0x250
[ 1919.400845][T13329]  memcg_charge_kernel_stack+0x196/0x550
[ 1919.406495][T13329]  dup_task_struct+0x40d/0x7d0
[ 1919.411296][T13329]  copy_process+0x5d5/0x3fc0
[ 1919.415935][T13329]  ? __might_fault+0xa9/0x120
[ 1919.420629][T13329]  ? __pfx_lock_release+0x10/0x10
[ 1919.425676][T13329]  ? __pfx_copy_process+0x10/0x10
[ 1919.435396][T13329]  ? __might_fault+0xc5/0x120
[ 1919.440091][T13329]  ? __asan_memset+0x23/0x50
[ 1919.444703][T13329]  kernel_clone+0x21d/0x8d0
[ 1919.449228][T13329]  ? __pfx_kernel_clone+0x10/0x10
[ 1919.454293][T13329]  __se_sys_clone3+0x2cb/0x350
[ 1919.459074][T13329]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1919.464386][T13329]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1919.470395][T13329]  ? exc_page_fault+0x587/0x870
[ 1919.475265][T13329]  ? do_syscall_64+0xb4/0x240
[ 1919.479966][T13329]  do_syscall_64+0xf9/0x240
[ 1919.484490][T13329]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1919.491793][T13329] RIP: 0033:0x7fa936ca9b99
[ 1919.496394][T13329] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1919.516018][T13329] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1919.524444][T13329] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1919.532422][T13329] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
00:47:45 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8847]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1919.540414][T13329] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
[ 1919.548397][T13329] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1919.556636][T13329] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1919.564664][T13329]  </TASK>
[ 1919.647177][T13329] memory: usage 307192kB, limit 307200kB, failcnt 9336
[ 1919.654108][T13329] memory+swap: usage 307348kB, limit 9007199254740988kB, failcnt 0
[ 1919.736047][T13329] kmem: usage 307168kB, limit 9007199254740988kB, failcnt 0
[ 1919.766868][T13329] Memory cgroup stats for /syz1:
[ 1919.767361][T13329] cache 12288
[ 1919.775699][T13329] rss 0
[ 1919.779363][T13329] rss_huge 0
[ 1919.782709][T13329] shmem 0
[ 1919.785811][T13329] mapped_file 0
[ 1919.789555][T13329] dirty 12288
[ 1919.792978][T13329] writeback 0
[ 1919.796383][T13329] workingset_refault_anon 3897
[ 1919.803398][T13329] workingset_refault_file 1
[ 1919.810588][T13329] swap 159744
[ 1919.814055][T13329] swapcached 0
[ 1919.817656][T13329] pgpgin 129557
[ 1919.821269][T13329] pgpgout 129554
[ 1919.824954][T13329] pgfault 339428
[ 1919.828802][T13329] pgmajfault 3669
[ 1919.832572][T13329] inactive_anon 0
[ 1919.836344][T13329] active_anon 0
[ 1919.840048][T13329] inactive_file 8192
[ 1919.844080][T13329] active_file 4096
[ 1919.854869][T13329] unevictable 0
[ 1919.862684][T13329] hierarchical_memory_limit 314572800
[ 1919.874277][T13329] hierarchical_memsw_limit 9223372036854771712
[ 1919.888148][T13329] total_cache 12288
[ 1919.896642][T13329] total_rss 0
[ 1919.904725][T13329] total_rss_huge 0
[ 1919.914417][T13329] total_shmem 0
[ 1919.923940][T13329] total_mapped_file 0
[ 1919.933473][T13329] total_dirty 12288
[ 1919.948992][T13329] total_writeback 0
[ 1919.955127][T13329] total_workingset_refault_anon 3897
[ 1919.977428][T13329] total_workingset_refault_file 1
[ 1919.982514][T13329] total_swap 159744
[ 1919.986358][T13329] total_swapcached 0
[ 1920.007562][T13329] total_pgpgin 129557
[ 1920.011612][T13329] total_pgpgout 129554
[ 1920.015715][T13329] total_pgfault 339428
[ 1920.026710][T13329] total_pgmajfault 3669
[ 1920.035210][T13329] total_inactive_anon 0
[ 1920.155491][T13329] total_active_anon 0
[ 1920.170008][T13329] total_inactive_file 8192
[ 1920.174647][T13329] total_active_file 4096
[ 1920.203668][T13329] total_unevictable 0
[ 1920.221747][T13329] anon_cost 0
[ 1920.229337][T13329] file_cost 0
[ 1920.241570][T13329] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13329,uid=0
[ 1920.286683][T13329] Memory cgroup out of memory: Killed process 13329 (syz-executor.1) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
00:47:46 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff1]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:47:46 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1920.746706][ T5099] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1920.796326][ T5099] CPU: 0 PID: 5099 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1920.806725][ T5099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1920.816825][ T5099] Call Trace:
[ 1920.820139][ T5099]  <TASK>
[ 1920.823113][ T5099]  dump_stack_lvl+0x1e7/0x2e0
[ 1920.827852][ T5099]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1920.833106][ T5099]  ? __pfx__printk+0x10/0x10
[ 1920.837752][ T5099]  ? ___ratelimit+0x4c4/0x670
[ 1920.842481][ T5099]  ? __pfx____ratelimit+0x10/0x10
[ 1920.847561][ T5099]  dump_header+0xda/0x6a0
[ 1920.851970][ T5099]  oom_kill_process+0x3a7/0x930
[ 1920.856878][ T5099]  out_of_memory+0xf67/0x1320
[ 1920.861611][ T5099]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1920.867301][ T5099]  ? __pfx___mutex_lock+0x10/0x10
[ 1920.872372][ T5099]  ? __pfx_out_of_memory+0x10/0x10
[ 1920.877548][ T5099]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1920.883137][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1920.888215][ T5099]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1920.894335][ T5099]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1920.899583][ T5099]  ? mem_cgroup_iter+0x3e9/0x560
[ 1920.904572][ T5099]  try_charge_memcg+0xda2/0x18a0
[ 1920.909553][ T5099]  ? mark_lock+0x9a/0x350
[ 1920.913945][ T5099]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1920.919400][ T5099]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1920.925599][ T5099]  charge_memcg+0xa2/0x160
[ 1920.930070][ T5099]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1920.936192][ T5099]  __read_swap_cache_async+0x480/0x8b0
[ 1920.941698][ T5099]  ? mark_lock+0x9a/0x350
[ 1920.946087][ T5099]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1920.952141][ T5099]  swap_cluster_readahead+0x67c/0x810
[ 1920.957577][ T5099]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1920.963533][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1920.968621][ T5099]  ? xas_descend+0x37e/0x470
[ 1920.973281][ T5099]  swapin_readahead+0x1ea/0x1070
[ 1920.978360][ T5099]  ? filemap_get_entry+0x127/0x4e0
[ 1920.983536][ T5099]  ? __pfx_swapin_readahead+0x10/0x10
[ 1920.988977][ T5099]  ? __filemap_get_folio+0x935/0xbc0
[ 1920.994329][ T5099]  ? swap_cache_get_folio+0x9f/0x570
[ 1920.999679][ T5099]  do_swap_page+0x791/0x3f40
[ 1921.004323][ T5099]  ? __lock_acquire+0x1345/0x1fd0
[ 1921.009414][ T5099]  ? rcu_is_watching+0x15/0xb0
[ 1921.014248][ T5099]  ? do_swap_page+0x154/0x3f40
[ 1921.019067][ T5099]  ? __pfx_do_swap_page+0x10/0x10
[ 1921.024144][ T5099]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1921.029758][ T5099]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1921.035631][ T5099]  ? __pfx_validate_chain+0x10/0x10
[ 1921.040898][ T5099]  __handle_mm_fault+0x15e8/0x72d0
[ 1921.046880][ T5099]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1921.052406][ T5099]  ? mt_find+0x226/0x850
[ 1921.056831][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1921.061935][ T5099]  ? mt_find+0x62d/0x850
[ 1921.066239][ T5099]  ? mt_find+0x226/0x850
[ 1921.070725][ T5099]  ? find_vma+0x142/0x1c0
[ 1921.075117][ T5099]  ? __pfx_find_vma+0x10/0x10
[ 1921.079932][ T5099]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1921.085997][ T5099]  handle_mm_fault+0x3c1/0x8a0
[ 1921.090931][ T5099]  exc_page_fault+0x2ad/0x870
[ 1921.095695][ T5099]  asm_exc_page_fault+0x26/0x30
[ 1921.100610][ T5099] RIP: 0010:__get_user_8+0x11/0x20
[ 1921.105802][ T5099] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 1921.125470][ T5099] RSP: 0000:ffffc90003dffd78 EFLAGS: 00050202
[ 1921.131597][ T5099] RAX: 0000555556d69da8 RBX: ffff888021c59538 RCX: ffffc90003dffc03
[ 1921.139621][ T5099] RDX: 0000000000000000 RSI: ffffffff8baac7e0 RDI: ffffffff8bfe6de0
[ 1921.147642][ T5099] RBP: ffffc90003dffec0 R08: ffffffff8f856baf R09: 1ffffffff1f0ad75
[ 1921.155663][ T5099] R10: dffffc0000000000 R11: fffffbfff1f0ad76 R12: ffffc90003dffd80
[ 1921.163686][ T5099] R13: ffffc90003dfffd8 R14: dffffc0000000000 R15: ffff888021c58000
[ 1921.171735][ T5099]  __rseq_handle_notify_resume+0x158/0x1490
[ 1921.177737][ T5099]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 1921.184152][ T5099]  ? irqentry_exit_to_user_mode+0x52/0x270
[ 1921.190026][ T5099]  irqentry_exit_to_user_mode+0xbb/0x270
[ 1921.195724][ T5099]  exc_page_fault+0x587/0x870
[ 1921.200560][ T5099]  asm_exc_page_fault+0x26/0x30
[ 1921.205456][ T5099] RIP: 0033:0x7fa936c7a780
[ 1921.209917][ T5099] Code: ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 <80> 3d 71 57 10 00 00 49 89 ca 74 14 b8 3d 00 00 00 0f 05 48 3d 00
[ 1921.229578][ T5099] RSP: 002b:00007fff55d50ae8 EFLAGS: 00010246
[ 1921.235700][ T5099] RAX: 00000000000000e4 RBX: 0000000000003885 RCX: 0000000000000000
[ 1921.243718][ T5099] RDX: 0000000040000001 RSI: 00007fff55d50b4c RDI: 00000000ffffffff
[ 1921.251737][ T5099] RBP: 00007fff55d50b4c R08: 0000000000000010 R09: 00007fff55de70b0
[ 1921.259755][ T5099] R10: 00007fff55de7080 R11: 000000000005bdb8 R12: 0000000000000032
[ 1921.267777][ T5099] R13: 00000000001d4dae R14: 00000000001d4dae R15: 0000000000000000
[ 1921.275816][ T5099]  </TASK>
[ 1921.298176][ T5099] memory: usage 307200kB, limit 307200kB, failcnt 9594
[ 1921.305200][ T5099] memory+swap: usage 307356kB, limit 9007199254740988kB, failcnt 0
[ 1921.313818][ T5099] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1921.327135][ T5099] Memory cgroup stats for /syz1:
[ 1921.327286][ T5099] cache 0
[ 1921.335354][ T5099] rss 0
[ 1921.338946][ T5099] rss_huge 0
[ 1921.342271][ T5099] shmem 0
[ 1921.345313][ T5099] mapped_file 0
[ 1921.349507][ T5099] dirty 0
[ 1921.352600][ T5099] writeback 0
[ 1921.356002][ T5099] workingset_refault_anon 3984
[ 1921.362650][ T5099] workingset_refault_file 1
[ 1921.377182][ T5099] swap 159744
[ 1921.383985][ T5099] swapcached 0
[ 1921.395331][ T5099] pgpgin 129655
[ 1921.411142][ T5099] pgpgout 129655
[ 1921.415091][ T5099] pgfault 339583
[ 1921.423023][ T5099] pgmajfault 3752
[ 1921.426807][ T5099] inactive_anon 0
[ 1921.433587][ T5099] active_anon 0
[ 1921.441327][ T5099] inactive_file 0
[ 1921.445126][ T5099] active_file 0
[ 1921.451807][ T5099] unevictable 0
[ 1921.455409][ T5099] hierarchical_memory_limit 314572800
[ 1921.465434][ T5099] hierarchical_memsw_limit 9223372036854771712
[ 1921.474708][ T5099] total_cache 0
[ 1921.482358][ T5099] total_rss 0
[ 1921.485805][ T5099] total_rss_huge 0
[ 1921.492197][ T5099] total_shmem 0
[ 1921.495813][ T5099] total_mapped_file 0
[ 1921.504343][ T5099] total_dirty 0
[ 1921.508342][ T5099] total_writeback 0
[ 1921.512291][ T5099] total_workingset_refault_anon 3984
[ 1921.518321][ T5099] total_workingset_refault_file 1
[ 1921.523471][ T5099] total_swap 159744
[ 1921.527947][ T5099] total_swapcached 0
[ 1921.531982][ T5099] total_pgpgin 129655
[ 1921.536081][ T5099] total_pgpgout 129655
[ 1921.540975][ T5099] total_pgfault 339583
[ 1921.545175][ T5099] total_pgmajfault 3752
[ 1921.550053][ T5099] total_inactive_anon 0
[ 1921.554344][ T5099] total_active_anon 0
[ 1921.559060][ T5099] total_inactive_file 0
[ 1921.563367][ T5099] total_active_file 0
[ 1921.568179][ T5099] total_unevictable 0
[ 1921.572310][ T5099] anon_cost 0
[ 1921.575717][ T5099] file_cost 0
[ 1921.579921][ T5099] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13332,uid=0
[ 1921.597640][ T5099] Memory cgroup out of memory: Killed process 13332 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
[ 1921.654718][T13333] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1921.682367][T13333] CPU: 1 PID: 13333 Comm: syz-executor.3 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1921.692858][T13333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1921.702939][T13333] Call Trace:
[ 1921.706235][T13333]  <TASK>
[ 1921.709181][T13333]  dump_stack_lvl+0x1e7/0x2e0
[ 1921.713889][T13333]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1921.719111][T13333]  ? __pfx__printk+0x10/0x10
[ 1921.723720][T13333]  ? ___ratelimit+0x4c4/0x670
[ 1921.728443][T13333]  ? __pfx____ratelimit+0x10/0x10
[ 1921.733488][T13333]  dump_header+0xda/0x6a0
[ 1921.737854][T13333]  oom_kill_process+0x3a7/0x930
[ 1921.742747][T13333]  out_of_memory+0xf67/0x1320
[ 1921.747449][T13333]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1921.753100][T13333]  ? __pfx___mutex_lock+0x10/0x10
[ 1921.758141][T13333]  ? __pfx_out_of_memory+0x10/0x10
[ 1921.763281][T13333]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1921.768930][T13333]  ? __pfx_lock_release+0x10/0x10
[ 1921.773984][T13333]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1921.780074][T13333]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1921.785293][T13333]  ? mem_cgroup_iter+0x3e9/0x560
[ 1921.790254][T13333]  try_charge_memcg+0xda2/0x18a0
[ 1921.795248][T13333]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1921.800643][T13333]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1921.806384][T13333]  ? __pfx_lock_release+0x10/0x10
[ 1921.811431][T13333]  ? memcg_account_kmem+0x1e7/0x210
[ 1921.816658][T13333]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1921.822481][T13333]  __memcg_kmem_charge_page+0xe1/0x250
[ 1921.827969][T13333]  memcg_charge_kernel_stack+0x3f8/0x550
[ 1921.833621][T13333]  dup_task_struct+0x40d/0x7d0
[ 1921.838406][T13333]  copy_process+0x5d5/0x3fc0
[ 1921.843067][T13333]  ? __might_fault+0xa9/0x120
[ 1921.847782][T13333]  ? __pfx_lock_release+0x10/0x10
[ 1921.852843][T13333]  ? __pfx_copy_process+0x10/0x10
[ 1921.857887][T13333]  ? __might_fault+0xc5/0x120
[ 1921.862583][T13333]  ? __asan_memset+0x23/0x50
[ 1921.867195][T13333]  kernel_clone+0x21d/0x8d0
[ 1921.871719][T13333]  ? __pfx_kernel_clone+0x10/0x10
[ 1921.876775][T13333]  __se_sys_clone3+0x2cb/0x350
[ 1921.881554][T13333]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1921.886878][T13333]  ? do_syscall_64+0x108/0x240
[ 1921.891670][T13333]  ? do_syscall_64+0xb4/0x240
[ 1921.896372][T13333]  do_syscall_64+0xf9/0x240
[ 1921.900904][T13333]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1921.906820][T13333] RIP: 0033:0x7f1eee4a9b99
[ 1921.911249][T13333] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1921.930867][T13333] RSP: 002b:00007ffc334af428 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1921.939299][T13333] RAX: ffffffffffffffda RBX: 00007f1eee452270 RCX: 00007f1eee4a9b99
[ 1921.947282][T13333] RDX: 00007f1eee452270 RSI: 0000000000000058 RDI: 00007ffc334af470
[ 1921.955267][T13333] RBP: 00007f1eef2856c0 R08: 00007f1eef2856c0 R09: 00007ffc334af557
[ 1921.963251][T13333] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1921.971236][T13333] R13: 000000000000006e R14: 00007ffc334af470 R15: 00007ffc334af558
[ 1921.979232][T13333]  </TASK>
[ 1922.043761][T13333] memory: usage 307200kB, limit 307200kB, failcnt 14836
[ 1922.057128][T13333] memory+swap: usage 307464kB, limit 9007199254740988kB, failcnt 0
[ 1922.065217][T13333] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[ 1922.079722][T13333] Memory cgroup stats for /syz3:
[ 1922.079874][T13333] cache 4096
[ 1922.094062][T13333] rss 0
[ 1922.096976][T13333] rss_huge 0
[ 1922.112420][T13333] shmem 0
[ 1922.115553][T13333] mapped_file 0
[ 1922.120934][T13333] dirty 0
[ 1922.124037][T13333] writeback 0
[ 1922.132896][T13333] workingset_refault_anon 9313
[ 1922.139490][T13333] workingset_refault_file 1
[ 1922.145019][T13333] swap 274432
[ 1922.153900][T13333] swapcached 0
[ 1922.159127][T13333] pgpgin 136779
[ 1922.162724][T13333] pgpgout 136778
[ 1922.166392][T13333] pgfault 355492
[ 1922.175841][T13333] pgmajfault 8944
[ 1922.188776][T13333] inactive_anon 0
[ 1922.214917][T13333] active_anon 0
[ 1922.227726][T13333] inactive_file 4096
[ 1922.231943][T13333] active_file 0
[ 1922.245409][T13333] unevictable 0
[ 1922.258075][T13333] hierarchical_memory_limit 314572800
[ 1922.277441][T13333] hierarchical_memsw_limit 9223372036854771712
[ 1922.298375][T13333] total_cache 4096
[ 1922.315137][T13333] total_rss 0
[ 1922.334832][T13333] total_rss_huge 0
[ 1922.354803][T13333] total_shmem 0
[ 1922.375199][T13333] total_mapped_file 0
[ 1922.401749][T13333] total_dirty 0
[ 1922.423596][T13333] total_writeback 0
[ 1922.478838][T13333] total_workingset_refault_anon 9313
[ 1922.507704][T13333] total_workingset_refault_file 1
[ 1922.556854][T13333] total_swap 274432
[ 1922.571558][T13333] total_swapcached 0
[ 1922.584652][T13333] total_pgpgin 136779
[ 1922.596254][T13333] total_pgpgout 136778
[ 1922.623178][T13333] total_pgfault 355492
[ 1922.640605][T13333] total_pgmajfault 8944
00:47:48 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8848]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1922.666246][T13333] total_inactive_anon 0
[ 1922.676302][T13333] total_active_anon 0
[ 1922.709425][T13333] total_inactive_file 4096
[ 1922.713918][T13333] total_active_file 0
[ 1922.759200][T13333] total_unevictable 0
[ 1922.763263][T13333] anon_cost 0
[ 1922.766587][T13333] file_cost 0
[ 1922.819752][T13333] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=13333,uid=0
[ 1922.888214][T13333] Memory cgroup out of memory: Killed process 13333 (syz-executor.3) total-vm:54640kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:92kB oom_score_adj:1000
00:47:49 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1923.055102][T13335] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1923.118745][T13335] CPU: 0 PID: 13335 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1923.129231][T13335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1923.139338][T13335] Call Trace:
[ 1923.142652][T13335]  <TASK>
[ 1923.145620][T13335]  dump_stack_lvl+0x1e7/0x2e0
[ 1923.150362][T13335]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1923.155622][T13335]  ? __pfx__printk+0x10/0x10
[ 1923.160275][T13335]  ? ___ratelimit+0x4c4/0x670
[ 1923.165006][T13335]  ? __pfx____ratelimit+0x10/0x10
[ 1923.170089][T13335]  dump_header+0xda/0x6a0
[ 1923.174654][T13335]  oom_kill_process+0x3a7/0x930
[ 1923.179565][T13335]  out_of_memory+0xf67/0x1320
[ 1923.184316][T13335]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1923.190786][T13335]  ? __pfx___mutex_lock+0x10/0x10
[ 1923.195867][T13335]  ? __pfx_out_of_memory+0x10/0x10
[ 1923.201050][T13335]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1923.206653][T13335]  ? __pfx_lock_release+0x10/0x10
[ 1923.211733][T13335]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1923.217836][T13335]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1923.223053][T13335]  ? mem_cgroup_iter+0x3e9/0x560
[ 1923.228009][T13335]  try_charge_memcg+0xda2/0x18a0
[ 1923.233000][T13335]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1923.238399][T13335]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1923.244505][T13335]  ? __pfx_lock_release+0x10/0x10
[ 1923.249559][T13335]  ? memcg_account_kmem+0x1e7/0x210
[ 1923.254783][T13335]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1923.260608][T13335]  __memcg_kmem_charge_page+0xe1/0x250
[ 1923.266091][T13335]  memcg_charge_kernel_stack+0x3f8/0x550
[ 1923.271746][T13335]  dup_task_struct+0x15d/0x7d0
[ 1923.276525][T13335]  copy_process+0x5d5/0x3fc0
[ 1923.281142][T13335]  ? __might_fault+0xa9/0x120
[ 1923.285834][T13335]  ? __pfx_lock_release+0x10/0x10
[ 1923.290892][T13335]  ? __pfx_copy_process+0x10/0x10
[ 1923.295928][T13335]  ? __might_fault+0xc5/0x120
[ 1923.300624][T13335]  ? __asan_memset+0x23/0x50
[ 1923.305233][T13335]  kernel_clone+0x21d/0x8d0
[ 1923.309756][T13335]  ? __pfx_kernel_clone+0x10/0x10
[ 1923.314816][T13335]  __se_sys_clone3+0x2cb/0x350
[ 1923.319620][T13335]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1923.324928][T13335]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1923.330950][T13335]  ? exc_page_fault+0x587/0x870
[ 1923.335826][T13335]  ? do_syscall_64+0xb4/0x240
[ 1923.340534][T13335]  do_syscall_64+0xf9/0x240
[ 1923.345061][T13335]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1923.350984][T13335] RIP: 0033:0x7fc7360a9b99
[ 1923.355423][T13335] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1923.375043][T13335] RSP: 002b:00007ffeef0080a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1923.383490][T13335] RAX: ffffffffffffffda RBX: 00007fc736052270 RCX: 00007fc7360a9b99
[ 1923.391472][T13335] RDX: 00007fc736052270 RSI: 0000000000000058 RDI: 00007ffeef0080f0
[ 1923.399453][T13335] RBP: 00007fc736ec76c0 R08: 00007fc736ec76c0 R09: 00007ffeef0081d7
[ 1923.407437][T13335] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1923.415423][T13335] R13: 000000000000000b R14: 00007ffeef0080f0 R15: 00007ffeef0081d8
[ 1923.423451][T13335]  </TASK>
[ 1923.477801][T13335] memory: usage 307200kB, limit 307200kB, failcnt 77703
[ 1923.484948][T13335] memory+swap: usage 307404kB, limit 9007199254740988kB, failcnt 0
[ 1923.518737][T13335] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1923.526101][T13335] Memory cgroup stats for /syz2:
[ 1923.526250][T13335] cache 0
[ 1923.545456][T13335] rss 0
[ 1923.549846][T13335] rss_huge 0
[ 1923.553096][T13335] shmem 0
[ 1923.556064][T13335] mapped_file 0
[ 1923.565256][T13335] dirty 0
[ 1923.569797][T13335] writeback 0
[ 1923.573130][T13335] workingset_refault_anon 51640
[ 1923.583052][T13335] workingset_refault_file 1
[ 1923.594258][T13335] swap 208896
[ 1923.602666][T13335] swapcached 0
[ 1923.606108][T13335] pgpgin 177679
[ 1923.611145][T13335] pgpgout 177679
[ 1923.614741][T13335] pgfault 391266
[ 1923.619564][T13335] pgmajfault 47795
[ 1923.623421][T13335] inactive_anon 0
[ 1923.627514][T13335] active_anon 0
[ 1923.631018][T13335] inactive_file 0
[ 1923.634672][T13335] active_file 0
[ 1923.638665][T13335] unevictable 0
[ 1923.646598][T13335] hierarchical_memory_limit 314572800
[ 1923.654309][T13335] hierarchical_memsw_limit 9223372036854771712
[ 1923.665839][T13335] total_cache 0
[ 1923.670931][T13335] total_rss 0
[ 1923.674270][T13335] total_rss_huge 0
[ 1923.683104][T13335] total_shmem 0
[ 1923.686631][T13335] total_mapped_file 0
[ 1923.693872][T13335] total_dirty 0
[ 1923.702454][T13335] total_writeback 0
[ 1923.706346][T13335] total_workingset_refault_anon 51640
[ 1923.713416][T13335] total_workingset_refault_file 1
[ 1923.723547][T13335] total_swap 208896
[ 1923.728940][T13335] total_swapcached 0
[ 1923.732883][T13335] total_pgpgin 177679
[ 1923.736889][T13335] total_pgpgout 177679
[ 1923.748856][T13335] total_pgfault 391266
[ 1923.753077][T13335] total_pgmajfault 47795
[ 1923.763089][T13335] total_inactive_anon 0
[ 1923.769997][T13335] total_active_anon 0
[ 1923.774028][T13335] total_inactive_file 0
[ 1923.782215][T13335] total_active_file 0
[ 1923.786261][T13335] total_unevictable 0
[ 1923.793110][T13335] anon_cost 0
[ 1923.796448][T13335] file_cost 0
[ 1923.803661][T13335] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13335,uid=0
[ 1923.825464][T13335] Memory cgroup out of memory: Killed process 13335 (syz-executor.2) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:47:50 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb487]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:47:50 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1923.931207][T13336] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1923.957887][T13336] CPU: 0 PID: 13336 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1923.968369][T13336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1923.978441][T13336] Call Trace:
[ 1923.981736][T13336]  <TASK>
[ 1923.984679][T13336]  dump_stack_lvl+0x1e7/0x2e0
[ 1923.989384][T13336]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1923.994603][T13336]  ? __pfx__printk+0x10/0x10
[ 1923.999302][T13336]  ? ___ratelimit+0x4c4/0x670
[ 1924.004003][T13336]  ? __pfx____ratelimit+0x10/0x10
[ 1924.009053][T13336]  dump_header+0xda/0x6a0
[ 1924.013492][T13336]  oom_kill_process+0x3a7/0x930
[ 1924.018404][T13336]  out_of_memory+0xf67/0x1320
[ 1924.023123][T13336]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1924.028780][T13336]  ? __pfx___mutex_lock+0x10/0x10
[ 1924.033829][T13336]  ? __pfx_out_of_memory+0x10/0x10
[ 1924.038970][T13336]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1924.044542][T13336]  ? __pfx_lock_release+0x10/0x10
[ 1924.049593][T13336]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1924.055683][T13336]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1924.060903][T13336]  ? mem_cgroup_iter+0x3e9/0x560
[ 1924.065864][T13336]  try_charge_memcg+0xda2/0x18a0
[ 1924.070843][T13336]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1924.076234][T13336]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1924.081969][T13336]  ? __pfx_lock_release+0x10/0x10
[ 1924.087021][T13336]  ? memcg_account_kmem+0x1e7/0x210
[ 1924.092245][T13336]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1924.098077][T13336]  __memcg_kmem_charge_page+0xe1/0x250
[ 1924.103564][T13336]  memcg_charge_kernel_stack+0x3f8/0x550
[ 1924.109220][T13336]  dup_task_struct+0x15d/0x7d0
[ 1924.114003][T13336]  copy_process+0x5d5/0x3fc0
[ 1924.118620][T13336]  ? __might_fault+0xa9/0x120
[ 1924.123316][T13336]  ? __pfx_lock_release+0x10/0x10
[ 1924.128367][T13336]  ? __pfx_copy_process+0x10/0x10
[ 1924.133407][T13336]  ? __might_fault+0xc5/0x120
[ 1924.138110][T13336]  ? __asan_memset+0x23/0x50
[ 1924.142727][T13336]  kernel_clone+0x21d/0x8d0
[ 1924.147256][T13336]  ? __pfx_kernel_clone+0x10/0x10
[ 1924.152321][T13336]  __se_sys_clone3+0x2cb/0x350
[ 1924.157118][T13336]  ? __might_fault+0xa9/0x120
[ 1924.161838][T13336]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1924.167165][T13336]  ? do_syscall_64+0x108/0x240
[ 1924.171958][T13336]  ? do_syscall_64+0xb4/0x240
[ 1924.176658][T13336]  do_syscall_64+0xf9/0x240
[ 1924.181188][T13336]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1924.187108][T13336] RIP: 0033:0x7fa936ca9b99
[ 1924.191561][T13336] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1924.211325][T13336] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1924.219775][T13336] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1924.227760][T13336] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1924.235741][T13336] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
[ 1924.243728][T13336] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1924.251710][T13336] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1924.259714][T13336]  </TASK>
[ 1924.264589][T13336] memory: usage 307200kB, limit 307200kB, failcnt 9789
[ 1924.272026][T13336] memory+swap: usage 307344kB, limit 9007199254740988kB, failcnt 0
[ 1924.280191][T13336] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[ 1924.287731][T13336] Memory cgroup stats for /syz1:
[ 1924.287890][T13336] cache 0
[ 1924.296067][T13336] rss 12288
[ 1924.299512][T13336] rss_huge 0
[ 1924.302910][T13336] shmem 0
[ 1924.306882][T13336] mapped_file 0
[ 1924.310519][T13336] dirty 0
[ 1924.313597][T13336] writeback 0
[ 1924.317112][T13336] workingset_refault_anon 4044
[ 1924.322010][T13336] workingset_refault_file 1
[ 1924.326635][T13336] swap 147456
[ 1924.330171][T13336] swapcached 12288
[ 1924.334015][T13336] pgpgin 129728
[ 1924.337696][T13336] pgpgout 129725
[ 1924.341386][T13336] pgfault 339700
[ 1924.345055][T13336] pgmajfault 3810
[ 1924.348865][T13336] inactive_anon 0
[ 1924.355061][T13336] active_anon 12288
[ 1924.373371][T13336] inactive_file 0
[ 1924.381231][T13336] active_file 0
[ 1924.385142][T13336] unevictable 0
[ 1924.389142][T13336] hierarchical_memory_limit 314572800
[ 1924.394680][T13336] hierarchical_memsw_limit 9223372036854771712
[ 1924.401559][T13336] total_cache 0
[ 1924.405172][T13336] total_rss 12288
[ 1924.409517][T13336] total_rss_huge 0
[ 1924.413354][T13336] total_shmem 0
[ 1924.416904][T13336] total_mapped_file 0
[ 1924.456131][T13336] total_dirty 0
[ 1924.467453][T13336] total_writeback 0
[ 1924.494126][T13336] total_workingset_refault_anon 4044
[ 1924.501392][T13336] total_workingset_refault_file 1
[ 1924.532210][T13336] total_swap 147456
[ 1924.539089][T13336] total_swapcached 12288
[ 1924.546989][T13336] total_pgpgin 129728
[ 1924.558854][T13336] total_pgpgout 129725
[ 1924.571040][T13336] total_pgfault 339700
[ 1924.580748][T13336] total_pgmajfault 3810
[ 1924.592273][T13336] total_inactive_anon 0
[ 1924.606507][T13336] total_active_anon 12288
[ 1924.665392][T13336] total_inactive_file 0
[ 1924.681407][T13336] total_active_file 0
[ 1924.695061][T13336] total_unevictable 0
[ 1924.702218][T13336] anon_cost 0
[ 1924.713940][T13336] file_cost 0
[ 1924.723014][T13336] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13336,uid=0
[ 1924.756025][T13336] Memory cgroup out of memory: Killed process 13336 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
00:47:51 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1925.373823][T13339] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1925.444063][T13339] CPU: 1 PID: 13339 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1925.454562][T13339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1925.464660][T13339] Call Trace:
[ 1925.467978][T13339]  <TASK>
[ 1925.470940][T13339]  dump_stack_lvl+0x1e7/0x2e0
[ 1925.475683][T13339]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1925.480946][T13339]  ? __pfx__printk+0x10/0x10
[ 1925.485589][T13339]  ? ___ratelimit+0x4c4/0x670
[ 1925.490331][T13339]  ? __pfx____ratelimit+0x10/0x10
[ 1925.495417][T13339]  dump_header+0xda/0x6a0
[ 1925.499810][T13339]  oom_kill_process+0x3a7/0x930
[ 1925.504721][T13339]  out_of_memory+0xf67/0x1320
[ 1925.509462][T13339]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1925.515182][T13339]  ? __pfx___mutex_lock+0x10/0x10
[ 1925.520253][T13339]  ? __pfx_out_of_memory+0x10/0x10
[ 1925.525425][T13339]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1925.531025][T13339]  ? __pfx_lock_release+0x10/0x10
[ 1925.536109][T13339]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1925.542239][T13339]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1925.547497][T13339]  ? mem_cgroup_iter+0x3e9/0x560
[ 1925.552498][T13339]  try_charge_memcg+0xda2/0x18a0
[ 1925.557514][T13339]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1925.562939][T13339]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1925.568713][T13339]  ? __pfx_lock_release+0x10/0x10
[ 1925.573804][T13339]  ? memcg_account_kmem+0x1e7/0x210
[ 1925.579065][T13339]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1925.584920][T13339]  __memcg_kmem_charge_page+0xe1/0x250
[ 1925.590441][T13339]  memcg_charge_kernel_stack+0x196/0x550
[ 1925.596142][T13339]  dup_task_struct+0x40d/0x7d0
[ 1925.600954][T13339]  copy_process+0x5d5/0x3fc0
[ 1925.605592][T13339]  ? __might_fault+0xa9/0x120
[ 1925.610305][T13339]  ? __pfx_lock_release+0x10/0x10
[ 1925.615371][T13339]  ? __pfx_copy_process+0x10/0x10
[ 1925.620431][T13339]  ? __might_fault+0xc5/0x120
[ 1925.625213][T13339]  ? __asan_memset+0x23/0x50
[ 1925.629938][T13339]  kernel_clone+0x21d/0x8d0
[ 1925.634496][T13339]  ? __pfx_kernel_clone+0x10/0x10
[ 1925.639582][T13339]  __se_sys_clone3+0x2cb/0x350
[ 1925.644389][T13339]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1925.649727][T13339]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1925.655788][T13339]  ? exc_page_fault+0x587/0x870
[ 1925.660699][T13339]  ? do_syscall_64+0xb4/0x240
[ 1925.665436][T13339]  do_syscall_64+0xf9/0x240
[ 1925.670018][T13339]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1925.675963][T13339] RIP: 0033:0x7fc7360a9b99
[ 1925.680423][T13339] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1925.700077][T13339] RSP: 002b:00007ffeef0080a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1925.708547][T13339] RAX: ffffffffffffffda RBX: 00007fc736052270 RCX: 00007fc7360a9b99
[ 1925.716569][T13339] RDX: 00007fc736052270 RSI: 0000000000000058 RDI: 00007ffeef0080f0
[ 1925.724588][T13339] RBP: 00007fc736ec76c0 R08: 00007fc736ec76c0 R09: 00007ffeef0081d7
[ 1925.732608][T13339] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1925.740628][T13339] R13: 000000000000000b R14: 00007ffeef0080f0 R15: 00007ffeef0081d8
[ 1925.748669][T13339]  </TASK>
[ 1925.951079][T13339] memory: usage 307200kB, limit 307200kB, failcnt 78295
[ 1925.978618][T13339] memory+swap: usage 307372kB, limit 9007199254740988kB, failcnt 0
[ 1925.999106][T13339] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 1926.047118][T13339] Memory cgroup stats for /syz2:
[ 1926.047283][T13339] cache 0
[ 1926.055233][T13339] rss 0
[ 1926.067071][T13339] rss_huge 0
[ 1926.070331][T13339] shmem 0
[ 1926.073306][T13339] mapped_file 0
[ 1926.076800][T13339] dirty 0
[ 1926.087533][T13339] writeback 0
[ 1926.090921][T13339] workingset_refault_anon 51831
[ 1926.095803][T13339] workingset_refault_file 1
[ 1926.136538][T13339] swap 176128
[ 1926.144406][T13339] swapcached 0
[ 1926.151715][T13339] pgpgin 177881
[ 1926.157799][ T2895] hsr_slave_0: left promiscuous mode
[ 1926.163504][T13339] pgpgout 177881
[ 1926.168817][T13339] pgfault 391565
[ 1926.172403][T13339] pgmajfault 47975
[ 1926.176385][ T2895] hsr_slave_1: left promiscuous mode
[ 1926.181914][T13339] inactive_anon 0
[ 1926.185952][T13339] active_anon 0
[ 1926.190837][T13339] inactive_file 0
[ 1926.194871][ T2895] batman_adv: batadv0: Removing interface: team0
[ 1926.202415][T13339] active_file 0
[ 1926.205923][T13339] unevictable 0
[ 1926.209885][T13339] hierarchical_memory_limit 314572800
[ 1926.215294][T13339] hierarchical_memsw_limit 9223372036854771712
[ 1926.221862][T13339] total_cache 0
[ 1926.233145][ T2895] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1926.244282][T13339] total_rss 0
[ 1926.247730][T13339] total_rss_huge 0
[ 1926.251483][T13339] total_shmem 0
[ 1926.254965][T13339] total_mapped_file 0
[ 1926.259203][T13339] total_dirty 0
[ 1926.272349][ T2895] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1926.279581][T13339] total_writeback 0
[ 1926.283416][T13339] total_workingset_refault_anon 51831
[ 1926.289054][T13339] total_workingset_refault_file 1
[ 1926.302856][T13339] total_swap 176128
[ 1926.306727][T13339] total_swapcached 0
[ 1926.313242][ T2895] bridge_slave_1: left allmulticast mode
[ 1926.319011][T13339] total_pgpgin 177881
[ 1926.323030][T13339] total_pgpgout 177881
[ 1926.327316][ T2895] bridge_slave_1: left promiscuous mode
[ 1926.334388][ T2895] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1926.342976][T13339] total_pgfault 391565
[ 1926.351042][T13339] total_pgmajfault 47975
[ 1926.355330][T13339] total_inactive_anon 0
[ 1926.359604][T13339] total_active_anon 0
[ 1926.363606][T13339] total_inactive_file 0
[ 1926.367970][T13339] total_active_file 0
[ 1926.371982][T13339] total_unevictable 0
[ 1926.375985][T13339] anon_cost 0
[ 1926.379572][T13339] file_cost 0
[ 1926.382896][T13339] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13339,uid=0
[ 1926.384323][ T2895] bridge_slave_0: left allmulticast mode
[ 1926.398481][T13339] Memory cgroup out of memory: Killed process 13339 (syz-executor.2) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 1926.417134][ T5099] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1926.432864][ T2895] bridge_slave_0: left promiscuous mode
[ 1926.434873][ T5099] CPU: 0 PID: 5099 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1926.445933][ T2895] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1926.449411][ T5099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1926.449427][ T5099] Call Trace:
[ 1926.449436][ T5099]  <TASK>
[ 1926.449446][ T5099]  dump_stack_lvl+0x1e7/0x2e0
[ 1926.449506][ T5099]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1926.482721][ T5099]  ? __pfx__printk+0x10/0x10
[ 1926.487349][ T5099]  ? ___ratelimit+0x4c4/0x670
[ 1926.492043][ T5099]  ? __pfx____ratelimit+0x10/0x10
[ 1926.497097][ T5099]  dump_header+0xda/0x6a0
[ 1926.501471][ T5099]  oom_kill_process+0x3a7/0x930
[ 1926.506459][ T5099]  out_of_memory+0xf67/0x1320
[ 1926.511184][ T5099]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1926.516835][ T5099]  ? __pfx___mutex_lock+0x10/0x10
[ 1926.521907][ T5099]  ? __pfx_out_of_memory+0x10/0x10
[ 1926.527077][ T5099]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1926.532648][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1926.537698][ T5099]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1926.543794][ T5099]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1926.549002][ T5099]  ? mem_cgroup_iter+0x3e9/0x560
[ 1926.553952][ T5099]  try_charge_memcg+0xda2/0x18a0
[ 1926.558909][ T5099]  ? mark_lock+0x9a/0x350
[ 1926.563293][ T5099]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1926.568721][ T5099]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1926.574904][ T5099]  charge_memcg+0xa2/0x160
[ 1926.579356][ T5099]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1926.585451][ T5099]  __read_swap_cache_async+0x480/0x8b0
[ 1926.590923][ T5099]  ? mark_lock+0x9a/0x350
[ 1926.595266][ T5099]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1926.601285][ T5099]  swap_cluster_readahead+0x67c/0x810
[ 1926.606697][ T5099]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1926.612615][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1926.617678][ T5099]  ? xas_descend+0x37e/0x470
[ 1926.622319][ T5099]  swapin_readahead+0x1ea/0x1070
[ 1926.627290][ T5099]  ? filemap_get_entry+0x127/0x4e0
[ 1926.632426][ T5099]  ? __pfx_swapin_readahead+0x10/0x10
[ 1926.637832][ T5099]  ? __filemap_get_folio+0x935/0xbc0
[ 1926.643181][ T5099]  ? swap_cache_get_folio+0x9f/0x570
[ 1926.648617][ T5099]  do_swap_page+0x791/0x3f40
[ 1926.653239][ T5099]  ? __lock_acquire+0x1345/0x1fd0
[ 1926.658299][ T5099]  ? rcu_is_watching+0x15/0xb0
[ 1926.663116][ T5099]  ? do_swap_page+0x154/0x3f40
[ 1926.667889][ T5099]  ? __pfx_do_swap_page+0x10/0x10
[ 1926.672919][ T5099]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1926.678408][ T5099]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1926.684260][ T5099]  ? __pfx_validate_chain+0x10/0x10
[ 1926.689499][ T5099]  __handle_mm_fault+0x15e8/0x72d0
[ 1926.694644][ T5099]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1926.700146][ T5099]  ? mt_find+0x226/0x850
[ 1926.704421][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1926.709473][ T5099]  ? mt_find+0x62d/0x850
[ 1926.713743][ T5099]  ? mt_find+0x226/0x850
[ 1926.718044][ T5099]  ? find_vma+0x142/0x1c0
[ 1926.722412][ T5099]  ? __pfx_find_vma+0x10/0x10
[ 1926.727124][ T5099]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1926.733118][ T5099]  handle_mm_fault+0x3c1/0x8a0
[ 1926.737920][ T5099]  exc_page_fault+0x2ad/0x870
[ 1926.742658][ T5099]  asm_exc_page_fault+0x26/0x30
[ 1926.747548][ T5099] RIP: 0010:__get_user_8+0x11/0x20
[ 1926.752678][ T5099] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 1926.772299][ T5099] RSP: 0000:ffffc90003dffd78 EFLAGS: 00050202
[ 1926.778388][ T5099] RAX: 0000555556d69da8 RBX: ffff888021c59538 RCX: ffffc90003dffc03
[ 1926.786383][ T5099] RDX: 0000000000000000 RSI: ffffffff8baac7e0 RDI: ffffffff8bfe6de0
[ 1926.794376][ T5099] RBP: ffffc90003dffec0 R08: ffffffff8f856baf R09: 1ffffffff1f0ad75
[ 1926.802374][ T5099] R10: dffffc0000000000 R11: fffffbfff1f0ad76 R12: ffffc90003dffd80
[ 1926.810375][ T5099] R13: ffffc90003dfffd8 R14: dffffc0000000000 R15: ffff888021c58000
[ 1926.818404][ T5099]  __rseq_handle_notify_resume+0x158/0x1490
[ 1926.824355][ T5099]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 1926.830708][ T5099]  ? irqentry_exit_to_user_mode+0x52/0x270
[ 1926.836562][ T5099]  irqentry_exit_to_user_mode+0xbb/0x270
[ 1926.842259][ T5099]  exc_page_fault+0x587/0x870
[ 1926.846999][ T5099]  asm_exc_page_fault+0x26/0x30
[ 1926.851890][ T5099] RIP: 0033:0x7fa936ca91b8
[ 1926.856330][ T5099] Code: 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 44 89 c7 <48> 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8 c3 0f 1f
[ 1926.875956][ T5099] RSP: 002b:00007fff55d50a80 EFLAGS: 00010293
[ 1926.882053][ T5099] RAX: 0000000000000000 RBX: 0000000000003888 RCX: 00007fa936ca91b5
[ 1926.890053][ T5099] RDX: 00007fff55d50ac0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1926.898050][ T5099] RBP: 00007fff55d50b4c R08: 0000000000000000 R09: 00007fff55de70b0
[ 1926.906053][ T5099] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 1926.914031][ T5099] R13: 00000000001d5f59 R14: 00000000001d5f59 R15: 0000000000000000
[ 1926.922055][ T5099]  </TASK>
[ 1926.951871][ T5099] memory: usage 307200kB, limit 307200kB, failcnt 10039
[ 1926.967218][ T5099] memory+swap: usage 307360kB, limit 9007199254740988kB, failcnt 0
[ 1926.975185][ T5099] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 1926.983517][ T5099] Memory cgroup stats for /syz1:
[ 1926.983646][ T5099] cache 0
[ 1926.991919][ T5099] rss 0
[ 1926.994704][ T5099] rss_huge 0
[ 1926.998064][ T5099] shmem 0
[ 1927.001034][ T5099] mapped_file 0
[ 1927.004526][ T5099] dirty 0
[ 1927.009287][ T5099] writeback 0
[ 1927.012612][ T5099] workingset_refault_anon 4147
[ 1927.017509][ T5099] workingset_refault_file 1
[ 1927.023303][ T5099] swap 163840
[ 1927.026649][ T5099] swapcached 0
[ 1927.030460][ T5099] pgpgin 129842
[ 1927.033954][ T5099] pgpgout 129842
[ 1927.037883][ T5099] pgfault 339866
[ 1927.041460][ T5099] pgmajfault 3900
[ 1927.045109][ T5099] inactive_anon 0
[ 1927.048840][ T5099] active_anon 0
[ 1927.052858][ T5099] inactive_file 0
[ 1927.056528][ T5099] active_file 0
[ 1927.062863][ T5099] unevictable 0
[ 1927.066452][ T5099] hierarchical_memory_limit 314572800
[ 1927.075748][ T5099] hierarchical_memsw_limit 9223372036854771712
[ 1927.094351][ T5099] total_cache 0
[ 1927.098419][ T5099] total_rss 0
[ 1927.101825][ T5099] total_rss_huge 0
[ 1927.105646][ T5099] total_shmem 0
[ 1927.114073][ T5099] total_mapped_file 0
[ 1927.122461][ T5099] total_dirty 0
[ 1927.126064][ T5099] total_writeback 0
[ 1927.136500][ T5099] total_workingset_refault_anon 4147
[ 1927.142138][ T5099] total_workingset_refault_file 1
[ 1927.154121][ T5099] total_swap 163840
[ 1927.162432][ T5099] total_swapcached 0
[ 1927.166447][ T5099] total_pgpgin 129842
[ 1927.175355][ T5099] total_pgpgout 129842
[ 1927.180270][ T5099] total_pgfault 339866
[ 1927.184477][ T5099] total_pgmajfault 3900
[ 1927.193488][ T5099] total_inactive_anon 0
[ 1927.198053][ T5099] total_active_anon 0
[ 1927.202160][ T5099] total_inactive_file 0
[ 1927.206416][ T5099] total_active_file 0
[ 1927.215393][ T5099] total_unevictable 0
[ 1927.220860][ T5099] anon_cost 0
[ 1927.224983][ T5099] file_cost 0
[ 1927.231534][ T5099] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13341,uid=0
00:47:53 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xea05]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1927.247568][ T5099] Memory cgroup out of memory: Killed process 13341 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
00:47:53 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:47:53 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1927.625036][T13343] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1927.654866][T13343] CPU: 1 PID: 13343 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1927.665389][T13343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1927.675485][T13343] Call Trace:
[ 1927.678804][T13343]  <TASK>
[ 1927.681764][T13343]  dump_stack_lvl+0x1e7/0x2e0
[ 1927.686483][T13343]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1927.691730][T13343]  ? __pfx__printk+0x10/0x10
[ 1927.696367][T13343]  ? ___ratelimit+0x4c4/0x670
[ 1927.701107][T13343]  ? __pfx____ratelimit+0x10/0x10
[ 1927.706195][T13343]  dump_header+0xda/0x6a0
[ 1927.710563][T13343]  oom_kill_process+0x3a7/0x930
[ 1927.715457][T13343]  out_of_memory+0xf67/0x1320
[ 1927.720181][T13343]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1927.725840][T13343]  ? __pfx___mutex_lock+0x10/0x10
[ 1927.730894][T13343]  ? __pfx_out_of_memory+0x10/0x10
[ 1927.736064][T13343]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1927.742342][T13343]  ? __pfx_lock_release+0x10/0x10
[ 1927.747405][T13343]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1927.753525][T13343]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1927.758773][T13343]  ? mem_cgroup_iter+0x3e9/0x560
[ 1927.763779][T13343]  try_charge_memcg+0xda2/0x18a0
[ 1927.768783][T13343]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1927.774190][T13343]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1927.780050][T13343]  ? __pfx_lock_release+0x10/0x10
[ 1927.785118][T13343]  ? memcg_account_kmem+0x1e7/0x210
[ 1927.790361][T13343]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1927.796206][T13343]  __memcg_kmem_charge_page+0xe1/0x250
[ 1927.801706][T13343]  memcg_charge_kernel_stack+0x196/0x550
[ 1927.807383][T13343]  dup_task_struct+0x40d/0x7d0
[ 1927.812213][T13343]  copy_process+0x5d5/0x3fc0
[ 1927.816873][T13343]  ? __might_fault+0xa9/0x120
[ 1927.821618][T13343]  ? __pfx_lock_release+0x10/0x10
[ 1927.826710][T13343]  ? __pfx_copy_process+0x10/0x10
[ 1927.831783][T13343]  ? __might_fault+0xc5/0x120
[ 1927.836499][T13343]  ? __asan_memset+0x23/0x50
[ 1927.841138][T13343]  kernel_clone+0x21d/0x8d0
[ 1927.845699][T13343]  ? __pfx_kernel_clone+0x10/0x10
[ 1927.850790][T13343]  __se_sys_clone3+0x2cb/0x350
