d allmulticast mode
[ 3179.741054][ T8771] rss 12288
[ 3179.744816][ T8764] team_slave_0: entered allmulticast mode
[ 3179.750682][ T8771] rss_huge 0
[ 3179.754326][ T8771] shmem 0
[ 3179.757774][ T8764] team_slave_1: entered allmulticast mode
[ 3179.763616][ T8771] mapped_file 0
[ 3179.767707][ T8771] dirty 0
[ 3179.770793][ T8771] writeback 0
[ 3179.776300][ T8764] team0: entered promiscuous mode
[ 3179.781445][ T8771] workingset_refault_anon 35775
[ 3179.800420][ T8764] team_slave_0: entered promiscuous mode
[ 3179.812886][ T8771] workingset_refault_file 357
[ 3179.821051][ T8771] swap 11907072
[ 3179.825323][ T8764] team_slave_1: entered promiscuous mode
[ 3179.833949][ T8771] swapcached 0
[ 3179.838803][ T8770] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
10:57:51 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000111201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3179.855101][ T8771] pgpgin 3286851
[ 3179.858944][ T8770] team0: left allmulticast mode
[ 3179.863824][ T8770] team_slave_0: left allmulticast mode
[ 3179.874697][ T8771] pgpgout 3286848
[ 3179.880653][ T8771] pgfault 3620061
[ 3179.887480][ T8771] pgmajfault 37578
[ 3179.912643][ T8770] team_slave_1: left allmulticast mode
[ 3179.920895][ T8771] inactive_anon 0
[ 3179.925437][ T8770] team0: left promiscuous mode
[ 3179.930335][ T8771] active_anon 12288
[ 3179.935118][ T8771] inactive_file 0
[ 3179.938929][ T8770] team_slave_0: left promiscuous mode
[ 3179.945276][ T8771] active_file 0
[ 3179.948944][ T8771] unevictable 0
[ 3179.952758][ T8770] team_slave_1: left promiscuous mode
[ 3179.959102][ T8771] hierarchical_memory_limit 314572800
[ 3179.965409][ T8770] bridge0: port 6(team0) entered disabled state
[ 3179.972371][ T8771] hierarchical_memsw_limit 9223372036854771712
[ 3179.983035][ T8771] total_cache 0
[ 3179.987321][ T8771] total_rss 12288
[ 3179.992349][ T8771] total_rss_huge 0
[ 3179.996985][ T8771] total_shmem 0
[ 3180.000635][ T8771] total_mapped_file 0
[ 3180.009072][ T8770] 8021q: adding VLAN 0 to HW filter on device team0
[ 3180.018836][ T8770] team0: entered promiscuous mode
[ 3180.026968][ T8771] total_dirty 0
[ 3180.030614][ T8771] total_writeback 0
[ 3180.040835][ T8770] team_slave_0: entered promiscuous mode
[ 3180.047584][ T8771] total_workingset_refault_anon 35775
[ 3180.053332][ T8770] team_slave_1: entered promiscuous mode
[ 3180.060058][ T8771] total_workingset_refault_file 357
[ 3180.066363][ T8770] team0: entered allmulticast mode
[ 3180.071676][ T8771] total_swap 11907072
[ 3180.076552][ T8770] team_slave_0: entered allmulticast mode
[ 3180.082493][ T8771] total_swapcached 0
[ 3180.091208][ T8771] total_pgpgin 3286851
[ 3180.097225][ T8770] team_slave_1: entered allmulticast mode
[ 3180.106638][ T8771] total_pgpgout 3286848
10:57:51 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="4001000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3180.110818][ T8771] total_pgfault 3620061
[ 3180.111123][ T8770] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3180.127958][ T8771] total_pgmajfault 37578
[ 3180.137569][ T8771] total_inactive_anon 0
[ 3180.141891][ T8775] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3180.152354][ T8771] total_active_anon 12288
[ 3180.189552][ T8771] total_inactive_file 0
[ 3180.205517][ T8771] total_active_file 0
[ 3180.219348][ T8771] total_unevictable 0
[ 3180.229044][ T8778] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
10:57:52 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x8100}}}]}, 0x78}}, 0x0)

[ 3180.241609][ T8771] anon_cost 0
[ 3180.250674][ T8778] team0: left allmulticast mode
[ 3180.257914][ T8771] file_cost 0
[ 3180.266196][ T8771] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=8771,uid=0
[ 3180.270828][ T8778] team_slave_0: left allmulticast mode
[ 3180.316969][ T8771] Memory cgroup out of memory: Killed process 8771 (syz-executor.1) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3180.330781][ T8778] team_slave_1: left allmulticast mode
[ 3180.356217][ T8778] team0: left promiscuous mode
[ 3180.375367][ T8778] team_slave_0: left promiscuous mode
10:57:52 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0xf1ffffff00000000}, 0x0)

[ 3180.396902][ T8778] team_slave_1: left promiscuous mode
[ 3180.416902][ T8778] bridge0: port 9(team0) entered disabled state
[ 3180.456092][ T8778] 8021q: adding VLAN 0 to HW filter on device team0
[ 3180.481848][ T8778] team0: entered promiscuous mode
[ 3180.494544][ T8778] team_slave_0: entered promiscuous mode
[ 3180.518255][ T8778] team_slave_1: entered promiscuous mode
[ 3180.543055][ T8778] team0: entered allmulticast mode
[ 3180.554291][ T8778] team_slave_0: entered allmulticast mode
[ 3180.560132][ T8778] team_slave_1: entered allmulticast mode
[ 3180.580342][ T8778] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3180.618664][ T8779] bond0: (slave team0): Releasing backup interface
[ 3180.637322][ T8779] team0: left promiscuous mode
[ 3180.645862][ T8779] team_slave_0: left promiscuous mode
[ 3180.668184][ T8779] team_slave_1: left promiscuous mode
[ 3180.689380][ T8779] team0: left allmulticast mode
[ 3180.704521][ T8779] team_slave_0: left allmulticast mode
[ 3180.711748][ T8779] team_slave_1: left allmulticast mode
[ 3180.733428][ T8779] bridge0: port 9(team0) entered blocking state
[ 3180.753074][ T8779] bridge0: port 9(team0) entered disabled state
[ 3180.779731][ T8779] team0: entered allmulticast mode
[ 3180.793266][ T8779] team_slave_0: entered allmulticast mode
[ 3180.810760][ T8779] team_slave_1: entered allmulticast mode
[ 3180.826811][ T8779] team0: entered promiscuous mode
[ 3180.838669][ T8779] team_slave_0: entered promiscuous mode
[ 3180.849455][ T8779] team_slave_1: entered promiscuous mode
10:57:52 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba809f111201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3180.879022][ T8786] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:57:52 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="c00e000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:57:52 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x8847}}}]}, 0x78}}, 0x0)

[ 3180.995171][ T8790] team0: left allmulticast mode
[ 3181.006598][ T8790] team_slave_0: left allmulticast mode
[ 3181.027408][ T8790] team_slave_1: left allmulticast mode
[ 3181.036011][ T8790] team0: left promiscuous mode
[ 3181.061024][ T8790] team_slave_0: left promiscuous mode
[ 3181.084199][ T8787] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3181.095508][ T8787] CPU: 1 PID: 8787 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3181.105867][ T8787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3181.115939][ T8787] Call Trace:
[ 3181.119235][ T8787]  <TASK>
[ 3181.119545][ T8790] team_slave_1: left promiscuous mode
[ 3181.122166][ T8787]  dump_stack_lvl+0x1e7/0x2e0
[ 3181.122202][ T8787]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3181.137431][ T8787]  ? __pfx__printk+0x10/0x10
[ 3181.142043][ T8787]  ? ___ratelimit+0x4c4/0x670
[ 3181.146751][ T8787]  ? __pfx____ratelimit+0x10/0x10
[ 3181.151796][ T8787]  dump_header+0xda/0x6a0
[ 3181.156146][ T8787]  oom_kill_process+0x3a7/0x930
[ 3181.161024][ T8787]  out_of_memory+0xf67/0x1320
[ 3181.165731][ T8787]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3181.170616][ T8790] bridge0: port 9(team0) entered disabled state
[ 3181.171367][ T8787]  ? __pfx___mutex_lock+0x10/0x10
[ 3181.171400][ T8787]  ? __pfx_out_of_memory+0x10/0x10
[ 3181.187733][ T8787]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3181.193273][ T8787]  ? __pfx_lock_release+0x10/0x10
[ 3181.198295][ T8787]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3181.204359][ T8787]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3181.209550][ T8787]  ? mem_cgroup_iter+0x422/0x560
[ 3181.214483][ T8787]  try_charge_memcg+0xda2/0x18a0
[ 3181.219430][ T8787]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3181.224800][ T8787]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3181.230512][ T8787]  ? __pfx_lock_release+0x10/0x10
[ 3181.235551][ T8787]  ? memcg_account_kmem+0x1e7/0x210
[ 3181.240790][ T8787]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3181.246603][ T8787]  __memcg_kmem_charge_page+0xe1/0x250
[ 3181.252063][ T8787]  memcg_charge_kernel_stack+0x37e/0x550
[ 3181.257702][ T8787]  dup_task_struct+0x15d/0x7d0
[ 3181.262467][ T8787]  copy_process+0x5d5/0x3fc0
[ 3181.267062][ T8787]  ? __might_fault+0xa9/0x120
[ 3181.271742][ T8787]  ? __pfx_lock_release+0x10/0x10
[ 3181.276773][ T8787]  ? __pfx_copy_process+0x10/0x10
[ 3181.281794][ T8787]  ? __might_fault+0xc5/0x120
[ 3181.286468][ T8787]  ? __asan_memset+0x23/0x50
[ 3181.291058][ T8787]  kernel_clone+0x21d/0x8d0
[ 3181.295560][ T8787]  ? __pfx_kernel_clone+0x10/0x10
[ 3181.300592][ T8787]  __se_sys_clone3+0x2cb/0x350
[ 3181.305353][ T8787]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3181.310739][ T8787]  ? do_syscall_64+0x108/0x240
[ 3181.315500][ T8787]  ? do_syscall_64+0xb4/0x240
[ 3181.320173][ T8787]  do_syscall_64+0xf9/0x240
[ 3181.324677][ T8787]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3181.330566][ T8787] RIP: 0033:0x7f49312a9b99
[ 3181.334972][ T8787] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3181.354572][ T8787] RSP: 002b:00007f49314cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3181.362995][ T8787] RAX: ffffffffffffffda RBX: 00007f4931252270 RCX: 00007f49312a9b99
[ 3181.370969][ T8787] RDX: 00007f4931252270 RSI: 0000000000000058 RDI: 00007f49314cf960
[ 3181.378949][ T8787] RBP: 00007f4931f096c0 R08: 00007f4931f096c0 R09: 00007f49314cfa47
[ 3181.386936][ T8787] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3181.394909][ T8787] R13: 000000000000000b R14: 00007f49314cf960 R15: 00007f49314cfa48
[ 3181.402897][ T8787]  </TASK>
[ 3181.454354][ T8787] memory: usage 307200kB, limit 307200kB, failcnt 89211
[ 3181.459814][ T8790] 8021q: adding VLAN 0 to HW filter on device team0
[ 3181.462619][ T8787] memory+swap: usage 318844kB, limit 9007199254740988kB, failcnt 0
[ 3181.490287][ T8790] team0: entered promiscuous mode
[ 3181.495827][ T8787] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3181.505969][ T8790] team_slave_0: entered promiscuous mode
[ 3181.511916][ T8787] Memory cgroup stats for /syz1:
[ 3181.512041][ T8787] cache 0
[ 3181.512161][ T8790] team_slave_1: entered promiscuous mode
[ 3181.523481][ T8787] rss 0
[ 3181.533398][ T8790] team0: entered allmulticast mode
[ 3181.536710][ T8787] rss_huge 0
[ 3181.550394][ T8787] shmem 0
[ 3181.556083][ T8790] team_slave_0: entered allmulticast mode
[ 3181.557494][ T8787] mapped_file 0
[ 3181.561991][ T8790] team_slave_1: entered allmulticast mode
[ 3181.575404][ T8787] dirty 0
[ 3181.579299][ T8790] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3181.582064][ T8787] writeback 0
[ 3181.592683][ T8792] validate_nla: 3 callbacks suppressed
10:57:53 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="e03f030010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3181.592697][ T8792] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3181.598957][ T8787] workingset_refault_anon 35927
[ 3181.615284][ T8793] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3181.623425][ T8787] workingset_refault_file 357
[ 3181.636818][ T8787] swap 11923456
[ 3181.643394][ T8787] swapcached 0
[ 3181.657658][ T8793] bond0: (slave team0): Releasing backup interface
[ 3181.666425][ T8787] pgpgin 3287032
[ 3181.674625][ T8787] pgpgout 3287032
[ 3181.675893][ T8793] team0: left promiscuous mode
[ 3181.681760][ T8787] pgfault 3620332
[ 3181.683064][ T8793] team_slave_0: left promiscuous mode
[ 3181.683268][ T8793] team_slave_1: left promiscuous mode
[ 3181.692799][ T8787] pgmajfault 37735
[ 3181.711269][ T8793] team0: left allmulticast mode
[ 3181.714316][ T8787] inactive_anon 0
[ 3181.721596][ T8787] active_anon 0
[ 3181.725315][ T8793] team_slave_0: left allmulticast mode
[ 3181.725336][ T8793] team_slave_1: left allmulticast mode
[ 3181.746388][ T8793] bridge0: port 9(team0) entered blocking state
[ 3181.747171][ T8787] inactive_file 0
[ 3181.756994][ T8787] active_file 0
10:57:53 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x14, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3181.757540][ T8793] bridge0: port 9(team0) entered disabled state
[ 3181.760612][ T8787] unevictable 0
[ 3181.771023][ T8787] hierarchical_memory_limit 314572800
[ 3181.776930][ T8787] hierarchical_memsw_limit 9223372036854771712
[ 3181.779124][ T8793] team0: entered allmulticast mode
[ 3181.783721][ T8787] total_cache 0
[ 3181.804726][ T8787] total_rss 0
[ 3181.817941][ T8793] team_slave_0: entered allmulticast mode
[ 3181.827073][ T8787] total_rss_huge 0
[ 3181.829413][ T8793] team_slave_1: entered allmulticast mode
[ 3181.835075][ T8787] total_shmem 0
[ 3181.842490][ T8787] total_mapped_file 0
[ 3181.848952][ T8793] team0: entered promiscuous mode
[ 3181.851612][ T8787] total_dirty 0
[ 3181.862671][ T8787] total_writeback 0
[ 3181.864414][ T8793] team_slave_0: entered promiscuous mode
[ 3181.872511][ T8787] total_workingset_refault_anon 35927
[ 3181.879868][ T8793] team_slave_1: entered promiscuous mode
[ 3181.879907][ T8787] total_workingset_refault_file 357
[ 3181.898763][ T8787] total_swap 11923456
[ 3181.903085][ T8797] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:57:53 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000121201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3181.916721][ T8787] total_swapcached 0
[ 3181.932759][ T8787] total_pgpgin 3287032
[ 3181.946914][ T8787] total_pgpgout 3287032
[ 3181.961179][ T8787] total_pgfault 3620332
[ 3181.974694][ T8787] total_pgmajfault 37735
[ 3181.979043][ T8787] total_inactive_anon 0
[ 3181.988176][ T8787] total_active_anon 0
[ 3181.992758][ T8787] total_inactive_file 0
[ 3181.995195][ T8801] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3182.008310][ T8787] total_active_file 0
[ 3182.019220][ T8806] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3182.020272][ T8787] total_unevictable 0
[ 3182.028095][ T8806] team0: left allmulticast mode
[ 3182.040265][ T8787] anon_cost 0
[ 3182.043750][ T8787] file_cost 0
[ 3182.059306][ T8787] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=8787,uid=0
10:57:53 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000001008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:57:53 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x8848}}}]}, 0x78}}, 0x0)

[ 3182.076062][ T8806] team_slave_0: left allmulticast mode
[ 3182.093851][ T8806] team_slave_1: left allmulticast mode
[ 3182.109236][ T8806] team0: left promiscuous mode
[ 3182.118016][ T8787] Memory cgroup out of memory: Killed process 8787 (syz-executor.1) total-vm:54508kB, anon-rss:376kB, file-rss:8784kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3182.144376][ T8806] team_slave_0: left promiscuous mode
[ 3182.163435][ T8806] team_slave_1: left promiscuous mode
10:57:54 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0xf8ff030000000000}, 0x0)

[ 3182.182856][ T8806] bridge0: port 9(team0) entered disabled state
[ 3182.208239][ T8806] 8021q: adding VLAN 0 to HW filter on device team0
[ 3182.223389][ T8806] team0: entered promiscuous mode
[ 3182.234329][ T8806] team_slave_0: entered promiscuous mode
[ 3182.245970][ T8806] team_slave_1: entered promiscuous mode
[ 3182.259215][ T8806] team0: entered allmulticast mode
[ 3182.272069][ T8806] team_slave_0: entered allmulticast mode
[ 3182.279567][ T8806] team_slave_1: entered allmulticast mode
[ 3182.290139][ T8806] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3182.301081][ T8807] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3182.334898][ T8807] bond0: (slave team0): Releasing backup interface
[ 3182.352080][ T8807] team0: left promiscuous mode
[ 3182.366304][ T8807] team_slave_0: left promiscuous mode
[ 3182.381636][ T8807] team_slave_1: left promiscuous mode
[ 3182.402432][ T8807] team0: left allmulticast mode
[ 3182.418887][ T8807] team_slave_0: left allmulticast mode
[ 3182.439908][ T8807] team_slave_1: left allmulticast mode
[ 3182.471870][ T8807] bridge0: port 9(team0) entered blocking state
[ 3182.488862][ T8807] bridge0: port 9(team0) entered disabled state
[ 3182.506207][ T8807] team0: entered allmulticast mode
[ 3182.521540][ T8807] team_slave_0: entered allmulticast mode
[ 3182.536520][ T8807] team_slave_1: entered allmulticast mode
[ 3182.556237][ T8807] team0: entered promiscuous mode
[ 3182.571163][ T8807] team_slave_0: entered promiscuous mode
[ 3182.575747][ T8816] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3182.587173][ T8807] team_slave_1: entered promiscuous mode
[ 3182.589459][ T8812] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3182.612287][ T8814] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3182.615376][ T8816] CPU: 1 PID: 8816 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
10:57:54 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000002008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3182.631910][ T8816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3182.641979][ T8816] Call Trace:
[ 3182.645274][ T8816]  <TASK>
[ 3182.648214][ T8816]  dump_stack_lvl+0x1e7/0x2e0
[ 3182.652919][ T8816]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3182.658140][ T8816]  ? __pfx__printk+0x10/0x10
[ 3182.662756][ T8816]  ? ___ratelimit+0x4c4/0x670
[ 3182.667465][ T8816]  ? __pfx____ratelimit+0x10/0x10
[ 3182.672502][ T8816]  dump_header+0xda/0x6a0
[ 3182.676862][ T8816]  oom_kill_process+0x3a7/0x930
[ 3182.681741][ T8816]  out_of_memory+0xf67/0x1320
10:57:54 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e0000000a008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3182.686450][ T8816]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3182.692109][ T8816]  ? __pfx___mutex_lock+0x10/0x10
[ 3182.697162][ T8816]  ? __pfx_out_of_memory+0x10/0x10
[ 3182.698711][ T8818] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3182.702286][ T8816]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3182.702314][ T8816]  ? __pfx_lock_release+0x10/0x10
[ 3182.702337][ T8816]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3182.727111][ T8816]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3182.732333][ T8816]  ? mem_cgroup_iter+0x422/0x560
10:57:54 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e02000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3182.737296][ T8816]  try_charge_memcg+0xda2/0x18a0
[ 3182.742283][ T8816]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3182.747678][ T8816]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3182.753414][ T8816]  ? __pfx_lock_release+0x10/0x10
[ 3182.758472][ T8816]  ? memcg_account_kmem+0x1e7/0x210
[ 3182.759839][ T8820] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3182.763683][ T8816]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3182.763712][ T8816]  __memcg_kmem_charge_page+0xe1/0x250
[ 3182.763741][ T8816]  memcg_charge_kernel_stack+0x37e/0x550
[ 3182.788777][ T8816]  dup_task_struct+0x40d/0x7d0
[ 3182.793568][ T8816]  copy_process+0x5d5/0x3fc0
[ 3182.798194][ T8816]  ? __might_fault+0xa9/0x120
[ 3182.802896][ T8816]  ? __pfx_lock_release+0x10/0x10
[ 3182.807951][ T8816]  ? __lock_acquire+0x1345/0x1fd0
[ 3182.813003][ T8816]  ? __pfx_copy_process+0x10/0x10
[ 3182.818048][ T8816]  ? __might_fault+0xc5/0x120
[ 3182.822753][ T8816]  ? __asan_memset+0x23/0x50
[ 3182.826319][ T8822] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3182.827350][ T8816]  kernel_clone+0x21d/0x8d0
10:57:54 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e03000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3182.827382][ T8816]  ? __pfx_kernel_clone+0x10/0x10
[ 3182.845070][ T8816]  ? __pfx_lock_release+0x10/0x10
[ 3182.850211][ T8816]  __se_sys_clone3+0x2cb/0x350
[ 3182.854997][ T8816]  ? __might_fault+0xa9/0x120
[ 3182.859700][ T8816]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3182.865006][ T8816]  ? rcu_is_watching+0x15/0xb0
[ 3182.869803][ T8816]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3182.875819][ T8816]  ? exc_page_fault+0x587/0x870
[ 3182.880693][ T8816]  ? do_syscall_64+0xb4/0x240
[ 3182.885395][ T8816]  do_syscall_64+0xf9/0x240
[ 3182.887403][ T8824] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3182.889917][ T8816]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3182.889947][ T8816] RIP: 0033:0x7f49312a9b99
[ 3182.908417][ T8816] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3182.928041][ T8816] RSP: 002b:00007f49314cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
10:57:54 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e04000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:57:54 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e05000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:57:54 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0xdd21}}}]}, 0x78}}, 0x0)

[ 3182.936479][ T8816] RAX: ffffffffffffffda RBX: 00007f4931252270 RCX: 00007f49312a9b99
[ 3182.944468][ T8816] RDX: 00007f4931252270 RSI: 0000000000000058 RDI: 00007f49314cf960
[ 3182.952454][ T8816] RBP: 00007f4931f096c0 R08: 00007f4931f096c0 R09: 00007f49314cfa47
[ 3182.960442][ T8816] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3182.968431][ T8816] R13: 000000000000000b R14: 00007f49314cf960 R15: 00007f49314cfa48
[ 3182.976441][ T8816]  </TASK>
10:57:54 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8083121201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3183.004401][ T8816] memory: usage 307200kB, limit 307200kB, failcnt 89535
[ 3183.013842][ T8816] memory+swap: usage 318844kB, limit 9007199254740988kB, failcnt 0
[ 3183.042438][ T8831] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:57:54 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e06000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3183.049133][ T8816] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3183.083080][ T8816] Memory cgroup stats for /syz1:
[ 3183.083214][ T8816] cache 0
[ 3183.086643][ T8832] team0: left allmulticast mode
[ 3183.099000][ T8816] rss 28672
[ 3183.102588][ T8816] rss_huge 0
[ 3183.106858][ T8816] shmem 0
[ 3183.109949][ T8816] mapped_file 0
[ 3183.113545][ T8816] dirty 0
[ 3183.117180][ T8816] writeback 0
[ 3183.118169][ T8832] team_slave_0: left allmulticast mode
[ 3183.120827][ T8816] workingset_refault_anon 36037
[ 3183.131597][ T8816] workingset_refault_file 357
[ 3183.135520][ T8832] team_slave_1: left allmulticast mode
[ 3183.136746][ T8816] swap 11894784
[ 3183.142246][ T8832] team0: left promiscuous mode
[ 3183.146058][ T8816] swapcached 0
[ 3183.156377][ T8816] pgpgin 3287153
[ 3183.157230][ T8832] team_slave_0: left promiscuous mode
[ 3183.160120][ T8816] pgpgout 3287146
[ 3183.169928][ T8816] pgfault 3620514
[ 3183.173779][ T8816] pgmajfault 37840
[ 3183.176669][ T8832] team_slave_1: left promiscuous mode
[ 3183.178449][ T8816] inactive_anon 0
[ 3183.188197][ T8832] bridge0: port 9(team0) entered disabled state
[ 3183.188295][ T8816] active_anon 28672
[ 3183.198933][ T8816] inactive_file 0
[ 3183.202787][ T8816] active_file 0
[ 3183.206904][ T8816] unevictable 0
[ 3183.210460][ T8816] hierarchical_memory_limit 314572800
[ 3183.213138][ T8832] 8021q: adding VLAN 0 to HW filter on device team0
[ 3183.224395][ T8816] hierarchical_memsw_limit 9223372036854771712
[ 3183.230569][ T8816] total_cache 0
[ 3183.234800][ T8816] total_rss 28672
[ 3183.238453][ T8816] total_rss_huge 0
[ 3183.242181][ T8816] total_shmem 0
[ 3183.243538][ T8832] team0: entered promiscuous mode
[ 3183.246916][ T8816] total_mapped_file 0
[ 3183.251286][ T8832] team_slave_0: entered promiscuous mode
[ 3183.256134][ T8816] total_dirty 0
[ 3183.265578][ T8832] team_slave_1: entered promiscuous mode
[ 3183.266046][ T8816] total_writeback 0
[ 3183.276158][ T8816] total_workingset_refault_anon 36037
[ 3183.281736][ T8816] total_workingset_refault_file 357
[ 3183.282301][ T8832] team0: entered allmulticast mode
[ 3183.288024][ T8816] total_swap 11894784
[ 3183.295874][ T8832] team_slave_0: entered allmulticast mode
[ 3183.299120][ T8816] total_swapcached 0
[ 3183.302786][ T8832] team_slave_1: entered allmulticast mode
[ 3183.307449][ T8816] total_pgpgin 3287153
[ 3183.307462][ T8816] total_pgpgout 3287146
[ 3183.307470][ T8816] total_pgfault 3620514
[ 3183.307479][ T8816] total_pgmajfault 37840
[ 3183.307487][ T8816] total_inactive_anon 0
10:57:55 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e08000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3183.307495][ T8816] total_active_anon 28672
[ 3183.307503][ T8816] total_inactive_file 0
[ 3183.307511][ T8816] total_active_file 0
[ 3183.307519][ T8816] total_unevictable 0
[ 3183.307527][ T8816] anon_cost 0
[ 3183.307535][ T8816] file_cost 0
[ 3183.307543][ T8816] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1
[ 3183.322945][ T8832] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3183.328419][ T8816] ,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=8816,uid=0
[ 3183.391133][ T8835] bond0: (slave team0): Releasing backup interface
[ 3183.408099][ T8835] team0: left promiscuous mode
[ 3183.413143][ T8835] team_slave_0: left promiscuous mode
[ 3183.417319][ T8816] Memory cgroup out of memory: Killed process 8816 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3183.420327][ T8835] team_slave_1: left promiscuous mode
[ 3183.442721][ T8835] team0: left allmulticast mode
[ 3183.450051][ T8835] team_slave_0: left allmulticast mode
[ 3183.456189][ T8835] team_slave_1: left allmulticast mode
[ 3183.473583][ T8835] bridge0: port 9(team0) entered blocking state
[ 3183.491150][ T8835] bridge0: port 9(team0) entered disabled state
[ 3183.502053][ T8835] team0: entered allmulticast mode
[ 3183.507908][ T8835] team_slave_0: entered allmulticast mode
[ 3183.514680][ T8835] team_slave_1: entered allmulticast mode
[ 3183.523031][ T8835] team0: entered promiscuous mode
[ 3183.529100][ T8835] team_slave_0: entered promiscuous mode
10:57:55 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0xfcffffff00000000}, 0x0)

10:57:55 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e0a000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:57:55 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x40db93}}}]}, 0x78}}, 0x0)

[ 3183.538969][ T8835] team_slave_1: entered promiscuous mode
10:57:55 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e0c000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3183.643072][ T8844] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:57:55 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x1000000}}}]}, 0x78}}, 0x0)

10:57:55 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e0f000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3183.854523][ T8850] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:57:55 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000181201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

10:57:55 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e10000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:57:55 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x2000000}}}]}, 0x78}}, 0x0)

[ 3183.963652][ T8855] team0: left allmulticast mode
[ 3183.978287][ T8855] team_slave_0: left allmulticast mode
[ 3183.989724][ T8855] team_slave_1: left allmulticast mode
[ 3183.995948][ T8855] team0: left promiscuous mode
[ 3184.002754][ T8855] team_slave_0: left promiscuous mode
[ 3184.042941][ T8855] team_slave_1: left promiscuous mode
[ 3184.051610][ T8855] bridge0: port 9(team0) entered disabled state
[ 3184.077692][ T8855] 8021q: adding VLAN 0 to HW filter on device team0
[ 3184.096427][ T8855] team0: entered promiscuous mode
[ 3184.102365][ T8855] team_slave_0: entered promiscuous mode
[ 3184.123526][ T8855] team_slave_1: entered promiscuous mode
[ 3184.140677][ T8855] team0: entered allmulticast mode
[ 3184.157589][ T8855] team_slave_0: entered allmulticast mode
[ 3184.172398][ T8855] team_slave_1: entered allmulticast mode
[ 3184.192046][ T8855] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3184.216837][ T8858] bond0: (slave team0): Releasing backup interface
[ 3184.259415][ T8858] team0: left promiscuous mode
[ 3184.274231][ T8858] team_slave_0: left promiscuous mode
[ 3184.280140][ T8858] team_slave_1: left promiscuous mode
[ 3184.295248][ T8858] team0: left allmulticast mode
[ 3184.307726][ T8858] team_slave_0: left allmulticast mode
[ 3184.321229][ T8858] team_slave_1: left allmulticast mode
[ 3184.348546][ T8858] bridge0: port 9(team0) entered blocking state
[ 3184.357881][ T8845] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3184.368818][ T8858] bridge0: port 9(team0) entered disabled state
[ 3184.377466][ T8845] CPU: 0 PID: 8845 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3184.387813][ T8845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3184.397862][ T8845] Call Trace:
[ 3184.401134][ T8845]  <TASK>
[ 3184.404063][ T8845]  dump_stack_lvl+0x1e7/0x2e0
[ 3184.408746][ T8845]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3184.413940][ T8845]  ? __pfx__printk+0x10/0x10
[ 3184.418523][ T8845]  ? ___ratelimit+0x4c4/0x670
[ 3184.423194][ T8845]  ? __pfx____ratelimit+0x10/0x10
[ 3184.428212][ T8845]  dump_header+0xda/0x6a0
[ 3184.432545][ T8845]  oom_kill_process+0x3a7/0x930
[ 3184.437405][ T8845]  out_of_memory+0xf67/0x1320
[ 3184.442089][ T8845]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3184.447717][ T8845]  ? __pfx___mutex_lock+0x10/0x10
[ 3184.452742][ T8845]  ? __pfx_out_of_memory+0x10/0x10
[ 3184.457855][ T8845]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3184.463400][ T8845]  ? __pfx_lock_release+0x10/0x10
[ 3184.468428][ T8845]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3184.474494][ T8845]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3184.479688][ T8845]  ? mem_cgroup_iter+0x422/0x560
[ 3184.484640][ T8845]  try_charge_memcg+0xda2/0x18a0
[ 3184.489600][ T8845]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3184.494963][ T8845]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3184.500680][ T8845]  ? __pfx_lock_release+0x10/0x10
[ 3184.505707][ T8845]  ? memcg_account_kmem+0x1e7/0x210
[ 3184.510906][ T8845]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3184.516710][ T8845]  __memcg_kmem_charge_page+0xe1/0x250
[ 3184.522167][ T8845]  memcg_charge_kernel_stack+0x37e/0x550
[ 3184.527796][ T8845]  dup_task_struct+0x40d/0x7d0
[ 3184.532551][ T8845]  copy_process+0x5d5/0x3fc0
[ 3184.537144][ T8845]  ? __might_fault+0xa9/0x120
[ 3184.541816][ T8845]  ? __pfx_lock_release+0x10/0x10
[ 3184.546845][ T8845]  ? __pfx_copy_process+0x10/0x10
[ 3184.551858][ T8845]  ? __might_fault+0xc5/0x120
[ 3184.556614][ T8845]  ? __asan_memset+0x23/0x50
[ 3184.561204][ T8845]  kernel_clone+0x21d/0x8d0
[ 3184.565715][ T8845]  ? __pfx_kernel_clone+0x10/0x10
[ 3184.570746][ T8845]  __se_sys_clone3+0x2cb/0x350
[ 3184.575502][ T8845]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3184.580813][ T8845]  ? do_syscall_64+0x108/0x240
[ 3184.585573][ T8845]  ? do_syscall_64+0xb4/0x240
[ 3184.590245][ T8845]  do_syscall_64+0xf9/0x240
[ 3184.594740][ T8845]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3184.600628][ T8845] RIP: 0033:0x7f49312a9b99
[ 3184.605037][ T8845] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3184.624632][ T8845] RSP: 002b:00007f49314cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3184.633045][ T8845] RAX: ffffffffffffffda RBX: 00007f4931252270 RCX: 00007f49312a9b99
[ 3184.641013][ T8845] RDX: 00007f4931252270 RSI: 0000000000000058 RDI: 00007f49314cf960
[ 3184.648971][ T8845] RBP: 00007f4931f096c0 R08: 00007f4931f096c0 R09: 00007f49314cfa47
[ 3184.656931][ T8845] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3184.664890][ T8845] R13: 000000000000000b R14: 00007f49314cf960 R15: 00007f49314cfa48
[ 3184.672859][ T8845]  </TASK>
[ 3184.679628][ T8858] team0: entered allmulticast mode
[ 3184.685339][ T8858] team_slave_0: entered allmulticast mode
[ 3184.691219][ T8858] team_slave_1: entered allmulticast mode
[ 3184.700464][ T8858] team0: entered promiscuous mode
[ 3184.706424][ T8858] team_slave_0: entered promiscuous mode
[ 3184.712438][ T8858] team_slave_1: entered promiscuous mode
[ 3184.722908][ T8845] memory: usage 307200kB, limit 307200kB, failcnt 90083
[ 3184.737982][ T8845] memory+swap: usage 318844kB, limit 9007199254740988kB, failcnt 0
10:57:56 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e60000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3184.754013][ T8863] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:57:56 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000201201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3184.785835][ T8845] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3184.805677][ T8845] Memory cgroup stats for /syz1:
[ 3184.805810][ T8845] cache 0
[ 3184.824600][ T8845] rss 12288
[ 3184.835099][ T8845] rss_huge 0
[ 3184.846738][ T8845] shmem 0
[ 3184.849703][ T8845] mapped_file 0
[ 3184.853177][ T8845] dirty 0
10:57:56 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x15, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

10:57:56 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00030010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:57:56 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x3000000}}}]}, 0x78}}, 0x0)

[ 3184.885943][ T8845] writeback 0
[ 3184.889266][ T8845] workingset_refault_anon 36177
[ 3184.897407][ T8868] team0: left allmulticast mode
[ 3184.902528][ T8868] team_slave_0: left allmulticast mode
[ 3184.924218][ T8845] workingset_refault_file 357
[ 3184.928917][ T8845] swap 11911168
[ 3184.932381][ T8845] swapcached 0
[ 3184.940299][ T8868] team_slave_1: left allmulticast mode
[ 3184.950161][ T8845] pgpgin 3287332
[ 3184.953729][ T8845] pgpgout 3287329
[ 3184.959668][ T8868] team0: left promiscuous mode
[ 3184.965750][ T8845] pgfault 3620759
[ 3184.969956][ T8845] pgmajfault 37990
[ 3184.974788][ T8868] team_slave_0: left promiscuous mode
[ 3184.980630][ T8845] inactive_anon 12288
[ 3184.985759][ T8868] team_slave_1: left promiscuous mode
[ 3184.991271][ T8845] active_anon 0
[ 3184.996343][ T8845] inactive_file 0
[ 3185.000511][ T8868] bridge0: port 9(team0) entered disabled state
[ 3185.009190][ T8845] active_file 0
[ 3185.017387][ T8845] unevictable 0
[ 3185.031600][ T8845] hierarchical_memory_limit 314572800
[ 3185.038419][ T8868] 8021q: adding VLAN 0 to HW filter on device team0
[ 3185.051464][ T8845] hierarchical_memsw_limit 9223372036854771712
[ 3185.060789][ T8868] team0: entered promiscuous mode
[ 3185.074868][ T8845] total_cache 0
[ 3185.082283][ T8868] team_slave_0: entered promiscuous mode
[ 3185.089099][ T8845] total_rss 12288
[ 3185.092876][ T8845] total_rss_huge 0
[ 3185.097269][ T8868] team_slave_1: entered promiscuous mode
[ 3185.103496][ T8845] total_shmem 0
[ 3185.107657][ T8845] total_mapped_file 0
[ 3185.113031][ T8868] team0: entered allmulticast mode
[ 3185.118881][ T8845] total_dirty 0
[ 3185.122543][ T8868] team_slave_0: entered allmulticast mode
[ 3185.129255][ T8845] total_writeback 0
[ 3185.133410][ T8868] team_slave_1: entered allmulticast mode
[ 3185.139899][ T8845] total_workingset_refault_anon 36177
[ 3185.149790][ T8845] total_workingset_refault_file 357
[ 3185.155666][ T8868] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3185.164939][ T8845] total_swap 11911168
[ 3185.170268][ T8845] total_swapcached 0
[ 3185.185446][ T8845] total_pgpgin 3287332
10:57:57 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00050010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3185.189799][ T8872] bond0: (slave team0): Releasing backup interface
[ 3185.204303][ T8845] total_pgpgout 3287329
[ 3185.208487][ T8845] total_pgfault 3620759
[ 3185.213761][ T8845] total_pgmajfault 37990
[ 3185.226946][ T8872] team0: left promiscuous mode
[ 3185.243372][ T8872] team_slave_0: left promiscuous mode
[ 3185.249814][ T8845] total_inactive_anon 12288
[ 3185.257627][ T8872] team_slave_1: left promiscuous mode
[ 3185.263090][ T8845] total_active_anon 0
[ 3185.267955][ T8845] total_inactive_file 0
[ 3185.272129][ T8845] total_active_file 0
[ 3185.277615][ T8872] team0: left allmulticast mode
[ 3185.282677][ T8872] team_slave_0: left allmulticast mode
[ 3185.288720][ T8845] total_unevictable 0
[ 3185.293304][ T8845] anon_cost 0
[ 3185.297325][ T8872] team_slave_1: left allmulticast mode
[ 3185.303431][ T8845] file_cost 0
[ 3185.308143][ T8845] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=8845,uid=0
[ 3185.334045][ T8872] bridge0: port 9(team0) entered blocking state
[ 3185.340901][ T8872] bridge0: port 9(team0) entered disabled state
[ 3185.348434][ T8872] team0: entered allmulticast mode
[ 3185.353703][ T8845] Memory cgroup out of memory: Killed process 8845 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3185.373841][ T8872] team_slave_0: entered allmulticast mode
[ 3185.380866][ T8872] team_slave_1: entered allmulticast mode
10:57:57 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0xffffff7f00000000}, 0x0)