[ 1927.855609][T13343]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1927.860958][T13343]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1927.867004][T13343]  ? exc_page_fault+0x587/0x870
[ 1927.871907][T13343]  ? do_syscall_64+0xb4/0x240
[ 1927.876630][T13343]  do_syscall_64+0xf9/0x240
[ 1927.881195][T13343]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1927.887141][T13343] RIP: 0033:0x7fa936ca9b99
[ 1927.891596][T13343] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1927.911248][T13343] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1927.919704][T13343] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1927.927721][T13343] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1927.935742][T13343] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
[ 1927.943766][T13343] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1927.951785][T13343] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1927.959908][T13343]  </TASK>
[ 1928.054321][T13343] memory: usage 307200kB, limit 307200kB, failcnt 10258
[ 1928.061458][T13343] memory+swap: usage 307344kB, limit 9007199254740988kB, failcnt 0
[ 1928.069514][T13343] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[ 1928.076845][T13343] Memory cgroup stats for /syz1:
[ 1928.077123][T13343] cache 0
[ 1928.085094][T13343] rss 12288
[ 1928.092660][T13343] rss_huge 0
[ 1928.095924][T13343] shmem 0
[ 1928.105391][T13343] mapped_file 0
[ 1928.112624][T13343] dirty 0
[ 1928.115710][T13343] writeback 0
[ 1928.127398][T13343] workingset_refault_anon 4221
[ 1928.132225][T13343] workingset_refault_file 1
[ 1928.136756][T13343] swap 147456
[ 1928.161161][T13343] swapcached 8192
[ 1928.164855][T13343] pgpgin 129928
[ 1928.180916][T13343] pgpgout 129925
[ 1928.184570][T13343] pgfault 340006
[ 1928.197286][T13343] pgmajfault 3972
[ 1928.202305][T13343] inactive_anon 4096
[ 1928.220063][T13343] active_anon 8192
[ 1928.223890][T13343] inactive_file 0
[ 1928.240887][T13343] active_file 0
[ 1928.244427][T13343] unevictable 0
[ 1928.257145][T13343] hierarchical_memory_limit 314572800
[ 1928.262593][T13343] hierarchical_memsw_limit 9223372036854771712
[ 1928.287084][T13343] total_cache 0
[ 1928.290613][T13343] total_rss 12288
[ 1928.294282][T13343] total_rss_huge 0
[ 1928.298204][T13343] total_shmem 0
[ 1928.302077][T13343] total_mapped_file 0
[ 1928.306100][T13343] total_dirty 0
[ 1928.309670][T13343] total_writeback 0
[ 1928.313803][T13343] total_workingset_refault_anon 4221
[ 1928.319286][T13343] total_workingset_refault_file 1
[ 1928.324595][T13343] total_swap 147456
[ 1928.328514][T13343] total_swapcached 8192
[ 1928.333170][T13343] total_pgpgin 129928
[ 1928.337693][T13343] total_pgpgout 129925
[ 1928.341800][T13343] total_pgfault 340006
[ 1928.345895][T13343] total_pgmajfault 3972
[ 1928.382823][T13343] total_inactive_anon 4096
[ 1928.388510][T13343] total_active_anon 8192
[ 1928.392792][T13343] total_inactive_file 0
[ 1928.396962][T13343] total_active_file 0
[ 1928.417311][T13343] total_unevictable 0
[ 1928.421367][T13343] anon_cost 0
[ 1928.424678][T13343] file_cost 0
[ 1928.433955][T13343] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13343,uid=0
[ 1928.468918][T13343] Memory cgroup out of memory: Killed process 13343 (syz-executor.1) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
[ 1928.500590][T13342] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1928.519083][T13342] CPU: 0 PID: 13342 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1928.529560][T13342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1928.539653][T13342] Call Trace:
[ 1928.542960][T13342]  <TASK>
[ 1928.545913][T13342]  dump_stack_lvl+0x1e7/0x2e0
[ 1928.550630][T13342]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1928.555867][T13342]  ? __pfx__printk+0x10/0x10
[ 1928.560495][T13342]  ? ___ratelimit+0x4c4/0x670
[ 1928.565216][T13342]  ? __pfx____ratelimit+0x10/0x10
[ 1928.570304][T13342]  dump_header+0xda/0x6a0
[ 1928.574679][T13342]  oom_kill_process+0x3a7/0x930
[ 1928.579569][T13342]  out_of_memory+0xf67/0x1320
[ 1928.584304][T13342]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1928.589969][T13342]  ? __pfx___mutex_lock+0x10/0x10
[ 1928.595023][T13342]  ? __pfx_out_of_memory+0x10/0x10
[ 1928.600185][T13342]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1928.605769][T13342]  ? __pfx_lock_release+0x10/0x10
[ 1928.610826][T13342]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1928.616926][T13342]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1928.622177][T13342]  ? mem_cgroup_iter+0x3e9/0x560
[ 1928.627170][T13342]  try_charge_memcg+0xda2/0x18a0
[ 1928.632167][T13342]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1928.637575][T13342]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1928.643331][T13342]  ? __pfx_lock_release+0x10/0x10
[ 1928.648410][T13342]  ? memcg_account_kmem+0x1e7/0x210
[ 1928.653650][T13342]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1928.659492][T13342]  __memcg_kmem_charge_page+0xe1/0x250
[ 1928.665014][T13342]  memcg_charge_kernel_stack+0x196/0x550
[ 1928.670701][T13342]  dup_task_struct+0x40d/0x7d0
[ 1928.675500][T13342]  copy_process+0x5d5/0x3fc0
[ 1928.680146][T13342]  ? __might_fault+0xa9/0x120
[ 1928.684856][T13342]  ? __pfx_lock_release+0x10/0x10
[ 1928.689939][T13342]  ? __pfx_copy_process+0x10/0x10
[ 1928.695011][T13342]  ? __might_fault+0xc5/0x120
[ 1928.699728][T13342]  ? __asan_memset+0x23/0x50
[ 1928.704360][T13342]  kernel_clone+0x21d/0x8d0
[ 1928.708903][T13342]  ? __pfx_kernel_clone+0x10/0x10
[ 1928.713975][T13342]  __se_sys_clone3+0x2cb/0x350
[ 1928.718776][T13342]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1928.724107][T13342]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1928.730140][T13342]  ? exc_page_fault+0x587/0x870
[ 1928.735036][T13342]  ? do_syscall_64+0xb4/0x240
[ 1928.739754][T13342]  do_syscall_64+0xf9/0x240
[ 1928.744302][T13342]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1928.750247][T13342] RIP: 0033:0x7fc7360a9b99
[ 1928.754694][T13342] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1928.774342][T13342] RSP: 002b:00007ffeef0080a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1928.782799][T13342] RAX: ffffffffffffffda RBX: 00007fc736052270 RCX: 00007fc7360a9b99
[ 1928.790820][T13342] RDX: 00007fc736052270 RSI: 0000000000000058 RDI: 00007ffeef0080f0
[ 1928.798824][T13342] RBP: 00007fc736ec76c0 R08: 00007fc736ec76c0 R09: 00007ffeef0081d7
[ 1928.806916][T13342] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1928.814964][T13342] R13: 000000000000000b R14: 00007ffeef0080f0 R15: 00007ffeef0081d8
[ 1928.822979][T13342]  </TASK>
[ 1928.839346][T13342] memory: usage 307200kB, limit 307200kB, failcnt 78656
[ 1928.846344][T13342] memory+swap: usage 307372kB, limit 9007199254740988kB, failcnt 0
[ 1928.875424][T13342] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 1928.895953][T13342] Memory cgroup stats for /syz2:
[ 1928.896107][T13342] cache 0
[ 1928.914357][T13342] rss 0
[ 1928.922264][T13342] rss_huge 0
[ 1928.925537][T13342] shmem 0
[ 1928.941864][T13342] mapped_file 0
[ 1928.945391][T13342] dirty 0
[ 1928.953714][T13342] writeback 0
[ 1928.962842][T13342] workingset_refault_anon 51968
[ 1928.982868][T13342] workingset_refault_file 1
[ 1928.987790][T13342] swap 176128
[ 1928.991110][T13342] swapcached 0
[ 1928.994498][T13342] pgpgin 178030
[ 1929.016246][T13342] pgpgout 178030
[ 1929.025018][T13342] pgfault 391774
[ 1929.035967][T13342] pgmajfault 48097
[ 1929.040356][T13342] inactive_anon 0
[ 1929.044039][T13342] active_anon 0
[ 1929.057119][T13342] inactive_file 0
[ 1929.060828][T13342] active_file 0
[ 1929.064315][T13342] unevictable 0
[ 1929.086839][T13342] hierarchical_memory_limit 314572800
[ 1929.097452][T13342] hierarchical_memsw_limit 9223372036854771712
[ 1929.103661][T13342] total_cache 0
[ 1929.117543][T13342] total_rss 0
[ 1929.120890][T13342] total_rss_huge 0
[ 1929.124642][T13342] total_shmem 0
[ 1929.134716][T13342] total_mapped_file 0
[ 1929.143787][T13342] total_dirty 0
[ 1929.153417][T13342] total_writeback 0
[ 1929.157802][T13342] total_workingset_refault_anon 51968
[ 1929.163208][T13342] total_workingset_refault_file 1
[ 1929.169854][T13342] total_swap 176128
[ 1929.173705][T13342] total_swapcached 0
[ 1929.190992][T13342] total_pgpgin 178030
[ 1929.195054][T13342] total_pgpgout 178030
[ 1929.207481][T13342] total_pgfault 391774
[ 1929.211591][T13342] total_pgmajfault 48097
[ 1929.215848][T13342] total_inactive_anon 0
[ 1929.228381][T13342] total_active_anon 0
[ 1929.232409][T13342] total_inactive_file 0
[ 1929.236581][T13342] total_active_file 0
[ 1929.250476][T13342] total_unevictable 0
[ 1929.254501][T13342] anon_cost 0
00:47:55 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1929.263245][T13342] file_cost 0
[ 1929.266589][T13342] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13342,uid=0
[ 1929.289479][T13342] Memory cgroup out of memory: Killed process 13342 (syz-executor.2) total-vm:54508kB, anon-rss:360kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:47:55 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1929.736917][ T5099] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1929.760607][ T5099] CPU: 1 PID: 5099 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1929.771010][ T5099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1929.781105][ T5099] Call Trace:
[ 1929.784407][ T5099]  <TASK>
[ 1929.787368][ T5099]  dump_stack_lvl+0x1e7/0x2e0
[ 1929.792097][ T5099]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1929.799161][ T5099]  ? __pfx__printk+0x10/0x10
[ 1929.803802][ T5099]  ? ___ratelimit+0x4c4/0x670
[ 1929.808526][ T5099]  ? __pfx____ratelimit+0x10/0x10
[ 1929.813578][ T5099]  dump_header+0xda/0x6a0
[ 1929.817948][ T5099]  oom_kill_process+0x3a7/0x930
[ 1929.822855][ T5099]  out_of_memory+0xf67/0x1320
[ 1929.827583][ T5099]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1929.833255][ T5099]  ? __pfx___mutex_lock+0x10/0x10
[ 1929.838316][ T5099]  ? __pfx_out_of_memory+0x10/0x10
[ 1929.843479][ T5099]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1929.849065][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1929.854140][ T5099]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1929.860253][ T5099]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1929.865496][ T5099]  ? mem_cgroup_iter+0x3e9/0x560
[ 1929.870478][ T5099]  try_charge_memcg+0xda2/0x18a0
[ 1929.875469][ T5099]  ? mark_lock+0x9a/0x350
[ 1929.879851][ T5099]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1929.885282][ T5099]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1929.891478][ T5099]  charge_memcg+0xa2/0x160
[ 1929.895947][ T5099]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1929.902055][ T5099]  __read_swap_cache_async+0x480/0x8b0
[ 1929.907553][ T5099]  ? mark_lock+0x9a/0x350
[ 1929.911932][ T5099]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1929.917959][ T5099]  ? blk_start_plug+0x6f/0x1b0
[ 1929.922767][ T5099]  swap_cluster_readahead+0x398/0x810
[ 1929.928219][ T5099]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1929.934155][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1929.939224][ T5099]  ? xas_descend+0x37e/0x470
[ 1929.943863][ T5099]  swapin_readahead+0x1ea/0x1070
[ 1929.948838][ T5099]  ? filemap_get_entry+0x127/0x4e0
[ 1929.953999][ T5099]  ? __pfx_swapin_readahead+0x10/0x10
[ 1929.959420][ T5099]  ? __filemap_get_folio+0x935/0xbc0
[ 1929.964762][ T5099]  ? swap_cache_get_folio+0x9f/0x570
[ 1929.970095][ T5099]  do_swap_page+0x791/0x3f40
[ 1929.974743][ T5099]  ? rcu_is_watching+0x15/0xb0
[ 1929.979552][ T5099]  ? do_swap_page+0x154/0x3f40
[ 1929.984357][ T5099]  ? __pfx_do_swap_page+0x10/0x10
[ 1929.989432][ T5099]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1929.994930][ T5099]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1930.000786][ T5099]  __handle_mm_fault+0x15e8/0x72d0
[ 1930.005957][ T5099]  ? reacquire_held_locks+0x3eb/0x690
[ 1930.011369][ T5099]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1930.016872][ T5099]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 1930.022634][ T5099]  ? mtree_range_walk+0x6fd/0x8e0
[ 1930.027697][ T5099]  ? lock_vma_under_rcu+0x18a/0x730
[ 1930.032946][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1930.038015][ T5099]  ? lock_vma_under_rcu+0x2f9/0x730
[ 1930.043272][ T5099]  ? lock_vma_under_rcu+0x18a/0x730
[ 1930.048501][ T5099]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 1930.054084][ T5099]  handle_mm_fault+0x3c1/0x8a0
[ 1930.058902][ T5099]  exc_page_fault+0x456/0x870
[ 1930.063636][ T5099]  asm_exc_page_fault+0x26/0x30
[ 1930.068523][ T5099] RIP: 0033:0x7fa936ca9163
[ 1930.072969][ T5099] Code: 00 00 00 00 00 66 90 31 c0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 <80> 3d 8e 6d 0d 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 c3 66 2e 0f
[ 1930.092608][ T5099] RSP: 002b:00007fff55d50aa8 EFLAGS: 00010293
[ 1930.098717][ T5099] RAX: 00000000fffffffa RBX: 000000000000388a RCX: 0000000000000000
[ 1930.106721][ T5099] RDX: 00007fff55d50ac0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1930.114742][ T5099] RBP: 00007fff55d50b4c R08: 0000000000000000 R09: 00007fff55de70b0
[ 1930.122736][ T5099] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 1930.130729][ T5099] R13: 00000000001d70a9 R14: 00000000001d70a9 R15: 0000000000000000
[ 1930.138746][ T5099]  </TASK>
[ 1930.168291][ T5099] memory: usage 307200kB, limit 307200kB, failcnt 10564
[ 1930.175398][ T5099] memory+swap: usage 307356kB, limit 9007199254740988kB, failcnt 0
[ 1930.190109][ T5099] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1930.200816][ T5099] Memory cgroup stats for /syz1:
[ 1930.200967][ T5099] cache 0
[ 1930.214572][ T5099] rss 0
[ 1930.217834][ T5099] rss_huge 0
[ 1930.221157][ T5099] shmem 0
[ 1930.224219][ T5099] mapped_file 0
[ 1930.228703][ T5099] dirty 0
[ 1930.231764][ T5099] writeback 0
[ 1930.235203][ T5099] workingset_refault_anon 4320
[ 1930.244059][ T5099] workingset_refault_file 1
[ 1930.250760][ T5099] swap 159744
[ 1930.254083][ T5099] swapcached 0
[ 1930.259470][ T5099] pgpgin 130038
[ 1930.263098][ T5099] pgpgout 130038
[ 1930.266745][ T5099] pgfault 340185
[ 1930.271139][ T5099] pgmajfault 4068
[ 1930.274956][ T5099] inactive_anon 0
[ 1930.387268][ T5099] active_anon 0
[ 1930.390911][ T5099] inactive_file 0
[ 1930.394682][ T5099] active_file 0
[ 1930.401008][ T5099] unevictable 0
[ 1930.404982][ T5099] hierarchical_memory_limit 314572800
[ 1930.410962][ T5099] hierarchical_memsw_limit 9223372036854771712
[ 1930.417533][ T5099] total_cache 0
[ 1930.421024][ T5099] total_rss 0
[ 1930.424323][ T5099] total_rss_huge 0
[ 1930.430678][ T5099] total_shmem 0
[ 1930.434164][ T5099] total_mapped_file 0
[ 1930.438967][ T5099] total_dirty 0
[ 1930.442451][ T5099] total_writeback 0
[ 1930.446356][ T5099] total_workingset_refault_anon 4320
[ 1930.456247][ T5099] total_workingset_refault_file 1
[ 1930.461717][ T5099] total_swap 159744
[ 1930.465553][ T5099] total_swapcached 0
[ 1930.469998][ T5099] total_pgpgin 130038
[ 1930.474005][ T5099] total_pgpgout 130038
[ 1930.478761][ T5099] total_pgfault 340185
[ 1930.482864][ T5099] total_pgmajfault 4068
[ 1930.489424][ T5099] total_inactive_anon 0
[ 1930.496228][ T5099] total_active_anon 0
[ 1930.503841][ T5099] total_inactive_file 0
[ 1930.512059][ T5099] total_active_file 0
[ 1930.516072][ T5099] total_unevictable 0
[ 1930.521480][ T5099] anon_cost 0
[ 1930.524798][ T5099] file_cost 0
[ 1930.532303][ T5099] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13346,uid=0
[ 1930.553182][ T5099] Memory cgroup out of memory: Killed process 13346 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
00:47:56 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1930.594863][T13347] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1930.634145][T13347] CPU: 0 PID: 13347 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1930.644737][T13347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1930.654850][T13347] Call Trace:
[ 1930.658171][T13347]  <TASK>
[ 1930.661150][T13347]  dump_stack_lvl+0x1e7/0x2e0
[ 1930.665895][T13347]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1930.671160][T13347]  ? __pfx__printk+0x10/0x10
[ 1930.675811][T13347]  ? ___ratelimit+0x4c4/0x670
[ 1930.680561][T13347]  ? __pfx____ratelimit+0x10/0x10
[ 1930.685658][T13347]  dump_header+0xda/0x6a0
[ 1930.690056][T13347]  oom_kill_process+0x3a7/0x930
[ 1930.694982][T13347]  out_of_memory+0xf67/0x1320
[ 1930.699847][T13347]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1930.705545][T13347]  ? __pfx___mutex_lock+0x10/0x10
[ 1930.710634][T13347]  ? __pfx_out_of_memory+0x10/0x10
[ 1930.715832][T13347]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1930.721442][T13347]  ? __pfx_lock_release+0x10/0x10
[ 1930.726534][T13347]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1930.732677][T13347]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1930.737942][T13347]  ? mem_cgroup_iter+0x3e9/0x560
[ 1930.742967][T13347]  try_charge_memcg+0xda2/0x18a0
[ 1930.748081][T13347]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1930.753512][T13347]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1930.759283][T13347]  ? __pfx_lock_release+0x10/0x10
[ 1930.764353][T13347]  ? memcg_account_kmem+0x1e7/0x210
[ 1930.769598][T13347]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1930.775440][T13347]  __memcg_kmem_charge_page+0xe1/0x250
[ 1930.780954][T13347]  memcg_charge_kernel_stack+0x196/0x550
[ 1930.786653][T13347]  dup_task_struct+0x40d/0x7d0
[ 1930.791469][T13347]  copy_process+0x5d5/0x3fc0
[ 1930.796106][T13347]  ? __might_fault+0xa9/0x120
[ 1930.800832][T13347]  ? __pfx_lock_release+0x10/0x10
[ 1930.805913][T13347]  ? __pfx_copy_process+0x10/0x10
[ 1930.810976][T13347]  ? __might_fault+0xc5/0x120
[ 1930.815692][T13347]  ? __asan_memset+0x23/0x50
[ 1930.820330][T13347]  kernel_clone+0x21d/0x8d0
[ 1930.824892][T13347]  ? __pfx_kernel_clone+0x10/0x10
[ 1930.829980][T13347]  __se_sys_clone3+0x2cb/0x350
[ 1930.834781][T13347]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1930.840120][T13347]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1930.846174][T13347]  ? exc_page_fault+0x587/0x870
[ 1930.851081][T13347]  ? do_syscall_64+0xb4/0x240
[ 1930.855802][T13347]  do_syscall_64+0xf9/0x240
[ 1930.860359][T13347]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1930.866316][T13347] RIP: 0033:0x7fc7360a9b99
[ 1930.870776][T13347] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1930.890938][T13347] RSP: 002b:00007ffeef0080a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1930.899391][T13347] RAX: ffffffffffffffda RBX: 00007fc736052270 RCX: 00007fc7360a9b99
[ 1930.907407][T13347] RDX: 00007fc736052270 RSI: 0000000000000058 RDI: 00007ffeef0080f0
[ 1930.915422][T13347] RBP: 00007fc736ec76c0 R08: 00007fc736ec76c0 R09: 00007ffeef0081d7
[ 1930.923434][T13347] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1930.931451][T13347] R13: 000000000000000b R14: 00007ffeef0080f0 R15: 00007ffeef0081d8
[ 1930.939485][T13347]  </TASK>
[ 1930.975602][T13347] memory: usage 307200kB, limit 307200kB, failcnt 78982
[ 1930.993516][T13347] memory+swap: usage 307372kB, limit 9007199254740988kB, failcnt 0
00:47:57 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1931.020877][T13347] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1931.057197][T13347] Memory cgroup stats for /syz2:
[ 1931.057350][T13347] cache 0
[ 1931.065306][T13347] rss 0
[ 1931.068611][T13347] rss_huge 0
[ 1931.071863][T13347] shmem 0
[ 1931.074830][T13347] mapped_file 0
[ 1931.086878][T13347] dirty 0
[ 1931.090574][T13347] writeback 0
[ 1931.093909][T13347] workingset_refault_anon 52082
[ 1931.104141][T13347] workingset_refault_file 1
[ 1931.112642][T13347] swap 176128
[ 1931.116774][T13347] swapcached 0
[ 1931.121099][T13347] pgpgin 178155
[ 1931.124708][T13347] pgpgout 178155
[ 1931.128708][T13347] pgfault 391957
[ 1931.132378][T13347] pgmajfault 48204
[ 1931.136209][T13347] inactive_anon 0
[ 1931.140121][T13347] active_anon 0
[ 1931.143709][T13347] inactive_file 0
[ 1931.147570][T13347] active_file 0
[ 1931.151182][T13347] unevictable 0
[ 1931.154854][T13347] hierarchical_memory_limit 314572800
[ 1931.160721][T13347] hierarchical_memsw_limit 9223372036854771712
[ 1931.167743][T13347] total_cache 0
[ 1931.171343][T13347] total_rss 0
[ 1931.174753][T13347] total_rss_huge 0
[ 1931.179331][T13347] total_shmem 0
[ 1931.182929][T13347] total_mapped_file 0
[ 1931.189075][T13347] total_dirty 0
[ 1931.192698][T13347] total_writeback 0
[ 1931.196627][T13347] total_workingset_refault_anon 52082
[ 1931.206943][T13347] total_workingset_refault_file 1
[ 1931.218236][T13347] total_swap 176128
[ 1931.222107][T13347] total_swapcached 0
[ 1931.226018][T13347] total_pgpgin 178155
[ 1931.235585][T13347] total_pgpgout 178155
[ 1931.247939][T13347] total_pgfault 391957
[ 1931.252064][T13347] total_pgmajfault 48204
[ 1931.256331][T13347] total_inactive_anon 0
[ 1931.267868][T13347] total_active_anon 0
[ 1931.271912][T13347] total_inactive_file 0
[ 1931.276090][T13347] total_active_file 0
[ 1931.287680][T13347] total_unevictable 0
[ 1931.291710][T13347] anon_cost 0
[ 1931.295009][T13347] file_cost 0
[ 1931.318132][T13347] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13347,uid=0
[ 1931.341097][T13347] Memory cgroup out of memory: Killed process 13347 (syz-executor.2) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 1931.369279][ T5099] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1931.397164][ T5099] CPU: 1 PID: 5099 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1931.407656][ T5099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
00:47:57 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400300]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1931.417762][ T5099] Call Trace:
[ 1931.421084][ T5099]  <TASK>
[ 1931.424076][ T5099]  dump_stack_lvl+0x1e7/0x2e0
[ 1931.428824][ T5099]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1931.434089][ T5099]  ? __pfx__printk+0x10/0x10
[ 1931.438747][ T5099]  ? ___ratelimit+0x4c4/0x670
[ 1931.443495][ T5099]  ? __pfx____ratelimit+0x10/0x10
[ 1931.448588][ T5099]  dump_header+0xda/0x6a0
[ 1931.452988][ T5099]  oom_kill_process+0x3a7/0x930
[ 1931.457904][ T5099]  out_of_memory+0xf67/0x1320
[ 1931.462647][ T5099]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1931.468336][ T5099]  ? __pfx___mutex_lock+0x10/0x10
[ 1931.473423][ T5099]  ? __pfx_out_of_memory+0x10/0x10
[ 1931.478599][ T5099]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1931.484199][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1931.489366][ T5099]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1931.495503][ T5099]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1931.500761][ T5099]  ? mem_cgroup_iter+0x3e9/0x560
[ 1931.505757][ T5099]  try_charge_memcg+0xda2/0x18a0
[ 1931.510741][ T5099]  ? mark_lock+0x9a/0x350
[ 1931.515139][ T5099]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1931.520568][ T5099]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1931.526754][ T5099]  charge_memcg+0xa2/0x160
[ 1931.531215][ T5099]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1931.537341][ T5099]  __read_swap_cache_async+0x480/0x8b0
[ 1931.542858][ T5099]  ? mark_lock+0x9a/0x350
[ 1931.547244][ T5099]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1931.553289][ T5099]  swap_cluster_readahead+0x67c/0x810
[ 1931.558721][ T5099]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1931.564674][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1931.569760][ T5099]  ? xas_descend+0x37e/0x470
[ 1931.574422][ T5099]  swapin_readahead+0x1ea/0x1070
[ 1931.579418][ T5099]  ? filemap_get_entry+0x127/0x4e0
[ 1931.584593][ T5099]  ? __pfx_swapin_readahead+0x10/0x10
[ 1931.590021][ T5099]  ? __filemap_get_folio+0x935/0xbc0
[ 1931.595366][ T5099]  ? swap_cache_get_folio+0x9f/0x570
[ 1931.600710][ T5099]  do_swap_page+0x791/0x3f40
[ 1931.605344][ T5099]  ? __lock_acquire+0x1345/0x1fd0
[ 1931.610419][ T5099]  ? rcu_is_watching+0x15/0xb0
[ 1931.615248][ T5099]  ? do_swap_page+0x154/0x3f40
[ 1931.620050][ T5099]  ? __pfx_do_swap_page+0x10/0x10
[ 1931.625120][ T5099]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1931.630638][ T5099]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1931.636506][ T5099]  ? __pfx_validate_chain+0x10/0x10
[ 1931.641756][ T5099]  __handle_mm_fault+0x15e8/0x72d0
[ 1931.646932][ T5099]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1931.652451][ T5099]  ? mt_find+0x226/0x850
[ 1931.656758][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1931.661867][ T5099]  ? mt_find+0x62d/0x850
[ 1931.666164][ T5099]  ? mt_find+0x226/0x850
[ 1931.670480][ T5099]  ? find_vma+0x142/0x1c0
[ 1931.674865][ T5099]  ? __pfx_find_vma+0x10/0x10
[ 1931.679585][ T5099]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1931.685712][ T5099]  handle_mm_fault+0x3c1/0x8a0
[ 1931.693397][ T5099]  exc_page_fault+0x2ad/0x870
[ 1931.698138][ T5099]  asm_exc_page_fault+0x26/0x30
[ 1931.703033][ T5099] RIP: 0010:__get_user_8+0x11/0x20
[ 1931.708192][ T5099] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 1931.727844][ T5099] RSP: 0018:ffffc90003dffd78 EFLAGS: 00050202
[ 1931.733962][ T5099] RAX: 0000555556d69da8 RBX: ffff888021c59538 RCX: ffffc90003dffc03
[ 1931.741972][ T5099] RDX: 0000000000000000 RSI: ffffffff8baac7e0 RDI: ffffffff8bfe6de0
[ 1931.750161][ T5099] RBP: ffffc90003dffec0 R08: ffffffff8f856baf R09: 1ffffffff1f0ad75
[ 1931.758182][ T5099] R10: dffffc0000000000 R11: fffffbfff1f0ad76 R12: ffffc90003dffd80
[ 1931.766198][ T5099] R13: ffffc90003dfffd8 R14: dffffc0000000000 R15: ffff888021c58000
[ 1931.774221][ T5099]  __rseq_handle_notify_resume+0x158/0x1490
[ 1931.780190][ T5099]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 1931.786591][ T5099]  ? irqentry_exit_to_user_mode+0x52/0x270
[ 1931.792445][ T5099]  irqentry_exit_to_user_mode+0xbb/0x270
[ 1931.798132][ T5099]  exc_page_fault+0x587/0x870
[ 1931.802866][ T5099]  asm_exc_page_fault+0x26/0x30
[ 1931.807753][ T5099] RIP: 0033:0x7fa936c7dd89
[ 1931.812204][ T5099] Code: 29 c7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 2b cb ff ff 48 8b 54 24 18 64 48 2b 14 25 28 00 00 00 75 05 48 83 c4 28 <c3> e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2
[ 1931.831850][ T5099] RSP: 002b:00007fff55d50ae8 EFLAGS: 00010206
[ 1931.837971][ T5099] RAX: 0000000000000000 RBX: 000000000000388b RCX: 0000000000000000
[ 1931.845988][ T5099] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000555556d69788
[ 1931.854003][ T5099] RBP: 00007fff55d50b4c R08: 0000000000000000 R09: 00007fff55de70b0
[ 1931.862017][ T5099] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 1931.870033][ T5099] R13: 00000000001d7584 R14: 00000000001d7584 R15: 0000000000000000
[ 1931.878081][ T5099]  </TASK>
[ 1931.887133][ T5099] memory: usage 307200kB, limit 307200kB, failcnt 11020
[ 1931.894467][ T5099] memory+swap: usage 307356kB, limit 9007199254740988kB, failcnt 0
[ 1931.902543][ T5099] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1931.910042][ T5099] Memory cgroup stats for /syz1:
[ 1931.910178][ T5099] cache 0
[ 1931.918186][ T5099] rss 0
[ 1931.920979][ T5099] rss_huge 0
[ 1931.924195][ T5099] shmem 0
[ 1931.927208][ T5099] mapped_file 0
[ 1931.930709][ T5099] dirty 0
[ 1931.935798][ T5099] writeback 0
[ 1931.947443][ T5099] workingset_refault_anon 4453
[ 1931.952640][ T5099] workingset_refault_file 1
[ 1931.961769][ T5099] swap 163840
[ 1931.965117][ T5099] swapcached 0
[ 1931.973854][ T5099] pgpgin 130184
[ 1931.979074][ T5099] pgpgout 130184
[ 1931.982680][ T5099] pgfault 340414
[ 1931.986254][ T5099] pgmajfault 4198
[ 1932.003046][ T5099] inactive_anon 0
[ 1932.006747][ T5099] active_anon 0
[ 1932.010364][ T5099] inactive_file 0
[ 1932.014088][ T5099] active_file 0
[ 1932.021542][ T5099] unevictable 0
[ 1932.025065][ T5099] hierarchical_memory_limit 314572800
[ 1932.038287][ T5099] hierarchical_memsw_limit 9223372036854771712
[ 1932.044503][ T5099] total_cache 0
[ 1932.059344][ T5099] total_rss 0
[ 1932.062687][ T5099] total_rss_huge 0
[ 1932.066424][ T5099] total_shmem 0
[ 1932.077488][ T5099] total_mapped_file 0
[ 1932.085073][ T5099] total_dirty 0
[ 1932.091451][ T5099] total_writeback 0
[ 1932.102005][ T5099] total_workingset_refault_anon 4453
[ 1932.113304][ T5099] total_workingset_refault_file 1
[ 1932.124697][ T5099] total_swap 163840
[ 1932.135344][ T5099] total_swapcached 0
[ 1932.147089][ T5099] total_pgpgin 130184
[ 1932.151144][ T5099] total_pgpgout 130184
[ 1932.155236][ T5099] total_pgfault 340414
[ 1932.171894][ T5099] total_pgmajfault 4198
[ 1932.181377][ T5099] total_inactive_anon 0
[ 1932.190555][ T5099] total_active_anon 0
[ 1932.202905][ T5099] total_inactive_file 0
[ 1932.213858][ T5099] total_active_file 0
[ 1932.222774][ T5099] total_unevictable 0
[ 1932.232756][ T5099] anon_cost 0
[ 1932.236095][ T5099] file_cost 0
[ 1932.248405][ T5099] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13348,uid=0
[ 1932.292753][ T5099] Memory cgroup out of memory: Killed process 13348 (syz-executor.1) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
00:47:58 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1932.864290][T13351] syz-executor.2 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 1932.882876][T13351] CPU: 1 PID: 13351 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1932.893443][T13351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1932.903621][T13351] Call Trace:
[ 1932.906929][T13351]  <TASK>
[ 1932.909888][T13351]  dump_stack_lvl+0x1e7/0x2e0
[ 1932.914615][T13351]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1932.919867][T13351]  ? __pfx__printk+0x10/0x10
[ 1932.924496][T13351]  ? ___ratelimit+0x4c4/0x670
[ 1932.929224][T13351]  ? __pfx____ratelimit+0x10/0x10
[ 1932.934301][T13351]  dump_header+0xda/0x6a0
[ 1932.938691][T13351]  oom_kill_process+0x3a7/0x930
[ 1932.943687][T13351]  out_of_memory+0xf67/0x1320
[ 1932.948409][T13351]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1932.954089][T13351]  ? __pfx___mutex_lock+0x10/0x10
[ 1932.959164][T13351]  ? __pfx_out_of_memory+0x10/0x10
[ 1932.964423][T13351]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1932.970029][T13351]  ? __pfx_lock_release+0x10/0x10
[ 1932.975107][T13351]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1932.981227][T13351]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1932.986506][T13351]  ? mem_cgroup_iter+0x3e9/0x560
[ 1932.991502][T13351]  try_charge_memcg+0xda2/0x18a0
[ 1932.996481][T13351]  ? mark_lock+0x9a/0x350
[ 1933.000868][T13351]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1933.006398][T13351]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1933.012597][T13351]  charge_memcg+0xa2/0x160
[ 1933.017067][T13351]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1933.023180][T13351]  __read_swap_cache_async+0x480/0x8b0
[ 1933.028692][T13351]  ? mark_lock+0x9a/0x350
[ 1933.033076][T13351]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1933.039142][T13351]  swap_cluster_readahead+0x67c/0x810
[ 1933.044594][T13351]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1933.050555][T13351]  ? __pfx_lock_release+0x10/0x10
[ 1933.055645][T13351]  ? xas_descend+0x37e/0x470
[ 1933.060308][T13351]  swapin_readahead+0x1ea/0x1070
[ 1933.065301][T13351]  ? filemap_get_entry+0x127/0x4e0
[ 1933.070488][T13351]  ? __pfx_swapin_readahead+0x10/0x10
[ 1933.075933][T13351]  ? __filemap_get_folio+0x935/0xbc0
[ 1933.081281][T13351]  ? swap_cache_get_folio+0x9f/0x570
[ 1933.086631][T13351]  do_swap_page+0x791/0x3f40
[ 1933.091279][T13351]  ? rcu_is_watching+0x15/0xb0
[ 1933.096099][T13351]  ? do_swap_page+0x154/0x3f40
[ 1933.100902][T13351]  ? __pfx_do_swap_page+0x10/0x10
[ 1933.105978][T13351]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1933.111497][T13351]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1933.117367][T13351]  __handle_mm_fault+0x15e8/0x72d0
[ 1933.122563][T13351]  ? reacquire_held_locks+0x3eb/0x690
[ 1933.127982][T13351]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1933.133518][T13351]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 1933.139290][T13351]  ? mtree_range_walk+0x6fd/0x8e0
[ 1933.144356][T13351]  ? lock_vma_under_rcu+0x18a/0x730
[ 1933.149592][T13351]  ? __pfx_lock_release+0x10/0x10
[ 1933.154663][T13351]  ? lock_vma_under_rcu+0x2f9/0x730
[ 1933.159927][T13351]  ? lock_vma_under_rcu+0x18a/0x730
[ 1933.165171][T13351]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 1933.170771][T13351]  handle_mm_fault+0x3c1/0x8a0
[ 1933.175593][T13351]  exc_page_fault+0x456/0x870
[ 1933.180323][T13351]  asm_exc_page_fault+0x26/0x30
[ 1933.185197][T13351] RIP: 0033:0x7fc736086db5
[ 1933.189646][T13351] Code: 83 ec 28 48 89 7c 24 08 40 88 74 24 17 48 85 ff 0f 84 58 01 00 00 48 8b 5f 08 48 8d 3d 74 91 0f 00 48 89 1c 24 e8 5b d3 fc ff <4c> 8b 7b f0 48 8b 3d 88 e9 c4 00 49 39 ff 0f 82 87 01 00 00 48 c7
[ 1933.209296][T13351] RSP: 002b:00007ffeef008120 EFLAGS: 00010202
[ 1933.215400][T13351] RAX: 0000000000000000 RBX: 0000555555f25910 RCX: 0000555555f258f0
[ 1933.223412][T13351] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 00007fc73617ff20
[ 1933.231433][T13351] RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000
[ 1933.239450][T13351] R10: 0000000000021000 R11: 0000000000000010 R12: 00007ffeef008420
[ 1933.247478][T13351] R13: ffffffffffffffc0 R14: 0000000000001000 R15: 0000000000000000
[ 1933.255511][T13351]  </TASK>
[ 1933.279161][T13351] memory: usage 307200kB, limit 307200kB, failcnt 79329
[ 1933.286169][T13351] memory+swap: usage 307360kB, limit 9007199254740988kB, failcnt 0
[ 1933.301618][T13351] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[ 1933.313198][T13351] Memory cgroup stats for /syz2:
[ 1933.313340][T13351] cache 4096
[ 1933.346580][T13351] rss 12288
[ 1933.355150][T13351] rss_huge 0
[ 1933.358568][T13351] shmem 0
[ 1933.361628][T13351] mapped_file 0
[ 1933.365240][T13351] dirty 0
[ 1933.369431][T13351] writeback 0
[ 1933.379420][T13351] workingset_refault_anon 52202
[ 1933.384398][T13351] workingset_refault_file 1
[ 1933.394987][T13351] swap 163840
[ 1933.401186][T13351] swapcached 8192
[ 1933.404959][T13351] pgpgin 178288
[ 1933.418329][T13351] pgpgout 178284
[ 1933.425489][T13351] pgfault 392167
[ 1933.429634][T13351] pgmajfault 48318
[ 1933.433490][T13351] inactive_anon 0
[ 1933.442820][T13351] active_anon 12288
[ 1933.446778][T13351] inactive_file 0
[ 1933.451086][T13351] active_file 4096
[ 1933.454948][T13351] unevictable 0
[ 1933.464371][T13351] hierarchical_memory_limit 314572800
[ 1933.472837][T13351] hierarchical_memsw_limit 9223372036854771712
[ 1933.489032][T13351] total_cache 4096
[ 1933.495290][T13351] total_rss 12288
[ 1933.512539][T13351] total_rss_huge 0
[ 1933.516551][T13351] total_shmem 0
[ 1933.521339][T13351] total_mapped_file 0
[ 1933.525582][T13351] total_dirty 0
[ 1933.530722][T13351] total_writeback 0
[ 1933.540283][T13351] total_workingset_refault_anon 52202
[ 1933.549138][T13351] total_workingset_refault_file 1
[ 1933.556158][T13351] total_swap 163840
[ 1933.563776][T13351] total_swapcached 8192
[ 1933.570725][T13351] total_pgpgin 178288
[ 1933.576911][T13351] total_pgpgout 178284
[ 1933.590210][T13351] total_pgfault 392167
[ 1933.594559][T13351] total_pgmajfault 48318
[ 1933.602836][T13351] total_inactive_anon 0
[ 1933.614651][T13351] total_active_anon 12288
[ 1933.623065][T13351] total_inactive_file 0
[ 1933.630624][T13351] total_active_file 4096
[ 1933.635336][T13351] total_unevictable 0
[ 1933.643562][T13351] anon_cost 0
[ 1933.650620][T13351] file_cost 0
[ 1933.654179][T13351] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13351,uid=0
[ 1933.675098][T13351] Memory cgroup out of memory: Killed process 13351 (syz-executor.2) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 1933.699326][T13352] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1933.717235][T13352] CPU: 0 PID: 13352 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1933.727724][T13352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1933.737795][T13352] Call Trace:
[ 1933.741083][T13352]  <TASK>
[ 1933.744021][T13352]  dump_stack_lvl+0x1e7/0x2e0
[ 1933.748725][T13352]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1933.753939][T13352]  ? __pfx__printk+0x10/0x10
[ 1933.758546][T13352]  ? ___ratelimit+0x4c4/0x670
[ 1933.763241][T13352]  ? __pfx____ratelimit+0x10/0x10
[ 1933.768370][T13352]  dump_header+0xda/0x6a0
[ 1933.772719][T13352]  oom_kill_process+0x3a7/0x930
[ 1933.777601][T13352]  out_of_memory+0xf67/0x1320
[ 1933.782300][T13352]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1933.787949][T13352]  ? __pfx___mutex_lock+0x10/0x10
[ 1933.792987][T13352]  ? __pfx_out_of_memory+0x10/0x10
[ 1933.798166][T13352]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1933.803724][T13352]  ? __pfx_lock_release+0x10/0x10
[ 1933.808771][T13352]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1933.814857][T13352]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1933.820088][T13352]  ? mem_cgroup_iter+0x3e9/0x560
[ 1933.825049][T13352]  try_charge_memcg+0xda2/0x18a0
[ 1933.830019][T13352]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1933.835402][T13352]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1933.841141][T13352]  ? __pfx_lock_release+0x10/0x10
[ 1933.846183][T13352]  ? memcg_account_kmem+0x1e7/0x210
[ 1933.851403][T13352]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1933.857225][T13352]  __memcg_kmem_charge_page+0xe1/0x250
[ 1933.862704][T13352]  memcg_charge_kernel_stack+0x196/0x550
[ 1933.868355][T13352]  dup_task_struct+0x40d/0x7d0
[ 1933.873164][T13352]  copy_process+0x5d5/0x3fc0
[ 1933.877807][T13352]  ? __might_fault+0xa9/0x120
[ 1933.882511][T13352]  ? __pfx_lock_release+0x10/0x10
[ 1933.887569][T13352]  ? __pfx_copy_process+0x10/0x10
[ 1933.892606][T13352]  ? __might_fault+0xc5/0x120
[ 1933.897300][T13352]  ? __asan_memset+0x23/0x50
[ 1933.901910][T13352]  kernel_clone+0x21d/0x8d0
[ 1933.906434][T13352]  ? __pfx_kernel_clone+0x10/0x10
[ 1933.911486][T13352]  __se_sys_clone3+0x2cb/0x350
[ 1933.916264][T13352]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1933.921573][T13352]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1933.927583][T13352]  ? exc_page_fault+0x587/0x870
[ 1933.932452][T13352]  ? do_syscall_64+0xb4/0x240
[ 1933.937149][T13352]  do_syscall_64+0xf9/0x240
[ 1933.942459][T13352]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1933.948376][T13352] RIP: 0033:0x7fa936ca9b99
[ 1933.952798][T13352] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1933.972418][T13352] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1933.980843][T13352] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1933.989010][T13352] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1933.996996][T13352] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
[ 1934.005011][T13352] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1934.013000][T13352] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1934.020999][T13352]  </TASK>
[ 1934.047918][T13352] memory: usage 307200kB, limit 307200kB, failcnt 11301
[ 1934.055092][T13352] memory+swap: usage 307344kB, limit 9007199254740988kB, failcnt 0
[ 1934.063622][T13352] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
00:48:00 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1934.089444][T13352] Memory cgroup stats for /syz1:
[ 1934.089575][T13352] cache 0
[ 1934.125101][T13352] rss 12288
[ 1934.135522][T13352] rss_huge 0
[ 1934.146749][T13352] shmem 0
[ 1934.156743][T13352] mapped_file 0
[ 1934.166180][T13352] dirty 0
[ 1934.176965][T13352] writeback 0
[ 1934.189493][T13352] workingset_refault_anon 4571
00:48:00 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1934.209546][T13352] workingset_refault_file 1
[ 1934.253077][T13352] swap 147456
[ 1934.269930][T13352] swapcached 8192
[ 1934.281406][T13352] pgpgin 130316
[ 1934.292923][T13352] pgpgout 130313
[ 1934.303349][T13352] pgfault 340623
[ 1934.316701][T13352] pgmajfault 4314
[ 1934.325168][T13352] inactive_anon 0
[ 1934.334731][T13352] active_anon 12288
[ 1934.343334][T13352] inactive_file 0
[ 1934.352850][T13352] active_file 0
[ 1934.361049][T13352] unevictable 0
[ 1934.371007][T13352] hierarchical_memory_limit 314572800
[ 1934.393893][T13352] hierarchical_memsw_limit 9223372036854771712
[ 1934.400681][T13352] total_cache 0
[ 1934.404343][T13352] total_rss 12288
[ 1934.418252][T13352] total_rss_huge 0
[ 1934.422083][T13352] total_shmem 0
[ 1934.425573][T13352] total_mapped_file 0
[ 1934.442124][T13352] total_dirty 0
[ 1934.448071][T13352] total_writeback 0
[ 1934.452316][T13352] total_workingset_refault_anon 4571
[ 1934.458469][T13352] total_workingset_refault_file 1
[ 1934.463626][T13352] total_swap 147456
[ 1934.478161][T13352] total_swapcached 8192
[ 1934.485085][T13352] total_pgpgin 130316
[ 1934.491422][T13352] total_pgpgout 130313
[ 1934.503887][T13352] total_pgfault 340623
[ 1934.520027][T13352] total_pgmajfault 4314
[ 1934.528901][T13352] total_inactive_anon 0
[ 1934.535493][T13352] total_active_anon 12288
[ 1934.541782][T13352] total_inactive_file 0
[ 1934.548900][T13352] total_active_file 0
[ 1934.555887][T13352] total_unevictable 0
[ 1934.563505][T13352] anon_cost 0
[ 1934.569493][T13352] file_cost 0
[ 1934.575674][T13352] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13352,uid=0
[ 1934.607476][T13352] Memory cgroup out of memory: Killed process 13352 (syz-executor.1) total-vm:54508kB, anon-rss:428kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
[ 1934.640799][T13355] syz-executor.2 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 1934.653546][T13355] CPU: 1 PID: 13355 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1934.664021][T13355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1934.674126][T13355] Call Trace:
[ 1934.677441][T13355]  <TASK>
[ 1934.680403][T13355]  dump_stack_lvl+0x1e7/0x2e0
[ 1934.685128][T13355]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1934.690370][T13355]  ? __pfx__printk+0x10/0x10
[ 1934.694997][T13355]  ? ___ratelimit+0x4c4/0x670
[ 1934.699724][T13355]  ? __pfx____ratelimit+0x10/0x10
[ 1934.704799][T13355]  dump_header+0xda/0x6a0
[ 1934.709181][T13355]  oom_kill_process+0x3a7/0x930
[ 1934.714075][T13355]  out_of_memory+0xf67/0x1320
[ 1934.718806][T13355]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1934.724482][T13355]  ? __pfx___mutex_lock+0x10/0x10
[ 1934.729545][T13355]  ? __pfx_out_of_memory+0x10/0x10
[ 1934.734709][T13355]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1934.740292][T13355]  ? __pfx_lock_release+0x10/0x10
[ 1934.745370][T13355]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1934.751484][T13355]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1934.756726][T13355]  ? mem_cgroup_iter+0x3e9/0x560
[ 1934.761718][T13355]  try_charge_memcg+0xda2/0x18a0
[ 1934.766701][T13355]  ? mark_lock+0x9a/0x350
[ 1934.771080][T13355]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1934.776509][T13355]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1934.782700][T13355]  charge_memcg+0xa2/0x160
[ 1934.787171][T13355]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1934.793277][T13355]  __read_swap_cache_async+0x480/0x8b0
[ 1934.798794][T13355]  ? mark_lock+0x9a/0x350
[ 1934.803167][T13355]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1934.809199][T13355]  ? blk_start_plug+0x6f/0x1b0
[ 1934.814021][T13355]  swap_cluster_readahead+0x398/0x810
[ 1934.819462][T13355]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1934.825406][T13355]  ? __pfx_lock_release+0x10/0x10
[ 1934.830496][T13355]  ? xas_descend+0x37e/0x470
[ 1934.835146][T13355]  swapin_readahead+0x1ea/0x1070
[ 1934.840132][T13355]  ? filemap_get_entry+0x127/0x4e0
[ 1934.845321][T13355]  ? __pfx_swapin_readahead+0x10/0x10
[ 1934.850755][T13355]  ? __filemap_get_folio+0x935/0xbc0
[ 1934.856095][T13355]  ? swap_cache_get_folio+0x9f/0x570
[ 1934.861433][T13355]  do_swap_page+0x791/0x3f40
[ 1934.866070][T13355]  ? rcu_is_watching+0x15/0xb0
[ 1934.870889][T13355]  ? do_swap_page+0x154/0x3f40
[ 1934.875684][T13355]  ? __pfx_do_swap_page+0x10/0x10
[ 1934.880748][T13355]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1934.886251][T13355]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1934.892113][T13355]  __handle_mm_fault+0x15e8/0x72d0
[ 1934.897292][T13355]  ? reacquire_held_locks+0x3eb/0x690
[ 1934.902789][T13355]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1934.908305][T13355]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 1934.914269][T13355]  ? mtree_range_walk+0x6fd/0x8e0
[ 1934.919443][T13355]  ? lock_vma_under_rcu+0x18a/0x730
[ 1934.924681][T13355]  ? __pfx_lock_release+0x10/0x10
[ 1934.929745][T13355]  ? lock_vma_under_rcu+0x2f9/0x730
[ 1934.935007][T13355]  ? lock_vma_under_rcu+0x18a/0x730
[ 1934.940247][T13355]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 1934.945843][T13355]  handle_mm_fault+0x3c1/0x8a0
[ 1934.950659][T13355]  exc_page_fault+0x456/0x870
[ 1934.955396][T13355]  asm_exc_page_fault+0x26/0x30
[ 1934.960291][T13355] RIP: 0033:0x7fc736052860
[ 1934.964752][T13355] Code: 8e 31 c0 be 01 00 00 00 f0 0f b1 35 9a 8a c8 00 0f 85 26 0a 00 00 c1 e1 02 48 8b 05 aa 8a c8 00 48 8d 35 a3 8a c8 00 83 e1 04 <89> 4c 24 30 83 c9 03 89 4c 24 44 48 39 f0 0f 84 4c 07 00 00 31 db
[ 1934.984401][T13355] RSP: 002b:00007ffeef008180 EFLAGS: 00010246