[ 3185.390769][ T8872] team0: entered promiscuous mode
[ 3185.404284][ T8872] team_slave_0: entered promiscuous mode
[ 3185.415052][ T8872] team_slave_1: entered promiscuous mode
[ 3185.437461][ T8878] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:57:57 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00060010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:57:57 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x4000000}}}]}, 0x78}}, 0x0)

10:57:57 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e000a0010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3185.645236][ T8887] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:57:57 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000211201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3185.766229][ T8883] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3185.797353][ T8893] team0: left allmulticast mode
[ 3185.806163][ T8893] team_slave_0: left allmulticast mode
[ 3185.811773][ T8883] CPU: 1 PID: 8883 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3185.822112][ T8883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3185.832173][ T8883] Call Trace:
[ 3185.835458][ T8883]  <TASK>
[ 3185.838386][ T8883]  dump_stack_lvl+0x1e7/0x2e0
[ 3185.843068][ T8883]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3185.848264][ T8883]  ? __pfx__printk+0x10/0x10
[ 3185.852846][ T8883]  ? ___ratelimit+0x4c4/0x670
[ 3185.857524][ T8883]  ? __pfx____ratelimit+0x10/0x10
[ 3185.862554][ T8883]  dump_header+0xda/0x6a0
[ 3185.866893][ T8883]  oom_kill_process+0x3a7/0x930
[ 3185.871744][ T8883]  out_of_memory+0xf67/0x1320
[ 3185.876421][ T8883]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3185.882049][ T8883]  ? __pfx___mutex_lock+0x10/0x10
[ 3185.887074][ T8883]  ? __pfx_out_of_memory+0x10/0x10
[ 3185.892184][ T8883]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3185.897720][ T8883]  ? __pfx_lock_release+0x10/0x10
[ 3185.902742][ T8883]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3185.908804][ T8883]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3185.914004][ T8883]  ? mem_cgroup_iter+0x422/0x560
[ 3185.918948][ T8883]  try_charge_memcg+0xda2/0x18a0
[ 3185.923906][ T8883]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3185.929277][ T8883]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3185.934990][ T8883]  ? __pfx_lock_release+0x10/0x10
[ 3185.940010][ T8883]  ? memcg_account_kmem+0x1e7/0x210
[ 3185.945206][ T8883]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3185.951001][ T8883]  __memcg_kmem_charge_page+0xe1/0x250
[ 3185.956458][ T8883]  memcg_charge_kernel_stack+0x37e/0x550
[ 3185.962088][ T8883]  dup_task_struct+0x40d/0x7d0
[ 3185.966847][ T8883]  copy_process+0x5d5/0x3fc0
[ 3185.971440][ T8883]  ? __might_fault+0xa9/0x120
[ 3185.976110][ T8883]  ? __pfx_lock_release+0x10/0x10
[ 3185.981131][ T8883]  ? __pfx_copy_process+0x10/0x10
[ 3185.986149][ T8883]  ? __might_fault+0xc5/0x120
[ 3185.990819][ T8883]  ? __asan_memset+0x23/0x50
[ 3185.995406][ T8883]  kernel_clone+0x21d/0x8d0
[ 3185.999903][ T8883]  ? __pfx_kernel_clone+0x10/0x10
[ 3186.004928][ T8883]  __se_sys_clone3+0x2cb/0x350
[ 3186.009698][ T8883]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3186.014998][ T8883]  ? do_syscall_64+0x108/0x240
[ 3186.019756][ T8883]  ? do_syscall_64+0xb4/0x240
[ 3186.024433][ T8883]  do_syscall_64+0xf9/0x240
[ 3186.028931][ T8883]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3186.034822][ T8883] RIP: 0033:0x7f49312a9b99
[ 3186.039229][ T8883] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3186.058823][ T8883] RSP: 002b:00007f49314cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3186.067228][ T8883] RAX: ffffffffffffffda RBX: 00007f4931252270 RCX: 00007f49312a9b99
[ 3186.075188][ T8883] RDX: 00007f4931252270 RSI: 0000000000000058 RDI: 00007f49314cf960
[ 3186.083148][ T8883] RBP: 00007f4931f096c0 R08: 00007f4931f096c0 R09: 00007f49314cfa47
[ 3186.091110][ T8883] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3186.099070][ T8883] R13: 000000000000000b R14: 00007f49314cf960 R15: 00007f49314cfa48
[ 3186.107043][ T8883]  </TASK>
10:57:57 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e000c0010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3186.113759][ T8893] team_slave_1: left allmulticast mode
[ 3186.119702][ T8893] team0: left promiscuous mode
[ 3186.124895][ T8893] team_slave_0: left promiscuous mode
[ 3186.130582][ T8893] team_slave_1: left promiscuous mode
[ 3186.133500][ T8883] memory: usage 307200kB, limit 307200kB, failcnt 90295
[ 3186.137815][ T8893] bridge0: port 9(team0) entered disabled state
[ 3186.143531][ T8883] memory+swap: usage 318844kB, limit 9007199254740988kB, failcnt 0
[ 3186.143549][ T8883] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3186.143561][ T8883] Memory cgroup stats for /syz1:
[ 3186.172994][ T8883] cache 0
[ 3186.181370][ T8883] rss 4096
[ 3186.185120][ T8883] rss_huge 0
[ 3186.188342][ T8883] shmem 0
[ 3186.191284][ T8883] mapped_file 0
[ 3186.199603][ T8883] dirty 0
[ 3186.202562][ T8883] writeback 0
[ 3186.206243][ T8883] workingset_refault_anon 36228
[ 3186.209080][ T8893] 8021q: adding VLAN 0 to HW filter on device team0
[ 3186.211085][ T8883] workingset_refault_file 357
10:57:58 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x5000000}}}]}, 0x78}}, 0x0)

[ 3186.211096][ T8883] swap 11919360
[ 3186.229137][ T8883] swapcached 0
[ 3186.232527][ T8883] pgpgin 3287413
[ 3186.236485][ T8883] pgpgout 3287412
[ 3186.240356][ T8883] pgfault 3620888
[ 3186.244342][ T8883] pgmajfault 38055
[ 3186.248075][ T8883] inactive_anon 0
[ 3186.251715][ T8883] active_anon 4096
[ 3186.256385][ T8883] inactive_file 0
[ 3186.260037][ T8883] active_file 0
[ 3186.262512][ T8893] team0: entered promiscuous mode
[ 3186.263480][ T8883] unevictable 0
[ 3186.263492][ T8883] hierarchical_memory_limit 314572800
[ 3186.263501][ T8883] hierarchical_memsw_limit 9223372036854771712
[ 3186.263510][ T8883] total_cache 0
[ 3186.263518][ T8883] total_rss 4096
[ 3186.263525][ T8883] total_rss_huge 0
[ 3186.263533][ T8883] total_shmem 0
[ 3186.263541][ T8883] total_mapped_file 0
[ 3186.263548][ T8883] total_dirty 0
[ 3186.263556][ T8883] total_writeback 0
[ 3186.314477][ T8893] team_slave_0: entered promiscuous mode
[ 3186.320335][ T8893] team_slave_1: entered promiscuous mode
[ 3186.329928][ T8893] team0: entered allmulticast mode
[ 3186.336561][ T8893] team_slave_0: entered allmulticast mode
[ 3186.342527][ T8893] team_slave_1: entered allmulticast mode
[ 3186.348850][ T8883] total_workingset_refault_anon 36228
[ 3186.354599][ T8883] total_workingset_refault_file 357
[ 3186.359812][ T8883] total_swap 11919360
[ 3186.363803][ T8883] total_swapcached 0
[ 3186.369083][ T8893] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3186.378272][ T8883] total_pgpgin 3287413
[ 3186.383809][ T8883] total_pgpgout 3287412
[ 3186.388354][ T8883] total_pgfault 3620888
[ 3186.392519][ T8883] total_pgmajfault 38055
[ 3186.398465][ T8883] total_inactive_anon 0
[ 3186.402643][ T8883] total_active_anon 4096
[ 3186.408464][ T8894] bond0: (slave team0): Releasing backup interface
[ 3186.422491][ T8883] total_inactive_file 0
[ 3186.427214][ T8883] total_active_file 0
[ 3186.431970][ T8894] team0: left promiscuous mode
[ 3186.438639][ T8883] total_unevictable 0
[ 3186.442902][ T8883] anon_cost 0
[ 3186.454249][ T8894] team_slave_0: left promiscuous mode
[ 3186.459835][ T8894] team_slave_1: left promiscuous mode
[ 3186.474359][ T8883] file_cost 0
[ 3186.477675][ T8883] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=8883,uid=0
[ 3186.503400][ T8894] team0: left allmulticast mode
[ 3186.509487][ T8883] Memory cgroup out of memory: Killed process 8883 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3186.527696][ T8894] team_slave_0: left allmulticast mode
[ 3186.533259][ T8894] team_slave_1: left allmulticast mode
[ 3186.562268][ T8894] bridge0: port 9(team0) entered blocking state
10:57:58 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0xffffffff00000000}, 0x0)

[ 3186.581233][ T8894] bridge0: port 9(team0) entered disabled state
[ 3186.598934][ T8894] team0: entered allmulticast mode
[ 3186.612829][ T8894] team_slave_0: entered allmulticast mode
[ 3186.630129][ T8894] team_slave_1: entered allmulticast mode
[ 3186.650627][ T8894] team0: entered promiscuous mode
[ 3186.670070][ T8894] team_slave_0: entered promiscuous mode
[ 3186.686050][ T8894] team_slave_1: entered promiscuous mode
[ 3186.703393][ T8897] validate_nla: 21 callbacks suppressed
[ 3186.703409][ T8897] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
10:57:58 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000241201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

10:57:58 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e000f0010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3186.735365][ T8901] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3186.833390][ T8905] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3186.866681][ T8905] team0: left allmulticast mode
10:57:58 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x6000000}}}]}, 0x78}}, 0x0)

[ 3186.889327][ T8905] team_slave_0: left allmulticast mode
[ 3186.910253][ T8905] team_slave_1: left allmulticast mode
[ 3186.925892][ T8905] team0: left promiscuous mode
[ 3186.943833][ T8905] team_slave_0: left promiscuous mode
[ 3186.952460][ T8905] team_slave_1: left promiscuous mode
[ 3186.968559][ T8905] bridge0: port 9(team0) entered disabled state
[ 3186.998845][ T8905] 8021q: adding VLAN 0 to HW filter on device team0
[ 3187.018616][ T8905] team0: entered promiscuous mode
[ 3187.032540][ T8905] team_slave_0: entered promiscuous mode
[ 3187.050816][ T8905] team_slave_1: entered promiscuous mode
[ 3187.069076][ T8905] team0: entered allmulticast mode
[ 3187.083113][ T8905] team_slave_0: entered allmulticast mode
[ 3187.099813][ T8905] team_slave_1: entered allmulticast mode
[ 3187.119153][ T8905] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3187.143687][ T8908] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3187.162052][ T8908] bond0: (slave team0): Releasing backup interface
[ 3187.195745][ T8908] team0: left promiscuous mode
[ 3187.202463][ T8908] team_slave_0: left promiscuous mode
[ 3187.216079][ T8908] team_slave_1: left promiscuous mode
[ 3187.228755][ T8908] team0: left allmulticast mode
[ 3187.240592][ T8908] team_slave_0: left allmulticast mode
[ 3187.253629][ T8908] team_slave_1: left allmulticast mode
[ 3187.278524][ T8908] bridge0: port 9(team0) entered blocking state
[ 3187.292940][ T8908] bridge0: port 9(team0) entered disabled state
[ 3187.309008][ T8908] team0: entered allmulticast mode
[ 3187.321845][ T8908] team_slave_0: entered allmulticast mode
[ 3187.336451][ T8908] team_slave_1: entered allmulticast mode
[ 3187.355348][ T8908] team0: entered promiscuous mode
[ 3187.367772][ T8908] team_slave_0: entered promiscuous mode
[ 3187.382573][ T8908] team_slave_1: entered promiscuous mode
[ 3187.400702][ T8907] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
10:57:59 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e88470010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3187.416976][ T8913] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:57:59 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x7000000}}}]}, 0x78}}, 0x0)

[ 3187.532057][ T8916] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
10:57:59 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e88480010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:57:59 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000251201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3187.596182][ T6458] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 3187.648259][ T6458] CPU: 0 PID: 6458 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3187.658635][ T6458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3187.661920][ T8920] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3187.668683][ T6458] Call Trace:
[ 3187.668696][ T6458]  <TASK>
[ 3187.668704][ T6458]  dump_stack_lvl+0x1e7/0x2e0
[ 3187.668737][ T6458]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3187.668760][ T6458]  ? __pfx__printk+0x10/0x10
10:57:59 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e65580010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3187.697554][ T6458]  ? ___ratelimit+0x4c4/0x670
[ 3187.702260][ T6458]  ? __pfx____ratelimit+0x10/0x10
[ 3187.707313][ T6458]  dump_header+0xda/0x6a0
[ 3187.711666][ T6458]  oom_kill_process+0x3a7/0x930
[ 3187.716547][ T6458]  out_of_memory+0xf67/0x1320
[ 3187.721252][ T6458]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3187.726910][ T6458]  ? __pfx___mutex_lock+0x10/0x10
[ 3187.731969][ T6458]  ? __pfx_out_of_memory+0x10/0x10
[ 3187.735190][ T8924] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3187.737090][ T6458]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3187.737119][ T6458]  ? __pfx_lock_release+0x10/0x10
[ 3187.737144][ T6458]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3187.748294][ T8925] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3187.750806][ T6458]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3187.750835][ T6458]  ? mem_cgroup_iter+0x422/0x560
[ 3187.750862][ T6458]  try_charge_memcg+0xda2/0x18a0
[ 3187.762178][ T8925] team0: left allmulticast mode
[ 3187.770047][ T6458]  ? mark_lock+0x9a/0x350
10:57:59 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00600010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3187.770095][ T6458]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3187.770141][ T6458]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3187.770162][ T6458]  charge_memcg+0xa2/0x160
[ 3187.789561][ T8925] team_slave_0: left allmulticast mode
[ 3187.790014][ T6458]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3187.790044][ T6458]  __read_swap_cache_async+0x480/0x8b0
[ 3187.815741][ T8925] team_slave_1: left allmulticast mode
[ 3187.821739][ T6458]  ? mark_lock+0x9a/0x350
[ 3187.821777][ T6458]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3187.837036][ T8925] team0: left promiscuous mode
[ 3187.842953][ T6458]  swap_cluster_readahead+0x67c/0x810
[ 3187.842994][ T6458]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3187.843022][ T6458]  ? __pfx_lock_release+0x10/0x10
[ 3187.848498][ T8925] team_slave_0: left promiscuous mode
[ 3187.853109][ T6458]  ? xas_descend+0x37e/0x470
[ 3187.853144][ T6458]  swapin_readahead+0x1ea/0x1070
[ 3187.853167][ T6458]  ? filemap_get_entry+0x127/0x4e0
[ 3187.861019][ T8925] team_slave_1: left promiscuous mode
[ 3187.864048][ T6458]  ? __pfx_swapin_readahead+0x10/0x10
[ 3187.864087][ T6458]  ? __filemap_get_folio+0x935/0xbc0
[ 3187.864117][ T6458]  ? swap_cache_get_folio+0x9f/0x570
[ 3187.864143][ T6458]  do_swap_page+0x8ab/0x3da0
[ 3187.877457][ T8925] bridge0: port 9(team0) entered disabled state
[ 3187.878980][ T6458]  ? __pte_offset_map+0x2c4/0x380
[ 3187.879018][ T6458]  ? do_swap_page+0x154/0x3da0
[ 3187.879038][ T6458]  ? __pfx_do_swap_page+0x10/0x10
[ 3187.931028][ T6458]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3187.936486][ T6458]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3187.942283][ T6458]  ? __pfx_validate_chain+0x10/0x10
[ 3187.947481][ T6458]  __handle_mm_fault+0x15e8/0x72d0
[ 3187.952605][ T6458]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3187.958070][ T6458]  ? mt_find+0x226/0x850
[ 3187.962323][ T6458]  ? __pfx_lock_release+0x10/0x10
[ 3187.967353][ T6458]  ? mt_find+0x62d/0x850
[ 3187.971587][ T6458]  ? mt_find+0x226/0x850
[ 3187.975835][ T6458]  ? find_vma+0x142/0x1c0
[ 3187.980158][ T6458]  ? __pfx_find_vma+0x10/0x10
[ 3187.984828][ T6458]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3187.990807][ T6458]  handle_mm_fault+0x3c1/0x8a0
[ 3187.995571][ T6458]  exc_page_fault+0x2ad/0x870
[ 3188.000243][ T6458]  asm_exc_page_fault+0x26/0x30
[ 3188.005086][ T6458] RIP: 0010:__get_user_8+0x11/0x20
[ 3188.010187][ T6458] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 3188.029779][ T6458] RSP: 0018:ffffc900059a7d98 EFLAGS: 00050202
[ 3188.035836][ T6458] RAX: 0000555556856da8 RBX: ffff8880761fee78 RCX: ffffc900059a7c03
[ 3188.043795][ T6458] RDX: 0000000000000000 RSI: ffffffff8baac760 RDI: ffffffff8bfe6820
[ 3188.051753][ T6458] RBP: ffffc900059a7ec8 R08: ffffffff8f855a6f R09: 1ffffffff1f0ab4d
[ 3188.059713][ T6458] R10: dffffc0000000000 R11: fffffbfff1f0ab4e R12: ffffc900059a7da0
[ 3188.067672][ T6458] R13: ffffc900059a7fd8 R14: dffffc0000000000 R15: ffff8880761fd940
[ 3188.075646][ T6458]  __rseq_handle_notify_resume+0x158/0x1490
[ 3188.081550][ T6458]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 3188.087881][ T6458]  ? syscall_exit_to_user_mode+0xa2/0x370
[ 3188.093595][ T6458]  syscall_exit_to_user_mode+0x113/0x370
[ 3188.099221][ T6458]  do_syscall_64+0x108/0x240
[ 3188.103804][ T6458]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3188.109690][ T6458] RIP: 0033:0x7f49312a91b5
[ 3188.114095][ T6458] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[ 3188.133688][ T6458] RSP: 002b:00007f49314cfcf0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 3188.142090][ T6458] RAX: 0000000000000000 RBX: 00000000000037b2 RCX: 00007f49312a91b5
[ 3188.150570][ T6458] RDX: 00007f49314cfd30 RSI: 0000000000000000 RDI: 0000000000000000
[ 3188.158531][ T6458] RBP: 00007f49314cfdbc R08: 0000000000000000 R09: 00007fffcebe70b0
[ 3188.166490][ T6458] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 3188.174448][ T6458] R13: 0000000000309fd4 R14: 0000000000309fd4 R15: 0000000000000000
[ 3188.182437][ T6458]  </TASK>
[ 3188.195005][ T8925] 8021q: adding VLAN 0 to HW filter on device team0
[ 3188.203650][ T8925] team0: entered promiscuous mode
[ 3188.215241][ T6458] memory: usage 307200kB, limit 307200kB, failcnt 90906
[ 3188.222678][ T6458] memory+swap: usage 318844kB, limit 9007199254740988kB, failcnt 0
[ 3188.230282][ T8925] team_slave_0: entered promiscuous mode
[ 3188.231242][ T6458] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3188.244758][ T6458] Memory cgroup stats for /syz1:
10:58:00 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x48, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3188.244891][ T6458] cache 0
[ 3188.252912][ T6458] rss 0
[ 3188.253419][ T8925] team_slave_1: entered promiscuous mode
[ 3188.266660][ T8925] team0: entered allmulticast mode
[ 3188.268924][ T6458] rss_huge 0
[ 3188.291989][ T6458] shmem 0
[ 3188.295527][ T6458] mapped_file 0
[ 3188.299129][ T6458] dirty 0
[ 3188.299474][ T8925] team_slave_0: entered allmulticast mode
[ 3188.302161][ T6458] writeback 0
[ 3188.322535][ T8925] team_slave_1: entered allmulticast mode
[ 3188.323155][ T6458] workingset_refault_anon 36405
[ 3188.340777][ T8925] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3188.345144][ T6458] workingset_refault_file 357
[ 3188.366077][ T8928] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3188.367493][ T6458] swap 11923456
[ 3188.379359][ T8928] bond0: (slave team0): Releasing backup interface
[ 3188.383505][ T6458] swapcached 0
[ 3188.401314][ T6458] pgpgin 3287633
[ 3188.406613][ T8928] team0: left promiscuous mode
[ 3188.410417][ T6458] pgpgout 3287633
[ 3188.415959][ T8928] team_slave_0: left promiscuous mode
[ 3188.419951][ T6458] pgfault 3621211
[ 3188.428028][ T8928] team_slave_1: left promiscuous mode
[ 3188.431576][ T6458] pgmajfault 38234
[ 3188.441451][ T8928] team0: left allmulticast mode
[ 3188.443511][ T6458] inactive_anon 0
[ 3188.454492][ T8928] team_slave_0: left allmulticast mode
[ 3188.461079][ T6458] active_anon 0
[ 3188.467668][ T8928] team_slave_1: left allmulticast mode
[ 3188.470166][ T6458] inactive_file 0
[ 3188.480853][ T6458] active_file 0
[ 3188.488522][ T6458] unevictable 0
[ 3188.493574][ T6458] hierarchical_memory_limit 314572800
[ 3188.503287][ T6458] hierarchical_memsw_limit 9223372036854771712
[ 3188.505101][ T8928] bridge0: port 9(team0) entered blocking state
[ 3188.512874][ T6458] total_cache 0
[ 3188.523286][ T6458] total_rss 0
[ 3188.540321][ T6458] total_rss_huge 0
[ 3188.541182][ T8928] bridge0: port 9(team0) entered disabled state
[ 3188.549124][ T6458] total_shmem 0
[ 3188.555801][ T8928] team0: entered allmulticast mode
[ 3188.561425][ T6458] total_mapped_file 0
[ 3188.566439][ T8928] team_slave_0: entered allmulticast mode
[ 3188.579888][ T8928] team_slave_1: entered allmulticast mode
[ 3188.582017][ T6458] total_dirty 0
[ 3188.596255][ T8928] team0: entered promiscuous mode
[ 3188.603001][ T6458] total_writeback 0
[ 3188.605611][ T8928] team_slave_0: entered promiscuous mode
[ 3188.612667][ T6458] total_workingset_refault_anon 36405
[ 3188.615109][ T8928] team_slave_1: entered promiscuous mode
[ 3188.621756][ T6458] total_workingset_refault_file 357
[ 3188.632555][ T8930] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3188.646007][ T6458] total_swap 11923456
10:58:00 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000401201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

10:58:00 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x8000000}}}]}, 0x78}}, 0x0)

10:58:00 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e58650010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3188.657931][ T6458] total_swapcached 0
[ 3188.666793][ T6458] total_pgpgin 3287633
[ 3188.684593][ T6458] total_pgpgout 3287633
[ 3188.690228][ T6458] total_pgfault 3621211
[ 3188.707211][ T6458] total_pgmajfault 38234
[ 3188.716044][ T6458] total_inactive_anon 0
[ 3188.734988][ T8936] team0: left allmulticast mode
[ 3188.739893][ T8936] team_slave_0: left allmulticast mode
[ 3188.749210][ T6458] total_active_anon 0
[ 3188.760960][ T6458] total_inactive_file 0
[ 3188.775818][ T6458] total_active_file 0
[ 3188.780738][ T6458] total_unevictable 0
[ 3188.794274][ T8936] team_slave_1: left allmulticast mode
[ 3188.800100][ T8936] team0: left promiscuous mode
[ 3188.806773][ T6458] anon_cost 0
[ 3188.810092][ T6458] file_cost 0
[ 3188.813394][ T6458] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=8903,uid=0
[ 3188.832624][ T8936] team_slave_0: left promiscuous mode
[ 3188.840342][ T8936] team_slave_1: left promiscuous mode
10:58:00 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0x2}, 0x0)

[ 3188.847922][ T6458] Memory cgroup out of memory: Killed process 8903 (syz-executor.1) total-vm:54508kB, anon-rss:328kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3188.867268][ T8936] bridge0: port 9(team0) entered disabled state
[ 3188.891340][ T8936] 8021q: adding VLAN 0 to HW filter on device team0
[ 3188.906794][ T8936] team0: entered promiscuous mode
[ 3188.920228][ T8936] team_slave_0: entered promiscuous mode
[ 3188.938371][ T8936] team_slave_1: entered promiscuous mode
[ 3188.959585][ T8936] team0: entered allmulticast mode
[ 3188.977922][ T8936] team_slave_0: entered allmulticast mode
[ 3188.995469][ T8936] team_slave_1: entered allmulticast mode
[ 3189.017699][ T8936] bond0: (slave team0): Enslaving as an active interface with an up link
10:58:00 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00810010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3189.047717][ T8942] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3189.143825][ T8941] bond0: (slave team0): Releasing backup interface
[ 3189.175436][ T8941] team0: left promiscuous mode
[ 3189.180268][ T8941] team_slave_0: left promiscuous mode
[ 3189.201333][ T8947] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3189.222484][ T8941] team_slave_1: left promiscuous mode
[ 3189.244580][ T8947] CPU: 0 PID: 8947 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3189.254967][ T8947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3189.265044][ T8947] Call Trace:
[ 3189.268341][ T8947]  <TASK>
[ 3189.271290][ T8947]  dump_stack_lvl+0x1e7/0x2e0
[ 3189.275999][ T8947]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3189.281228][ T8947]  ? __pfx__printk+0x10/0x10
[ 3189.285837][ T8947]  ? ___ratelimit+0x4c4/0x670
[ 3189.290543][ T8947]  ? __pfx____ratelimit+0x10/0x10
[ 3189.295600][ T8947]  dump_header+0xda/0x6a0
[ 3189.299962][ T8947]  oom_kill_process+0x3a7/0x930
[ 3189.304846][ T8947]  out_of_memory+0xf67/0x1320
[ 3189.309544][ T8947]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3189.315850][ T8947]  ? __pfx___mutex_lock+0x10/0x10
[ 3189.320873][ T8947]  ? __pfx_out_of_memory+0x10/0x10
[ 3189.327095][ T8947]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3189.332634][ T8947]  ? __pfx_lock_release+0x10/0x10
[ 3189.337654][ T8947]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3189.343716][ T8947]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3189.348913][ T8947]  ? mem_cgroup_iter+0x422/0x560
[ 3189.353846][ T8947]  try_charge_memcg+0xda2/0x18a0
[ 3189.358802][ T8947]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3189.364172][ T8947]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3189.369884][ T8947]  ? __pfx_lock_release+0x10/0x10
[ 3189.374903][ T8947]  ? memcg_account_kmem+0x1e7/0x210
[ 3189.380100][ T8947]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3189.385896][ T8947]  __memcg_kmem_charge_page+0xe1/0x250
[ 3189.391375][ T8947]  memcg_charge_kernel_stack+0x37e/0x550
[ 3189.397003][ T8947]  dup_task_struct+0x15d/0x7d0
[ 3189.401759][ T8947]  copy_process+0x5d5/0x3fc0
[ 3189.406351][ T8947]  ? __might_fault+0xa9/0x120
[ 3189.411022][ T8947]  ? __pfx_lock_release+0x10/0x10
[ 3189.416053][ T8947]  ? __pfx_copy_process+0x10/0x10
[ 3189.421157][ T8947]  ? __might_fault+0xc5/0x120
[ 3189.425895][ T8947]  ? __asan_memset+0x23/0x50
[ 3189.430507][ T8947]  kernel_clone+0x21d/0x8d0
[ 3189.435017][ T8947]  ? __pfx_kernel_clone+0x10/0x10
[ 3189.440064][ T8947]  __se_sys_clone3+0x2cb/0x350
[ 3189.444832][ T8947]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3189.450128][ T8947]  ? do_syscall_64+0x108/0x240
[ 3189.454892][ T8947]  ? do_syscall_64+0xb4/0x240
[ 3189.459565][ T8947]  do_syscall_64+0xf9/0x240
[ 3189.464069][ T8947]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3189.469965][ T8947] RIP: 0033:0x7f49312a9b99
[ 3189.474376][ T8947] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3189.493979][ T8947] RSP: 002b:00007f49314cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3189.502385][ T8947] RAX: ffffffffffffffda RBX: 00007f4931252270 RCX: 00007f49312a9b99
[ 3189.510348][ T8947] RDX: 00007f4931252270 RSI: 0000000000000058 RDI: 00007f49314cf960
[ 3189.518315][ T8947] RBP: 00007f4931f096c0 R08: 00007f4931f096c0 R09: 00007f49314cfa47
[ 3189.526276][ T8947] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3189.534240][ T8947] R13: 000000000000000b R14: 00007f49314cf960 R15: 00007f49314cfa48
[ 3189.542211][ T8947]  </TASK>
[ 3189.545814][ T8941] team0: left allmulticast mode
[ 3189.555735][ T8947] memory: usage 307200kB, limit 307200kB, failcnt 91129
[ 3189.564088][ T8941] team_slave_0: left allmulticast mode
[ 3189.574857][ T8947] memory+swap: usage 318844kB, limit 9007199254740988kB, failcnt 0
[ 3189.591302][ T8941] team_slave_1: left allmulticast mode
[ 3189.602546][ T8947] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3189.618575][ T8941] bridge0: port 9(team0) entered blocking state
[ 3189.635402][ T8941] bridge0: port 9(team0) entered disabled state
[ 3189.635826][ T8947] Memory cgroup stats for 
[ 3189.642103][ T8941] team0: entered allmulticast mode
[ 3189.643686][ T8947] /syz1:
[ 3189.653222][ T8947] cache 0
[ 3189.654270][ T8941] team_slave_0: entered allmulticast mode
[ 3189.657033][ T8947] rss 12288
[ 3189.659090][ T8941] team_slave_1: entered allmulticast mode
[ 3189.667068][ T8947] rss_huge 0
[ 3189.678918][ T8947] shmem 0
[ 3189.682114][ T8947] mapped_file 0
[ 3189.683306][ T8941] team0: entered promiscuous mode
[ 3189.687428][ T8947] dirty 0
[ 3189.692952][ T8941] team_slave_0: entered promiscuous mode
[ 3189.694687][ T8947] writeback 0
[ 3189.694699][ T8947] workingset_refault_anon 36462
[ 3189.694708][ T8947] workingset_refault_file 357
[ 3189.694716][ T8947] swap 11911168
[ 3189.694724][ T8947] swapcached 0
[ 3189.694730][ T8947] pgpgin 3287718
[ 3189.694738][ T8947] pgpgout 3287715
[ 3189.694745][ T8947] pgfault 3621346
[ 3189.694753][ T8947] pgmajfault 38305
[ 3189.694761][ T8947] inactive_anon 12288
[ 3189.694768][ T8947] active_anon 0
[ 3189.694776][ T8947] inactive_file 0
[ 3189.694784][ T8947] active_file 0
[ 3189.694792][ T8947] unevictable 0
10:58:01 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x9000000}}}]}, 0x78}}, 0x0)

10:58:01 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e47880010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3189.694800][ T8947] hierarchical_memory_limit 314572800
[ 3189.694808][ T8947] hierarchical_memsw_limit 9223372036854771712
[ 3189.694816][ T8947] total_cache 0
[ 3189.700611][ T8941] team_slave_1: entered promiscuous mode
[ 3189.707568][ T8947] total_rss 12288
[ 3189.783138][ T8947] total_rss_huge 0
10:58:01 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8088471201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3189.823564][ T8947] total_shmem 0
[ 3189.828415][ T8947] total_mapped_file 0
[ 3189.832561][ T8947] total_dirty 0
[ 3189.836866][ T8947] total_writeback 0
[ 3189.840829][ T8947] total_workingset_refault_anon 36462
[ 3189.864995][ T8947] total_workingset_refault_file 357
[ 3189.871459][ T8947] total_swap 11911168
[ 3189.879146][ T8947] total_swapcached 0
[ 3189.883257][ T8947] total_pgpgin 3287718
[ 3189.889350][ T8952] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3189.907156][ T8947] total_pgpgout 3287715
[ 3189.920147][ T8947] total_pgfault 3621346
[ 3189.931556][ T8947] total_pgmajfault 38305
[ 3189.939972][ T8947] total_inactive_anon 12288
[ 3189.950440][ T8947] total_active_anon 0
[ 3189.956776][ T8956] team0: left allmulticast mode
[ 3189.958690][ T8947] total_inactive_file 0
[ 3189.966720][ T8947] total_active_file 0
[ 3189.970863][ T8947] total_unevictable 0
[ 3189.975670][ T8947] anon_cost 0
[ 3189.975854][ T8956] team_slave_0: left allmulticast mode
[ 3189.979125][ T8947] file_cost 0
[ 3189.988912][ T8947] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=8947,uid=0
[ 3189.998472][ T8956] team_slave_1: left allmulticast mode
[ 3190.012920][ T8947] Memory cgroup out of memory: Killed process 8947 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3190.020041][ T8956] team0: left promiscuous mode
[ 3190.049639][ T8956] team_slave_0: left promiscuous mode
[ 3190.061598][ T8956] team_slave_1: left promiscuous mode
[ 3190.074814][ T8956] bridge0: port 9(team0) entered disabled state
[ 3190.099409][ T8956] 8021q: adding VLAN 0 to HW filter on device team0
[ 3190.109119][ T8956] team0: entered promiscuous mode
[ 3190.116035][ T8956] team_slave_0: entered promiscuous mode
10:58:01 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0x3}, 0x0)

[ 3190.126580][ T8956] team_slave_1: entered promiscuous mode
[ 3190.137579][ T8956] team0: entered allmulticast mode
[ 3190.149848][ T8956] team_slave_0: entered allmulticast mode
[ 3190.163154][ T8956] team_slave_1: entered allmulticast mode
10:58:02 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e48880010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3190.176459][ T8956] bond0: (slave team0): Enslaving as an active interface with an up link
10:58:02 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0xa000000}}}]}, 0x78}}, 0x0)

[ 3190.218392][ T8959] bond0: (slave team0): Releasing backup interface
[ 3190.247992][ T8959] team0: left promiscuous mode
[ 3190.263651][ T8959] team_slave_0: left promiscuous mode
[ 3190.278746][ T8959] team_slave_1: left promiscuous mode
[ 3190.294941][ T8959] team0: left allmulticast mode
[ 3190.300779][ T8959] team_slave_0: left allmulticast mode
[ 3190.313087][ T8959] team_slave_1: left allmulticast mode
[ 3190.341298][ T8959] bridge0: port 9(team0) entered blocking state
[ 3190.355810][ T8959] bridge0: port 9(team0) entered disabled state
[ 3190.371206][ T8959] team0: entered allmulticast mode
[ 3190.385890][ T8959] team_slave_0: entered allmulticast mode
[ 3190.398569][ T8959] team_slave_1: entered allmulticast mode
[ 3190.419068][ T8959] team0: entered promiscuous mode
[ 3190.434365][ T8959] team_slave_0: entered promiscuous mode
[ 3190.442933][ T8959] team_slave_1: entered promiscuous mode
10:58:02 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e0000007b008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3190.463353][ T8967] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:02 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00020010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:58:02 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0xb000000}}}]}, 0x78}}, 0x0)

[ 3190.668332][ T8973] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3190.693223][ T8961] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
10:58:02 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0xc000000}}}]}, 0x78}}, 0x0)