[ 1934.990515][T13355] RAX: 00007fc735200980 RBX: fffffffffffff000 RCX: 0000000000000000
[ 1934.998524][T13355] RDX: 000000000000003f RSI: 00007fc736cdb300 RDI: 00007ffeef0083d8
00:48:01 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1935.006537][T13355] RBP: 0000000000000000 R08: 00007fc7361abf8c R09: 00007fc7361abf8c
[ 1935.014552][T13355] R10: 0000000000021000 R11: 0000000000020000 R12: 00007ffeef008420
[ 1935.022563][T13355] R13: ffffffffffffffc0 R14: 0000000000001000 R15: 0000000000000000
[ 1935.030594][T13355]  </TASK>
[ 1935.040246][T13355] memory: usage 307172kB, limit 307200kB, failcnt 19578
[ 1935.047335][T13355] memory+swap: usage 307356kB, limit 9007199254740988kB, failcnt 0
[ 1935.055268][T13355] kmem: usage 307144kB, limit 9007199254740988kB, failcnt 0
[ 1935.062664][T13355] Memory cgroup stats for /syz3:
[ 1935.062817][T13355] cache 8192
[ 1935.071065][T13355] rss 20480
[ 1935.074202][T13355] rss_huge 0
[ 1935.077873][T13355] shmem 4096
[ 1935.081108][T13355] mapped_file 4096
[ 1935.084860][T13355] dirty 0
[ 1935.087889][T13355] writeback 0
[ 1935.091194][T13355] workingset_refault_anon 12260
[ 1935.096196][T13355] workingset_refault_file 1
[ 1935.107669][T13355] swap 188416
[ 1935.111893][T13355] swapcached 20480
[ 1935.115654][T13355] pgpgin 139819
[ 1935.137140][T13355] pgpgout 139812
[ 1935.140749][T13355] pgfault 359604
[ 1935.144316][T13355] pgmajfault 11677
[ 1935.158630][T13355] inactive_anon 0
[ 1935.162516][T13355] active_anon 24576
[ 1935.169898][T13355] inactive_file 4096
[ 1935.177994][T13355] active_file 0
[ 1935.185067][T13355] unevictable 0
[ 1935.197238][T13355] hierarchical_memory_limit 314572800
[ 1935.209494][T13355] hierarchical_memsw_limit 9223372036854771712
[ 1935.227300][T13355] total_cache 8192
[ 1935.233446][T13355] total_rss 20480
[ 1935.249567][T13355] total_rss_huge 0
[ 1935.259748][T13355] total_shmem 4096
[ 1935.270352][T13355] total_mapped_file 4096
[ 1935.281490][T13355] total_dirty 0
[ 1935.291816][T13355] total_writeback 0
[ 1935.305643][T13355] total_workingset_refault_anon 12260
[ 1935.320274][T13355] total_workingset_refault_file 1
[ 1935.332196][T13355] total_swap 188416
[ 1935.340641][T13355] total_swapcached 20480
[ 1935.350631][T13355] total_pgpgin 139819
[ 1935.360545][T13355] total_pgpgout 139812
[ 1935.370492][T13355] total_pgfault 359604
[ 1935.379203][T13355] total_pgmajfault 11677
[ 1935.390316][T13355] total_inactive_anon 0
[ 1935.476441][T13355] total_active_anon 24576
[ 1935.481399][T13355] total_inactive_file 4096
[ 1935.485857][T13355] total_active_file 0
[ 1935.499542][T13355] total_unevictable 0
[ 1935.511937][T13355] anon_cost 0
[ 1935.525062][T13355] file_cost 0
[ 1935.534233][T13355] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=13353,uid=0
00:48:01 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1935.570826][T13355] Memory cgroup out of memory: Killed process 13353 (syz-executor.3) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 1935.595372][T13357] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1935.631208][T13357] CPU: 1 PID: 13357 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1935.641679][T13357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1935.651759][T13357] Call Trace:
[ 1935.655046][T13357]  <TASK>
[ 1935.657986][T13357]  dump_stack_lvl+0x1e7/0x2e0
[ 1935.662689][T13357]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1935.667902][T13357]  ? __pfx__printk+0x10/0x10
[ 1935.672503][T13357]  ? ___ratelimit+0x4c4/0x670
[ 1935.677211][T13357]  ? __pfx____ratelimit+0x10/0x10
[ 1935.682277][T13357]  dump_header+0xda/0x6a0
[ 1935.686623][T13357]  oom_kill_process+0x3a7/0x930
[ 1935.691490][T13357]  out_of_memory+0xf67/0x1320
[ 1935.696201][T13357]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1935.701848][T13357]  ? __pfx___mutex_lock+0x10/0x10
[ 1935.706920][T13357]  ? __pfx_out_of_memory+0x10/0x10
[ 1935.712060][T13357]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1935.717620][T13357]  ? __pfx_lock_release+0x10/0x10
[ 1935.722670][T13357]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1935.728771][T13357]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1935.733987][T13357]  ? mem_cgroup_iter+0x3e9/0x560
[ 1935.738943][T13357]  try_charge_memcg+0xda2/0x18a0
[ 1935.743910][T13357]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1935.749290][T13357]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1935.755050][T13357]  ? __pfx_lock_release+0x10/0x10
[ 1935.760094][T13357]  ? memcg_account_kmem+0x1e7/0x210
[ 1935.765315][T13357]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1935.771156][T13357]  __memcg_kmem_charge_page+0xe1/0x250
[ 1935.776635][T13357]  memcg_charge_kernel_stack+0x304/0x550
[ 1935.782314][T13357]  dup_task_struct+0x40d/0x7d0
[ 1935.787110][T13357]  copy_process+0x5d5/0x3fc0
[ 1935.791739][T13357]  ? __might_fault+0xa9/0x120
[ 1935.796454][T13357]  ? __pfx_lock_release+0x10/0x10
[ 1935.801505][T13357]  ? __pfx_copy_process+0x10/0x10
[ 1935.806540][T13357]  ? __might_fault+0xc5/0x120
[ 1935.811230][T13357]  ? __asan_memset+0x23/0x50
[ 1935.815839][T13357]  kernel_clone+0x21d/0x8d0
[ 1935.820367][T13357]  ? __pfx_kernel_clone+0x10/0x10
[ 1935.825425][T13357]  __se_sys_clone3+0x2cb/0x350
[ 1935.830213][T13357]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1935.835522][T13357]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1935.841530][T13357]  ? exc_page_fault+0x587/0x870
[ 1935.846401][T13357]  ? do_syscall_64+0xb4/0x240
[ 1935.851093][T13357]  do_syscall_64+0xf9/0x240
[ 1935.855656][T13357]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1935.861589][T13357] RIP: 0033:0x7fa936ca9b99
[ 1935.866100][T13357] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1935.885720][T13357] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1935.894149][T13357] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1935.902148][T13357] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1935.910230][T13357] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
[ 1935.918213][T13357] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1935.926190][T13357] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1935.934208][T13357]  </TASK>
[ 1936.096639][T13357] memory: usage 307200kB, limit 307200kB, failcnt 11559
[ 1936.105828][T13357] memory+swap: usage 307356kB, limit 9007199254740988kB, failcnt 0
[ 1936.120389][T13357] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1936.130256][T13357] Memory cgroup stats for /syz1:
[ 1936.130418][T13357] cache 0
[ 1936.146855][T13357] rss 24576
[ 1936.152702][T13357] rss_huge 0
[ 1936.156407][T13357] shmem 0
[ 1936.163306][T13357] mapped_file 0
[ 1936.169686][T13357] dirty 0
[ 1936.172948][T13357] writeback 0
[ 1936.176376][T13357] workingset_refault_anon 4661
[ 1936.184886][T13357] workingset_refault_file 1
[ 1936.196519][T13357] swap 135168
[ 1936.212073][T13357] swapcached 12288
[ 1936.220666][T13357] pgpgin 130419
[ 1936.224744][T13357] pgpgout 130413
[ 1936.231292][T13357] pgfault 340782
[ 1936.241074][T13357] pgmajfault 4397
[ 1936.244865][T13357] inactive_anon 0
[ 1936.253139][T13357] active_anon 24576
[ 1936.261109][T13357] inactive_file 0
[ 1936.264953][T13357] active_file 0
[ 1936.271619][T13357] unevictable 0
[ 1936.275280][T13357] hierarchical_memory_limit 314572800
[ 1936.284715][T13357] hierarchical_memsw_limit 9223372036854771712
[ 1936.293746][T13357] total_cache 0
[ 1936.301277][T13357] total_rss 24576
[ 1936.305118][T13357] total_rss_huge 0
[ 1936.315797][T13357] total_shmem 0
[ 1936.323764][T13357] total_mapped_file 0
[ 1936.330661][T13357] total_dirty 0
[ 1936.334324][T13357] total_writeback 0
[ 1936.344631][T13357] total_workingset_refault_anon 4661
[ 1936.353001][T13357] total_workingset_refault_file 1
[ 1936.363940][T13357] total_swap 135168
[ 1936.370945][T13357] total_swapcached 12288
[ 1936.375377][T13357] total_pgpgin 130419
[ 1936.383707][T13357] total_pgpgout 130413
[ 1936.390823][T13357] total_pgfault 340782
[ 1936.395128][T13357] total_pgmajfault 4397
[ 1936.403577][T13357] total_inactive_anon 0
[ 1936.410955][T13357] total_active_anon 24576
[ 1936.415472][T13357] total_inactive_file 0
[ 1936.434071][T13357] total_active_file 0
[ 1936.438744][T13357] total_unevictable 0
[ 1936.445198][T13357] anon_cost 0
[ 1936.456606][T13357] file_cost 0
[ 1936.460473][T13357] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13357,uid=0
[ 1936.483077][T13357] Memory cgroup out of memory: Killed process 13357 (syz-executor.1) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
[ 1936.534149][T13355] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1936.546385][T13355] CPU: 1 PID: 13355 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1936.556869][T13355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1936.566953][T13355] Call Trace:
[ 1936.570247][T13355]  <TASK>
[ 1936.573185][T13355]  dump_stack_lvl+0x1e7/0x2e0
[ 1936.577888][T13355]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1936.583102][T13355]  ? __pfx__printk+0x10/0x10
[ 1936.587702][T13355]  ? ___ratelimit+0x4c4/0x670
[ 1936.592484][T13355]  ? __pfx____ratelimit+0x10/0x10
[ 1936.597529][T13355]  dump_header+0xda/0x6a0
[ 1936.601878][T13355]  oom_kill_process+0x3a7/0x930
[ 1936.606742][T13355]  out_of_memory+0xf67/0x1320
[ 1936.611437][T13355]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1936.617080][T13355]  ? __pfx___mutex_lock+0x10/0x10
[ 1936.622122][T13355]  ? __pfx_out_of_memory+0x10/0x10
[ 1936.627254][T13355]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1936.632811][T13355]  ? __pfx_lock_release+0x10/0x10
[ 1936.637851][T13355]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1936.643942][T13355]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1936.649184][T13355]  ? mem_cgroup_iter+0x3e9/0x560
[ 1936.654143][T13355]  try_charge_memcg+0xda2/0x18a0
[ 1936.659114][T13355]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1936.664498][T13355]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1936.670239][T13355]  ? __pfx_lock_release+0x10/0x10
[ 1936.675297][T13355]  ? memcg_account_kmem+0x1e7/0x210
[ 1936.680514][T13355]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1936.686329][T13355]  __memcg_kmem_charge_page+0xe1/0x250
[ 1936.691811][T13355]  memcg_charge_kernel_stack+0x210/0x550
[ 1936.697473][T13355]  dup_task_struct+0x40d/0x7d0
[ 1936.702283][T13355]  copy_process+0x5d5/0x3fc0
[ 1936.706919][T13355]  ? __might_fault+0xa9/0x120
[ 1936.711627][T13355]  ? __pfx_lock_release+0x10/0x10
[ 1936.716674][T13355]  ? __pfx_copy_process+0x10/0x10
[ 1936.721708][T13355]  ? __might_fault+0xc5/0x120
[ 1936.726404][T13355]  ? __asan_memset+0x23/0x50
[ 1936.731011][T13355]  kernel_clone+0x21d/0x8d0
[ 1936.735527][T13355]  ? __pfx_kernel_clone+0x10/0x10
[ 1936.740576][T13355]  __se_sys_clone3+0x2cb/0x350
[ 1936.745350][T13355]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1936.750661][T13355]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1936.756669][T13355]  ? exc_page_fault+0x587/0x870
[ 1936.761539][T13355]  ? do_syscall_64+0xb4/0x240
[ 1936.766321][T13355]  do_syscall_64+0xf9/0x240
[ 1936.770845][T13355]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1936.776757][T13355] RIP: 0033:0x7fc7360a9b99
[ 1936.781182][T13355] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1936.800797][T13355] RSP: 002b:00007ffeef0080a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1936.809223][T13355] RAX: ffffffffffffffda RBX: 00007fc736052270 RCX: 00007fc7360a9b99
[ 1936.817212][T13355] RDX: 00007fc736052270 RSI: 0000000000000058 RDI: 00007ffeef0080f0
[ 1936.825196][T13355] RBP: 00007fc736ec76c0 R08: 00007fc736ec76c0 R09: 00007ffeef0081d7
[ 1936.833177][T13355] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1936.841159][T13355] R13: 000000000000000b R14: 00007ffeef0080f0 R15: 00007ffeef0081d8
[ 1936.849167][T13355]  </TASK>
00:48:03 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1936.918050][T13355] memory: usage 307200kB, limit 307200kB, failcnt 79671
[ 1936.925064][T13355] memory+swap: usage 307360kB, limit 9007199254740988kB, failcnt 0
[ 1936.939974][T13355] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[ 1936.947632][T13355] Memory cgroup stats for /syz2:
[ 1936.947779][T13355] cache 4096
[ 1936.956883][T13355] rss 12288
[ 1936.985299][T13355] rss_huge 0
[ 1936.990183][T13355] shmem 0
[ 1936.993176][T13355] mapped_file 0
[ 1936.996661][T13355] dirty 0
[ 1937.012520][T13355] writeback 0
[ 1937.015872][T13355] workingset_refault_anon 52327
[ 1937.052934][T13355] workingset_refault_file 1
[ 1937.071948][T13355] swap 163840
[ 1937.086509][T13355] swapcached 8192
[ 1937.095678][T13355] pgpgin 178425
[ 1937.109045][T13355] pgpgout 178421
[ 1937.127371][T13355] pgfault 392374
[ 1937.134527][T13355] pgmajfault 48440
[ 1937.153573][T13355] inactive_anon 0
[ 1937.172896][T13355] active_anon 12288
[ 1937.185898][T13355] inactive_file 0
[ 1937.201609][T13355] active_file 4096
[ 1937.208857][T13355] unevictable 0
[ 1937.217194][T13355] hierarchical_memory_limit 314572800
[ 1937.232419][T13355] hierarchical_memsw_limit 9223372036854771712
[ 1937.273434][T13355] total_cache 4096
[ 1937.357558][T13355] total_rss 12288
[ 1937.362045][T13355] total_rss_huge 0
[ 1937.365807][T13355] total_shmem 0
[ 1937.400826][T13355] total_mapped_file 0
[ 1937.404883][T13355] total_dirty 0
[ 1937.410192][T13355] total_writeback 0
[ 1937.414060][T13355] total_workingset_refault_anon 52327
[ 1937.445374][T13355] total_workingset_refault_file 1
[ 1937.471019][T13355] total_swap 163840
[ 1937.474915][T13355] total_swapcached 8192
[ 1937.499784][T13355] total_pgpgin 178425
[ 1937.503834][T13355] total_pgpgout 178421
[ 1937.519483][T13355] total_pgfault 392374
[ 1937.523616][T13355] total_pgmajfault 48440
[ 1937.548108][T13355] total_inactive_anon 0
[ 1937.552337][T13355] total_active_anon 12288
[ 1937.556700][T13355] total_inactive_file 0
[ 1937.608575][T13355] total_active_file 4096
[ 1937.612891][T13355] total_unevictable 0
[ 1937.616905][T13355] anon_cost 0
[ 1937.645068][T13355] file_cost 0
[ 1937.663194][T13355] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13355,uid=0
[ 1937.762071][T13355] Memory cgroup out of memory: Killed process 13355 (syz-executor.2) total-vm:54508kB, anon-rss:432kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 1937.904484][ T5099] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1937.949572][ T5099] CPU: 1 PID: 5099 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1937.959997][ T5099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1937.970100][ T5099] Call Trace:
[ 1937.973412][ T5099]  <TASK>
[ 1937.976372][ T5099]  dump_stack_lvl+0x1e7/0x2e0
[ 1937.981114][ T5099]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1937.986371][ T5099]  ? __pfx__printk+0x10/0x10
[ 1937.991019][ T5099]  ? ___ratelimit+0x4c4/0x670
[ 1937.995749][ T5099]  ? __pfx____ratelimit+0x10/0x10
[ 1938.000832][ T5099]  dump_header+0xda/0x6a0
[ 1938.005218][ T5099]  oom_kill_process+0x3a7/0x930
[ 1938.010122][ T5099]  out_of_memory+0xf67/0x1320
[ 1938.014854][ T5099]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1938.020533][ T5099]  ? __pfx___mutex_lock+0x10/0x10
[ 1938.025599][ T5099]  ? __pfx_out_of_memory+0x10/0x10
[ 1938.030771][ T5099]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1938.036373][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1938.041442][ T5099]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1938.047562][ T5099]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1938.052822][ T5099]  ? mem_cgroup_iter+0x3e9/0x560
[ 1938.057816][ T5099]  try_charge_memcg+0xda2/0x18a0
[ 1938.062795][ T5099]  ? mark_lock+0x9a/0x350
[ 1938.067211][ T5099]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1938.072648][ T5099]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1938.078839][ T5099]  charge_memcg+0xa2/0x160
[ 1938.083311][ T5099]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1938.089423][ T5099]  __read_swap_cache_async+0x480/0x8b0
[ 1938.094932][ T5099]  ? mark_lock+0x9a/0x350
[ 1938.099321][ T5099]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1938.105370][ T5099]  swap_cluster_readahead+0x67c/0x810
[ 1938.110811][ T5099]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1938.116780][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1938.121941][ T5099]  ? xas_descend+0x37e/0x470
[ 1938.126591][ T5099]  swapin_readahead+0x1ea/0x1070
[ 1938.131580][ T5099]  ? filemap_get_entry+0x127/0x4e0
[ 1938.136795][ T5099]  ? __pfx_swapin_readahead+0x10/0x10
[ 1938.142236][ T5099]  ? __filemap_get_folio+0x935/0xbc0
[ 1938.147580][ T5099]  ? swap_cache_get_folio+0x9f/0x570
[ 1938.153011][ T5099]  do_swap_page+0x791/0x3f40
[ 1938.157831][ T5099]  ? rcu_is_watching+0x15/0xb0
[ 1938.162664][ T5099]  ? do_swap_page+0x154/0x3f40
[ 1938.167474][ T5099]  ? __pfx_do_swap_page+0x10/0x10
[ 1938.172552][ T5099]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1938.178081][ T5099]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1938.183949][ T5099]  ? __pfx_validate_chain+0x10/0x10
[ 1938.189216][ T5099]  __handle_mm_fault+0x15e8/0x72d0
[ 1938.194412][ T5099]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1938.199932][ T5099]  ? mt_find+0x226/0x850
[ 1938.204224][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1938.209322][ T5099]  ? mt_find+0x62d/0x850
[ 1938.213618][ T5099]  ? mt_find+0x226/0x850
[ 1938.217948][ T5099]  ? find_vma+0x142/0x1c0
[ 1938.222323][ T5099]  ? __pfx_find_vma+0x10/0x10
[ 1938.227037][ T5099]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1938.233084][ T5099]  handle_mm_fault+0x3c1/0x8a0
[ 1938.237902][ T5099]  exc_page_fault+0x2ad/0x870
[ 1938.242632][ T5099]  asm_exc_page_fault+0x26/0x30
[ 1938.247519][ T5099] RIP: 0010:__get_user_8+0x11/0x20
[ 1938.252670][ T5099] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 1938.272317][ T5099] RSP: 0018:ffffc90003dffd98 EFLAGS: 00050202
[ 1938.278431][ T5099] RAX: 0000555556d69da8 RBX: ffff888021c59538 RCX: ffffc90003dffc03
[ 1938.286442][ T5099] RDX: 0000000000000000 RSI: ffffffff8baac7e0 RDI: ffffffff8bfe6de0
[ 1938.294489][ T5099] RBP: ffffc90003dffec8 R08: ffffffff8f856baf R09: 1ffffffff1f0ad75
[ 1938.302502][ T5099] R10: dffffc0000000000 R11: fffffbfff1f0ad76 R12: ffffc90003dffda0
[ 1938.310513][ T5099] R13: ffffc90003dfffd8 R14: dffffc0000000000 R15: ffff888021c58000
[ 1938.318566][ T5099]  __rseq_handle_notify_resume+0x158/0x1490
[ 1938.324530][ T5099]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 1938.330912][ T5099]  ? syscall_exit_to_user_mode+0xa2/0x360
[ 1938.336682][ T5099]  syscall_exit_to_user_mode+0x113/0x360
[ 1938.342369][ T5099]  do_syscall_64+0x108/0x240
[ 1938.347011][ T5099]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1938.352954][ T5099] RIP: 0033:0x7fa936ca91b5
[ 1938.357404][ T5099] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[ 1938.377065][ T5099] RSP: 002b:00007fff55d50a80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 1938.385536][ T5099] RAX: 0000000000000000 RBX: 000000000000388f RCX: 00007fa936ca91b5
[ 1938.393550][ T5099] RDX: 00007fff55d50ac0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1938.401573][ T5099] RBP: 00007fff55d50b4c R08: 0000000000000000 R09: 00007fff55de70b0
[ 1938.409677][ T5099] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 1938.417684][ T5099] R13: 00000000001d8e3d R14: 00000000001d8e3d R15: 0000000000000000
[ 1938.425714][ T5099]  </TASK>
[ 1938.569350][ T5099] memory: usage 307200kB, limit 307200kB, failcnt 11770
[ 1938.576368][ T5099] memory+swap: usage 307360kB, limit 9007199254740988kB, failcnt 0
[ 1938.647792][ T5099] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 1938.655245][ T5099] Memory cgroup stats for /syz1:
[ 1938.655387][ T5099] cache 0
[ 1938.707997][ T5099] rss 0
[ 1938.710823][ T5099] rss_huge 0
[ 1938.714037][ T5099] shmem 0
[ 1938.748250][ T5099] mapped_file 0
[ 1938.751780][ T5099] dirty 0
[ 1938.754740][ T5099] writeback 0
[ 1938.835099][ T5099] workingset_refault_anon 4739
[ 1938.861753][ T5099] workingset_refault_file 1
[ 1938.866331][ T5099] swap 163840
[ 1938.897575][ T5099] swapcached 0
[ 1938.901017][ T5099] pgpgin 130508
[ 1938.904508][ T5099] pgpgout 130508
[ 1938.938727][ T5099] pgfault 340915
[ 1938.942336][ T5099] pgmajfault 4458
[ 1938.945989][ T5099] inactive_anon 0
[ 1938.987290][ T5099] active_anon 0
[ 1938.990821][ T5099] inactive_file 0
[ 1938.994486][ T5099] active_file 0
[ 1939.025150][ T5099] unevictable 0
[ 1939.031081][ T5099] hierarchical_memory_limit 314572800
[ 1939.036507][ T5099] hierarchical_memsw_limit 9223372036854771712
[ 1939.097119][ T5099] total_cache 0
[ 1939.100665][ T5099] total_rss 0
[ 1939.117140][ T5099] total_rss_huge 0
[ 1939.120933][ T5099] total_shmem 0
[ 1939.124422][ T5099] total_mapped_file 0
[ 1939.158957][ T5099] total_dirty 0
[ 1939.162492][ T5099] total_writeback 0
[ 1939.180489][ T5099] total_workingset_refault_anon 4739
[ 1939.185839][ T5099] total_workingset_refault_file 1
[ 1939.227222][ T5099] total_swap 163840
[ 1939.242188][ T5099] total_swapcached 0
[ 1939.246229][ T5099] total_pgpgin 130508
[ 1939.250876][ T5099] total_pgpgout 130508
[ 1939.254991][ T5099] total_pgfault 340915
[ 1939.287632][ T5099] total_pgmajfault 4458
[ 1939.291901][ T5099] total_inactive_anon 0
[ 1939.296096][ T5099] total_active_anon 0
[ 1939.388916][ T5099] total_inactive_file 0
[ 1939.393156][ T5099] total_active_file 0
[ 1939.424870][ T5099] total_unevictable 0
[ 1939.449004][ T5099] anon_cost 0
[ 1939.452352][ T5099] file_cost 0
[ 1939.455671][ T5099] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13359,uid=0
[ 1939.561774][ T5099] Memory cgroup out of memory: Killed process 13359 (syz-executor.1) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
00:48:05 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:48:05 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:48:06 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x3, 0x10001)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$L2TP_CMD_SESSION_DELETE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="440000001000370400"/20, @ANYRES32=r4, @ANYBLOB="23a5050000000000240012800b00010067726574617000001400028008000100", @ANYRES32=r3, @ANYBLOB="06000300b1"], 0x44}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f00000001c0)={'ip6tnl0\x00', &(0x7f0000000240)={'syztnl2\x00', <r5=>0x0, 0x2f, 0x8, 0x3, 0x3f, 0x3e, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x40, 0x80, 0x20, 0x2}})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$AUDIT_USER_AVC(r1, &(0x7f0000000b40)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000b00)={&(0x7f00000006c0)={0x6c, 0x453, 0x100, 0x70bd27, 0x25dfdbfd, "f994af0dfc500492f76e4c38c0607a78ef6ff2fb7559ce029b69fa45d58880c33d9fafa50475c51b6b9bd3bc583e26afa7b9e9f5e894889a644422da32b45377dbe6bab547d5f9cbaef144a6b29e8ae5bd6ff8a713bb2c8f568e9604", ["", "", ""]}, 0x6c}, 0x1, 0x0, 0x0, 0x4000}, 0x44001)
r8 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000300), 0xffffffffffffffff)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r1, 0x8982, &(0x7f0000000640))
ioctl$ifreq_SIOCGIFINDEX_wireguard(r7, 0x8933, &(0x7f0000000000)={'wg2\x00', <r9=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r6, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000780)={0x368, r8, 0x409, 0x0, 0x0, {}, [@WGDEVICE_A_FLAGS={0x8}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r9}, @WGDEVICE_A_PEERS={0x344, 0x8, 0x0, 0x1, [{0x340, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}, @WGPEER_A_ALLOWEDIPS={0x318, 0x9, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}]}, {0x64, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}]}, {0x94, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @multicast2}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x1}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x40}}]}, {0xdc, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00'}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @multicast1}}, {0x5}}, @ipv4={{0x6}, {0x8}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}]}, {0x4c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}]}]}]}]}]}, 0x368}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@mpls_getnetconf={0x3c, 0x52, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x8001}, @NETCONFA_IFINDEX={0x8, 0x1, r9}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0xff}, @NETCONFA_IFINDEX={0x8, 0x1, r5}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x7}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x20008000)
sendmsg$nl_route_sched(r2, &(0x7f0000000600)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000400)={&(0x7f0000000580)=@deltaction={0x70, 0x31, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@TCA_ACT_TAB={0x5c, 0x1, [{0xc, 0x1f, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4a95}}, {0xc, 0xa, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xde0}}, {0xc, 0x15, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x101}}, {0xc, 0x12, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0x0, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x20}}, {0xc, 0x12, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0x10, 0xb, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
pipe(&(0x7f0000000b80)={<r10=>0xffffffffffffffff})
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r11, 0x8933, &(0x7f0000000000)={'wg0\x00', <r13=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580)={0x44, r12, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r13}, @WGDEVICE_A_PEERS={0x28, 0x8, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x8002, {0xa, 0x0, 0x0, @mcast1}}]}]}]}, 0x44}}, 0x0)
sendmsg$WG_CMD_SET_DEVICE(r10, &(0x7f0000000c80)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000c40)={&(0x7f0000000c00)={0x1c, r12, 0x400, 0x70bd2c, 0x25dfdbff, {}, [@WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e21}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x40)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r14=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010c00eeffffffff00f687000000", @ANYRES32=r14, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r14, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x5}, @TCA_TBF_RATE64={0xc, 0x4, 0xea40e936a126ae50}, @TCA_TBF_PARMS={0x28}]}}]}, 0x6c}}, 0x0)

00:48:06 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x74]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1940.436098][ T5110] syz-executor.2 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1940.748856][ T5110] CPU: 0 PID: 5110 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1940.759363][ T5110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1940.769462][ T5110] Call Trace:
[ 1940.772778][ T5110]  <TASK>
[ 1940.775740][ T5110]  dump_stack_lvl+0x1e7/0x2e0
[ 1940.780477][ T5110]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1940.785809][ T5110]  ? __pfx__printk+0x10/0x10
[ 1940.790434][ T5110]  ? ___ratelimit+0x4c4/0x670
[ 1940.795158][ T5110]  ? __pfx____ratelimit+0x10/0x10
[ 1940.800326][ T5110]  dump_header+0xda/0x6a0
[ 1940.804704][ T5110]  oom_kill_process+0x3a7/0x930
[ 1940.809606][ T5110]  out_of_memory+0xf67/0x1320
[ 1940.814346][ T5110]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1940.820028][ T5110]  ? __pfx___mutex_lock+0x10/0x10
[ 1940.825081][ T5110]  ? __pfx_out_of_memory+0x10/0x10
[ 1940.830234][ T5110]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1940.835816][ T5110]  ? __pfx_lock_release+0x10/0x10
[ 1940.840874][ T5110]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1940.847003][ T5110]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1940.852238][ T5110]  ? mem_cgroup_iter+0x3e9/0x560
[ 1940.857205][ T5110]  try_charge_memcg+0xda2/0x18a0
[ 1940.862163][ T5110]  ? mark_lock+0x9a/0x350
[ 1940.866521][ T5110]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1940.871936][ T5110]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1940.878104][ T5110]  charge_memcg+0xa2/0x160
[ 1940.882540][ T5110]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1940.888623][ T5110]  __read_swap_cache_async+0x480/0x8b0
[ 1940.894118][ T5110]  ? mark_lock+0x9a/0x350
[ 1940.898471][ T5110]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1940.904473][ T5110]  ? blk_start_plug+0x6f/0x1b0
[ 1940.909255][ T5110]  swap_cluster_readahead+0x398/0x810
[ 1940.914658][ T5110]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1940.920580][ T5110]  ? __pfx_lock_release+0x10/0x10
[ 1940.925629][ T5110]  ? xas_descend+0x37e/0x470
[ 1940.930245][ T5110]  swapin_readahead+0x1ea/0x1070
[ 1940.935200][ T5110]  ? filemap_get_entry+0x127/0x4e0
[ 1940.940347][ T5110]  ? __pfx_swapin_readahead+0x10/0x10
[ 1940.945763][ T5110]  ? __filemap_get_folio+0x935/0xbc0
[ 1940.951077][ T5110]  ? swap_cache_get_folio+0x9f/0x570
[ 1940.956387][ T5110]  do_swap_page+0x791/0x3f40
[ 1940.961000][ T5110]  ? rcu_is_watching+0x15/0xb0
[ 1940.965814][ T5110]  ? do_swap_page+0x154/0x3f40
[ 1940.970590][ T5110]  ? __pfx_do_swap_page+0x10/0x10
[ 1940.975650][ T5110]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1940.981154][ T5110]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1940.986993][ T5110]  __handle_mm_fault+0x15e8/0x72d0
[ 1940.992153][ T5110]  ? reacquire_held_locks+0x3eb/0x690
[ 1940.997549][ T5110]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1941.003066][ T5110]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 1941.008826][ T5110]  ? mtree_range_walk+0x6fd/0x8e0
[ 1941.013873][ T5110]  ? lock_vma_under_rcu+0x18a/0x730
[ 1941.019088][ T5110]  ? __pfx_lock_release+0x10/0x10
[ 1941.024129][ T5110]  ? lock_vma_under_rcu+0x2f9/0x730
[ 1941.029359][ T5110]  ? lock_vma_under_rcu+0x18a/0x730
[ 1941.034572][ T5110]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 1941.040155][ T5110]  handle_mm_fault+0x3c1/0x8a0
[ 1941.044985][ T5110]  exc_page_fault+0x456/0x870
[ 1941.049746][ T5110]  asm_exc_page_fault+0x26/0x30
[ 1941.054613][ T5110] RIP: 0033:0x7fc7360a91b8
[ 1941.059046][ T5110] Code: 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 44 89 c7 <48> 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8 c3 0f 1f
[ 1941.078767][ T5110] RSP: 002b:00007ffeef008480 EFLAGS: 00010293
[ 1941.084889][ T5110] RAX: 0000000000000000 RBX: 00000000000035be RCX: 00007fc7360a91b5
[ 1941.092963][ T5110] RDX: 00007ffeef0084c0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1941.100954][ T5110] RBP: 00007ffeef00854c R08: 0000000000000000 R09: 00007ffeef05f0b0
[ 1941.108937][ T5110] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 1941.116916][ T5110] R13: 00000000001d994c R14: 00000000001d994c R15: 0000000000000000
[ 1941.124913][ T5110]  </TASK>
[ 1941.333609][ T5110] memory: usage 307200kB, limit 307200kB, failcnt 80065
[ 1941.353039][ T5110] memory+swap: usage 307372kB, limit 9007199254740988kB, failcnt 0
[ 1941.383922][ T5110] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[ 1941.445103][ T5110] Memory cgroup stats for /syz2:
[ 1941.445259][ T5110] cache 4096
[ 1941.503462][ T5110] rss 0
[ 1941.518777][ T5110] rss_huge 0
[ 1941.535489][ T5110] shmem 0
[ 1941.552970][ T5110] mapped_file 0
[ 1941.573099][ T5110] dirty 0
[ 1941.590869][ T5110] writeback 0
[ 1941.614824][ T5110] workingset_refault_anon 52452
[ 1941.628823][ T5110] workingset_refault_file 1
[ 1941.667295][ T5110] swap 176128
[ 1941.670896][ T5110] swapcached 0
[ 1941.682107][ T5110] pgpgin 178564
[ 1941.702159][ T5110] pgpgout 178563
[ 1941.716445][ T5110] pgfault 392578
[ 1941.737448][ T5110] pgmajfault 48554
[ 1941.757234][ T5110] inactive_anon 0
[ 1941.775798][ T5110] active_anon 0
[ 1941.796899][ T5110] inactive_file 4096
[ 1941.837470][ T5110] active_file 0
[ 1941.847664][ T5110] unevictable 0
[ 1941.856004][ T5110] hierarchical_memory_limit 314572800
[ 1941.890813][ T5110] hierarchical_memsw_limit 9223372036854771712
[ 1941.920891][ T5110] total_cache 4096
[ 1941.943101][ T5110] total_rss 0
[ 1941.957644][ T5110] total_rss_huge 0
[ 1941.987264][ T5110] total_shmem 0
[ 1941.997129][ T5110] total_mapped_file 0
[ 1942.010195][ T5110] total_dirty 0
[ 1942.027684][ T5110] total_writeback 0
[ 1942.040779][ T5110] total_workingset_refault_anon 52452
[ 1942.077187][ T5110] total_workingset_refault_file 1
[ 1942.102172][ T5110] total_swap 176128
[ 1942.114478][ T5110] total_swapcached 0
[ 1942.127787][ T5110] total_pgpgin 178564
[ 1942.142939][ T5110] total_pgpgout 178563
[ 1942.167244][ T5110] total_pgfault 392578
[ 1942.174256][ T5110] total_pgmajfault 48554
[ 1942.188713][ T5110] total_inactive_anon 0
[ 1942.203834][ T5110] total_active_anon 0
[ 1942.226181][ T5110] total_inactive_file 4096
[ 1942.246654][ T5110] total_active_file 0
[ 1942.267242][ T5110] total_unevictable 0
[ 1942.274804][ T5110] anon_cost 0
[ 1942.304302][ T5110] file_cost 0
[ 1942.341304][ T5110] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13362,uid=0
[ 1942.395987][ T5110] Memory cgroup out of memory: Killed process 13362 (syz-executor.2) total-vm:54508kB, anon-rss:368kB, file-rss:8848kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 1942.483299][T13363] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1942.530467][T13363] CPU: 1 PID: 13363 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1942.540965][T13363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1942.551062][T13363] Call Trace:
[ 1942.554373][T13363]  <TASK>
[ 1942.557339][T13363]  dump_stack_lvl+0x1e7/0x2e0
[ 1942.562068][T13363]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1942.567312][T13363]  ? __pfx__printk+0x10/0x10
[ 1942.571946][T13363]  ? ___ratelimit+0x4c4/0x670
[ 1942.576677][T13363]  ? __pfx____ratelimit+0x10/0x10
[ 1942.581752][T13363]  dump_header+0xda/0x6a0
[ 1942.586129][T13363]  oom_kill_process+0x3a7/0x930
[ 1942.591031][T13363]  out_of_memory+0xf67/0x1320
[ 1942.595758][T13363]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1942.601439][T13363]  ? __pfx___mutex_lock+0x10/0x10
[ 1942.606500][T13363]  ? __pfx_out_of_memory+0x10/0x10
[ 1942.611644][T13363]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1942.617205][T13363]  ? __pfx_lock_release+0x10/0x10
[ 1942.622245][T13363]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1942.628341][T13363]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1942.633598][T13363]  ? mem_cgroup_iter+0x3e9/0x560
[ 1942.638583][T13363]  try_charge_memcg+0xda2/0x18a0
[ 1942.643559][T13363]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1942.648943][T13363]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1942.654677][T13363]  ? __pfx_lock_release+0x10/0x10
[ 1942.659718][T13363]  ? memcg_account_kmem+0x1e7/0x210
[ 1942.664955][T13363]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1942.670771][T13363]  __memcg_kmem_charge_page+0xe1/0x250
[ 1942.676259][T13363]  memcg_charge_kernel_stack+0x304/0x550
[ 1942.682014][T13363]  dup_task_struct+0x40d/0x7d0
[ 1942.686821][T13363]  copy_process+0x5d5/0x3fc0
[ 1942.691446][T13363]  ? __might_fault+0xa9/0x120
[ 1942.696138][T13363]  ? __pfx_lock_release+0x10/0x10
[ 1942.701190][T13363]  ? __pfx_copy_process+0x10/0x10
[ 1942.706226][T13363]  ? __might_fault+0xc5/0x120
[ 1942.710919][T13363]  ? __asan_memset+0x23/0x50
[ 1942.715528][T13363]  kernel_clone+0x21d/0x8d0
[ 1942.720048][T13363]  ? __pfx_kernel_clone+0x10/0x10
[ 1942.725099][T13363]  __se_sys_clone3+0x2cb/0x350
[ 1942.729895][T13363]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1942.735241][T13363]  ? do_syscall_64+0x108/0x240
[ 1942.741865][T13363]  ? do_syscall_64+0xb4/0x240
[ 1942.746647][T13363]  do_syscall_64+0xf9/0x240
[ 1942.751173][T13363]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1942.757089][T13363] RIP: 0033:0x7fa936ca9b99
[ 1942.761517][T13363] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1942.781149][T13363] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1942.789601][T13363] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1942.797593][T13363] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1942.805581][T13363] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
[ 1942.813591][T13363] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1942.821572][T13363] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1942.829592][T13363]  </TASK>
00:48:09 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:48:09 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1943.049550][T13363] memory: usage 307188kB, limit 307200kB, failcnt 12054
[ 1943.056568][T13363] memory+swap: usage 307336kB, limit 9007199254740988kB, failcnt 0
[ 1943.137967][T13363] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 1943.145336][T13363] Memory cgroup stats for /syz1:
[ 1943.145482][T13363] cache 0
[ 1943.183211][T13363] rss 0
[ 1943.186042][T13363] rss_huge 0
[ 1943.215127][T13363] shmem 0
[ 1943.243040][T13363] mapped_file 0
[ 1943.246572][T13363] dirty 0
[ 1943.267220][T13363] writeback 0
[ 1943.277764][T13363] workingset_refault_anon 4831
[ 1943.282579][T13363] workingset_refault_file 1
[ 1943.337757][T13363] swap 159744
[ 1943.341113][T13363] swapcached 0
[ 1943.344513][T13363] pgpgin 130612
[ 1943.368824][T13363] pgpgout 130612
[ 1943.372438][T13363] pgfault 341069
[ 1943.392818][T13363] pgmajfault 4544
[ 1943.396516][T13363] inactive_anon 0
[ 1943.431558][T13363] active_anon 0
[ 1943.435080][T13363] inactive_file 0
[ 1943.467303][T13363] active_file 0
[ 1943.470832][T13363] unevictable 0
[ 1943.474311][T13363] hierarchical_memory_limit 314572800
[ 1943.572673][T13363] hierarchical_memsw_limit 9223372036854771712
[ 1943.598933][T13363] total_cache 0
[ 1943.636603][T13363] total_rss 0
[ 1943.657680][T13363] total_rss_huge 0
[ 1943.663810][T13363] total_shmem 0
[ 1943.675411][T13363] total_mapped_file 0
[ 1943.695292][T13363] total_dirty 0
[ 1943.711583][T13363] total_writeback 0
[ 1943.732156][T13363] total_workingset_refault_anon 4831
[ 1943.755786][T13363] total_workingset_refault_file 1
[ 1943.802875][T13363] total_swap 159744
[ 1943.811155][T13363] total_swapcached 0
[ 1943.829361][T13363] total_pgpgin 130612
[ 1943.853601][T13363] total_pgpgout 130612
[ 1943.876784][T13363] total_pgfault 341069
[ 1943.904807][T13363] total_pgmajfault 4544
[ 1943.944555][T13363] total_inactive_anon 0
[ 1943.963972][T13363] total_active_anon 0
[ 1943.977337][T13363] total_inactive_file 0
[ 1943.981567][T13363] total_active_file 0
[ 1943.985575][T13363] total_unevictable 0
[ 1944.037219][T13363] anon_cost 0
[ 1944.055566][T13363] file_cost 0
[ 1944.067250][T13363] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13363,uid=0
[ 1944.192362][T13363] Memory cgroup out of memory: Killed process 13363 (syz-executor.1) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
[ 1944.265103][T13366] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1944.341560][T13366] CPU: 1 PID: 13366 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1944.352051][T13366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1944.362152][T13366] Call Trace:
[ 1944.365459][T13366]  <TASK>
[ 1944.368421][T13366]  dump_stack_lvl+0x1e7/0x2e0
[ 1944.373151][T13366]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1944.378405][T13366]  ? __pfx__printk+0x10/0x10
[ 1944.383034][T13366]  ? ___ratelimit+0x4c4/0x670
[ 1944.387758][T13366]  ? __pfx____ratelimit+0x10/0x10
[ 1944.392854][T13366]  dump_header+0xda/0x6a0
[ 1944.397239][T13366]  oom_kill_process+0x3a7/0x930
[ 1944.402138][T13366]  out_of_memory+0xf67/0x1320
[ 1944.406859][T13366]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1944.412536][T13366]  ? __pfx___mutex_lock+0x10/0x10
[ 1944.417600][T13366]  ? __pfx_out_of_memory+0x10/0x10
[ 1944.422763][T13366]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1944.428347][T13366]  ? __pfx_lock_release+0x10/0x10
[ 1944.433433][T13366]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1944.439555][T13366]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1944.444794][T13366]  ? mem_cgroup_iter+0x3e9/0x560
[ 1944.449786][T13366]  try_charge_memcg+0xda2/0x18a0
[ 1944.454808][T13366]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1944.460233][T13366]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1944.466005][T13366]  ? __pfx_lock_release+0x10/0x10
[ 1944.471089][T13366]  ? memcg_account_kmem+0x1e7/0x210
[ 1944.476352][T13366]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1944.482227][T13366]  __memcg_kmem_charge_page+0xe1/0x250
[ 1944.487745][T13366]  memcg_charge_kernel_stack+0x11c/0x550
[ 1944.493436][T13366]  dup_task_struct+0x15d/0x7d0
[ 1944.498251][T13366]  copy_process+0x5d5/0x3fc0
[ 1944.502902][T13366]  ? __might_fault+0xa9/0x120
[ 1944.507629][T13366]  ? __pfx_lock_release+0x10/0x10
[ 1944.512712][T13366]  ? __pfx_copy_process+0x10/0x10
[ 1944.517796][T13366]  ? __might_fault+0xc5/0x120
[ 1944.522541][T13366]  ? __asan_memset+0x23/0x50
[ 1944.527190][T13366]  kernel_clone+0x21d/0x8d0
[ 1944.531750][T13366]  ? __pfx_kernel_clone+0x10/0x10
[ 1944.536844][T13366]  __se_sys_clone3+0x2cb/0x350
[ 1944.541663][T13366]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1944.547008][T13366]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1944.553058][T13366]  ? exc_page_fault+0x587/0x870
[ 1944.557971][T13366]  ? do_syscall_64+0xb4/0x240
[ 1944.562710][T13366]  do_syscall_64+0xf9/0x240
[ 1944.567278][T13366]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1944.573229][T13366] RIP: 0033:0x7fc7360a9b99
[ 1944.577683][T13366] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1944.597335][T13366] RSP: 002b:00007ffeef0080a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1944.605809][T13366] RAX: ffffffffffffffda RBX: 00007fc736052270 RCX: 00007fc7360a9b99
[ 1944.613830][T13366] RDX: 00007fc736052270 RSI: 0000000000000058 RDI: 00007ffeef0080f0
[ 1944.621851][T13366] RBP: 00007fc736ec76c0 R08: 00007fc736ec76c0 R09: 00007ffeef0081d7
[ 1944.629882][T13366] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
00:48:10 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1944.637905][T13366] R13: 000000000000000b R14: 00007ffeef0080f0 R15: 00007ffeef0081d8
[ 1944.645945][T13366]  </TASK>
[ 1944.661153][ T5108] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1944.739589][ T5108] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1944.778164][ T5108] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1944.857962][ T5108] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1944.866707][ T5108] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 1944.874566][ T5108] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1945.039247][T13366] memory: usage 307180kB, limit 307200kB, failcnt 80541
[ 1945.057340][T13366] memory+swap: usage 307348kB, limit 9007199254740988kB, failcnt 0
[ 1945.107470][T13366] kmem: usage 307176kB, limit 9007199254740988kB, failcnt 0
[ 1945.116279][T13366] Memory cgroup stats for /syz2:
[ 1945.116421][T13366] cache 0
[ 1945.163856][T13366] rss 4096
[ 1945.178406][T13366] rss_huge 0
[ 1945.195447][T13366] shmem 0
[ 1945.199077][T13366] mapped_file 0
[ 1945.202587][T13366] dirty 0
[ 1945.205550][T13366] writeback 0
[ 1945.218666][T13366] workingset_refault_anon 52609
[ 1945.230406][T13366] workingset_refault_file 1
[ 1945.235983][T13366] swap 172032
[ 1945.251690][T13366] swapcached 4096
[ 1945.255493][T13366] pgpgin 178737
[ 1945.262023][T13366] pgpgout 178736
[ 1945.280116][T13366] pgfault 392827
[ 1945.283879][T13366] pgmajfault 48698
[ 1945.288697][T13366] inactive_anon 4096
[ 1945.293750][T13366] active_anon 0
[ 1945.309530][T13366] inactive_file 0
[ 1945.322484][T13366] active_file 0
[ 1945.326091][T13366] unevictable 0
[ 1945.335169][T13366] hierarchical_memory_limit 314572800
[ 1945.350282][T13366] hierarchical_memsw_limit 9223372036854771712
[ 1945.356933][T13366] total_cache 0
[ 1945.387349][T13366] total_rss 4096
[ 1945.400488][T13366] total_rss_huge 0
[ 1945.414369][T13366] total_shmem 0
[ 1945.423194][T13366] total_mapped_file 0
[ 1945.428579][T13366] total_dirty 0
[ 1945.447288][T13366] total_writeback 0
[ 1945.457361][T13366] total_workingset_refault_anon 52609
[ 1945.484128][T13366] total_workingset_refault_file 1
[ 1945.497628][T13366] total_swap 172032
[ 1945.506074][T13366] total_swapcached 4096
[ 1945.511548][T13366] total_pgpgin 178737
[ 1945.547232][T13366] total_pgpgout 178736
[ 1945.551459][T13366] total_pgfault 392827
[ 1945.569276][T13366] total_pgmajfault 48698
[ 1945.574682][T13366] total_inactive_anon 4096
[ 1945.608582][T13366] total_active_anon 0
[ 1945.617121][T13366] total_inactive_file 0
[ 1945.631811][T13366] total_active_file 0
[ 1945.731771][T13366] total_unevictable 0
[ 1945.743326][T13366] anon_cost 0
[ 1945.758270][T13366] file_cost 0
[ 1945.761726][T13366] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13366,uid=0
[ 1945.804311][T13366] Memory cgroup out of memory: Killed process 13366 (syz-executor.2) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 1945.872022][T13367] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 1945.888076][T13367] CPU: 0 PID: 13367 Comm: syz-executor.3 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1945.898571][T13367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1945.908702][T13367] Call Trace:
[ 1945.912009][T13367]  <TASK>
[ 1945.914970][T13367]  dump_stack_lvl+0x1e7/0x2e0
[ 1945.919697][T13367]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1945.924945][T13367]  ? __pfx__printk+0x10/0x10
[ 1945.929584][T13367]  ? ___ratelimit+0x4c4/0x670
[ 1945.934314][T13367]  ? __pfx____ratelimit+0x10/0x10
[ 1945.939393][T13367]  dump_header+0xda/0x6a0
[ 1945.943774][T13367]  oom_kill_process+0x3a7/0x930
[ 1945.948677][T13367]  out_of_memory+0xf67/0x1320
[ 1945.953408][T13367]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1945.959171][T13367]  ? __pfx___mutex_lock+0x10/0x10
[ 1945.964219][T13367]  ? __pfx_out_of_memory+0x10/0x10
[ 1945.969370][T13367]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1945.974944][T13367]  ? __pfx_lock_release+0x10/0x10
[ 1945.979997][T13367]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1945.986094][T13367]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1945.991313][T13367]  ? mem_cgroup_iter+0x3e9/0x560
[ 1945.996272][T13367]  try_charge_memcg+0xda2/0x18a0
[ 1946.001224][T13367]  ? mark_lock+0x9a/0x350
[ 1946.005580][T13367]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1946.010987][T13367]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1946.017150][T13367]  charge_memcg+0xa2/0x160
[ 1946.021587][T13367]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1946.027666][T13367]  __read_swap_cache_async+0x480/0x8b0
[ 1946.033138][T13367]  ? mark_lock+0x9a/0x350
[ 1946.037483][T13367]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1946.043484][T13367]  swap_cluster_readahead+0x67c/0x810
[ 1946.048880][T13367]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1946.054789][T13367]  ? __pfx_lock_release+0x10/0x10
[ 1946.059840][T13367]  ? xas_descend+0x37e/0x470
[ 1946.064449][T13367]  swapin_readahead+0x1ea/0x1070
[ 1946.069405][T13367]  ? filemap_get_entry+0x127/0x4e0
[ 1946.074547][T13367]  ? __pfx_swapin_readahead+0x10/0x10
[ 1946.079940][T13367]  ? __filemap_get_folio+0x935/0xbc0
[ 1946.085242][T13367]  ? swap_cache_get_folio+0x9f/0x570
[ 1946.090543][T13367]  do_swap_page+0x791/0x3f40
[ 1946.095145][T13367]  ? rcu_is_watching+0x15/0xb0
[ 1946.100027][T13367]  ? do_swap_page+0x154/0x3f40
[ 1946.104800][T13367]  ? __pfx_do_swap_page+0x10/0x10
[ 1946.109842][T13367]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1946.115321][T13367]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1946.121145][T13367]  ? __pfx_validate_chain+0x10/0x10
[ 1946.126372][T13367]  __handle_mm_fault+0x15e8/0x72d0
[ 1946.131527][T13367]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1946.137012][T13367]  ? mt_find+0x226/0x850
[ 1946.141276][T13367]  ? __pfx_lock_release+0x10/0x10
[ 1946.146333][T13367]  ? mt_find+0x62d/0x850
[ 1946.150594][T13367]  ? mt_find+0x226/0x850
[ 1946.154874][T13367]  ? find_vma+0x142/0x1c0
[ 1946.159219][T13367]  ? __pfx_find_vma+0x10/0x10
[ 1946.163908][T13367]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1946.169910][T13367]  handle_mm_fault+0x3c1/0x8a0
[ 1946.174699][T13367]  exc_page_fault+0x2ad/0x870
[ 1946.179403][T13367]  asm_exc_page_fault+0x26/0x30
[ 1946.184268][T13367] RIP: 0010:__put_user_4+0x11/0x20
[ 1946.189399][T13367] Code: 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[ 1946.209022][T13367] RSP: 0018:ffffc90004cb7bd8 EFLAGS: 00050206
[ 1946.215103][T13367] RAX: 0000000000003919 RBX: 0000000000000000 RCX: 00007f1eef285990
[ 1946.223081][T13367] RDX: 0000000000000000 RSI: ffffffff8baac7e0 RDI: ffffffff8bfe6de0
[ 1946.231059][T13367] RBP: ffffc90004cb7d10 R08: ffffffff8f856baf R09: 1ffffffff1f0ad75
[ 1946.239040][T13367] R10: dffffc0000000000 R11: fffffbfff1f0ad76 R12: ffffc90004cb7d78
[ 1946.247027][T13367] R13: 00000000003d0f00 R14: ffffc90004cb7c40 R15: dffffc0000000000
[ 1946.255029][T13367]  kernel_clone+0x363/0x8d0
[ 1946.259555][T13367]  ? __pfx_kernel_clone+0x10/0x10
[ 1946.264607][T13367]  __se_sys_clone3+0x2cb/0x350
[ 1946.269387][T13367]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1946.274736][T13367]  ? do_syscall_64+0x108/0x240
[ 1946.279590][T13367]  ? do_syscall_64+0xb4/0x240
[ 1946.284300][T13367]  do_syscall_64+0xf9/0x240
[ 1946.288824][T13367]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1946.294829][T13367] RIP: 0033:0x7f1eee4a9b99
[ 1946.299253][T13367] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1946.318869][T13367] RSP: 002b:00007ffc334af428 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1946.327296][T13367] RAX: ffffffffffffffda RBX: 00007f1eee452270 RCX: 00007f1eee4a9b99
[ 1946.335277][T13367] RDX: 00007f1eee452270 RSI: 0000000000000058 RDI: 00007ffc334af470
[ 1946.343254][T13367] RBP: 00007f1eef2856c0 R08: 00007f1eef2856c0 R09: 00007ffc334af557
[ 1946.351236][T13367] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1946.359213][T13367] R13: 000000000000006e R14: 00007ffc334af470 R15: 00007ffc334af558
[ 1946.367212][T13367]  </TASK>
[ 1946.497498][T13367] memory: usage 307200kB, limit 307200kB, failcnt 21172
[ 1946.546630][T13367] memory+swap: usage 307416kB, limit 9007199254740988kB, failcnt 0
00:48:12 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1946.647728][T13367] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[ 1946.666920][T13367] Memory cgroup stats for /syz3:
[ 1946.669281][T13367] cache 4096
[ 1946.687927][T13367] rss 0
[ 1946.690755][T13367] rss_huge 0
[ 1946.693976][T13367] shmem 0
[ 1946.696940][T13367] mapped_file 0
[ 1946.711421][T13367] dirty 0
[ 1946.714429][T13367] writeback 0
[ 1946.717937][T13367] workingset_refault_anon 13234
[ 1946.722819][T13367] workingset_refault_file 1
[ 1946.739107][T13367] swap 221184
[ 1946.742458][T13367] swapcached 0
[ 1946.751824][T13367] pgpgin 140905
[ 1946.755348][T13367] pgpgout 140904
[ 1946.779844][T13367] pgfault 361090
[ 1946.784532][T13367] pgmajfault 12601
[ 1946.798116][T13367] inactive_anon 0
[ 1946.801824][T13367] active_anon 0
[ 1946.805325][T13367] inactive_file 4096
[ 1946.816452][T13367] active_file 0
[ 1946.837820][T13367] unevictable 0
[ 1946.841357][T13367] hierarchical_memory_limit 314572800
[ 1946.846760][T13367] hierarchical_memsw_limit 9223372036854771712
[ 1946.878936][T13367] total_cache 4096
[ 1946.882731][T13367] total_rss 0
[ 1946.896845][T13367] total_rss_huge 0
[ 1946.927301][T13367] total_shmem 0
[ 1946.930835][T13367] total_mapped_file 0
[ 1946.934850][T13367] total_dirty 0
[ 1946.938754][ T5108] Bluetooth: hci5: command 0x0409 tx timeout
[ 1946.970070][T13367] total_writeback 0
[ 1946.973957][T13367] total_workingset_refault_anon 13234
[ 1947.024605][T13367] total_workingset_refault_file 1
[ 1947.047376][T13367] total_swap 221184
[ 1947.077268][T13367] total_swapcached 0
[ 1947.090228][T13367] total_pgpgin 140905
[ 1947.099753][T13367] total_pgpgout 140904
[ 1947.116966][T13367] total_pgfault 361090
[ 1947.133431][T13367] total_pgmajfault 12601
[ 1947.142216][T13367] total_inactive_anon 0
[ 1947.155005][T13367] total_active_anon 0
[ 1947.178514][T13367] total_inactive_file 4096
[ 1947.183108][T13367] total_active_file 0
[ 1947.203333][T13367] total_unevictable 0
[ 1947.213483][T13367] anon_cost 0
[ 1947.225418][T13367] file_cost 0
[ 1947.250641][T13367] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=13367,uid=0
[ 1947.301959][T13367] Memory cgroup out of memory: Killed process 13367 (syz-executor.3) total-vm:54640kB, anon-rss:516kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:92kB oom_score_adj:1000
00:48:14 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:48:14 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1948.044573][T13377] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1948.097364][T13377] CPU: 1 PID: 13377 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1948.107857][T13377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1948.117955][T13377] Call Trace:
[ 1948.121271][T13377]  <TASK>
[ 1948.124245][T13377]  dump_stack_lvl+0x1e7/0x2e0
[ 1948.129079][T13377]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1948.134348][T13377]  ? __pfx__printk+0x10/0x10
[ 1948.138992][T13377]  ? ___ratelimit+0x4c4/0x670
[ 1948.143725][T13377]  ? __pfx____ratelimit+0x10/0x10
[ 1948.148805][T13377]  dump_header+0xda/0x6a0
[ 1948.153190][T13377]  oom_kill_process+0x3a7/0x930
[ 1948.158098][T13377]  out_of_memory+0xf67/0x1320
[ 1948.162827][T13377]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1948.168504][T13377]  ? __pfx___mutex_lock+0x10/0x10
[ 1948.173573][T13377]  ? __pfx_out_of_memory+0x10/0x10
[ 1948.178746][T13377]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1948.184342][T13377]  ? __pfx_lock_release+0x10/0x10
[ 1948.189427][T13377]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1948.195554][T13377]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1948.200805][T13377]  ? mem_cgroup_iter+0x3e9/0x560
[ 1948.205801][T13377]  try_charge_memcg+0xda2/0x18a0
[ 1948.210813][T13377]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1948.216229][T13377]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1948.221994][T13377]  ? __pfx_lock_release+0x10/0x10
[ 1948.227071][T13377]  ? memcg_account_kmem+0x1e7/0x210
[ 1948.232340][T13377]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1948.238196][T13377]  __memcg_kmem_charge_page+0xe1/0x250
[ 1948.243732][T13377]  memcg_charge_kernel_stack+0x3f8/0x550
[ 1948.249682][T13377]  dup_task_struct+0x15d/0x7d0
[ 1948.254494][T13377]  copy_process+0x5d5/0x3fc0
[ 1948.259147][T13377]  ? __might_fault+0xa9/0x120
[ 1948.263863][T13377]  ? __pfx_lock_release+0x10/0x10
[ 1948.268944][T13377]  ? __pfx_copy_process+0x10/0x10
[ 1948.274006][T13377]  ? __might_fault+0xc5/0x120
[ 1948.278734][T13377]  ? __asan_memset+0x23/0x50
[ 1948.283374][T13377]  kernel_clone+0x21d/0x8d0
[ 1948.287924][T13377]  ? __pfx_kernel_clone+0x10/0x10
[ 1948.293037][T13377]  __se_sys_clone3+0x2cb/0x350
[ 1948.297853][T13377]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1948.303209][T13377]  ? do_syscall_64+0x108/0x240
[ 1948.308021][T13377]  ? do_syscall_64+0xb4/0x240
[ 1948.312756][T13377]  do_syscall_64+0xf9/0x240
[ 1948.317312][T13377]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1948.323257][T13377] RIP: 0033:0x7fc7360a9b99
[ 1948.327706][T13377] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1948.347353][T13377] RSP: 002b:00007ffeef0080a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1948.355821][T13377] RAX: ffffffffffffffda RBX: 00007fc736052270 RCX: 00007fc7360a9b99
[ 1948.363836][T13377] RDX: 00007fc736052270 RSI: 0000000000000058 RDI: 00007ffeef0080f0
[ 1948.371851][T13377] RBP: 00007fc736ec76c0 R08: 00007fc736ec76c0 R09: 00007ffeef0081d7
[ 1948.379868][T13377] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1948.387883][T13377] R13: 000000000000000b R14: 00007ffeef0080f0 R15: 00007ffeef0081d8
[ 1948.395915][T13377]  </TASK>
[ 1948.425555][T13377] memory: usage 307200kB, limit 307200kB, failcnt 81383
[ 1948.432686][T13377] memory+swap: usage 307376kB, limit 9007199254740988kB, failcnt 0
[ 1948.446500][T13377] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1948.454228][T13377] Memory cgroup stats for /syz2:
[ 1948.454388][T13377] cache 0
[ 1948.467724][T13377] rss 20480
[ 1948.470887][T13377] rss_huge 0
[ 1948.474131][T13377] shmem 0
[ 1948.489281][T13377] mapped_file 0
[ 1948.492805][T13377] dirty 0
[ 1948.495772][T13377] writeback 0
[ 1948.508333][T13377] workingset_refault_anon 52898
[ 1948.513248][T13377] workingset_refault_file 1
[ 1948.549062][T13377] swap 159744
[ 1948.552424][T13377] swapcached 20480
[ 1948.556176][T13377] pgpgin 179040
[ 1948.560466][T13377] pgpgout 179035
[ 1948.564066][T13377] pgfault 393242
[ 1948.579582][T13377] pgmajfault 48938
[ 1948.583370][T13377] inactive_anon 12288
[ 1948.599734][T13377] active_anon 8192
[ 1948.603528][T13377] inactive_file 0
[ 1948.607919][T13377] active_file 0
[ 1948.611424][T13377] unevictable 0
[ 1948.614908][T13377] hierarchical_memory_limit 314572800
[ 1948.635511][T13377] hierarchical_memsw_limit 9223372036854771712
[ 1948.654174][T13377] total_cache 0
[ 1948.657961][T13377] total_rss 20480
[ 1948.661645][T13377] total_rss_huge 0
[ 1948.665400][T13377] total_shmem 0
[ 1948.677753][T13377] total_mapped_file 0
[ 1948.681790][T13377] total_dirty 0
[ 1948.685273][T13377] total_writeback 0
[ 1948.694945][T13377] total_workingset_refault_anon 52898
[ 1948.711126][T13377] total_workingset_refault_file 1
[ 1948.716221][T13377] total_swap 159744
[ 1948.729486][T13377] total_swapcached 20480
[ 1948.733796][T13377] total_pgpgin 179040
[ 1948.743588][T13377] total_pgpgout 179035
[ 1948.760327][T13377] total_pgfault 393242
[ 1948.764450][T13377] total_pgmajfault 48938
[ 1948.768835][T13377] total_inactive_anon 12288
[ 1948.773362][T13377] total_active_anon 8192
[ 1948.787132][T13377] total_inactive_file 0
[ 1948.791344][T13377] total_active_file 0
[ 1948.795347][T13377] total_unevictable 0
[ 1948.814408][T13377] anon_cost 0
[ 1948.817958][T13377] file_cost 0
[ 1948.821280][T13377] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13377,uid=0
[ 1948.867732][T13377] Memory cgroup out of memory: Killed process 13377 (syz-executor.2) total-vm:54508kB, anon-rss:384kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:48:15 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1948.911723][ T5099] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1948.997120][ T5108] Bluetooth: hci5: command 0x041b tx timeout
[ 1949.019170][ T5099] CPU: 1 PID: 5099 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1949.029561][ T5099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1949.039740][ T5099] Call Trace:
[ 1949.043058][ T5099]  <TASK>
[ 1949.046029][ T5099]  dump_stack_lvl+0x1e7/0x2e0
[ 1949.050763][ T5099]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1949.056027][ T5099]  ? __pfx__printk+0x10/0x10
[ 1949.060671][ T5099]  ? ___ratelimit+0x4c4/0x670
[ 1949.065409][ T5099]  ? __pfx____ratelimit+0x10/0x10
[ 1949.070494][ T5099]  dump_header+0xda/0x6a0
[ 1949.074886][ T5099]  oom_kill_process+0x3a7/0x930
[ 1949.079798][ T5099]  out_of_memory+0xf67/0x1320
[ 1949.084530][ T5099]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1949.090206][ T5099]  ? __pfx___mutex_lock+0x10/0x10
[ 1949.095277][ T5099]  ? __pfx_out_of_memory+0x10/0x10
[ 1949.100448][ T5099]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1949.106038][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1949.111109][ T5099]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1949.117224][ T5099]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1949.122463][ T5099]  ? mem_cgroup_iter+0x3e9/0x560
[ 1949.127451][ T5099]  try_charge_memcg+0xda2/0x18a0
[ 1949.132416][ T5099]  ? mark_lock+0x9a/0x350
[ 1949.136792][ T5099]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1949.142210][ T5099]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1949.148374][ T5099]  charge_memcg+0xa2/0x160
[ 1949.152812][ T5099]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1949.158893][ T5099]  __read_swap_cache_async+0x480/0x8b0
[ 1949.164372][ T5099]  ? mark_lock+0x9a/0x350
[ 1949.168716][ T5099]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1949.174720][ T5099]  swap_cluster_readahead+0x67c/0x810
[ 1949.180121][ T5099]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1949.186036][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1949.191077][ T5099]  ? xas_descend+0x37e/0x470
[ 1949.195691][ T5099]  swapin_readahead+0x1ea/0x1070
[ 1949.200647][ T5099]  ? filemap_get_entry+0x127/0x4e0
[ 1949.205784][ T5099]  ? __pfx_swapin_readahead+0x10/0x10
[ 1949.211178][ T5099]  ? __filemap_get_folio+0x935/0xbc0
[ 1949.216482][ T5099]  ? swap_cache_get_folio+0x9f/0x570
[ 1949.221786][ T5099]  do_swap_page+0x791/0x3f40
[ 1949.226389][ T5099]  ? rcu_is_watching+0x15/0xb0
[ 1949.231179][ T5099]  ? do_swap_page+0x154/0x3f40
[ 1949.235957][ T5099]  ? __pfx_do_swap_page+0x10/0x10
[ 1949.241086][ T5099]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1949.246561][ T5099]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1949.252383][ T5099]  ? __pfx_validate_chain+0x10/0x10
[ 1949.257600][ T5099]  __handle_mm_fault+0x15e8/0x72d0
[ 1949.262751][ T5099]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1949.268232][ T5099]  ? mt_find+0x226/0x850
[ 1949.272493][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1949.277551][ T5099]  ? mt_find+0x62d/0x850
[ 1949.281813][ T5099]  ? mt_find+0x226/0x850
[ 1949.286098][ T5099]  ? find_vma+0x142/0x1c0
[ 1949.290438][ T5099]  ? __pfx_find_vma+0x10/0x10
[ 1949.295125][ T5099]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1949.301227][ T5099]  handle_mm_fault+0x3c1/0x8a0
[ 1949.306099][ T5099]  exc_page_fault+0x2ad/0x870
[ 1949.310796][ T5099]  asm_exc_page_fault+0x26/0x30
[ 1949.316088][ T5099] RIP: 0010:__get_user_8+0x11/0x20
[ 1949.321210][ T5099] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 1949.340827][ T5099] RSP: 0000:ffffc90003dffd98 EFLAGS: 00050202
[ 1949.346905][ T5099] RAX: 0000555556d69da8 RBX: ffff888021c59538 RCX: ffffc90003dffc03
[ 1949.354982][ T5099] RDX: 0000000000000000 RSI: ffffffff8baac7e0 RDI: ffffffff8bfe6de0
[ 1949.362972][ T5099] RBP: ffffc90003dffec8 R08: ffffffff8f856baf R09: 1ffffffff1f0ad75
[ 1949.370963][ T5099] R10: dffffc0000000000 R11: fffffbfff1f0ad76 R12: ffffc90003dffda0
[ 1949.378949][ T5099] R13: ffffc90003dfffd8 R14: dffffc0000000000 R15: ffff888021c58000
[ 1949.386948][ T5099]  __rseq_handle_notify_resume+0x158/0x1490
[ 1949.392884][ T5099]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 1949.399247][ T5099]  ? syscall_exit_to_user_mode+0xa2/0x360
[ 1949.404988][ T5099]  syscall_exit_to_user_mode+0x113/0x360
[ 1949.410639][ T5099]  do_syscall_64+0x108/0x240
[ 1949.415248][ T5099]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1949.421249][ T5099] RIP: 0033:0x7fa936ca91b5
[ 1949.425675][ T5099] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[ 1949.445299][ T5099] RSP: 002b:00007fff55d50a80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 1949.453728][ T5099] RAX: 0000000000000000 RBX: 0000000000003895 RCX: 00007fa936ca91b5
[ 1949.461710][ T5099] RDX: 00007fff55d50ac0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1949.469688][ T5099] RBP: 00007fff55d50b4c R08: 0000000000000000 R09: 00007fff55de70b0
[ 1949.477679][ T5099] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 1949.485667][ T5099] R13: 00000000001db9c4 R14: 00000000001db9c4 R15: 0000000000000000
[ 1949.493662][ T5099]  </TASK>
[ 1949.540022][ T5099] memory: usage 307200kB, limit 307200kB, failcnt 12790
[ 1949.590800][ T5099] memory+swap: usage 307352kB, limit 9007199254740988kB, failcnt 0
[ 1949.612854][ T5099] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[ 1949.642188][ T5099] Memory cgroup stats for /syz1:
[ 1949.642344][ T5099] cache 0
[ 1949.670742][ T5099] rss 8192
[ 1949.680290][ T5099] rss_huge 0
[ 1949.689678][ T5099] shmem 0
[ 1949.698723][ T5099] mapped_file 0
[ 1949.707322][ T5099] dirty 0
[ 1949.710315][ T5099] writeback 0
[ 1949.713620][ T5099] workingset_refault_anon 5102
[ 1949.733572][ T5099] workingset_refault_file 1
[ 1949.744910][ T5099] swap 155648
[ 1949.753122][ T5099] swapcached 4096
[ 1949.767119][ T5099] pgpgin 130919
[ 1949.784370][ T5099] pgpgout 130917
[ 1949.808705][ T5099] pgfault 341519
[ 1949.812313][ T5099] pgmajfault 4792
[ 1949.816013][ T5099] inactive_anon 0
[ 1949.835521][ T5099] active_anon 8192
[ 1949.840447][ T5099] inactive_file 0
[ 1949.844248][ T5099] active_file 0
[ 1949.869998][ T5099] unevictable 0
[ 1949.889021][ T5099] hierarchical_memory_limit 314572800
[ 1949.895343][ T5099] hierarchical_memsw_limit 9223372036854771712
[ 1949.931967][ T5099] total_cache 0
[ 1949.964189][ T5099] total_rss 8192
[ 1949.988634][ T5099] total_rss_huge 0
[ 1949.992430][ T5099] total_shmem 0
[ 1949.995920][ T5099] total_mapped_file 0
[ 1950.039058][ T5099] total_dirty 0
[ 1950.056368][ T5099] total_writeback 0
[ 1950.075968][ T5099] total_workingset_refault_anon 5102
[ 1950.104289][ T5099] total_workingset_refault_file 1
[ 1950.132965][ T5099] total_swap 155648
[ 1950.136849][ T5099] total_swapcached 4096
[ 1950.157210][ T5099] total_pgpgin 130919
[ 1950.162089][ T5099] total_pgpgout 130917
[ 1950.166204][ T5099] total_pgfault 341519
[ 1950.196964][ T5099] total_pgmajfault 4792
[ 1950.203356][ T5099] total_inactive_anon 0
[ 1950.207861][ T5099] total_active_anon 8192
[ 1950.237476][ T5099] total_inactive_file 0
[ 1950.261258][ T5099] total_active_file 0
[ 1950.266236][ T5099] total_unevictable 0
[ 1950.299776][ T5099] anon_cost 0
[ 1950.303141][ T5099] file_cost 0
[ 1950.306452][ T5099] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13380,uid=0
[ 1950.325758][ T5099] Memory cgroup out of memory: Killed process 13380 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
00:48:16 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1950.376144][ T5110] syz-executor.2 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1950.409927][ T5110] CPU: 1 PID: 5110 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1950.420332][ T5110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1950.430430][ T5110] Call Trace:
[ 1950.433740][ T5110]  <TASK>
[ 1950.436706][ T5110]  dump_stack_lvl+0x1e7/0x2e0
[ 1950.441445][ T5110]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1950.446707][ T5110]  ? __pfx__printk+0x10/0x10
[ 1950.451352][ T5110]  ? ___ratelimit+0x4c4/0x670
[ 1950.456088][ T5110]  ? __pfx____ratelimit+0x10/0x10
[ 1950.461165][ T5110]  dump_header+0xda/0x6a0
[ 1950.465521][ T5110]  oom_kill_process+0x3a7/0x930
[ 1950.470392][ T5110]  out_of_memory+0xf67/0x1320
[ 1950.475091][ T5110]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1950.480740][ T5110]  ? __pfx___mutex_lock+0x10/0x10
[ 1950.485780][ T5110]  ? __pfx_out_of_memory+0x10/0x10
[ 1950.490914][ T5110]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1950.496473][ T5110]  ? __pfx_lock_release+0x10/0x10
[ 1950.501515][ T5110]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1950.507603][ T5110]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1950.512834][ T5110]  ? mem_cgroup_iter+0x3e9/0x560
[ 1950.517795][ T5110]  try_charge_memcg+0xda2/0x18a0
[ 1950.522746][ T5110]  ? mark_lock+0x9a/0x350
[ 1950.527105][ T5110]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1950.532510][ T5110]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1950.538676][ T5110]  charge_memcg+0xa2/0x160
[ 1950.543117][ T5110]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1950.549201][ T5110]  __read_swap_cache_async+0x480/0x8b0
[ 1950.554681][ T5110]  ? mark_lock+0x9a/0x350
[ 1950.559032][ T5110]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1950.565040][ T5110]  swap_cluster_readahead+0x67c/0x810
[ 1950.570449][ T5110]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1950.576400][ T5110]  ? __pfx_lock_release+0x10/0x10
[ 1950.581460][ T5110]  ? xas_descend+0x37e/0x470
[ 1950.586087][ T5110]  swapin_readahead+0x1ea/0x1070
[ 1950.591056][ T5110]  ? filemap_get_entry+0x127/0x4e0
[ 1950.596200][ T5110]  ? __pfx_swapin_readahead+0x10/0x10
[ 1950.601600][ T5110]  ? __filemap_get_folio+0x935/0xbc0
[ 1950.606944][ T5110]  ? swap_cache_get_folio+0x9f/0x570
[ 1950.612257][ T5110]  do_swap_page+0x791/0x3f40
[ 1950.616910][ T5110]  ? rcu_is_watching+0x15/0xb0
[ 1950.621709][ T5110]  ? do_swap_page+0x154/0x3f40
[ 1950.626482][ T5110]  ? __pfx_do_swap_page+0x10/0x10
[ 1950.631603][ T5110]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1950.637080][ T5110]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1950.642910][ T5110]  __handle_mm_fault+0x15e8/0x72d0
[ 1950.648078][ T5110]  ? reacquire_held_locks+0x3eb/0x690
[ 1950.653461][ T5110]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1950.658946][ T5110]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 1950.664690][ T5110]  ? mtree_range_walk+0x6fd/0x8e0
[ 1950.669730][ T5110]  ? lock_vma_under_rcu+0x18a/0x730
[ 1950.674948][ T5110]  ? __pfx_lock_release+0x10/0x10
[ 1950.680076][ T5110]  ? lock_vma_under_rcu+0x2f9/0x730
[ 1950.685307][ T5110]  ? lock_vma_under_rcu+0x18a/0x730
[ 1950.690605][ T5110]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 1950.696166][ T5110]  handle_mm_fault+0x3c1/0x8a0
[ 1950.700955][ T5110]  exc_page_fault+0x456/0x870
[ 1950.705656][ T5110]  asm_exc_page_fault+0x26/0x30
[ 1950.710523][ T5110] RIP: 0033:0x7fc73607a7a4
[ 1950.714950][ T5110] Code: 84 00 00 00 00 00 80 3d 71 57 10 00 00 49 89 ca 74 14 b8 3d 00 00 00 0f 05 48 3d 00 f0 ff ff 77 5d c3 0f 1f 40 00 48 83 ec 28 <89> 54 24 14 48 89 74 24 08 89 7c 24 10 48 89 4c 24 18 e8 d5 a3 02
[ 1950.734566][ T5110] RSP: 002b:00007ffeef0084c0 EFLAGS: 00010206
[ 1950.740647][ T5110] RAX: 0000000000000287 RBX: 00000000000035c1 RCX: 0000000000000000
[ 1950.748627][ T5110] RDX: 0000000040000001 RSI: 00007ffeef00854c RDI: 00000000ffffffff
[ 1950.756609][ T5110] RBP: 00007ffeef00854c R08: 0000000000000010 R09: 00007ffeef05f0b0
[ 1950.764613][ T5110] R10: 0000000000000000 R11: 000000000005d134 R12: 0000000000000032
[ 1950.772627][ T5110] R13: 00000000001dbf27 R14: 00000000001dbf27 R15: 0000000000000000
[ 1950.780660][ T5110]  </TASK>
[ 1950.923826][ T5110] memory: usage 307200kB, limit 307200kB, failcnt 81906
[ 1950.934707][ T5110] memory+swap: usage 307372kB, limit 9007199254740988kB, failcnt 0
00:48:17 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42c]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1950.970148][ T5110] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 1951.001584][ T5110] Memory cgroup stats for /syz2:
[ 1951.002000][ T5110] cache 0
[ 1951.024089][ T5110] rss 12288
[ 1951.032526][ T5110] rss_huge 0
[ 1951.057180][ T5110] shmem 0
[ 1951.068263][ T5110] mapped_file 0
[ 1951.071783][ T5110] dirty 0
[ 1951.074748][ T5110] writeback 0
[ 1951.078563][ T5108] Bluetooth: hci5: command 0x040f tx timeout
[ 1951.098248][ T5110] workingset_refault_anon 53101
[ 1951.104386][ T5110] workingset_refault_file 1
[ 1951.112595][ T5110] swap 163840
[ 1951.115918][ T5110] swapcached 4096
[ 1951.120956][ T5110] pgpgin 179255
[ 1951.124460][ T5110] pgpgout 179252
[ 1951.128386][ T5110] pgfault 393559
[ 1951.131959][ T5110] pgmajfault 49133
[ 1951.135697][ T5110] inactive_anon 0
[ 1951.139481][ T5110] active_anon 0
[ 1951.142963][ T5110] inactive_file 0
[ 1951.146609][ T5110] active_file 0
[ 1951.150155][ T5110] unevictable 0
[ 1951.153632][ T5110] hierarchical_memory_limit 314572800
[ 1951.159415][ T5110] hierarchical_memsw_limit 9223372036854771712
[ 1951.165598][ T5110] total_cache 0
[ 1951.169126][ T5110] total_rss 12288
[ 1951.172797][ T5110] total_rss_huge 0
[ 1951.176541][ T5110] total_shmem 0
[ 1951.180393][ T5110] total_mapped_file 0
[ 1951.184407][ T5110] total_dirty 0
[ 1951.189179][ T5110] total_writeback 0
[ 1951.193081][ T5110] total_workingset_refault_anon 53101
[ 1951.198867][ T5110] total_workingset_refault_file 1
[ 1951.203927][ T5110] total_swap 163840
[ 1951.208146][ T5110] total_swapcached 4096
[ 1951.212331][ T5110] total_pgpgin 179255
[ 1951.216339][ T5110] total_pgpgout 179252
[ 1951.220976][ T5110] total_pgfault 393559
[ 1951.225464][ T5110] total_pgmajfault 49133
[ 1951.232129][ T5110] total_inactive_anon 0
[ 1951.236327][ T5110] total_active_anon 0
[ 1951.245145][ T5110] total_inactive_file 0
[ 1951.249694][ T5110] total_active_file 0
[ 1951.253729][ T5110] total_unevictable 0
[ 1951.267170][ T5110] anon_cost 0
[ 1951.270524][ T5110] file_cost 0
[ 1951.273853][ T5110] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13383,uid=0
[ 1951.290623][ T5110] Memory cgroup out of memory: Killed process 13383 (syz-executor.2) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 1951.330227][T13384] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1951.354079][T13384] CPU: 1 PID: 13384 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1951.364565][T13384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1951.374656][T13384] Call Trace:
[ 1951.377970][T13384]  <TASK>
[ 1951.380928][T13384]  dump_stack_lvl+0x1e7/0x2e0
[ 1951.385651][T13384]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1951.390896][T13384]  ? __pfx__printk+0x10/0x10
[ 1951.395530][T13384]  ? ___ratelimit+0x4c4/0x670
[ 1951.400258][T13384]  ? __pfx____ratelimit+0x10/0x10
[ 1951.405337][T13384]  dump_header+0xda/0x6a0
[ 1951.409716][T13384]  oom_kill_process+0x3a7/0x930
[ 1951.414621][T13384]  out_of_memory+0xf67/0x1320
[ 1951.419343][T13384]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1951.425095][T13384]  ? __pfx___mutex_lock+0x10/0x10
00:48:17 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1951.430152][T13384]  ? __pfx_out_of_memory+0x10/0x10
[ 1951.435317][T13384]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1951.440902][T13384]  ? __pfx_lock_release+0x10/0x10
[ 1951.445978][T13384]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1951.452112][T13384]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1951.457362][T13384]  ? mem_cgroup_iter+0x3e9/0x560
[ 1951.462345][T13384]  try_charge_memcg+0xda2/0x18a0
[ 1951.467321][T13384]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1951.472702][T13384]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1951.478452][T13384]  ? __pfx_lock_release+0x10/0x10
[ 1951.483493][T13384]  ? memcg_account_kmem+0x1e7/0x210
[ 1951.488805][T13384]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1951.494627][T13384]  __memcg_kmem_charge_page+0xe1/0x250
[ 1951.500111][T13384]  memcg_charge_kernel_stack+0x304/0x550
[ 1951.505764][T13384]  dup_task_struct+0x15d/0x7d0
[ 1951.510546][T13384]  copy_process+0x5d5/0x3fc0
[ 1951.515163][T13384]  ? __might_fault+0xa9/0x120
[ 1951.519856][T13384]  ? __pfx_lock_release+0x10/0x10
[ 1951.524909][T13384]  ? __pfx_copy_process+0x10/0x10
[ 1951.529943][T13384]  ? __might_fault+0xc5/0x120
[ 1951.534721][T13384]  ? __asan_memset+0x23/0x50
[ 1951.539329][T13384]  kernel_clone+0x21d/0x8d0
[ 1951.543848][T13384]  ? __pfx_kernel_clone+0x10/0x10
[ 1951.548985][T13384]  __se_sys_clone3+0x2cb/0x350
[ 1951.553765][T13384]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1951.559091][T13384]  ? do_syscall_64+0x108/0x240
[ 1951.563876][T13384]  ? do_syscall_64+0xb4/0x240
[ 1951.568572][T13384]  do_syscall_64+0xf9/0x240
[ 1951.573099][T13384]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1951.579013][T13384] RIP: 0033:0x7fa936ca9b99
[ 1951.583437][T13384] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1951.603057][T13384] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1951.611497][T13384] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1951.619495][T13384] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1951.627475][T13384] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
[ 1951.635454][T13384] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1951.643437][T13384] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1951.651434][T13384]  </TASK>
[ 1951.668140][T13384] memory: usage 307200kB, limit 307200kB, failcnt 13433
[ 1951.675201][T13384] memory+swap: usage 307356kB, limit 9007199254740988kB, failcnt 0
[ 1951.685413][T13384] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1951.711935][T13384] Memory cgroup stats for /syz1:
[ 1951.712084][T13384] cache 0
[ 1951.720695][T13384] rss 0
[ 1951.723490][T13384] rss_huge 0
[ 1951.726705][T13384] shmem 0
[ 1951.741691][T13384] mapped_file 0
[ 1951.745243][T13384] dirty 0
[ 1951.757114][T13384] writeback 0
[ 1951.760470][T13384] workingset_refault_anon 5295
[ 1951.765266][T13384] workingset_refault_file 1
[ 1951.774850][T13384] swap 159744
[ 1951.782602][T13384] swapcached 0
[ 1951.798254][T13384] pgpgin 131124
[ 1951.816874][T13384] pgpgout 131124
[ 1951.821747][T13384] pgfault 341828
[ 1951.825786][T13384] pgmajfault 4982
[ 1951.829847][T13384] inactive_anon 0
[ 1951.869030][T13384] active_anon 0
[ 1951.872568][T13384] inactive_file 0
[ 1951.876240][T13384] active_file 0
[ 1951.899031][T13384] unevictable 0
[ 1951.919421][T13384] hierarchical_memory_limit 314572800
[ 1951.924859][T13384] hierarchical_memsw_limit 9223372036854771712
[ 1951.934441][T13384] total_cache 0
[ 1951.940988][T13384] total_rss 0
[ 1951.944356][T13384] total_rss_huge 0
[ 1951.959868][T13384] total_shmem 0
[ 1951.963477][T13384] total_mapped_file 0
[ 1951.982611][T13384] total_dirty 0
[ 1951.986145][T13384] total_writeback 0
[ 1951.993038][T13384] total_workingset_refault_anon 5295
[ 1952.014685][T13384] total_workingset_refault_file 1
[ 1952.028630][T13384] total_swap 159744
[ 1952.032520][T13384] total_swapcached 0
[ 1952.036440][T13384] total_pgpgin 131124
[ 1952.055789][T13384] total_pgpgout 131124
[ 1952.061503][T13384] total_pgfault 341828
[ 1952.065665][T13384] total_pgmajfault 4982
[ 1952.070321][T13384] total_inactive_anon 0
[ 1952.074632][T13384] total_active_anon 0
[ 1952.110708][T13384] total_inactive_file 0
[ 1952.116079][T13384] total_active_file 0
[ 1952.128590][T13384] total_unevictable 0
[ 1952.155172][T13384] anon_cost 0
[ 1952.163081][T13384] file_cost 0
[ 1952.166442][T13384] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13384,uid=0
[ 1952.191101][T13384] Memory cgroup out of memory: Killed process 13384 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
[ 1952.270399][T13387] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1952.282255][T13387] CPU: 1 PID: 13387 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1952.292727][T13387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1952.302909][T13387] Call Trace:
[ 1952.306220][T13387]  <TASK>
[ 1952.309189][T13387]  dump_stack_lvl+0x1e7/0x2e0
[ 1952.313920][T13387]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1952.319177][T13387]  ? __pfx__printk+0x10/0x10
[ 1952.323822][T13387]  ? ___ratelimit+0x4c4/0x670
[ 1952.328564][T13387]  ? __pfx____ratelimit+0x10/0x10
[ 1952.333636][T13387]  dump_header+0xda/0x6a0
[ 1952.338004][T13387]  oom_kill_process+0x3a7/0x930
[ 1952.342905][T13387]  out_of_memory+0xf67/0x1320
[ 1952.347610][T13387]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1952.353259][T13387]  ? __pfx___mutex_lock+0x10/0x10
[ 1952.358295][T13387]  ? __pfx_out_of_memory+0x10/0x10
[ 1952.363427][T13387]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1952.368984][T13387]  ? __pfx_lock_release+0x10/0x10
[ 1952.374026][T13387]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1952.380110][T13387]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1952.385327][T13387]  ? mem_cgroup_iter+0x3e9/0x560
[ 1952.390285][T13387]  try_charge_memcg+0xda2/0x18a0
[ 1952.395265][T13387]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1952.400653][T13387]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1952.406384][T13387]  ? __pfx_lock_release+0x10/0x10
[ 1952.411425][T13387]  ? memcg_account_kmem+0x1e7/0x210
[ 1952.416650][T13387]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1952.422473][T13387]  __memcg_kmem_charge_page+0xe1/0x250
[ 1952.427957][T13387]  memcg_charge_kernel_stack+0x196/0x550
[ 1952.433609][T13387]  dup_task_struct+0x40d/0x7d0
[ 1952.438393][T13387]  copy_process+0x5d5/0x3fc0
[ 1952.443006][T13387]  ? __might_fault+0xa9/0x120
[ 1952.447697][T13387]  ? __pfx_lock_release+0x10/0x10
[ 1952.452740][T13387]  ? __pfx_copy_process+0x10/0x10
[ 1952.457773][T13387]  ? __might_fault+0xc5/0x120
[ 1952.462463][T13387]  ? __asan_memset+0x23/0x50
[ 1952.467072][T13387]  kernel_clone+0x21d/0x8d0
[ 1952.471596][T13387]  ? __pfx_kernel_clone+0x10/0x10
[ 1952.476648][T13387]  __se_sys_clone3+0x2cb/0x350
[ 1952.481427][T13387]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1952.486723][T13387]  ? rcu_is_watching+0x15/0xb0
[ 1952.491517][T13387]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1952.497529][T13387]  ? exc_page_fault+0x587/0x870
[ 1952.502403][T13387]  ? do_syscall_64+0xb4/0x240
[ 1952.507100][T13387]  do_syscall_64+0xf9/0x240
[ 1952.511629][T13387]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1952.517545][T13387] RIP: 0033:0x7fc7360a9b99
[ 1952.521973][T13387] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1952.541589][T13387] RSP: 002b:00007ffeef0080a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1952.550019][T13387] RAX: ffffffffffffffda RBX: 00007fc736052270 RCX: 00007fc7360a9b99
[ 1952.558003][T13387] RDX: 00007fc736052270 RSI: 0000000000000058 RDI: 00007ffeef0080f0
[ 1952.566001][T13387] RBP: 00007fc736ec76c0 R08: 00007fc736ec76c0 R09: 00007ffeef0081d7
[ 1952.574069][T13387] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1952.582050][T13387] R13: 000000000000000b R14: 00007ffeef0080f0 R15: 00007ffeef0081d8
[ 1952.590048][T13387]  </TASK>
[ 1952.606659][T13387] memory: usage 307200kB, limit 307200kB, failcnt 82297
[ 1952.613746][T13387] memory+swap: usage 307372kB, limit 9007199254740988kB, failcnt 0
[ 1952.648921][T13387] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1952.656281][T13387] Memory cgroup stats for /syz2:
[ 1952.656427][T13387] cache 0
[ 1952.676794][T13387] rss 16384
[ 1952.697424][T13387] rss_huge 0
[ 1952.700785][T13387] shmem 0
[ 1952.703756][T13387] mapped_file 0
[ 1952.716541][T13387] dirty 0
[ 1952.720389][T13387] writeback 0
[ 1952.735659][T13387] workingset_refault_anon 53244
[ 1952.742242][T13387] workingset_refault_file 1
[ 1952.757143][T13387] swap 159744
[ 1952.760490][T13387] swapcached 12288
[ 1952.764240][T13387] pgpgin 179410
[ 1952.773957][T13387] pgpgout 179406
[ 1952.779835][T13387] pgfault 393796
[ 1952.783527][T13387] pgmajfault 49269
[ 1952.790331][T13387] inactive_anon 0
[ 1952.803696][T13387] active_anon 16384
[ 1952.811381][T13387] inactive_file 0
[ 1952.815072][T13387] active_file 0
[ 1952.826199][T13387] unevictable 0
[ 1952.832710][T13387] hierarchical_memory_limit 314572800
[ 1952.842367][T13387] hierarchical_memsw_limit 9223372036854771712
[ 1952.851554][T13387] total_cache 0
[ 1952.855086][T13387] total_rss 16384
[ 1952.862681][T13387] total_rss_huge 0
[ 1952.866454][T13387] total_shmem 0
[ 1952.873003][T13387] total_mapped_file 0
[ 1952.880847][T13387] total_dirty 0
[ 1952.884359][T13387] total_writeback 0
[ 1952.891226][T13387] total_workingset_refault_anon 53244
[ 1952.896654][T13387] total_workingset_refault_file 1
[ 1952.905952][T13387] total_swap 159744
[ 1952.912450][T13387] total_swapcached 12288
[ 1952.916763][T13387] total_pgpgin 179410
[ 1952.943294][T13387] total_pgpgout 179406
[ 1952.949248][T13387] total_pgfault 393796
[ 1952.953391][T13387] total_pgmajfault 49269
[ 1952.962537][T13387] total_inactive_anon 0
[ 1952.966758][T13387] total_active_anon 16384
[ 1952.973020][T13387] total_inactive_file 0
[ 1952.982044][T13387] total_active_file 0
[ 1952.986129][T13387] total_unevictable 0
[ 1952.991710][T13387] anon_cost 0
[ 1952.995052][T13387] file_cost 0
00:48:19 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1953.017078][T13387] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13387,uid=0
[ 1953.043358][T13387] Memory cgroup out of memory: Killed process 13387 (syz-executor.2) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:48:19 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1953.158624][ T5108] Bluetooth: hci5: command 0x0419 tx timeout
[ 1953.415468][T13388] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1953.465196][T13388] CPU: 1 PID: 13388 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1953.475687][T13388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1953.485781][T13388] Call Trace:
[ 1953.489101][T13388]  <TASK>
[ 1953.492067][T13388]  dump_stack_lvl+0x1e7/0x2e0
[ 1953.496818][T13388]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1953.502088][T13388]  ? __pfx__printk+0x10/0x10
[ 1953.506762][T13388]  ? ___ratelimit+0x4c4/0x670
[ 1953.511506][T13388]  ? __pfx____ratelimit+0x10/0x10
[ 1953.516598][T13388]  dump_header+0xda/0x6a0
[ 1953.520997][T13388]  oom_kill_process+0x3a7/0x930
[ 1953.525910][T13388]  out_of_memory+0xf67/0x1320
[ 1953.530658][T13388]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1953.536349][T13388]  ? __pfx___mutex_lock+0x10/0x10
[ 1953.541433][T13388]  ? __pfx_out_of_memory+0x10/0x10
[ 1953.546625][T13388]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1953.552237][T13388]  ? __pfx_lock_release+0x10/0x10
[ 1953.557325][T13388]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1953.563459][T13388]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1953.568723][T13388]  ? mem_cgroup_iter+0x3e9/0x560
[ 1953.573725][T13388]  try_charge_memcg+0xda2/0x18a0
[ 1953.578751][T13388]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1953.584180][T13388]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1953.590044][T13388]  ? __pfx_lock_release+0x10/0x10
[ 1953.595135][T13388]  ? memcg_account_kmem+0x1e7/0x210
[ 1953.600408][T13388]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1953.606285][T13388]  __memcg_kmem_charge_page+0xe1/0x250
[ 1953.611815][T13388]  memcg_charge_kernel_stack+0x304/0x550
[ 1953.617515][T13388]  dup_task_struct+0x40d/0x7d0
[ 1953.622345][T13388]  copy_process+0x5d5/0x3fc0
[ 1953.627006][T13388]  ? __might_fault+0xa9/0x120
[ 1953.631733][T13388]  ? __pfx_lock_release+0x10/0x10
[ 1953.636836][T13388]  ? __pfx_copy_process+0x10/0x10
[ 1953.641921][T13388]  ? __might_fault+0xc5/0x120
[ 1953.646671][T13388]  ? __asan_memset+0x23/0x50
[ 1953.651331][T13388]  kernel_clone+0x21d/0x8d0
[ 1953.655899][T13388]  ? __pfx_kernel_clone+0x10/0x10
[ 1953.661020][T13388]  __se_sys_clone3+0x2cb/0x350
[ 1953.665847][T13388]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1953.671202][T13388]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1953.677265][T13388]  ? exc_page_fault+0x587/0x870
[ 1953.682196][T13388]  ? do_syscall_64+0xb4/0x240
[ 1953.686936][T13388]  do_syscall_64+0xf9/0x240
[ 1953.691500][T13388]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1953.697440][T13388] RIP: 0033:0x7fa936ca9b99
[ 1953.701905][T13388] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1953.721559][T13388] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1953.730032][T13388] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1953.738051][T13388] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1953.746076][T13388] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
[ 1953.754094][T13388] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1953.762116][T13388] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1953.770154][T13388]  </TASK>
[ 1953.802308][T13388] memory: usage 307200kB, limit 307200kB, failcnt 13690
[ 1953.811903][T13388] memory+swap: usage 307356kB, limit 9007199254740988kB, failcnt 0
[ 1953.823392][T13388] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1953.834002][T13388] Memory cgroup stats for /syz1:
[ 1953.834163][T13388] cache 0
[ 1953.846302][T13388] rss 0
[ 1953.854021][T13388] rss_huge 0
[ 1953.861313][T13388] shmem 0
[ 1953.864437][T13388] mapped_file 0
[ 1953.870087][T13388] dirty 0
[ 1953.873195][T13388] writeback 0
[ 1953.876608][T13388] workingset_refault_anon 5383
[ 1953.885906][T13388] workingset_refault_file 1
[ 1953.919938][T13388] swap 159744
[ 1953.925217][T13388] swapcached 0
[ 1953.945307][T13388] pgpgin 131223
[ 1953.956575][T13388] pgpgout 131223
[ 1953.976299][T13388] pgfault 341979
[ 1953.985429][T13388] pgmajfault 5065
[ 1953.996881][T13388] inactive_anon 0
[ 1954.003674][T13388] active_anon 0
[ 1954.012549][T13388] inactive_file 0
[ 1954.016352][T13388] active_file 0
[ 1954.022194][T13388] unevictable 0
[ 1954.025788][T13388] hierarchical_memory_limit 314572800
[ 1954.035261][T13388] hierarchical_memsw_limit 9223372036854771712
[ 1954.065543][T13388] total_cache 0
[ 1954.069310][T13388] total_rss 0
[ 1954.072740][T13388] total_rss_huge 0
[ 1954.076597][T13388] total_shmem 0
[ 1954.082734][T13388] total_mapped_file 0
[ 1954.090333][T13388] total_dirty 0
[ 1954.094027][T13388] total_writeback 0
[ 1954.100321][T13388] total_workingset_refault_anon 5383
[ 1954.105774][T13388] total_workingset_refault_file 1
[ 1954.114581][T13388] total_swap 159744
[ 1954.127220][T13388] total_swapcached 0
[ 1954.134684][T13388] total_pgpgin 131223
[ 1954.147197][T13388] total_pgpgout 131223
[ 1954.152571][T13388] total_pgfault 341979
[ 1954.163951][T13388] total_pgmajfault 5065
[ 1954.168692][T13388] total_inactive_anon 0
[ 1954.172986][T13388] total_active_anon 0
00:48:20 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1954.182876][T13388] total_inactive_file 0
[ 1954.187562][T13388] total_active_file 0
[ 1954.191713][T13388] total_unevictable 0
[ 1954.207825][T13388] anon_cost 0
[ 1954.219473][T13388] file_cost 0
[ 1954.237091][T13388] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13388,uid=0
[ 1954.267289][T13388] Memory cgroup out of memory: Killed process 13388 (syz-executor.1) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
00:48:20 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1954.318929][T13389] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1954.344203][T13389] CPU: 1 PID: 13389 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1954.354702][T13389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1954.364796][T13389] Call Trace:
[ 1954.368122][T13389]  <TASK>
[ 1954.371091][T13389]  dump_stack_lvl+0x1e7/0x2e0
[ 1954.375853][T13389]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1954.381123][T13389]  ? __pfx__printk+0x10/0x10
[ 1954.385775][T13389]  ? ___ratelimit+0x4c4/0x670
[ 1954.390516][T13389]  ? __pfx____ratelimit+0x10/0x10
[ 1954.395595][T13389]  dump_header+0xda/0x6a0
[ 1954.399980][T13389]  oom_kill_process+0x3a7/0x930
[ 1954.404883][T13389]  out_of_memory+0xf67/0x1320
[ 1954.409593][T13389]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1954.415235][T13389]  ? __pfx___mutex_lock+0x10/0x10
[ 1954.420287][T13389]  ? __pfx_out_of_memory+0x10/0x10
[ 1954.425466][T13389]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1954.431163][T13389]  ? __pfx_lock_release+0x10/0x10