[ 3190.714658][ T8961] CPU: 0 PID: 8961 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3190.725027][ T8961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3190.735095][ T8961] Call Trace:
[ 3190.738394][ T8961]  <TASK>
[ 3190.741342][ T8961]  dump_stack_lvl+0x1e7/0x2e0
[ 3190.746053][ T8961]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3190.751277][ T8961]  ? __pfx__printk+0x10/0x10
[ 3190.755885][ T8961]  ? ___ratelimit+0x4c4/0x670
[ 3190.760586][ T8961]  ? __pfx____ratelimit+0x10/0x10
[ 3190.765637][ T8961]  dump_header+0xda/0x6a0
[ 3190.769993][ T8961]  oom_kill_process+0x3a7/0x930
[ 3190.774869][ T8961]  out_of_memory+0xf67/0x1320
[ 3190.779574][ T8961]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3190.785220][ T8961]  ? __pfx___mutex_lock+0x10/0x10
[ 3190.790245][ T8961]  ? __pfx_out_of_memory+0x10/0x10
[ 3190.795352][ T8961]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3190.800887][ T8961]  ? __pfx_lock_release+0x10/0x10
[ 3190.805908][ T8961]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3190.811969][ T8961]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3190.817158][ T8961]  ? mem_cgroup_iter+0x422/0x560
[ 3190.822088][ T8961]  try_charge_memcg+0xda2/0x18a0
[ 3190.827025][ T8961]  ? mark_lock+0x9a/0x350
[ 3190.831361][ T8961]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3190.836745][ T8961]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3190.842885][ T8961]  charge_memcg+0xa2/0x160
[ 3190.847299][ T8961]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3190.853357][ T8961]  __read_swap_cache_async+0x480/0x8b0
[ 3190.858810][ T8961]  ? mark_lock+0x9a/0x350
[ 3190.863134][ T8961]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3190.869119][ T8961]  swap_cluster_readahead+0x67c/0x810
[ 3190.874493][ T8961]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3190.880381][ T8961]  ? __pfx_lock_release+0x10/0x10
[ 3190.885398][ T8961]  ? xas_descend+0x37e/0x470
[ 3190.889987][ T8961]  swapin_readahead+0x1ea/0x1070
[ 3190.894918][ T8961]  ? filemap_get_entry+0x127/0x4e0
[ 3190.900033][ T8961]  ? __pfx_swapin_readahead+0x10/0x10
[ 3190.905403][ T8961]  ? __filemap_get_folio+0x935/0xbc0
[ 3190.910681][ T8961]  ? swap_cache_get_folio+0x9f/0x570
[ 3190.915960][ T8961]  do_swap_page+0x8ab/0x3da0
[ 3190.920541][ T8961]  ? __pte_offset_map+0x2c4/0x380
[ 3190.925562][ T8961]  ? do_raw_spin_lock+0x14e/0x370
[ 3190.930578][ T8961]  ? do_swap_page+0x154/0x3da0
[ 3190.935331][ T8961]  ? __pfx_do_swap_page+0x10/0x10
[ 3190.940343][ T8961]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3190.945794][ T8961]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3190.951595][ T8961]  ? __pfx_validate_chain+0x10/0x10
[ 3190.956789][ T8961]  __handle_mm_fault+0x15e8/0x72d0
[ 3190.961915][ T8961]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3190.967370][ T8961]  ? mt_find+0x226/0x850
[ 3190.971606][ T8961]  ? __pfx_lock_release+0x10/0x10
[ 3190.976636][ T8961]  ? mt_find+0x62d/0x850
[ 3190.980874][ T8961]  ? mt_find+0x226/0x850
[ 3190.985129][ T8961]  ? find_vma+0x142/0x1c0
[ 3190.989445][ T8961]  ? __pfx_find_vma+0x10/0x10
[ 3190.994112][ T8961]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3191.000092][ T8961]  handle_mm_fault+0x3c1/0x8a0
[ 3191.004854][ T8961]  exc_page_fault+0x2ad/0x870
[ 3191.009525][ T8961]  asm_exc_page_fault+0x26/0x30
[ 3191.014368][ T8961] RIP: 0010:__get_user_8+0x11/0x20
[ 3191.019466][ T8961] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 3191.039066][ T8961] RSP: 0000:ffffc900034cfd78 EFLAGS: 00050202
[ 3191.045131][ T8961] RAX: 0000555556856da8 RBX: ffff88808dd5b2f8 RCX: ffffc900034cfc03
[ 3191.053095][ T8961] RDX: 0000000000000000 RSI: ffffffff8baac760 RDI: ffffffff8bfe6820
[ 3191.061058][ T8961] RBP: ffffc900034cfec0 R08: ffffffff8f855a6f R09: 1ffffffff1f0ab4d
[ 3191.069023][ T8961] R10: dffffc0000000000 R11: fffffbfff1f0ab4e R12: ffffc900034cfd80
[ 3191.076987][ T8961] R13: ffffc900034cffd8 R14: dffffc0000000000 R15: ffff88808dd59dc0
[ 3191.084965][ T8961]  __rseq_handle_notify_resume+0x158/0x1490
[ 3191.090870][ T8961]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 3191.097196][ T8961]  ? irqentry_exit_to_user_mode+0x52/0x280
[ 3191.102995][ T8961]  irqentry_exit_to_user_mode+0xbb/0x280
[ 3191.108618][ T8961]  exc_page_fault+0x587/0x870
[ 3191.113289][ T8961]  asm_exc_page_fault+0x26/0x30
[ 3191.118131][ T8961] RIP: 0033:0x7f4931259a7b
[ 3191.122535][ T8961] Code: 5c 12 00 48 8d 34 19 48 39 d5 48 89 75 60 0f 95 c2 48 29 d8 48 83 c1 10 0f b6 d2 48 83 c8 01 48 c1 e2 02 48 09 da 48 83 ca 01 <48> 89 51 f8 48 89 46 08 eb 80 48 8d 0d 31 5c 09 00 48 8d 15 35 6e
[ 3191.142132][ T8961] RSP: 002b:00007f49314cf940 EFLAGS: 00010206
[ 3191.148191][ T8961] RAX: 00000000000205f1 RBX: 0000000000000120 RCX: 0000555556857900
[ 3191.156158][ T8961] RDX: 0000000000000121 RSI: 0000555556857a10 RDI: 0000000000000004
[ 3191.164120][ T8961] RBP: 00007f493137f660 R08: 00000000ffffffff R09: 0000000000000000
[ 3191.172097][ T8961] R10: 0000000000021000 R11: 0000000000000010 R12: 0000000000000110
[ 3191.180060][ T8961] R13: 0000000000000012 R14: 00007f493137f6c0 R15: 0000000000000120
[ 3191.188038][ T8961]  </TASK>
[ 3191.199395][ T8976] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3191.250825][ T8961] memory: usage 307180kB, limit 307200kB, failcnt 91443
10:58:03 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0xf000000}}}]}, 0x78}}, 0x0)

10:58:03 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00030010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:58:03 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000481201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3191.305727][ T8961] memory+swap: usage 318812kB, limit 9007199254740988kB, failcnt 0
10:58:03 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x60, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3191.347899][ T8961] kmem: usage 307168kB, limit 9007199254740988kB, failcnt 0
[ 3191.374514][ T8961] Memory cgroup stats for /syz1:
[ 3191.374640][ T8961] cache 0
[ 3191.389640][ T8983] team0: left allmulticast mode
10:58:03 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00040010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3191.397696][ T8983] team_slave_0: left allmulticast mode
[ 3191.416667][ T8961] rss 12288
[ 3191.422206][ T8961] rss_huge 0
[ 3191.430686][ T8983] team_slave_1: left allmulticast mode
[ 3191.439443][ T8961] shmem 0
[ 3191.444623][ T8983] team0: left promiscuous mode
[ 3191.446945][ T8961] mapped_file 0
[ 3191.456439][ T8983] team_slave_0: left promiscuous mode
[ 3191.465930][ T8961] dirty 0
[ 3191.472346][ T8961] writeback 0
[ 3191.473556][ T8983] team_slave_1: left promiscuous mode
[ 3191.489724][ T8983] bridge0: port 9(team0) entered disabled state
[ 3191.491206][ T8961] workingset_refault_anon 36568
[ 3191.508839][ T8961] workingset_refault_file 357
[ 3191.517959][ T8961] swap 11911168
[ 3191.521591][ T8961] swapcached 0
[ 3191.524566][ T8983] 8021q: adding VLAN 0 to HW filter on device team0
[ 3191.531282][ T8961] pgpgin 3287839
[ 3191.537816][ T8961] pgpgout 3287836
[ 3191.541559][ T8961] pgfault 3621525
[ 3191.557552][ T8983] team0: entered promiscuous mode
[ 3191.562721][ T8961] pgmajfault 38410
[ 3191.562734][ T8961] inactive_anon 0
[ 3191.562742][ T8961] active_anon 12288
[ 3191.562751][ T8961] inactive_file 0
[ 3191.562759][ T8961] active_file 0
[ 3191.562767][ T8961] unevictable 0
[ 3191.562775][ T8961] hierarchical_memory_limit 314572800
[ 3191.562783][ T8961] hierarchical_memsw_limit 9223372036854771712
[ 3191.562791][ T8961] total_cache 0
[ 3191.562798][ T8961] total_rss 12288
[ 3191.562806][ T8961] total_rss_huge 0
[ 3191.562814][ T8961] total_shmem 0
[ 3191.562821][ T8961] total_mapped_file 0
[ 3191.562829][ T8961] total_dirty 0
[ 3191.562838][ T8961] total_writeback 0
[ 3191.562846][ T8961] total_workingset_refault_anon 36568
[ 3191.562854][ T8961] total_workingset_refault_file 357
[ 3191.562861][ T8961] total_swap 11911168
[ 3191.562869][ T8961] total_swapcached 0
[ 3191.562877][ T8961] total_pgpgin 3287839
[ 3191.562886][ T8961] total_pgpgout 3287836
[ 3191.562894][ T8961] total_pgfault 3621525
[ 3191.562903][ T8961] total_pgmajfault 38410
[ 3191.562912][ T8961] total_inactive_anon 0
[ 3191.562920][ T8961] total_active_anon 12288
[ 3191.562928][ T8961] total_inactive_file 0
[ 3191.562937][ T8961] total_active_file 0
[ 3191.562945][ T8961] total_unevictable 0
[ 3191.562954][ T8961] anon_cost 0
[ 3191.562962][ T8961] file_cost 0
[ 3191.562971][ T8961] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=8961,uid=0
10:58:03 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0x4}, 0x0)

[ 3191.563080][ T8961] Memory cgroup out of memory: Killed process 8961 (syz-executor.1) total-vm:54508kB, anon-rss:420kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3191.824257][ T8983] team_slave_0: entered promiscuous mode
[ 3191.830453][ T8983] team_slave_1: entered promiscuous mode
[ 3191.845248][ T8983] team0: entered allmulticast mode
[ 3191.858031][ T8983] team_slave_0: entered allmulticast mode
[ 3191.874620][ T8983] team_slave_1: entered allmulticast mode
[ 3191.890501][ T8983] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3191.912860][ T8985] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3191.966299][ T8986] validate_nla: 12 callbacks suppressed
[ 3191.966345][ T8986] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3192.005754][ T8986] bond0: (slave team0): Releasing backup interface
[ 3192.021926][ T8986] team0: left promiscuous mode
[ 3192.034707][ T8986] team_slave_0: left promiscuous mode
[ 3192.048131][ T8986] team_slave_1: left promiscuous mode
[ 3192.061992][ T8986] team0: left allmulticast mode
[ 3192.074842][ T8986] team_slave_0: left allmulticast mode
[ 3192.081842][ T8986] team_slave_1: left allmulticast mode
[ 3192.098736][ T8986] bridge0: port 9(team0) entered blocking state
[ 3192.117183][ T8986] bridge0: port 9(team0) entered disabled state
[ 3192.126204][ T8986] team0: entered allmulticast mode
[ 3192.132910][ T8986] team_slave_0: entered allmulticast mode
[ 3192.140025][ T8986] team_slave_1: entered allmulticast mode
[ 3192.150991][ T8986] team0: entered promiscuous mode
[ 3192.157027][ T8986] team_slave_0: entered promiscuous mode
[ 3192.169182][ T8986] team_slave_1: entered promiscuous mode
10:58:04 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00050010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3192.178321][ T8988] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
10:58:04 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x10000000}}}]}, 0x78}}, 0x0)

10:58:04 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8088481201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3192.262525][ T8992] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3192.321034][ T8997] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3192.324048][ T8992] CPU: 1 PID: 8992 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3192.339563][ T8992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3192.344843][ T8997] team0: left allmulticast mode
[ 3192.349619][ T8992] Call Trace:
[ 3192.349631][ T8992]  <TASK>
[ 3192.349640][ T8992]  dump_stack_lvl+0x1e7/0x2e0
[ 3192.349672][ T8992]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3192.366152][ T8997] team_slave_0: left allmulticast mode
[ 3192.370572][ T8992]  ? __pfx__printk+0x10/0x10
[ 3192.370600][ T8992]  ? ___ratelimit+0x4c4/0x670
[ 3192.370625][ T8992]  ? __pfx____ratelimit+0x10/0x10
[ 3192.390365][ T8992]  dump_header+0xda/0x6a0
[ 3192.390930][ T8997] team_slave_1: left allmulticast mode
[ 3192.394708][ T8992]  oom_kill_process+0x3a7/0x930
[ 3192.394738][ T8992]  out_of_memory+0xf67/0x1320
[ 3192.394765][ T8992]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3192.394787][ T8992]  ? __pfx___mutex_lock+0x10/0x10
[ 3192.394815][ T8992]  ? __pfx_out_of_memory+0x10/0x10
[ 3192.394846][ T8992]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3192.394867][ T8992]  ? __pfx_lock_release+0x10/0x10
[ 3192.394892][ T8992]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3192.394919][ T8992]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3192.394941][ T8992]  ? mem_cgroup_iter+0x422/0x560
[ 3192.394967][ T8992]  try_charge_memcg+0xda2/0x18a0
[ 3192.395013][ T8992]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3192.395033][ T8992]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3192.395054][ T8992]  ? __pfx_lock_release+0x10/0x10
[ 3192.395077][ T8992]  ? memcg_account_kmem+0x1e7/0x210
[ 3192.395109][ T8992]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3192.395128][ T8992]  __memcg_kmem_charge_page+0xe1/0x250
[ 3192.395153][ T8992]  memcg_charge_kernel_stack+0x210/0x550
[ 3192.395178][ T8992]  dup_task_struct+0x15d/0x7d0
[ 3192.411047][ T8997] team0: left promiscuous mode
[ 3192.415736][ T8992]  copy_process+0x5d5/0x3fc0
[ 3192.415774][ T8992]  ? __might_fault+0xa9/0x120
[ 3192.415796][ T8992]  ? __pfx_lock_release+0x10/0x10
[ 3192.415824][ T8992]  ? __pfx_copy_process+0x10/0x10
[ 3192.415842][ T8992]  ? __might_fault+0xc5/0x120
[ 3192.415865][ T8992]  ? __asan_memset+0x23/0x50
[ 3192.415893][ T8992]  kernel_clone+0x21d/0x8d0
[ 3192.415919][ T8992]  ? __pfx_kernel_clone+0x10/0x10
[ 3192.415959][ T8992]  __se_sys_clone3+0x2cb/0x350
[ 3192.415983][ T8992]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3192.416033][ T8992]  ? do_syscall_64+0x108/0x240
[ 3192.416060][ T8992]  ? do_syscall_64+0xb4/0x240
[ 3192.416084][ T8992]  do_syscall_64+0xf9/0x240
[ 3192.416109][ T8992]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3192.416133][ T8992] RIP: 0033:0x7f49312a9b99
[ 3192.416151][ T8992] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3192.416167][ T8992] RSP: 002b:00007f49314cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3192.416190][ T8992] RAX: ffffffffffffffda RBX: 00007f4931252270 RCX: 00007f49312a9b99
[ 3192.416205][ T8992] RDX: 00007f4931252270 RSI: 0000000000000058 RDI: 00007f49314cf960
[ 3192.416218][ T8992] RBP: 00007f4931f096c0 R08: 00007f4931f096c0 R09: 00007f49314cfa47
[ 3192.416231][ T8992] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3192.416244][ T8992] R13: 000000000000000b R14: 00007f49314cf960 R15: 00007f49314cfa48
[ 3192.416273][ T8992]  </TASK>
[ 3192.451580][ T8992] memory: usage 307200kB, limit 307200kB, failcnt 91836
[ 3192.512681][ T8997] team_slave_0: left promiscuous mode
[ 3192.530567][ T8992] memory+swap: usage 318832kB, limit 9007199254740988kB, failcnt 0
[ 3192.546585][ T8997] team_slave_1: left promiscuous mode
[ 3192.560365][ T8992] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[ 3192.581105][ T8997] bridge0: port 9(team0) entered disabled state
[ 3192.620944][ T8992] Memory cgroup stats for /syz1:
[ 3192.709026][ T8992] cache 0
[ 3192.724565][ T8992] rss 12288
[ 3192.728164][ T8992] rss_huge 0
[ 3192.728320][ T8997] 8021q: adding VLAN 0 to HW filter on device team0
[ 3192.731600][ T8992] shmem 0
[ 3192.748580][ T8992] mapped_file 0
[ 3192.752343][ T8992] dirty 0
[ 3192.766678][ T8992] writeback 0
[ 3192.773789][ T8992] workingset_refault_anon 36716
[ 3192.774212][ T8997] team0: entered promiscuous mode
[ 3192.786162][ T8992] workingset_refault_file 357
[ 3192.799284][ T8997] team_slave_0: entered promiscuous mode
[ 3192.800494][ T8992] swap 11911168
[ 3192.815241][ T8992] swapcached 0
[ 3192.816855][ T8997] team_slave_1: entered promiscuous mode
[ 3192.818883][ T8992] pgpgin 3288017
[ 3192.838444][ T8997] team0: entered allmulticast mode
[ 3192.846042][ T8992] pgpgout 3288014
[ 3192.854527][ T8992] pgfault 3621780
[ 3192.859285][ T8997] team_slave_0: entered allmulticast mode
[ 3192.862965][ T8992] pgmajfault 38566
[ 3192.873085][ T8992] inactive_anon 8192
[ 3192.875403][ T8997] team_slave_1: entered allmulticast mode
[ 3192.882134][ T8992] active_anon 4096
[ 3192.889677][ T8997] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3192.894620][ T8992] inactive_file 0
[ 3192.908244][ T8992] active_file 0
[ 3192.915473][ T8992] unevictable 0
[ 3192.917070][ T8999] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3192.921046][ T8992] hierarchical_memory_limit 314572800
[ 3192.941879][ T8999] bond0: (slave team0): Releasing backup interface
[ 3192.949450][ T8992] hierarchical_memsw_limit 9223372036854771712
[ 3192.957246][ T8999] team0: left promiscuous mode
[ 3192.962224][ T8992] total_cache 0
[ 3192.966238][ T8992] total_rss 12288
[ 3192.972111][ T8992] total_rss_huge 0
[ 3192.972362][ T8999] team_slave_0: left promiscuous mode
[ 3192.976577][ T8992] total_shmem 0
[ 3192.986417][ T8992] total_mapped_file 0
[ 3192.990577][ T8992] total_dirty 0
[ 3192.994582][ T8999] team_slave_1: left promiscuous mode
[ 3192.996126][ T8992] total_writeback 0
[ 3193.004219][ T8992] total_workingset_refault_anon 36716
[ 3193.009777][ T8992] total_workingset_refault_file 357
[ 3193.016374][ T8999] team0: left allmulticast mode
[ 3193.021378][ T8992] total_swap 11911168
[ 3193.026179][ T8999] team_slave_0: left allmulticast mode
[ 3193.031798][ T8992] total_swapcached 0
[ 3193.036556][ T8992] total_pgpgin 3288017
[ 3193.040829][ T8999] team_slave_1: left allmulticast mode
[ 3193.047737][ T8992] total_pgpgout 3288014
[ 3193.061564][ T8992] total_pgfault 3621780
[ 3193.069482][ T8999] bridge0: port 9(team0) entered blocking state
[ 3193.077339][ T8992] total_pgmajfault 38566
[ 3193.081730][ T8992] total_inactive_anon 8192
[ 3193.087369][ T8999] bridge0: port 9(team0) entered disabled state
[ 3193.093784][ T8992] total_active_anon 4096
[ 3193.100656][ T8999] team0: entered allmulticast mode
[ 3193.106483][ T8992] total_inactive_file 0
[ 3193.110819][ T8999] team_slave_0: entered allmulticast mode
[ 3193.117494][ T8992] total_active_file 0
[ 3193.121688][ T8992] total_unevictable 0
[ 3193.127804][ T8999] team_slave_1: entered allmulticast mode
[ 3193.133688][ T8992] anon_cost 0
[ 3193.139716][ T8999] team0: entered promiscuous mode
[ 3193.145216][ T8992] file_cost 0
[ 3193.148660][ T8992] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=8992,uid=0
[ 3193.168700][ T8999] team_slave_0: entered promiscuous mode
[ 3193.176252][ T8999] team_slave_1: entered promiscuous mode
[ 3193.182072][ T8992] Memory cgroup out of memory: Killed process 8992 (syz-executor.1) total-vm:54508kB, anon-rss:368kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3193.217714][ T8995] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
10:58:05 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba80004c1201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

10:58:05 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00060010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3193.238916][ T9000] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:05 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0x5}, 0x0)

10:58:05 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x11000000}}}]}, 0x78}}, 0x0)

[ 3193.342753][ T9005] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3193.363367][ T9005] team0: left allmulticast mode
[ 3193.370356][ T9005] team_slave_0: left allmulticast mode
[ 3193.404070][ T9005] team_slave_1: left allmulticast mode
[ 3193.430528][ T9005] team0: left promiscuous mode
[ 3193.446566][ T9005] team_slave_0: left promiscuous mode
[ 3193.463946][ T9005] team_slave_1: left promiscuous mode
[ 3193.473110][ T9005] bridge0: port 9(team0) entered disabled state
[ 3193.491156][ T9005] 8021q: adding VLAN 0 to HW filter on device team0
[ 3193.506568][ T9005] team0: entered promiscuous mode
[ 3193.527617][ T9005] team_slave_0: entered promiscuous mode
[ 3193.542986][ T9005] team_slave_1: entered promiscuous mode
[ 3193.552202][ T9005] team0: entered allmulticast mode
[ 3193.567632][ T9005] team_slave_0: entered allmulticast mode
[ 3193.573524][ T9005] team_slave_1: entered allmulticast mode
[ 3193.593533][ T9005] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3193.616975][ T9007] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
10:58:05 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00080010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3193.636149][ T9008] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3193.677023][ T9008] bond0: (slave team0): Releasing backup interface
[ 3193.701630][ T9008] team0: left promiscuous mode
[ 3193.710773][ T9008] team_slave_0: left promiscuous mode
[ 3193.727235][ T9008] team_slave_1: left promiscuous mode
[ 3193.733221][ T9008] team0: left allmulticast mode
[ 3193.748221][ T9008] team_slave_0: left allmulticast mode
[ 3193.767729][ T9008] team_slave_1: left allmulticast mode
[ 3193.768014][ T9010] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3193.796710][ T9008] bridge0: port 9(team0) entered blocking state
[ 3193.799823][ T9010] CPU: 0 PID: 9010 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3193.806409][ T9008] bridge0: port 9(team0) entered disabled state
[ 3193.813269][ T9010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3193.813282][ T9010] Call Trace:
[ 3193.813291][ T9010]  <TASK>
[ 3193.813299][ T9010]  dump_stack_lvl+0x1e7/0x2e0
[ 3193.813337][ T9010]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3193.845614][ T9010]  ? __pfx__printk+0x10/0x10
[ 3193.850207][ T9010]  ? ___ratelimit+0x4c4/0x670
[ 3193.854884][ T9010]  ? __pfx____ratelimit+0x10/0x10
[ 3193.859905][ T9010]  dump_header+0xda/0x6a0
[ 3193.864233][ T9010]  oom_kill_process+0x3a7/0x930
[ 3193.869080][ T9010]  out_of_memory+0xf67/0x1320
[ 3193.873755][ T9010]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3193.879382][ T9010]  ? __pfx___mutex_lock+0x10/0x10
[ 3193.884408][ T9010]  ? __pfx_out_of_memory+0x10/0x10
[ 3193.889521][ T9010]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3193.895055][ T9010]  ? __pfx_lock_release+0x10/0x10
[ 3193.900074][ T9010]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3193.906141][ T9010]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3193.911336][ T9010]  ? mem_cgroup_iter+0x422/0x560
[ 3193.916271][ T9010]  try_charge_memcg+0xda2/0x18a0
[ 3193.921225][ T9010]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3193.926590][ T9010]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3193.932304][ T9010]  ? __pfx_lock_release+0x10/0x10
[ 3193.937324][ T9010]  ? memcg_account_kmem+0x1e7/0x210
[ 3193.942520][ T9010]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3193.948324][ T9010]  __memcg_kmem_charge_page+0xe1/0x250
[ 3193.953777][ T9010]  memcg_charge_kernel_stack+0x210/0x550
[ 3193.959412][ T9010]  dup_task_struct+0x15d/0x7d0
[ 3193.964171][ T9010]  copy_process+0x5d5/0x3fc0
[ 3193.968759][ T9010]  ? __might_fault+0xa9/0x120
[ 3193.973429][ T9010]  ? __pfx_lock_release+0x10/0x10
[ 3193.978458][ T9010]  ? __pfx_copy_process+0x10/0x10
[ 3193.983472][ T9010]  ? __might_fault+0xc5/0x120
[ 3193.988141][ T9010]  ? __asan_memset+0x23/0x50
[ 3193.992728][ T9010]  kernel_clone+0x21d/0x8d0
[ 3193.997223][ T9010]  ? __pfx_kernel_clone+0x10/0x10
[ 3194.002250][ T9010]  __se_sys_clone3+0x2cb/0x350
[ 3194.007012][ T9010]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3194.012300][ T9010]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3194.018281][ T9010]  ? exc_page_fault+0x587/0x870
[ 3194.023132][ T9010]  ? do_syscall_64+0xb4/0x240
[ 3194.027808][ T9010]  do_syscall_64+0xf9/0x240
[ 3194.032310][ T9010]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3194.038199][ T9010] RIP: 0033:0x7f49312a9b99
[ 3194.042604][ T9010] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3194.062205][ T9010] RSP: 002b:00007f49314cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3194.070609][ T9010] RAX: ffffffffffffffda RBX: 00007f4931252270 RCX: 00007f49312a9b99
[ 3194.078570][ T9010] RDX: 00007f4931252270 RSI: 0000000000000058 RDI: 00007f49314cf960
[ 3194.086530][ T9010] RBP: 00007f4931f096c0 R08: 00007f4931f096c0 R09: 00007f49314cfa47
[ 3194.094489][ T9010] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3194.102450][ T9010] R13: 000000000000000b R14: 00007f49314cf960 R15: 00007f49314cfa48
[ 3194.110422][ T9010]  </TASK>
[ 3194.125701][ T9008] team0: entered allmulticast mode
[ 3194.131716][ T9008] team_slave_0: entered allmulticast mode
[ 3194.142487][ T9008] team_slave_1: entered allmulticast mode
[ 3194.151326][ T9008] team0: entered promiscuous mode
[ 3194.157417][ T9008] team_slave_0: entered promiscuous mode
[ 3194.163477][ T9008] team_slave_1: entered promiscuous mode
10:58:06 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8065581201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3194.184673][ T9010] memory: usage 307200kB, limit 307200kB, failcnt 92127
[ 3194.192397][ T9014] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3194.210010][ T9010] memory+swap: usage 318868kB, limit 9007199254740988kB, failcnt 0
[ 3194.251961][ T9010] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[ 3194.280183][ T9010] Memory cgroup stats for /syz1:
[ 3194.280324][ T9010] cache 0
[ 3194.308214][ T9010] rss 12288
[ 3194.320127][ T9010] rss_huge 0
[ 3194.334489][ T9010] shmem 0
[ 3194.348304][ T9010] mapped_file 0
[ 3194.360509][ T9017] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3194.371590][ T9010] dirty 0
[ 3194.379697][ T9020] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3194.394982][ T9010] writeback 0
[ 3194.403008][ T9010] workingset_refault_anon 36815
10:58:06 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x14000000}}}]}, 0x78}}, 0x0)

[ 3194.411091][ T9020] team0: left allmulticast mode
10:58:06 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3194.435839][ T9010] workingset_refault_file 357
[ 3194.449302][ T9020] team_slave_0: left allmulticast mode
[ 3194.466401][ T9010] swap 11948032
[ 3194.476454][ T9010] swapcached 0
10:58:06 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e000a0010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3194.483349][ T9010] pgpgin 3288146
[ 3194.486189][ T9020] team_slave_1: left allmulticast mode
[ 3194.499084][ T9010] pgpgout 3288143
[ 3194.507907][ T9010] pgfault 3621965
[ 3194.516965][ T9020] team0: left promiscuous mode
[ 3194.517425][ T9010] pgmajfault 38675
[ 3194.536274][ T9010] inactive_anon 0
[ 3194.543067][ T9010] active_anon 12288
[ 3194.545614][ T9020] team_slave_0: left promiscuous mode
[ 3194.548172][ T9010] inactive_file 0
[ 3194.575798][ T9020] team_slave_1: left promiscuous mode
[ 3194.578094][ T9010] active_file 0
[ 3194.581574][ T9020] bridge0: port 9(team0) entered disabled state
[ 3194.593257][ T9010] unevictable 0
[ 3194.603568][ T9010] hierarchical_memory_limit 314572800
[ 3194.616862][ T9010] hierarchical_memsw_limit 9223372036854771712
[ 3194.625120][ T9010] total_cache 0
[ 3194.628892][ T9010] total_rss 12288
[ 3194.632817][ T9010] total_rss_huge 0
[ 3194.635922][ T9020] 8021q: adding VLAN 0 to HW filter on device team0
[ 3194.643396][ T9010] total_shmem 0
[ 3194.647944][ T9010] total_mapped_file 0
[ 3194.652262][ T9010] total_dirty 0
[ 3194.656797][ T9010] total_writeback 0
[ 3194.658561][ T9020] team0: entered promiscuous mode
[ 3194.660915][ T9010] total_workingset_refault_anon 36815
[ 3194.686879][ T9020] team_slave_0: entered promiscuous mode
[ 3194.695886][ T9010] total_workingset_refault_file 357
[ 3194.711598][ T9020] team_slave_1: entered promiscuous mode
[ 3194.714535][ T9010] total_swap 11948032
[ 3194.725568][ T9010] total_swapcached 0
[ 3194.734304][ T9010] total_pgpgin 3288146
[ 3194.736763][ T9020] team0: entered allmulticast mode
[ 3194.748003][ T9020] team_slave_0: entered allmulticast mode
[ 3194.750123][ T9010] total_pgpgout 3288143
[ 3194.767916][ T9020] team_slave_1: entered allmulticast mode
[ 3194.773273][ T9010] total_pgfault 3621965
[ 3194.784317][ T9010] total_pgmajfault 38675
[ 3194.789807][ T9020] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3194.802929][ T9010] total_inactive_anon 0
[ 3194.815132][ T9010] total_active_anon 12288
[ 3194.830099][ T9010] total_inactive_file 0
[ 3194.844386][ T9010] total_active_file 0
[ 3194.845121][ T9021] bond0: (slave team0): Releasing backup interface
[ 3194.858794][ T9010] total_unevictable 0
[ 3194.872477][ T9010] anon_cost 0
[ 3194.880888][ T9010] file_cost 0
[ 3194.882613][ T9021] team0: left promiscuous mode
[ 3194.887711][ T9010] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null)
[ 3194.889799][ T9021] team_slave_0: left promiscuous mode
[ 3194.892059][ T9010] ,cpuset=
[ 3194.901952][ T9021] team_slave_1: left promiscuous mode
[ 3194.908449][ T9010] syz1
[ 3194.915070][ T9021] team0: left allmulticast mode
[ 3194.922622][ T9021] team_slave_0: left allmulticast mode
[ 3194.932533][ T9010] ,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=9010,uid=0
[ 3194.977175][ T9010] Memory cgroup out of memory: Killed process 9010 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8816kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3194.984251][ T9021] team_slave_1: left allmulticast mode
10:58:06 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0x6}, 0x0)

[ 3195.028370][ T9021] bridge0: port 9(team0) entered blocking state
[ 3195.053265][ T9021] bridge0: port 9(team0) entered disabled state
[ 3195.097200][ T9021] team0: entered allmulticast mode
[ 3195.132585][ T9021] team_slave_0: entered allmulticast mode
[ 3195.157800][ T9021] team_slave_1: entered allmulticast mode
[ 3195.190670][ T9021] team0: entered promiscuous mode
[ 3195.208716][ T9021] team_slave_0: entered promiscuous mode
[ 3195.224654][ T9021] team_slave_1: entered promiscuous mode
10:58:07 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e000c0010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3195.242908][ T9028] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:07 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000601201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

10:58:07 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x15000000}}}]}, 0x78}}, 0x0)

[ 3195.421740][ T9036] team0: left allmulticast mode
10:58:07 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e000f0010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3195.442656][ T9036] team_slave_0: left allmulticast mode
[ 3195.472713][ T9036] team_slave_1: left allmulticast mode
[ 3195.491070][ T9036] team0: left promiscuous mode
[ 3195.513129][ T9036] team_slave_0: left promiscuous mode
[ 3195.525768][ T9032] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3195.537436][ T9036] team_slave_1: left promiscuous mode
[ 3195.544682][ T9032] CPU: 1 PID: 9032 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3195.555039][ T9032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3195.565109][ T9032] Call Trace:
[ 3195.568431][ T9032]  <TASK>
[ 3195.571381][ T9032]  dump_stack_lvl+0x1e7/0x2e0
[ 3195.576088][ T9032]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3195.581316][ T9032]  ? __pfx__printk+0x10/0x10
[ 3195.585926][ T9032]  ? ___ratelimit+0x4c4/0x670
[ 3195.590630][ T9032]  ? __pfx____ratelimit+0x10/0x10
[ 3195.595684][ T9032]  dump_header+0xda/0x6a0
[ 3195.600042][ T9032]  oom_kill_process+0x3a7/0x930
[ 3195.604918][ T9032]  out_of_memory+0xf67/0x1320
[ 3195.609624][ T9032]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3195.615280][ T9032]  ? __pfx___mutex_lock+0x10/0x10
[ 3195.620333][ T9032]  ? __pfx_out_of_memory+0x10/0x10
[ 3195.625477][ T9032]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3195.631046][ T9032]  ? __pfx_lock_release+0x10/0x10
[ 3195.636096][ T9032]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3195.642191][ T9032]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3195.647416][ T9032]  ? mem_cgroup_iter+0x422/0x560
[ 3195.652381][ T9032]  try_charge_memcg+0xda2/0x18a0
[ 3195.657379][ T9032]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3195.662775][ T9032]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3195.668516][ T9032]  ? __pfx_lock_release+0x10/0x10
[ 3195.673564][ T9032]  ? memcg_account_kmem+0x1e7/0x210
[ 3195.678798][ T9032]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3195.684628][ T9032]  __memcg_kmem_charge_page+0xe1/0x250
[ 3195.690110][ T9032]  memcg_charge_kernel_stack+0x37e/0x550
[ 3195.695768][ T9032]  dup_task_struct+0x15d/0x7d0
[ 3195.700553][ T9032]  copy_process+0x5d5/0x3fc0
[ 3195.705173][ T9032]  ? __might_fault+0xa9/0x120
[ 3195.709871][ T9032]  ? __pfx_lock_release+0x10/0x10
[ 3195.714930][ T9032]  ? __pfx_copy_process+0x10/0x10
[ 3195.719978][ T9032]  ? __might_fault+0xc5/0x120
[ 3195.724687][ T9032]  ? __asan_memset+0x23/0x50
[ 3195.729303][ T9032]  kernel_clone+0x21d/0x8d0
[ 3195.733818][ T9032]  ? __pfx_kernel_clone+0x10/0x10
[ 3195.738883][ T9032]  __se_sys_clone3+0x2cb/0x350
[ 3195.743672][ T9032]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3195.749000][ T9032]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3195.755020][ T9032]  ? exc_page_fault+0x587/0x870
[ 3195.759899][ T9032]  ? do_syscall_64+0xb4/0x240
[ 3195.764608][ T9032]  do_syscall_64+0xf9/0x240
[ 3195.769150][ T9032]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3195.775158][ T9032] RIP: 0033:0x7f49312a9b99
[ 3195.779592][ T9032] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3195.799219][ T9032] RSP: 002b:00007f49314cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3195.807659][ T9032] RAX: ffffffffffffffda RBX: 00007f4931252270 RCX: 00007f49312a9b99
[ 3195.815651][ T9032] RDX: 00007f4931252270 RSI: 0000000000000058 RDI: 00007f49314cf960
[ 3195.823640][ T9032] RBP: 00007f4931f096c0 R08: 00007f4931f096c0 R09: 00007f49314cfa47
[ 3195.831622][ T9032] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3195.839645][ T9032] R13: 000000000000000b R14: 00007f49314cf960 R15: 00007f49314cfa48
[ 3195.847654][ T9032]  </TASK>
[ 3195.855707][ T9036] bridge0: port 9(team0) entered disabled state
[ 3195.886512][ T9036] 8021q: adding VLAN 0 to HW filter on device team0
[ 3195.895805][ T9036] team0: entered promiscuous mode
[ 3195.901038][ T9036] team_slave_0: entered promiscuous mode
[ 3195.907495][ T9036] team_slave_1: entered promiscuous mode
[ 3195.913564][ T9036] team0: entered allmulticast mode
[ 3195.921139][ T9036] team_slave_0: entered allmulticast mode
[ 3195.927520][ T9036] team_slave_1: entered allmulticast mode
[ 3195.934679][ T9036] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3195.943299][ T9032] memory: usage 307200kB, limit 307200kB, failcnt 92375
[ 3195.951320][ T9032] memory+swap: usage 318844kB, limit 9007199254740988kB, failcnt 0
[ 3195.960006][ T9032] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3195.974998][ T9040] bond0: (slave team0): Releasing backup interface
[ 3195.988545][ T9040] team0: left promiscuous mode
[ 3195.993424][ T9040] team_slave_0: left promiscuous mode
[ 3196.005109][ T9032] Memory cgroup stats for /syz1:
[ 3196.005241][ T9032] cache 0
[ 3196.013409][ T9040] team_slave_1: left promiscuous mode
[ 3196.021865][ T9032] rss 28672
[ 3196.027729][ T9032] rss_huge 0
[ 3196.034386][ T9032] shmem 0
[ 3196.038908][ T9040] team0: left allmulticast mode
[ 3196.046905][ T9032] mapped_file 0
[ 3196.053824][ T9032] dirty 0
[ 3196.058382][ T9040] team_slave_0: left allmulticast mode
[ 3196.064678][ T9032] writeback 0
[ 3196.070044][ T9032] workingset_refault_anon 36912
[ 3196.077557][ T9040] team_slave_1: left allmulticast mode
[ 3196.083131][ T9032] workingset_refault_file 357
[ 3196.096491][ T9032] swap 11894784
[ 3196.100818][ T9040] bridge0: port 9(team0) entered blocking state
[ 3196.107929][ T9032] swapcached 0
[ 3196.111409][ T9032] pgpgin 3288256
[ 3196.115705][ T9040] bridge0: port 9(team0) entered disabled state
[ 3196.122056][ T9032] pgpgout 3288249
[ 3196.126510][ T9032] pgfault 3622133
[ 3196.130254][ T9032] pgmajfault 38760
[ 3196.134950][ T9040] team0: entered allmulticast mode
[ 3196.140180][ T9032] inactive_anon 0
[ 3196.144735][ T9040] team_slave_0: entered allmulticast mode
[ 3196.150654][ T9032] active_anon 28672
[ 3196.155158][ T9032] inactive_file 0
[ 3196.159014][ T9040] team_slave_1: entered allmulticast mode
[ 3196.165480][ T9032] active_file 0
[ 3196.169130][ T9032] unevictable 0
[ 3196.178609][ T9040] team0: entered promiscuous mode
[ 3196.187223][ T9032] hierarchical_memory_limit 314572800
10:58:08 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00100010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3196.192804][ T9040] team_slave_0: entered promiscuous mode
[ 3196.199138][ T9032] hierarchical_memsw_limit 9223372036854771712
[ 3196.206503][ T9040] team_slave_1: entered promiscuous mode
[ 3196.212348][ T9032] total_cache 0
[ 3196.216525][ T9032] total_rss 28672
[ 3196.221317][ T9042] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3196.221629][ T9032] total_rss_huge 0
10:58:08 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8058651201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3196.287876][ T9032] total_shmem 0
[ 3196.303176][ T9032] total_mapped_file 0
[ 3196.315525][ T9032] total_dirty 0
[ 3196.323511][ T9032] total_writeback 0
10:58:08 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00600010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3196.357775][ T9049] team0: left allmulticast mode
[ 3196.367383][ T9049] team_slave_0: left allmulticast mode
[ 3196.376555][ T9032] total_workingset_refault_anon 36912
[ 3196.381953][ T9032] total_workingset_refault_file 357
[ 3196.384557][ T9049] team_slave_1: left allmulticast mode
[ 3196.392901][ T9049] team0: left promiscuous mode
10:58:08 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x1f000000}}}]}, 0x78}}, 0x0)