[ 1954.436251][T13389]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1954.442378][T13389]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1954.447688][T13389]  ? mem_cgroup_iter+0x3e9/0x560
[ 1954.452649][T13389]  try_charge_memcg+0xda2/0x18a0
[ 1954.457624][T13389]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1954.463105][T13389]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1954.468843][T13389]  ? __pfx_lock_release+0x10/0x10
[ 1954.473889][T13389]  ? memcg_account_kmem+0x1e7/0x210
[ 1954.479118][T13389]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1954.484948][T13389]  __memcg_kmem_charge_page+0xe1/0x250
[ 1954.490431][T13389]  memcg_charge_kernel_stack+0x196/0x550
[ 1954.496083][T13389]  dup_task_struct+0x40d/0x7d0
[ 1954.500870][T13389]  copy_process+0x5d5/0x3fc0
[ 1954.505495][T13389]  ? __might_fault+0xa9/0x120
[ 1954.510195][T13389]  ? __pfx_lock_release+0x10/0x10
[ 1954.515244][T13389]  ? __lock_acquire+0x1345/0x1fd0
[ 1954.520288][T13389]  ? __pfx_copy_process+0x10/0x10
[ 1954.525328][T13389]  ? __might_fault+0xc5/0x120
[ 1954.530023][T13389]  ? __asan_memset+0x23/0x50
[ 1954.534636][T13389]  kernel_clone+0x21d/0x8d0
[ 1954.539335][T13389]  ? __pfx_kernel_clone+0x10/0x10
[ 1954.544385][T13389]  ? __pfx_lock_release+0x10/0x10
[ 1954.549438][T13389]  __se_sys_clone3+0x2cb/0x350
[ 1954.554221][T13389]  ? __might_fault+0xa9/0x120
[ 1954.558917][T13389]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1954.564248][T13389]  ? rcu_is_watching+0x15/0xb0
[ 1954.569062][T13389]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1954.575079][T13389]  ? exc_page_fault+0x587/0x870
[ 1954.579957][T13389]  ? do_syscall_64+0xb4/0x240
[ 1954.584656][T13389]  do_syscall_64+0xf9/0x240
[ 1954.589187][T13389]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1954.595105][T13389] RIP: 0033:0x7fc7360a9b99
[ 1954.599535][T13389] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1954.619154][T13389] RSP: 002b:00007ffeef0080a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1954.627842][T13389] RAX: ffffffffffffffda RBX: 00007fc736052270 RCX: 00007fc7360a9b99
[ 1954.635826][T13389] RDX: 00007fc736052270 RSI: 0000000000000058 RDI: 00007ffeef0080f0
[ 1954.643828][T13389] RBP: 00007fc736ec76c0 R08: 00007fc736ec76c0 R09: 00007ffeef0081d7
[ 1954.651840][T13389] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1954.659838][T13389] R13: 000000000000000b R14: 00007ffeef0080f0 R15: 00007ffeef0081d8
[ 1954.667840][T13389]  </TASK>
[ 1954.865576][T13389] memory: usage 307200kB, limit 307200kB, failcnt 82891
[ 1954.902030][T13389] memory+swap: usage 307372kB, limit 9007199254740988kB, failcnt 0
[ 1954.915018][T13389] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1954.923857][T13389] Memory cgroup stats for /syz2:
[ 1954.924013][T13389] cache 0
[ 1954.932431][T13389] rss 16384
[ 1954.940606][T13389] rss_huge 0
[ 1954.943851][T13389] shmem 0
[ 1954.946807][T13389] mapped_file 0
[ 1954.952155][T13389] dirty 0
[ 1954.955134][T13389] writeback 0
[ 1954.963358][T13389] workingset_refault_anon 53464
[ 1954.969942][T13389] workingset_refault_file 1
[ 1954.976603][T13389] swap 159744
[ 1954.984401][T13389] swapcached 8192
[ 1954.990302][T13389] pgpgin 179644
[ 1954.993889][T13389] pgpgout 179640
[ 1955.002889][T13389] pgfault 394148
[ 1955.006527][T13389] pgmajfault 49481
[ 1955.016190][T13389] inactive_anon 0
[ 1955.025035][T13389] active_anon 16384
[ 1955.030588][T13389] inactive_file 0
[ 1955.034358][T13389] active_file 0
[ 1955.042656][T13389] unevictable 0
[ 1955.046161][T13389] hierarchical_memory_limit 314572800
[ 1955.053554][T13389] hierarchical_memsw_limit 9223372036854771712
[ 1955.064621][T13389] total_cache 0
[ 1955.069783][T13389] total_rss 16384
[ 1955.073537][T13389] total_rss_huge 0
[ 1955.086542][T13389] total_shmem 0
[ 1955.096878][T13389] total_mapped_file 0
[ 1955.101440][T13389] total_dirty 0
[ 1955.104937][T13389] total_writeback 0
[ 1955.109615][T13389] total_workingset_refault_anon 53464
[ 1955.124308][T13389] total_workingset_refault_file 1
[ 1955.135412][T13389] total_swap 159744
[ 1955.139767][T13389] total_swapcached 8192
[ 1955.143964][T13389] total_pgpgin 179644
[ 1955.154193][T13389] total_pgpgout 179640
[ 1955.167227][T13389] total_pgfault 394148
[ 1955.171358][T13389] total_pgmajfault 49481
[ 1955.175638][T13389] total_inactive_anon 0
[ 1955.190619][T13389] total_active_anon 16384
[ 1955.195018][T13389] total_inactive_file 0
[ 1955.200835][T13389] total_active_file 0
[ 1955.204858][T13389] total_unevictable 0
[ 1955.213743][T13389] anon_cost 0
[ 1955.217949][T13389] file_cost 0
[ 1955.221281][T13389] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13389,uid=0
[ 1955.256610][T13389] Memory cgroup out of memory: Killed process 13389 (syz-executor.2) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:48:21 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1955.490949][T13393] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1955.516535][T13393] CPU: 0 PID: 13393 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1955.527026][T13393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1955.537127][T13393] Call Trace:
[ 1955.540448][T13393]  <TASK>
[ 1955.543415][T13393]  dump_stack_lvl+0x1e7/0x2e0
[ 1955.548154][T13393]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1955.553414][T13393]  ? __pfx__printk+0x10/0x10
[ 1955.558060][T13393]  ? ___ratelimit+0x4c4/0x670
[ 1955.562803][T13393]  ? __pfx____ratelimit+0x10/0x10
[ 1955.567897][T13393]  dump_header+0xda/0x6a0
[ 1955.572288][T13393]  oom_kill_process+0x3a7/0x930
[ 1955.577229][T13393]  out_of_memory+0xf67/0x1320
[ 1955.581982][T13393]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1955.587676][T13393]  ? __pfx___mutex_lock+0x10/0x10
[ 1955.592759][T13393]  ? __pfx_out_of_memory+0x10/0x10
[ 1955.597949][T13393]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1955.603571][T13393]  ? __pfx_lock_release+0x10/0x10
[ 1955.608660][T13393]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1955.614788][T13393]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1955.620054][T13393]  ? mem_cgroup_iter+0x3e9/0x560
[ 1955.625056][T13393]  try_charge_memcg+0xda2/0x18a0
[ 1955.630075][T13393]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1955.635507][T13393]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1955.641379][T13393]  ? __pfx_lock_release+0x10/0x10
[ 1955.646470][T13393]  ? memcg_account_kmem+0x1e7/0x210
[ 1955.651745][T13393]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1955.657615][T13393]  __memcg_kmem_charge_page+0xe1/0x250
[ 1955.663211][T13393]  memcg_charge_kernel_stack+0x304/0x550
[ 1955.668865][T13393]  dup_task_struct+0x15d/0x7d0
[ 1955.673642][T13393]  copy_process+0x5d5/0x3fc0
[ 1955.678346][T13393]  ? __might_fault+0xa9/0x120
[ 1955.683034][T13393]  ? __pfx_lock_release+0x10/0x10
[ 1955.688080][T13393]  ? __pfx_copy_process+0x10/0x10
[ 1955.693119][T13393]  ? __might_fault+0xc5/0x120
[ 1955.697816][T13393]  ? __asan_memset+0x23/0x50
[ 1955.702423][T13393]  kernel_clone+0x21d/0x8d0
[ 1955.706941][T13393]  ? __pfx_kernel_clone+0x10/0x10
[ 1955.711993][T13393]  __se_sys_clone3+0x2cb/0x350
[ 1955.716772][T13393]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1955.722094][T13393]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1955.728125][T13393]  ? exc_page_fault+0x587/0x870
[ 1955.732991][T13393]  ? do_syscall_64+0xb4/0x240
[ 1955.737682][T13393]  do_syscall_64+0xf9/0x240
[ 1955.742208][T13393]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1955.748137][T13393] RIP: 0033:0x7fa936ca9b99
[ 1955.752558][T13393] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1955.772175][T13393] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1955.780608][T13393] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1955.788589][T13393] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1955.796574][T13393] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
[ 1955.804602][T13393] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1955.812606][T13393] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1955.820604][T13393]  </TASK>
[ 1955.832962][T13393] memory: usage 307200kB, limit 307200kB, failcnt 13992
[ 1955.848880][T13393] memory+swap: usage 307392kB, limit 9007199254740988kB, failcnt 0
[ 1955.856976][T13393] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1955.865014][T13393] Memory cgroup stats for /syz1:
[ 1955.865147][T13393] cache 0
[ 1955.873787][T13393] rss 0
[ 1955.876685][T13393] rss_huge 0
[ 1955.962720][T13393] shmem 0
[ 1955.965849][T13393] mapped_file 0
[ 1955.969956][T13393] dirty 0
[ 1955.973014][T13393] writeback 0
[ 1955.976408][T13393] workingset_refault_anon 5470
[ 1955.981948][T13393] workingset_refault_file 1
[ 1955.986631][T13393] swap 196608
[ 1956.012534][T13393] swapcached 0
[ 1956.015979][T13393] pgpgin 131321
[ 1956.020125][T13393] pgpgout 131321
[ 1956.023772][T13393] pgfault 342127
[ 1956.027949][T13393] pgmajfault 5144
[ 1956.031622][T13393] inactive_anon 0
[ 1956.035379][T13393] active_anon 0
[ 1956.039650][T13393] inactive_file 0
[ 1956.043547][T13393] active_file 0
[ 1956.047689][T13393] unevictable 0
[ 1956.051388][T13393] hierarchical_memory_limit 314572800
[ 1956.056902][T13393] hierarchical_memsw_limit 9223372036854771712
[ 1956.063817][T13393] total_cache 0
[ 1956.071762][T13393] total_rss 0
[ 1956.075187][T13393] total_rss_huge 0
[ 1956.079602][T13393] total_shmem 0
[ 1956.083192][T13393] total_mapped_file 0
[ 1956.087821][T13393] total_dirty 0
[ 1956.091414][T13393] total_writeback 0
[ 1956.095354][T13393] total_workingset_refault_anon 5470
[ 1956.103023][T13393] total_workingset_refault_file 1
[ 1956.108698][T13393] total_swap 196608
[ 1956.112651][T13393] total_swapcached 0
[ 1956.116666][T13393] total_pgpgin 131321
[ 1956.121794][T13393] total_pgpgout 131321
[ 1956.125993][T13393] total_pgfault 342127
[ 1956.130711][T13393] total_pgmajfault 5144
[ 1956.134992][T13393] total_inactive_anon 0
[ 1956.139875][T13393] total_active_anon 0
[ 1956.144265][T13393] total_inactive_file 0
[ 1956.150668][T13393] total_active_file 0
[ 1956.154772][T13393] total_unevictable 0
[ 1956.161275][T13393] anon_cost 0
[ 1956.164696][T13393] file_cost 0
[ 1956.172558][T13393] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13393,uid=0
[ 1956.191956][T13393] Memory cgroup out of memory: Killed process 13393 (syz-executor.1) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
00:48:22 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1956.724021][T13395] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1956.771577][T13395] CPU: 0 PID: 13395 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1956.782272][T13395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1956.792377][T13395] Call Trace:
[ 1956.795700][T13395]  <TASK>
[ 1956.798668][T13395]  dump_stack_lvl+0x1e7/0x2e0
[ 1956.803407][T13395]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1956.808656][T13395]  ? __pfx__printk+0x10/0x10
[ 1956.813292][T13395]  ? ___ratelimit+0x4c4/0x670
[ 1956.818037][T13395]  ? __pfx____ratelimit+0x10/0x10
[ 1956.823118][T13395]  dump_header+0xda/0x6a0
[ 1956.827589][T13395]  oom_kill_process+0x3a7/0x930
[ 1956.832499][T13395]  out_of_memory+0xf67/0x1320
[ 1956.837230][T13395]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1956.842915][T13395]  ? __pfx___mutex_lock+0x10/0x10
[ 1956.848001][T13395]  ? __pfx_out_of_memory+0x10/0x10
[ 1956.853178][T13395]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1956.858775][T13395]  ? __pfx_lock_release+0x10/0x10
[ 1956.863857][T13395]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1956.869971][T13395]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1956.875190][T13395]  ? mem_cgroup_iter+0x3e9/0x560
[ 1956.880153][T13395]  try_charge_memcg+0xda2/0x18a0
[ 1956.885126][T13395]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1956.890513][T13395]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1956.896243][T13395]  ? __pfx_lock_release+0x10/0x10
[ 1956.901290][T13395]  ? memcg_account_kmem+0x1e7/0x210
[ 1956.906513][T13395]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1956.912336][T13395]  __memcg_kmem_charge_page+0xe1/0x250
[ 1956.917818][T13395]  memcg_charge_kernel_stack+0x304/0x550
[ 1956.923473][T13395]  dup_task_struct+0x40d/0x7d0
[ 1956.928257][T13395]  copy_process+0x5d5/0x3fc0
[ 1956.932879][T13395]  ? __might_fault+0xa9/0x120
[ 1956.937570][T13395]  ? __pfx_lock_release+0x10/0x10
[ 1956.942623][T13395]  ? __pfx_copy_process+0x10/0x10
[ 1956.947659][T13395]  ? __might_fault+0xc5/0x120
[ 1956.952357][T13395]  ? __asan_memset+0x23/0x50
[ 1956.956968][T13395]  kernel_clone+0x21d/0x8d0
[ 1956.961495][T13395]  ? __pfx_kernel_clone+0x10/0x10
[ 1956.966548][T13395]  __se_sys_clone3+0x2cb/0x350
[ 1956.971332][T13395]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1956.976666][T13395]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1956.982694][T13395]  ? exc_page_fault+0x587/0x870
[ 1956.987581][T13395]  ? do_syscall_64+0xb4/0x240
[ 1956.992282][T13395]  do_syscall_64+0xf9/0x240
[ 1956.996812][T13395]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1957.002730][T13395] RIP: 0033:0x7fa936ca9b99
[ 1957.007191][T13395] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1957.026817][T13395] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1957.035307][T13395] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1957.043405][T13395] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1957.051497][T13395] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
[ 1957.059481][T13395] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1957.067464][T13395] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1957.075458][T13395]  </TASK>
[ 1957.235319][T13395] memory: usage 307200kB, limit 307200kB, failcnt 14359
[ 1957.254574][T13395] memory+swap: usage 307384kB, limit 9007199254740988kB, failcnt 0
[ 1957.267126][T13395] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1957.274475][T13395] Memory cgroup stats for /syz1:
[ 1957.274623][T13395] cache 0
[ 1957.282663][T13395] rss 8192
[ 1957.285709][T13395] rss_huge 0
[ 1957.289115][T13395] shmem 0
[ 1957.292083][T13395] mapped_file 0
[ 1957.295561][T13395] dirty 0
[ 1957.299075][T13395] writeback 0
[ 1957.302388][T13395] workingset_refault_anon 5540
[ 1957.309258][T13395] workingset_refault_file 1
[ 1957.313810][T13395] swap 180224
00:48:23 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ea]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1957.346014][T13395] swapcached 8192
[ 1957.350006][T13395] pgpgin 131403
[ 1957.353510][T13395] pgpgout 131401
[ 1957.367254][T13395] pgfault 342261
[ 1957.371775][T13395] pgmajfault 5205
[ 1957.375452][T13395] inactive_anon 0
[ 1957.386910][T13395] active_anon 8192
[ 1957.391193][T13395] inactive_file 0
[ 1957.394925][T13395] active_file 0
[ 1957.400175][T13395] unevictable 0
[ 1957.403676][T13395] hierarchical_memory_limit 314572800
[ 1957.417080][T13395] hierarchical_memsw_limit 9223372036854771712
[ 1957.423296][T13395] total_cache 0
[ 1957.426924][T13395] total_rss 8192
[ 1957.440009][T13395] total_rss_huge 0
[ 1957.443791][T13395] total_shmem 0
[ 1957.450293][T13395] total_mapped_file 0
[ 1957.454330][T13395] total_dirty 0
[ 1957.467640][T13395] total_writeback 0
[ 1957.471598][T13395] total_workingset_refault_anon 5540
[ 1957.476908][T13395] total_workingset_refault_file 1
[ 1957.498481][T13395] total_swap 180224
[ 1957.502356][T13395] total_swapcached 8192
[ 1957.506546][T13395] total_pgpgin 131403
[ 1957.524605][T13395] total_pgpgout 131401
[ 1957.529832][T13395] total_pgfault 342261
[ 1957.551864][T13395] total_pgmajfault 5205
[ 1957.556087][T13395] total_inactive_anon 0
[ 1957.569302][T13395] total_active_anon 8192
[ 1957.573613][T13395] total_inactive_file 0
[ 1957.593894][T13395] total_active_file 0
[ 1957.607210][T13395] total_unevictable 0
[ 1957.611270][T13395] anon_cost 0
[ 1957.614581][T13395] file_cost 0
[ 1957.623089][T13395] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13395,uid=0
[ 1957.639617][T13395] Memory cgroup out of memory: Killed process 13395 (syz-executor.1) total-vm:54508kB, anon-rss:424kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
[ 1957.720466][T13394] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1957.762951][T13394] CPU: 1 PID: 13394 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1957.773436][T13394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1957.783530][T13394] Call Trace:
[ 1957.786847][T13394]  <TASK>
[ 1957.789811][T13394]  dump_stack_lvl+0x1e7/0x2e0
[ 1957.794556][T13394]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1957.799809][T13394]  ? __pfx__printk+0x10/0x10
[ 1957.804473][T13394]  ? ___ratelimit+0x4c4/0x670
[ 1957.809205][T13394]  ? __pfx____ratelimit+0x10/0x10
[ 1957.814286][T13394]  dump_header+0xda/0x6a0
[ 1957.818667][T13394]  oom_kill_process+0x3a7/0x930
[ 1957.823543][T13394]  out_of_memory+0xf67/0x1320
[ 1957.828239][T13394]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1957.833884][T13394]  ? __pfx___mutex_lock+0x10/0x10
[ 1957.838921][T13394]  ? __pfx_out_of_memory+0x10/0x10
[ 1957.844056][T13394]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1957.849617][T13394]  ? __pfx_lock_release+0x10/0x10
[ 1957.854672][T13394]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1957.860760][T13394]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1957.865972][T13394]  ? mem_cgroup_iter+0x3e9/0x560
[ 1957.870945][T13394]  try_charge_memcg+0xda2/0x18a0
[ 1957.876033][T13394]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1957.881433][T13394]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1957.887188][T13394]  ? __pfx_lock_release+0x10/0x10
[ 1957.892252][T13394]  ? memcg_account_kmem+0x1e7/0x210
[ 1957.897483][T13394]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1957.903396][T13394]  __memcg_kmem_charge_page+0xe1/0x250
[ 1957.908883][T13394]  memcg_charge_kernel_stack+0x3f8/0x550
[ 1957.914539][T13394]  dup_task_struct+0x40d/0x7d0
[ 1957.919318][T13394]  copy_process+0x5d5/0x3fc0
[ 1957.923930][T13394]  ? __might_fault+0xa9/0x120
[ 1957.928622][T13394]  ? __pfx_lock_release+0x10/0x10
[ 1957.933677][T13394]  ? __pfx_copy_process+0x10/0x10
[ 1957.938708][T13394]  ? __might_fault+0xc5/0x120
[ 1957.943406][T13394]  ? __asan_memset+0x23/0x50
[ 1957.948033][T13394]  kernel_clone+0x21d/0x8d0
[ 1957.952575][T13394]  ? __pfx_kernel_clone+0x10/0x10
[ 1957.957661][T13394]  __se_sys_clone3+0x2cb/0x350
[ 1957.962532][T13394]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1957.967843][T13394]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1957.973846][T13394]  ? exc_page_fault+0x587/0x870
[ 1957.978714][T13394]  ? do_syscall_64+0xb4/0x240
[ 1957.983411][T13394]  do_syscall_64+0xf9/0x240
[ 1957.987937][T13394]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1957.993854][T13394] RIP: 0033:0x7fc7360a9b99
[ 1957.998280][T13394] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1958.017896][T13394] RSP: 002b:00007ffeef0080a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1958.026321][T13394] RAX: ffffffffffffffda RBX: 00007fc736052270 RCX: 00007fc7360a9b99
[ 1958.034304][T13394] RDX: 00007fc736052270 RSI: 0000000000000058 RDI: 00007ffeef0080f0
[ 1958.042280][T13394] RBP: 00007fc736ec76c0 R08: 00007fc736ec76c0 R09: 00007ffeef0081d7
[ 1958.050867][T13394] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
00:48:24 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1958.058848][T13394] R13: 000000000000000b R14: 00007ffeef0080f0 R15: 00007ffeef0081d8
[ 1958.066866][T13394]  </TASK>
[ 1958.130576][T13394] memory: usage 307200kB, limit 307200kB, failcnt 83414
[ 1958.149809][T13394] memory+swap: usage 307372kB, limit 9007199254740988kB, failcnt 0
[ 1958.165171][T13394] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1958.172803][T13394] Memory cgroup stats for /syz2:
[ 1958.172947][T13394] cache 0
[ 1958.186504][T13394] rss 0
[ 1958.189514][T13394] rss_huge 0
[ 1958.192841][T13394] shmem 0
[ 1958.195915][T13394] mapped_file 0
[ 1958.204009][T13394] dirty 0
[ 1958.210503][T13394] writeback 0
[ 1958.217288][T13394] workingset_refault_anon 53639
[ 1958.228726][T13394] workingset_refault_file 1
[ 1958.242132][T13394] swap 176128
[ 1958.245598][T13394] swapcached 0
[ 1958.251578][T13394] pgpgin 179831
[ 1958.255076][T13394] pgpgout 179831
[ 1958.266466][T13394] pgfault 394415
[ 1958.275006][T13394] pgmajfault 49634
[ 1958.283296][T13394] inactive_anon 0
[ 1958.286963][T13394] active_anon 0
[ 1958.298479][T13394] inactive_file 0
[ 1958.302205][T13394] active_file 0
[ 1958.305690][T13394] unevictable 0
[ 1958.323565][T13394] hierarchical_memory_limit 314572800
[ 1958.335013][T13394] hierarchical_memsw_limit 9223372036854771712
[ 1958.355178][T13394] total_cache 0
[ 1958.362482][T13394] total_rss 0
[ 1958.370504][T13394] total_rss_huge 0
[ 1958.378979][T13394] total_shmem 0
[ 1958.386225][T13394] total_mapped_file 0
[ 1958.394992][T13394] total_dirty 0
[ 1958.403130][T13394] total_writeback 0
[ 1958.411710][T13394] total_workingset_refault_anon 53639
[ 1958.423455][T13394] total_workingset_refault_file 1
[ 1958.436507][T13394] total_swap 176128
[ 1958.458721][T13394] total_swapcached 0
[ 1958.467793][T13394] total_pgpgin 179831
[ 1958.478568][T13394] total_pgpgout 179831
[ 1958.485004][T13394] total_pgfault 394415
[ 1958.489525][T13394] total_pgmajfault 49634
[ 1958.493890][T13394] total_inactive_anon 0
[ 1958.498425][T13394] total_active_anon 0
[ 1958.502537][T13394] total_inactive_file 0
[ 1958.506822][T13394] total_active_file 0
[ 1958.511425][T13394] total_unevictable 0
[ 1958.515552][T13394] anon_cost 0
[ 1958.519713][T13394] file_cost 0
[ 1958.523144][T13394] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13394,uid=0
[ 1958.545006][T13394] Memory cgroup out of memory: Killed process 13394 (syz-executor.2) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 1958.607343][T13398] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1958.626080][T13398] CPU: 0 PID: 13398 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1958.636577][T13398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1958.646707][T13398] Call Trace:
[ 1958.650032][T13398]  <TASK>
[ 1958.652997][T13398]  dump_stack_lvl+0x1e7/0x2e0
[ 1958.657729][T13398]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1958.662977][T13398]  ? __pfx__printk+0x10/0x10
[ 1958.667607][T13398]  ? ___ratelimit+0x4c4/0x670
[ 1958.672342][T13398]  ? __pfx____ratelimit+0x10/0x10
[ 1958.677409][T13398]  dump_header+0xda/0x6a0
[ 1958.681771][T13398]  oom_kill_process+0x3a7/0x930
[ 1958.686678][T13398]  out_of_memory+0xf67/0x1320
[ 1958.691410][T13398]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1958.697090][T13398]  ? __pfx___mutex_lock+0x10/0x10
[ 1958.702166][T13398]  ? __pfx_out_of_memory+0x10/0x10
[ 1958.707340][T13398]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1958.712933][T13398]  ? __pfx_lock_release+0x10/0x10
[ 1958.718011][T13398]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1958.724132][T13398]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1958.729378][T13398]  ? mem_cgroup_iter+0x3e9/0x560
[ 1958.734367][T13398]  try_charge_memcg+0xda2/0x18a0
[ 1958.739372][T13398]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1958.744786][T13398]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1958.750553][T13398]  ? __pfx_lock_release+0x10/0x10
[ 1958.755634][T13398]  ? memcg_account_kmem+0x1e7/0x210
[ 1958.760905][T13398]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1958.766762][T13398]  __memcg_kmem_charge_page+0xe1/0x250
[ 1958.772281][T13398]  memcg_charge_kernel_stack+0x304/0x550
[ 1958.777973][T13398]  dup_task_struct+0x15d/0x7d0
[ 1958.782791][T13398]  copy_process+0x5d5/0x3fc0
[ 1958.787442][T13398]  ? __might_fault+0xa9/0x120
[ 1958.792167][T13398]  ? __pfx_lock_release+0x10/0x10
[ 1958.797244][T13398]  ? __lock_acquire+0x1345/0x1fd0
[ 1958.802324][T13398]  ? __pfx_copy_process+0x10/0x10
[ 1958.807391][T13398]  ? __might_fault+0xc5/0x120
[ 1958.812117][T13398]  ? __asan_memset+0x23/0x50
[ 1958.816761][T13398]  kernel_clone+0x21d/0x8d0
[ 1958.821315][T13398]  ? __pfx_kernel_clone+0x10/0x10
[ 1958.826392][T13398]  ? __pfx_lock_release+0x10/0x10
[ 1958.831473][T13398]  __se_sys_clone3+0x2cb/0x350
[ 1958.836296][T13398]  ? __might_fault+0xa9/0x120
[ 1958.841027][T13398]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1958.846356][T13398]  ? rcu_is_watching+0x15/0xb0
[ 1958.851184][T13398]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1958.857231][T13398]  ? exc_page_fault+0x587/0x870
[ 1958.862137][T13398]  ? do_syscall_64+0xb4/0x240
[ 1958.866871][T13398]  do_syscall_64+0xf9/0x240
[ 1958.871436][T13398]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1958.877385][T13398] RIP: 0033:0x7fa936ca9b99
[ 1958.881854][T13398] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1958.901504][T13398] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1958.909970][T13398] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1958.917991][T13398] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1958.926007][T13398] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
[ 1958.934025][T13398] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1958.942057][T13398] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1958.950095][T13398]  </TASK>
[ 1958.956813][T13398] memory: usage 307200kB, limit 307200kB, failcnt 14670
00:48:25 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1958.980217][T13398] memory+swap: usage 307356kB, limit 9007199254740988kB, failcnt 0
[ 1958.995868][T13398] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1959.014768][T13398] Memory cgroup stats for /syz1:
[ 1959.014922][T13398] cache 0
[ 1959.031579][T13398] rss 12288
[ 1959.036968][T13398] rss_huge 0
[ 1959.041856][T13398] shmem 0
[ 1959.044827][T13398] mapped_file 0
[ 1959.066825][T13398] dirty 0
[ 1959.079765][T13398] writeback 0
[ 1959.095993][T13398] workingset_refault_anon 5661
[ 1959.107087][T13398] workingset_refault_file 1
[ 1959.111648][T13398] swap 184320
[ 1959.114959][T13398] swapcached 12288
[ 1959.154090][T13398] pgpgin 131535
[ 1959.162210][T13398] pgpgout 131531
[ 1959.165816][T13398] pgfault 342452
[ 1959.197327][T13398] pgmajfault 5317
[ 1959.201032][T13398] inactive_anon 16384
[ 1959.205046][T13398] active_anon 0
[ 1959.214525][T13398] inactive_file 0
[ 1959.222595][T13398] active_file 0
[ 1959.230556][T13398] unevictable 0
[ 1959.237963][T13398] hierarchical_memory_limit 314572800
[ 1959.250046][T13398] hierarchical_memsw_limit 9223372036854771712
[ 1959.263002][T13398] total_cache 0
[ 1959.270878][T13398] total_rss 12288
[ 1959.281472][T13398] total_rss_huge 0
[ 1959.297158][T13398] total_shmem 0
[ 1959.300673][T13398] total_mapped_file 0
[ 1959.304676][T13398] total_dirty 0
[ 1959.321078][T13398] total_writeback 0
[ 1959.329384][T13398] total_workingset_refault_anon 5661
[ 1959.341236][T13398] total_workingset_refault_file 1
[ 1959.352204][T13398] total_swap 184320
[ 1959.356074][T13398] total_swapcached 12288
[ 1959.369873][T13398] total_pgpgin 131535
[ 1959.380663][T13398] total_pgpgout 131531
[ 1959.390217][T13398] total_pgfault 342452
[ 1959.394871][T13398] total_pgmajfault 5317
[ 1959.404578][T13398] total_inactive_anon 16384
[ 1959.419024][T13398] total_active_anon 0
[ 1959.423056][T13398] total_inactive_file 0
[ 1959.436220][T13398] total_active_file 0
[ 1959.445363][T13398] total_unevictable 0
[ 1959.454454][T13398] anon_cost 0
[ 1959.462803][T13398] file_cost 0
[ 1959.466142][T13398] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13398,uid=0
[ 1959.505113][T13398] Memory cgroup out of memory: Killed process 13398 (syz-executor.1) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
[ 1959.556729][ T5110] syz-executor.2 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1959.612703][ T5110] CPU: 0 PID: 5110 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1959.623108][ T5110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1959.633223][ T5110] Call Trace:
[ 1959.636544][ T5110]  <TASK>
[ 1959.639517][ T5110]  dump_stack_lvl+0x1e7/0x2e0
[ 1959.644255][ T5110]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1959.649518][ T5110]  ? __pfx__printk+0x10/0x10
[ 1959.654162][ T5110]  ? ___ratelimit+0x4c4/0x670
[ 1959.658901][ T5110]  ? __pfx____ratelimit+0x10/0x10
[ 1959.664042][ T5110]  dump_header+0xda/0x6a0
[ 1959.668499][ T5110]  oom_kill_process+0x3a7/0x930
[ 1959.673415][ T5110]  out_of_memory+0xf67/0x1320
[ 1959.678158][ T5110]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1959.683843][ T5110]  ? __pfx___mutex_lock+0x10/0x10
[ 1959.688922][ T5110]  ? __pfx_out_of_memory+0x10/0x10
[ 1959.694113][ T5110]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1959.699732][ T5110]  ? __pfx_lock_release+0x10/0x10
[ 1959.704814][ T5110]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1959.710943][ T5110]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1959.716203][ T5110]  ? mem_cgroup_iter+0x3e9/0x560
[ 1959.721201][ T5110]  try_charge_memcg+0xda2/0x18a0
[ 1959.726190][ T5110]  ? mark_lock+0x9a/0x350
[ 1959.730597][ T5110]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1959.736055][ T5110]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1959.742260][ T5110]  charge_memcg+0xa2/0x160
[ 1959.746747][ T5110]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1959.752879][ T5110]  __read_swap_cache_async+0x480/0x8b0
[ 1959.758401][ T5110]  ? mark_lock+0x9a/0x350
[ 1959.762796][ T5110]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1959.768854][ T5110]  swap_cluster_readahead+0x67c/0x810
[ 1959.774308][ T5110]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1959.780274][ T5110]  ? __pfx_lock_release+0x10/0x10
[ 1959.785362][ T5110]  ? xas_descend+0x37e/0x470
[ 1959.790027][ T5110]  swapin_readahead+0x1ea/0x1070
[ 1959.795023][ T5110]  ? filemap_get_entry+0x127/0x4e0
[ 1959.800210][ T5110]  ? __pfx_swapin_readahead+0x10/0x10
[ 1959.805655][ T5110]  ? __filemap_get_folio+0x935/0xbc0
[ 1959.811015][ T5110]  ? swap_cache_get_folio+0x9f/0x570
[ 1959.816365][ T5110]  do_swap_page+0x791/0x3f40
[ 1959.821018][ T5110]  ? rcu_is_watching+0x15/0xb0
[ 1959.825859][ T5110]  ? do_swap_page+0x154/0x3f40
[ 1959.830670][ T5110]  ? __pfx_do_swap_page+0x10/0x10
[ 1959.835745][ T5110]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1959.841262][ T5110]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1959.847146][ T5110]  ? __pfx_validate_chain+0x10/0x10
[ 1959.852420][ T5110]  __handle_mm_fault+0x15e8/0x72d0
[ 1959.857714][ T5110]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1959.863239][ T5110]  ? mt_find+0x226/0x850
[ 1959.867541][ T5110]  ? __pfx_lock_release+0x10/0x10
[ 1959.872637][ T5110]  ? mt_find+0x62d/0x850
[ 1959.876940][ T5110]  ? mt_find+0x226/0x850
[ 1959.881257][ T5110]  ? find_vma+0x142/0x1c0
[ 1959.885615][ T5110]  ? __pfx_find_vma+0x10/0x10
[ 1959.890322][ T5110]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1959.896354][ T5110]  handle_mm_fault+0x3c1/0x8a0
[ 1959.901181][ T5110]  exc_page_fault+0x2ad/0x870
[ 1959.905922][ T5110]  asm_exc_page_fault+0x26/0x30
[ 1959.910821][ T5110] RIP: 0010:__get_user_8+0x11/0x20
[ 1959.915980][ T5110] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 1959.935637][ T5110] RSP: 0018:ffffc90003e1fd98 EFLAGS: 00050202
[ 1959.941760][ T5110] RAX: 0000555555f24da8 RBX: ffff88801ce9ee78 RCX: ffffc90003e1fc03
[ 1959.949784][ T5110] RDX: 0000000000000000 RSI: ffffffff8baac7e0 RDI: ffffffff8bfe6de0
[ 1959.957806][ T5110] RBP: ffffc90003e1fec8 R08: ffffffff8f856baf R09: 1ffffffff1f0ad75
[ 1959.965823][ T5110] R10: dffffc0000000000 R11: fffffbfff1f0ad76 R12: ffffc90003e1fda0
[ 1959.973842][ T5110] R13: ffffc90003e1ffd8 R14: dffffc0000000000 R15: ffff88801ce9d940
[ 1959.981867][ T5110]  __rseq_handle_notify_resume+0x158/0x1490
[ 1959.988775][ T5110]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 1959.995187][ T5110]  ? syscall_exit_to_user_mode+0xa2/0x360
[ 1960.000970][ T5110]  syscall_exit_to_user_mode+0x113/0x360
[ 1960.006666][ T5110]  do_syscall_64+0x108/0x240
[ 1960.011312][ T5110]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1960.017264][ T5110] RIP: 0033:0x7fc7360a91b5
[ 1960.021722][ T5110] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[ 1960.041373][ T5110] RSP: 002b:00007ffeef008480 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 1960.049849][ T5110] RAX: 0000000000000000 RBX: 00000000000035c5 RCX: 00007fc7360a91b5
[ 1960.057872][ T5110] RDX: 00007ffeef0084c0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1960.065890][ T5110] RBP: 00007ffeef00854c R08: 0000000000000000 R09: 00007ffeef05f0b0
[ 1960.073982][ T5110] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 1960.081982][ T5110] R13: 00000000001de49e R14: 00000000001de49e R15: 0000000000000000
[ 1960.090015][ T5110]  </TASK>
[ 1960.124746][ T5110] memory: usage 307200kB, limit 307200kB, failcnt 83887
[ 1960.135848][ T5110] memory+swap: usage 307372kB, limit 9007199254740988kB, failcnt 0
[ 1960.146424][ T5110] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1960.160507][ T5110] Memory cgroup stats for /syz2:
[ 1960.160662][ T5110] cache 0
[ 1960.171325][ T5110] rss 0
[ 1960.174138][ T5110] rss_huge 0
[ 1960.181307][ T5110] shmem 0
[ 1960.184298][ T5110] mapped_file 0
[ 1960.191260][ T5110] dirty 0
[ 1960.194242][ T5110] writeback 0
[ 1960.203419][ T5110] workingset_refault_anon 53810
[ 1960.215333][ T5110] workingset_refault_file 1
[ 1960.226201][ T5110] swap 176128
[ 1960.232540][ T5110] swapcached 0
[ 1960.235968][ T5110] pgpgin 180014
[ 1960.243405][ T5110] pgpgout 180014
[ 1960.249631][ T5110] pgfault 394679
[ 1960.253228][ T5110] pgmajfault 49781
[ 1960.256972][ T5110] inactive_anon 0
[ 1960.264470][ T5110] active_anon 0
[ 1960.270855][ T5110] inactive_file 0
[ 1960.274553][ T5110] active_file 0
[ 1960.285617][ T5110] unevictable 0
[ 1960.292189][ T5110] hierarchical_memory_limit 314572800
[ 1960.301849][ T5110] hierarchical_memsw_limit 9223372036854771712
[ 1960.312892][ T5110] total_cache 0
[ 1960.316413][ T5110] total_rss 0
[ 1960.324801][ T5110] total_rss_huge 0
[ 1960.334190][ T5110] total_shmem 0
[ 1960.339162][ T5110] total_mapped_file 0
[ 1960.343259][ T5110] total_dirty 0
[ 1960.346754][ T5110] total_writeback 0
[ 1960.355778][ T5110] total_workingset_refault_anon 53810
[ 1960.376139][ T5110] total_workingset_refault_file 1
[ 1960.381785][ T5110] total_swap 176128
[ 1960.385663][ T5110] total_swapcached 0
[ 1960.397085][ T5110] total_pgpgin 180014
[ 1960.407526][ T5110] total_pgpgout 180014
[ 1960.411650][ T5110] total_pgfault 394679
[ 1960.415749][ T5110] total_pgmajfault 49781
[ 1960.434820][ T5110] total_inactive_anon 0
[ 1960.447179][ T5110] total_active_anon 0
[ 1960.451233][ T5110] total_inactive_file 0
[ 1960.461669][ T5110] total_active_file 0
[ 1960.465711][ T5110] total_unevictable 0
[ 1960.471652][ T5110] anon_cost 0
[ 1960.475071][ T5110] file_cost 0
00:48:26 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x15]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1960.483038][ T5110] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13399,uid=0
[ 1960.505959][ T5110] Memory cgroup out of memory: Killed process 13399 (syz-executor.2) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:48:26 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1961.143117][ T5099] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1961.196102][ T5099] CPU: 1 PID: 5099 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1961.206532][ T5099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1961.216654][ T5099] Call Trace:
[ 1961.219975][ T5099]  <TASK>
[ 1961.222944][ T5099]  dump_stack_lvl+0x1e7/0x2e0
[ 1961.227682][ T5099]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1961.232943][ T5099]  ? __pfx__printk+0x10/0x10
[ 1961.237579][ T5099]  ? ___ratelimit+0x4c4/0x670
[ 1961.242301][ T5099]  ? __pfx____ratelimit+0x10/0x10
[ 1961.247369][ T5099]  dump_header+0xda/0x6a0
[ 1961.251770][ T5099]  oom_kill_process+0x3a7/0x930
[ 1961.256677][ T5099]  out_of_memory+0xf67/0x1320
[ 1961.261379][ T5099]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1961.267033][ T5099]  ? __pfx___mutex_lock+0x10/0x10
[ 1961.272074][ T5099]  ? __pfx_out_of_memory+0x10/0x10
[ 1961.277210][ T5099]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1961.282770][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1961.287814][ T5099]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1961.293900][ T5099]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1961.299115][ T5099]  ? mem_cgroup_iter+0x3e9/0x560
[ 1961.304068][ T5099]  try_charge_memcg+0xda2/0x18a0
[ 1961.309019][ T5099]  ? mark_lock+0x9a/0x350
[ 1961.313380][ T5099]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1961.318790][ T5099]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1961.325139][ T5099]  charge_memcg+0xa2/0x160
[ 1961.329588][ T5099]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1961.335668][ T5099]  __read_swap_cache_async+0x480/0x8b0
[ 1961.341156][ T5099]  ? mark_lock+0x9a/0x350
[ 1961.345523][ T5099]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1961.351536][ T5099]  swap_cluster_readahead+0x67c/0x810
[ 1961.356939][ T5099]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1961.362862][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1961.367907][ T5099]  ? xas_descend+0x37e/0x470
[ 1961.372521][ T5099]  swapin_readahead+0x1ea/0x1070
[ 1961.377479][ T5099]  ? filemap_get_entry+0x127/0x4e0
[ 1961.382617][ T5099]  ? __pfx_swapin_readahead+0x10/0x10
[ 1961.388015][ T5099]  ? __filemap_get_folio+0x935/0xbc0
[ 1961.393318][ T5099]  ? swap_cache_get_folio+0x9f/0x570
[ 1961.398620][ T5099]  do_swap_page+0x791/0x3f40
[ 1961.403223][ T5099]  ? rcu_is_watching+0x15/0xb0
[ 1961.408015][ T5099]  ? do_swap_page+0x154/0x3f40
[ 1961.412790][ T5099]  ? __pfx_do_swap_page+0x10/0x10
[ 1961.417847][ T5099]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1961.423319][ T5099]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1961.429140][ T5099]  ? __pfx_validate_chain+0x10/0x10
[ 1961.434358][ T5099]  __handle_mm_fault+0x15e8/0x72d0
[ 1961.439512][ T5099]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1961.444996][ T5099]  ? mt_find+0x226/0x850
[ 1961.449255][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1961.454313][ T5099]  ? mt_find+0x62d/0x850
[ 1961.458573][ T5099]  ? mt_find+0x226/0x850
[ 1961.462853][ T5099]  ? find_vma+0x142/0x1c0
[ 1961.467193][ T5099]  ? __pfx_find_vma+0x10/0x10
[ 1961.471895][ T5099]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1961.477899][ T5099]  handle_mm_fault+0x3c1/0x8a0
[ 1961.482683][ T5099]  exc_page_fault+0x2ad/0x870
[ 1961.487400][ T5099]  asm_exc_page_fault+0x26/0x30
[ 1961.492273][ T5099] RIP: 0010:__get_user_8+0x11/0x20
[ 1961.497401][ T5099] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 1961.517024][ T5099] RSP: 0018:ffffc90003dffd98 EFLAGS: 00050202
[ 1961.523104][ T5099] RAX: 0000555556d69da8 RBX: ffff888021c59538 RCX: ffffc90003dffc03
[ 1961.531087][ T5099] RDX: 0000000000000000 RSI: ffffffff8baac7e0 RDI: ffffffff8bfe6de0
[ 1961.539084][ T5099] RBP: ffffc90003dffec8 R08: ffffffff8f856baf R09: 1ffffffff1f0ad75
[ 1961.547083][ T5099] R10: dffffc0000000000 R11: fffffbfff1f0ad76 R12: ffffc90003dffda0
[ 1961.555072][ T5099] R13: ffffc90003dfffd8 R14: dffffc0000000000 R15: ffff888021c58000
[ 1961.563072][ T5099]  __rseq_handle_notify_resume+0x158/0x1490
[ 1961.569001][ T5099]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 1961.575357][ T5099]  syscall_exit_to_user_mode+0x113/0x360
[ 1961.581011][ T5099]  do_syscall_64+0x108/0x240
[ 1961.585622][ T5099]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1961.591536][ T5099] RIP: 0033:0x7fa936ca91b5
[ 1961.595978][ T5099] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[ 1961.615686][ T5099] RSP: 002b:00007fff55d50a80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 1961.624113][ T5099] RAX: 0000000000000000 RBX: 000000000000389d RCX: 00007fa936ca91b5
[ 1961.632095][ T5099] RDX: 00007fff55d50ac0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1961.640090][ T5099] RBP: 00007fff55d50b4c R08: 0000000000000000 R09: 00007fff55de70b0
[ 1961.648092][ T5099] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 1961.656068][ T5099] R13: 00000000001dea71 R14: 00000000001dea71 R15: 0000000000000000
[ 1961.664062][ T5099]  </TASK>
[ 1961.726326][ T5099] memory: usage 307192kB, limit 307200kB, failcnt 15034
[ 1961.747120][ T5099] memory+swap: usage 307360kB, limit 9007199254740988kB, failcnt 0
[ 1961.765941][ T5099] kmem: usage 307176kB, limit 9007199254740988kB, failcnt 0
00:48:28 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1961.780929][ T5099] Memory cgroup stats for /syz1:
[ 1961.781084][ T5099] cache 4096
[ 1961.794780][ T5099] rss 8192
[ 1961.807098][ T5099] rss_huge 0
[ 1961.810359][ T5099] shmem 0
[ 1961.813339][ T5099] mapped_file 0
[ 1961.816826][ T5099] dirty 0
[ 1961.836406][ T5099] writeback 0
[ 1961.840338][ T5099] workingset_refault_anon 5803
[ 1961.845312][ T5099] workingset_refault_file 1
[ 1961.855567][ T5099] swap 163840
[ 1961.859419][ T5099] swapcached 8192
[ 1961.863088][ T5099] pgpgin 131690
[ 1961.866570][ T5099] pgpgout 131687
[ 1961.876897][ T5099] pgfault 342687
[ 1961.883566][ T5099] pgmajfault 5451
[ 1961.897404][ T5099] inactive_anon 0
[ 1961.901093][ T5099] active_anon 8192
[ 1961.904834][ T5099] inactive_file 0
[ 1961.914730][ T5099] active_file 4096
[ 1961.918980][ T5099] unevictable 0
[ 1961.922546][ T5099] hierarchical_memory_limit 314572800
[ 1961.928803][ T5099] hierarchical_memsw_limit 9223372036854771712
[ 1961.935006][ T5099] total_cache 4096
[ 1961.946722][ T5099] total_rss 8192
[ 1961.950774][ T5099] total_rss_huge 0
[ 1961.954532][ T5099] total_shmem 0
[ 1961.964232][ T5099] total_mapped_file 0
[ 1961.968734][ T5099] total_dirty 0
[ 1961.972284][ T5099] total_writeback 0
[ 1961.976115][ T5099] total_workingset_refault_anon 5803
[ 1961.987038][ T5099] total_workingset_refault_file 1
[ 1961.992116][ T5099] total_swap 163840
[ 1961.995952][ T5099] total_swapcached 8192
[ 1962.010188][ T5099] total_pgpgin 131690
[ 1962.014249][ T5099] total_pgpgout 131687
[ 1962.021333][ T5099] total_pgfault 342687
[ 1962.025530][ T5099] total_pgmajfault 5451
[ 1962.033570][ T5099] total_inactive_anon 0
[ 1962.042592][ T5099] total_active_anon 8192
[ 1962.046917][ T5099] total_inactive_file 0
[ 1962.055478][ T5099] total_active_file 4096
[ 1962.062731][ T5099] total_unevictable 0
[ 1962.066785][ T5099] anon_cost 0
[ 1962.074286][ T5099] file_cost 0
[ 1962.079996][ T5099] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13400,uid=0
[ 1962.113677][ T5099] Memory cgroup out of memory: Killed process 13400 (syz-executor.1) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
[ 1962.143001][ T5110] syz-executor.2 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1962.165255][ T5110] CPU: 1 PID: 5110 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1962.175665][ T5110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1962.185738][ T5110] Call Trace:
[ 1962.189026][ T5110]  <TASK>
[ 1962.191969][ T5110]  dump_stack_lvl+0x1e7/0x2e0
[ 1962.196681][ T5110]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1962.201901][ T5110]  ? __pfx__printk+0x10/0x10
[ 1962.206502][ T5110]  ? ___ratelimit+0x4c4/0x670
[ 1962.211209][ T5110]  ? __pfx____ratelimit+0x10/0x10
[ 1962.216263][ T5110]  dump_header+0xda/0x6a0
[ 1962.220628][ T5110]  oom_kill_process+0x3a7/0x930
[ 1962.225499][ T5110]  out_of_memory+0xf67/0x1320
[ 1962.230192][ T5110]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1962.235842][ T5110]  ? __pfx___mutex_lock+0x10/0x10
[ 1962.240881][ T5110]  ? __pfx_out_of_memory+0x10/0x10
[ 1962.246023][ T5110]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1962.251587][ T5110]  ? __pfx_lock_release+0x10/0x10
[ 1962.256631][ T5110]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1962.262720][ T5110]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1962.267936][ T5110]  ? mem_cgroup_iter+0x3e9/0x560
[ 1962.272902][ T5110]  try_charge_memcg+0xda2/0x18a0
[ 1962.277851][ T5110]  ? mark_lock+0x9a/0x350
[ 1962.282211][ T5110]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1962.287616][ T5110]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1962.293896][ T5110]  charge_memcg+0xa2/0x160
[ 1962.298337][ T5110]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1962.304419][ T5110]  __read_swap_cache_async+0x480/0x8b0
[ 1962.309917][ T5110]  ? mark_lock+0x9a/0x350
[ 1962.314290][ T5110]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1962.320301][ T5110]  ? blk_start_plug+0x6f/0x1b0
[ 1962.325088][ T5110]  swap_cluster_readahead+0x398/0x810
[ 1962.330487][ T5110]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1962.336404][ T5110]  ? __pfx_lock_release+0x10/0x10
[ 1962.341449][ T5110]  ? xas_descend+0x37e/0x470
[ 1962.346065][ T5110]  swapin_readahead+0x1ea/0x1070
[ 1962.351025][ T5110]  ? filemap_get_entry+0x127/0x4e0
[ 1962.356168][ T5110]  ? __pfx_swapin_readahead+0x10/0x10
[ 1962.361574][ T5110]  ? __filemap_get_folio+0x935/0xbc0
[ 1962.366886][ T5110]  ? swap_cache_get_folio+0x9f/0x570
[ 1962.372198][ T5110]  do_swap_page+0x791/0x3f40
[ 1962.376810][ T5110]  ? rcu_is_watching+0x15/0xb0
[ 1962.381603][ T5110]  ? do_swap_page+0x154/0x3f40
[ 1962.386377][ T5110]  ? __pfx_do_swap_page+0x10/0x10
[ 1962.391414][ T5110]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1962.396891][ T5110]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1962.402725][ T5110]  __handle_mm_fault+0x15e8/0x72d0
[ 1962.407877][ T5110]  ? reacquire_held_locks+0x3eb/0x690
[ 1962.413260][ T5110]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1962.418746][ T5110]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 1962.424488][ T5110]  ? mtree_range_walk+0x6fd/0x8e0
[ 1962.429529][ T5110]  ? lock_vma_under_rcu+0x18a/0x730
[ 1962.434741][ T5110]  ? __pfx_lock_release+0x10/0x10
[ 1962.439784][ T5110]  ? lock_vma_under_rcu+0x2f9/0x730
[ 1962.445016][ T5110]  ? lock_vma_under_rcu+0x18a/0x730
[ 1962.450228][ T5110]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 1962.455799][ T5110]  handle_mm_fault+0x3c1/0x8a0
[ 1962.460589][ T5110]  exc_page_fault+0x456/0x870
[ 1962.465294][ T5110]  asm_exc_page_fault+0x26/0x30
[ 1962.470154][ T5110] RIP: 0033:0x7fc73607a780
[ 1962.474583][ T5110] Code: ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 <80> 3d 71 57 10 00 00 49 89 ca 74 14 b8 3d 00 00 00 0f 05 48 3d 00
[ 1962.494200][ T5110] RSP: 002b:00007ffeef0084e8 EFLAGS: 00010246
[ 1962.500278][ T5110] RAX: 00000000000001fc RBX: 00000000000035c6 RCX: 0000000000000000
[ 1962.508259][ T5110] RDX: 0000000040000001 RSI: 00007ffeef00854c RDI: 00000000ffffffff
[ 1962.516243][ T5110] RBP: 00007ffeef00854c R08: 0000000000000010 R09: 00007ffeef05f0b0
[ 1962.524233][ T5110] R10: 00007ffeef05f080 R11: 000000000005d872 R12: 0000000000000032
[ 1962.532216][ T5110] R13: 00000000001deaf6 R14: 00000000001deaf6 R15: 0000000000000000
[ 1962.540217][ T5110]  </TASK>
[ 1962.576759][ T5110] memory: usage 307200kB, limit 307200kB, failcnt 84289
[ 1962.586240][ T5110] memory+swap: usage 307372kB, limit 9007199254740988kB, failcnt 0
[ 1962.600176][ T5110] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 1962.609605][ T5110] Memory cgroup stats for /syz2:
[ 1962.609734][ T5110] cache 0
[ 1962.621233][ T5110] rss 0
[ 1962.624043][ T5110] rss_huge 0
[ 1962.629941][ T5110] shmem 0
[ 1962.632925][ T5110] mapped_file 0
[ 1962.636404][ T5110] dirty 0
[ 1962.643576][ T5110] writeback 0
[ 1962.646937][ T5110] workingset_refault_anon 53948
[ 1962.656702][ T5110] workingset_refault_file 1
[ 1962.665869][ T5110] swap 176128
[ 1962.671635][ T5110] swapcached 0
[ 1962.675081][ T5110] pgpgin 180164
[ 1962.687443][ T5110] pgpgout 180164
[ 1962.691063][ T5110] pgfault 394899
[ 1962.694647][ T5110] pgmajfault 49909
[ 1962.707837][ T5110] inactive_anon 0
[ 1962.711533][ T5110] active_anon 0
[ 1962.715131][ T5110] inactive_file 0
[ 1962.719671][ T5110] active_file 0
[ 1962.723175][ T5110] unevictable 0
[ 1962.726656][ T5110] hierarchical_memory_limit 314572800
[ 1962.738701][ T5110] hierarchical_memsw_limit 9223372036854771712
[ 1962.744933][ T5110] total_cache 0
[ 1962.753500][ T5110] total_rss 0
[ 1962.767345][ T5110] total_rss_huge 0
[ 1962.771135][ T5110] total_shmem 0
[ 1962.790130][ T5110] total_mapped_file 0
[ 1962.794204][ T5110] total_dirty 0
[ 1962.807071][ T5110] total_writeback 0
[ 1962.810958][ T5110] total_workingset_refault_anon 53948
[ 1962.816380][ T5110] total_workingset_refault_file 1
[ 1962.828910][ T5110] total_swap 176128
[ 1962.832829][ T5110] total_swapcached 0
[ 1962.836751][ T5110] total_pgpgin 180164
[ 1962.845620][ T5110] total_pgpgout 180164
[ 1962.851393][ T5110] total_pgfault 394899
[ 1962.855518][ T5110] total_pgmajfault 49909
[ 1962.866815][ T5110] total_inactive_anon 0
[ 1962.872703][ T5110] total_active_anon 0
[ 1962.876737][ T5110] total_inactive_file 0
[ 1962.889472][ T5110] total_active_file 0
[ 1962.893535][ T5110] total_unevictable 0
[ 1962.902358][ T5110] anon_cost 0
[ 1962.905719][ T5110] file_cost 0
[ 1962.913181][ T5110] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13401,uid=0
[ 1962.954839][ T5110] Memory cgroup out of memory: Killed process 13401 (syz-executor.2) total-vm:54508kB, anon-rss:508kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:48:29 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:48:29 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1963.478611][T13406] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1963.493365][T13406] CPU: 1 PID: 13406 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1963.503853][T13406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1963.513962][T13406] Call Trace:
[ 1963.517287][T13406]  <TASK>
[ 1963.520260][T13406]  dump_stack_lvl+0x1e7/0x2e0
[ 1963.525001][T13406]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1963.530253][T13406]  ? __pfx__printk+0x10/0x10
[ 1963.534899][T13406]  ? ___ratelimit+0x4c4/0x670
[ 1963.539634][T13406]  ? __pfx____ratelimit+0x10/0x10
[ 1963.544727][T13406]  dump_header+0xda/0x6a0
[ 1963.549130][T13406]  oom_kill_process+0x3a7/0x930
[ 1963.554031][T13406]  out_of_memory+0xf67/0x1320
[ 1963.558736][T13406]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1963.564389][T13406]  ? __pfx___mutex_lock+0x10/0x10
[ 1963.569447][T13406]  ? __pfx_out_of_memory+0x10/0x10
[ 1963.574606][T13406]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1963.580187][T13406]  ? __pfx_lock_release+0x10/0x10
[ 1963.585239][T13406]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1963.591327][T13406]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1963.596546][T13406]  ? mem_cgroup_iter+0x3e9/0x560
[ 1963.601522][T13406]  try_charge_memcg+0xda2/0x18a0
[ 1963.606517][T13406]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1963.611905][T13406]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1963.617638][T13406]  ? __pfx_lock_release+0x10/0x10
[ 1963.622683][T13406]  ? memcg_account_kmem+0x1e7/0x210
[ 1963.627905][T13406]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1963.633724][T13406]  __memcg_kmem_charge_page+0xe1/0x250
[ 1963.639204][T13406]  memcg_charge_kernel_stack+0x11c/0x550
[ 1963.644855][T13406]  dup_task_struct+0x40d/0x7d0
[ 1963.649640][T13406]  copy_process+0x5d5/0x3fc0
[ 1963.654256][T13406]  ? __might_fault+0xa9/0x120
[ 1963.658953][T13406]  ? __pfx_lock_release+0x10/0x10
[ 1963.663999][T13406]  ? __pfx_copy_process+0x10/0x10
[ 1963.669033][T13406]  ? __might_fault+0xc5/0x120
[ 1963.673732][T13406]  ? __asan_memset+0x23/0x50
[ 1963.678349][T13406]  kernel_clone+0x21d/0x8d0
[ 1963.682876][T13406]  ? __pfx_kernel_clone+0x10/0x10
[ 1963.687939][T13406]  __se_sys_clone3+0x2cb/0x350
[ 1963.692728][T13406]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1963.698045][T13406]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1963.704142][T13406]  ? exc_page_fault+0x587/0x870
[ 1963.709022][T13406]  ? do_syscall_64+0xb4/0x240
[ 1963.713723][T13406]  do_syscall_64+0xf9/0x240
[ 1963.718258][T13406]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1963.724175][T13406] RIP: 0033:0x7fa936ca9b99
[ 1963.728604][T13406] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1963.748222][T13406] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1963.756699][T13406] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1963.764716][T13406] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1963.772710][T13406] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
[ 1963.780701][T13406] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1963.788713][T13406] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1963.796807][T13406]  </TASK>
[ 1963.829856][T13406] memory: usage 307192kB, limit 307200kB, failcnt 15274
[ 1963.867190][T13406] memory+swap: usage 307344kB, limit 9007199254740988kB, failcnt 0
[ 1963.903253][T13406] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[ 1963.937680][T13406] Memory cgroup stats for /syz1:
[ 1963.937842][T13406] cache 4096
[ 1963.968936][T13406] rss 12288
[ 1963.972114][T13406] rss_huge 0
[ 1963.975357][T13406] shmem 0
[ 1963.986343][T13406] mapped_file 0
[ 1963.995942][T13406] dirty 4096
[ 1963.999662][T13406] writeback 0
[ 1964.002977][T13406] workingset_refault_anon 5901
[ 1964.018768][T13406] workingset_refault_file 1
[ 1964.023335][T13406] swap 147456
[ 1964.026670][T13406] swapcached 8192
[ 1964.037464][T13406] pgpgin 131799
[ 1964.041144][T13406] pgpgout 131795
[ 1964.044766][T13406] pgfault 342865
[ 1964.050044][T13406] pgmajfault 5543
[ 1964.058328][T13406] inactive_anon 0
[ 1964.063342][T13406] active_anon 12288
[ 1964.071359][T13406] inactive_file 0
[ 1964.075292][T13406] active_file 4096
[ 1964.081601][T13406] unevictable 0
[ 1964.085252][T13406] hierarchical_memory_limit 314572800
[ 1964.096911][T13406] hierarchical_memsw_limit 9223372036854771712
[ 1964.106295][T13406] total_cache 4096
[ 1964.113217][T13406] total_rss 12288
[ 1964.119319][T13406] total_rss_huge 0
[ 1964.123229][T13406] total_shmem 0
[ 1964.126869][T13406] total_mapped_file 0
[ 1964.163825][T13406] total_dirty 4096
[ 1964.184723][T13406] total_writeback 0
[ 1964.195001][T13406] total_workingset_refault_anon 5901
[ 1964.212381][T13406] total_workingset_refault_file 1
[ 1964.226738][T13406] total_swap 147456
[ 1964.238897][T13406] total_swapcached 8192
[ 1964.250860][T13406] total_pgpgin 131799
[ 1964.256676][T13406] total_pgpgout 131795
[ 1964.265212][T13406] total_pgfault 342865
[ 1964.269735][T13406] total_pgmajfault 5543
[ 1964.274018][T13406] total_inactive_anon 0
[ 1964.278882][T13406] total_active_anon 12288
[ 1964.283340][T13406] total_inactive_file 0
[ 1964.293338][T13406] total_active_file 4096
[ 1964.299891][T13406] total_unevictable 0
[ 1964.309320][T13406] anon_cost 0
[ 1964.312799][T13406] file_cost 0
[ 1964.316612][T13406] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13406,uid=0
[ 1964.357363][T13406] Memory cgroup out of memory: Killed process 13406 (syz-executor.1) total-vm:54508kB, anon-rss:444kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
[ 1964.389817][T13405] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1964.423112][T13405] CPU: 0 PID: 13405 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1964.433605][T13405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1964.443796][T13405] Call Trace:
[ 1964.447113][T13405]  <TASK>
[ 1964.450082][T13405]  dump_stack_lvl+0x1e7/0x2e0
[ 1964.454829][T13405]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1964.460092][T13405]  ? __pfx__printk+0x10/0x10
[ 1964.464735][T13405]  ? ___ratelimit+0x4c4/0x670
[ 1964.469477][T13405]  ? __pfx____ratelimit+0x10/0x10
[ 1964.474565][T13405]  dump_header+0xda/0x6a0
[ 1964.478964][T13405]  oom_kill_process+0x3a7/0x930
[ 1964.483884][T13405]  out_of_memory+0xf67/0x1320
[ 1964.488631][T13405]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1964.494319][T13405]  ? __pfx___mutex_lock+0x10/0x10
[ 1964.499404][T13405]  ? __pfx_out_of_memory+0x10/0x10
[ 1964.504588][T13405]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1964.510202][T13405]  ? __pfx_lock_release+0x10/0x10
[ 1964.515282][T13405]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1964.521408][T13405]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1964.526668][T13405]  ? mem_cgroup_iter+0x3e9/0x560
[ 1964.531662][T13405]  try_charge_memcg+0xda2/0x18a0
[ 1964.536686][T13405]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1964.542109][T13405]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1964.547886][T13405]  ? __pfx_lock_release+0x10/0x10
[ 1964.552974][T13405]  ? memcg_account_kmem+0x1e7/0x210
[ 1964.558240][T13405]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1964.564111][T13405]  __memcg_kmem_charge_page+0xe1/0x250
[ 1964.569641][T13405]  memcg_charge_kernel_stack+0x196/0x550
[ 1964.575338][T13405]  dup_task_struct+0x40d/0x7d0
[ 1964.580161][T13405]  copy_process+0x5d5/0x3fc0
[ 1964.584824][T13405]  ? __might_fault+0xa9/0x120
[ 1964.589561][T13405]  ? __pfx_lock_release+0x10/0x10
[ 1964.594656][T13405]  ? __pfx_copy_process+0x10/0x10
[ 1964.599731][T13405]  ? __might_fault+0xc5/0x120
[ 1964.604463][T13405]  ? __asan_memset+0x23/0x50
[ 1964.609107][T13405]  kernel_clone+0x21d/0x8d0
[ 1964.613663][T13405]  ? __pfx_kernel_clone+0x10/0x10
[ 1964.618743][T13405]  __se_sys_clone3+0x2cb/0x350
[ 1964.623549][T13405]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1964.628888][T13405]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1964.634924][T13405]  ? exc_page_fault+0x587/0x870
[ 1964.639822][T13405]  ? do_syscall_64+0xb4/0x240
[ 1964.644566][T13405]  do_syscall_64+0xf9/0x240
[ 1964.649144][T13405]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1964.655101][T13405] RIP: 0033:0x7fc7360a9b99
[ 1964.659563][T13405] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1964.679229][T13405] RSP: 002b:00007ffeef0080a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1964.687703][T13405] RAX: ffffffffffffffda RBX: 00007fc736052270 RCX: 00007fc7360a9b99
[ 1964.695725][T13405] RDX: 00007fc736052270 RSI: 0000000000000058 RDI: 00007ffeef0080f0
[ 1964.703744][T13405] RBP: 00007fc736ec76c0 R08: 00007fc736ec76c0 R09: 00007ffeef0081d7
[ 1964.711766][T13405] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
00:48:30 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1964.719788][T13405] R13: 000000000000000b R14: 00007ffeef0080f0 R15: 00007ffeef0081d8
[ 1964.727824][T13405]  </TASK>
[ 1964.778122][T13405] memory: usage 307200kB, limit 307200kB, failcnt 84695
[ 1964.785252][T13405] memory+swap: usage 307372kB, limit 9007199254740988kB, failcnt 0
[ 1964.795376][T13405] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1964.803243][T13405] Memory cgroup stats for /syz2:
[ 1964.803394][T13405] cache 0
[ 1964.813541][T13405] rss 0
[ 1964.816436][T13405] rss_huge 0
[ 1964.835273][T13405] shmem 0
[ 1964.867189][T13405] mapped_file 0
[ 1964.870720][T13405] dirty 0
[ 1964.889490][T13405] writeback 0
[ 1964.892863][T13405] workingset_refault_anon 54101
[ 1964.919588][T13405] workingset_refault_file 1
[ 1964.924169][T13405] swap 176128
[ 1964.949169][T13405] swapcached 0
[ 1964.952617][T13405] pgpgin 180328
[ 1964.956092][T13405] pgpgout 180328
00:48:31 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1964.976795][T13405] pgfault 395136
[ 1964.983483][T13405] pgmajfault 50056
[ 1965.007207][T13405] inactive_anon 0
[ 1965.011782][T13405] active_anon 0
[ 1965.015294][T13405] inactive_file 0
[ 1965.038927][T13405] active_file 0
[ 1965.042462][T13405] unevictable 0
[ 1965.045967][T13405] hierarchical_memory_limit 314572800
[ 1965.066449][T13405] hierarchical_memsw_limit 9223372036854771712
[ 1965.087115][T13405] total_cache 0
[ 1965.090641][T13405] total_rss 0
[ 1965.093996][T13405] total_rss_huge 0
[ 1965.115259][T13405] total_shmem 0
[ 1965.119245][T13405] total_mapped_file 0
[ 1965.123271][T13405] total_dirty 0
[ 1965.126757][T13405] total_writeback 0
[ 1965.143045][T13405] total_workingset_refault_anon 54101
[ 1965.150607][T13405] total_workingset_refault_file 1
[ 1965.155679][T13405] total_swap 176128
[ 1965.165672][T13405] total_swapcached 0
[ 1965.172472][T13405] total_pgpgin 180328
[ 1965.176507][T13405] total_pgpgout 180328
[ 1965.181456][T13405] total_pgfault 395136
[ 1965.185570][T13405] total_pgmajfault 50056
[ 1965.197350][T13405] total_inactive_anon 0
[ 1965.201571][T13405] total_active_anon 0
[ 1965.205576][T13405] total_inactive_file 0
[ 1965.215361][T13405] total_active_file 0
[ 1965.222985][T13405] total_unevictable 0
[ 1965.229605][T13405] anon_cost 0
[ 1965.232940][T13405] file_cost 0
[ 1965.236256][T13405] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13405,uid=0
[ 1965.257695][T13405] Memory cgroup out of memory: Killed process 13405 (syz-executor.2) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 1965.284082][T13408] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1965.312542][T13408] CPU: 0 PID: 13408 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1965.323029][T13408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1965.333124][T13408] Call Trace:
[ 1965.336441][T13408]  <TASK>
[ 1965.339409][T13408]  dump_stack_lvl+0x1e7/0x2e0
[ 1965.344146][T13408]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1965.349398][T13408]  ? __pfx__printk+0x10/0x10
[ 1965.354039][T13408]  ? ___ratelimit+0x4c4/0x670
[ 1965.358771][T13408]  ? __pfx____ratelimit+0x10/0x10
[ 1965.363853][T13408]  dump_header+0xda/0x6a0
[ 1965.368261][T13408]  oom_kill_process+0x3a7/0x930
[ 1965.373164][T13408]  out_of_memory+0xf67/0x1320
[ 1965.377898][T13408]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1965.383577][T13408]  ? __pfx___mutex_lock+0x10/0x10
[ 1965.388642][T13408]  ? __pfx_out_of_memory+0x10/0x10
[ 1965.393814][T13408]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1965.399412][T13408]  ? __pfx_lock_release+0x10/0x10
[ 1965.404490][T13408]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1965.410625][T13408]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1965.415875][T13408]  ? mem_cgroup_iter+0x3e9/0x560
[ 1965.420866][T13408]  try_charge_memcg+0xda2/0x18a0
[ 1965.425891][T13408]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1965.431308][T13408]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1965.437067][T13408]  ? __pfx_lock_release+0x10/0x10
[ 1965.442137][T13408]  ? memcg_account_kmem+0x1e7/0x210
[ 1965.447397][T13408]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1965.453253][T13408]  __memcg_kmem_charge_page+0xe1/0x250
00:48:31 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1965.458770][T13408]  memcg_charge_kernel_stack+0x28a/0x550
[ 1965.464461][T13408]  dup_task_struct+0x15d/0x7d0
[ 1965.469275][T13408]  copy_process+0x5d5/0x3fc0
[ 1965.473930][T13408]  ? __might_fault+0xa9/0x120
[ 1965.478656][T13408]  ? __pfx_lock_release+0x10/0x10
[ 1965.483741][T13408]  ? __pfx_copy_process+0x10/0x10
[ 1965.488810][T13408]  ? __might_fault+0xc5/0x120
[ 1965.493541][T13408]  ? __asan_memset+0x23/0x50
[ 1965.498201][T13408]  kernel_clone+0x21d/0x8d0
[ 1965.502755][T13408]  ? __pfx_kernel_clone+0x10/0x10
[ 1965.507845][T13408]  __se_sys_clone3+0x2cb/0x350
[ 1965.512656][T13408]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1965.518018][T13408]  ? do_syscall_64+0x108/0x240
[ 1965.522838][T13408]  ? do_syscall_64+0xb4/0x240
[ 1965.527569][T13408]  do_syscall_64+0xf9/0x240
[ 1965.532126][T13408]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1965.538077][T13408] RIP: 0033:0x7fa936ca9b99
[ 1965.542536][T13408] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1965.562190][T13408] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1965.570670][T13408] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1965.578689][T13408] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1965.586720][T13408] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
[ 1965.594737][T13408] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1965.602752][T13408] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1965.610795][T13408]  </TASK>
[ 1965.656529][T13408] memory: usage 307200kB, limit 307200kB, failcnt 15610
[ 1965.663621][T13408] memory+swap: usage 307356kB, limit 9007199254740988kB, failcnt 0
[ 1965.672494][T13408] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[ 1965.703287][T13408] Memory cgroup stats for /syz1:
[ 1965.703446][T13408] cache 4096
[ 1965.714890][T13408] rss 0
[ 1965.727198][T13408] rss_huge 0
[ 1965.730447][T13408] shmem 0
[ 1965.734634][T13408] mapped_file 0
[ 1965.741223][T13408] dirty 4096
[ 1965.744463][T13408] writeback 0
[ 1965.753923][T13408] workingset_refault_anon 6031
[ 1965.763769][T13408] workingset_refault_file 1
[ 1965.771914][T13408] swap 159744
[ 1965.775243][T13408] swapcached 0
[ 1965.792878][T13408] pgpgin 131941
[ 1965.796406][T13408] pgpgout 131940
[ 1965.801143][T13408] pgfault 343071
[ 1965.804748][T13408] pgmajfault 5665
[ 1965.827269][T13408] inactive_anon 0
[ 1965.831923][T13408] active_anon 0
[ 1965.835460][T13408] inactive_file 4096
[ 1965.846050][T13408] active_file 0
[ 1965.849967][T13408] unevictable 0
[ 1965.853460][T13408] hierarchical_memory_limit 314572800
[ 1965.873264][T13408] hierarchical_memsw_limit 9223372036854771712
[ 1965.884531][T13408] total_cache 4096
[ 1965.897303][T13408] total_rss 0
[ 1965.900731][T13408] total_rss_huge 0
[ 1965.905296][T13408] total_shmem 0
[ 1965.914921][T13408] total_mapped_file 0
[ 1965.922656][T13408] total_dirty 4096
[ 1965.926426][T13408] total_writeback 0
[ 1965.938852][T13408] total_workingset_refault_anon 6031
[ 1965.944193][T13408] total_workingset_refault_file 1
[ 1965.978604][T13408] total_swap 159744
[ 1965.982487][T13408] total_swapcached 0
[ 1965.986414][T13408] total_pgpgin 131941
[ 1966.005396][T13408] total_pgpgout 131940
[ 1966.012896][T13408] total_pgfault 343071
[ 1966.021846][T13408] total_pgmajfault 5665
[ 1966.026051][T13408] total_inactive_anon 0
[ 1966.030312][T13408] total_active_anon 0
[ 1966.036572][T13408] total_inactive_file 4096
[ 1966.057133][T13408] total_active_file 0
[ 1966.061189][T13408] total_unevictable 0
[ 1966.065208][T13408] anon_cost 0
[ 1966.072820][T13408] file_cost 0
[ 1966.076161][T13408] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13408,uid=0
[ 1966.097087][T13408] Memory cgroup out of memory: Killed process 13408 (syz-executor.1) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
00:48:32 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42c]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1966.339541][T13411] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1966.394018][T13411] CPU: 0 PID: 13411 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1966.404515][T13411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1966.414613][T13411] Call Trace:
[ 1966.417927][T13411]  <TASK>
[ 1966.420894][T13411]  dump_stack_lvl+0x1e7/0x2e0
[ 1966.425635][T13411]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1966.430893][T13411]  ? __pfx__printk+0x10/0x10
[ 1966.435534][T13411]  ? ___ratelimit+0x4c4/0x670
[ 1966.440279][T13411]  ? __pfx____ratelimit+0x10/0x10
[ 1966.445362][T13411]  dump_header+0xda/0x6a0
[ 1966.449747][T13411]  oom_kill_process+0x3a7/0x930
[ 1966.454658][T13411]  out_of_memory+0xf67/0x1320
[ 1966.459395][T13411]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1966.465079][T13411]  ? __pfx___mutex_lock+0x10/0x10
[ 1966.470153][T13411]  ? __pfx_out_of_memory+0x10/0x10
[ 1966.475328][T13411]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1966.480922][T13411]  ? __pfx_lock_release+0x10/0x10
[ 1966.486017][T13411]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1966.492141][T13411]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1966.497392][T13411]  ? mem_cgroup_iter+0x3e9/0x560
[ 1966.502387][T13411]  try_charge_memcg+0xda2/0x18a0
[ 1966.507407][T13411]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1966.512831][T13411]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1966.518605][T13411]  ? __pfx_lock_release+0x10/0x10
[ 1966.523687][T13411]  ? memcg_account_kmem+0x1e7/0x210
[ 1966.528959][T13411]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1966.534812][T13411]  __memcg_kmem_charge_page+0xe1/0x250
[ 1966.540326][T13411]  memcg_charge_kernel_stack+0x196/0x550
[ 1966.546013][T13411]  dup_task_struct+0x15d/0x7d0
[ 1966.550831][T13411]  copy_process+0x5d5/0x3fc0
[ 1966.555503][T13411]  ? __might_fault+0xa9/0x120
[ 1966.560231][T13411]  ? __pfx_lock_release+0x10/0x10
[ 1966.565319][T13411]  ? __pfx_copy_process+0x10/0x10
[ 1966.570392][T13411]  ? __might_fault+0xc5/0x120
[ 1966.575120][T13411]  ? __asan_memset+0x23/0x50
[ 1966.579769][T13411]  kernel_clone+0x21d/0x8d0
[ 1966.584323][T13411]  ? __pfx_kernel_clone+0x10/0x10
[ 1966.589414][T13411]  __se_sys_clone3+0x2cb/0x350
[ 1966.594231][T13411]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1966.599575][T13411]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1966.605622][T13411]  ? exc_page_fault+0x587/0x870
[ 1966.610527][T13411]  ? do_syscall_64+0xb4/0x240
[ 1966.615260][T13411]  do_syscall_64+0xf9/0x240
[ 1966.619865][T13411]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1966.625815][T13411] RIP: 0033:0x7fc7360a9b99
[ 1966.630294][T13411] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1966.649996][T13411] RSP: 002b:00007ffeef0080a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1966.658471][T13411] RAX: ffffffffffffffda RBX: 00007fc736052270 RCX: 00007fc7360a9b99
[ 1966.666535][T13411] RDX: 00007fc736052270 RSI: 0000000000000058 RDI: 00007ffeef0080f0
[ 1966.674559][T13411] RBP: 00007fc736ec76c0 R08: 00007fc736ec76c0 R09: 00007ffeef0081d7
[ 1966.682579][T13411] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1966.690603][T13411] R13: 000000000000000b R14: 00007ffeef0080f0 R15: 00007ffeef0081d8
[ 1966.698645][T13411]  </TASK>
[ 1966.731953][T13411] memory: usage 307200kB, limit 307200kB, failcnt 85237
[ 1966.746274][T13411] memory+swap: usage 307412kB, limit 9007199254740988kB, failcnt 0
[ 1966.756637][T13411] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1966.765329][T13411] Memory cgroup stats for /syz2:
[ 1966.765456][T13411] cache 0
[ 1966.775113][T13411] rss 0
[ 1966.778340][T13411] rss_huge 0
[ 1966.781692][T13411] shmem 0
[ 1966.784764][T13411] mapped_file 0
[ 1966.788730][T13411] dirty 0
[ 1966.791823][T13411] writeback 0
[ 1966.795254][T13411] workingset_refault_anon 54282
[ 1966.800885][T13411] workingset_refault_file 1
[ 1966.805546][T13411] swap 217088
[ 1966.809285][T13411] swapcached 0
[ 1966.812807][T13411] pgpgin 180522
[ 1966.816385][T13411] pgpgout 180522
[ 1966.820460][T13411] pgfault 395412
[ 1966.824149][T13411] pgmajfault 50233
[ 1966.828373][T13411] inactive_anon 0
[ 1966.832173][T13411] active_anon 0
[ 1966.835801][T13411] inactive_file 0
[ 1966.845416][T13411] active_file 0
[ 1966.862742][T13411] unevictable 0
[ 1966.869752][T13411] hierarchical_memory_limit 314572800
[ 1966.878377][T13411] hierarchical_memsw_limit 9223372036854771712
[ 1966.884712][T13411] total_cache 0
[ 1966.893577][T13411] total_rss 0
[ 1966.898755][T13411] total_rss_huge 0
[ 1966.902652][T13411] total_shmem 0
[ 1966.906270][T13411] total_mapped_file 0
[ 1966.915313][T13411] total_dirty 0
[ 1966.923760][T13411] total_writeback 0
[ 1966.933596][T13411] total_workingset_refault_anon 54282
[ 1966.940708][T13411] total_workingset_refault_file 1
[ 1966.945886][T13411] total_swap 217088
[ 1966.962878][T13411] total_swapcached 0
[ 1966.968784][T13411] total_pgpgin 180522
[ 1966.972916][T13411] total_pgpgout 180522
[ 1966.981460][T13411] total_pgfault 395412
[ 1966.985667][T13411] total_pgmajfault 50233
[ 1966.991907][T13411] total_inactive_anon 0
[ 1966.996203][T13411] total_active_anon 0
[ 1967.032018][T13411] total_inactive_file 0
[ 1967.048807][T13411] total_active_file 0
[ 1967.052862][T13411] total_unevictable 0
[ 1967.072508][T13411] anon_cost 0
[ 1967.075862][T13411] file_cost 0
[ 1967.092910][T13411] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13411,uid=0
[ 1967.127968][T13411] Memory cgroup out of memory: Killed process 13411 (syz-executor.2) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:48:33 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1967.422727][T13412] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1967.437773][T13412] CPU: 1 PID: 13412 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1967.448260][T13412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1967.458357][T13412] Call Trace:
[ 1967.461679][T13412]  <TASK>
[ 1967.464648][T13412]  dump_stack_lvl+0x1e7/0x2e0
[ 1967.469387][T13412]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1967.474655][T13412]  ? __pfx__printk+0x10/0x10
[ 1967.479312][T13412]  ? ___ratelimit+0x4c4/0x670
[ 1967.484059][T13412]  ? __pfx____ratelimit+0x10/0x10
[ 1967.489154][T13412]  dump_header+0xda/0x6a0
[ 1967.493540][T13412]  oom_kill_process+0x3a7/0x930
[ 1967.498454][T13412]  out_of_memory+0xf67/0x1320
[ 1967.503207][T13412]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1967.508908][T13412]  ? __pfx___mutex_lock+0x10/0x10
[ 1967.513994][T13412]  ? __pfx_out_of_memory+0x10/0x10
[ 1967.519178][T13412]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1967.524785][T13412]  ? __pfx_lock_release+0x10/0x10
[ 1967.529877][T13412]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1967.536012][T13412]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1967.541277][T13412]  ? mem_cgroup_iter+0x3e9/0x560
[ 1967.546258][T13412]  try_charge_memcg+0xda2/0x18a0
[ 1967.551258][T13412]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1967.556643][T13412]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1967.562375][T13412]  ? __pfx_lock_release+0x10/0x10
[ 1967.567427][T13412]  ? memcg_account_kmem+0x1e7/0x210
[ 1967.572652][T13412]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1967.578477][T13412]  __memcg_kmem_charge_page+0xe1/0x250
[ 1967.583957][T13412]  memcg_charge_kernel_stack+0x28a/0x550
[ 1967.589610][T13412]  dup_task_struct+0x15d/0x7d0
[ 1967.594390][T13412]  copy_process+0x5d5/0x3fc0
[ 1967.599030][T13412]  ? __might_fault+0xa9/0x120
[ 1967.603734][T13412]  ? __pfx_lock_release+0x10/0x10
[ 1967.608785][T13412]  ? __pfx_copy_process+0x10/0x10
[ 1967.613820][T13412]  ? __might_fault+0xc5/0x120
[ 1967.618521][T13412]  ? __asan_memset+0x23/0x50
[ 1967.623129][T13412]  kernel_clone+0x21d/0x8d0
[ 1967.627647][T13412]  ? __pfx_kernel_clone+0x10/0x10
[ 1967.632695][T13412]  __se_sys_clone3+0x2cb/0x350
[ 1967.637620][T13412]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1967.642943][T13412]  ? do_syscall_64+0x108/0x240
[ 1967.647740][T13412]  ? do_syscall_64+0xb4/0x240
[ 1967.652439][T13412]  do_syscall_64+0xf9/0x240
[ 1967.656964][T13412]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1967.662884][T13412] RIP: 0033:0x7fa936ca9b99
[ 1967.667308][T13412] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1967.686933][T13412] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1967.695372][T13412] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1967.703354][T13412] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1967.711352][T13412] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
[ 1967.719331][T13412] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1967.727327][T13412] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1967.735329][T13412]  </TASK>
[ 1967.756932][T13412] memory: usage 307200kB, limit 307200kB, failcnt 16180
[ 1967.771650][T13412] memory+swap: usage 307356kB, limit 9007199254740988kB, failcnt 0
[ 1967.790743][T13412] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[ 1967.801281][T13412] Memory cgroup stats for /syz1:
[ 1967.801436][T13412] cache 4096
[ 1967.831095][T13412] rss 0
[ 1967.834076][T13412] rss_huge 0
[ 1967.840658][T13412] shmem 0
[ 1967.843784][T13412] mapped_file 0
[ 1967.852094][T13412] dirty 0
[ 1967.855263][T13412] writeback 0
[ 1967.862196][T13412] workingset_refault_anon 6172
[ 1967.867825][T13412] workingset_refault_file 1
[ 1967.872534][T13412] swap 159744
[ 1967.876632][T13412] swapcached 0
[ 1967.880741][T13412] pgpgin 132093
[ 1967.884386][T13412] pgpgout 132092
[ 1967.888451][T13412] pgfault 343290
[ 1967.892209][T13412] pgmajfault 5793
[ 1967.896018][T13412] inactive_anon 0
[ 1967.902261][T13412] active_anon 0
[ 1967.905923][T13412] inactive_file 0
[ 1967.910101][T13412] active_file 4096
[ 1967.914002][T13412] unevictable 0
[ 1967.920595][T13412] hierarchical_memory_limit 314572800
[ 1967.926157][T13412] hierarchical_memsw_limit 9223372036854771712
[ 1967.932784][T13412] total_cache 4096
[ 1967.939258][T13412] total_rss 0
[ 1967.942689][T13412] total_rss_huge 0
[ 1967.946523][T13412] total_shmem 0
[ 1967.967441][T13412] total_mapped_file 0
[ 1967.987397][T13412] total_dirty 0
[ 1967.990928][T13412] total_writeback 0
[ 1967.994773][T13412] total_workingset_refault_anon 6172
[ 1968.014485][T13412] total_workingset_refault_file 1
[ 1968.021845][T13412] total_swap 159744
[ 1968.025700][T13412] total_swapcached 0
[ 1968.038927][T13412] total_pgpgin 132093
[ 1968.042974][T13412] total_pgpgout 132092
[ 1968.059922][T13412] total_pgfault 343290
[ 1968.064063][T13412] total_pgmajfault 5793
[ 1968.069339][T13412] total_inactive_anon 0
[ 1968.085082][T13412] total_active_anon 0
[ 1968.092330][T13412] total_inactive_file 0
[ 1968.096539][T13412] total_active_file 4096
[ 1968.110827][T13412] total_unevictable 0
[ 1968.114877][T13412] anon_cost 0
[ 1968.123051][T13412] file_cost 0
[ 1968.126398][T13412] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13412,uid=0
00:48:34 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x900]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1968.161684][T13412] Memory cgroup out of memory: Killed process 13412 (syz-executor.1) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
00:48:34 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1968.777910][T13417] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1968.798273][T13417] CPU: 1 PID: 13417 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1968.808767][T13417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1968.818884][T13417] Call Trace:
[ 1968.822210][T13417]  <TASK>
[ 1968.825177][T13417]  dump_stack_lvl+0x1e7/0x2e0
[ 1968.829920][T13417]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1968.835172][T13417]  ? __pfx__printk+0x10/0x10
[ 1968.839819][T13417]  ? ___ratelimit+0x4c4/0x670
[ 1968.844549][T13417]  ? __pfx____ratelimit+0x10/0x10
[ 1968.849630][T13417]  dump_header+0xda/0x6a0
[ 1968.854016][T13417]  oom_kill_process+0x3a7/0x930
[ 1968.858921][T13417]  out_of_memory+0xf67/0x1320
[ 1968.863643][T13417]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1968.869315][T13417]  ? __pfx___mutex_lock+0x10/0x10
[ 1968.874391][T13417]  ? __pfx_out_of_memory+0x10/0x10
[ 1968.879556][T13417]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1968.885129][T13417]  ? __pfx_lock_release+0x10/0x10
[ 1968.890204][T13417]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1968.896335][T13417]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1968.901582][T13417]  ? mem_cgroup_iter+0x3e9/0x560
[ 1968.906578][T13417]  try_charge_memcg+0xda2/0x18a0
[ 1968.911596][T13417]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1968.917089][T13417]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1968.922825][T13417]  ? __pfx_lock_release+0x10/0x10
[ 1968.927869][T13417]  ? memcg_account_kmem+0x1e7/0x210
[ 1968.933098][T13417]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1968.938917][T13417]  __memcg_kmem_charge_page+0xe1/0x250
[ 1968.944401][T13417]  memcg_charge_kernel_stack+0x28a/0x550
[ 1968.950049][T13417]  dup_task_struct+0x40d/0x7d0
[ 1968.954828][T13417]  copy_process+0x5d5/0x3fc0
[ 1968.959442][T13417]  ? __might_fault+0xa9/0x120
[ 1968.964132][T13417]  ? __pfx_lock_release+0x10/0x10
[ 1968.969187][T13417]  ? __pfx_copy_process+0x10/0x10
[ 1968.974216][T13417]  ? __might_fault+0xc5/0x120
[ 1968.978907][T13417]  ? __asan_memset+0x23/0x50
[ 1968.983514][T13417]  kernel_clone+0x21d/0x8d0
[ 1968.988032][T13417]  ? __pfx_kernel_clone+0x10/0x10
[ 1968.993081][T13417]  __se_sys_clone3+0x2cb/0x350
[ 1968.997858][T13417]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1969.003191][T13417]  ? do_syscall_64+0x108/0x240
[ 1969.008000][T13417]  ? do_syscall_64+0xb4/0x240
[ 1969.012725][T13417]  do_syscall_64+0xf9/0x240
[ 1969.017284][T13417]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1969.023209][T13417] RIP: 0033:0x7fa936ca9b99
[ 1969.027638][T13417] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1969.047257][T13417] RSP: 002b:00007fff55d506a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1969.055682][T13417] RAX: ffffffffffffffda RBX: 00007fa936c52270 RCX: 00007fa936ca9b99
[ 1969.063672][T13417] RDX: 00007fa936c52270 RSI: 0000000000000058 RDI: 00007fff55d506f0
[ 1969.071656][T13417] RBP: 00007fa93796e6c0 R08: 00007fa93796e6c0 R09: 00007fff55d507d7
[ 1969.079635][T13417] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1969.087613][T13417] R13: 000000000000000b R14: 00007fff55d506f0 R15: 00007fff55d507d8
[ 1969.095606][T13417]  </TASK>
[ 1969.146271][T13417] memory: usage 307200kB, limit 307200kB, failcnt 16502
[ 1969.158563][T13417] memory+swap: usage 307360kB, limit 9007199254740988kB, failcnt 0
[ 1969.176520][T13417] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[ 1969.192969][T13417] Memory cgroup stats for /syz1:
[ 1969.193140][T13417] cache 4096
[ 1969.221904][T13417] rss 0
[ 1969.236422][T13417] rss_huge 0
[ 1969.256675][T13417] shmem 0
[ 1969.269998][T13417] mapped_file 0
[ 1969.284967][T13417] dirty 0
[ 1969.297179][T13417] writeback 0
[ 1969.339068][T13417] workingset_refault_anon 6290
[ 1969.343911][T13417] workingset_refault_file 1
[ 1969.368391][T13417] swap 163840
[ 1969.384816][T13417] swapcached 0
[ 1969.393228][T13417] pgpgin 132224
[ 1969.396735][T13417] pgpgout 132223
[ 1969.412871][T13417] pgfault 343493
[ 1969.416487][T13417] pgmajfault 5897
[ 1969.438981][T13417] inactive_anon 0
[ 1969.442684][T13417] active_anon 0
[ 1969.465408][T13417] inactive_file 4096
[ 1969.478422][T13417] active_file 0
[ 1969.485181][T13417] unevictable 0
[ 1969.505001][T13417] hierarchical_memory_limit 314572800
[ 1969.526540][T13417] hierarchical_memsw_limit 9223372036854771712
[ 1969.556466][T13417] total_cache 4096
[ 1969.566805][T13417] total_rss 0
[ 1969.582773][T13417] total_rss_huge 0
[ 1969.586569][T13417] total_shmem 0
[ 1969.597370][T13417] total_mapped_file 0
[ 1969.629344][T13417] total_dirty 0
[ 1969.632869][T13417] total_writeback 0
[ 1969.636696][T13417] total_workingset_refault_anon 6290
[ 1969.675489][T13417] total_workingset_refault_file 1
[ 1969.686163][T13417] total_swap 163840
[ 1969.700287][T13417] total_swapcached 0
[ 1969.718459][T13417] total_pgpgin 132224
[ 1969.723372][T13417] total_pgpgout 132223
[ 1969.744675][T13417] total_pgfault 343493
[ 1969.753390][T13417] total_pgmajfault 5897
[ 1969.778795][T13417] total_inactive_anon 0
[ 1969.783111][T13417] total_active_anon 0
[ 1969.802743][T13417] total_inactive_file 4096
[ 1969.811153][T13417] total_active_file 0
[ 1969.826561][T13417] total_unevictable 0
[ 1969.836133][T13417] anon_cost 0
[ 1969.854229][T13417] file_cost 0
[ 1969.859772][T13417] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13417,uid=0
[ 1969.894172][T13417] Memory cgroup out of memory: Killed process 13417 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
[ 1969.958991][T13413] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1969.984986][T13413] CPU: 0 PID: 13413 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1969.995480][T13413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1970.005615][T13413] Call Trace:
00:48:36 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ea]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1970.008935][T13413]  <TASK>
[ 1970.011909][T13413]  dump_stack_lvl+0x1e7/0x2e0
[ 1970.016652][T13413]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1970.021916][T13413]  ? __pfx__printk+0x10/0x10
[ 1970.026659][T13413]  ? ___ratelimit+0x4c4/0x670
[ 1970.031399][T13413]  ? __pfx____ratelimit+0x10/0x10
[ 1970.036483][T13413]  dump_header+0xda/0x6a0
[ 1970.040881][T13413]  oom_kill_process+0x3a7/0x930
[ 1970.045806][T13413]  out_of_memory+0xf67/0x1320
[ 1970.050544][T13413]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1970.056248][T13413]  ? __pfx___mutex_lock+0x10/0x10
[ 1970.061324][T13413]  ? __pfx_out_of_memory+0x10/0x10
[ 1970.066503][T13413]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1970.072110][T13413]  ? __pfx_lock_release+0x10/0x10
[ 1970.077196][T13413]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1970.083327][T13413]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1970.088582][T13413]  ? mem_cgroup_iter+0x3e9/0x560
[ 1970.093588][T13413]  try_charge_memcg+0xda2/0x18a0
[ 1970.098622][T13413]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1970.104050][T13413]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1970.109835][T13413]  ? __pfx_lock_release+0x10/0x10
[ 1970.114932][T13413]  ? memcg_account_kmem+0x1e7/0x210
[ 1970.120206][T13413]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1970.126075][T13413]  __memcg_kmem_charge_page+0xe1/0x250
[ 1970.131611][T13413]  memcg_charge_kernel_stack+0x196/0x550
[ 1970.137316][T13413]  dup_task_struct+0x15d/0x7d0
[ 1970.142148][T13413]  copy_process+0x5d5/0x3fc0
[ 1970.146811][T13413]  ? __might_fault+0xa9/0x120
[ 1970.151584][T13413]  ? __pfx_lock_release+0x10/0x10
[ 1970.156769][T13413]  ? __pfx_copy_process+0x10/0x10
[ 1970.161846][T13413]  ? __might_fault+0xc5/0x120
[ 1970.166599][T13413]  ? __asan_memset+0x23/0x50
[ 1970.171272][T13413]  kernel_clone+0x21d/0x8d0
[ 1970.175838][T13413]  ? __pfx_kernel_clone+0x10/0x10
[ 1970.180948][T13413]  __se_sys_clone3+0x2cb/0x350
[ 1970.185785][T13413]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1970.191147][T13413]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1970.197204][T13413]  ? exc_page_fault+0x587/0x870
[ 1970.202125][T13413]  ? do_syscall_64+0xb4/0x240
[ 1970.206862][T13413]  do_syscall_64+0xf9/0x240
[ 1970.211433][T13413]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1970.217393][T13413] RIP: 0033:0x7fc7360a9b99
[ 1970.221867][T13413] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1970.241546][T13413] RSP: 002b:00007ffeef0080a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1970.250016][T13413] RAX: ffffffffffffffda RBX: 00007fc736052270 RCX: 00007fc7360a9b99
[ 1970.258044][T13413] RDX: 00007fc736052270 RSI: 0000000000000058 RDI: 00007ffeef0080f0
[ 1970.266102][T13413] RBP: 00007fc736ec76c0 R08: 00007fc736ec76c0 R09: 00007ffeef0081d7
[ 1970.274131][T13413] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1970.282151][T13413] R13: 000000000000000b R14: 00007ffeef0080f0 R15: 00007ffeef0081d8
[ 1970.290191][T13413]  </TASK>
[ 1970.301003][T13413] memory: usage 307196kB, limit 307200kB, failcnt 85835
[ 1970.308386][T13413] memory+swap: usage 307352kB, limit 9007199254740988kB, failcnt 0
[ 1970.316316][T13413] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 1970.323703][T13413] Memory cgroup stats for /syz2:
[ 1970.323832][T13413] cache 0
[ 1970.331862][T13413] rss 12288
[ 1970.336575][T13413] rss_huge 0
[ 1970.339885][T13413] shmem 0
[ 1970.342849][T13413] mapped_file 0
[ 1970.346333][T13413] dirty 0
[ 1970.357378][T13413] writeback 0
[ 1970.360721][T13413] workingset_refault_anon 54521
[ 1970.365595][T13413] workingset_refault_file 1
[ 1970.382972][T13413] swap 163840
[ 1970.386319][T13413] swapcached 4096
[ 1970.390385][T13413] pgpgin 180772
[ 1970.397138][T13413] pgpgout 180769
[ 1970.406014][T13413] pgfault 395769
[ 1970.415791][T13413] pgmajfault 50452
[ 1970.422375][T13413] inactive_anon 0
[ 1970.426127][T13413] active_anon 12288
[ 1970.430207][T13413] inactive_file 0
[ 1970.441411][T13413] active_file 0
[ 1970.445024][T13413] unevictable 0
[ 1970.448762][T13413] hierarchical_memory_limit 314572800
[ 1970.455401][T13413] hierarchical_memsw_limit 9223372036854771712
[ 1970.464918][T13413] total_cache 0
[ 1970.470982][T13413] total_rss 12288
[ 1970.474743][T13413] total_rss_huge 0
[ 1970.485940][T13413] total_shmem 0
[ 1970.489839][T13413] total_mapped_file 0
[ 1970.493957][T13413] total_dirty 0
[ 1970.504174][T13413] total_writeback 0
[ 1970.508480][T13413] total_workingset_refault_anon 54521
[ 1970.515450][T13413] total_workingset_refault_file 1
[ 1970.530371][T13413] total_swap 163840
[ 1970.534347][T13413] total_swapcached 4096
[ 1970.543212][T13413] total_pgpgin 180772
[ 1970.550877][T13413] total_pgpgout 180769
[ 1970.555166][T13413] total_pgfault 395769
[ 1970.562666][T13413] total_pgmajfault 50452
[ 1970.569691][T13413] total_inactive_anon 0
[ 1970.574782][T13413] total_active_anon 12288
[ 1970.585815][T13413] total_inactive_file 0
[ 1970.590571][T13413] total_active_file 0
[ 1970.594750][T13413] total_unevictable 0
[ 1970.605526][T13413] anon_cost 0
[ 1970.609281][T13413] file_cost 0
[ 1970.612738][T13413] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13413,uid=0
[ 1970.639075][T13413] Memory cgroup out of memory: Killed process 13413 (syz-executor.2) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 1970.669604][ T5099] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1970.698025][ T5099] CPU: 0 PID: 5099 Comm: syz-executor.1 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1970.708447][ T5099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1970.718551][ T5099] Call Trace:
[ 1970.721863][ T5099]  <TASK>
[ 1970.724828][ T5099]  dump_stack_lvl+0x1e7/0x2e0
[ 1970.729570][ T5099]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1970.734841][ T5099]  ? __pfx__printk+0x10/0x10
[ 1970.739485][ T5099]  ? ___ratelimit+0x4c4/0x670
[ 1970.744222][ T5099]  ? __pfx____ratelimit+0x10/0x10
[ 1970.749308][ T5099]  dump_header+0xda/0x6a0
[ 1970.753709][ T5099]  oom_kill_process+0x3a7/0x930
[ 1970.758620][ T5099]  out_of_memory+0xf67/0x1320
[ 1970.763356][ T5099]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1970.769054][ T5099]  ? __pfx___mutex_lock+0x10/0x10
[ 1970.774134][ T5099]  ? __pfx_out_of_memory+0x10/0x10
[ 1970.779313][ T5099]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1970.784912][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1970.789995][ T5099]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1970.796122][ T5099]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1970.801375][ T5099]  ? mem_cgroup_iter+0x3e9/0x560
[ 1970.806370][ T5099]  try_charge_memcg+0xda2/0x18a0
[ 1970.811387][ T5099]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1970.816820][ T5099]  ? percpu_ref_tryget+0x14/0x180
[ 1970.821926][ T5099]  charge_memcg+0xa2/0x160