[ 3196.405366][ T9049] team_slave_0: left promiscuous mode
[ 3196.418591][ T9049] team_slave_1: left promiscuous mode
[ 3196.424651][ T9032] total_swap 11894784
[ 3196.428811][ T9049] bridge0: port 9(team0) entered disabled state
[ 3196.450587][ T9032] total_swapcached 0
[ 3196.462455][ T9032] total_pgpgin 3288256
[ 3196.466916][ T9032] total_pgpgout 3288249
[ 3196.471100][ T9032] total_pgfault 3622133
[ 3196.481304][ T9032] total_pgmajfault 38760
[ 3196.485918][ T9049] 8021q: adding VLAN 0 to HW filter on device team0
[ 3196.490588][ T9049] team0: entered promiscuous mode
[ 3196.500247][ T9032] total_inactive_anon 0
[ 3196.505865][ T9032] total_active_anon 28672
[ 3196.508591][ T9049] team_slave_0: entered promiscuous mode
[ 3196.512542][ T9032] total_inactive_file 0
[ 3196.520883][ T9049] team_slave_1: entered promiscuous mode
[ 3196.531695][ T9049] team0: entered allmulticast mode
[ 3196.533359][ T9032] total_active_file 0
[ 3196.542012][ T9032] total_unevictable 0
[ 3196.543479][ T9049] team_slave_0: entered allmulticast mode
[ 3196.552624][ T9032] anon_cost 0
[ 3196.556647][ T9032] file_cost 0
[ 3196.559955][ T9032] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=9032,uid=0
[ 3196.576340][ T9049] team_slave_1: entered allmulticast mode
[ 3196.592095][ T9049] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3196.593297][ T9032] Memory cgroup out of memory: Killed process 9032 (syz-executor.1) total-vm:54508kB, anon-rss:440kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3196.632347][ T9051] bond0: (slave team0): Releasing backup interface
[ 3196.644765][ T9051] team0: left promiscuous mode
[ 3196.651779][ T9051] team_slave_0: left promiscuous mode
10:58:08 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0x7}, 0x0)

[ 3196.663783][ T9051] team_slave_1: left promiscuous mode
[ 3196.677023][ T9051] team0: left allmulticast mode
[ 3196.699715][ T9051] team_slave_0: left allmulticast mode
[ 3196.720730][ T9051] team_slave_1: left allmulticast mode
[ 3196.767826][ T9051] bridge0: port 9(team0) entered blocking state
[ 3196.785506][ T9051] bridge0: port 9(team0) entered disabled state
[ 3196.801076][ T9051] team0: entered allmulticast mode
[ 3196.814506][ T9051] team_slave_0: entered allmulticast mode
[ 3196.828633][ T9051] team_slave_1: entered allmulticast mode
[ 3196.847951][ T9051] team0: entered promiscuous mode
[ 3196.862004][ T9051] team_slave_0: entered promiscuous mode
10:58:08 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000310008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3196.875727][ T9051] team_slave_1: entered promiscuous mode
[ 3196.895729][ T9057] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:08 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x48000000}}}]}, 0x78}}, 0x0)

[ 3197.020659][ T9061] validate_nla: 10 callbacks suppressed
[ 3197.020677][ T9061] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
10:58:08 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000510008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3197.126786][ T9063] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:09 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000681201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3197.238361][ T6458] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
10:58:09 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000610008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3197.279871][ T9065] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3197.305269][ T9069] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3197.334245][ T6458] CPU: 0 PID: 6458 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3197.334269][ T9069] team0: left allmulticast mode
[ 3197.344597][ T6458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3197.344613][ T6458] Call Trace:
[ 3197.344622][ T6458]  <TASK>
[ 3197.344630][ T6458]  dump_stack_lvl+0x1e7/0x2e0
[ 3197.344663][ T6458]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3197.344684][ T6458]  ? __pfx__printk+0x10/0x10
[ 3197.344702][ T6458]  ? ___ratelimit+0x4c4/0x670
[ 3197.344729][ T6458]  ? __pfx____ratelimit+0x10/0x10
[ 3197.344754][ T6458]  dump_header+0xda/0x6a0
[ 3197.344780][ T6458]  oom_kill_process+0x3a7/0x930
[ 3197.344805][ T6458]  out_of_memory+0xf67/0x1320
[ 3197.344832][ T6458]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3197.344854][ T6458]  ? __pfx___mutex_lock+0x10/0x10
[ 3197.344882][ T6458]  ? __pfx_out_of_memory+0x10/0x10
[ 3197.344913][ T6458]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3197.344933][ T6458]  ? __pfx_lock_release+0x10/0x10
[ 3197.344958][ T6458]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3197.344984][ T6458]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3197.345007][ T6458]  ? mem_cgroup_iter+0x422/0x560
[ 3197.345033][ T6458]  try_charge_memcg+0xda2/0x18a0
[ 3197.345051][ T6458]  ? mark_lock+0x9a/0x350
[ 3197.345091][ T6458]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3197.359208][ T9069] team_slave_0: left allmulticast mode
[ 3197.359986][ T6458]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3197.363359][ T9069] team_slave_1: left allmulticast mode
[ 3197.366173][ T6458]  charge_memcg+0xa2/0x160
[ 3197.366203][ T6458]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3197.366227][ T6458]  __read_swap_cache_async+0x480/0x8b0
[ 3197.366250][ T6458]  ? mark_lock+0x9a/0x350
[ 3197.372115][ T9069] team0: left promiscuous mode
[ 3197.376075][ T6458]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3197.376117][ T6458]  swap_cluster_readahead+0x67c/0x810
[ 3197.376149][ T6458]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3197.382544][ T9069] team_slave_0: left promiscuous mode
10:58:09 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x60000000}}}]}, 0x78}}, 0x0)

[ 3197.385365][ T6458]  ? __pfx_lock_release+0x10/0x10
[ 3197.385398][ T6458]  ? xas_descend+0x37e/0x470
[ 3197.385434][ T6458]  swapin_readahead+0x1ea/0x1070
[ 3197.391235][ T9069] team_slave_1: left promiscuous mode
[ 3197.394738][ T6458]  ? filemap_get_entry+0x127/0x4e0
[ 3197.394779][ T6458]  ? __pfx_swapin_readahead+0x10/0x10
[ 3197.394811][ T6458]  ? __filemap_get_folio+0x935/0xbc0
[ 3197.394840][ T6458]  ? swap_cache_get_folio+0x9f/0x570
[ 3197.394864][ T6458]  do_swap_page+0x8ab/0x3da0
[ 3197.394888][ T6458]  ? __pte_offset_map+0x2c4/0x380
[ 3197.394924][ T6458]  ? do_swap_page+0x154/0x3da0
[ 3197.394941][ T6458]  ? __pfx_do_swap_page+0x10/0x10
[ 3197.394960][ T6458]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3197.394983][ T6458]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3197.395005][ T6458]  ? __pfx_validate_chain+0x10/0x10
[ 3197.395033][ T6458]  __handle_mm_fault+0x15e8/0x72d0
[ 3197.395085][ T6458]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3197.395115][ T6458]  ? mt_find+0x226/0x850
[ 3197.395137][ T6458]  ? __pfx_lock_release+0x10/0x10
[ 3197.395177][ T6458]  ? mt_find+0x62d/0x850
[ 3197.395200][ T6458]  ? mt_find+0x226/0x850
[ 3197.395245][ T6458]  ? find_vma+0x142/0x1c0
[ 3197.395265][ T6458]  ? __pfx_find_vma+0x10/0x10
[ 3197.395282][ T6458]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3197.395311][ T6458]  handle_mm_fault+0x3c1/0x8a0
[ 3197.395341][ T6458]  exc_page_fault+0x2ad/0x870
[ 3197.395369][ T6458]  asm_exc_page_fault+0x26/0x30
[ 3197.395394][ T6458] RIP: 0010:__get_user_8+0x11/0x20
[ 3197.395420][ T6458] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 3197.395435][ T6458] RSP: 0000:ffffc900059a7d98 EFLAGS: 00050202
[ 3197.395453][ T6458] RAX: 0000555556856da8 RBX: ffff8880761fee78 RCX: ffffc900059a7c03
[ 3197.395468][ T6458] RDX: 0000000000000000 RSI: ffffffff8baac760 RDI: ffffffff8bfe6820
[ 3197.395481][ T6458] RBP: ffffc900059a7ec8 R08: ffffffff8f855a6f R09: 1ffffffff1f0ab4d
[ 3197.395495][ T6458] R10: dffffc0000000000 R11: fffffbfff1f0ab4e R12: ffffc900059a7da0
[ 3197.395508][ T6458] R13: ffffc900059a7fd8 R14: dffffc0000000000 R15: ffff8880761fd940
[ 3197.395541][ T6458]  __rseq_handle_notify_resume+0x158/0x1490
[ 3197.395579][ T6458]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 3197.395611][ T6458]  ? syscall_exit_to_user_mode+0xa2/0x370
[ 3197.395636][ T6458]  syscall_exit_to_user_mode+0x113/0x370
[ 3197.395661][ T6458]  do_syscall_64+0x108/0x240
[ 3197.395687][ T6458]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3197.395709][ T6458] RIP: 0033:0x7f49312a91b5
[ 3197.395727][ T6458] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[ 3197.395742][ T6458] RSP: 002b:00007f49314cfcf0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 3197.395763][ T6458] RAX: 0000000000000000 RBX: 00000000000037b9 RCX: 00007f49312a91b5
[ 3197.395776][ T6458] RDX: 00007f49314cfd30 RSI: 0000000000000000 RDI: 0000000000000000
10:58:09 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x2, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3197.395789][ T6458] RBP: 00007f49314cfdbc R08: 0000000000000000 R09: 00007fffcebe70b0
[ 3197.395802][ T6458] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 3197.395814][ T6458] R13: 000000000030c740 R14: 000000000030c740 R15: 0000000000000000
[ 3197.395844][ T6458]  </TASK>
[ 3197.591658][ T6458] memory: usage 307200kB, limit 307200kB, failcnt 92769
[ 3197.607067][ T9069] bridge0: port 9(team0) entered disabled state
[ 3197.667909][ T6458] memory+swap: usage 318844kB, limit 9007199254740988kB, failcnt 0
[ 3197.888681][ T9069] 8021q: adding VLAN 0 to HW filter on device team0
[ 3197.906528][ T9069] team0: entered promiscuous mode
[ 3197.916751][ T6458] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3197.925112][ T6458] Memory cgroup stats for /syz1:
[ 3197.925247][ T6458] cache 0
[ 3197.933317][ T6458] rss 12288
[ 3197.937786][ T6458] rss_huge 0
[ 3197.938215][ T9069] team_slave_0: entered promiscuous mode
[ 3197.941150][ T6458] shmem 0
[ 3197.951089][ T6458] mapped_file 0
[ 3197.955288][ T6458] dirty 0
[ 3197.958450][ T6458] writeback 0
[ 3197.962009][ T6458] workingset_refault_anon 37034
[ 3197.974494][ T9069] team_slave_1: entered promiscuous mode
[ 3197.980561][ T9069] team0: entered allmulticast mode
[ 3197.995537][ T9069] team_slave_0: entered allmulticast mode
[ 3198.002362][ T9069] team_slave_1: entered allmulticast mode
[ 3198.008440][ T6458] workingset_refault_file 357
[ 3198.013426][ T6458] swap 11911168
[ 3198.028097][ T9069] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3198.036895][ T6458] swapcached 0
[ 3198.040274][ T6458] pgpgin 3288409
[ 3198.043805][ T6458] pgpgout 3288406
[ 3198.048109][ T9070] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3198.057557][ T6458] pgfault 3622365
[ 3198.061309][ T6458] pgmajfault 38891
[ 3198.069270][ T6458] inactive_anon 12288
[ 3198.073742][ T6458] active_anon 0
[ 3198.078513][ T9070] bond0: (slave team0): Releasing backup interface
[ 3198.086273][ T6458] inactive_file 0
[ 3198.090737][ T9070] team0: left promiscuous mode
[ 3198.096012][ T9070] team_slave_0: left promiscuous mode
[ 3198.102261][ T9070] team_slave_1: left promiscuous mode
[ 3198.111363][ T6458] active_file 0
[ 3198.117492][ T9070] team0: left allmulticast mode
[ 3198.122482][ T6458] unevictable 0
[ 3198.126850][ T9070] team_slave_0: left allmulticast mode
[ 3198.132437][ T6458] hierarchical_memory_limit 314572800
[ 3198.138638][ T9070] team_slave_1: left allmulticast mode
[ 3198.145048][ T6458] hierarchical_memsw_limit 9223372036854771712
[ 3198.158648][ T6458] total_cache 0
[ 3198.165256][ T9070] bridge0: port 9(team0) entered blocking state
[ 3198.172015][ T6458] total_rss 12288
[ 3198.176974][ T6458] total_rss_huge 0
[ 3198.180924][ T9070] bridge0: port 9(team0) entered disabled state
[ 3198.188244][ T6458] total_shmem 0
[ 3198.191805][ T6458] total_mapped_file 0
[ 3198.196859][ T9070] team0: entered allmulticast mode
[ 3198.202095][ T6458] total_dirty 0
[ 3198.206720][ T9070] team_slave_0: entered allmulticast mode
[ 3198.212556][ T6458] total_writeback 0
[ 3198.219412][ T6458] total_workingset_refault_anon 37034
[ 3198.225507][ T9070] team_slave_1: entered allmulticast mode
[ 3198.231387][ T6458] total_workingset_refault_file 357
[ 3198.239595][ T9070] team0: entered promiscuous mode
[ 3198.245312][ T6458] total_swap 11911168
[ 3198.249443][ T9070] team_slave_0: entered promiscuous mode
[ 3198.255899][ T6458] total_swapcached 0
[ 3198.260131][ T9070] team_slave_1: entered promiscuous mode
[ 3198.266975][ T6458] total_pgpgin 3288409
[ 3198.271156][ T6458] total_pgpgout 3288406
[ 3198.279116][ T9075] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3198.279453][ T6458] total_pgfault 3622365
10:58:10 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba80006c1201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3198.294992][ T9076] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3198.302824][ T6458] total_pgmajfault 38891
[ 3198.311360][ T6458] total_inactive_anon 12288
[ 3198.322614][ T6458] total_active_anon 0
10:58:10 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000a10008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3198.350123][ T6458] total_inactive_file 0
[ 3198.382952][ T6458] total_active_file 0
[ 3198.387945][ T6458] total_unevictable 0
[ 3198.396895][ T6458] anon_cost 0
[ 3198.407820][ T6458] file_cost 0
[ 3198.417739][ T6458] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=9059,uid=0
10:58:10 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x65580000}}}]}, 0x78}}, 0x0)

[ 3198.425962][ T9082] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3198.456022][ T6458] Memory cgroup out of memory: Killed process 9059 (syz-executor.1) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3198.489912][ T9082] team0: left allmulticast mode
[ 3198.506327][ T9082] team_slave_0: left allmulticast mode
[ 3198.512107][ T9082] team_slave_1: left allmulticast mode
[ 3198.518874][ T9082] team0: left promiscuous mode
[ 3198.524557][ T9082] team_slave_0: left promiscuous mode
[ 3198.530727][ T9082] team_slave_1: left promiscuous mode
10:58:10 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0x8}, 0x0)

[ 3198.539163][ T9082] bridge0: port 9(team0) entered disabled state
[ 3198.553690][ T9082] 8021q: adding VLAN 0 to HW filter on device team0
[ 3198.577996][ T9082] team0: entered promiscuous mode
[ 3198.593680][ T9082] team_slave_0: entered promiscuous mode
[ 3198.616119][ T9082] team_slave_1: entered promiscuous mode
[ 3198.622342][ T9082] team0: entered allmulticast mode
[ 3198.629492][ T9082] team_slave_0: entered allmulticast mode
[ 3198.638365][ T9082] team_slave_1: entered allmulticast mode
10:58:10 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000c10008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3198.647934][ T9082] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3198.661453][ T9084] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3198.677061][ T9088] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3198.724993][ T9088] bond0: (slave team0): Releasing backup interface
[ 3198.739780][ T9088] team0: left promiscuous mode
[ 3198.749388][ T9088] team_slave_0: left promiscuous mode
[ 3198.765515][ T9088] team_slave_1: left promiscuous mode
[ 3198.772622][ T9088] team0: left allmulticast mode
[ 3198.783715][ T9088] team_slave_0: left allmulticast mode
[ 3198.794502][ T9088] team_slave_1: left allmulticast mode
[ 3198.812740][ T6458] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 3198.824862][ T9088] bridge0: port 9(team0) entered blocking state
[ 3198.831392][ T9088] bridge0: port 9(team0) entered disabled state
[ 3198.834262][ T6458] CPU: 1 PID: 6458 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3198.844835][ T9088] team0: entered allmulticast mode
[ 3198.847930][ T6458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3198.847943][ T6458] Call Trace:
[ 3198.847952][ T6458]  <TASK>
[ 3198.847961][ T6458]  dump_stack_lvl+0x1e7/0x2e0
[ 3198.847993][ T6458]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3198.856887][ T9088] team_slave_0: entered allmulticast mode
[ 3198.863119][ T6458]  ? __pfx__printk+0x10/0x10
[ 3198.863146][ T6458]  ? ___ratelimit+0x4c4/0x670
[ 3198.863173][ T6458]  ? __pfx____ratelimit+0x10/0x10
[ 3198.874362][ T9088] team_slave_1: entered allmulticast mode
[ 3198.879220][ T6458]  dump_header+0xda/0x6a0
[ 3198.879256][ T6458]  oom_kill_process+0x3a7/0x930
[ 3198.879282][ T6458]  out_of_memory+0xf67/0x1320
[ 3198.896853][ T9088] team0: entered promiscuous mode
[ 3198.899223][ T6458]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3198.899255][ T6458]  ? __pfx___mutex_lock+0x10/0x10
[ 3198.911100][ T9088] team_slave_0: entered promiscuous mode
[ 3198.914121][ T6458]  ? __pfx_out_of_memory+0x10/0x10
[ 3198.914161][ T6458]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3198.914183][ T6458]  ? __pfx_lock_release+0x10/0x10
[ 3198.914207][ T6458]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3198.914233][ T6458]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3198.914255][ T6458]  ? mem_cgroup_iter+0x422/0x560
[ 3198.914281][ T6458]  try_charge_memcg+0xda2/0x18a0
[ 3198.914300][ T6458]  ? mark_lock+0x9a/0x350
[ 3198.914343][ T6458]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3198.914393][ T6458]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3198.914413][ T6458]  charge_memcg+0xa2/0x160
[ 3198.914439][ T6458]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3198.914462][ T6458]  __read_swap_cache_async+0x480/0x8b0
[ 3198.914485][ T6458]  ? mark_lock+0x9a/0x350
[ 3198.914515][ T6458]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3198.914545][ T6458]  swap_cluster_readahead+0x67c/0x810
[ 3198.924579][ T9088] team_slave_1: entered promiscuous mode
[ 3198.929846][ T6458]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3198.929881][ T6458]  ? __pfx_lock_release+0x10/0x10
[ 3198.929907][ T6458]  ? xas_descend+0x37e/0x470
[ 3198.945959][ T9089] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3198.951149][ T6458]  swapin_readahead+0x1ea/0x1070
[ 3198.951180][ T6458]  ? filemap_get_entry+0x127/0x4e0
[ 3198.951218][ T6458]  ? __pfx_swapin_readahead+0x10/0x10
[ 3199.070293][ T6458]  ? __filemap_get_folio+0x935/0xbc0
[ 3199.075590][ T6458]  ? swap_cache_get_folio+0x9f/0x570
[ 3199.080876][ T6458]  do_swap_page+0x8ab/0x3da0
[ 3199.085460][ T6458]  ? __pte_offset_map+0x2c4/0x380
[ 3199.090483][ T6458]  ? do_swap_page+0x154/0x3da0
[ 3199.095239][ T6458]  ? __pfx_do_swap_page+0x10/0x10
[ 3199.100262][ T6458]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3199.105716][ T6458]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3199.111514][ T6458]  ? __pfx_validate_chain+0x10/0x10
[ 3199.116709][ T6458]  __handle_mm_fault+0x15e8/0x72d0
[ 3199.121834][ T6458]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3199.127293][ T6458]  ? mt_find+0x226/0x850
[ 3199.131532][ T6458]  ? __pfx_lock_release+0x10/0x10
[ 3199.136561][ T6458]  ? mt_find+0x62d/0x850
[ 3199.140801][ T6458]  ? mt_find+0x226/0x850
[ 3199.145055][ T6458]  ? find_vma+0x142/0x1c0
[ 3199.149379][ T6458]  ? __pfx_find_vma+0x10/0x10
[ 3199.154053][ T6458]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3199.160042][ T6458]  handle_mm_fault+0x3c1/0x8a0
[ 3199.164807][ T6458]  exc_page_fault+0x2ad/0x870
[ 3199.169479][ T6458]  asm_exc_page_fault+0x26/0x30
[ 3199.174323][ T6458] RIP: 0010:__get_user_8+0x11/0x20
[ 3199.179426][ T6458] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 3199.199021][ T6458] RSP: 0018:ffffc900059a7d98 EFLAGS: 00050202
[ 3199.205080][ T6458] RAX: 0000555556856da8 RBX: ffff8880761fee78 RCX: ffffc900059a7c03
[ 3199.213042][ T6458] RDX: 0000000000000000 RSI: ffffffff8baac760 RDI: ffffffff8bfe6820
[ 3199.221020][ T6458] RBP: ffffc900059a7ec8 R08: ffffffff8f855a6f R09: 1ffffffff1f0ab4d
[ 3199.228991][ T6458] R10: dffffc0000000000 R11: fffffbfff1f0ab4e R12: ffffc900059a7da0
[ 3199.236965][ T6458] R13: ffffc900059a7fd8 R14: dffffc0000000000 R15: ffff8880761fd940
[ 3199.244975][ T6458]  __rseq_handle_notify_resume+0x158/0x1490
[ 3199.250913][ T6458]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 3199.257259][ T6458]  ? syscall_exit_to_user_mode+0xa2/0x370
[ 3199.262980][ T6458]  syscall_exit_to_user_mode+0x113/0x370
[ 3199.268613][ T6458]  do_syscall_64+0x108/0x240
[ 3199.273219][ T6458]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3199.279120][ T6458] RIP: 0033:0x7f49312a91b5
[ 3199.283558][ T6458] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[ 3199.303166][ T6458] RSP: 002b:00007f49314cfcf0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 3199.311577][ T6458] RAX: 0000000000000000 RBX: 00000000000037ba RCX: 00007f49312a91b5
[ 3199.319542][ T6458] RDX: 00007f49314cfd30 RSI: 0000000000000000 RDI: 0000000000000000
10:58:11 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000741201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3199.327519][ T6458] RBP: 00007f49314cfdbc R08: 0000000000000000 R09: 00007fffcebe70b0
[ 3199.335489][ T6458] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 3199.343454][ T6458] R13: 000000000030ce7f R14: 000000000030ce7f R15: 0000000000000000
[ 3199.351433][ T6458]  </TASK>
[ 3199.404868][ T9094] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
10:58:11 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000f10008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:58:11 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x7f000000}}}]}, 0x78}}, 0x0)

[ 3199.446701][ T9097] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3199.494656][ T9097] team0: left allmulticast mode
[ 3199.526469][ T9097] team_slave_0: left allmulticast mode
[ 3199.541614][ T9097] team_slave_1: left allmulticast mode
[ 3199.560424][ T9097] team0: left promiscuous mode
[ 3199.571869][ T9097] team_slave_0: left promiscuous mode
[ 3199.589617][ T9097] team_slave_1: left promiscuous mode
[ 3199.606501][ T9097] bridge0: port 9(team0) entered disabled state
[ 3199.632624][ T9097] 8021q: adding VLAN 0 to HW filter on device team0
[ 3199.657403][ T9097] team0: entered promiscuous mode
[ 3199.671742][ T9097] team_slave_0: entered promiscuous mode
[ 3199.686119][ T9097] team_slave_1: entered promiscuous mode
[ 3199.691480][ T6458] memory: usage 307200kB, limit 307200kB, failcnt 92995
[ 3199.700704][ T9097] team0: entered allmulticast mode
[ 3199.706976][ T6458] memory+swap: usage 318844kB, limit 9007199254740988kB, failcnt 0
[ 3199.711097][ T9097] team_slave_0: entered allmulticast mode
[ 3199.723828][ T6458] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3199.732662][ T9097] team_slave_1: entered allmulticast mode
[ 3199.741540][ T6458] Memory cgroup stats for /syz1:
[ 3199.741677][ T6458] cache 0
[ 3199.751967][ T9097] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3199.757740][ T6458] rss 32768
[ 3199.770677][ T6458] rss_huge 0
[ 3199.776749][ T9100] bond0: (slave team0): Releasing backup interface
[ 3199.777305][ T6458] shmem 0
[ 3199.787199][ T6458] mapped_file 0
[ 3199.790810][ T6458] dirty 0
[ 3199.794380][ T6458] writeback 0
[ 3199.796905][ T9100] team0: left promiscuous mode
[ 3199.797839][ T6458] workingset_refault_anon 37098
[ 3199.802631][ T9100] team_slave_0: left promiscuous mode
[ 3199.808727][ T6458] workingset_refault_file 357
[ 3199.819359][ T9100] team_slave_1: left promiscuous mode
[ 3199.827764][ T9100] team0: left allmulticast mode
[ 3199.840529][ T6458] swap 11890688
[ 3199.844768][ T9100] team_slave_0: left allmulticast mode
[ 3199.850421][ T6458] swapcached 0
[ 3199.854416][ T9100] team_slave_1: left allmulticast mode
[ 3199.861263][ T6458] pgpgin 3288503
[ 3199.865878][ T6458] pgpgout 3288495
[ 3199.870325][ T6458] pgfault 3622509
[ 3199.883443][ T9100] bridge0: port 9(team0) entered blocking state
[ 3199.890138][ T6458] pgmajfault 38967
[ 3199.894706][ T6458] inactive_anon 20480
[ 3199.898987][ T9100] bridge0: port 9(team0) entered disabled state
[ 3199.906128][ T6458] active_anon 12288
[ 3199.907965][ T9100] team0: entered allmulticast mode
[ 3199.910072][ T6458] inactive_file 0
[ 3199.919546][ T9100] team_slave_0: entered allmulticast mode
[ 3199.920310][ T6458] active_file 0
[ 3199.929501][ T6458] unevictable 0
[ 3199.932085][ T9100] team_slave_1: entered allmulticast mode
[ 3199.933119][ T6458] hierarchical_memory_limit 314572800
[ 3199.948472][ T6458] hierarchical_memsw_limit 9223372036854771712
[ 3199.955403][ T6458] total_cache 0
[ 3199.960309][ T6458] total_rss 32768
[ 3199.961742][ T9100] team0: entered promiscuous mode
[ 3199.965163][ T6458] total_rss_huge 0
[ 3199.973512][ T6458] total_shmem 0
[ 3199.975549][ T9100] team_slave_0: entered promiscuous mode
[ 3199.978136][ T6458] total_mapped_file 0
[ 3199.987618][ T6458] total_dirty 0
[ 3199.988182][ T9100] team_slave_1: entered promiscuous mode
[ 3199.991319][ T6458] total_writeback 0
[ 3200.001736][ T6458] total_workingset_refault_anon 37098
[ 3200.007238][ T9105] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3200.020685][ T6458] total_workingset_refault_file 357
[ 3200.026739][ T6458] total_swap 11890688
[ 3200.030983][ T6458] total_swapcached 0
[ 3200.035771][ T6458] total_pgpgin 3288503
10:58:11 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00884710008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3200.040068][ T6458] total_pgpgout 3288495
[ 3200.045091][ T6458] total_pgfault 3622509
[ 3200.066922][ T6458] total_pgmajfault 38967
[ 3200.078053][ T6458] total_inactive_anon 20480
10:58:11 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x80ffffff}}}]}, 0x78}}, 0x0)

10:58:11 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00884810008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3200.089526][ T6458] total_active_anon 12288
[ 3200.101454][ T6458] total_inactive_file 0
[ 3200.111610][ T6458] total_active_file 0
[ 3200.120887][ T6458] total_unevictable 0
[ 3200.142426][ T9110] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3200.155143][ T6458] anon_cost 0
[ 3200.162988][ T6458] file_cost 0
[ 3200.168971][ T6458] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=9092,uid=0
[ 3200.185615][ T6458] Memory cgroup out of memory: Killed process 9092 (syz-executor.1) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
10:58:12 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x81000000}}}]}, 0x78}}, 0x0)

10:58:12 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00655810008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:58:12 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0x9}, 0x0)

10:58:12 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba80007a1201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

10:58:12 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00006010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3200.333520][ T9116] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3200.423474][ T9118] team0: left allmulticast mode
[ 3200.437720][ T9118] team_slave_0: left allmulticast mode
[ 3200.457411][ T9118] team_slave_1: left allmulticast mode
[ 3200.491399][ T9118] team0: left promiscuous mode
[ 3200.503318][ T9118] team_slave_0: left promiscuous mode
[ 3200.542500][ T9118] team_slave_1: left promiscuous mode
[ 3200.568333][ T9118] bridge0: port 9(team0) entered disabled state
[ 3200.613575][ T9118] 8021q: adding VLAN 0 to HW filter on device team0
[ 3200.635897][ T9118] team0: entered promiscuous mode
[ 3200.647314][ T9119] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3200.652817][ T9118] team_slave_0: entered promiscuous mode
[ 3200.658985][ T9119] CPU: 0 PID: 9119 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3200.673673][ T9119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3200.674508][ T9118] team_slave_1: entered promiscuous mode
[ 3200.683719][ T9119] Call Trace:
[ 3200.683730][ T9119]  <TASK>
[ 3200.683739][ T9119]  dump_stack_lvl+0x1e7/0x2e0
[ 3200.683770][ T9119]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3200.683792][ T9119]  ? __pfx__printk+0x10/0x10
[ 3200.683811][ T9119]  ? ___ratelimit+0x4c4/0x670
[ 3200.683834][ T9119]  ? __pfx____ratelimit+0x10/0x10
[ 3200.683858][ T9119]  dump_header+0xda/0x6a0
[ 3200.683885][ T9119]  oom_kill_process+0x3a7/0x930
[ 3200.683911][ T9119]  out_of_memory+0xf67/0x1320
[ 3200.683936][ T9119]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3200.683956][ T9119]  ? __pfx___mutex_lock+0x10/0x10
[ 3200.683983][ T9119]  ? __pfx_out_of_memory+0x10/0x10
[ 3200.684013][ T9119]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3200.684033][ T9119]  ? __pfx_lock_release+0x10/0x10
[ 3200.684056][ T9119]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3200.684082][ T9119]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3200.684111][ T9119]  ? mem_cgroup_iter+0x422/0x560
[ 3200.684136][ T9119]  try_charge_memcg+0xda2/0x18a0
[ 3200.684181][ T9119]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3200.684200][ T9119]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3200.684220][ T9119]  ? __pfx_lock_release+0x10/0x10
[ 3200.684244][ T9119]  ? memcg_account_kmem+0x1e7/0x210
[ 3200.684276][ T9119]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3200.684299][ T9119]  __memcg_kmem_charge_page+0xe1/0x250
[ 3200.684326][ T9119]  memcg_charge_kernel_stack+0x37e/0x550
[ 3200.684352][ T9119]  dup_task_struct+0x40d/0x7d0
[ 3200.684375][ T9119]  copy_process+0x5d5/0x3fc0
[ 3200.684409][ T9119]  ? __might_fault+0xa9/0x120
[ 3200.684431][ T9119]  ? __pfx_lock_release+0x10/0x10
[ 3200.684456][ T9119]  ? __lock_acquire+0x1345/0x1fd0
[ 3200.684481][ T9119]  ? __pfx_copy_process+0x10/0x10
[ 3200.684501][ T9119]  ? __might_fault+0xc5/0x120
[ 3200.684523][ T9119]  ? __asan_memset+0x23/0x50
[ 3200.684551][ T9119]  kernel_clone+0x21d/0x8d0
[ 3200.684576][ T9119]  ? __pfx_kernel_clone+0x10/0x10
[ 3200.684606][ T9119]  ? __pfx_lock_release+0x10/0x10
[ 3200.684636][ T9119]  __se_sys_clone3+0x2cb/0x350
[ 3200.684655][ T9119]  ? __might_fault+0xa9/0x120
[ 3200.684677][ T9119]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3200.684695][ T9119]  ? rcu_is_watching+0x15/0xb0
[ 3200.684730][ T9119]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3200.710427][ T9118] team0: entered allmulticast mode
[ 3200.711004][ T9119]  ? exc_page_fault+0x587/0x870
[ 3200.732867][ T9118] team_slave_0: entered allmulticast mode
[ 3200.734478][ T9119]  ? do_syscall_64+0xb4/0x240
[ 3200.734511][ T9119]  do_syscall_64+0xf9/0x240
[ 3200.734538][ T9119]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3200.743220][ T9118] team_slave_1: entered allmulticast mode
[ 3200.745156][ T9119] RIP: 0033:0x7f49312a9b99
[ 3200.745179][ T9119] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3200.745194][ T9119] RSP: 002b:00007f49314cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3200.745215][ T9119] RAX: ffffffffffffffda RBX: 00007f4931252270 RCX: 00007f49312a9b99
[ 3200.772485][ T9118] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3200.777017][ T9119] RDX: 00007f4931252270 RSI: 0000000000000058 RDI: 00007f49314cf960
[ 3200.777035][ T9119] RBP: 00007f4931f096c0 R08: 00007f4931f096c0 R09: 00007f49314cfa47
[ 3200.777048][ T9119] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3200.777060][ T9119] R13: 000000000000000b R14: 00007f49314cf960 R15: 00007f49314cfa48
10:58:12 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00586510008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3200.777093][ T9119]  </TASK>
10:58:12 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x88470000}}}]}, 0x78}}, 0x0)

[ 3201.054643][ T9119] memory: usage 307200kB, limit 307200kB, failcnt 93377
[ 3201.061688][ T9119] memory+swap: usage 318844kB, limit 9007199254740988kB, failcnt 0
[ 3201.073632][ T9123] bond0: (slave team0): Releasing backup interface
[ 3201.080658][ T9119] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3201.104703][ T9123] team0: left promiscuous mode
[ 3201.109614][ T9119] Memory cgroup stats for /syz1:
[ 3201.109741][ T9119] cache 0
[ 3201.119022][ T9123] team_slave_0: left promiscuous mode
[ 3201.134285][ T9119] rss 12288
[ 3201.137427][ T9119] rss_huge 0
[ 3201.140634][ T9119] shmem 0
[ 3201.143582][ T9119] mapped_file 0
[ 3201.150009][ T9123] team_slave_1: left promiscuous mode
[ 3201.164364][ T9123] team0: left allmulticast mode
[ 3201.169292][ T9119] dirty 0
[ 3201.172246][ T9119] writeback 0
[ 3201.184791][ T9123] team_slave_0: left allmulticast mode
[ 3201.191468][ T9119] workingset_refault_anon 37186
[ 3201.202653][ T9123] team_slave_1: left allmulticast mode
[ 3201.208541][ T9119] workingset_refault_file 357
[ 3201.213648][ T9119] swap 11911168
[ 3201.226609][ T9123] bridge0: port 9(team0) entered blocking state
[ 3201.232972][ T9123] bridge0: port 9(team0) entered disabled state
[ 3201.244722][ T9119] swapcached 0
[ 3201.248122][ T9119] pgpgin 3288625
[ 3201.251682][ T9119] pgpgout 3288622
[ 3201.271027][ T9119] pgfault 3622676
[ 3201.278301][ T9123] team0: entered allmulticast mode
[ 3201.283451][ T9123] team_slave_0: entered allmulticast mode
[ 3201.289678][ T9119] pgmajfault 39058
[ 3201.293418][ T9119] inactive_anon 12288
[ 3201.303894][ T9119] active_anon 0
[ 3201.307379][ T9119] inactive_file 0
[ 3201.311023][ T9119] active_file 0
[ 3201.314666][ T9123] team_slave_1: entered allmulticast mode
[ 3201.316910][ T9123] team0: entered promiscuous mode
[ 3201.330804][ T9119] unevictable 0
[ 3201.334677][ T9123] team_slave_0: entered promiscuous mode
[ 3201.334882][ T9123] team_slave_1: entered promiscuous mode
[ 3201.347565][ T9131] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:13 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000811201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

10:58:13 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00008110008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3201.369014][ T9119] hierarchical_memory_limit 314572800
[ 3201.381236][ T9119] hierarchical_memsw_limit 9223372036854771712
[ 3201.391298][ T9119] total_cache 0
[ 3201.403531][ T9119] total_rss 12288
[ 3201.410154][ T9119] total_rss_huge 0
[ 3201.419047][ T9119] total_shmem 0
[ 3201.422666][ T9119] total_mapped_file 0
[ 3201.443901][ T9119] total_dirty 0
[ 3201.447398][ T9119] total_writeback 0
[ 3201.456228][ T9119] total_workingset_refault_anon 37186
[ 3201.461635][ T9119] total_workingset_refault_file 357
10:58:13 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00478810008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3201.493244][ T9119] total_swap 11911168
[ 3201.496966][ T9136] team0: left allmulticast mode
[ 3201.504952][ T9119] total_swapcached 0
[ 3201.506651][ T9136] team_slave_0: left allmulticast mode
[ 3201.510104][ T9119] total_pgpgin 3288625
[ 3201.534578][ T9136] team_slave_1: left allmulticast mode
10:58:13 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x88480000}}}]}, 0x78}}, 0x0)

10:58:13 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x3, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3201.538028][ T9119] total_pgpgout 3288622
[ 3201.557425][ T9136] team0: left promiscuous mode
[ 3201.558724][ T9119] total_pgfault 3622676
[ 3201.575341][ T9136] team_slave_0: left promiscuous mode
[ 3201.588002][ T9119] total_pgmajfault 39058
[ 3201.595237][ T9136] team_slave_1: left promiscuous mode
[ 3201.601192][ T9119] total_inactive_anon 12288
[ 3201.611328][ T9136] bridge0: port 9(team0) entered disabled state
[ 3201.621362][ T9119] total_active_anon 0
[ 3201.631300][ T9119] total_inactive_file 0
[ 3201.638246][ T9136] 8021q: adding VLAN 0 to HW filter on device team0
[ 3201.644275][ T9119] total_active_file 0
[ 3201.651179][ T9119] total_unevictable 0
[ 3201.655358][ T9136] team0: entered promiscuous mode
[ 3201.655378][ T9136] team_slave_0: entered promiscuous mode
[ 3201.655555][ T9136] team_slave_1: entered promiscuous mode
[ 3201.656631][ T9136] team0: entered allmulticast mode
[ 3201.665022][ T9119] anon_cost 0
[ 3201.676913][ T9136] team_slave_0: entered allmulticast mode
[ 3201.688583][ T9136] team_slave_1: entered allmulticast mode
[ 3201.694706][ T9119] file_cost 0
[ 3201.694719][ T9119] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=9119,uid=0
[ 3201.694829][ T9119] Memory cgroup out of memory: Killed process 9119 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8704kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
10:58:13 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0xa}, 0x0)