[ 1970.826399][ T5099]  __mem_cgroup_charge+0x27/0x80
[ 1970.831392][ T5099]  folio_prealloc+0x52/0x170
[ 1970.836031][ T5099]  do_wp_page+0x1222/0x4c90
[ 1970.840602][ T5099]  ? __pfx_do_wp_page+0x10/0x10
[ 1970.845593][ T5099]  ? __pfx_lock_acquire+0x10/0x10
[ 1970.850676][ T5099]  ? do_raw_spin_lock+0x14e/0x370
[ 1970.855753][ T5099]  ? __pfx_validate_chain+0x10/0x10
[ 1970.861006][ T5099]  __handle_mm_fault+0x26ad/0x72d0
[ 1970.866220][ T5099]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1970.871743][ T5099]  ? mt_find+0x226/0x850
[ 1970.876031][ T5099]  ? __pfx_lock_release+0x10/0x10
[ 1970.881125][ T5099]  ? mt_find+0x62d/0x850
[ 1970.885424][ T5099]  ? mt_find+0x226/0x850
[ 1970.889735][ T5099]  ? find_vma+0x142/0x1c0
[ 1970.894106][ T5099]  ? __pfx_find_vma+0x10/0x10
[ 1970.898825][ T5099]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1970.904850][ T5099]  handle_mm_fault+0x3c1/0x8a0
[ 1970.909661][ T5099]  exc_page_fault+0x2ad/0x870
[ 1970.914398][ T5099]  asm_exc_page_fault+0x26/0x30
[ 1970.919287][ T5099] RIP: 0010:__put_user_8+0x11/0x20
[ 1970.924439][ T5099] Code: 84 00 00 00 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <48> 89 01 31 c9 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 1970.944088][ T5099] RSP: 0018:ffffc90003dffd98 EFLAGS: 00050202
[ 1970.950205][ T5099] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000555556d69da8
[ 1970.958213][ T5099] RDX: 0000000000000000 RSI: ffffffff8baac7e0 RDI: ffffffff8bfe6de0
[ 1970.966219][ T5099] RBP: ffffc90003dffec8 R08: ffffffff8f856baf R09: 1ffffffff1f0ad75
[ 1970.974229][ T5099] R10: dffffc0000000000 R11: fffffbfff1f0ad76 R12: ffffc90003dffe50
[ 1970.982327][ T5099] R13: ffffc90003dfffd8 R14: dffffc0000000000 R15: ffff888021c59538
[ 1970.990367][ T5099]  __rseq_handle_notify_resume+0x651/0x1490
[ 1970.996347][ T5099]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 1971.002739][ T5099]  ? syscall_exit_to_user_mode+0xa2/0x360
[ 1971.008520][ T5099]  syscall_exit_to_user_mode+0x113/0x360
[ 1971.014217][ T5099]  do_syscall_64+0x108/0x240
[ 1971.018872][ T5099]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1971.024820][ T5099] RIP: 0033:0x7fa936c7add3
[ 1971.029275][ T5099] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
[ 1971.048927][ T5099] RSP: 002b:00007fff55d509e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1971.057390][ T5099] RAX: 00000000000038a5 RBX: 0000000000000000 RCX: 00007fa936c7add3
[ 1971.065416][ T5099] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1971.073437][ T5099] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1971.081451][ T5099] R10: 0000555556d69750 R11: 0000000000000246 R12: 0000000000000000
[ 1971.089479][ T5099] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 1971.097523][ T5099]  </TASK>
[ 1971.150814][ T5099] memory: usage 307180kB, limit 307200kB, failcnt 16634
[ 1971.161900][ T5099] memory+swap: usage 307320kB, limit 9007199254740988kB, failcnt 0
[ 1971.182116][ T5099] kmem: usage 307152kB, limit 9007199254740988kB, failcnt 0
[ 1971.202520][ T5099] Memory cgroup stats for /syz1:
[ 1971.202677][ T5099] cache 0
[ 1971.213906][ T5099] rss 0
[ 1971.216720][ T5099] rss_huge 0
[ 1971.227046][ T5099] shmem 0
[ 1971.230032][ T5099] mapped_file 0
[ 1971.236319][ T5099] dirty 0
00:48:37 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1971.339496][ T5099] writeback 0
[ 1971.342843][ T5099] workingset_refault_anon 6304
[ 1971.366756][ T5099] workingset_refault_file 1
[ 1971.372853][ T5099] swap 143360
[ 1971.376182][ T5099] swapcached 4096
[ 1971.427051][ T5099] pgpgin 132238
[ 1971.430577][ T5099] pgpgout 132237
[ 1971.434154][ T5099] pgfault 343518
[ 1971.457740][ T5099] pgmajfault 5912
[ 1971.462460][ T5099] inactive_anon 0
[ 1971.466132][ T5099] active_anon 4096
[ 1971.475981][ T5099] inactive_file 0
[ 1971.486735][ T5099] active_file 0
[ 1971.491667][ T5099] unevictable 0
[ 1971.498912][ T5099] hierarchical_memory_limit 314572800
[ 1971.504325][ T5099] hierarchical_memsw_limit 9223372036854771712
[ 1971.524062][ T5099] total_cache 0
[ 1971.541175][ T5099] total_rss 0
[ 1971.553615][ T5099] total_rss_huge 0
[ 1971.564214][ T5099] total_shmem 0
[ 1971.578220][ T5099] total_mapped_file 0
[ 1971.582261][ T5099] total_dirty 0
[ 1971.585746][ T5099] total_writeback 0
[ 1971.595098][ T5099] total_workingset_refault_anon 6304
[ 1971.602331][ T5099] total_workingset_refault_file 1
[ 1971.611708][ T5099] total_swap 143360
[ 1971.615559][ T5099] total_swapcached 4096
[ 1971.620676][ T5099] total_pgpgin 132238
[ 1971.624692][ T5099] total_pgpgout 132237
[ 1971.642519][ T5099] total_pgfault 343518
[ 1971.651675][ T5099] total_pgmajfault 5912
[ 1971.656810][ T5099] total_inactive_anon 0
[ 1971.661732][ T5099] total_active_anon 4096
[ 1971.668874][ T5099] total_inactive_file 0
[ 1971.675712][ T5099] total_active_file 0
[ 1971.690368][ T5099] total_unevictable 0
[ 1971.709003][ T5099] anon_cost 0
[ 1971.712353][ T5099] file_cost 0
[ 1971.715661][ T5099] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=5099,uid=0
[ 1971.742644][T13237] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1971.761450][T13237] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1971.766744][ T5099] Memory cgroup out of memory: Killed process 5099 (syz-executor.1) total-vm:50536kB, anon-rss:376kB, file-rss:9088kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:0
[ 1971.788122][T13237] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
00:48:38 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1971.812143][T13237] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1971.831676][T13237] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[ 1971.878267][T13237] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1972.495635][ T5110] syz-executor.2 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1972.511216][ T5110] CPU: 0 PID: 5110 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1972.521621][ T5110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1972.531719][ T5110] Call Trace:
[ 1972.535033][ T5110]  <TASK>
[ 1972.537991][ T5110]  dump_stack_lvl+0x1e7/0x2e0
[ 1972.542689][ T5110]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1972.547921][ T5110]  ? __pfx__printk+0x10/0x10
[ 1972.552521][ T5110]  ? ___ratelimit+0x4c4/0x670
[ 1972.557221][ T5110]  ? __pfx____ratelimit+0x10/0x10
[ 1972.562277][ T5110]  dump_header+0xda/0x6a0
[ 1972.566621][ T5110]  oom_kill_process+0x3a7/0x930
[ 1972.571485][ T5110]  out_of_memory+0xf67/0x1320
[ 1972.576178][ T5110]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1972.581850][ T5110]  ? __pfx___mutex_lock+0x10/0x10
[ 1972.586900][ T5110]  ? __pfx_out_of_memory+0x10/0x10
[ 1972.592068][ T5110]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1972.597630][ T5110]  ? __pfx_lock_release+0x10/0x10
[ 1972.602663][ T5110]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1972.608740][ T5110]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1972.613944][ T5110]  ? mem_cgroup_iter+0x3e9/0x560
[ 1972.618894][ T5110]  try_charge_memcg+0xda2/0x18a0
[ 1972.623833][ T5110]  ? mark_lock+0x9a/0x350
[ 1972.628181][ T5110]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1972.633574][ T5110]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1972.639739][ T5110]  charge_memcg+0xa2/0x160
[ 1972.644169][ T5110]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1972.650240][ T5110]  __read_swap_cache_async+0x480/0x8b0
[ 1972.655709][ T5110]  ? mark_lock+0x9a/0x350
[ 1972.660047][ T5110]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1972.666034][ T5110]  ? blk_start_plug+0x6f/0x1b0
[ 1972.670809][ T5110]  swap_cluster_readahead+0x398/0x810
[ 1972.676223][ T5110]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1972.682133][ T5110]  ? __pfx_lock_release+0x10/0x10
[ 1972.687243][ T5110]  ? xas_descend+0x37e/0x470
[ 1972.691883][ T5110]  swapin_readahead+0x1ea/0x1070
[ 1972.696833][ T5110]  ? filemap_get_entry+0x127/0x4e0
[ 1972.701966][ T5110]  ? __pfx_swapin_readahead+0x10/0x10
[ 1972.707359][ T5110]  ? __filemap_get_folio+0x935/0xbc0
[ 1972.712659][ T5110]  ? swap_cache_get_folio+0x9f/0x570
[ 1972.717956][ T5110]  do_swap_page+0x791/0x3f40
[ 1972.722554][ T5110]  ? rcu_is_watching+0x15/0xb0
[ 1972.727339][ T5110]  ? do_swap_page+0x154/0x3f40
[ 1972.732110][ T5110]  ? __pfx_do_swap_page+0x10/0x10
[ 1972.737147][ T5110]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1972.742634][ T5110]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1972.748546][ T5110]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1972.754572][ T5110]  __handle_mm_fault+0x15e8/0x72d0
[ 1972.759718][ T5110]  ? reacquire_held_locks+0x3eb/0x690
[ 1972.765096][ T5110]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1972.770572][ T5110]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 1972.776308][ T5110]  ? mtree_range_walk+0x6fd/0x8e0
[ 1972.781342][ T5110]  ? lock_vma_under_rcu+0x18a/0x730
[ 1972.786543][ T5110]  ? __pfx_lock_release+0x10/0x10
[ 1972.791591][ T5110]  ? lock_vma_under_rcu+0x2f9/0x730
[ 1972.796853][ T5110]  ? lock_vma_under_rcu+0x18a/0x730
[ 1972.802074][ T5110]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 1972.807646][ T5110]  handle_mm_fault+0x3c1/0x8a0
[ 1972.812429][ T5110]  exc_page_fault+0x456/0x870
[ 1972.817124][ T5110]  asm_exc_page_fault+0x26/0x30
[ 1972.821978][ T5110] RIP: 0033:0x7fc73607a780
[ 1972.826395][ T5110] Code: ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 <80> 3d 71 57 10 00 00 49 89 ca 74 14 b8 3d 00 00 00 0f 05 48 3d 00
[ 1972.846018][ T5110] RSP: 002b:00007ffeef0084e8 EFLAGS: 00010246
[ 1972.852108][ T5110] RAX: 000000000000022c RBX: 00000000000035ca RCX: 0000000000000000
[ 1972.860102][ T5110] RDX: 0000000040000001 RSI: 00007ffeef00854c RDI: 00000000ffffffff
[ 1972.868091][ T5110] RBP: 00007ffeef00854c R08: 0000000000000010 R09: 00007ffeef05f0b0
[ 1972.876078][ T5110] R10: 00007ffeef05f080 R11: 000000000005e008 R12: 0000000000000032
[ 1972.884059][ T5110] R13: 00000000001e1698 R14: 00000000001e1698 R15: 0000000000000000
[ 1972.892256][ T5110]  </TASK>
[ 1972.901825][ T5110] memory: usage 307200kB, limit 307200kB, failcnt 86476
[ 1972.908987][ T5110] memory+swap: usage 307372kB, limit 9007199254740988kB, failcnt 0
[ 1972.917109][ T5110] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 1972.924528][ T5110] Memory cgroup stats for /syz2:
[ 1972.924689][ T5110] cache 0
[ 1972.932834][ T5110] rss 4096
[ 1972.935977][ T5110] rss_huge 0
[ 1972.939550][ T5110] shmem 0
[ 1972.942623][ T5110] mapped_file 0
[ 1972.946204][ T5110] dirty 0
[ 1972.949345][ T5110] writeback 0
[ 1972.952734][ T5110] workingset_refault_anon 54716
[ 1972.958929][ T5110] workingset_refault_file 1
[ 1972.967414][ T5110] swap 172032
[ 1972.973832][ T5110] swapcached 0
[ 1972.977698][ T5110] pgpgin 180992
[ 1972.981364][ T5110] pgpgout 180991
[ 1972.984930][ T5110] pgfault 396087
[ 1972.991229][ T5110] pgmajfault 50636
[ 1972.995002][ T5110] inactive_anon 4096
[ 1973.000467][ T5110] active_anon 0
[ 1973.003972][ T5110] inactive_file 0
[ 1973.008296][ T5110] active_file 0
[ 1973.011795][ T5110] unevictable 0
[ 1973.015348][ T5110] hierarchical_memory_limit 314572800
[ 1973.021434][ T5110] hierarchical_memsw_limit 9223372036854771712
[ 1973.028102][ T5110] total_cache 0
[ 1973.031602][ T5110] total_rss 4096
[ 1973.035187][ T5110] total_rss_huge 0
[ 1973.039906][ T5110] total_shmem 0
[ 1973.043412][ T5110] total_mapped_file 0
[ 1973.048137][ T5110] total_dirty 0
[ 1973.051637][ T5110] total_writeback 0
[ 1973.055473][ T5110] total_workingset_refault_anon 54716
[ 1973.061638][ T5110] total_workingset_refault_file 1
[ 1973.066725][ T5110] total_swap 172032
[ 1973.076332][ T5110] total_swapcached 0
[ 1973.082661][ T5110] total_pgpgin 180992
[ 1973.086783][ T5110] total_pgpgout 180991
[ 1973.099606][ T5110] total_pgfault 396087
[ 1973.104075][ T5110] total_pgmajfault 50636
[ 1973.109150][ T5110] total_inactive_anon 4096
[ 1973.113776][ T5110] total_active_anon 0
[ 1973.118504][ T5110] total_inactive_file 0
[ 1973.122791][ T5110] total_active_file 0
[ 1973.126883][ T5110] total_unevictable 0
[ 1973.131589][ T5110] anon_cost 0
[ 1973.134995][ T5110] file_cost 0
[ 1973.138871][ T5110] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13425,uid=0
[ 1973.155217][ T5110] Memory cgroup out of memory: Killed process 13425 (syz-executor.2) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:48:39 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1973.853703][T13427] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1973.894498][T13427] CPU: 1 PID: 13427 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1973.904988][T13427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1973.915049][T13427] Call Trace:
[ 1973.918343][T13427]  <TASK>
[ 1973.921328][T13427]  dump_stack_lvl+0x1e7/0x2e0
[ 1973.926075][T13427]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1973.931336][T13427]  ? __pfx__printk+0x10/0x10
[ 1973.935979][T13427]  ? ___ratelimit+0x4c4/0x670
[ 1973.940715][T13427]  ? __pfx____ratelimit+0x10/0x10
[ 1973.945799][T13427]  dump_header+0xda/0x6a0
[ 1973.950183][T13427]  oom_kill_process+0x3a7/0x930
[ 1973.955101][T13427]  out_of_memory+0xf67/0x1320
[ 1973.959837][T13427]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1973.965525][T13427]  ? __pfx___mutex_lock+0x10/0x10
[ 1973.970609][T13427]  ? __pfx_out_of_memory+0x10/0x10
[ 1973.975812][T13427]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1973.981437][T13427]  ? __pfx_lock_release+0x10/0x10
[ 1973.986528][T13427]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1973.992658][T13427]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1973.997910][T13427]  ? mem_cgroup_iter+0x3e9/0x560
[ 1974.002885][T13427]  try_charge_memcg+0xda2/0x18a0
[ 1974.007863][T13427]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1974.013249][T13427]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1974.018978][T13427]  ? __pfx_lock_release+0x10/0x10
[ 1974.024042][T13427]  ? memcg_account_kmem+0x1e7/0x210
[ 1974.029267][T13427]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1974.035090][T13427]  __memcg_kmem_charge_page+0xe1/0x250
[ 1974.040576][T13427]  memcg_charge_kernel_stack+0x196/0x550
[ 1974.046230][T13427]  dup_task_struct+0x40d/0x7d0
[ 1974.051007][T13427]  copy_process+0x5d5/0x3fc0
[ 1974.055619][T13427]  ? __might_fault+0xa9/0x120
[ 1974.060317][T13427]  ? __pfx_lock_release+0x10/0x10
[ 1974.065366][T13427]  ? __pfx_copy_process+0x10/0x10
[ 1974.070401][T13427]  ? __might_fault+0xc5/0x120
[ 1974.075095][T13427]  ? __asan_memset+0x23/0x50
[ 1974.079703][T13427]  kernel_clone+0x21d/0x8d0
[ 1974.084225][T13427]  ? __pfx_kernel_clone+0x10/0x10
[ 1974.089279][T13427]  __se_sys_clone3+0x2cb/0x350
[ 1974.094058][T13427]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1974.099356][T13427]  ? rcu_is_watching+0x15/0xb0
[ 1974.104197][T13427]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1974.110208][T13427]  ? exc_page_fault+0x587/0x870
[ 1974.115082][T13427]  ? do_syscall_64+0xb4/0x240
[ 1974.119779][T13427]  do_syscall_64+0xf9/0x240
[ 1974.124312][T13427]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1974.130232][T13427] RIP: 0033:0x7fc7360a9b99
[ 1974.134661][T13427] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1974.154281][T13427] RSP: 002b:00007ffeef0080a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1974.162803][T13427] RAX: ffffffffffffffda RBX: 00007fc736052270 RCX: 00007fc7360a9b99
[ 1974.170784][T13427] RDX: 00007fc736052270 RSI: 0000000000000058 RDI: 00007ffeef0080f0
[ 1974.178784][T13427] RBP: 00007fc736ec76c0 R08: 00007fc736ec76c0 R09: 00007ffeef0081d7
[ 1974.186764][T13427] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1974.194751][T13427] R13: 000000000000000b R14: 00007ffeef0080f0 R15: 00007ffeef0081d8
[ 1974.202750][T13427]  </TASK>
[ 1974.293475][ T5108] Bluetooth: hci6: command 0x0409 tx timeout
[ 1974.368579][T13427] memory: usage 307200kB, limit 307200kB, failcnt 86996
[ 1974.375605][T13427] memory+swap: usage 307408kB, limit 9007199254740988kB, failcnt 0
[ 1974.383869][T13427] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1974.391300][T13427] Memory cgroup stats for /syz2:
[ 1974.391461][T13427] cache 0
[ 1974.399421][T13427] rss 4096
[ 1974.402469][T13427] rss_huge 0
[ 1974.405702][T13427] shmem 0
[ 1974.408755][T13427] mapped_file 0
[ 1974.412235][T13427] dirty 0
[ 1974.415197][T13427] writeback 0
[ 1974.418597][T13427] workingset_refault_anon 54842
[ 1974.423484][T13427] workingset_refault_file 1
[ 1974.432883][T13427] swap 212992
[ 1974.436244][T13427] swapcached 4096
[ 1974.440721][T13427] pgpgin 181150
[ 1974.444219][T13427] pgpgout 181149
[ 1974.448761][T13427] pgfault 396330
[ 1974.452351][T13427] pgmajfault 50774
[ 1974.456104][T13427] inactive_anon 0
[ 1974.472863][T13427] active_anon 4096
[ 1974.476843][T13427] inactive_file 0
[ 1974.481332][T13427] active_file 0
[ 1974.484837][T13427] unevictable 0
[ 1974.488639][T13427] hierarchical_memory_limit 314572800
[ 1974.494040][T13427] hierarchical_memsw_limit 9223372036854771712
[ 1974.501660][T13427] total_cache 0
[ 1974.505404][T13427] total_rss 4096
[ 1974.509228][T13427] total_rss_huge 0
[ 1974.513084][T13427] total_shmem 0
[ 1974.516669][T13427] total_mapped_file 0
00:48:40 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1974.521145][T13427] total_dirty 0
[ 1974.524758][T13427] total_writeback 0
[ 1974.528805][T13427] total_workingset_refault_anon 54842
[ 1974.556164][T13427] total_workingset_refault_file 1
[ 1974.561431][T13427] total_swap 212992
[ 1974.565270][T13427] total_swapcached 4096
[ 1974.574817][T13427] total_pgpgin 181150
[ 1974.578973][T13427] total_pgpgout 181149
[ 1974.583073][T13427] total_pgfault 396330
[ 1974.594101][T13427] total_pgmajfault 50774
[ 1974.598750][T13427] total_inactive_anon 0
[ 1974.602938][T13427] total_active_anon 4096
[ 1974.612982][T13427] total_inactive_file 0
[ 1974.619063][T13427] total_active_file 0
[ 1974.623084][T13427] total_unevictable 0
[ 1974.636197][T13427] anon_cost 0
[ 1974.639787][T13427] file_cost 0
[ 1974.643120][T13427] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13427,uid=0
[ 1974.664599][T13427] Memory cgroup out of memory: Killed process 13427 (syz-executor.2) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:48:41 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1975.050091][T13430] syz-executor.2 invoked oom-killer: gfp_mask=0x440dc0(GFP_KERNEL_ACCOUNT|__GFP_COMP|__GFP_ZERO), order=0, oom_score_adj=1000
[ 1975.077537][T13430] CPU: 0 PID: 13430 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1975.088022][T13430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1975.098139][T13430] Call Trace:
[ 1975.101458][T13430]  <TASK>
[ 1975.104424][T13430]  dump_stack_lvl+0x1e7/0x2e0
[ 1975.109166][T13430]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1975.114437][T13430]  ? __pfx__printk+0x10/0x10
[ 1975.119082][T13430]  ? ___ratelimit+0x4c4/0x670
[ 1975.123813][T13430]  ? __pfx____ratelimit+0x10/0x10
[ 1975.128907][T13430]  dump_header+0xda/0x6a0
[ 1975.133301][T13430]  oom_kill_process+0x3a7/0x930
[ 1975.138213][T13430]  out_of_memory+0xf67/0x1320
[ 1975.142946][T13430]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1975.148687][T13430]  ? __pfx___mutex_lock+0x10/0x10
[ 1975.153775][T13430]  ? __pfx_out_of_memory+0x10/0x10
[ 1975.158950][T13430]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1975.164554][T13430]  ? __pfx_lock_release+0x10/0x10
[ 1975.169660][T13430]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1975.175756][T13430]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1975.180974][T13430]  ? mem_cgroup_iter+0x3e9/0x560
[ 1975.185934][T13430]  try_charge_memcg+0xda2/0x18a0
[ 1975.190911][T13430]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1975.196299][T13430]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1975.202035][T13430]  ? __pfx_lock_release+0x10/0x10
[ 1975.207107][T13430]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1975.212840][T13430]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1975.218663][T13430]  __memcg_kmem_charge_page+0xe1/0x250
[ 1975.224161][T13430]  __alloc_pages+0x28b/0x680
[ 1975.228775][T13430]  ? __pfx___alloc_pages+0x10/0x10
[ 1975.233910][T13430]  ? policy_nodemask+0x1ec/0x720
[ 1975.238866][T13430]  ? __pfx_lock_acquire+0x10/0x10
[ 1975.243914][T13430]  alloc_pages_mpol+0x3de/0x650
[ 1975.248789][T13430]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1975.254182][T13430]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1975.259405][T13430]  ? alloc_pages+0xee/0x170
[ 1975.263928][T13430]  __pmd_alloc+0x91/0x630
[ 1975.268276][T13430]  ? __pfx___pmd_alloc+0x10/0x10
[ 1975.273235][T13430]  __handle_mm_fault+0xd57/0x72d0
[ 1975.278301][T13430]  ? reacquire_held_locks+0x3eb/0x690
[ 1975.283689][T13430]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1975.289175][T13430]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 1975.294921][T13430]  ? mtree_range_walk+0x6fd/0x8e0
[ 1975.299960][T13430]  ? lock_vma_under_rcu+0x18a/0x730
[ 1975.305169][T13430]  ? __pfx_lock_release+0x10/0x10
[ 1975.310227][T13430]  ? lock_vma_under_rcu+0x2f9/0x730
[ 1975.315455][T13430]  ? lock_vma_under_rcu+0x18a/0x730
[ 1975.320668][T13430]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 1975.326233][T13430]  handle_mm_fault+0x3c1/0x8a0
[ 1975.331022][T13430]  exc_page_fault+0x456/0x870
[ 1975.335726][T13430]  asm_exc_page_fault+0x26/0x30
[ 1975.340588][T13430] RIP: 0033:0x7fc736028266
[ 1975.345016][T13430] Code: 1f 44 00 00 48 8b 0d 91 d4 ca 00 4c 63 05 7a d4 ca 00 48 8b 05 7b d4 ca 00 49 01 c8 48 39 c8 72 13 4c 39 c0 73 0e 48 8d 50 04 <89> 38 48 89 15 61 d4 ca 00 c3 52 48 8d 35 c3 0e 0a 00 48 89 c2 48
[ 1975.364645][T13430] RSP: 002b:00007ffeef0082b8 EFLAGS: 00010287
[ 1975.370740][T13430] RAX: 0000001b32020000 RBX: 0000000000000003 RCX: 0000001b32020000
[ 1975.378721][T13430] RDX: 0000001b32020004 RSI: 0000000000000000 RDI: 0000000000000000
[ 1975.386703][T13430] RBP: 0000000000000001 R08: 0000001b32420000 R09: 0000000000040000
[ 1975.394705][T13430] R10: 0000000000000011 R11: 0000000000000293 R12: 0000000000000000
[ 1975.402690][T13430] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 1975.410694][T13430]  </TASK>
[ 1975.455917][T13430] memory: usage 307200kB, limit 307200kB, failcnt 87350
[ 1975.465353][T13430] memory+swap: usage 307360kB, limit 9007199254740988kB, failcnt 0
[ 1975.478175][T13430] kmem: usage 307168kB, limit 9007199254740988kB, failcnt 0
[ 1975.498026][T13430] Memory cgroup stats for /syz2:
[ 1975.498179][T13430] cache 0
[ 1975.522024][T13430] rss 12288
[ 1975.535817][T13430] rss_huge 0
[ 1975.549287][T13430] shmem 0
[ 1975.555296][T13430] mapped_file 0
[ 1975.583965][T13430] dirty 0
[ 1975.593800][T13430] writeback 0
[ 1975.602871][T13430] workingset_refault_anon 54971
[ 1975.608763][T13430] workingset_refault_file 1
[ 1975.613469][T13430] swap 163840
[ 1975.616901][T13430] swapcached 8192
[ 1975.621461][T13430] pgpgin 181299
[ 1975.625055][T13430] pgpgout 181296
[ 1975.629306][T13430] pgfault 396538
[ 1975.632987][T13430] pgmajfault 50893
[ 1975.636833][T13430] inactive_anon 8192
[ 1975.646673][T13430] active_anon 4096
[ 1975.651120][T13430] inactive_file 0
[ 1975.654903][T13430] active_file 0
[ 1975.660590][T13430] unevictable 0
[ 1975.664199][T13430] hierarchical_memory_limit 314572800
[ 1975.670657][T13430] hierarchical_memsw_limit 9223372036854771712
[ 1975.676963][T13430] total_cache 0
[ 1975.681275][T13430] total_rss 12288
[ 1975.687925][T13430] total_rss_huge 0
[ 1975.698123][T13430] total_shmem 0
[ 1975.707188][T13430] total_mapped_file 0
[ 1975.711418][T13430] total_dirty 0
[ 1975.727570][T13430] total_writeback 0
[ 1975.731543][T13430] total_workingset_refault_anon 54971
[ 1975.747700][T13430] total_workingset_refault_file 1
[ 1975.752910][T13430] total_swap 163840
[ 1975.756849][T13430] total_swapcached 8192
[ 1975.777183][T13430] total_pgpgin 181299
[ 1975.781336][T13430] total_pgpgout 181296
[ 1975.788337][T13430] total_pgfault 396538
[ 1975.798759][T13430] total_pgmajfault 50893
[ 1975.803082][T13430] total_inactive_anon 8192
[ 1975.813093][T13430] total_active_anon 4096
[ 1975.827493][T13430] total_inactive_file 0
[ 1975.831714][T13430] total_active_file 0
[ 1975.835729][T13430] total_unevictable 0
[ 1975.853749][T13430] anon_cost 0
[ 1975.872395][T13430] file_cost 0
[ 1975.875754][T13430] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13430,uid=0
[ 1975.907177][T13430] Memory cgroup out of memory: Killed process 13430 (syz-executor.2) total-vm:54376kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:64kB oom_score_adj:1000
00:48:42 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x15000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1976.431263][ T5108] Bluetooth: hci6: command 0x041b tx timeout
[ 1976.438277][ T1239] ieee802154 phy0 wpan0: encryption failed: -22
[ 1976.451952][ T1239] ieee802154 phy1 wpan1: encryption failed: -22
[ 1977.076503][T13431] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1977.099468][T13431] CPU: 1 PID: 13431 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1977.109983][T13431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1977.120086][T13431] Call Trace:
[ 1977.123407][T13431]  <TASK>
[ 1977.126373][T13431]  dump_stack_lvl+0x1e7/0x2e0
[ 1977.131116][T13431]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1977.136373][T13431]  ? __pfx__printk+0x10/0x10
[ 1977.141012][T13431]  ? ___ratelimit+0x4c4/0x670
[ 1977.145746][T13431]  ? __pfx____ratelimit+0x10/0x10
[ 1977.150829][T13431]  dump_header+0xda/0x6a0
[ 1977.155216][T13431]  oom_kill_process+0x3a7/0x930
[ 1977.160124][T13431]  out_of_memory+0xf67/0x1320
[ 1977.164828][T13431]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1977.170563][T13431]  ? __pfx___mutex_lock+0x10/0x10
[ 1977.175602][T13431]  ? __pfx_out_of_memory+0x10/0x10
[ 1977.180737][T13431]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1977.186303][T13431]  ? __pfx_lock_release+0x10/0x10
[ 1977.191351][T13431]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1977.197446][T13431]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1977.202663][T13431]  ? mem_cgroup_iter+0x3e9/0x560
[ 1977.207621][T13431]  try_charge_memcg+0xda2/0x18a0
[ 1977.212599][T13431]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1977.217981][T13431]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1977.223709][T13431]  ? __pfx_lock_release+0x10/0x10
[ 1977.228754][T13431]  ? memcg_account_kmem+0x1e7/0x210
[ 1977.233975][T13431]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1977.239806][T13431]  __memcg_kmem_charge_page+0xe1/0x250
[ 1977.245284][T13431]  memcg_charge_kernel_stack+0x196/0x550
[ 1977.250934][T13431]  dup_task_struct+0x15d/0x7d0
[ 1977.255712][T13431]  copy_process+0x5d5/0x3fc0
[ 1977.260328][T13431]  ? __might_fault+0xa9/0x120
[ 1977.265045][T13431]  ? __pfx_lock_release+0x10/0x10
[ 1977.270098][T13431]  ? __pfx_copy_process+0x10/0x10
[ 1977.275145][T13431]  ? __might_fault+0xc5/0x120
[ 1977.279841][T13431]  ? __asan_memset+0x23/0x50
[ 1977.284450][T13431]  kernel_clone+0x21d/0x8d0
[ 1977.288967][T13431]  ? __pfx_kernel_clone+0x10/0x10
[ 1977.294029][T13431]  __se_sys_clone3+0x2cb/0x350
[ 1977.298826][T13431]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1977.304135][T13431]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1977.310143][T13431]  ? exc_page_fault+0x587/0x870
[ 1977.315015][T13431]  ? do_syscall_64+0xb4/0x240
[ 1977.319761][T13431]  do_syscall_64+0xf9/0x240
[ 1977.324292][T13431]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1977.330206][T13431] RIP: 0033:0x7fc7360a9b99
[ 1977.334630][T13431] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1977.354248][T13431] RSP: 002b:00007ffeef0080a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1977.362675][T13431] RAX: ffffffffffffffda RBX: 00007fc736052270 RCX: 00007fc7360a9b99
[ 1977.370659][T13431] RDX: 00007fc736052270 RSI: 0000000000000058 RDI: 00007ffeef0080f0
[ 1977.378639][T13431] RBP: 00007fc736ec76c0 R08: 00007fc736ec76c0 R09: 00007ffeef0081d7
[ 1977.386621][T13431] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1977.394601][T13431] R13: 000000000000000b R14: 00007ffeef0080f0 R15: 00007ffeef0081d8
[ 1977.402604][T13431]  </TASK>
[ 1977.420484][T13431] memory: usage 307200kB, limit 307200kB, failcnt 88102
[ 1977.437471][T13431] memory+swap: usage 307372kB, limit 9007199254740988kB, failcnt 0
[ 1977.445507][T13431] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1977.456287][T13431] Memory cgroup stats for /syz2:
[ 1977.456446][T13431] cache 0
[ 1977.464601][T13431] rss 12288
[ 1977.467825][T13431] rss_huge 0
[ 1977.471054][T13431] shmem 0
[ 1977.474017][T13431] mapped_file 0
[ 1977.477807][T13431] dirty 0
[ 1977.480944][T13431] writeback 0
[ 1977.484258][T13431] workingset_refault_anon 55235
[ 1977.489893][T13431] workingset_refault_file 1
[ 1977.494458][T13431] swap 163840
[ 1977.498231][T13431] swapcached 4096
[ 1977.509382][T13431] pgpgin 181620
[ 1977.512912][T13431] pgpgout 181617
[ 1977.516482][T13431] pgfault 396995
[ 1977.537802][T13431] pgmajfault 51178
[ 1977.541602][T13431] inactive_anon 12288
[ 1977.545623][T13431] active_anon 0
00:48:43 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1977.580523][T13431] inactive_file 0
[ 1977.584238][T13431] active_file 0
[ 1977.597255][T13431] unevictable 0
[ 1977.600773][T13431] hierarchical_memory_limit 314572800
[ 1977.615297][T13431] hierarchical_memsw_limit 9223372036854771712
[ 1977.623162][T13431] total_cache 0
[ 1977.637525][T13431] total_rss 12288
[ 1977.641216][T13431] total_rss_huge 0
[ 1977.644956][T13431] total_shmem 0
[ 1977.667068][T13431] total_mapped_file 0
[ 1977.671110][T13431] total_dirty 0
[ 1977.675221][T13431] total_writeback 0
[ 1977.687682][T13431] total_workingset_refault_anon 55235
[ 1977.693110][T13431] total_workingset_refault_file 1
[ 1977.708035][T13431] total_swap 163840
[ 1977.712002][T13431] total_swapcached 4096
[ 1977.716259][T13431] total_pgpgin 181620
[ 1977.743513][T13431] total_pgpgout 181617
[ 1977.759206][T13431] total_pgfault 396995
[ 1977.763334][T13431] total_pgmajfault 51178
[ 1977.768129][T13431] total_inactive_anon 12288
[ 1977.772669][T13431] total_active_anon 0
[ 1977.776673][T13431] total_inactive_file 0
[ 1977.781191][T13431] total_active_file 0
[ 1977.785201][T13431] total_unevictable 0
[ 1977.789556][T13431] anon_cost 0
[ 1977.792863][T13431] file_cost 0
[ 1977.796170][T13431] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13431,uid=0
[ 1977.816171][T13431] Memory cgroup out of memory: Killed process 13431 (syz-executor.2) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:48:44 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c040000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1978.285852][T13434] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1978.303486][T13434] CPU: 1 PID: 13434 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1978.313979][T13434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1978.324073][T13434] Call Trace:
[ 1978.327392][T13434]  <TASK>
[ 1978.330361][T13434]  dump_stack_lvl+0x1e7/0x2e0
[ 1978.335099][T13434]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1978.340363][T13434]  ? __pfx__printk+0x10/0x10
[ 1978.344997][T13434]  ? ___ratelimit+0x4c4/0x670
[ 1978.349728][T13434]  ? __pfx____ratelimit+0x10/0x10
[ 1978.354816][T13434]  dump_header+0xda/0x6a0
[ 1978.359206][T13434]  oom_kill_process+0x3a7/0x930
[ 1978.364100][T13434]  out_of_memory+0xf67/0x1320
[ 1978.368804][T13434]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1978.374448][T13434]  ? __pfx___mutex_lock+0x10/0x10
[ 1978.379485][T13434]  ? __pfx_out_of_memory+0x10/0x10
[ 1978.384616][T13434]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1978.390168][T13434]  ? __pfx_lock_release+0x10/0x10
[ 1978.395218][T13434]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1978.401301][T13434]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1978.406510][T13434]  ? mem_cgroup_iter+0x3e9/0x560
[ 1978.411500][T13434]  try_charge_memcg+0xda2/0x18a0
[ 1978.416474][T13434]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1978.421859][T13434]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 1978.427593][T13434]  ? __pfx_lock_release+0x10/0x10
[ 1978.432635][T13434]  ? memcg_account_kmem+0x1e7/0x210
[ 1978.437870][T13434]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 1978.443698][T13434]  __memcg_kmem_charge_page+0xe1/0x250
[ 1978.449181][T13434]  memcg_charge_kernel_stack+0x196/0x550
[ 1978.454831][T13434]  dup_task_struct+0x15d/0x7d0
[ 1978.459610][T13434]  copy_process+0x5d5/0x3fc0
[ 1978.464221][T13434]  ? __might_fault+0xa9/0x120
[ 1978.468913][T13434]  ? __pfx_lock_release+0x10/0x10
[ 1978.473958][T13434]  ? __pfx_copy_process+0x10/0x10
[ 1978.478988][T13434]  ? __might_fault+0xc5/0x120
[ 1978.483676][T13434]  ? __asan_memset+0x23/0x50
[ 1978.488285][T13434]  kernel_clone+0x21d/0x8d0
[ 1978.492803][T13434]  ? __pfx_kernel_clone+0x10/0x10
[ 1978.497850][T13434]  __se_sys_clone3+0x2cb/0x350
[ 1978.502628][T13434]  ? __pfx___se_sys_clone3+0x10/0x10
[ 1978.507937][T13434]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 1978.513943][T13434]  ? exc_page_fault+0x587/0x870
[ 1978.518809][T13434]  ? do_syscall_64+0xb4/0x240
[ 1978.523500][T13434]  do_syscall_64+0xf9/0x240
[ 1978.528028][T13434]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 1978.533946][T13434] RIP: 0033:0x7fc7360a9b99
[ 1978.538377][T13434] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 1978.558002][T13434] RSP: 002b:00007ffeef0080a8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 1978.566429][T13434] RAX: ffffffffffffffda RBX: 00007fc736052270 RCX: 00007fc7360a9b99
[ 1978.574412][T13434] RDX: 00007fc736052270 RSI: 0000000000000058 RDI: 00007ffeef0080f0
[ 1978.582395][T13434] RBP: 00007fc736ec76c0 R08: 00007fc736ec76c0 R09: 00007ffeef0081d7
[ 1978.590372][T13434] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 1978.598348][T13434] R13: 000000000000000b R14: 00007ffeef0080f0 R15: 00007ffeef0081d8
[ 1978.606345][T13434]  </TASK>
[ 1978.632247][ T5108] Bluetooth: hci6: command 0x040f tx timeout
[ 1978.646015][T13434] memory: usage 307200kB, limit 307200kB, failcnt 88455
[ 1978.672012][T13434] memory+swap: usage 307372kB, limit 9007199254740988kB, failcnt 0
[ 1978.684969][T13434] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 1978.702473][T13434] Memory cgroup stats for /syz2:
[ 1978.702626][T13434] cache 0
[ 1978.711044][T13434] rss 0
[ 1978.713849][T13434] rss_huge 0
[ 1978.718871][T13434] shmem 0
[ 1978.721871][T13434] mapped_file 0
[ 1978.725349][T13434] dirty 0
[ 1978.728602][T13434] writeback 0
[ 1978.732717][T13434] workingset_refault_anon 55364
[ 1978.737707][T13434] workingset_refault_file 1
[ 1978.742242][T13434] swap 217088
[ 1978.745552][T13434] swapcached 0
[ 1978.749038][T13434] pgpgin 181766
[ 1978.752522][T13434] pgpgout 181766
[ 1978.756092][T13434] pgfault 397211
[ 1978.759818][T13434] pgmajfault 51294
[ 1978.763601][T13434] inactive_anon 0
[ 1978.767348][T13434] active_anon 0
[ 1978.770827][T13434] inactive_file 0
[ 1978.774476][T13434] active_file 0
[ 1978.778061][T13434] unevictable 0
[ 1978.781545][T13434] hierarchical_memory_limit 314572800
[ 1978.786942][T13434] hierarchical_memsw_limit 9223372036854771712
[ 1978.793176][T13434] total_cache 0
[ 1978.796652][T13434] total_rss 0
[ 1978.800025][T13434] total_rss_huge 0
[ 1978.803763][T13434] total_shmem 0
[ 1978.807340][T13434] total_mapped_file 0
[ 1978.811346][T13434] total_dirty 0
[ 1978.814830][T13434] total_writeback 0
[ 1978.818772][T13434] total_workingset_refault_anon 55364
[ 1978.824161][T13434] total_workingset_refault_file 1
[ 1978.831237][T13434] total_swap 217088
[ 1978.836597][T13434] total_swapcached 0
[ 1978.840835][T13434] total_pgpgin 181766
[ 1978.844849][T13434] total_pgpgout 181766
[ 1978.849102][T13434] total_pgfault 397211
[ 1978.853203][T13434] total_pgmajfault 51294
[ 1978.857612][T13434] total_inactive_anon 0
[ 1978.861818][T13434] total_active_anon 0
[ 1978.865821][T13434] total_inactive_file 0
[ 1978.870129][T13434] total_active_file 0
[ 1978.874162][T13434] total_unevictable 0
[ 1978.878351][T13434] anon_cost 0
[ 1978.881709][T13434] file_cost 0
[ 1978.885024][T13434] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13434,uid=0
[ 1978.911029][T13434] Memory cgroup out of memory: Killed process 13434 (syz-executor.2) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
00:48:45 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1979.346959][T13435] syz-executor.2 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1979.391082][T13435] CPU: 1 PID: 13435 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 1979.401668][T13435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 1979.411780][T13435] Call Trace:
[ 1979.415102][T13435]  <TASK>
[ 1979.418068][T13435]  dump_stack_lvl+0x1e7/0x2e0
[ 1979.422805][T13435]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1979.428058][T13435]  ? __pfx__printk+0x10/0x10
[ 1979.432700][T13435]  ? ___ratelimit+0x4c4/0x670
[ 1979.437443][T13435]  ? __pfx____ratelimit+0x10/0x10
[ 1979.442522][T13435]  dump_header+0xda/0x6a0
[ 1979.446901][T13435]  oom_kill_process+0x3a7/0x930
[ 1979.451808][T13435]  out_of_memory+0xf67/0x1320
[ 1979.456544][T13435]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 1979.462229][T13435]  ? __pfx___mutex_lock+0x10/0x10
[ 1979.467301][T13435]  ? __pfx_out_of_memory+0x10/0x10
[ 1979.472476][T13435]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 1979.478069][T13435]  ? __pfx_lock_release+0x10/0x10
[ 1979.483144][T13435]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1979.489268][T13435]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 1979.494520][T13435]  ? mem_cgroup_iter+0x3e9/0x560
[ 1979.499513][T13435]  try_charge_memcg+0xda2/0x18a0
[ 1979.504501][T13435]  ? mark_lock+0x9a/0x350
[ 1979.508917][T13435]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1979.514372][T13435]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 1979.520584][T13435]  charge_memcg+0xa2/0x160
[ 1979.525060][T13435]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 1979.531179][T13435]  __read_swap_cache_async+0x480/0x8b0
[ 1979.536691][T13435]  ? mark_lock+0x9a/0x350
[ 1979.541080][T13435]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1979.547130][T13435]  swap_cluster_readahead+0x67c/0x810
[ 1979.552569][T13435]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1979.558529][T13435]  ? __pfx_lock_release+0x10/0x10
[ 1979.563617][T13435]  ? xas_descend+0x37e/0x470
[ 1979.568295][T13435]  swapin_readahead+0x1ea/0x1070
[ 1979.573291][T13435]  ? filemap_get_entry+0x127/0x4e0
[ 1979.578472][T13435]  ? __pfx_swapin_readahead+0x10/0x10
[ 1979.583911][T13435]  ? __filemap_get_folio+0x935/0xbc0
[ 1979.589257][T13435]  ? swap_cache_get_folio+0x9f/0x570
[ 1979.594598][T13435]  do_swap_page+0x791/0x3f40
[ 1979.599240][T13435]  ? rcu_is_watching+0x15/0xb0
[ 1979.604076][T13435]  ? do_swap_page+0x154/0x3f40
[ 1979.608888][T13435]  ? __pfx_do_swap_page+0x10/0x10
[ 1979.613958][T13435]  ? pte_offset_map_nolock+0x137/0x1f0
[ 1979.619468][T13435]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 1979.625336][T13435]  __handle_mm_fault+0x15e8/0x72d0
[ 1979.630524][T13435]  ? reacquire_held_locks+0x3eb/0x690
[ 1979.635939][T13435]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1979.641468][T13435]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 1979.647254][T13435]  ? mtree_range_walk+0x6fd/0x8e0
[ 1979.652326][T13435]  ? lock_vma_under_rcu+0x18a/0x730
[ 1979.657570][T13435]  ? __pfx_lock_release+0x10/0x10
[ 1979.662647][T13435]  ? lock_vma_under_rcu+0x2f9/0x730
[ 1979.667921][T13435]  ? lock_vma_under_rcu+0x18a/0x730
[ 1979.673169][T13435]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 1979.678763][T13435]  handle_mm_fault+0x3c1/0x8a0
[ 1979.683596][T13435]  exc_page_fault+0x456/0x870
[ 1979.688413][T13435]  asm_exc_page_fault+0x26/0x30
[ 1979.693355][T13435] RIP: 0033:0x7fc736046d97
[ 1979.697800][T13435] Code: 00 00 e9 8f e7 ff ff ba 01 00 00 00 e9 a9 ee ff ff 66 90 41 57 41 56 41 55 49 89 d5 41 54 55 53 48 89 fb 48 81 ec 18 05 00 00 <48> 89 74 24 08 89 4c 24 48 64 48 8b 04 25 28 00 00 00 48 89 84 24
[ 1979.717444][T13435] RSP: 002b:00007ffeef007d30 EFLAGS: 00010206
[ 1979.723557][T13435] RAX: 00007ffeef0085b0 RBX: 00007ffeef008290 RCX: 0000000000000000
[ 1979.731570][T13435] RDX: 00007ffeef008410 RSI: 00007fc7360ca415 RDI: 00007ffeef008290
[ 1979.739586][T13435] RBP: 00007ffeef008380 R08: 0000000000000000 R09: 0000000000000000
[ 1979.747589][T13435] R10: 0000000000000000 R11: 0000000000000206 R12: 00007fc7360ca415
[ 1979.755589][T13435] R13: 00007ffeef008410 R14: 0000000000000000 R15: 00007ffeef008290
[ 1979.763625][T13435]  </TASK>
[ 1979.779632][T13435] memory: usage 307200kB, limit 307200kB, failcnt 88796
[ 1979.786625][T13435] memory+swap: usage 307384kB, limit 9007199254740988kB, failcnt 0
[ 1979.794709][T13435] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 1979.802083][T13435] Memory cgroup stats for /syz2:
[ 1979.802233][T13435] cache 0
[ 1979.810214][T13435] rss 12288
[ 1979.813358][T13435] rss_huge 0
[ 1979.816590][T13435] shmem 0
[ 1979.819641][T13435] mapped_file 0
[ 1979.823132][T13435] dirty 0
[ 1979.826094][T13435] writeback 0
[ 1979.830125][T13435] workingset_refault_anon 55466
[ 1979.838627][T13435] workingset_refault_file 1
[ 1979.843218][T13435] swap 188416
[ 1979.846521][T13435] swapcached 8192
[ 1979.850579][T13435] pgpgin 181904
[ 1979.854075][T13435] pgpgout 181901
[ 1979.859165][T13435] pgfault 397420
[ 1979.862755][T13435] pgmajfault 51418
[ 1979.866504][T13435] inactive_anon 4096
[ 1979.881037][T13435] active_anon 8192
[ 1979.884818][T13435] inactive_file 0
[ 1979.894109][T13435] active_file 0
[ 1979.917101][T13435] unevictable 0
[ 1979.920636][T13435] hierarchical_memory_limit 314572800
[ 1979.926037][T13435] hierarchical_memsw_limit 9223372036854771712
[ 1979.948797][T13435] total_cache 0
[ 1979.952330][T13435] total_rss 12288
[ 1979.956003][T13435] total_rss_huge 0
[ 1979.981968][T13435] total_shmem 0
[ 1979.985501][T13435] total_mapped_file 0
[ 1979.999993][T13435] total_dirty 0
[ 1980.003516][T13435] total_writeback 0
[ 1980.013141][T13435] total_workingset_refault_anon 55466
[ 1980.028897][T13435] total_workingset_refault_file 1
[ 1980.033996][T13435] total_swap 188416
[ 1980.047082][T13435] total_swapcached 8192
[ 1980.051305][T13435] total_pgpgin 181904
[ 1980.055324][T13435] total_pgpgout 181901
[ 1980.065562][T13435] total_pgfault 397420
[ 1980.079911][T13435] total_pgmajfault 51418
[ 1980.084222][T13435] total_inactive_anon 4096
[ 1980.099364][T13435] total_active_anon 8192
[ 1980.103678][T13435] total_inactive_file 0
[ 1980.123701][T13435] total_active_file 0
[ 1980.128428][T13435] total_unevictable 0
[ 1980.132458][T13435] anon_cost 0
[ 1980.135778][T13435] file_cost 0
[ 1980.153183][T13435] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=5110,uid=0
[ 1980.177568][T13435] Memory cgroup out of memory: Killed process 5110 (syz-executor.2) total-vm:50536kB, anon-rss:456kB, file-rss:8960kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:0
00:48:46 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd00]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1980.677138][ T5108] Bluetooth: hci6: command 0x0419 tx timeout
00:48:50 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:48:54 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf00]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:48:57 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:49:00 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1200]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:49:01 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:49:03 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1400]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 1997.501007][T13237] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1997.510821][T13237] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1997.520537][T13237] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1997.530329][T13237] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1997.545904][T13237] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1997.553675][T13237] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1999.647182][ T5108] Bluetooth: hci1: command 0x0409 tx timeout
00:49:06 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1500]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 2001.721168][ T5108] Bluetooth: hci1: command 0x041b tx timeout
00:49:09 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1546]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 2003.797347][ T5108] Bluetooth: hci1: command 0x040f tx timeout
00:49:10 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x65580000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 2005.877992][ T5108] Bluetooth: hci1: command 0x0419 tx timeout
00:49:12 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1800]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 2006.489744][T13237] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 2006.502491][T13237] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 2006.515805][T13237] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 2006.538167][T13237] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 2006.546323][T13237] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 2006.557922][T13237] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 2008.597327][ T5108] Bluetooth: hci4: command 0x0409 tx timeout