[ 3201.750734][ T9136] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3201.814888][ T9137] bond0: (slave team0): Releasing backup interface
[ 3201.835185][ T9137] team0: left promiscuous mode
[ 3201.839992][ T9137] team_slave_0: left promiscuous mode
[ 3201.852149][ T9139] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3201.863194][ T9137] team_slave_1: left promiscuous mode
[ 3201.870588][ T9137] team0: left allmulticast mode
[ 3201.876289][ T9139] CPU: 0 PID: 9139 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3201.886634][ T9139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3201.896727][ T9139] Call Trace:
[ 3201.900028][ T9139]  <TASK>
[ 3201.902974][ T9139]  dump_stack_lvl+0x1e7/0x2e0
[ 3201.907684][ T9139]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3201.912906][ T9139]  ? __pfx__printk+0x10/0x10
[ 3201.917516][ T9139]  ? ___ratelimit+0x4c4/0x670
[ 3201.922221][ T9139]  ? __pfx____ratelimit+0x10/0x10
[ 3201.927272][ T9139]  dump_header+0xda/0x6a0
[ 3201.931627][ T9139]  oom_kill_process+0x3a7/0x930
[ 3201.936504][ T9139]  out_of_memory+0xf67/0x1320
[ 3201.941200][ T9139]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3201.946849][ T9139]  ? __pfx___mutex_lock+0x10/0x10
[ 3201.951889][ T9139]  ? __pfx_out_of_memory+0x10/0x10
[ 3201.957029][ T9139]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3201.962593][ T9139]  ? __pfx_lock_release+0x10/0x10
[ 3201.967639][ T9139]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3201.973733][ T9139]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3201.978952][ T9139]  ? mem_cgroup_iter+0x422/0x560
[ 3201.983914][ T9139]  try_charge_memcg+0xda2/0x18a0
[ 3201.988881][ T9139]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3201.994245][ T9139]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3201.999955][ T9139]  ? __pfx_lock_release+0x10/0x10
[ 3202.004973][ T9139]  ? memcg_account_kmem+0x1e7/0x210
[ 3202.010173][ T9139]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3202.015972][ T9139]  __memcg_kmem_charge_page+0xe1/0x250
[ 3202.021431][ T9139]  memcg_charge_kernel_stack+0x210/0x550
[ 3202.027060][ T9139]  dup_task_struct+0x40d/0x7d0
[ 3202.031818][ T9139]  copy_process+0x5d5/0x3fc0
[ 3202.036410][ T9139]  ? __might_fault+0xa9/0x120
[ 3202.041079][ T9139]  ? __pfx_lock_release+0x10/0x10
[ 3202.046101][ T9139]  ? __pfx_copy_process+0x10/0x10
[ 3202.051117][ T9139]  ? __might_fault+0xc5/0x120
[ 3202.055784][ T9139]  ? __asan_memset+0x23/0x50
[ 3202.060370][ T9139]  kernel_clone+0x21d/0x8d0
[ 3202.064866][ T9139]  ? __pfx_kernel_clone+0x10/0x10
[ 3202.069890][ T9139]  __se_sys_clone3+0x2cb/0x350
[ 3202.074643][ T9139]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3202.079935][ T9139]  ? do_syscall_64+0x108/0x240
[ 3202.084703][ T9139]  ? do_syscall_64+0xb4/0x240
[ 3202.089377][ T9139]  do_syscall_64+0xf9/0x240
[ 3202.093879][ T9139]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3202.099767][ T9139] RIP: 0033:0x7fa2eb4a9b99
[ 3202.104172][ T9139] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3202.123769][ T9139] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3202.132173][ T9139] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3202.140138][ T9139] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3202.148097][ T9139] RBP: 00007fa2ec1ba6c0 R08: 00007fa2ec1ba6c0 R09: 00007fa2eb6cfa47
[ 3202.156056][ T9139] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3202.164017][ T9139] R13: 000000000000006e R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3202.171990][ T9139]  </TASK>
[ 3202.177876][ T9137] team_slave_0: left allmulticast mode
[ 3202.183672][ T9137] team_slave_1: left allmulticast mode
[ 3202.208177][ T9137] bridge0: port 9(team0) entered blocking state
[ 3202.215265][ T9137] bridge0: port 9(team0) entered disabled state
[ 3202.224562][ T9137] team0: entered allmulticast mode
[ 3202.234369][ T9137] team_slave_0: entered allmulticast mode
[ 3202.238275][ T9139] memory: usage 307200kB, limit 307200kB, failcnt 254853
[ 3202.244269][ T9137] team_slave_1: entered allmulticast mode
[ 3202.260934][ T9139] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3202.265054][ T9137] team0: entered promiscuous mode
[ 3202.274568][ T9139] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[ 3202.279925][ T9137] team_slave_0: entered promiscuous mode
[ 3202.282762][ T9139] Memory cgroup stats for /syz3:
[ 3202.290221][ T9139] cache 0
[ 3202.300714][ T9139] rss 12288
[ 3202.305126][ T9139] rss_huge 0
[ 3202.308660][ T9139] shmem 0
[ 3202.311956][ T9139] mapped_file 0
[ 3202.320150][ T9139] dirty 0
[ 3202.320661][ T9137] team_slave_1: entered promiscuous mode
[ 3202.323437][ T9139] writeback 0
[ 3202.337947][ T9142] validate_nla: 12 callbacks suppressed
[ 3202.337962][ T9142] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3202.341882][ T9139] workingset_refault_anon 211066
10:58:14 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8012831201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

10:58:14 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00488810008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3202.357610][ T9146] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3202.388057][ T9139] workingset_refault_file 72
[ 3202.392826][ T9139] swap 819200
[ 3202.402001][ T9139] swapcached 0
[ 3202.410403][ T9139] pgpgin 1908788
[ 3202.419223][ T9139] pgpgout 1908785
[ 3202.423057][ T9139] pgfault 3366733
[ 3202.431978][ T9139] pgmajfault 165051
10:58:14 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x88a8ffff}}}]}, 0x78}}, 0x0)

[ 3202.453256][ T9139] inactive_anon 0
[ 3202.466831][ T9139] active_anon 12288
[ 3202.475099][ T9151] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3202.477967][ T9139] inactive_file 0
10:58:14 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e0000000a008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3202.503082][ T9139] active_file 0
[ 3202.504344][ T9152] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3202.515766][ T9139] unevictable 0
[ 3202.526489][ T9139] hierarchical_memory_limit 314572800
[ 3202.542558][ T9152] team0: left allmulticast mode
[ 3202.546836][ T9139] hierarchical_memsw_limit 9223372036854771712
[ 3202.556404][ T9152] team_slave_0: left allmulticast mode
[ 3202.562026][ T9152] team_slave_1: left allmulticast mode
[ 3202.563215][ T9139] total_cache 0
[ 3202.571437][ T9152] team0: left promiscuous mode
[ 3202.572202][ T9139] total_rss 12288
[ 3202.576476][ T9152] team_slave_0: left promiscuous mode
[ 3202.576705][ T9152] team_slave_1: left promiscuous mode
[ 3202.577060][ T9152] bridge0: port 9(team0) entered disabled state
[ 3202.583108][ T9139] total_rss_huge 0
[ 3202.603567][ T9139] total_shmem 0
[ 3202.607489][ T9139] total_mapped_file 0
[ 3202.611714][ T9139] total_dirty 0
[ 3202.611885][ T9152] 8021q: adding VLAN 0 to HW filter on device team0
[ 3202.617080][ T9139] total_writeback 0
[ 3202.628574][ T9139] total_workingset_refault_anon 211066
[ 3202.634452][ T9139] total_workingset_refault_file 72
[ 3202.638810][ T9152] team0: entered promiscuous mode
[ 3202.639626][ T9139] total_swap 819200
[ 3202.648894][ T9139] total_swapcached 0
[ 3202.652856][ T9139] total_pgpgin 1908788
[ 3202.655948][ T9152] team_slave_0: entered promiscuous mode
[ 3202.657617][ T9139] total_pgpgout 1908785
[ 3202.662946][ T9152] team_slave_1: entered promiscuous mode
[ 3202.667502][ T9139] total_pgfault 3366733
[ 3202.667514][ T9139] total_pgmajfault 165051
[ 3202.667523][ T9139] total_inactive_anon 0
[ 3202.667603][ T9139] total_active_anon 12288
[ 3202.667613][ T9139] total_inactive_file 0
[ 3202.667621][ T9139] total_active_file 0
[ 3202.667695][ T9139] total_unevictable 0
[ 3202.667704][ T9139] anon_cost 0
[ 3202.667712][ T9139] file_cost 0
[ 3202.667785][ T9139] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1
[ 3202.689418][ T9152] team0: entered allmulticast mode
[ 3202.691949][ T9139] ,oom_memcg=
[ 3202.703359][ T9152] team_slave_0: entered allmulticast mode
[ 3202.704903][ T9139] /syz3
[ 3202.708050][ T9152] team_slave_1: entered allmulticast mode
[ 3202.711082][ T9139] ,task_memcg=
[ 3202.732913][ T9152] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3202.737432][ T9139] /syz3
[ 3202.757507][ T9155] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3202.769198][ T9156] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3202.769244][ T9139] ,task=syz-executor.3,pid=9139,uid=0
[ 3202.790287][ T9156] bond0: (slave team0): Releasing backup interface
10:58:14 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000210008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:58:14 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x4, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3202.794271][ T9139] Memory cgroup out of memory: Killed process 9139 (syz-executor.3) total-vm:54640kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3202.816366][ T9148] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3202.843359][ T9148] CPU: 0 PID: 9148 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3202.844259][ T9156] team0: left promiscuous mode
[ 3202.853697][ T9148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3202.863329][ T9156] team_slave_0: left promiscuous mode
[ 3202.868478][ T9148] Call Trace:
[ 3202.868488][ T9148]  <TASK>
[ 3202.868496][ T9148]  dump_stack_lvl+0x1e7/0x2e0
[ 3202.868528][ T9148]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3202.868551][ T9148]  ? __pfx__printk+0x10/0x10
[ 3202.868570][ T9148]  ? ___ratelimit+0x4c4/0x670
[ 3202.875401][ T9156] team_slave_1: left promiscuous mode
[ 3202.877225][ T9148]  ? __pfx____ratelimit+0x10/0x10
[ 3202.877258][ T9148]  dump_header+0xda/0x6a0
[ 3202.880592][ T9156] team0: left allmulticast mode
[ 3202.884844][ T9148]  oom_kill_process+0x3a7/0x930
[ 3202.884876][ T9148]  out_of_memory+0xf67/0x1320
[ 3202.884902][ T9148]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3202.884925][ T9148]  ? __pfx___mutex_lock+0x10/0x10
[ 3202.891095][ T9156] team_slave_0: left allmulticast mode
[ 3202.894661][ T9148]  ? __pfx_out_of_memory+0x10/0x10
[ 3202.894699][ T9148]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3202.894719][ T9148]  ? __pfx_lock_release+0x10/0x10
[ 3202.894743][ T9148]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3202.894767][ T9148]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3202.894786][ T9148]  ? mem_cgroup_iter+0x422/0x560
[ 3202.894811][ T9148]  try_charge_memcg+0xda2/0x18a0
[ 3202.894855][ T9148]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3202.894874][ T9148]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3202.894894][ T9148]  ? __pfx_lock_release+0x10/0x10
[ 3202.894917][ T9148]  ? memcg_account_kmem+0x1e7/0x210
[ 3202.894949][ T9148]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3202.894970][ T9148]  __memcg_kmem_charge_page+0xe1/0x250
[ 3202.894998][ T9148]  memcg_charge_kernel_stack+0x37e/0x550
[ 3202.895022][ T9148]  dup_task_struct+0x15d/0x7d0
[ 3202.895046][ T9148]  copy_process+0x5d5/0x3fc0
[ 3202.895078][ T9148]  ? __might_fault+0xa9/0x120
[ 3202.895100][ T9148]  ? __pfx_lock_release+0x10/0x10
[ 3202.895128][ T9148]  ? __pfx_copy_process+0x10/0x10
[ 3202.895148][ T9148]  ? __might_fault+0xc5/0x120
[ 3202.895171][ T9148]  ? __asan_memset+0x23/0x50
[ 3202.895199][ T9148]  kernel_clone+0x21d/0x8d0
[ 3202.895224][ T9148]  ? __pfx_kernel_clone+0x10/0x10
[ 3202.895263][ T9148]  __se_sys_clone3+0x2cb/0x350
[ 3202.895286][ T9148]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3202.895336][ T9148]  ? do_syscall_64+0x108/0x240
[ 3202.895363][ T9148]  ? do_syscall_64+0xb4/0x240
[ 3202.895387][ T9148]  do_syscall_64+0xf9/0x240
[ 3202.895411][ T9148]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3202.895435][ T9148] RIP: 0033:0x7f49312a9b99
[ 3202.895452][ T9148] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3202.895468][ T9148] RSP: 002b:00007f49314cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3202.895490][ T9148] RAX: ffffffffffffffda RBX: 00007f4931252270 RCX: 00007f49312a9b99
[ 3202.895504][ T9148] RDX: 00007f4931252270 RSI: 0000000000000058 RDI: 00007f49314cf960
[ 3202.895517][ T9148] RBP: 00007f4931f096c0 R08: 00007f4931f096c0 R09: 00007f49314cfa47
[ 3202.895530][ T9148] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3202.895542][ T9148] R13: 000000000000000b R14: 00007f49314cf960 R15: 00007f49314cfa48
[ 3202.895571][ T9148]  </TASK>
[ 3202.962528][ T9148] memory: usage 307200kB, limit 307200kB, failcnt 93753
[ 3203.004990][ T9156] team_slave_1: left allmulticast mode
[ 3203.201062][ T9148] memory+swap: usage 318844kB, limit 9007199254740988kB, failcnt 0
[ 3203.209387][ T9148] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3203.211662][ T9156] bridge0: port 9(team0) entered blocking state
[ 3203.217412][ T9148] Memory cgroup stats for /syz1:
[ 3203.217525][ T9148] cache 0
[ 3203.226247][ T9156] bridge0: port 9(team0) entered disabled state
[ 3203.230172][ T9148] rss 0
[ 3203.237516][ T9156] team0: entered allmulticast mode
[ 3203.240005][ T9148] rss_huge 0
[ 3203.245558][ T9156] team_slave_0: entered allmulticast mode
[ 3203.246480][ T9148] shmem 0
[ 3203.252516][ T9156] team_slave_1: entered allmulticast mode
[ 3203.255692][ T9148] mapped_file 0
[ 3203.264862][ T9156] team0: entered promiscuous mode
[ 3203.268458][ T9148] dirty 0
[ 3203.276711][ T9148] writeback 0
[ 3203.280112][ T9148] workingset_refault_anon 37291
[ 3203.284332][ T9156] team_slave_0: entered promiscuous mode
[ 3203.288626][ T9148] workingset_refault_file 357
[ 3203.290923][ T9156] team_slave_1: entered promiscuous mode
[ 3203.296033][ T9148] swap 11923456
[ 3203.296044][ T9148] swapcached 0
10:58:15 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8047881201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3203.296053][ T9148] pgpgin 3288770
[ 3203.296061][ T9148] pgpgout 3288770
[ 3203.296069][ T9148] pgfault 3622885
[ 3203.296077][ T9148] pgmajfault 39173
[ 3203.296084][ T9148] inactive_anon 0
[ 3203.296092][ T9148] active_anon 0
[ 3203.296100][ T9148] inactive_file 0
[ 3203.296107][ T9148] active_file 0
[ 3203.296114][ T9148] unevictable 0
[ 3203.296122][ T9148] hierarchical_memory_limit 314572800
[ 3203.349581][ T9160] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:15 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x93db4000}}}]}, 0x78}}, 0x0)

[ 3203.384874][ T9148] hierarchical_memsw_limit 9223372036854771712
[ 3203.392211][ T9164] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3203.406616][ T9148] total_cache 0
[ 3203.410106][ T9148] total_rss 0
[ 3203.413400][ T9148] total_rss_huge 0
[ 3203.418780][ T9168] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
10:58:15 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000310008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3203.432653][ T9148] total_shmem 0
[ 3203.436987][ T9168] team0: left allmulticast mode
[ 3203.451534][ T9168] team_slave_0: left allmulticast mode
[ 3203.459130][ T9148] total_mapped_file 0
[ 3203.463134][ T9148] total_dirty 0
[ 3203.468727][ T9148] total_writeback 0
[ 3203.472551][ T9148] total_workingset_refault_anon 37291
[ 3203.478370][ T9168] team_slave_1: left allmulticast mode
[ 3203.484852][ T9148] total_workingset_refault_file 357
[ 3203.490067][ T9148] total_swap 11923456
[ 3203.495030][ T9168] team0: left promiscuous mode
[ 3203.499826][ T9168] team_slave_0: left promiscuous mode
[ 3203.506575][ T9148] total_swapcached 0
[ 3203.510483][ T9148] total_pgpgin 3288770
[ 3203.515476][ T9148] total_pgpgout 3288770
[ 3203.519645][ T9148] total_pgfault 3622885
[ 3203.519723][ T9168] team_slave_1: left promiscuous mode
[ 3203.523786][ T9148] total_pgmajfault 39173
[ 3203.523797][ T9148] total_inactive_anon 0
[ 3203.523803][ T9148] total_active_anon 0
[ 3203.523810][ T9148] total_inactive_file 0
[ 3203.523817][ T9148] total_active_file 0
[ 3203.523824][ T9148] total_unevictable 0
[ 3203.523832][ T9148] anon_cost 0
[ 3203.523839][ T9148] file_cost 0
[ 3203.525883][ T9148] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null)
[ 3203.530604][ T9168] bridge0: port 9(team0) entered disabled state
[ 3203.535116][ T9148] ,cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=9148,uid=0
[ 3203.595654][ T9148] Memory cgroup out of memory: Killed process 9148 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3203.605051][ T9168] 8021q: adding VLAN 0 to HW filter on device team0
[ 3203.631218][ T5114] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 3203.648442][ T9168] team0: entered promiscuous mode
[ 3203.653514][ T9168] team_slave_0: entered promiscuous mode
[ 3203.666289][ T9168] team_slave_1: entered promiscuous mode
[ 3203.674316][ T5114] CPU: 0 PID: 5114 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3203.684665][ T5114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3203.694718][ T5114] Call Trace:
[ 3203.696864][ T9168] team0: entered allmulticast mode
[ 3203.697986][ T5114]  <TASK>
[ 3203.703245][ T9168] team_slave_0: entered allmulticast mode
[ 3203.706116][ T5114]  dump_stack_lvl+0x1e7/0x2e0
[ 3203.706150][ T5114]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3203.706172][ T5114]  ? __pfx__printk+0x10/0x10
[ 3203.711861][ T9168] team_slave_1: entered allmulticast mode
[ 3203.716505][ T5114]  ? ___ratelimit+0x4c4/0x670
[ 3203.716553][ T5114]  ? __pfx____ratelimit+0x10/0x10
[ 3203.722873][ T9168] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3203.726299][ T5114]  dump_header+0xda/0x6a0
[ 3203.726332][ T5114]  oom_kill_process+0x3a7/0x930
[ 3203.732157][ T9170] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3203.736691][ T5114]  out_of_memory+0xf67/0x1320
[ 3203.736726][ T5114]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3203.736747][ T5114]  ? __pfx___mutex_lock+0x10/0x10
[ 3203.736774][ T5114]  ? __pfx_out_of_memory+0x10/0x10
[ 3203.736803][ T5114]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3203.736821][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3203.736844][ T5114]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3203.736869][ T5114]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3203.736890][ T5114]  ? mem_cgroup_iter+0x422/0x560
[ 3203.736916][ T5114]  try_charge_memcg+0xda2/0x18a0
[ 3203.736932][ T5114]  ? mark_lock+0x9a/0x350
[ 3203.736971][ T5114]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3203.737018][ T5114]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3203.737037][ T5114]  charge_memcg+0xa2/0x160
[ 3203.737063][ T5114]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3203.737086][ T5114]  __read_swap_cache_async+0x480/0x8b0
[ 3203.737106][ T5114]  ? mark_lock+0x9a/0x350
[ 3203.737133][ T5114]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3203.737166][ T5114]  swap_cluster_readahead+0x67c/0x810
[ 3203.737199][ T5114]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3203.737225][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3203.737250][ T5114]  ? xas_descend+0x37e/0x470
[ 3203.737278][ T5114]  swapin_readahead+0x1ea/0x1070
[ 3203.737306][ T5114]  ? filemap_get_entry+0x127/0x4e0
[ 3203.737341][ T5114]  ? __pfx_swapin_readahead+0x10/0x10
[ 3203.737371][ T5114]  ? __filemap_get_folio+0x935/0xbc0
[ 3203.737399][ T5114]  ? swap_cache_get_folio+0x9f/0x570
[ 3203.737423][ T5114]  do_swap_page+0x8ab/0x3da0
[ 3203.737444][ T5114]  ? __pte_offset_map+0x2c4/0x380
[ 3203.737473][ T5114]  ? do_swap_page+0x154/0x3da0
[ 3203.737492][ T5114]  ? __pfx_do_swap_page+0x10/0x10
[ 3203.737512][ T5114]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3203.737535][ T5114]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3203.737556][ T5114]  ? __pfx_validate_chain+0x10/0x10
[ 3203.737583][ T5114]  __handle_mm_fault+0x15e8/0x72d0
[ 3203.737632][ T5114]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3203.737662][ T5114]  ? mt_find+0x226/0x850
[ 3203.737684][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3203.737723][ T5114]  ? mt_find+0x62d/0x850
[ 3203.737745][ T5114]  ? mt_find+0x226/0x850
[ 3203.737787][ T5114]  ? find_vma+0x142/0x1c0
[ 3203.737806][ T5114]  ? __pfx_find_vma+0x10/0x10
[ 3203.737824][ T5114]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3203.737852][ T5114]  handle_mm_fault+0x3c1/0x8a0
[ 3203.737882][ T5114]  exc_page_fault+0x2ad/0x870
[ 3203.737911][ T5114]  asm_exc_page_fault+0x26/0x30
[ 3203.737934][ T5114] RIP: 0010:__get_user_8+0x11/0x20
[ 3203.737953][ T5114] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 3203.737970][ T5114] RSP: 0018:ffffc90003cefd98 EFLAGS: 00050202
[ 3203.737989][ T5114] RAX: 0000555557511da8 RBX: ffff888025e49538 RCX: ffffc90003cefc03
[ 3203.738003][ T5114] RDX: 0000000000000000 RSI: ffffffff8baac760 RDI: ffffffff8bfe6820
[ 3203.738017][ T5114] RBP: ffffc90003cefec8 R08: ffffffff8f855a6f R09: 1ffffffff1f0ab4d
[ 3203.738032][ T5114] R10: dffffc0000000000 R11: fffffbfff1f0ab4e R12: ffffc90003cefda0
[ 3203.738046][ T5114] R13: ffffc90003ceffd8 R14: dffffc0000000000 R15: ffff888025e48000
[ 3203.738078][ T5114]  __rseq_handle_notify_resume+0x158/0x1490
[ 3203.738117][ T5114]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 3203.738148][ T5114]  ? syscall_exit_to_user_mode+0xa2/0x370
[ 3203.738170][ T5114]  syscall_exit_to_user_mode+0x113/0x370
[ 3203.738193][ T5114]  do_syscall_64+0x108/0x240
[ 3203.738219][ T5114]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3204.108241][ T5114] RIP: 0033:0x7fa2eb4a91b5
[ 3204.112658][ T5114] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[ 3204.132251][ T5114] RSP: 002b:00007fa2eb6cfcf0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 3204.140666][ T5114] RAX: 0000000000000000 RBX: 0000000000006765 RCX: 00007fa2eb4a91b5
[ 3204.148630][ T5114] RDX: 00007fa2eb6cfd30 RSI: 0000000000000000 RDI: 0000000000000000
[ 3204.156589][ T5114] RBP: 00007fa2eb6cfdbc R08: 0000000000000000 R09: 00007ffcc99b80b0
[ 3204.164556][ T5114] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 3204.172518][ T5114] R13: 000000000030df56 R14: 000000000030df56 R15: 0000000000000000
[ 3204.180487][ T5114]  </TASK>
[ 3204.222593][ T5114] memory: usage 307196kB, limit 307200kB, failcnt 255132
[ 3204.230229][ T5114] memory+swap: usage 307996kB, limit 9007199254740988kB, failcnt 0
[ 3204.238900][ T5114] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[ 3204.246950][ T5114] Memory cgroup stats for /syz3:
[ 3204.247260][ T5114] cache 0
[ 3204.257373][ T5114] rss 4096
[ 3204.260680][ T5114] rss_huge 0
[ 3204.264564][ T5114] shmem 0
[ 3204.267517][ T5114] mapped_file 0
[ 3204.270985][ T5114] dirty 0
[ 3204.274357][ T5114] writeback 0
[ 3204.277649][ T5114] workingset_refault_anon 211164
[ 3204.282599][ T5114] workingset_refault_file 72
[ 3204.287544][ T5114] swap 827392
[ 3204.290839][ T5114] swapcached 0
[ 3204.294555][ T5114] pgpgin 1908922
[ 3204.298101][ T5114] pgpgout 1908921
[ 3204.301736][ T5114] pgfault 3366931
[ 3204.306163][ T5114] pgmajfault 165163
[ 3204.310140][ T5114] inactive_anon 4096
[ 3204.314511][ T5114] active_anon 0
[ 3204.318113][ T5114] inactive_file 0
[ 3204.321887][ T5114] active_file 0
[ 3204.326972][ T5114] unevictable 0
[ 3204.330989][ T5114] hierarchical_memory_limit 314572800
[ 3204.338967][ T9170] bond0: (slave team0): Releasing backup interface
[ 3204.346832][ T9170] team0: left promiscuous mode
[ 3204.351714][ T9170] team_slave_0: left promiscuous mode
[ 3204.357490][ T5114] hierarchical_memsw_limit 9223372036854771712
[ 3204.369783][ T9170] team_slave_1: left promiscuous mode
[ 3204.375929][ T9170] team0: left allmulticast mode
[ 3204.380842][ T5114] total_cache 0
[ 3204.385133][ T9170] team_slave_0: left allmulticast mode
[ 3204.390658][ T5114] total_rss 4096
[ 3204.394884][ T9170] team_slave_1: left allmulticast mode
[ 3204.394945][ T5114] total_rss_huge 0
[ 3204.412367][ T9170] bridge0: port 9(team0) entered blocking state
[ 3204.416533][ T5114] total_shmem 0
[ 3204.419129][ T9170] bridge0: port 9(team0) entered disabled state
[ 3204.422202][ T5114] total_mapped_file 0
[ 3204.438145][ T9170] team0: entered allmulticast mode
[ 3204.446619][ T9170] team_slave_0: entered allmulticast mode
[ 3204.449805][ T5114] total_dirty 0
[ 3204.452424][ T9170] team_slave_1: entered allmulticast mode
[ 3204.455946][ T5114] total_writeback 0
[ 3204.455957][ T5114] total_workingset_refault_anon 211164
[ 3204.455965][ T5114] total_workingset_refault_file 72
[ 3204.455975][ T5114] total_swap 827392
[ 3204.455982][ T5114] total_swapcached 0
[ 3204.455990][ T5114] total_pgpgin 1908922
[ 3204.455998][ T5114] total_pgpgout 1908921
[ 3204.456007][ T5114] total_pgfault 3366931
[ 3204.456015][ T5114] total_pgmajfault 165163
[ 3204.456023][ T5114] total_inactive_anon 4096
[ 3204.456032][ T5114] total_active_anon 0
[ 3204.456040][ T5114] total_inactive_file 0
[ 3204.456048][ T5114] total_active_file 0
[ 3204.456056][ T5114] total_unevictable 0
[ 3204.456064][ T5114] anon_cost 0
[ 3204.456072][ T5114] file_cost 0
[ 3204.456080][ T5114] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3
[ 3204.467396][ T9170] team0: entered promiscuous mode
[ 3204.502513][ T5114] ,mems_allowed=0-1
[ 3204.512433][ T9170] team_slave_0: entered promiscuous mode
[ 3204.516263][ T5114] ,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9165,uid=0
10:58:16 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0xb}, 0x0)

10:58:16 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x5, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

10:58:16 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8048881201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3204.517969][ T5114] Memory cgroup out of memory: Killed process 9165 (syz-executor.3) total-vm:54640kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3204.528114][ T9170] team_slave_1: entered promiscuous mode
[ 3204.610381][ T9171] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
10:58:16 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000410008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3204.624781][ T9174] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3204.732305][ T9184] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3204.764601][ T9181] team0: left allmulticast mode
10:58:16 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0xa8150000}}}]}, 0x78}}, 0x0)

[ 3204.777959][ T9181] team_slave_0: left allmulticast mode
10:58:16 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000510008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3204.807023][ T9181] team_slave_1: left allmulticast mode
[ 3204.831104][ T9181] team0: left promiscuous mode
[ 3204.850325][ T9181] team_slave_0: left promiscuous mode
[ 3204.876805][ T9181] team_slave_1: left promiscuous mode
[ 3204.896680][ T9181] bridge0: port 9(team0) entered disabled state
[ 3204.905750][ T9183] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3204.918678][ T9183] CPU: 1 PID: 9183 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3204.922280][ T9181] 8021q: adding VLAN 0 to HW filter on device team0
[ 3204.929019][ T9183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3204.929034][ T9183] Call Trace:
[ 3204.929043][ T9183]  <TASK>
[ 3204.929051][ T9183]  dump_stack_lvl+0x1e7/0x2e0
[ 3204.929084][ T9183]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3204.929105][ T9183]  ? __pfx__printk+0x10/0x10
[ 3204.929124][ T9183]  ? ___ratelimit+0x4c4/0x670
[ 3204.929149][ T9183]  ? __pfx____ratelimit+0x10/0x10
[ 3204.929172][ T9183]  dump_header+0xda/0x6a0
[ 3204.929200][ T9183]  oom_kill_process+0x3a7/0x930
[ 3204.929224][ T9183]  out_of_memory+0xf67/0x1320
[ 3204.929251][ T9183]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3204.929273][ T9183]  ? __pfx___mutex_lock+0x10/0x10
[ 3204.929301][ T9183]  ? __pfx_out_of_memory+0x10/0x10
[ 3204.929332][ T9183]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3204.929352][ T9183]  ? __pfx_lock_release+0x10/0x10
[ 3204.929376][ T9183]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3204.929402][ T9183]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3204.929423][ T9183]  ? mem_cgroup_iter+0x422/0x560
[ 3204.929449][ T9183]  try_charge_memcg+0xda2/0x18a0
[ 3204.929494][ T9183]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3204.929514][ T9183]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3204.929531][ T9183]  ? __pfx_lock_release+0x10/0x10
[ 3205.053491][ T9183]  ? memcg_account_kmem+0x1e7/0x210
[ 3205.058706][ T9183]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3205.064518][ T9183]  __memcg_kmem_charge_page+0xe1/0x250
[ 3205.069989][ T9183]  memcg_charge_kernel_stack+0x210/0x550
[ 3205.075623][ T9183]  dup_task_struct+0x15d/0x7d0
[ 3205.080384][ T9183]  copy_process+0x5d5/0x3fc0
[ 3205.084978][ T9183]  ? __might_fault+0xa9/0x120
[ 3205.089648][ T9183]  ? __pfx_lock_release+0x10/0x10
[ 3205.094681][ T9183]  ? __pfx_copy_process+0x10/0x10
[ 3205.099694][ T9183]  ? __might_fault+0xc5/0x120
[ 3205.104365][ T9183]  ? __asan_memset+0x23/0x50
[ 3205.108953][ T9183]  kernel_clone+0x21d/0x8d0
[ 3205.113447][ T9183]  ? __pfx_kernel_clone+0x10/0x10
[ 3205.118475][ T9183]  __se_sys_clone3+0x2cb/0x350
[ 3205.123236][ T9183]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3205.128530][ T9183]  ? do_syscall_64+0x108/0x240
[ 3205.133286][ T9183]  ? do_syscall_64+0xb4/0x240
[ 3205.137961][ T9183]  do_syscall_64+0xf9/0x240
[ 3205.142459][ T9183]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3205.148347][ T9183] RIP: 0033:0x7f49312a9b99
[ 3205.152752][ T9183] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3205.172346][ T9183] RSP: 002b:00007f49314cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3205.180755][ T9183] RAX: ffffffffffffffda RBX: 00007f4931252270 RCX: 00007f49312a9b99
[ 3205.188725][ T9183] RDX: 00007f4931252270 RSI: 0000000000000058 RDI: 00007f49314cf960
[ 3205.196685][ T9183] RBP: 00007f4931f096c0 R08: 00007f4931f096c0 R09: 00007f49314cfa47
[ 3205.204649][ T9183] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3205.212612][ T9183] R13: 000000000000000b R14: 00007f49314cf960 R15: 00007f49314cfa48
[ 3205.220582][ T9183]  </TASK>
[ 3205.245041][ T1239] ieee802154 phy0 wpan0: encryption failed: -22
[ 3205.251462][ T1239] ieee802154 phy1 wpan1: encryption failed: -22
[ 3205.258802][ T9181] team0: entered promiscuous mode
[ 3205.265928][ T9181] team_slave_0: entered promiscuous mode
[ 3205.284978][ T9181] team_slave_1: entered promiscuous mode
[ 3205.286628][ T9183] memory: usage 307200kB, limit 307200kB, failcnt 93949
[ 3205.291079][ T9181] team0: entered allmulticast mode
[ 3205.303326][ T9181] team_slave_0: entered allmulticast mode
[ 3205.307682][ T9183] memory+swap: usage 318832kB, limit 9007199254740988kB, failcnt 0
[ 3205.309772][ T9181] team_slave_1: entered allmulticast mode
[ 3205.325139][ T9181] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3205.334774][ T9183] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[ 3205.362096][ T9185] bond0: (slave team0): Releasing backup interface
[ 3205.378902][ T9185] team0: left promiscuous mode
[ 3205.384468][ T9185] team_slave_0: left promiscuous mode
[ 3205.393745][ T9185] team_slave_1: left promiscuous mode
[ 3205.408744][ T9185] team0: left allmulticast mode
[ 3205.420498][ T9185] team_slave_0: left allmulticast mode
[ 3205.431812][ T9183] Memory cgroup stats for /syz1:
[ 3205.432060][ T9183] cache 0
[ 3205.441546][ T9185] team_slave_1: left allmulticast mode
[ 3205.455679][ T9183] rss 12288
[ 3205.472385][ T9183] rss_huge 0
[ 3205.476494][ T9185] bridge0: port 9(team0) entered blocking state
[ 3205.486532][ T9183] shmem 0
[ 3205.495778][ T9185] bridge0: port 9(team0) entered disabled state
[ 3205.502171][ T9183] mapped_file 0
[ 3205.510327][ T9183] dirty 0
[ 3205.515316][ T9185] team0: entered allmulticast mode
[ 3205.521720][ T9183] writeback 0
[ 3205.527561][ T9183] workingset_refault_anon 37335
[ 3205.532805][ T9185] team_slave_0: entered allmulticast mode
[ 3205.539033][ T9183] workingset_refault_file 357
[ 3205.543896][ T9185] team_slave_1: entered allmulticast mode
[ 3205.549772][ T9183] swap 11911168
[ 3205.558347][ T9183] swapcached 0
[ 3205.562223][ T9185] team0: entered promiscuous mode
[ 3205.567703][ T9183] pgpgin 3288833
[ 3205.571413][ T9185] team_slave_0: entered promiscuous mode
[ 3205.577692][ T9183] pgpgout 3288830
[ 3205.581689][ T9185] team_slave_1: entered promiscuous mode
[ 3205.593960][ T9183] pgfault 3622988
[ 3205.597735][ T9183] pgmajfault 39217
10:58:17 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000610008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:58:17 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba80119f1201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

10:58:17 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0xdd210000}}}]}, 0x78}}, 0x0)

[ 3205.627792][ T9183] inactive_anon 12288
[ 3205.631816][ T9183] active_anon 0
[ 3205.643477][ T9183] inactive_file 0
[ 3205.657072][ T9183] active_file 0
[ 3205.660560][ T9183] unevictable 0
[ 3205.687515][ T9183] hierarchical_memory_limit 314572800
[ 3205.702982][ T9183] hierarchical_memsw_limit 9223372036854771712
[ 3205.731478][ T9198] team0: left allmulticast mode
[ 3205.739468][ T9183] total_cache 0
[ 3205.745331][ T9183] total_rss 12288
[ 3205.750946][ T9198] team_slave_0: left allmulticast mode
[ 3205.759427][ T9183] total_rss_huge 0
[ 3205.776927][ T9183] total_shmem 0
[ 3205.780545][ T9198] team_slave_1: left allmulticast mode
[ 3205.786620][ T9183] total_mapped_file 0
[ 3205.791490][ T9198] team0: left promiscuous mode
[ 3205.798636][ T9183] total_dirty 0
[ 3205.805823][ T9183] total_writeback 0
[ 3205.811907][ T9198] team_slave_0: left promiscuous mode
[ 3205.820814][ T9183] total_workingset_refault_anon 37335
[ 3205.830912][ T9198] team_slave_1: left promiscuous mode
[ 3205.839050][ T9183] total_workingset_refault_file 357
[ 3205.855334][ T9198] bridge0: port 9(team0) entered disabled state
[ 3205.862055][ T9183] total_swap 11911168
[ 3205.869163][ T9183] total_swapcached 0
[ 3205.876454][ T9183] total_pgpgin 3288833
[ 3205.887924][ T9198] 8021q: adding VLAN 0 to HW filter on device team0
[ 3205.902956][ T9183] total_pgpgout 3288830
[ 3205.911688][ T9183] total_pgfault 3622988
[ 3205.922831][ T9198] team0: entered promiscuous mode
[ 3205.931067][ T9183] total_pgmajfault 39217
[ 3205.940268][ T9183] total_inactive_anon 12288
[ 3205.947169][ T9198] team_slave_0: entered promiscuous mode
[ 3205.957455][ T9183] total_active_anon 0
[ 3205.965471][ T9198] team_slave_1: entered promiscuous mode
[ 3205.971271][ T9183] total_inactive_file 0
[ 3205.984279][ T9183] total_active_file 0
[ 3205.989384][ T9198] team0: entered allmulticast mode
[ 3205.997792][ T9183] total_unevictable 0
[ 3206.003411][ T9183] anon_cost 0
[ 3206.009381][ T9183] file_cost 0
[ 3206.012774][ T9198] team_slave_0: entered allmulticast mode
[ 3206.019149][ T9183] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=9183,uid=0
[ 3206.035453][ T9198] team_slave_1: entered allmulticast mode
[ 3206.042273][ T9198] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3206.051438][ T9183] Memory cgroup out of memory: Killed process 9183 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3206.076708][ T5114] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
10:58:17 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000810008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3206.083806][ T9201] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3206.133921][ T5114] CPU: 1 PID: 5114 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3206.144291][ T5114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3206.154360][ T5114] Call Trace:
[ 3206.157662][ T5114]  <TASK>
[ 3206.160610][ T5114]  dump_stack_lvl+0x1e7/0x2e0
[ 3206.165323][ T5114]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3206.170545][ T5114]  ? __pfx__printk+0x10/0x10
[ 3206.175154][ T5114]  ? ___ratelimit+0x4c4/0x670
[ 3206.179853][ T5114]  ? __pfx____ratelimit+0x10/0x10
[ 3206.184901][ T5114]  dump_header+0xda/0x6a0
[ 3206.189253][ T5114]  oom_kill_process+0x3a7/0x930
[ 3206.194126][ T5114]  out_of_memory+0xf67/0x1320
[ 3206.198825][ T5114]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3206.204476][ T5114]  ? __pfx___mutex_lock+0x10/0x10
[ 3206.209528][ T5114]  ? __pfx_out_of_memory+0x10/0x10
[ 3206.214669][ T5114]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3206.220233][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3206.225281][ T5114]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3206.231374][ T5114]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3206.236601][ T5114]  ? mem_cgroup_iter+0x422/0x560
[ 3206.241569][ T5114]  try_charge_memcg+0xda2/0x18a0
[ 3206.246524][ T5114]  ? mark_lock+0x9a/0x350
[ 3206.250893][ T5114]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3206.256333][ T5114]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3206.262517][ T5114]  charge_memcg+0xa2/0x160
[ 3206.266969][ T5114]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3206.273059][ T5114]  __read_swap_cache_async+0x480/0x8b0
[ 3206.278538][ T5114]  ? mark_lock+0x9a/0x350
[ 3206.282898][ T5114]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3206.288910][ T5114]  swap_cluster_readahead+0x67c/0x810
[ 3206.294311][ T5114]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3206.300230][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3206.305279][ T5114]  ? xas_descend+0x37e/0x470
[ 3206.309895][ T5114]  swapin_readahead+0x1ea/0x1070
[ 3206.314855][ T5114]  ? filemap_get_entry+0x127/0x4e0
[ 3206.320003][ T5114]  ? __pfx_swapin_readahead+0x10/0x10
[ 3206.325407][ T5114]  ? __filemap_get_folio+0x935/0xbc0
[ 3206.330710][ T5114]  ? swap_cache_get_folio+0x9f/0x570
[ 3206.336009][ T5114]  do_swap_page+0x8ab/0x3da0
[ 3206.340621][ T5114]  ? __pte_offset_map+0x2c4/0x380
[ 3206.345672][ T5114]  ? do_swap_page+0x154/0x3da0
[ 3206.350454][ T5114]  ? __pfx_do_swap_page+0x10/0x10
[ 3206.355494][ T5114]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3206.360972][ T5114]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3206.366796][ T5114]  ? __pfx_validate_chain+0x10/0x10
[ 3206.372018][ T5114]  __handle_mm_fault+0x15e8/0x72d0
[ 3206.377185][ T5114]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3206.382673][ T5114]  ? mt_find+0x226/0x850
[ 3206.386942][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3206.391998][ T5114]  ? mt_find+0x62d/0x850
[ 3206.396276][ T5114]  ? mt_find+0x226/0x850
[ 3206.400555][ T5114]  ? find_vma+0x142/0x1c0
[ 3206.404892][ T5114]  ? __pfx_find_vma+0x10/0x10
[ 3206.409592][ T5114]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3206.415609][ T5114]  handle_mm_fault+0x3c1/0x8a0
[ 3206.420407][ T5114]  exc_page_fault+0x2ad/0x870
[ 3206.425108][ T5114]  asm_exc_page_fault+0x26/0x30
[ 3206.429978][ T5114] RIP: 0010:__get_user_8+0x11/0x20
[ 3206.435097][ T5114] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 3206.454724][ T5114] RSP: 0018:ffffc90003cefd78 EFLAGS: 00050202
[ 3206.460817][ T5114] RAX: 0000555557511da8 RBX: ffff888025e49538 RCX: ffffc90003cefc03
[ 3206.468805][ T5114] RDX: 0000000000000000 RSI: ffffffff8baac760 RDI: ffffffff8bfe6820
[ 3206.476792][ T5114] RBP: ffffc90003cefec0 R08: ffffffff8f855a6f R09: 1ffffffff1f0ab4d
[ 3206.484791][ T5114] R10: dffffc0000000000 R11: fffffbfff1f0ab4e R12: ffffc90003cefd80
[ 3206.492782][ T5114] R13: ffffc90003ceffd8 R14: dffffc0000000000 R15: ffff888025e48000
[ 3206.500791][ T5114]  __rseq_handle_notify_resume+0x158/0x1490
[ 3206.506726][ T5114]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 3206.513094][ T5114]  ? irqentry_exit_to_user_mode+0x52/0x280
[ 3206.518929][ T5114]  irqentry_exit_to_user_mode+0xbb/0x280
[ 3206.524590][ T5114]  exc_page_fault+0x587/0x870
[ 3206.529297][ T5114]  asm_exc_page_fault+0x26/0x30
[ 3206.534172][ T5114] RIP: 0033:0x7fa2eb47a7a4
[ 3206.538603][ T5114] Code: 84 00 00 00 00 00 80 3d 71 57 10 00 00 49 89 ca 74 14 b8 3d 00 00 00 0f 05 48 3d 00 f0 ff ff 77 5d c3 0f 1f 40 00 48 83 ec 28 <89> 54 24 14 48 89 74 24 08 89 7c 24 10 48 89 4c 24 18 e8 d5 a3 02
[ 3206.558219][ T5114] RSP: 002b:00007fa2eb6cfd30 EFLAGS: 00010206
[ 3206.564314][ T5114] RAX: 0000000000000295 RBX: 0000000000006767 RCX: 0000000000000000
[ 3206.572293][ T5114] RDX: 0000000040000001 RSI: 00007fa2eb6cfdbc RDI: 00000000ffffffff
10:58:18 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0xc}, 0x0)

[ 3206.580266][ T5114] RBP: 00007fa2eb6cfdbc R08: 0000000000000010 R09: 00007ffcc99b80b0
[ 3206.588249][ T5114] R10: 0000000000000000 R11: 0000000000097fe4 R12: 0000000000000032
[ 3206.596220][ T5114] R13: 000000000030e63c R14: 000000000030e63c R15: 0000000000000000
[ 3206.604251][ T5114]  </TASK>
[ 3206.611801][ T9203] bond0: (slave team0): Releasing backup interface
[ 3206.627090][ T5114] memory: usage 307180kB, limit 307200kB, failcnt 256055
[ 3206.634583][ T5114] memory+swap: usage 307992kB, limit 9007199254740988kB, failcnt 0
[ 3206.642490][ T5114] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3206.650644][ T5114] Memory cgroup stats for /syz3:
[ 3206.650773][ T5114] cache 0
[ 3206.651038][ T9203] team0: left promiscuous mode
[ 3206.656389][ T5114] rss 0
[ 3206.662538][ T9203] team_slave_0: left promiscuous mode
[ 3206.664964][ T5114] rss_huge 0
[ 3206.672313][ T9203] team_slave_1: left promiscuous mode
[ 3206.672551][ T5114] shmem 0
[ 3206.672562][ T5114] mapped_file 0
[ 3206.680352][ T9203] team0: left allmulticast mode
[ 3206.703520][ T5114] dirty 0
[ 3206.705150][ T9203] team_slave_0: left allmulticast mode
[ 3206.711313][ T5114] writeback 0
[ 3206.712129][ T9203] team_slave_1: left allmulticast mode
[ 3206.721194][ T5114] workingset_refault_anon 211429
[ 3206.734250][ T5114] workingset_refault_file 72
[ 3206.744902][ T9203] bridge0: port 9(team0) entered blocking state
[ 3206.755770][ T5114] swap 831488
[ 3206.761536][ T9203] bridge0: port 9(team0) entered disabled state
[ 3206.762628][ T5114] swapcached 0
[ 3206.773331][ T9203] team0: entered allmulticast mode
[ 3206.778017][ T5114] pgpgin 1909246
[ 3206.787926][ T5114] pgpgout 1909246
[ 3206.790550][ T9203] team_slave_0: entered allmulticast mode
[ 3206.795990][ T5114] pgfault 3367389
[ 3206.802290][ T9203] team_slave_1: entered allmulticast mode
[ 3206.803285][ T5114] pgmajfault 165458
[ 3206.813667][ T5114] inactive_anon 0
[ 3206.818509][ T9203] team0: entered promiscuous mode
[ 3206.823234][ T5114] active_anon 0
[ 3206.828247][ T9203] team_slave_0: entered promiscuous mode
[ 3206.833084][ T5114] inactive_file 0
10:58:18 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000a10008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3206.838152][ T9203] team_slave_1: entered promiscuous mode
[ 3206.848079][ T5114] active_file 0
[ 3206.855714][ T5114] unevictable 0
[ 3206.864741][ T5114] hierarchical_memory_limit 314572800
[ 3206.870134][ T5114] hierarchical_memsw_limit 9223372036854771712
10:58:18 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0xf0ffffff}}}]}, 0x78}}, 0x0)

10:58:18 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8008c41201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3206.889531][ T5114] total_cache 0
[ 3206.893023][ T5114] total_rss 0
[ 3206.903016][ T5114] total_rss_huge 0
[ 3206.907393][ T5114] total_shmem 0
[ 3206.910868][ T5114] total_mapped_file 0
[ 3206.923897][ T5114] total_dirty 0
[ 3206.927385][ T5114] total_writeback 0
[ 3206.943938][ T5114] total_workingset_refault_anon 211429
[ 3206.949431][ T5114] total_workingset_refault_file 72
[ 3206.964828][ T5114] total_swap 831488
[ 3206.968900][ T5114] total_swapcached 0
[ 3206.973073][ T5114] total_pgpgin 1909246
[ 3206.984973][ T9214] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:18 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000c10008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3206.994859][ T5114] total_pgpgout 1909246
[ 3206.999035][ T5114] total_pgfault 3367389
[ 3207.014266][ T5114] total_pgmajfault 165458
[ 3207.018620][ T5114] total_inactive_anon 0
[ 3207.022782][ T5114] total_active_anon 0
[ 3207.037290][ T5114] total_inactive_file 0
[ 3207.041922][ T5114] total_active_file 0
[ 3207.049000][ T5114] total_unevictable 0
[ 3207.053405][ T5114] anon_cost 0
[ 3207.058741][ T9216] team0: left allmulticast mode
[ 3207.060273][ T5114] file_cost 0
[ 3207.063746][ T9216] team_slave_0: left allmulticast mode
[ 3207.072774][ T5114] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3
[ 3207.073021][ T9216] team_slave_1: left allmulticast mode
[ 3207.073045][ T9216] team0: left promiscuous mode
[ 3207.094879][ T5114] ,task_memcg=/syz3,task=syz-executor.3,pid=9180,uid=0
[ 3207.094978][ T5114] Memory cgroup out of memory: Killed process 9180 (syz-executor.3) total-vm:54640kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3207.115327][ T9210] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3207.124769][ T9216] team_slave_0: left promiscuous mode
[ 3207.136976][ T9216] team_slave_1: left promiscuous mode
[ 3207.142884][ T9216] bridge0: port 9(team0) entered disabled state
[ 3207.157254][ T9216] 8021q: adding VLAN 0 to HW filter on device team0
[ 3207.166355][ T9210] CPU: 1 PID: 9210 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3207.168523][ T9216] team0: entered promiscuous mode
[ 3207.176692][ T9210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3207.176706][ T9210] Call Trace:
[ 3207.176714][ T9210]  <TASK>
[ 3207.176723][ T9210]  dump_stack_lvl+0x1e7/0x2e0
[ 3207.176755][ T9210]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3207.176777][ T9210]  ? __pfx__printk+0x10/0x10
[ 3207.176795][ T9210]  ? ___ratelimit+0x4c4/0x670
[ 3207.176820][ T9210]  ? __pfx____ratelimit+0x10/0x10
[ 3207.176845][ T9210]  dump_header+0xda/0x6a0
[ 3207.176872][ T9210]  oom_kill_process+0x3a7/0x930
[ 3207.176898][ T9210]  out_of_memory+0xf67/0x1320
[ 3207.176924][ T9210]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3207.176947][ T9210]  ? __pfx___mutex_lock+0x10/0x10
[ 3207.176981][ T9210]  ? __pfx_out_of_memory+0x10/0x10
[ 3207.177013][ T9210]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3207.177034][ T9210]  ? __pfx_lock_release+0x10/0x10
[ 3207.177058][ T9210]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3207.177085][ T9210]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3207.177107][ T9210]  ? mem_cgroup_iter+0x422/0x560
[ 3207.177132][ T9210]  try_charge_memcg+0xda2/0x18a0
[ 3207.177176][ T9210]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3207.177196][ T9210]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3207.177215][ T9210]  ? __pfx_lock_release+0x10/0x10
[ 3207.177239][ T9210]  ? memcg_account_kmem+0x1e7/0x210
[ 3207.192116][ T9216] team_slave_0: entered promiscuous mode
[ 3207.192284][ T9210]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3207.199878][ T9216] team_slave_1: entered promiscuous mode
[ 3207.203160][ T9210]  __memcg_kmem_charge_page+0xe1/0x250
[ 3207.203196][ T9210]  memcg_charge_kernel_stack+0x37e/0x550
[ 3207.203221][ T9210]  dup_task_struct+0x15d/0x7d0
[ 3207.219761][ T9216] team0: entered allmulticast mode
[ 3207.222648][ T9210]  copy_process+0x5d5/0x3fc0
[ 3207.222689][ T9210]  ? __might_fault+0xa9/0x120
[ 3207.222712][ T9210]  ? __pfx_lock_release+0x10/0x10
[ 3207.235776][ T9216] team_slave_0: entered allmulticast mode
[ 3207.236514][ T9210]  ? __pfx_copy_process+0x10/0x10
[ 3207.242313][ T9216] team_slave_1: entered allmulticast mode
[ 3207.247137][ T9210]  ? __might_fault+0xc5/0x120
[ 3207.247167][ T9210]  ? __asan_memset+0x23/0x50
[ 3207.247194][ T9210]  kernel_clone+0x21d/0x8d0
[ 3207.247219][ T9210]  ? __pfx_kernel_clone+0x10/0x10
[ 3207.247257][ T9210]  __se_sys_clone3+0x2cb/0x350
[ 3207.247276][ T9210]  ? __might_fault+0xa9/0x120
[ 3207.247296][ T9210]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3207.247347][ T9210]  ? do_syscall_64+0x108/0x240
[ 3207.247373][ T9210]  ? do_syscall_64+0xb4/0x240
[ 3207.247397][ T9210]  do_syscall_64+0xf9/0x240
[ 3207.247424][ T9210]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3207.247448][ T9210] RIP: 0033:0x7f49312a9b99
10:58:19 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000f10008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3207.247466][ T9210] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3207.247482][ T9210] RSP: 002b:00007f49314cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3207.247504][ T9210] RAX: ffffffffffffffda RBX: 00007f4931252270 RCX: 00007f49312a9b99
[ 3207.247517][ T9210] RDX: 00007f4931252270 RSI: 0000000000000058 RDI: 00007f49314cf960
[ 3207.247530][ T9210] RBP: 00007f4931f096c0 R08: 00007f4931f096c0 R09: 00007f49314cfa47
[ 3207.247543][ T9210] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3207.247557][ T9210] R13: 000000000000000b R14: 00007f49314cf960 R15: 00007f49314cfa48
[ 3207.247588][ T9210]  </TASK>
[ 3207.286400][ T9210] memory: usage 307200kB, limit 307200kB, failcnt 94168
[ 3207.294535][ T9216] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3207.298458][ T9210] memory+swap: usage 318876kB, limit 9007199254740988kB, failcnt 0
[ 3207.445597][ T9224] validate_nla: 10 callbacks suppressed
10:58:19 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0xf1ffffff}}}]}, 0x78}}, 0x0)

10:58:19 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00001010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3207.445613][ T9224] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3207.469938][ T9210] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3207.562118][ T9220] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3207.581118][ T9210] Memory cgroup stats for /syz1
[ 3207.581966][ T9220] bond0: (slave team0): Releasing backup interface
[ 3207.594553][ T9210] :
[ 3207.595268][ T9220] team0: left promiscuous mode
[ 3207.602478][ T9220] team_slave_0: left promiscuous mode
[ 3207.608558][ T9210] cache 0
[ 3207.611516][ T9210] rss 24576
[ 3207.615018][ T9210] rss_huge 0
[ 3207.618245][ T9210] shmem 0
[ 3207.621194][ T9210] mapped_file 0
[ 3207.625439][ T9220] team_slave_1: left promiscuous mode
[ 3207.631211][ T9220] team0: left allmulticast mode
[ 3207.641814][ T9210] dirty 0
[ 3207.645172][ T9210] writeback 0
[ 3207.648469][ T9210] workingset_refault_anon 37404
[ 3207.653325][ T9210] workingset_refault_file 357
[ 3207.658740][ T9220] team_slave_0: left allmulticast mode
[ 3207.659705][ T9210] swap 11931648
[ 3207.664747][ T9220] team_slave_1: left allmulticast mode
[ 3207.682004][ T9220] bridge0: port 9(team0) entered blocking state
[ 3207.682843][ T9210] swapcached 0
[ 3207.690520][ T9220] bridge0: port 9(team0) entered disabled state
[ 3207.700537][ T9210] pgpgin 3288917
[ 3207.704562][ T9210] pgpgout 3288911
[ 3207.704948][ T9220] team0: entered allmulticast mode
[ 3207.709372][ T9210] pgfault 3623126
[ 3207.713538][ T9220] team_slave_0: entered allmulticast mode
[ 3207.717869][ T9210] pgmajfault 39290
[ 3207.717887][ T9210] inactive_anon 0
[ 3207.717896][ T9210] active_anon 24576
[ 3207.717904][ T9210] inactive_file 0
[ 3207.717912][ T9210] active_file 0
[ 3207.717920][ T9210] unevictable 0
[ 3207.717927][ T9210] hierarchical_memory_limit 314572800
[ 3207.717935][ T9210] hierarchical_memsw_limit 9223372036854771712
[ 3207.717943][ T9210] total_cache 0
[ 3207.735031][ T9220] team_slave_1: entered allmulticast mode
[ 3207.735998][ T9210] total_rss 24576
[ 3207.743364][ T9220] team0: entered promiscuous mode
[ 3207.756628][ T9210] total_rss_huge 0
[ 3207.759531][ T9220] team_slave_0: entered promiscuous mode
[ 3207.762147][ T9210] total_shmem 0
[ 3207.771547][ T9220] team_slave_1: entered promiscuous mode
[ 3207.772120][ T9210] total_mapped_file 0
[ 3207.803059][ T9227] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3207.834371][ T9210] total_dirty 0
[ 3207.837860][ T9210] total_writeback 0
[ 3207.841676][ T9210] total_workingset_refault_anon 37404
10:58:19 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000021201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3207.853717][ T9229] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3207.863622][ T9210] total_workingset_refault_file 357
[ 3207.871051][ T9210] total_swap 11931648
10:58:19 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0xfcffffff}}}]}, 0x78}}, 0x0)

10:58:19 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00006010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3207.893836][ T9210] total_swapcached 0
[ 3207.898232][ T9210] total_pgpgin 3288917
[ 3207.902389][ T9210] total_pgpgout 3288911
[ 3207.908977][ T9210] total_pgfault 3623126
[ 3207.913153][ T9210] total_pgmajfault 39290
[ 3207.922702][ T9210] total_inactive_anon 0
[ 3207.927985][ T9210] total_active_anon 24576
[ 3207.932429][ T9210] total_inactive_file 0
[ 3207.937241][ T9210] total_active_file 0
[ 3207.941358][ T9210] total_unevictable 0
[ 3207.948274][ T9233] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3207.957605][ T9233] team0: left allmulticast mode
[ 3207.962528][ T9210] anon_cost 0
[ 3207.966664][ T9210] file_cost 0
[ 3207.974406][ T9233] team_slave_0: left allmulticast mode
[ 3207.979902][ T9233] team_slave_1: left allmulticast mode
[ 3207.985917][ T9210] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=9210,uid=0
[ 3208.001841][ T9233] team0: left promiscuous mode
[ 3208.008805][ T9210] Memory cgroup out of memory: Killed process 9210 (syz-executor.1) total-vm:54508kB, anon-rss:368kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3208.027622][ T9233] team_slave_0: left promiscuous mode
[ 3208.033217][ T9233] team_slave_1: left promiscuous mode
10:58:19 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x6, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3208.050446][ T9233] bridge0: port 9(team0) entered disabled state
10:58:19 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0xf}, 0x0)

[ 3208.098745][ T9233] 8021q: adding VLAN 0 to HW filter on device team0
[ 3208.124912][ T9233] team0: entered promiscuous mode
[ 3208.139851][ T9233] team_slave_0: entered promiscuous mode
[ 3208.157042][ T9233] team_slave_1: entered promiscuous mode
[ 3208.171977][ T9233] team0: entered allmulticast mode
[ 3208.187662][ T9233] team_slave_0: entered allmulticast mode
[ 3208.200443][ T9233] team_slave_1: entered allmulticast mode
[ 3208.215762][ T9233] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3208.237292][ T9236] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
10:58:20 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e0000007b008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3208.258313][ T9238] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3208.303393][ T6458] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 3208.322889][ T9238] bond0: (slave team0): Releasing backup interface
[ 3208.341653][ T6458] CPU: 1 PID: 6458 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3208.351998][ T6458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3208.362060][ T6458] Call Trace:
[ 3208.365338][ T6458]  <TASK>
[ 3208.368272][ T6458]  dump_stack_lvl+0x1e7/0x2e0
[ 3208.372959][ T6458]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3208.378151][ T6458]  ? __pfx__printk+0x10/0x10
[ 3208.382745][ T6458]  ? ___ratelimit+0x4c4/0x670
[ 3208.387431][ T6458]  ? __pfx____ratelimit+0x10/0x10
[ 3208.392459][ T6458]  dump_header+0xda/0x6a0
[ 3208.396817][ T6458]  oom_kill_process+0x3a7/0x930
[ 3208.401694][ T6458]  out_of_memory+0xf67/0x1320
[ 3208.406381][ T6458]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3208.412023][ T6458]  ? __pfx___mutex_lock+0x10/0x10
[ 3208.417059][ T6458]  ? __pfx_out_of_memory+0x10/0x10
[ 3208.422171][ T6458]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3208.427710][ T6458]  ? __pfx_lock_release+0x10/0x10
[ 3208.432753][ T6458]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3208.438854][ T6458]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3208.444082][ T6458]  ? mem_cgroup_iter+0x422/0x560
[ 3208.449054][ T6458]  try_charge_memcg+0xda2/0x18a0
[ 3208.454010][ T6458]  ? mark_lock+0x9a/0x350
[ 3208.458366][ T6458]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3208.463859][ T6458]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3208.470027][ T6458]  charge_memcg+0xa2/0x160
[ 3208.474466][ T6458]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3208.480540][ T6458]  __read_swap_cache_async+0x480/0x8b0
[ 3208.485996][ T6458]  ? mark_lock+0x9a/0x350
[ 3208.490350][ T6458]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3208.496357][ T6458]  ? blk_start_plug+0x6f/0x1b0
[ 3208.501142][ T6458]  swap_cluster_readahead+0x398/0x810
[ 3208.506532][ T6458]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3208.512437][ T6458]  ? __pfx_lock_release+0x10/0x10
[ 3208.517474][ T6458]  ? xas_descend+0x37e/0x470
[ 3208.522063][ T6458]  swapin_readahead+0x1ea/0x1070
[ 3208.527015][ T6458]  ? filemap_get_entry+0x127/0x4e0
[ 3208.532151][ T6458]  ? __pfx_swapin_readahead+0x10/0x10
[ 3208.537527][ T6458]  ? __filemap_get_folio+0x935/0xbc0
[ 3208.542827][ T6458]  ? swap_cache_get_folio+0x9f/0x570
[ 3208.548126][ T6458]  do_swap_page+0x8ab/0x3da0
[ 3208.552733][ T6458]  ? __pte_offset_map+0x2c4/0x380
[ 3208.557766][ T6458]  ? do_swap_page+0x154/0x3da0
[ 3208.562526][ T6458]  ? __pfx_do_swap_page+0x10/0x10
[ 3208.567548][ T6458]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3208.573008][ T6458]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3208.578820][ T6458]  __handle_mm_fault+0x15e8/0x72d0
[ 3208.583960][ T6458]  ? reacquire_held_locks+0x3eb/0x690
[ 3208.589353][ T6458]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3208.594849][ T6458]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 3208.600605][ T6458]  ? mtree_range_walk+0x6fd/0x8e0
[ 3208.605651][ T6458]  ? lock_vma_under_rcu+0x18a/0x730
[ 3208.610860][ T6458]  ? __pfx_lock_release+0x10/0x10
[ 3208.615887][ T6458]  ? lock_vma_under_rcu+0x2f9/0x730
[ 3208.621121][ T6458]  ? lock_vma_under_rcu+0x18a/0x730
[ 3208.626323][ T6458]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 3208.631863][ T6458]  handle_mm_fault+0x3c1/0x8a0
[ 3208.636626][ T6458]  exc_page_fault+0x456/0x870
[ 3208.641312][ T6458]  asm_exc_page_fault+0x26/0x30
[ 3208.646163][ T6458] RIP: 0033:0x7f493127a7a4
[ 3208.650568][ T6458] Code: 84 00 00 00 00 00 80 3d 71 57 10 00 00 49 89 ca 74 14 b8 3d 00 00 00 0f 05 48 3d 00 f0 ff ff 77 5d c3 0f 1f 40 00 48 83 ec 28 <89> 54 24 14 48 89 74 24 08 89 7c 24 10 48 89 4c 24 18 e8 d5 a3 02
[ 3208.670349][ T6458] RSP: 002b:00007f49314cfd30 EFLAGS: 00010206
[ 3208.676434][ T6458] RAX: 0000000000000073 RBX: 00000000000037c0 RCX: 0000000000000000
[ 3208.684406][ T6458] RDX: 0000000040000001 RSI: 00007f49314cfdbc RDI: 00000000ffffffff
[ 3208.692394][ T6458] RBP: 00007f49314cfdbc R08: 0000000000000010 R09: 00007fffcebe70b0
[ 3208.700382][ T6458] R10: 0000000000000000 R11: 0000000000098228 R12: 0000000000000032
[ 3208.708359][ T6458] R13: 000000000030f3ce R14: 000000000030f3ce R15: 0000000000000000
[ 3208.716333][ T6458]  </TASK>
[ 3208.725802][ T9238] team0: left promiscuous mode
[ 3208.730649][ T9238] team_slave_0: left promiscuous mode
[ 3208.733957][ T6458] memory: usage 307200kB, limit 307200kB, failcnt 94394
[ 3208.743027][ T6458] memory+swap: usage 318844kB, limit 9007199254740988kB, failcnt 0
[ 3208.760129][ T6458] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3208.775384][ T9238] team_slave_1: left promiscuous mode
[ 3208.782570][ T6458] Memory cgroup stats for /syz1:
[ 3208.782705][ T6458] cache 0
[ 3208.791022][ T9238] team0: left allmulticast mode
[ 3208.800096][ T6458] rss 0
[ 3208.803176][ T9238] team_slave_0: left allmulticast mode
[ 3208.806650][ T6458] rss_huge 0
[ 3208.815860][ T6458] shmem 0
[ 3208.819996][ T9238] team_slave_1: left allmulticast mode
[ 3208.823460][ T6458] mapped_file 0
[ 3208.830933][ T6458] dirty 0
[ 3208.845506][ T6458] writeback 0
[ 3208.850185][ T6458] workingset_refault_anon 37479
[ 3208.863787][ T9238] bridge0: port 9(team0) entered blocking state
[ 3208.864006][ T6458] workingset_refault_file 357
[ 3208.876601][ T6458] swap 11923456
[ 3208.881519][ T6458] swapcached 0
[ 3208.887369][ T6458] pgpgin 3289005
[ 3208.891328][ T9238] bridge0: port 9(team0) entered disabled state
[ 3208.892660][ T6458] pgpgout 3289005
[ 3208.904349][ T6458] pgfault 3623259
[ 3208.908337][ T6458] pgmajfault 39359
[ 3208.911177][ T9238] team0: entered allmulticast mode
[ 3208.912184][ T6458] inactive_anon 0
[ 3208.922022][ T6458] active_anon 0
[ 3208.935661][ T6458] inactive_file 0
[ 3208.939194][ T9238] team_slave_0: entered allmulticast mode
[ 3208.939403][ T6458] active_file 0
[ 3208.951378][ T6458] unevictable 0
[ 3208.952161][ T9238] team_slave_1: entered allmulticast mode
[ 3208.957057][ T6458] hierarchical_memory_limit 314572800
[ 3208.973557][ T6458] hierarchical_memsw_limit 9223372036854771712
[ 3208.983776][ T9238] team0: entered promiscuous mode
[ 3208.984631][ T6458] total_cache 0
[ 3208.995888][ T6458] total_rss 0
[ 3209.001594][ T6458] total_rss_huge 0
[ 3209.001769][ T9238] team_slave_0: entered promiscuous mode
[ 3209.007452][ T6458] total_shmem 0
[ 3209.020176][ T6458] total_mapped_file 0
[ 3209.025802][ T9238] team_slave_1: entered promiscuous mode
[ 3209.027348][ T6458] total_dirty 0
10:58:20 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000031201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3209.035519][ T9239] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3209.060156][ T6458] total_writeback 0
[ 3209.068109][ T6458] total_workingset_refault_anon 37479
[ 3209.076584][ T6458] total_workingset_refault_file 357
[ 3209.086431][ T6458] total_swap 11923456
[ 3209.090532][ T6458] total_swapcached 0
[ 3209.095845][ T6458] total_pgpgin 3289005
[ 3209.100098][ T6458] total_pgpgout 3289005
[ 3209.105029][ T6458] total_pgfault 3623259
[ 3209.109321][ T6458] total_pgmajfault 39359
[ 3209.113719][ T6458] total_inactive_anon 0
[ 3209.124864][ T9247] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3209.127622][ T6458] total_active_anon 0
10:58:20 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000002008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:58:21 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0xffffa888}}}]}, 0x78}}, 0x0)

[ 3209.152223][ T9250] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3209.153936][ T6458] total_inactive_file 0
[ 3209.172471][ T6458] total_active_file 0
[ 3209.186540][ T6458] total_unevictable 0
[ 3209.190791][ T6458] anon_cost 0
[ 3209.195225][ T6458] file_cost 0
[ 3209.198652][ T6458] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=9245,uid=0
[ 3209.199850][ T9250] team0: left allmulticast mode
[ 3209.215610][ T6458] Memory cgroup out of memory: Killed process 9245 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3209.241340][ T9250] team_slave_0: left allmulticast mode
10:58:21 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0x10}, 0x0)

[ 3209.253014][ T9250] team_slave_1: left allmulticast mode
[ 3209.265729][ T9250] team0: left promiscuous mode
[ 3209.270662][ T9250] team_slave_0: left promiscuous mode
[ 3209.281849][ T9250] team_slave_1: left promiscuous mode
[ 3209.288677][ T9250] bridge0: port 9(team0) entered disabled state
[ 3209.319381][ T9250] 8021q: adding VLAN 0 to HW filter on device team0
[ 3209.330684][ T9250] team0: entered promiscuous mode
[ 3209.347136][ T9250] team_slave_0: entered promiscuous mode
[ 3209.357063][ T9250] team_slave_1: entered promiscuous mode
[ 3209.363274][ T9250] team0: entered allmulticast mode
[ 3209.386412][ T9250] team_slave_0: entered allmulticast mode
[ 3209.400309][ T9250] team_slave_1: entered allmulticast mode
[ 3209.416843][ T9250] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3209.437553][ T9253] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3209.468999][ T9253] bond0: (slave team0): Releasing backup interface
[ 3209.496685][ T9253] team0: left promiscuous mode
[ 3209.501652][ T9253] team_slave_0: left promiscuous mode
[ 3209.514785][ T9253] team_slave_1: left promiscuous mode
[ 3209.528905][ T9253] team0: left allmulticast mode
[ 3209.540992][ T9253] team_slave_0: left allmulticast mode
[ 3209.556578][ T9253] team_slave_1: left allmulticast mode
[ 3209.588014][ T9253] bridge0: port 9(team0) entered blocking state
[ 3209.614230][ T9253] bridge0: port 9(team0) entered disabled state
[ 3209.631071][ T9253] team0: entered allmulticast mode
[ 3209.647399][ T9253] team_slave_0: entered allmulticast mode
[ 3209.663378][ T9253] team_slave_1: entered allmulticast mode
[ 3209.685189][ T9253] team0: entered promiscuous mode
[ 3209.703190][ T9253] team_slave_0: entered promiscuous mode
[ 3209.724536][ T9253] team_slave_1: entered promiscuous mode
[ 3209.749466][ T9254] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3209.772961][ T9257] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3209.797369][ T9260] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 3209.812955][ T9260] CPU: 0 PID: 9260 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3209.823306][ T9260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3209.833375][ T9260] Call Trace:
[ 3209.836669][ T9260]  <TASK>
[ 3209.839611][ T9260]  dump_stack_lvl+0x1e7/0x2e0
[ 3209.844310][ T9260]  ? __pfx_dump_stack_lvl+0x10/0x10
10:58:21 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e0000000a008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3209.849533][ T9260]  ? __pfx__printk+0x10/0x10
[ 3209.854344][ T9260]  ? ___ratelimit+0x4c4/0x670
[ 3209.859050][ T9260]  ? __pfx____ratelimit+0x10/0x10
[ 3209.864103][ T9260]  dump_header+0xda/0x6a0
[ 3209.868462][ T9260]  oom_kill_process+0x3a7/0x930
[ 3209.873332][ T9260]  out_of_memory+0xf67/0x1320
[ 3209.878032][ T9260]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3209.883685][ T9260]  ? __pfx___mutex_lock+0x10/0x10
[ 3209.888733][ T9260]  ? __pfx_out_of_memory+0x10/0x10
[ 3209.893876][ T9260]  mem_cgroup_out_of_memory+0x263/0x3b0
10:58:21 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0xffffff7f}}}]}, 0x78}}, 0x0)