00:49:15 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 2009.903876][ T5107] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 2009.919151][ T5107] CPU: 0 PID: 5107 Comm: syz-executor.3 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 2009.929553][ T5107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2009.939646][ T5107] Call Trace:
[ 2009.942960][ T5107]  <TASK>
[ 2009.945931][ T5107]  dump_stack_lvl+0x1e7/0x2e0
[ 2009.950765][ T5107]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2009.956012][ T5107]  ? __pfx__printk+0x10/0x10
[ 2009.960644][ T5107]  ? ___ratelimit+0x4c4/0x670
[ 2009.965378][ T5107]  ? __pfx____ratelimit+0x10/0x10
[ 2009.970459][ T5107]  dump_header+0xda/0x6a0
[ 2009.974849][ T5107]  oom_kill_process+0x3a7/0x930
[ 2009.979766][ T5107]  out_of_memory+0xf67/0x1320
[ 2009.984503][ T5107]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 2009.990192][ T5107]  ? __pfx___mutex_lock+0x10/0x10
[ 2009.995275][ T5107]  ? __pfx_out_of_memory+0x10/0x10
[ 2010.000461][ T5107]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 2010.006055][ T5107]  ? __pfx_lock_release+0x10/0x10
[ 2010.011137][ T5107]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 2010.017269][ T5107]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 2010.022566][ T5107]  ? mem_cgroup_iter+0x3e9/0x560
[ 2010.027578][ T5107]  try_charge_memcg+0xda2/0x18a0
[ 2010.032578][ T5107]  ? mark_lock+0x9a/0x350
[ 2010.036978][ T5107]  ? __pfx_try_charge_memcg+0x10/0x10
[ 2010.042435][ T5107]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 2010.048658][ T5107]  charge_memcg+0xa2/0x160
[ 2010.053136][ T5107]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 2010.059257][ T5107]  __read_swap_cache_async+0x480/0x8b0
[ 2010.064760][ T5107]  ? mark_lock+0x9a/0x350
[ 2010.069145][ T5107]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 2010.075192][ T5107]  swap_cluster_readahead+0x67c/0x810
[ 2010.080637][ T5107]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 2010.086600][ T5107]  ? __pfx_lock_release+0x10/0x10
[ 2010.091685][ T5107]  ? xas_descend+0x37e/0x470
[ 2010.096354][ T5107]  swapin_readahead+0x1ea/0x1070
[ 2010.101353][ T5107]  ? filemap_get_entry+0x127/0x4e0
[ 2010.106540][ T5107]  ? __pfx_swapin_readahead+0x10/0x10
[ 2010.111973][ T5107]  ? __filemap_get_folio+0x935/0xbc0
[ 2010.117327][ T5107]  ? swap_cache_get_folio+0x9f/0x570
[ 2010.122679][ T5107]  do_swap_page+0x791/0x3f40
[ 2010.127345][ T5107]  ? rcu_is_watching+0x15/0xb0
[ 2010.132214][ T5107]  ? do_swap_page+0x154/0x3f40
[ 2010.137028][ T5107]  ? __pfx_do_swap_page+0x10/0x10
[ 2010.142103][ T5107]  ? pte_offset_map_nolock+0x137/0x1f0
[ 2010.147630][ T5107]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 2010.153492][ T5107]  ? __pfx_validate_chain+0x10/0x10
[ 2010.158834][ T5107]  __handle_mm_fault+0x15e8/0x72d0
[ 2010.164041][ T5107]  ? __pfx___handle_mm_fault+0x10/0x10
[ 2010.169562][ T5107]  ? mt_find+0x226/0x850
[ 2010.173868][ T5107]  ? __pfx_lock_release+0x10/0x10
[ 2010.178959][ T5107]  ? mt_find+0x62d/0x850
[ 2010.183254][ T5107]  ? mt_find+0x226/0x850
[ 2010.187567][ T5107]  ? find_vma+0x142/0x1c0
[ 2010.191946][ T5107]  ? __pfx_find_vma+0x10/0x10
[ 2010.196665][ T5107]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 2010.202704][ T5107]  handle_mm_fault+0x3c1/0x8a0
[ 2010.207542][ T5107]  exc_page_fault+0x2ad/0x870
[ 2010.212274][ T5107]  asm_exc_page_fault+0x26/0x30
[ 2010.217162][ T5107] RIP: 0010:__get_user_8+0x11/0x20
[ 2010.222317][ T5107] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 2010.241981][ T5107] RSP: 0018:ffffc90003e2fd98 EFLAGS: 00050202
[ 2010.248120][ T5107] RAX: 00005555560b7da8 RBX: ffff88807f44b2f8 RCX: ffffc90003e2fc03
[ 2010.256133][ T5107] RDX: 0000000000000000 RSI: ffffffff8baac7e0 RDI: ffffffff8bfe6de0
[ 2010.264153][ T5107] RBP: ffffc90003e2fec8 R08: ffffffff8f856baf R09: 1ffffffff1f0ad75
[ 2010.272174][ T5107] R10: dffffc0000000000 R11: fffffbfff1f0ad76 R12: ffffc90003e2fda0
[ 2010.280189][ T5107] R13: ffffc90003e2ffd8 R14: dffffc0000000000 R15: ffff88807f449dc0
[ 2010.288237][ T5107]  __rseq_handle_notify_resume+0x158/0x1490
[ 2010.294207][ T5107]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 2010.300611][ T5107]  ? syscall_exit_to_user_mode+0xa2/0x360
[ 2010.306401][ T5107]  syscall_exit_to_user_mode+0x113/0x360
[ 2010.312093][ T5107]  do_syscall_64+0x108/0x240
[ 2010.316750][ T5107]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 2010.322713][ T5107] RIP: 0033:0x7f1eee4a91b5
[ 2010.327181][ T5107] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[ 2010.346849][ T5107] RSP: 002b:00007ffc334af800 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 2010.355320][ T5107] RAX: 0000000000000000 RBX: 0000000000003940 RCX: 00007f1eee4a91b5
[ 2010.363341][ T5107] RDX: 00007ffc334af840 RSI: 0000000000000000 RDI: 0000000000000000
[ 2010.371359][ T5107] RBP: 00007ffc334af8cc R08: 0000000000000000 R09: 00007ffc334fd0b0
[ 2010.379388][ T5107] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 2010.387413][ T5107] R13: 00000000001eaa33 R14: 00000000001eaa33 R15: 0000000000000000
[ 2010.395453][ T5107]  </TASK>
[ 2010.409397][T13237] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 2010.420866][T13237] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 2010.428352][ T5107] memory: usage 307152kB, limit 307200kB, failcnt 77601
[ 2010.435722][T13237] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 2010.439621][ T5107] memory+swap: usage 307360kB, limit 9007199254740988kB, failcnt 0
[ 2010.458587][T13237] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 2010.466588][ T5107] kmem: usage 307144kB, limit 9007199254740988kB, failcnt 0
[ 2010.466687][T13237] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[ 2010.482200][ T5107] Memory cgroup stats for /syz3:
[ 2010.482363][ T5107] cache 8192
[ 2010.490787][T13237] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 2010.517201][ T5107] rss 40960
[ 2010.520378][ T5107] rss_huge 0
[ 2010.529609][ T5107] shmem 4096
[ 2010.532871][ T5107] mapped_file 4096
[ 2010.536621][ T5107] dirty 4096
[ 2010.562844][ T5107] writeback 0
[ 2010.566380][ T5107] workingset_refault_anon 54097
[ 2010.572025][ T5107] workingset_refault_file 1
[ 2010.584782][ T5107] swap 163840
[ 2010.588826][ T5107] swapcached 45056
[ 2010.592749][ T5107] pgpgin 182959
[ 2010.596246][ T5107] pgpgout 182945
[ 2010.605991][ T5107] pgfault 413598
[ 2010.638879][ T5107] pgmajfault 51065
[ 2010.642761][ T5107] inactive_anon 49152
[ 2010.646782][ T5107] active_anon 0
[ 2010.678798][T13237] Bluetooth: hci4: command 0x041b tx timeout
[ 2010.681638][ T5107] inactive_file 4096
[ 2010.716825][ T5107] active_file 0
[ 2010.725472][ T5107] unevictable 0
[ 2010.750376][ T5107] hierarchical_memory_limit 314572800
[ 2010.755831][ T5107] hierarchical_memsw_limit 9223372036854771712
[ 2010.780047][ T5107] total_cache 8192
[ 2010.792588][ T5107] total_rss 40960
[ 2010.796295][ T5107] total_rss_huge 0
[ 2010.800158][ T5107] total_shmem 4096
[ 2010.803919][ T5107] total_mapped_file 4096
[ 2010.808455][ T5107] total_dirty 4096
[ 2010.812210][ T5107] total_writeback 0
[ 2010.816045][ T5107] total_workingset_refault_anon 54097
[ 2010.821564][ T5107] total_workingset_refault_file 1
[ 2010.826618][ T5107] total_swap 163840
[ 2010.830558][ T5107] total_swapcached 45056
[ 2010.834825][ T5107] total_pgpgin 182959
[ 2010.839047][ T5107] total_pgpgout 182945
[ 2010.843146][ T5107] total_pgfault 413598
[ 2010.847419][ T5107] total_pgmajfault 51065
[ 2010.851692][ T5107] total_inactive_anon 49152
[ 2010.856225][ T5107] total_active_anon 0
[ 2010.860469][ T5107] total_inactive_file 4096
[ 2010.864910][ T5107] total_active_file 0
[ 2010.870046][ T5107] total_unevictable 0
[ 2010.874062][ T5107] anon_cost 0
[ 2010.877589][ T5107] file_cost 0
00:49:17 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2100]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 2010.880909][ T5107] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=13466,uid=0
[ 2010.897712][ T5107] Memory cgroup out of memory: Killed process 13466 (syz-executor.3) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 2012.600282][T13237] Bluetooth: hci7: command 0x0409 tx timeout
[ 2012.757116][T13237] Bluetooth: hci4: command 0x040f tx timeout
00:49:20 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2500]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 2014.678700][T13237] Bluetooth: hci7: command 0x041b tx timeout
[ 2014.837250][T13237] Bluetooth: hci4: command 0x0419 tx timeout
[ 2016.759105][T13237] Bluetooth: hci7: command 0x040f tx timeout
00:49:23 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c04]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 2018.837252][T13237] Bluetooth: hci7: command 0x0419 tx timeout
00:49:26 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4615]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:49:29 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4788]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:49:32 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4800]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:49:35 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4888]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 2029.724352][T13237] Bluetooth: hci0: command 0x0406 tx timeout
00:49:39 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c00]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

00:49:42 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 2037.801331][ T1239] ieee802154 phy0 wpan0: encryption failed: -22
[ 2037.843181][ T1239] ieee802154 phy1 wpan1: encryption failed: -22
[ 2037.882775][T13237] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[ 2037.896031][T13237] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[ 2037.910696][T13237] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[ 2037.925886][T13237] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[ 2037.947204][T13237] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[ 2037.955796][T13237] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
00:49:45 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 2040.042440][T13237] Bluetooth: hci8: command 0x0409 tx timeout
00:49:48 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6558]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 2042.117623][T13237] Bluetooth: hci8: command 0x041b tx timeout
[ 2044.197437][T13237] Bluetooth: hci8: command 0x040f tx timeout
[ 2044.924111][ T5107] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 2044.939388][ T5107] CPU: 1 PID: 5107 Comm: syz-executor.3 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 2044.949784][ T5107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2044.959883][ T5107] Call Trace:
[ 2044.963202][ T5107]  <TASK>
[ 2044.966173][ T5107]  dump_stack_lvl+0x1e7/0x2e0
[ 2044.970918][ T5107]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2044.976171][ T5107]  ? __pfx__printk+0x10/0x10
[ 2044.980813][ T5107]  ? ___ratelimit+0x4c4/0x670
[ 2044.985542][ T5107]  ? __pfx____ratelimit+0x10/0x10
[ 2044.990627][ T5107]  dump_header+0xda/0x6a0
[ 2044.995012][ T5107]  oom_kill_process+0x3a7/0x930
[ 2044.999921][ T5107]  out_of_memory+0xf67/0x1320
[ 2045.004652][ T5107]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 2045.010335][ T5107]  ? __pfx___mutex_lock+0x10/0x10
[ 2045.015411][ T5107]  ? __pfx_out_of_memory+0x10/0x10
[ 2045.020597][ T5107]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 2045.026232][ T5107]  ? __pfx_lock_release+0x10/0x10
[ 2045.031317][ T5107]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 2045.037457][ T5107]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 2045.042687][ T5107]  ? mem_cgroup_iter+0x3e9/0x560
[ 2045.047645][ T5107]  try_charge_memcg+0xda2/0x18a0
[ 2045.052595][ T5107]  ? mark_lock+0x9a/0x350
[ 2045.056959][ T5107]  ? __pfx_try_charge_memcg+0x10/0x10
[ 2045.062381][ T5107]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 2045.068547][ T5107]  charge_memcg+0xa2/0x160
[ 2045.072988][ T5107]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 2045.079076][ T5107]  __read_swap_cache_async+0x480/0x8b0
[ 2045.084551][ T5107]  ? mark_lock+0x9a/0x350
[ 2045.088909][ T5107]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 2045.094918][ T5107]  swap_cluster_readahead+0x67c/0x810
[ 2045.100317][ T5107]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 2045.106249][ T5107]  ? __pfx_lock_release+0x10/0x10
[ 2045.111299][ T5107]  ? xas_descend+0x37e/0x470
[ 2045.115912][ T5107]  swapin_readahead+0x1ea/0x1070
[ 2045.120867][ T5107]  ? filemap_get_entry+0x127/0x4e0
[ 2045.126026][ T5107]  ? __pfx_swapin_readahead+0x10/0x10
[ 2045.131426][ T5107]  ? __filemap_get_folio+0x935/0xbc0
[ 2045.136734][ T5107]  ? swap_cache_get_folio+0x9f/0x570
[ 2045.142040][ T5107]  do_swap_page+0x791/0x3f40
[ 2045.146651][ T5107]  ? rcu_is_watching+0x15/0xb0
[ 2045.151443][ T5107]  ? do_swap_page+0x154/0x3f40
[ 2045.156223][ T5107]  ? __pfx_do_swap_page+0x10/0x10
[ 2045.161260][ T5107]  ? pte_offset_map_nolock+0x137/0x1f0
[ 2045.166735][ T5107]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 2045.172559][ T5107]  ? __pfx_validate_chain+0x10/0x10
[ 2045.177775][ T5107]  __handle_mm_fault+0x15e8/0x72d0
[ 2045.182931][ T5107]  ? __pfx___handle_mm_fault+0x10/0x10
[ 2045.188426][ T5107]  ? mt_find+0x226/0x850
[ 2045.192712][ T5107]  ? __pfx_lock_release+0x10/0x10
[ 2045.197775][ T5107]  ? mt_find+0x62d/0x850
[ 2045.202039][ T5107]  ? mt_find+0x226/0x850
[ 2045.206320][ T5107]  ? find_vma+0x142/0x1c0
[ 2045.210667][ T5107]  ? __pfx_find_vma+0x10/0x10
[ 2045.215358][ T5107]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 2045.221376][ T5107]  handle_mm_fault+0x3c1/0x8a0
[ 2045.226165][ T5107]  exc_page_fault+0x2ad/0x870
[ 2045.230868][ T5107]  asm_exc_page_fault+0x26/0x30
[ 2045.235730][ T5107] RIP: 0010:__get_user_8+0x11/0x20
[ 2045.240859][ T5107] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 2045.260478][ T5107] RSP: 0000:ffffc90003e2fd98 EFLAGS: 00050202
[ 2045.266559][ T5107] RAX: 00005555560b7da8 RBX: ffff88807f44b2f8 RCX: ffffc90003e2fc03
[ 2045.274537][ T5107] RDX: 0000000000000000 RSI: ffffffff8baac7e0 RDI: ffffffff8bfe6de0
[ 2045.282519][ T5107] RBP: ffffc90003e2fec8 R08: ffffffff8f856baf R09: 1ffffffff1f0ad75
[ 2045.290512][ T5107] R10: dffffc0000000000 R11: fffffbfff1f0ad76 R12: ffffc90003e2fda0
[ 2045.298518][ T5107] R13: ffffc90003e2ffd8 R14: dffffc0000000000 R15: ffff88807f449dc0
[ 2045.306530][ T5107]  __rseq_handle_notify_resume+0x158/0x1490
[ 2045.312464][ T5107]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 2045.318824][ T5107]  ? syscall_exit_to_user_mode+0xa2/0x360
[ 2045.324574][ T5107]  syscall_exit_to_user_mode+0x113/0x360
[ 2045.330232][ T5107]  do_syscall_64+0x108/0x240
[ 2045.334859][ T5107]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 2045.340775][ T5107] RIP: 0033:0x7f1eee4a91b5
[ 2045.345205][ T5107] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[ 2045.364864][ T5107] RSP: 002b:00007ffc334af800 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 2045.373294][ T5107] RAX: 0000000000000000 RBX: 0000000000003956 RCX: 00007f1eee4a91b5
[ 2045.381273][ T5107] RDX: 00007ffc334af840 RSI: 0000000000000000 RDI: 0000000000000000
[ 2045.389256][ T5107] RBP: 00007ffc334af8cc R08: 0000000000000000 R09: 00007ffc334fd0b0
[ 2045.397240][ T5107] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 2045.405217][ T5107] R13: 00000000001f2a63 R14: 00000000001f28a6 R15: 0000000000000002
[ 2045.413229][ T5107]  </TASK>
[ 2045.451081][ T5107] memory: usage 307200kB, limit 307200kB, failcnt 122225
[ 2045.467058][ T5107] memory+swap: usage 307368kB, limit 9007199254740988kB, failcnt 0
[ 2045.475026][ T5107] kmem: usage 307152kB, limit 9007199254740988kB, failcnt 0
[ 2045.502087][ T5107] Memory cgroup stats for /syz3:
[ 2045.502238][ T5107] cache 4096
[ 2045.517363][ T5107] rss 45056
[ 2045.520551][ T5107] rss_huge 0
[ 2045.523912][ T5107] shmem 0
[ 2045.526880][ T5107] mapped_file 0
[ 2045.531140][ T5107] dirty 0
[ 2045.534129][ T5107] writeback 0
[ 2045.541072][ T5107] workingset_refault_anon 86861
[ 2045.546003][ T5107] workingset_refault_file 1
[ 2045.551455][ T5107] swap 172032
[ 2045.554803][ T5107] swapcached 40960
[ 2045.563507][ T5107] pgpgin 216283
[ 2045.568283][ T5107] pgpgout 216271
[ 2045.572525][ T5107] pgfault 454162
[ 2045.576119][ T5107] pgmajfault 81647
[ 2045.580623][ T5107] inactive_anon 45056
[ 2045.584664][ T5107] active_anon 0
[ 2045.588765][ T5107] inactive_file 4096
[ 2045.592707][ T5107] active_file 0
[ 2045.596231][ T5107] unevictable 0
[ 2045.604891][ T5107] hierarchical_memory_limit 314572800
[ 2045.617137][ T5107] hierarchical_memsw_limit 9223372036854771712
[ 2045.624648][ T5107] total_cache 4096
[ 2045.632522][ T5107] total_rss 45056
[ 2045.636213][ T5107] total_rss_huge 0
[ 2045.640744][ T5107] total_shmem 0
[ 2045.644245][ T5107] total_mapped_file 0
[ 2045.649045][ T5107] total_dirty 0
[ 2045.652603][ T5107] total_writeback 0
[ 2045.656439][ T5107] total_workingset_refault_anon 86861
[ 2045.672838][ T5107] total_workingset_refault_file 1
[ 2045.682637][ T5107] total_swap 172032
[ 2045.686518][ T5107] total_swapcached 40960
[ 2045.692017][ T5107] total_pgpgin 216283
[ 2045.696046][ T5107] total_pgpgout 216271
[ 2045.701365][ T5107] total_pgfault 454162
[ 2045.710658][ T5107] total_pgmajfault 81647
[ 2045.715021][ T5107] total_inactive_anon 45056
[ 2045.726061][ T5107] total_active_anon 0
[ 2045.730571][ T5107] total_inactive_file 4096
[ 2045.735024][ T5107] total_active_file 0
[ 2045.740331][ T5107] total_unevictable 0
[ 2045.744431][ T5107] anon_cost 0
[ 2045.749941][ T5107] file_cost 0
00:49:52 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6800]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 2045.753280][ T5107] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=13498,uid=0
[ 2045.770347][ T5107] Memory cgroup out of memory: Killed process 13498 (syz-executor.3) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:92kB oom_score_adj:1000
[ 2046.277839][T13237] Bluetooth: hci8: command 0x0419 tx timeout
00:49:56 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x45c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c00]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x9}}}]}}]}, 0x45c}}, 0x0)

[ 2052.413794][T13502] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 2052.435765][T13502] CPU: 1 PID: 13502 Comm: syz-executor.3 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 2052.446251][T13502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2052.456346][T13502] Call Trace:
[ 2052.459664][T13502]  <TASK>
[ 2052.462625][T13502]  dump_stack_lvl+0x1e7/0x2e0
[ 2052.467366][T13502]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2052.472620][T13502]  ? __pfx__printk+0x10/0x10
[ 2052.477250][T13502]  ? ___ratelimit+0x4c4/0x670
[ 2052.481964][T13502]  ? __pfx____ratelimit+0x10/0x10
[ 2052.487056][T13502]  dump_header+0xda/0x6a0
[ 2052.491439][T13502]  oom_kill_process+0x3a7/0x930
[ 2052.496311][T13502]  out_of_memory+0xf67/0x1320
[ 2052.501007][T13502]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 2052.506656][T13502]  ? __pfx___mutex_lock+0x10/0x10
[ 2052.511691][T13502]  ? __pfx_out_of_memory+0x10/0x10
[ 2052.516819][T13502]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 2052.522377][T13502]  ? __pfx_lock_release+0x10/0x10
[ 2052.527424][T13502]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 2052.533510][T13502]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 2052.538736][T13502]  ? mem_cgroup_iter+0x3e9/0x560
[ 2052.543692][T13502]  try_charge_memcg+0xda2/0x18a0
[ 2052.548639][T13502]  ? mark_lock+0x9a/0x350
[ 2052.553000][T13502]  ? __pfx_try_charge_memcg+0x10/0x10
[ 2052.558413][T13502]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 2052.564581][T13502]  charge_memcg+0xa2/0x160
[ 2052.569024][T13502]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 2052.575102][T13502]  __read_swap_cache_async+0x480/0x8b0
[ 2052.580590][T13502]  ? mark_lock+0x9a/0x350
[ 2052.584949][T13502]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 2052.590960][T13502]  swap_cluster_readahead+0x67c/0x810
[ 2052.596355][T13502]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 2052.602262][T13502]  ? __pfx_lock_release+0x10/0x10
[ 2052.607312][T13502]  ? xas_descend+0x37e/0x470
[ 2052.611924][T13502]  swapin_readahead+0x1ea/0x1070
[ 2052.616880][T13502]  ? filemap_get_entry+0x127/0x4e0
[ 2052.622021][T13502]  ? __pfx_swapin_readahead+0x10/0x10
[ 2052.627419][T13502]  ? __filemap_get_folio+0x935/0xbc0
[ 2052.632723][T13502]  ? swap_cache_get_folio+0x9f/0x570
[ 2052.638036][T13502]  do_swap_page+0x791/0x3f40
[ 2052.642645][T13502]  ? rcu_is_watching+0x15/0xb0
[ 2052.647466][T13502]  ? do_swap_page+0x154/0x3f40
[ 2052.652241][T13502]  ? __pfx_do_swap_page+0x10/0x10
[ 2052.657274][T13502]  ? pte_offset_map_nolock+0x137/0x1f0
[ 2052.662746][T13502]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 2052.668582][T13502]  __handle_mm_fault+0x15e8/0x72d0
[ 2052.673733][T13502]  ? reacquire_held_locks+0x3eb/0x690
[ 2052.679117][T13502]  ? __pfx___handle_mm_fault+0x10/0x10
[ 2052.684598][T13502]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 2052.690343][T13502]  ? mtree_range_walk+0x6fd/0x8e0
[ 2052.695387][T13502]  ? lock_vma_under_rcu+0x18a/0x730
[ 2052.700597][T13502]  ? __pfx_lock_release+0x10/0x10
[ 2052.705634][T13502]  ? lock_vma_under_rcu+0x2f9/0x730
[ 2052.710863][T13502]  ? lock_vma_under_rcu+0x18a/0x730
[ 2052.716072][T13502]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 2052.721627][T13502]  handle_mm_fault+0x3c1/0x8a0
[ 2052.726413][T13502]  exc_page_fault+0x456/0x870
[ 2052.731115][T13502]  asm_exc_page_fault+0x26/0x30
[ 2052.735975][T13502] RIP: 0033:0x7f1eee437d35
[ 2052.740405][T13502] Code: f6 e8 af 44 ff ff e9 41 fd ff ff 31 c0 48 8d 2d 61 5c 17 00 48 89 05 4a 42 17 00 e8 f5 05 ff ff 48 8b 5c 24 20 b9 06 00 00 00 <4c> 8b 25 6c d9 c9 00 4d 01 e4 49 01 c4 48 01 d8 49 39 c4 4c 0f 42
[ 2052.760047][T13502] RSP: 002b:00007ffc334af640 EFLAGS: 00010203
[ 2052.766133][T13502] RAX: 00000000001f510b RBX: 0000000000000000 RCX: 0000000000000006
[ 2052.774116][T13502] RDX: 000000000000016b RSI: 00007ffc334af620 RDI: 7fffffffffffffff
[ 2052.782103][T13502] RBP: 00007f1eee5ad980 R08: 0000000000000010 R09: 00007ffc334fd0b0
[ 2052.790089][T13502] R10: 00007ffc334fd080 R11: 0000000000061d32 R12: 00007f1eee003600
[ 2052.798072][T13502] R13: ffffffffffffffff R14: 00007f1eee000000 R15: 00000000001f47d3
[ 2052.806073][T13502]  </TASK>
[ 2052.823090][T13502] memory: usage 307200kB, limit 307200kB, failcnt 131694
[ 2052.847684][T13502] memory+swap: usage 307408kB, limit 9007199254740988kB, failcnt 0
[ 2052.862217][T13502] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[ 2052.875768][T13502] Memory cgroup stats for /syz3:
[ 2052.875921][T13502] cache 0
[ 2052.889823][T13502] rss 4096
[ 2052.892960][T13502] rss_huge 0
[ 2052.896196][T13502] shmem 0
[ 2052.900019][T13502] mapped_file 0
[ 2052.903573][T13502] dirty 0
[ 2052.906534][T13502] writeback 0
[ 2052.910677][T13502] workingset_refault_anon 93626
[ 2052.915574][T13502] workingset_refault_file 1
[ 2052.920820][T13502] swap 217088
[ 2052.924140][T13502] swapcached 0
[ 2052.931590][T13502] pgpgin 223100
[ 2052.935123][T13502] pgpgout 223099
[ 2052.939443][T13502] pgfault 462568
[ 2052.948329][T13502] pgmajfault 87966
[ 2052.952177][T13502] inactive_anon 0
[ 2052.955841][T13502] active_anon 4096
[ 2052.960295][T13502] inactive_file 0
[ 2052.963968][T13502] active_file 0
[ 2052.968080][T13502] unevictable 0
[ 2052.972587][T13502] hierarchical_memory_limit 314572800
[ 2052.988272][T13502] hierarchical_memsw_limit 9223372036854771712
[ 2052.994974][T13502] total_cache 0
[ 2053.005626][T13502] total_rss 4096
[ 2053.013088][T13502] total_rss_huge 0
[ 2053.016895][T13502] total_shmem 0
[ 2053.021058][T13502] total_mapped_file 0
[ 2053.025110][T13502] total_dirty 0
[ 2053.029553][T13502] total_writeback 0
[ 2053.033463][T13502] total_workingset_refault_anon 93626
[ 2053.050109][T13502] total_workingset_refault_file 1
[ 2053.057570][T13502] total_swap 217088
[ 2053.065914][T13502] total_swapcached 0
[ 2053.070756][T13502] total_pgpgin 223100
[ 2053.075748][T13502] total_pgpgout 223099
[ 2053.090251][T13502] total_pgfault 462568
[ 2053.096318][T13502] total_pgmajfault 87966
[ 2053.105064][T13502] total_inactive_anon 0
[ 2053.109851][T13502] total_active_anon 4096
[ 2053.114148][T13502] total_inactive_file 0
[ 2053.119396][T13502] total_active_file 0
[ 2053.132182][T13502] total_unevictable 0
[ 2053.136206][T13502] anon_cost 0
[ 2053.140234][T13502] file_cost 0
[ 2053.143557][T13502] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=13502,uid=0
[ 2053.200325][T13502] Memory cgroup out of memory: Killed process 13502 (syz-executor.3) total-vm:54640kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:92kB oom_score_adj:1000
[ 2053.798857][   T29] INFO: task kworker/0:6:5154 blocked for more than 143 seconds.
[ 2053.806655][   T29]       Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 2053.815888][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2053.824960][   T29] task:kworker/0:6     state:D stack:22800 pid:5154  tgid:5154  ppid:2      flags:0x00004000
[ 2053.835741][   T29] Workqueue: ipv6_addrconf addrconf_dad_work
[ 2053.845043][   T29] Call Trace:
[ 2053.848708][   T29]  <TASK>
[ 2053.851664][   T29]  __schedule+0x17d1/0x49f0
[ 2053.856211][   T29]  ? __pfx___schedule+0x10/0x10
[ 2053.861817][   T29]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 2053.868314][   T29]  ? __pfx_lock_release+0x10/0x10
[ 2053.873421][   T29]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2053.885503][   T29]  ? lockdep_hardirqs_on+0x98/0x140
[ 2053.891461][   T29]  ? schedule+0x8e/0x260
[ 2053.896594][   T29]  schedule+0x149/0x260
[ 2053.901062][   T29]  schedule_preempt_disabled+0x13/0x30
[ 2053.906574][   T29]  __mutex_lock+0x6a3/0xd70
[ 2053.911306][   T29]  ? mark_lock+0x9a/0x350
[ 2053.915683][   T29]  ? __mutex_lock+0x526/0xd70
[ 2053.920471][   T29]  ? addrconf_dad_work+0xd0/0x16f0
[ 2053.925627][   T29]  ? __pfx___mutex_lock+0x10/0x10
[ 2053.930831][   T29]  addrconf_dad_work+0xd0/0x16f0
[ 2053.935816][   T29]  ? __pfx_addrconf_dad_work+0x10/0x10
[ 2053.941422][   T29]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2053.947979][   T29]  ? process_scheduled_works+0x825/0x1420
[ 2053.953738][   T29]  process_scheduled_works+0x913/0x1420
[ 2053.959426][   T29]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2053.965459][   T29]  ? assign_work+0x364/0x3d0
[ 2053.970218][   T29]  worker_thread+0xa5f/0x1000
[ 2053.974950][   T29]  ? __pfx_worker_thread+0x10/0x10
[ 2053.983559][   T29]  kthread+0x2ef/0x390
[ 2053.987882][   T29]  ? __pfx_worker_thread+0x10/0x10
[ 2053.993057][   T29]  ? __pfx_kthread+0x10/0x10
[ 2053.998528][   T29]  ret_from_fork+0x4b/0x80
[ 2054.002993][   T29]  ? __pfx_kthread+0x10/0x10
[ 2054.007864][   T29]  ret_from_fork_asm+0x1b/0x30
[ 2054.012676][   T29]  </TASK>
[ 2054.017476][   T29] INFO: task syz-executor.0:13235 blocked for more than 143 seconds.
[ 2054.025583][   T29]       Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 2054.035732][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2054.044926][   T29] task:syz-executor.0  state:D stack:20984 pid:13235 tgid:13235 ppid:1      flags:0x00004006
[ 2054.055741][   T29] Call Trace:
[ 2054.059580][   T29]  <TASK>
[ 2054.062567][   T29]  __schedule+0x17d1/0x49f0
[ 2054.067287][   T29]  ? __pfx___schedule+0x10/0x10
[ 2054.072177][   T29]  ? __pfx_lock_release+0x10/0x10
[ 2054.077279][   T29]  ? __mutex_trylock_common+0x91/0x2e0
[ 2054.082774][   T29]  ? schedule+0x8e/0x260
[ 2054.088643][   T29]  schedule+0x149/0x260
[ 2054.092879][   T29]  schedule_preempt_disabled+0x13/0x30
[ 2054.100084][   T29]  __mutex_lock+0x6a3/0xd70
[ 2054.104636][   T29]  ? __mutex_lock+0x526/0xd70
[ 2054.110056][   T29]  ? rtnl_newlink+0xab5/0x20a0
[ 2054.114863][   T29]  ? __pfx___mutex_lock+0x10/0x10
[ 2054.121138][   T29]  ? __asan_memset+0x23/0x50
[ 2054.126231][   T29]  ? nla_strscpy+0x113/0x180
[ 2054.131197][   T29]  rtnl_newlink+0xab5/0x20a0
[ 2054.135811][   T29]  ? rtnl_newlink+0x4d1/0x20a0
[ 2054.141196][   T29]  ? rtnl_newlink+0x4d1/0x20a0
[ 2054.146032][   T29]  ? __pfx_rtnl_newlink+0x10/0x10
[ 2054.151357][   T29]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 2054.157537][   T29]  ? rcu_read_unlock+0x8c/0xa0
[ 2054.162435][   T29]  ? __pfx_rtnl_newlink+0x10/0x10
[ 2054.167657][   T29]  rtnetlink_rcv_msg+0x885/0x1040
[ 2054.172729][   T29]  ? rtnetlink_rcv_msg+0x208/0x1040
[ 2054.178055][   T29]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 2054.183562][   T29]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 2054.189830][   T29]  ? __pfx_validate_chain+0x10/0x10
[ 2054.195065][   T29]  ? __pfx_validate_chain+0x10/0x10
[ 2054.201100][   T29]  ? mark_lock+0x9a/0x350
[ 2054.205477][   T29]  ? __pfx_validate_chain+0x10/0x10
[ 2054.210801][   T29]  ? __lock_acquire+0x1345/0x1fd0
[ 2054.215874][   T29]  ? mark_lock+0x9a/0x350
[ 2054.220441][   T29]  ? __lock_acquire+0x1345/0x1fd0
[ 2054.225526][   T29]  netlink_rcv_skb+0x1e3/0x430
[ 2054.230362][   T29]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 2054.235853][   T29]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2054.242065][   T29]  ? netlink_deliver_tap+0x2e/0x1b0
[ 2054.247479][   T29]  netlink_unicast+0x7ea/0x980
[ 2054.252294][   T29]  ? __pfx_netlink_unicast+0x10/0x10
[ 2054.257923][   T29]  ? __virt_addr_valid+0x44e/0x520
[ 2054.263104][   T29]  ? __phys_addr_symbol+0x2f/0x70
[ 2054.268282][   T29]  ? __check_object_size+0x4bb/0xa00
[ 2054.273636][   T29]  ? bpf_lsm_netlink_send+0x9/0x10
[ 2054.278981][   T29]  netlink_sendmsg+0xa3b/0xd70
[ 2054.283789][   T29]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2054.289216][   T29]  ? aa_sock_msg_perm+0x91/0x160
[ 2054.294199][   T29]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 2054.299676][   T29]  ? security_socket_sendmsg+0x87/0xb0
[ 2054.306399][   T29]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2054.312199][   T29]  __sock_sendmsg+0x221/0x270
[ 2054.317208][   T29]  __sys_sendto+0x3a4/0x4f0
[ 2054.321777][   T29]  ? __pfx___sys_sendto+0x10/0x10
[ 2054.326869][   T29]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 2054.332924][   T29]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2054.339341][   T29]  __x64_sys_sendto+0xde/0x100
[ 2054.344136][   T29]  do_syscall_64+0xf9/0x240
[ 2054.349346][   T29]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 2054.355304][   T29] RIP: 0033:0x7f4a6a47fa9c
[ 2054.362119][   T29] RSP: 002b:00007fffdffed730 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[ 2054.371144][   T29] RAX: ffffffffffffffda RBX: 00007f4a6b0d4620 RCX: 00007f4a6a47fa9c
[ 2054.379565][   T29] RDX: 000000000000003c RSI: 00007f4a6b0d4670 RDI: 0000000000000003
[ 2054.388001][   T29] RBP: 0000000000000000 R08: 00007fffdffed784 R09: 000000000000000c
[ 2054.396013][   T29] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[ 2054.404911][   T29] R13: 0000000000000000 R14: 00007f4a6b0d4670 R15: 0000000000000000
[ 2054.413062][   T29]  </TASK>
[ 2054.423643][   T29] INFO: task syz-executor.4:13312 blocked for more than 143 seconds.
[ 2054.431828][   T29]       Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 2054.441695][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2054.450674][   T29] task:syz-executor.4  state:D stack:28920 pid:13312 tgid:13307 ppid:5098   flags:0x00004006
[ 2054.462921][   T29] Call Trace:
[ 2054.466242][   T29]  <TASK>
[ 2054.469369][   T29]  __schedule+0x17d1/0x49f0
[ 2054.473935][   T29]  ? __pfx___schedule+0x10/0x10
[ 2054.479094][   T29]  ? __pfx_lock_release+0x10/0x10
[ 2054.484186][   T29]  ? __mutex_trylock_common+0x91/0x2e0
[ 2054.490091][   T29]  ? schedule+0x8e/0x260
[ 2054.494370][   T29]  schedule+0x149/0x260
[ 2054.498637][   T29]  schedule_preempt_disabled+0x13/0x30
[ 2054.504140][   T29]  __mutex_lock+0x6a3/0xd70
[ 2054.509943][   T29]  ? __mutex_lock+0x526/0xd70
[ 2054.514678][   T29]  ? dev_ioctl+0x86e/0x1340
[ 2054.519274][   T29]  ? __pfx___mutex_lock+0x10/0x10
[ 2054.524336][   T29]  ? dev_load+0x21/0x1f0
[ 2054.528963][   T29]  dev_ioctl+0x86e/0x1340
[ 2054.533349][   T29]  sock_ioctl+0x7f2/0x8e0
[ 2054.539951][   T29]  ? __pfx_sock_ioctl+0x10/0x10
[ 2054.544868][   T29]  ? __fget_files+0x28/0x470
[ 2054.549659][   T29]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 2054.554761][   T29]  ? security_file_ioctl+0x87/0xb0
[ 2054.559954][   T29]  ? __pfx_sock_ioctl+0x10/0x10
[ 2054.564843][   T29]  __se_sys_ioctl+0xfc/0x170
[ 2054.569725][   T29]  do_syscall_64+0xf9/0x240
[ 2054.574268][   T29]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 2054.580277][   T29] RIP: 0033:0x7f397907dda9
[ 2054.584725][   T29] RSP: 002b:00007f3979d0b0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2054.593338][   T29] RAX: ffffffffffffffda RBX: 00007f39791ac120 RCX: 00007f397907dda9
[ 2054.601438][   T29] RDX: 0000000020000700 RSI: 00000000000089f1 RDI: 000000000000002d
[ 2054.610316][   T29] RBP: 00007f39790ca47a R08: 0000000000000000 R09: 0000000000000000
[ 2054.618390][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2054.626381][   T29] R13: 000000000000000b R14: 00007f39791ac120 R15: 00007ffc7534aa38
[ 2054.634504][   T29]  </TASK>
[ 2054.639342][   T29] 
[ 2054.639342][   T29] Showing all locks held in the system:
[ 2054.647303][   T29] 1 lock held by khungtaskd/29:
[ 2054.654284][   T29]  #0: ffffffff8e130be0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[ 2054.664520][   T29] 5 locks held by kworker/u4:10/2895:
[ 2054.670460][   T29]  #0: ffff888015ea4938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[ 2054.681754][   T29]  #1: ffffc9000acb7d20 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[ 2054.693132][   T29]  #2: ffffffff8f369750 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xf5/0xb90
[ 2054.703022][   T29]  #3: ffffffff8f375cc8 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe8/0x9d0
[ 2054.714184][   T29]  #4: ffffffff8e136578 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x3a3/0x890
[ 2054.725476][   T29] 1 lock held by dhcpcd/4735:
[ 2054.730528][   T29]  #0: ffffffff8f375cc8 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0x2ce/0x1bc0
[ 2054.740087][   T29] 2 locks held by getty/4827:
[ 2054.744782][   T29]  #0: ffff88802a7570a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 2054.754936][   T29]  #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b4/0x1e10
[ 2054.767048][   T29] 3 locks held by kworker/0:4/5152:
[ 2054.772287][   T29]  #0: ffff888014c78938 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[ 2054.783736][   T29]  #1: ffffc900046efd20 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[ 2054.794998][   T29]  #2: ffffffff8f375cc8 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20
[ 2054.806998][   T29] 3 locks held by kworker/0:6/5154:
[ 2054.812236][   T29]  #0: ffff888029d69d38 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[ 2054.824569][   T29]  #1: ffffc9000470fd20 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[ 2054.837540][   T29]  #2: ffffffff8f375cc8 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0
[ 2054.847100][   T29] 3 locks held by kworker/1:4/27570:
[ 2054.852494][   T29]  #0: ffff888029d69d38 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[ 2054.864375][   T29]  #1: ffffc900031cfd20 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[ 2054.878229][   T29]  #2: ffffffff8f375cc8 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30
[ 2054.887926][   T29] 2 locks held by kworker/0:1/29925:
[ 2054.893235][   T29]  #0: ffff888014c7a538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[ 2054.904442][   T29]  #1: ffffc90004f1fd20 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[ 2054.919004][   T29] 1 lock held by syz-executor.0/13235:
[ 2054.924503][   T29]  #0: ffffffff8f375cc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_newlink+0xab5/0x20a0
[ 2054.942671][   T29] 2 locks held by kworker/u4:5/13301:
[ 2054.948518][   T29] 1 lock held by syz-executor.4/13310:
[ 2054.954005][   T29]  #0: ffffffff8f375cc8 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x86e/0x1340
[ 2054.963302][   T29] 1 lock held by syz-executor.4/13312:
[ 2054.970309][   T29]  #0: ffffffff8f375cc8 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x86e/0x1340
[ 2054.979250][   T29] 1 lock held by syz-executor.4/13371:
[ 2054.984725][   T29]  #0: ffffffff8f375cc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x82c/0x1040
[ 2054.994437][   T29] 1 lock held by syz-executor.1/13418:
[ 2054.999996][   T29]  #0: ffffffff8f375cc8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0
[ 2055.009183][   T29] 1 lock held by syz-executor.0/13422:
[ 2055.014662][   T29]  #0: ffffffff8f375cc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x82c/0x1040
[ 2055.024931][   T29] 1 lock held by syz-executor.2/13435:
[ 2055.030686][   T29]  #0: ffffffff8f375cc8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0
[ 2055.041187][   T29] 1 lock held by syz-executor.1/13451:
[ 2055.046679][   T29]  #0: ffffffff8f375cc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x82c/0x1040
[ 2055.056536][   T29] 1 lock held by syz-executor.2/13460:
[ 2055.062160][   T29]  #0: ffffffff8f375cc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x82c/0x1040
[ 2055.071888][   T29] 1 lock held by syz-executor.4/13469:
[ 2055.079542][   T29]  #0: ffffffff8f375cc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x82c/0x1040
[ 2055.091697][   T29] 1 lock held by syz-executor.0/13492:
[ 2055.097231][   T29]  #0: ffffffff8f375cc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x82c/0x1040
[ 2055.106751][   T29] 1 lock held by syz-executor.3/13503:
[ 2055.112398][   T29]  #0: ffffffff8f375cc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x82c/0x1040
[ 2055.123303][   T29] 
[ 2055.125670][   T29] =============================================
[ 2055.125670][   T29] 
[ 2055.134459][   T29] NMI backtrace for cpu 1
[ 2055.138825][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 2055.148697][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2055.158767][   T29] Call Trace:
[ 2055.162058][   T29]  <TASK>
[ 2055.164995][   T29]  dump_stack_lvl+0x1e7/0x2e0
[ 2055.169703][   T29]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2055.174921][   T29]  ? __pfx__printk+0x10/0x10
[ 2055.179523][   T29]  ? vprintk_emit+0x607/0x720
[ 2055.184229][   T29]  ? __pfx_vprintk_emit+0x10/0x10
[ 2055.189274][   T29]  nmi_cpu_backtrace+0x49c/0x4d0
[ 2055.194419][   T29]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 2055.199893][   T29]  ? _printk+0xd5/0x120
[ 2055.204067][   T29]  ? __pfx__printk+0x10/0x10
[ 2055.208674][   T29]  ? __wake_up_klogd+0xcc/0x110
[ 2055.213546][   T29]  ? __pfx__printk+0x10/0x10
[ 2055.218153][   T29]  ? __rcu_read_unlock+0xa0/0x110
[ 2055.223198][   T29]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 2055.229211][   T29]  nmi_trigger_cpumask_backtrace+0x198/0x320
[ 2055.235233][   T29]  watchdog+0xfaf/0xff0
[ 2055.239457][   T29]  ? watchdog+0x1e9/0xff0
[ 2055.243823][   T29]  ? __pfx_watchdog+0x10/0x10
[ 2055.248523][   T29]  kthread+0x2ef/0x390
[ 2055.252609][   T29]  ? __pfx_watchdog+0x10/0x10
[ 2055.257313][   T29]  ? __pfx_kthread+0x10/0x10
[ 2055.261935][   T29]  ret_from_fork+0x4b/0x80
[ 2055.266366][   T29]  ? __pfx_kthread+0x10/0x10
[ 2055.270984][   T29]  ret_from_fork_asm+0x1b/0x30
[ 2055.275774][   T29]  </TASK>
[ 2055.280184][   T29] Sending NMI from CPU 1 to CPUs 0:
[ 2055.285452][    C0] NMI backtrace for cpu 0
[ 2055.285465][    C0] CPU: 0 PID: 34 Comm: kworker/u4:2 Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 2055.285486][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2055.285497][    C0] Workqueue: bat_events batadv_nc_worker
[ 2055.285587][    C0] RIP: 0010:check_preemption_disabled+0x7/0x120
[ 2055.285619][    C0] Code: c6 c0 6d fe 8b eb 1c 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 57 41 56 41 54 53 <48> 83 ec 10 65 48 8b 04 25 28 00 00 00 48 89 44 24 08 65 8b 1d ec
[ 2055.285636][    C0] RSP: 0018:ffffc90000aafa38 EFLAGS: 00000046
[ 2055.285650][    C0] RAX: 0000000000000000 RBX: 0000000000000246 RCX: ffffffff81713d90
[ 2055.285663][    C0] RDX: 0000000000000000 RSI: ffffffff8baac340 RDI: ffffffff8bfe6de0
[ 2055.285676][    C0] RBP: ffffc90000aafb88 R08: ffffffff8f856baf R09: 1ffffffff1f0ad75
[ 2055.285690][    C0] R10: dffffc0000000000 R11: fffffbfff1f0ad76 R12: 1ffff92000155f58
[ 2055.285704][    C0] R13: ffffffff8b33f4bb R14: ffffc90000aafb10 R15: dffffc0000000000
[ 2055.285718][    C0] FS:  0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[ 2055.285734][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2055.285746][    C0] CR2: 00005555560c0938 CR3: 000000000df32000 CR4: 00000000003506f0
[ 2055.285762][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2055.285773][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2055.285783][    C0] Call Trace:
[ 2055.285790][    C0]  <NMI>
[ 2055.285797][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[ 2055.285818][    C0]  ? __pfx_lock_acquire+0x10/0x10
[ 2055.285847][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 2055.285866][    C0]  ? nmi_handle+0x2a/0x580
[ 2055.285898][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 2055.285919][    C0]  ? nmi_handle+0x14f/0x580
[ 2055.285934][    C0]  ? nmi_handle+0x2a/0x580
[ 2055.285951][    C0]  ? check_preemption_disabled+0x7/0x120
[ 2055.285978][    C0]  ? default_do_nmi+0x63/0x160
[ 2055.285998][    C0]  ? exc_nmi+0x123/0x1f0
[ 2055.286017][    C0]  ? end_repeat_nmi+0xf/0x60
[ 2055.286036][    C0]  ? batadv_nc_worker+0xcb/0x610
[ 2055.286058][    C0]  ? lock_release+0xb0/0x9d0
[ 2055.286084][    C0]  ? check_preemption_disabled+0x7/0x120
[ 2055.286111][    C0]  ? check_preemption_disabled+0x7/0x120
[ 2055.286146][    C0]  ? check_preemption_disabled+0x7/0x120
[ 2055.286174][    C0]  </NMI>
[ 2055.286179][    C0]  <TASK>
[ 2055.286186][    C0]  lock_release+0x187/0x9d0
[ 2055.286211][    C0]  ? __pfx_lock_acquire+0x10/0x10
[ 2055.286238][    C0]  ? batadv_nc_worker+0xcb/0x610
[ 2055.286259][    C0]  ? __pfx_lock_release+0x10/0x10
[ 2055.286286][    C0]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 2055.286315][    C0]  ? batadv_nc_worker+0xcb/0x610
[ 2055.286336][    C0]  batadv_nc_worker+0x290/0x610
[ 2055.286357][    C0]  ? batadv_nc_worker+0xcb/0x610
[ 2055.286379][    C0]  ? process_scheduled_works+0x825/0x1420
[ 2055.286407][    C0]  process_scheduled_works+0x913/0x1420
[ 2055.286449][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2055.286481][    C0]  ? assign_work+0x364/0x3d0
[ 2055.286510][    C0]  worker_thread+0xa5f/0x1000
[ 2055.286548][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 2055.286575][    C0]  kthread+0x2ef/0x390
[ 2055.286593][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 2055.286618][    C0]  ? __pfx_kthread+0x10/0x10
[ 2055.286638][    C0]  ret_from_fork+0x4b/0x80
[ 2055.286662][    C0]  ? __pfx_kthread+0x10/0x10
[ 2055.286681][    C0]  ret_from_fork_asm+0x1b/0x30
[ 2055.286715][    C0]  </TASK>
[ 2055.299402][   T30] oom_reaper: reaped process 13502 (syz-executor.3), now anon-rss:12kB, file-rss:8196kB, shmem-rss:0kB
[ 2055.348889][   T29] Kernel panic - not syncing: hung_task: blocked tasks
[ 2055.348909][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted 6.8.0-rc6-syzkaller-00124-g1c61728be22c #0
[ 2055.348935][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 2055.348949][   T29] Call Trace:
[ 2055.348958][   T29]  <TASK>
[ 2055.348968][   T29]  dump_stack_lvl+0x1e7/0x2e0
[ 2055.349013][   T29]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2055.349048][   T29]  ? __pfx__printk+0x10/0x10
[ 2055.349077][   T29]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 2055.349121][   T29]  ? vscnprintf+0x5d/0x90
[ 2055.349147][   T29]  panic+0x349/0x860
[ 2055.349180][   T29]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 2055.349207][   T29]  ? __pfx_panic+0x10/0x10
[ 2055.349236][   T29]  ? tick_nohz_tick_stopped+0x7b/0xc0
[ 2055.349267][   T29]  ? __irq_work_queue_local+0x137/0x3e0
[ 2055.349324][   T29]  ? preempt_schedule_thunk+0x1a/0x30
[ 2055.349349][   T29]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 2055.349374][   T29]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[ 2055.349402][   T29]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[ 2055.349431][   T29]  watchdog+0xfee/0xff0
[ 2055.349467][   T29]  ? watchdog+0x1e9/0xff0
[ 2055.349505][   T29]  ? __pfx_watchdog+0x10/0x10
[ 2055.349536][   T29]  kthread+0x2ef/0x390
[ 2055.349561][   T29]  ? __pfx_watchdog+0x10/0x10
[ 2055.349591][   T29]  ? __pfx_kthread+0x10/0x10
[ 2055.349617][   T29]  ret_from_fork+0x4b/0x80
[ 2055.349648][   T29]  ? __pfx_kthread+0x10/0x10
[ 2055.349672][   T29]  ret_from_fork_asm+0x1b/0x30
[ 2055.349720][   T29]  </TASK>
[ 2055.350366][   T29] Kernel Offset: disabled