[ 3209.899444][ T9260]  ? __pfx_lock_release+0x10/0x10
[ 3209.904493][ T9260]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3209.910587][ T9260]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3209.915808][ T9260]  ? mem_cgroup_iter+0x422/0x560
[ 3209.920762][ T9260]  try_charge_memcg+0xda2/0x18a0
[ 3209.925720][ T9260]  ? mark_lock+0x9a/0x350
[ 3209.930091][ T9260]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3209.935516][ T9260]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3209.941688][ T9260]  charge_memcg+0xa2/0x160
[ 3209.946133][ T9260]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3209.952234][ T9260]  __read_swap_cache_async+0x480/0x8b0
[ 3209.957718][ T9260]  ? mark_lock+0x9a/0x350
[ 3209.962078][ T9260]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3209.968093][ T9260]  swap_cluster_readahead+0x67c/0x810
[ 3209.973508][ T9260]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3209.979433][ T9260]  ? __pfx_lock_release+0x10/0x10
[ 3209.984486][ T9260]  ? xas_descend+0x37e/0x470
[ 3209.989110][ T9260]  swapin_readahead+0x1ea/0x1070
[ 3209.994072][ T9260]  ? filemap_get_entry+0x127/0x4e0
[ 3209.999228][ T9260]  ? __pfx_swapin_readahead+0x10/0x10
[ 3210.004639][ T9260]  ? __filemap_get_folio+0x935/0xbc0
[ 3210.009962][ T9260]  ? swap_cache_get_folio+0x9f/0x570
[ 3210.015275][ T9260]  do_swap_page+0x8ab/0x3da0
[ 3210.019884][ T9260]  ? __pte_offset_map+0x2c4/0x380
[ 3210.024934][ T9260]  ? do_swap_page+0x154/0x3da0
[ 3210.029720][ T9260]  ? __pfx_do_swap_page+0x10/0x10
[ 3210.034769][ T9260]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3210.040256][ T9260]  ? __pfx_pte_offset_map_nolock+0x10/0x10
10:58:21 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e0000007b008188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3210.046084][ T9260]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3210.051314][ T9260]  __handle_mm_fault+0x15e8/0x72d0
[ 3210.056477][ T9260]  ? reacquire_held_locks+0x3eb/0x690
[ 3210.061870][ T9260]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3210.067361][ T9260]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 3210.073117][ T9260]  ? mtree_range_walk+0x6fd/0x8e0
[ 3210.078160][ T9260]  ? lock_vma_under_rcu+0x18a/0x730
[ 3210.083381][ T9260]  ? __pfx_lock_release+0x10/0x10
[ 3210.088422][ T9260]  ? lock_vma_under_rcu+0x2f9/0x730
[ 3210.093659][ T9260]  ? lock_vma_under_rcu+0x18a/0x730
[ 3210.098878][ T9260]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 3210.104447][ T9260]  handle_mm_fault+0x3c1/0x8a0
[ 3210.109248][ T9260]  exc_page_fault+0x456/0x870
[ 3210.113952][ T9260]  asm_exc_page_fault+0x26/0x30
[ 3210.118828][ T9260] RIP: 0033:0x7f493125b04b
[ 3210.123258][ T9260] Code: 55 48 89 f8 41 54 55 53 48 83 ec 18 48 f7 e6 48 89 c3 0f 90 c0 48 85 db 0f 88 d9 02 00 00 0f b6 c0 48 85 c0 0f 85 cd 02 00 00 <80> 3d a6 f7 c7 00 00 0f 84 48 02 00 00 64 48 83 3c 25 b8 ff ff ff
[ 3210.142883][ T9260] RSP: 002b:00007f49314cf990 EFLAGS: 00010246
10:58:21 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010028188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:58:22 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000041201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3210.148983][ T9260] RAX: 0000000000000000 RBX: 0000000000000110 RCX: 00007f493127de67
[ 3210.156971][ T9260] RDX: 0000000000000000 RSI: 0000000000000010 RDI: 0000000000000011
[ 3210.164965][ T9260] RBP: 000000000000000f R08: 00000000ffffffff R09: 0000000000000000
[ 3210.172949][ T9260] R10: 0000000000021000 R11: 0000000000000206 R12: 00007f49314cfc90
[ 3210.180935][ T9260] R13: ffffffffffffffc0 R14: 0000000000001000 R15: 0000000000000000
[ 3210.188942][ T9260]  </TASK>
[ 3210.244914][ T9266] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3210.272219][ T9260] memory: usage 307180kB, limit 307200kB, failcnt 94738
10:58:22 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010038188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3210.298165][ T9260] memory+swap: usage 318808kB, limit 9007199254740988kB, failcnt 0
[ 3210.309275][ T9270] team0: left allmulticast mode
[ 3210.319804][ T9270] team_slave_0: left allmulticast mode
[ 3210.337135][ T9260] kmem: usage 307168kB, limit 9007199254740988kB, failcnt 0
[ 3210.342297][ T9270] team_slave_1: left allmulticast mode
[ 3210.355948][ T9260] Memory cgroup stats for /syz1:
[ 3210.356095][ T9260] cache 0
[ 3210.361289][ T9270] team0: left promiscuous mode
[ 3210.368866][ T9260] rss 12288
[ 3210.372935][ T9260] rss_huge 0
[ 3210.382111][ T9260] shmem 0
[ 3210.386139][ T9270] team_slave_0: left promiscuous mode
[ 3210.392851][ T9260] mapped_file 0
[ 3210.410019][ T9260] dirty 0
[ 3210.414090][ T9270] team_slave_1: left promiscuous mode
[ 3210.423416][ T9260] writeback 0
[ 3210.429871][ T9270] bridge0: port 9(team0) entered disabled state
[ 3210.436573][ T9260] workingset_refault_anon 37604
[ 3210.449322][ T9260] workingset_refault_file 357
[ 3210.457727][ T9270] 8021q: adding VLAN 0 to HW filter on device team0
[ 3210.461551][ T9260] swap 11907072
[ 3210.475499][ T9260] swapcached 0
[ 3210.480287][ T9270] team0: entered promiscuous mode
[ 3210.483491][ T9260] pgpgin 3289139
[ 3210.492920][ T9260] pgpgout 3289136
[ 3210.493654][ T9270] team_slave_0: entered promiscuous mode
[ 3210.504511][ T9260] pgfault 3623457
[ 3210.511363][ T9260] pgmajfault 39469
[ 3210.512378][ T9270] team_slave_1: entered promiscuous mode
[ 3210.518477][ T9260] inactive_anon 0
[ 3210.525192][ T9270] team0: entered allmulticast mode
[ 3210.525212][ T9270] team_slave_0: entered allmulticast mode
[ 3210.525227][ T9270] team_slave_1: entered allmulticast mode
[ 3210.526387][ T9270] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3210.554423][ T9260] active_anon 12288
[ 3210.564598][ T9260] inactive_file 0
[ 3210.570665][ T9260] active_file 0
[ 3210.579498][ T9260] unevictable 0
[ 3210.587811][ T9260] hierarchical_memory_limit 314572800
[ 3210.599542][ T9273] bond0: (slave team0): Releasing backup interface
10:58:22 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0xffffff80}}}]}, 0x78}}, 0x0)

[ 3210.614314][ T9260] hierarchical_memsw_limit 9223372036854771712
[ 3210.622837][ T9260] total_cache 0
[ 3210.630252][ T9260] total_rss 12288
[ 3210.637764][ T9273] team0: left promiscuous mode
[ 3210.643042][ T9260] total_rss_huge 0
[ 3210.647595][ T9273] team_slave_0: left promiscuous mode
[ 3210.653081][ T9260] total_shmem 0
[ 3210.657892][ T9260] total_mapped_file 0
[ 3210.662232][ T9273] team_slave_1: left promiscuous mode
[ 3210.668853][ T9260] total_dirty 0
[ 3210.672447][ T9260] total_writeback 0
[ 3210.677627][ T9273] team0: left allmulticast mode
[ 3210.682617][ T9260] total_workingset_refault_anon 37604
[ 3210.688753][ T9273] team_slave_0: left allmulticast mode
[ 3210.699299][ T9260] total_workingset_refault_file 357
[ 3210.705590][ T9273] team_slave_1: left allmulticast mode
[ 3210.712027][ T9260] total_swap 11907072
[ 3210.717707][ T9260] total_swapcached 0
[ 3210.722548][ T9260] total_pgpgin 3289139
[ 3210.737430][ T9273] bridge0: port 9(team0) entered blocking state
[ 3210.746663][ T9260] total_pgpgout 3289136
[ 3210.751133][ T9273] bridge0: port 9(team0) entered disabled state
[ 3210.758423][ T9260] total_pgfault 3623457
[ 3210.763031][ T9273] team0: entered allmulticast mode
[ 3210.769091][ T9260] total_pgmajfault 39469
[ 3210.774665][ T9260] total_inactive_anon 0
[ 3210.779009][ T9273] team_slave_0: entered allmulticast mode
[ 3210.785895][ T9260] total_active_anon 12288
[ 3210.790412][ T9273] team_slave_1: entered allmulticast mode
[ 3210.798041][ T9260] total_inactive_file 0
[ 3210.802388][ T9260] total_active_file 0
[ 3210.809323][ T9273] team0: entered promiscuous mode
[ 3210.815753][ T9260] total_unevictable 0
[ 3210.819919][ T9260] anon_cost 0
[ 3210.823378][ T9273] team_slave_0: entered promiscuous mode
[ 3210.830047][ T9260] file_cost 0
[ 3210.834446][ T9260] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=9260,uid=0
[ 3210.852481][ T9273] team_slave_1: entered promiscuous mode
10:58:22 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010048188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3210.862382][ T9260] Memory cgroup out of memory: Killed process 9260 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3210.862779][ T9280] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:22 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0x11}, 0x0)

10:58:22 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010058188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:58:22 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0xfffffff0}}}]}, 0x78}}, 0x0)

10:58:22 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010068188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:58:22 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x7, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

10:58:22 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000051201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3211.123507][ T9288] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:23 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010088188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3211.206762][ T9293] team0: left allmulticast mode
[ 3211.215637][ T9293] team_slave_0: left allmulticast mode
[ 3211.236587][ T9293] team_slave_1: left allmulticast mode
[ 3211.248987][ T9293] team0: left promiscuous mode
[ 3211.259518][ T9293] team_slave_0: left promiscuous mode
[ 3211.265892][ T9293] team_slave_1: left promiscuous mode
[ 3211.271790][ T9293] bridge0: port 9(team0) entered disabled state
[ 3211.302287][ T9293] 8021q: adding VLAN 0 to HW filter on device team0
[ 3211.337043][ T9293] team0: entered promiscuous mode
[ 3211.352744][ T9293] team_slave_0: entered promiscuous mode
[ 3211.369711][ T9293] team_slave_1: entered promiscuous mode
[ 3211.389225][ T9293] team0: entered allmulticast mode
[ 3211.411179][ T9293] team_slave_0: entered allmulticast mode
[ 3211.428396][ T9293] team_slave_1: entered allmulticast mode
[ 3211.430371][ T9284] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3211.447820][ T9293] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3211.457425][ T9284] CPU: 0 PID: 9284 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3211.467778][ T9284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3211.477870][ T9284] Call Trace:
[ 3211.481165][ T9284]  <TASK>
[ 3211.484115][ T9284]  dump_stack_lvl+0x1e7/0x2e0
[ 3211.488821][ T9284]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3211.494040][ T9284]  ? __pfx__printk+0x10/0x10
[ 3211.498643][ T9284]  ? ___ratelimit+0x4c4/0x670
[ 3211.503319][ T9284]  ? __pfx____ratelimit+0x10/0x10
[ 3211.508348][ T9284]  dump_header+0xda/0x6a0
[ 3211.512686][ T9284]  oom_kill_process+0x3a7/0x930
[ 3211.517547][ T9284]  out_of_memory+0xf67/0x1320
[ 3211.522220][ T9284]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3211.527843][ T9284]  ? __pfx___mutex_lock+0x10/0x10
[ 3211.532877][ T9284]  ? __pfx_out_of_memory+0x10/0x10
[ 3211.537988][ T9284]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3211.543536][ T9284]  ? __pfx_lock_release+0x10/0x10
[ 3211.548563][ T9284]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3211.554651][ T9284]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3211.559862][ T9284]  ? mem_cgroup_iter+0x422/0x560
[ 3211.564802][ T9284]  try_charge_memcg+0xda2/0x18a0
[ 3211.569750][ T9284]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3211.575116][ T9284]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3211.580833][ T9284]  ? __pfx_lock_release+0x10/0x10
[ 3211.585856][ T9284]  ? memcg_account_kmem+0x1e7/0x210
[ 3211.591055][ T9284]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3211.596857][ T9284]  __memcg_kmem_charge_page+0xe1/0x250
[ 3211.602314][ T9284]  memcg_charge_kernel_stack+0x37e/0x550
[ 3211.607943][ T9284]  dup_task_struct+0x15d/0x7d0
[ 3211.612703][ T9284]  copy_process+0x5d5/0x3fc0
[ 3211.617292][ T9284]  ? __might_fault+0xa9/0x120
[ 3211.621962][ T9284]  ? __pfx_lock_release+0x10/0x10
[ 3211.626986][ T9284]  ? __pfx_copy_process+0x10/0x10
[ 3211.632017][ T9284]  ? __might_fault+0xc5/0x120
[ 3211.636702][ T9284]  ? __asan_memset+0x23/0x50
[ 3211.641293][ T9284]  kernel_clone+0x21d/0x8d0
[ 3211.645791][ T9284]  ? __pfx_kernel_clone+0x10/0x10
[ 3211.650821][ T9284]  __se_sys_clone3+0x2cb/0x350
[ 3211.655579][ T9284]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3211.660863][ T9284]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3211.666844][ T9284]  ? exc_page_fault+0x587/0x870
[ 3211.671687][ T9284]  ? do_syscall_64+0xb4/0x240
[ 3211.676358][ T9284]  do_syscall_64+0xf9/0x240
[ 3211.680856][ T9284]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3211.686742][ T9284] RIP: 0033:0x7f49312a9b99
[ 3211.691146][ T9284] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3211.710829][ T9284] RSP: 002b:00007f49314cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3211.719237][ T9284] RAX: ffffffffffffffda RBX: 00007f4931252270 RCX: 00007f49312a9b99
[ 3211.727199][ T9284] RDX: 00007f4931252270 RSI: 0000000000000058 RDI: 00007f49314cf960
[ 3211.735161][ T9284] RBP: 00007f4931f096c0 R08: 00007f4931f096c0 R09: 00007f49314cfa47
[ 3211.743122][ T9284] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3211.751082][ T9284] R13: 000000000000000b R14: 00007f49314cf960 R15: 00007f49314cfa48
[ 3211.759059][ T9284]  </TASK>
10:58:23 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0xfffffff1}}}]}, 0x78}}, 0x0)

[ 3211.779025][ T9296] bond0: (slave team0): Releasing backup interface
[ 3211.791128][ T9296] team0: left promiscuous mode
[ 3211.803345][ T9284] memory: usage 307200kB, limit 307200kB, failcnt 95087
[ 3211.811849][ T9284] memory+swap: usage 318844kB, limit 9007199254740988kB, failcnt 0
[ 3211.813247][ T9296] team_slave_0: left promiscuous mode
[ 3211.820633][ T9284] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3211.833555][ T9284] Memory cgroup stats for /syz1:
[ 3211.833671][ T9284] cache 0
[ 3211.843652][ T9284] rss 20480
[ 3211.846746][ T9296] team_slave_1: left promiscuous mode
[ 3211.847517][ T9296] team0: left allmulticast mode
[ 3211.852984][ T9284] rss_huge 0
[ 3211.861504][ T9284] shmem 0
[ 3211.863181][ T9296] team_slave_0: left allmulticast mode
[ 3211.865159][ T9284] mapped_file 0
[ 3211.872459][ T9296] team_slave_1: left allmulticast mode
[ 3211.873646][ T9284] dirty 0
[ 3211.883732][ T9284] writeback 0
[ 3211.887755][ T9284] workingset_refault_anon 37716
[ 3211.892870][ T9284] workingset_refault_file 357
[ 3211.896193][ T9296] bridge0: port 9(team0) entered blocking state
[ 3211.898248][ T9284] swap 11902976
[ 3211.908111][ T9284] swapcached 0
[ 3211.911758][ T9284] pgpgin 3289290
[ 3211.915931][ T9284] pgpgout 3289285
[ 3211.919797][ T9284] pgfault 3623675
[ 3211.923721][ T9284] pgmajfault 39600
[ 3211.928381][ T9284] inactive_anon 0
[ 3211.930877][ T9296] bridge0: port 9(team0) entered disabled state
[ 3211.932296][ T9284] active_anon 20480
[ 3211.943223][ T9284] inactive_file 0
[ 3211.943553][ T9296] team0: entered allmulticast mode
[ 3211.947541][ T9284] active_file 0
[ 3211.956139][ T9284] unevictable 0
[ 3211.959881][ T9284] hierarchical_memory_limit 314572800
[ 3211.966326][ T9284] hierarchical_memsw_limit 9223372036854771712
[ 3211.967493][ T9296] team_slave_0: entered allmulticast mode
[ 3211.972743][ T9284] total_cache 0
[ 3211.982349][ T9284] total_rss 20480
[ 3211.983316][ T9296] team_slave_1: entered allmulticast mode
[ 3211.987661][ T9284] total_rss_huge 0
[ 3211.995310][ T9296] team0: entered promiscuous mode
[ 3211.996411][ T9284] total_shmem 0
[ 3212.000607][ T9296] team_slave_0: entered promiscuous mode
[ 3212.000796][ T9296] team_slave_1: entered promiscuous mode
[ 3212.004712][ T9284] total_mapped_file 0
[ 3212.004724][ T9284] total_dirty 0
[ 3212.004732][ T9284] total_writeback 0
[ 3212.004740][ T9284] total_workingset_refault_anon 37716
[ 3212.004748][ T9284] total_workingset_refault_file 357
[ 3212.004757][ T9284] total_swap 11902976
[ 3212.004765][ T9284] total_swapcached 0
[ 3212.004773][ T9284] total_pgpgin 3289290
[ 3212.004781][ T9284] total_pgpgout 3289285
[ 3212.004789][ T9284] total_pgfault 3623675
[ 3212.004798][ T9284] total_pgmajfault 39600
[ 3212.004806][ T9284] total_inactive_anon 0
[ 3212.004814][ T9284] total_active_anon 20480
[ 3212.004822][ T9284] total_inactive_file 0
[ 3212.004830][ T9284] total_active_file 0
10:58:23 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000061201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3212.004838][ T9284] total_unevictable 0
[ 3212.004846][ T9284] anon_cost 0
[ 3212.004854][ T9284] file_cost 0
[ 3212.004862][ T9284] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1
[ 3212.043703][ T9303] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3212.050652][ T9284] ,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=9284,uid=0
10:58:23 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e000000100a8188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:58:24 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0xfffffffc}}}]}, 0x78}}, 0x0)

[ 3212.130737][ T9284] Memory cgroup out of memory: Killed process 9284 (syz-executor.1) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
10:58:24 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e000000100c8188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3212.225184][ T9308] team0: left allmulticast mode
[ 3212.237518][ T9308] team_slave_0: left allmulticast mode
[ 3212.275653][ T9308] team_slave_1: left allmulticast mode
[ 3212.299294][ T9308] team0: left promiscuous mode
[ 3212.312984][ T9308] team_slave_0: left promiscuous mode
10:58:24 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0x14}, 0x0)

[ 3212.330936][ T9308] team_slave_1: left promiscuous mode
[ 3212.342617][ T9308] bridge0: port 9(team0) entered disabled state
[ 3212.356723][ T9308] 8021q: adding VLAN 0 to HW filter on device team0
[ 3212.376496][ T9308] team0: entered promiscuous mode
[ 3212.389732][ T9308] team_slave_0: entered promiscuous mode
[ 3212.405326][ T9308] team_slave_1: entered promiscuous mode
[ 3212.420193][ T9308] team0: entered allmulticast mode
[ 3212.431493][ T9308] team_slave_0: entered allmulticast mode
[ 3212.444885][ T9308] team_slave_1: entered allmulticast mode
[ 3212.462257][ T9308] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3212.485567][ T9311] validate_nla: 14 callbacks suppressed
[ 3212.485585][ T9311] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3212.519052][ T9311] bond0: (slave team0): Releasing backup interface
[ 3212.536016][ T9311] team0: left promiscuous mode
[ 3212.540828][ T9311] team_slave_0: left promiscuous mode
[ 3212.553135][ T9311] team_slave_1: left promiscuous mode
[ 3212.570829][ T9311] team0: left allmulticast mode
[ 3212.582295][ T9311] team_slave_0: left allmulticast mode
[ 3212.595065][ T9311] team_slave_1: left allmulticast mode
[ 3212.622195][ T9311] bridge0: port 9(team0) entered blocking state
[ 3212.637908][ T9311] bridge0: port 9(team0) entered disabled state
[ 3212.645470][ T9311] team0: entered allmulticast mode
[ 3212.650816][ T9311] team_slave_0: entered allmulticast mode
[ 3212.659795][ T9311] team_slave_1: entered allmulticast mode
[ 3212.673087][ T9311] team0: entered promiscuous mode
[ 3212.685824][ T9311] team_slave_0: entered promiscuous mode
[ 3212.699490][ T9311] team_slave_1: entered promiscuous mode
[ 3212.715695][ T9313] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
10:58:24 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e000000100f8188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3212.744955][ T9315] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:24 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}}}}]}, 0x78}}, 0x0)

10:58:24 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010108188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3212.891222][ T9320] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3212.928417][ T9322] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:24 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000071201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3213.033813][ T6458] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 3213.076810][ T9325] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3213.082403][ T6458] CPU: 0 PID: 6458 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3213.095321][ T6458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3213.105392][ T6458] Call Trace:
[ 3213.108691][ T6458]  <TASK>
[ 3213.111639][ T6458]  dump_stack_lvl+0x1e7/0x2e0
[ 3213.116348][ T6458]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3213.121581][ T6458]  ? __pfx__printk+0x10/0x10
[ 3213.126193][ T6458]  ? ___ratelimit+0x4c4/0x670
[ 3213.130899][ T6458]  ? __pfx____ratelimit+0x10/0x10
[ 3213.135959][ T6458]  dump_header+0xda/0x6a0
[ 3213.140314][ T6458]  oom_kill_process+0x3a7/0x930
[ 3213.145189][ T6458]  out_of_memory+0xf67/0x1320
[ 3213.149920][ T6458]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3213.155604][ T6458]  ? __pfx___mutex_lock+0x10/0x10
[ 3213.160662][ T6458]  ? __pfx_out_of_memory+0x10/0x10
[ 3213.165808][ T6458]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3213.171380][ T6458]  ? __pfx_lock_release+0x10/0x10
[ 3213.176431][ T6458]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3213.182525][ T6458]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3213.187749][ T6458]  ? mem_cgroup_iter+0x422/0x560
[ 3213.192709][ T6458]  try_charge_memcg+0xda2/0x18a0
[ 3213.197668][ T6458]  ? mark_lock+0x9a/0x350
[ 3213.202053][ T6458]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3213.207478][ T6458]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3213.213653][ T6458]  charge_memcg+0xa2/0x160
[ 3213.218100][ T6458]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3213.224192][ T6458]  __read_swap_cache_async+0x480/0x8b0
[ 3213.229677][ T6458]  ? mark_lock+0x9a/0x350
[ 3213.234131][ T6458]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3213.240135][ T6458]  swap_cluster_readahead+0x67c/0x810
[ 3213.245517][ T6458]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3213.251409][ T6458]  ? __pfx_lock_release+0x10/0x10
[ 3213.256432][ T6458]  ? xas_descend+0x37e/0x470
[ 3213.261023][ T6458]  swapin_readahead+0x1ea/0x1070
[ 3213.265953][ T6458]  ? filemap_get_entry+0x127/0x4e0
[ 3213.271082][ T6458]  ? __pfx_swapin_readahead+0x10/0x10
[ 3213.276499][ T6458]  ? __filemap_get_folio+0x935/0xbc0
[ 3213.281787][ T6458]  ? swap_cache_get_folio+0x9f/0x570
[ 3213.287076][ T6458]  do_swap_page+0x8ab/0x3da0
[ 3213.291670][ T6458]  ? __pte_offset_map+0x2c4/0x380
[ 3213.296700][ T6458]  ? do_swap_page+0x154/0x3da0
[ 3213.301472][ T6458]  ? __pfx_do_swap_page+0x10/0x10
[ 3213.306498][ T6458]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3213.311971][ T6458]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3213.317783][ T6458]  ? __pfx_validate_chain+0x10/0x10
[ 3213.322982][ T6458]  __handle_mm_fault+0x15e8/0x72d0
[ 3213.328115][ T6458]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3213.333577][ T6458]  ? mt_find+0x226/0x850
[ 3213.337828][ T6458]  ? __pfx_lock_release+0x10/0x10
[ 3213.342865][ T6458]  ? mt_find+0x62d/0x850
[ 3213.347108][ T6458]  ? mt_find+0x226/0x850
[ 3213.351360][ T6458]  ? find_vma+0x142/0x1c0
[ 3213.355688][ T6458]  ? __pfx_find_vma+0x10/0x10
[ 3213.360358][ T6458]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3213.366342][ T6458]  handle_mm_fault+0x3c1/0x8a0
[ 3213.371109][ T6458]  exc_page_fault+0x2ad/0x870
[ 3213.375791][ T6458]  asm_exc_page_fault+0x26/0x30
[ 3213.380651][ T6458] RIP: 0010:__get_user_8+0x11/0x20
[ 3213.385758][ T6458] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 3213.405355][ T6458] RSP: 0018:ffffc900059a7d98 EFLAGS: 00050202
[ 3213.411417][ T6458] RAX: 0000555556856da8 RBX: ffff8880761fee78 RCX: ffffc900059a7c03
[ 3213.419381][ T6458] RDX: 0000000000000000 RSI: ffffffff8baac760 RDI: ffffffff8bfe6820
[ 3213.427358][ T6458] RBP: ffffc900059a7ec8 R08: ffffffff8f855a6f R09: 1ffffffff1f0ab4d
[ 3213.435336][ T6458] R10: dffffc0000000000 R11: fffffbfff1f0ab4e R12: ffffc900059a7da0
[ 3213.443330][ T6458] R13: ffffc900059a7fd8 R14: dffffc0000000000 R15: ffff8880761fd940
[ 3213.451333][ T6458]  __rseq_handle_notify_resume+0x158/0x1490
[ 3213.457247][ T6458]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 3213.463600][ T6458]  ? syscall_exit_to_user_mode+0xa2/0x370
[ 3213.469319][ T6458]  syscall_exit_to_user_mode+0x113/0x370
[ 3213.474968][ T6458]  do_syscall_64+0x108/0x240
[ 3213.479579][ T6458]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3213.485486][ T6458] RIP: 0033:0x7f49312a91b5
[ 3213.489914][ T6458] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[ 3213.509519][ T6458] RSP: 002b:00007f49314cfcf0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 3213.517931][ T6458] RAX: 0000000000000000 RBX: 00000000000037c3 RCX: 00007f49312a91b5
[ 3213.525897][ T6458] RDX: 00007f49314cfd30 RSI: 0000000000000000 RDI: 0000000000000000
[ 3213.533865][ T6458] RBP: 00007f49314cfdbc R08: 0000000000000000 R09: 00007fffcebe70b0
[ 3213.541843][ T6458] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 3213.549807][ T6458] R13: 000000000031046d R14: 000000000031046d R15: 0000000000000000
[ 3213.557813][ T6458]  </TASK>
10:58:25 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0x2}}}]}, 0x78}}, 0x0)

10:58:25 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010608188040f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3213.573044][ T9327] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3213.619567][ T9327] team0: left allmulticast mode
[ 3213.649005][ T6458] memory: usage 307200kB, limit 307200kB, failcnt 95640
[ 3213.658787][ T9327] team_slave_0: left allmulticast mode
[ 3213.659379][ T6458] memory+swap: usage 318844kB, limit 9007199254740988kB, failcnt 0
[ 3213.673172][ T6458] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3213.682524][ T6458] Memory cgroup stats for /syz1:
[ 3213.682642][ T6458] cache 0
[ 3213.690840][ T9327] team_slave_1: left allmulticast mode
[ 3213.691130][ T6458] rss 0
[ 3213.699555][ T6458] rss_huge 0
[ 3213.702072][ T9327] team0: left promiscuous mode
[ 3213.703605][ T6458] shmem 0
[ 3213.713038][ T6458] mapped_file 0
[ 3213.715242][ T9327] team_slave_0: left promiscuous mode
[ 3213.716916][ T6458] dirty 0
[ 3213.722470][ T9327] team_slave_1: left promiscuous mode
[ 3213.725490][ T6458] writeback 0
[ 3213.725502][ T6458] workingset_refault_anon 37850
[ 3213.725511][ T6458] workingset_refault_file 357
[ 3213.725520][ T6458] swap 11923456
[ 3213.725528][ T6458] swapcached 0
[ 3213.725535][ T6458] pgpgin 3289460
[ 3213.725544][ T6458] pgpgout 3289460
[ 3213.725552][ T6458] pgfault 3623924
[ 3213.725560][ T6458] pgmajfault 39745
[ 3213.725568][ T6458] inactive_anon 0
[ 3213.725576][ T6458] active_anon 0
[ 3213.725584][ T6458] inactive_file 0
[ 3213.725592][ T6458] active_file 0
[ 3213.725600][ T6458] unevictable 0
[ 3213.725608][ T6458] hierarchical_memory_limit 314572800
[ 3213.725617][ T6458] hierarchical_memsw_limit 9223372036854771712
[ 3213.725626][ T6458] total_cache 0
[ 3213.725634][ T6458] total_rss 0
[ 3213.725641][ T6458] total_rss_huge 0
[ 3213.725649][ T6458] total_shmem 0
[ 3213.725657][ T6458] total_mapped_file 0
[ 3213.725664][ T6458] total_dirty 0
[ 3213.725672][ T6458] total_writeback 0
[ 3213.725680][ T6458] total_workingset_refault_anon 37850
[ 3213.725689][ T6458] total_workingset_refault_file 357
[ 3213.725697][ T6458] total_swap 11923456
[ 3213.725705][ T6458] total_swapcached 0
[ 3213.725713][ T6458] total_pgpgin 3289460
[ 3213.725721][ T6458] total_pgpgout 3289460
[ 3213.725729][ T6458] total_pgfault 3623924
[ 3213.725738][ T6458] total_pgmajfault 39745
[ 3213.725745][ T6458] total_inactive_anon 0
[ 3213.725754][ T6458] total_active_anon 0
[ 3213.725762][ T6458] total_inactive_file 0
[ 3213.725770][ T6458] total_active_file 0
[ 3213.725778][ T6458] total_unevictable 0
[ 3213.725787][ T6458] anon_cost 0
[ 3213.725795][ T6458] file_cost 0
10:58:25 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0x15}, 0x0)

[ 3213.725803][ T6458] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=9318,uid=0
[ 3213.725938][ T6458] Memory cgroup out of memory: Killed process 9318 (syz-executor.1) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3213.954552][ T9327] bridge0: port 9(team0) entered disabled state
[ 3213.971587][ T9327] 8021q: adding VLAN 0 to HW filter on device team0
[ 3213.980554][ T9327] team0: entered promiscuous mode
[ 3213.986171][ T9327] team_slave_0: entered promiscuous mode
[ 3213.993835][ T9327] team_slave_1: entered promiscuous mode
[ 3214.000877][ T9327] team0: entered allmulticast mode
[ 3214.007497][ T9327] team_slave_0: entered allmulticast mode
[ 3214.013360][ T9327] team_slave_1: entered allmulticast mode
[ 3214.020544][ T9327] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3214.040251][ T9330] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3214.077114][ T9330] bond0: (slave team0): Releasing backup interface
[ 3214.093179][ T9330] team0: left promiscuous mode
[ 3214.100403][ T9330] team_slave_0: left promiscuous mode
[ 3214.112861][ T9330] team_slave_1: left promiscuous mode
[ 3214.125053][ T9330] team0: left allmulticast mode
[ 3214.133507][ T9330] team_slave_0: left allmulticast mode
[ 3214.152535][ T9330] team_slave_1: left allmulticast mode
10:58:26 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x8, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3214.190149][ T9330] bridge0: port 9(team0) entered blocking state
[ 3214.213471][ T9330] bridge0: port 9(team0) entered disabled state
[ 3214.235535][ T9330] team0: entered allmulticast mode
[ 3214.249385][ T9330] team_slave_0: entered allmulticast mode
[ 3214.276600][ T9330] team_slave_1: entered allmulticast mode
[ 3214.299806][ T9330] team0: entered promiscuous mode
[ 3214.324627][ T9330] team_slave_0: entered promiscuous mode
[ 3214.339371][ T9337] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3214.355228][ T9330] team_slave_1: entered promiscuous mode
[ 3214.368026][ T9337] CPU: 0 PID: 9337 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3214.378392][ T9337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3214.388467][ T9337] Call Trace:
[ 3214.391766][ T9337]  <TASK>
[ 3214.394714][ T9337]  dump_stack_lvl+0x1e7/0x2e0
[ 3214.399430][ T9337]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3214.404655][ T9337]  ? __pfx__printk+0x10/0x10
[ 3214.409269][ T9337]  ? ___ratelimit+0x4c4/0x670
[ 3214.413980][ T9337]  ? __pfx____ratelimit+0x10/0x10
[ 3214.419030][ T9337]  dump_header+0xda/0x6a0
[ 3214.423391][ T9337]  oom_kill_process+0x3a7/0x930
[ 3214.426333][ T9332] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3214.428249][ T9337]  out_of_memory+0xf67/0x1320
[ 3214.428282][ T9337]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3214.446749][ T9337]  ? __pfx___mutex_lock+0x10/0x10
[ 3214.451813][ T9337]  ? __pfx_out_of_memory+0x10/0x10
[ 3214.456957][ T9337]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3214.462524][ T9337]  ? __pfx_lock_release+0x10/0x10
[ 3214.467577][ T9337]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3214.473669][ T9337]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3214.478889][ T9337]  ? mem_cgroup_iter+0x422/0x560
[ 3214.483846][ T9337]  try_charge_memcg+0xda2/0x18a0
[ 3214.488837][ T9337]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3214.494230][ T9337]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3214.499965][ T9337]  ? __pfx_lock_release+0x10/0x10
[ 3214.505014][ T9337]  ? memcg_account_kmem+0x1e7/0x210
[ 3214.510245][ T9337]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3214.516163][ T9337]  __memcg_kmem_charge_page+0xe1/0x250
[ 3214.521662][ T9337]  memcg_charge_kernel_stack+0x304/0x550
[ 3214.527319][ T9337]  dup_task_struct+0x15d/0x7d0
[ 3214.532109][ T9337]  copy_process+0x5d5/0x3fc0
[ 3214.536736][ T9337]  ? __might_fault+0xa9/0x120
[ 3214.541434][ T9337]  ? __pfx_lock_release+0x10/0x10
[ 3214.546487][ T9337]  ? __pfx_copy_process+0x10/0x10
[ 3214.551532][ T9337]  ? __might_fault+0xc5/0x120
[ 3214.556233][ T9337]  ? __asan_memset+0x23/0x50
[ 3214.560854][ T9337]  kernel_clone+0x21d/0x8d0
[ 3214.565386][ T9337]  ? __pfx_kernel_clone+0x10/0x10
[ 3214.570450][ T9337]  __se_sys_clone3+0x2cb/0x350
[ 3214.575239][ T9337]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3214.580568][ T9337]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3214.586589][ T9337]  ? exc_page_fault+0x587/0x870
[ 3214.591465][ T9337]  ? do_syscall_64+0xb4/0x240
[ 3214.596170][ T9337]  do_syscall_64+0xf9/0x240
[ 3214.600711][ T9337]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3214.606630][ T9337] RIP: 0033:0x7f49312a9b99
[ 3214.611062][ T9337] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3214.630686][ T9337] RSP: 002b:00007f49314cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3214.639121][ T9337] RAX: ffffffffffffffda RBX: 00007f4931252270 RCX: 00007f49312a9b99
[ 3214.647110][ T9337] RDX: 00007f4931252270 RSI: 0000000000000058 RDI: 00007f49314cf960
[ 3214.655096][ T9337] RBP: 00007f4931f096c0 R08: 00007f4931f096c0 R09: 00007f49314cfa47
[ 3214.663084][ T9337] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3214.671069][ T9337] R13: 000000000000000b R14: 00007f49314cf960 R15: 00007f49314cfa48
[ 3214.679071][ T9337]  </TASK>
[ 3214.706050][ T9333] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:26 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188020f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:58:26 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0x3}}}]}, 0x78}}, 0x0)

10:58:26 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000081201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3214.734783][ T9337] memory: usage 307200kB, limit 307200kB, failcnt 96251
[ 3214.803074][ T9337] memory+swap: usage 318840kB, limit 9007199254740988kB, failcnt 0
[ 3214.809618][ T9342] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3214.853333][ T9337] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[ 3214.883414][ T9337] Memory cgroup stats for /syz1:
[ 3214.883578][ T9337] cache 0
[ 3214.903546][ T9343] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3214.912071][ T9337] rss 4096
[ 3214.912085][ T9337] rss_huge 0
[ 3214.912094][ T9337] shmem 0
[ 3214.912101][ T9337] mapped_file 0
[ 3214.912109][ T9337] dirty 0
[ 3214.912116][ T9337] writeback 0
[ 3214.912124][ T9337] workingset_refault_anon 38009
[ 3214.912132][ T9337] workingset_refault_file 357
[ 3214.912140][ T9337] swap 11919360
[ 3214.912148][ T9337] swapcached 0
[ 3214.912156][ T9337] pgpgin 3289640
[ 3214.912164][ T9337] pgpgout 3289639
[ 3214.912171][ T9337] pgfault 3624176
[ 3214.912179][ T9337] pgmajfault 39902
[ 3214.912187][ T9337] inactive_anon 0
[ 3214.912195][ T9337] active_anon 4096
[ 3214.912202][ T9337] inactive_file 0
[ 3214.912210][ T9337] active_file 0
[ 3214.912218][ T9337] unevictable 0
[ 3214.912226][ T9337] hierarchical_memory_limit 314572800
[ 3214.912234][ T9337] hierarchical_memsw_limit 9223372036854771712
[ 3214.912243][ T9337] total_cache 0
[ 3214.912257][ T9337] total_rss 4096
[ 3214.912265][ T9337] total_rss_huge 0
[ 3214.912273][ T9337] total_shmem 0
[ 3214.912281][ T9337] total_mapped_file 0
[ 3214.912289][ T9337] total_dirty 0
[ 3214.912296][ T9337] total_writeback 0
[ 3214.912304][ T9337] total_workingset_refault_anon 38009
[ 3214.912313][ T9337] total_workingset_refault_file 357
[ 3214.912321][ T9337] total_swap 11919360
[ 3214.912329][ T9337] total_swapcached 0
[ 3214.912337][ T9337] total_pgpgin 3289640
[ 3214.912345][ T9337] total_pgpgout 3289639
10:58:26 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0x48}, 0x0)

[ 3214.912353][ T9337] total_pgfault 3624176
[ 3214.912359][ T9337] total_pgmajfault 39902
[ 3214.912367][ T9337] total_inactive_anon 0
[ 3214.912375][ T9337] total_active_anon 4096
[ 3214.912384][ T9337] total_inactive_file 0
[ 3214.912391][ T9337] total_active_file 0
[ 3214.912399][ T9337] total_unevictable 0
[ 3214.912407][ T9337] anon_cost 0
[ 3214.912414][ T9337] file_cost 0
[ 3214.912422][ T9337] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=9337,uid=0
[ 3214.912536][ T9337] Memory cgroup out of memory: Killed process 9337 (syz-executor.1) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3215.254192][ T9345] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3215.280433][ T9345] team0: left allmulticast mode
[ 3215.303611][ T9345] team_slave_0: left allmulticast mode
[ 3215.324397][ T9345] team_slave_1: left allmulticast mode
[ 3215.330215][ T9345] team0: left promiscuous mode
[ 3215.346546][ T9345] team_slave_0: left promiscuous mode
[ 3215.366649][ T9345] team_slave_1: left promiscuous mode
[ 3215.375126][ T9345] bridge0: port 9(team0) entered disabled state
[ 3215.413836][ T9345] 8021q: adding VLAN 0 to HW filter on device team0
[ 3215.443483][ T9345] team0: entered promiscuous mode
[ 3215.459156][ T9345] team_slave_0: entered promiscuous mode
[ 3215.482094][ T9345] team_slave_1: entered promiscuous mode
[ 3215.509493][ T9345] team0: entered allmulticast mode
[ 3215.539539][ T9345] team_slave_0: entered allmulticast mode
[ 3215.549862][ T9345] team_slave_1: entered allmulticast mode
[ 3215.565743][ T9345] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3215.621466][ T9346] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3215.623527][ T9350] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 3215.646470][ T9350] CPU: 1 PID: 9350 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3215.656818][ T9350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3215.666868][ T9350] Call Trace:
[ 3215.670137][ T9350]  <TASK>
[ 3215.673059][ T9350]  dump_stack_lvl+0x1e7/0x2e0
[ 3215.678085][ T9350]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3215.683275][ T9350]  ? __pfx__printk+0x10/0x10
[ 3215.687860][ T9350]  ? ___ratelimit+0x4c4/0x670
[ 3215.692532][ T9350]  ? __pfx____ratelimit+0x10/0x10
[ 3215.697550][ T9350]  dump_header+0xda/0x6a0
[ 3215.701878][ T9350]  oom_kill_process+0x3a7/0x930
[ 3215.706725][ T9350]  out_of_memory+0xf67/0x1320
[ 3215.711400][ T9350]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3215.717025][ T9350]  ? __pfx___mutex_lock+0x10/0x10
[ 3215.722046][ T9350]  ? __pfx_out_of_memory+0x10/0x10
[ 3215.727176][ T9350]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3215.732716][ T9350]  ? __pfx_lock_release+0x10/0x10
[ 3215.737737][ T9350]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3215.743802][ T9350]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3215.748991][ T9350]  ? mem_cgroup_iter+0x422/0x560
[ 3215.753933][ T9350]  try_charge_memcg+0xda2/0x18a0
[ 3215.758871][ T9350]  ? mark_lock+0x9a/0x350
[ 3215.763205][ T9350]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3215.768586][ T9350]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3215.774731][ T9350]  charge_memcg+0xa2/0x160
[ 3215.779146][ T9350]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3215.785209][ T9350]  __read_swap_cache_async+0x480/0x8b0
[ 3215.790668][ T9350]  ? mark_lock+0x9a/0x350
[ 3215.794998][ T9350]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3215.800979][ T9350]  swap_cluster_readahead+0x67c/0x810
[ 3215.806354][ T9350]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3215.812241][ T9350]  ? __pfx_lock_release+0x10/0x10
[ 3215.817262][ T9350]  ? xas_descend+0x37e/0x470
[ 3215.821852][ T9350]  swapin_readahead+0x1ea/0x1070
[ 3215.826782][ T9350]  ? filemap_get_entry+0x127/0x4e0
[ 3215.831897][ T9350]  ? __pfx_swapin_readahead+0x10/0x10
[ 3215.837272][ T9350]  ? __filemap_get_folio+0x935/0xbc0
[ 3215.842554][ T9350]  ? swap_cache_get_folio+0x9f/0x570
[ 3215.847835][ T9350]  do_swap_page+0x8ab/0x3da0
[ 3215.852420][ T9350]  ? __pte_offset_map+0x2c4/0x380
[ 3215.857445][ T9350]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3215.863423][ T9350]  ? do_swap_page+0x154/0x3da0
[ 3215.868179][ T9350]  ? __pfx_do_swap_page+0x10/0x10
[ 3215.873197][ T9350]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3215.878651][ T9350]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3215.884450][ T9350]  ? __pfx_validate_chain+0x10/0x10
[ 3215.889645][ T9350]  __handle_mm_fault+0x15e8/0x72d0
[ 3215.894769][ T9350]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3215.900223][ T9350]  ? mt_find+0x226/0x850
[ 3215.904457][ T9350]  ? __pfx_lock_release+0x10/0x10
[ 3215.909491][ T9350]  ? mt_find+0x62d/0x850
[ 3215.913726][ T9350]  ? mt_find+0x226/0x850
[ 3215.917977][ T9350]  ? find_vma+0x142/0x1c0
[ 3215.922296][ T9350]  ? __pfx_find_vma+0x10/0x10
[ 3215.926960][ T9350]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3215.932939][ T9350]  handle_mm_fault+0x3c1/0x8a0
[ 3215.937709][ T9350]  exc_page_fault+0x2ad/0x870
[ 3215.942384][ T9350]  asm_exc_page_fault+0x26/0x30
[ 3215.947230][ T9350] RIP: 0010:__get_user_8+0x11/0x20
[ 3215.952332][ T9350] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 3215.971927][ T9350] RSP: 0018:ffffc900059b7d98 EFLAGS: 00050202
[ 3215.977987][ T9350] RAX: 0000555556856da8 RBX: ffff8880241a9538 RCX: ffffc900059b7c03
[ 3215.985947][ T9350] RDX: 0000000000000000 RSI: ffffffff8baac760 RDI: ffffffff8bfe6820
[ 3215.993912][ T9350] RBP: ffffc900059b7ec8 R08: ffffffff8f855a6f R09: 1ffffffff1f0ab4d
[ 3216.001879][ T9350] R10: dffffc0000000000 R11: fffffbfff1f0ab4e R12: ffffc900059b7da0
[ 3216.009839][ T9350] R13: ffffc900059b7fd8 R14: dffffc0000000000 R15: ffff8880241a8000
[ 3216.017815][ T9350]  __rseq_handle_notify_resume+0x158/0x1490
[ 3216.023715][ T9350]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 3216.030046][ T9350]  ? syscall_exit_to_user_mode+0xa2/0x370
[ 3216.035764][ T9350]  syscall_exit_to_user_mode+0x113/0x370
[ 3216.041393][ T9350]  do_syscall_64+0x108/0x240
[ 3216.045980][ T9350]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3216.051866][ T9350] RIP: 0033:0x7f493127de67
[ 3216.056272][ T9350] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 3216.075871][ T9350] RSP: 002b:00007f49314cf9e8 EFLAGS: 00000206 ORIG_RAX: 000000000000000a
[ 3216.084283][ T9350] RAX: 0000000000000000 RBX: 00007f4931f096c0 RCX: 00007f493127de67
[ 3216.092254][ T9350] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f4931eea000
[ 3216.100221][ T9350] RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000
[ 3216.108182][ T9350] R10: 0000000000021000 R11: 0000000000000206 R12: 00007f49314cfc90
[ 3216.116144][ T9350] R13: ffffffffffffffc0 R14: 0000000000001000 R15: 0000000000000000
[ 3216.124131][ T9350]  </TASK>
[ 3216.136523][ T9346] bond0: (slave team0): Releasing backup interface
[ 3216.144905][ T9346] team0: left allmulticast mode
[ 3216.149780][ T9346] team_slave_0: left allmulticast mode
[ 3216.161969][ T9346] team_slave_1: left allmulticast mode
[ 3216.170474][ T9346] bridge0: port 6(team0) entered blocking state
[ 3216.177470][ T9346] bridge0: port 6(team0) entered disabled state
[ 3216.184139][ T9346] team0: entered allmulticast mode
[ 3216.189436][ T9346] team_slave_0: entered allmulticast mode
[ 3216.201244][ T9350] memory: usage 307180kB, limit 307200kB, failcnt 96731
[ 3216.205094][ T9346] team_slave_1: entered allmulticast mode
10:58:28 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0x4}}}]}, 0x78}}, 0x0)

[ 3216.225486][ T9350] memory+swap: usage 318804kB, limit 9007199254740988kB, failcnt 0
[ 3216.226046][ T9348] bond0: (slave team0): Releasing backup interface
[ 3216.259422][ T9350] kmem: usage 307168kB, limit 9007199254740988kB, failcnt 0
10:58:28 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188030f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3216.276726][ T9350] Memory cgroup stats for /syz1:
[ 3216.276868][ T9350] cache 0
[ 3216.295506][ T9348] team0: left promiscuous mode
[ 3216.300318][ T9348] team_slave_0: left promiscuous mode
[ 3216.307181][ T9348] team_slave_1: left promiscuous mode
[ 3216.307691][ T9350] rss 12288
[ 3216.324810][ T9348] team0: left allmulticast mode
[ 3216.327183][ T9350] rss_huge 0
[ 3216.336372][ T9348] team_slave_0: left allmulticast mode
[ 3216.345862][ T9350] shmem 0
[ 3216.355036][ T9348] team_slave_1: left allmulticast mode
[ 3216.357573][ T9350] mapped_file 0
[ 3216.365057][ T9350] dirty 0
[ 3216.367591][ T9348] bridge0: port 9(team0) entered blocking state
[ 3216.368339][ T9350] writeback 0
[ 3216.380682][ T9348] bridge0: port 9(team0) entered disabled state
[ 3216.385089][ T9350] workingset_refault_anon 38101
[ 3216.392291][ T9348] team0: entered allmulticast mode
[ 3216.392331][ T9350] workingset_refault_file 357
[ 3216.401628][ T9348] team_slave_0: entered allmulticast mode
[ 3216.409780][ T9350] swap 11902976
[ 3216.417640][ T9348] team_slave_1: entered allmulticast mode
[ 3216.422772][ T9350] swapcached 0
[ 3216.429909][ T9350] pgpgin 3289766
[ 3216.433185][ T9348] team0: entered promiscuous mode
[ 3216.436440][ T9350] pgpgout 3289763
[ 3216.444428][ T9348] team_slave_0: entered promiscuous mode
[ 3216.454455][ T9350] pgfault 3624363
[ 3216.456531][ T9348] team_slave_1: entered promiscuous mode
10:58:28 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000091201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3216.476599][ T9354] team0: left allmulticast mode
[ 3216.478434][ T9350] pgmajfault 40003
[ 3216.481581][ T9354] team_slave_0: left allmulticast mode
[ 3216.492223][ T9350] inactive_anon 0
[ 3216.497686][ T9350] active_anon 12288
[ 3216.497742][ T9354] team_slave_1: left allmulticast mode
[ 3216.506246][ T9350] inactive_file 0
[ 3216.516466][ T9350] active_file 0
[ 3216.526014][ T9354] team0: left promiscuous mode
[ 3216.526710][ T9350] unevictable 0
[ 3216.539586][ T9350] hierarchical_memory_limit 314572800
[ 3216.542128][ T9354] team_slave_0: left promiscuous mode
[ 3216.555388][ T9350] hierarchical_memsw_limit 9223372036854771712
[ 3216.569360][ T9350] total_cache 0
[ 3216.578430][ T9354] team_slave_1: left promiscuous mode
[ 3216.579494][ T9350] total_rss 12288
[ 3216.585137][ T9354] bridge0: port 6(team0) entered disabled state
[ 3216.595774][ T9350] total_rss_huge 0
[ 3216.602728][ T9350] total_shmem 0
[ 3216.611986][ T9354] 8021q: adding VLAN 0 to HW filter on device team0
[ 3216.617039][ T9350] total_mapped_file 0
[ 3216.622829][ T9350] total_dirty 0
[ 3216.624703][ T9354] team0: entered promiscuous mode
[ 3216.632223][ T9350] total_writeback 0
[ 3216.638253][ T9350] total_workingset_refault_anon 38101
[ 3216.644675][ T9350] total_workingset_refault_file 357
[ 3216.651127][ T9350] total_swap 11902976
[ 3216.656586][ T9350] total_swapcached 0
[ 3216.658939][ T9354] team_slave_0: entered promiscuous mode
[ 3216.660933][ T9350] total_pgpgin 3289766
[ 3216.675491][ T9350] total_pgpgout 3289763
[ 3216.679353][ T9354] team_slave_1: entered promiscuous mode
[ 3216.679838][ T9350] total_pgfault 3624363
[ 3216.691741][ T9350] total_pgmajfault 40003
[ 3216.695901][ T9354] team0: entered allmulticast mode
[ 3216.696950][ T9350] total_inactive_anon 0
[ 3216.708073][ T9350] total_active_anon 12288
[ 3216.712581][ T9350] total_inactive_file 0
[ 3216.718208][ T9350] total_active_file 0
[ 3216.718508][ T9354] team_slave_0: entered allmulticast mode
[ 3216.722396][ T9350] total_unevictable 0
[ 3216.733045][ T9350] anon_cost 0
[ 3216.737448][ T9350] file_cost 0
[ 3216.740946][ T9350] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=9350,uid=0
[ 3216.749070][ T9354] team_slave_1: entered allmulticast mode
[ 3216.761447][ T9350] Memory cgroup out of memory: Killed process 9350 (syz-executor.1) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
10:58:28 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0x60}, 0x0)

[ 3216.780197][ T9354] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3216.780298][ T9355] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3216.851995][ T9356] bond0: (slave team0): Releasing backup interface
[ 3216.860986][ T9356] team0: left allmulticast mode
[ 3216.867520][ T9356] team_slave_0: left allmulticast mode
[ 3216.881097][ T9356] team_slave_1: left allmulticast mode
[ 3216.912311][ T9356] bridge0: port 6(team0) entered blocking state
[ 3216.924510][ T9356] bridge0: port 6(team0) entered disabled state
[ 3216.937508][ T9356] team0: entered allmulticast mode
[ 3216.949480][ T9356] team_slave_0: entered allmulticast mode
[ 3216.967477][ T9356] team_slave_1: entered allmulticast mode
[ 3216.990129][ T9359] team0: left allmulticast mode
[ 3217.004620][ T9359] team_slave_0: left allmulticast mode
10:58:28 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0x5}}}]}, 0x78}}, 0x0)

10:58:28 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188050f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3217.023682][ T9359] team_slave_1: left allmulticast mode
[ 3217.044239][ T9359] team0: left promiscuous mode
[ 3217.049048][ T9359] team_slave_0: left promiscuous mode
[ 3217.077351][ T9359] team_slave_1: left promiscuous mode
[ 3217.091454][ T9359] bridge0: port 9(team0) entered disabled state
[ 3217.116064][ T9359] 8021q: adding VLAN 0 to HW filter on device team0
[ 3217.130554][ T9359] team0: entered promiscuous mode
[ 3217.133091][ T9362] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3217.141353][ T9359] team_slave_0: entered promiscuous mode
[ 3217.166695][ T9362] CPU: 0 PID: 9362 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3217.168452][ T9359] team_slave_1: entered promiscuous mode
[ 3217.177034][ T9362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3217.177048][ T9362] Call Trace:
[ 3217.177057][ T9362]  <TASK>
[ 3217.177066][ T9362]  dump_stack_lvl+0x1e7/0x2e0
[ 3217.177098][ T9362]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3217.177120][ T9362]  ? __pfx__printk+0x10/0x10
[ 3217.194362][ T9359] team0: entered allmulticast mode
[ 3217.196042][ T9362]  ? ___ratelimit+0x4c4/0x670
[ 3217.196078][ T9362]  ? __pfx____ratelimit+0x10/0x10
[ 3217.196104][ T9362]  dump_header+0xda/0x6a0
[ 3217.199132][ T9359] team_slave_0: entered allmulticast mode
[ 3217.203673][ T9362]  oom_kill_process+0x3a7/0x930
[ 3217.203703][ T9362]  out_of_memory+0xf67/0x1320
[ 3217.203729][ T9362]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3217.216608][ T9359] team_slave_1: entered allmulticast mode
[ 3217.218553][ T9362]  ? __pfx___mutex_lock+0x10/0x10
[ 3217.218587][ T9362]  ? __pfx_out_of_memory+0x10/0x10
[ 3217.218619][ T9362]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3217.274717][ T9362]  ? __pfx_lock_release+0x10/0x10
[ 3217.279751][ T9362]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3217.285815][ T9362]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3217.291007][ T9362]  ? mem_cgroup_iter+0x422/0x560
[ 3217.295941][ T9362]  try_charge_memcg+0xda2/0x18a0
[ 3217.300885][ T9362]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3217.306249][ T9362]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3217.311958][ T9362]  ? __pfx_lock_release+0x10/0x10
[ 3217.316973][ T9362]  ? memcg_account_kmem+0x1e7/0x210
[ 3217.322170][ T9362]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3217.327971][ T9362]  __memcg_kmem_charge_page+0xe1/0x250
[ 3217.333429][ T9362]  memcg_charge_kernel_stack+0x210/0x550
[ 3217.339056][ T9362]  dup_task_struct+0x40d/0x7d0
[ 3217.343813][ T9362]  copy_process+0x5d5/0x3fc0
[ 3217.348401][ T9362]  ? __might_fault+0xa9/0x120
[ 3217.353067][ T9362]  ? __pfx_lock_release+0x10/0x10
[ 3217.358087][ T9362]  ? __pfx_copy_process+0x10/0x10
[ 3217.363099][ T9362]  ? __might_fault+0xc5/0x120
[ 3217.367768][ T9362]  ? __asan_memset+0x23/0x50
[ 3217.372354][ T9362]  kernel_clone+0x21d/0x8d0
[ 3217.376852][ T9362]  ? __pfx_kernel_clone+0x10/0x10
[ 3217.381881][ T9362]  __se_sys_clone3+0x2cb/0x350
[ 3217.386634][ T9362]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3217.391945][ T9362]  ? do_syscall_64+0x108/0x240
[ 3217.396715][ T9362]  ? do_syscall_64+0xb4/0x240
[ 3217.401400][ T9362]  do_syscall_64+0xf9/0x240
[ 3217.405912][ T9362]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3217.411818][ T9362] RIP: 0033:0x7f49312a9b99
[ 3217.416234][ T9362] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3217.435836][ T9362] RSP: 002b:00007f49314cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3217.444244][ T9362] RAX: ffffffffffffffda RBX: 00007f4931252270 RCX: 00007f49312a9b99
[ 3217.452210][ T9362] RDX: 00007f4931252270 RSI: 0000000000000058 RDI: 00007f49314cf960
[ 3217.460176][ T9362] RBP: 00007f4931f096c0 R08: 00007f4931f096c0 R09: 00007f49314cfa47
[ 3217.468141][ T9362] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3217.476114][ T9362] R13: 000000000000000b R14: 00007f49314cf960 R15: 00007f49314cfa48
[ 3217.484098][ T9362]  </TASK>
[ 3217.535810][ T9359] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3217.550015][ T9360] validate_nla: 4 callbacks suppressed
[ 3217.550033][ T9360] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3217.564515][ T9362] memory: usage 307200kB, limit 307200kB, failcnt 96926
[ 3217.564535][ T9362] memory+swap: usage 318832kB, limit 9007199254740988kB, failcnt 0
10:58:29 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x9, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3217.564551][ T9362] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[ 3217.564564][ T9362] Memory cgroup stats for /syz1:
[ 3217.564678][ T9362] cache 0
[ 3217.602447][ T9362] rss 12288
[ 3217.607707][ T9362] rss_huge 0
[ 3217.612063][ T9360] bond0: (slave team0): Releasing backup interface
[ 3217.629733][ T9362] shmem 0
[ 3217.633646][ T9360] team0: left promiscuous mode
[ 3217.639404][ T9360] team_slave_0: left promiscuous mode
[ 3217.654515][ T9360] team_slave_1: left promiscuous mode
[ 3217.661493][ T9360] team0: left allmulticast mode
[ 3217.669021][ T9362] mapped_file 0
[ 3217.672353][ T9360] team_slave_0: left allmulticast mode
[ 3217.672641][ T9362] dirty 0
[ 3217.683270][ T9360] team_slave_1: left allmulticast mode
[ 3217.700365][ T9362] writeback 0
[ 3217.704480][ T9362] workingset_refault_anon 38170
[ 3217.709527][ T9362] workingset_refault_file 357
[ 3217.713406][ T9360] bridge0: port 9(team0) entered blocking state
[ 3217.717286][ T9362] swap 11911168
[ 3217.721205][ T9360] bridge0: port 9(team0) entered disabled state
[ 3217.725015][ T9362] swapcached 0
[ 3217.725027][ T9362] pgpgin 3289870
[ 3217.725034][ T9362] pgpgout 3289867
[ 3217.725042][ T9362] pgfault 3624510
[ 3217.725050][ T9362] pgmajfault 40086
[ 3217.725058][ T9362] inactive_anon 8192
[ 3217.725065][ T9362] active_anon 4096
[ 3217.725073][ T9362] inactive_file 0
[ 3217.725081][ T9362] active_file 0
[ 3217.725089][ T9362] unevictable 0
[ 3217.725096][ T9362] hierarchical_memory_limit 314572800
[ 3217.725104][ T9362] hierarchical_memsw_limit 9223372036854771712
[ 3217.725112][ T9362] total_cache 0
[ 3217.739407][ T9360] team0: entered allmulticast mode
[ 3217.781946][ T9362] total_rss 12288
[ 3217.799123][ T9360] team_slave_0: entered allmulticast mode
[ 3217.809776][ T9360] team_slave_1: entered allmulticast mode
[ 3217.810293][ T9362] total_rss_huge 0
[ 3217.828436][ T9362] total_shmem 0
[ 3217.828704][ T9360] team0: entered promiscuous mode
[ 3217.836637][ T9362] total_mapped_file 0
[ 3217.838672][ T9360] team_slave_0: entered promiscuous mode
[ 3217.846636][ T9362] total_dirty 0
[ 3217.846648][ T9362] total_writeback 0
[ 3217.846655][ T9362] total_workingset_refault_anon 38170
[ 3217.847220][ T9362] total_workingset_refault_file 357
[ 3217.847231][ T9362] total_swap 11911168
[ 3217.847240][ T9362] total_swapcached 0
[ 3217.847248][ T9362] total_pgpgin 3289870
[ 3217.847256][ T9362] total_pgpgout 3289867
[ 3217.847264][ T9362] total_pgfault 3624510
10:58:29 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0x300}, 0x0)

[ 3217.847272][ T9362] total_pgmajfault 40086
[ 3217.847280][ T9362] total_inactive_anon 8192
[ 3217.847289][ T9362] total_active_anon 4096
[ 3217.847297][ T9362] total_inactive_file 0
[ 3217.847305][ T9362] total_active_file 0
[ 3217.847312][ T9362] total_unevictable 0
[ 3217.847320][ T9362] anon_cost 0
[ 3217.847328][ T9362] file_cost 0
[ 3217.847336][ T9362] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=9362,uid=0
[ 3217.847452][ T9362] Memory cgroup out of memory: Killed process 9362 (syz-executor.1) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3217.954813][ T9360] team_slave_1: entered promiscuous mode
[ 3217.973642][ T9365] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3217.982775][ T9365] team0: left allmulticast mode
10:58:29 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba80000a1201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3217.988125][ T9365] team_slave_0: left allmulticast mode
[ 3217.993614][ T9365] team_slave_1: left allmulticast mode
[ 3218.000052][ T9365] team0: left promiscuous mode
[ 3218.005934][ T9365] team_slave_0: left promiscuous mode
[ 3218.011521][ T9365] team_slave_1: left promiscuous mode
[ 3218.022087][ T9365] bridge0: port 6(team0) entered disabled state
[ 3218.070109][ T9365] 8021q: adding VLAN 0 to HW filter on device team0
[ 3218.079463][ T9365] team0: entered promiscuous mode
[ 3218.091013][ T9365] team_slave_0: entered promiscuous mode
[ 3218.103356][ T9365] team_slave_1: entered promiscuous mode
[ 3218.117106][ T9365] team0: entered allmulticast mode
[ 3218.131133][ T9365] team_slave_0: entered allmulticast mode
[ 3218.143747][ T9365] team_slave_1: entered allmulticast mode
[ 3218.158533][ T9365] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3218.188100][ T9368] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3218.213470][ T9368] bond0: (slave team0): Releasing backup interface
[ 3218.230481][ T9368] team0: left allmulticast mode
[ 3218.239173][ T9368] team_slave_0: left allmulticast mode
[ 3218.252371][ T9368] team_slave_1: left allmulticast mode
[ 3218.277928][ T9368] bridge0: port 6(team0) entered blocking state
[ 3218.295013][ T9368] bridge0: port 6(team0) entered disabled state
[ 3218.309947][ T9368] team0: entered allmulticast mode
[ 3218.323771][ T9368] team_slave_0: entered allmulticast mode
[ 3218.338967][ T9368] team_slave_1: entered allmulticast mode
10:58:30 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188060f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3218.360407][ T9367] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:30 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0x6}}}]}, 0x78}}, 0x0)

[ 3218.459869][ T9374] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3218.468956][ T9374] team0: left allmulticast mode
[ 3218.486662][ T9374] team_slave_0: left allmulticast mode
[ 3218.519976][ T9374] team_slave_1: left allmulticast mode
[ 3218.534580][ T9374] team0: left promiscuous mode
[ 3218.549132][ T9374] team_slave_0: left promiscuous mode
[ 3218.570645][ T9374] team_slave_1: left promiscuous mode
[ 3218.587573][ T9374] bridge0: port 9(team0) entered disabled state
[ 3218.618884][ T9374] 8021q: adding VLAN 0 to HW filter on device team0
[ 3218.636429][ T9374] team0: entered promiscuous mode
[ 3218.648736][ T9374] team_slave_0: entered promiscuous mode
[ 3218.675501][ T9374] team_slave_1: entered promiscuous mode
[ 3218.697231][ T9374] team0: entered allmulticast mode
[ 3218.718908][ T9374] team_slave_0: entered allmulticast mode
[ 3218.744624][ T9374] team_slave_1: entered allmulticast mode
[ 3218.775077][ T9374] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3218.794165][ T9375] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3218.839348][ T9375] bond0: (slave team0): Releasing backup interface
[ 3218.865694][ T9375] team0: left promiscuous mode
[ 3218.876667][ T9375] team_slave_0: left promiscuous mode
[ 3218.892763][ T9375] team_slave_1: left promiscuous mode
[ 3218.909789][ T9375] team0: left allmulticast mode
[ 3218.923345][ T9375] team_slave_0: left allmulticast mode
[ 3218.938639][ T9375] team_slave_1: left allmulticast mode
[ 3218.975095][ T9375] bridge0: port 9(team0) entered blocking state
[ 3218.984587][ T6458] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 3218.996293][ T9375] bridge0: port 9(team0) entered disabled state
[ 3219.006352][ T6458] CPU: 0 PID: 6458 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3219.016698][ T6458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3219.026745][ T6458] Call Trace:
[ 3219.030018][ T6458]  <TASK>
[ 3219.032937][ T6458]  dump_stack_lvl+0x1e7/0x2e0
[ 3219.037615][ T6458]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3219.042804][ T6458]  ? __pfx__printk+0x10/0x10
[ 3219.047390][ T6458]  ? ___ratelimit+0x4c4/0x670
[ 3219.052062][ T6458]  ? __pfx____ratelimit+0x10/0x10
[ 3219.057081][ T6458]  dump_header+0xda/0x6a0
[ 3219.061414][ T6458]  oom_kill_process+0x3a7/0x930
[ 3219.066268][ T6458]  out_of_memory+0xf67/0x1320
[ 3219.070953][ T6458]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3219.076580][ T6458]  ? __pfx___mutex_lock+0x10/0x10
[ 3219.081601][ T6458]  ? __pfx_out_of_memory+0x10/0x10
[ 3219.086711][ T6458]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3219.092246][ T6458]  ? __pfx_lock_release+0x10/0x10
[ 3219.097273][ T6458]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3219.103334][ T6458]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3219.108525][ T6458]  ? mem_cgroup_iter+0x422/0x560
[ 3219.113457][ T6458]  try_charge_memcg+0xda2/0x18a0
[ 3219.118387][ T6458]  ? mark_lock+0x9a/0x350
[ 3219.122724][ T6458]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3219.128106][ T6458]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3219.134249][ T6458]  charge_memcg+0xa2/0x160
[ 3219.138668][ T6458]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3219.144726][ T6458]  __read_swap_cache_async+0x480/0x8b0
[ 3219.150177][ T6458]  ? mark_lock+0x9a/0x350
[ 3219.154502][ T6458]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3219.160483][ T6458]  swap_cluster_readahead+0x67c/0x810
[ 3219.165859][ T6458]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3219.171834][ T6458]  ? __pfx_lock_release+0x10/0x10
[ 3219.176853][ T6458]  ? xas_descend+0x37e/0x470
[ 3219.181441][ T6458]  swapin_readahead+0x1ea/0x1070
[ 3219.186370][ T6458]  ? filemap_get_entry+0x127/0x4e0
[ 3219.191484][ T6458]  ? __pfx_swapin_readahead+0x10/0x10
[ 3219.196856][ T6458]  ? __filemap_get_folio+0x935/0xbc0
[ 3219.202139][ T6458]  ? swap_cache_get_folio+0x9f/0x570
[ 3219.207421][ T6458]  do_swap_page+0x8ab/0x3da0
[ 3219.212008][ T6458]  ? __pte_offset_map+0x2c4/0x380
[ 3219.217036][ T6458]  ? do_swap_page+0x154/0x3da0
[ 3219.221792][ T6458]  ? __pfx_do_swap_page+0x10/0x10
[ 3219.226806][ T6458]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3219.232260][ T6458]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3219.238065][ T6458]  __handle_mm_fault+0x15e8/0x72d0
[ 3219.243187][ T6458]  ? reacquire_held_locks+0x3eb/0x690
[ 3219.248568][ T6458]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3219.254042][ T6458]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 3219.259787][ T6458]  ? mtree_range_walk+0x6fd/0x8e0
[ 3219.264823][ T6458]  ? lock_vma_under_rcu+0x18a/0x730
[ 3219.270021][ T6458]  ? __pfx_lock_release+0x10/0x10
[ 3219.275472][ T6458]  ? lock_vma_under_rcu+0x2f9/0x730
[ 3219.280693][ T6458]  ? lock_vma_under_rcu+0x18a/0x730
[ 3219.285900][ T6458]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 3219.291441][ T6458]  handle_mm_fault+0x3c1/0x8a0
[ 3219.296210][ T6458]  exc_page_fault+0x456/0x870
[ 3219.300902][ T6458]  asm_exc_page_fault+0x26/0x30
[ 3219.305762][ T6458] RIP: 0033:0x7f49312a91b8
[ 3219.310176][ T6458] Code: 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 44 89 c7 <48> 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8 c3 0f 1f
[ 3219.329786][ T6458] RSP: 002b:00007f49314cfcf0 EFLAGS: 00010293
[ 3219.335855][ T6458] RAX: 0000000000000000 RBX: 00000000000037c7 RCX: 00007f49312a91b5
[ 3219.343818][ T6458] RDX: 00007f49314cfd30 RSI: 0000000000000000 RDI: 0000000000000000
[ 3219.351782][ T6458] RBP: 00007f49314cfdbc R08: 0000000000000000 R09: 00007fffcebe70b0
[ 3219.359744][ T6458] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 3219.367710][ T6458] R13: 0000000000311a42 R14: 0000000000311a42 R15: 0000000000000000
[ 3219.375689][ T6458]  </TASK>
[ 3219.410207][ T9375] team0: entered allmulticast mode
[ 3219.416038][ T9375] team_slave_0: entered allmulticast mode
[ 3219.421938][ T9375] team_slave_1: entered allmulticast mode
[ 3219.430108][ T9375] team0: entered promiscuous mode
[ 3219.434814][ T6458] memory: usage 307200kB, limit 307200kB, failcnt 97463
[ 3219.435767][ T9375] team_slave_0: entered promiscuous mode
[ 3219.448462][ T9375] team_slave_1: entered promiscuous mode
10:58:31 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba80000b1201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3219.451219][ T6458] memory+swap: usage 318844kB, limit 9007199254740988kB, failcnt 0
[ 3219.462899][ T9378] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3219.477724][ T6458] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3219.500323][ T9378] team0: left allmulticast mode
[ 3219.511939][ T6458] Memory cgroup stats for /syz1:
[ 3219.512042][ T6458] cache 0
[ 3219.513237][ T9378] team_slave_0: left allmulticast mode
[ 3219.525813][ T6458] rss 0
[ 3219.532255][ T6458] rss_huge 0
[ 3219.535183][ T9378] team_slave_1: left allmulticast mode
[ 3219.541112][ T9378] team0: left promiscuous mode
[ 3219.541347][ T6458] shmem 0
[ 3219.553772][ T6458] mapped_file 0
[ 3219.558421][ T9378] team_slave_0: left promiscuous mode
[ 3219.562385][ T6458] dirty 0
[ 3219.568625][ T9378] team_slave_1: left promiscuous mode
[ 3219.568988][ T6458] writeback 0
[ 3219.578849][ T9378] bridge0: port 6(team0) entered disabled state
[ 3219.584673][ T6458] workingset_refault_anon 38303
[ 3219.590755][ T6458] workingset_refault_file 357
[ 3219.596524][ T6458] swap 11923456
[ 3219.599128][ T9378] 8021q: adding VLAN 0 to HW filter on device team0
[ 3219.600069][ T6458] swapcached 0
[ 3219.611316][ T9378] team0: entered promiscuous mode
[ 3219.612346][ T6458] pgpgin 3290041
[ 3219.620534][ T9378] team_slave_0: entered promiscuous mode
[ 3219.620719][ T9378] team_slave_1: entered promiscuous mode
[ 3219.621113][ T9378] team0: entered allmulticast mode
[ 3219.641550][ T9378] team_slave_0: entered allmulticast mode
[ 3219.648387][ T9378] team_slave_1: entered allmulticast mode
[ 3219.656323][ T9378] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3219.668221][ T9379] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3219.674315][ T6458] pgpgout 3290041
[ 3219.680027][ T6458] pgfault 3624760
[ 3219.683671][ T6458] pgmajfault 40234
[ 3219.690225][ T9379] bond0: (slave team0): Releasing backup interface
[ 3219.693904][ T6458] inactive_anon 0
[ 3219.702980][ T6458] active_anon 0
[ 3219.703523][ T9379] team0: left allmulticast mode
[ 3219.709446][ T6458] inactive_file 0
[ 3219.713247][ T9379] team_slave_0: left allmulticast mode
[ 3219.724368][ T6458] active_file 0
[ 3219.728578][ T9379] team_slave_1: left allmulticast mode
[ 3219.732566][ T6458] unevictable 0
[ 3219.746553][ T6458] hierarchical_memory_limit 314572800
[ 3219.751948][ T6458] hierarchical_memsw_limit 9223372036854771712
[ 3219.763799][ T9379] bridge0: port 6(team0) entered blocking state
[ 3219.766136][ T6458] total_cache 0
[ 3219.778633][ T6458] total_rss 0
[ 3219.782595][ T6458] total_rss_huge 0
[ 3219.785548][ T9379] bridge0: port 6(team0) entered disabled state
[ 3219.788689][ T6458] total_shmem 0
[ 3219.793041][ T9379] team0: entered allmulticast mode
[ 3219.796542][ T6458] total_mapped_file 0
[ 3219.796554][ T6458] total_dirty 0
[ 3219.796563][ T6458] total_writeback 0
[ 3219.796572][ T6458] total_workingset_refault_anon 38303
[ 3219.796581][ T6458] total_workingset_refault_file 357
[ 3219.796589][ T6458] total_swap 11923456
[ 3219.796597][ T6458] total_swapcached 0
[ 3219.796605][ T6458] total_pgpgin 3290041
[ 3219.796613][ T6458] total_pgpgout 3290041
[ 3219.796621][ T6458] total_pgfault 3624760
[ 3219.796630][ T6458] total_pgmajfault 40234
[ 3219.796638][ T6458] total_inactive_anon 0
[ 3219.796646][ T6458] total_active_anon 0
[ 3219.796653][ T6458] total_inactive_file 0
10:58:31 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188070f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3219.796660][ T6458] total_active_file 0
[ 3219.796667][ T6458] total_unevictable 0
[ 3219.801884][ T9379] team_slave_0: entered allmulticast mode
[ 3219.813947][ T6458] anon_cost 0
[ 3219.820290][ T9379] team_slave_1: entered allmulticast mode
[ 3219.839648][ T6458] file_cost 0
[ 3219.865264][ T9382] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3219.890807][ T6458] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=9372,uid=0
[ 3219.940011][ T9385] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3219.949184][ T9385] team0: left allmulticast mode
[ 3219.950478][ T6458] Memory cgroup out of memory: Killed process 9372 (syz-executor.1) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
10:58:31 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0x7}}}]}, 0x78}}, 0x0)

[ 3219.954593][ T9385] team_slave_0: left allmulticast mode
[ 3219.954614][ T9385] team_slave_1: left allmulticast mode
[ 3219.954631][ T9385] team0: left promiscuous mode
[ 3219.954645][ T9385] team_slave_0: left promiscuous mode
[ 3219.954835][ T9385] team_slave_1: left promiscuous mode
[ 3219.955217][ T9385] bridge0: port 9(team0) entered disabled state
10:58:31 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0x500}, 0x0)

[ 3220.048346][ T9385] 8021q: adding VLAN 0 to HW filter on device team0
[ 3220.078564][ T9385] team0: entered promiscuous mode
[ 3220.094453][ T9385] team_slave_0: entered promiscuous mode
[ 3220.102655][ T9385] team_slave_1: entered promiscuous mode
[ 3220.117109][ T9385] team0: entered allmulticast mode
[ 3220.131634][ T9385] team_slave_0: entered allmulticast mode
[ 3220.145746][ T9385] team_slave_1: entered allmulticast mode
[ 3220.161032][ T9385] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3220.184642][ T9386] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3220.207656][ T9386] bond0: (slave team0): Releasing backup interface
[ 3220.227154][ T9386] team0: left promiscuous mode
[ 3220.232197][ T9386] team_slave_0: left promiscuous mode
[ 3220.241378][ T9386] team_slave_1: left promiscuous mode
[ 3220.253540][ T9386] team0: left allmulticast mode
[ 3220.267718][ T9386] team_slave_0: left allmulticast mode
[ 3220.280260][ T9386] team_slave_1: left allmulticast mode
[ 3220.301470][ T9386] bridge0: port 9(team0) entered blocking state
[ 3220.306418][ T9394] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3220.317852][ T9386] bridge0: port 9(team0) entered disabled state
[ 3220.330369][ T9394] CPU: 1 PID: 9394 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3220.333133][ T9386] team0: entered allmulticast mode
[ 3220.340704][ T9394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3220.340719][ T9394] Call Trace:
[ 3220.340728][ T9394]  <TASK>
[ 3220.340737][ T9394]  dump_stack_lvl+0x1e7/0x2e0
[ 3220.340768][ T9394]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3220.340789][ T9394]  ? __pfx__printk+0x10/0x10
[ 3220.340807][ T9394]  ? ___ratelimit+0x4c4/0x670
[ 3220.340833][ T9394]  ? __pfx____ratelimit+0x10/0x10
[ 3220.340859][ T9394]  dump_header+0xda/0x6a0
[ 3220.340886][ T9394]  oom_kill_process+0x3a7/0x930
[ 3220.340912][ T9394]  out_of_memory+0xf67/0x1320
[ 3220.340945][ T9394]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3220.340968][ T9394]  ? __pfx___mutex_lock+0x10/0x10
[ 3220.340996][ T9394]  ? __pfx_out_of_memory+0x10/0x10
[ 3220.341027][ T9394]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3220.341046][ T9394]  ? __pfx_lock_release+0x10/0x10
[ 3220.341071][ T9394]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3220.341097][ T9394]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3220.341118][ T9394]  ? mem_cgroup_iter+0x422/0x560
[ 3220.341144][ T9394]  try_charge_memcg+0xda2/0x18a0
[ 3220.341189][ T9394]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3220.341208][ T9394]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3220.341228][ T9394]  ? __pfx_lock_release+0x10/0x10
[ 3220.341252][ T9394]  ? memcg_account_kmem+0x1e7/0x210
[ 3220.341285][ T9394]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3220.341307][ T9394]  __memcg_kmem_charge_page+0xe1/0x250
[ 3220.341334][ T9394]  memcg_charge_kernel_stack+0x37e/0x550
[ 3220.341357][ T9394]  dup_task_struct+0x40d/0x7d0
[ 3220.341378][ T9394]  copy_process+0x5d5/0x3fc0
[ 3220.341411][ T9394]  ? __might_fault+0xa9/0x120
[ 3220.341431][ T9394]  ? __pfx_lock_release+0x10/0x10
[ 3220.341460][ T9394]  ? __pfx_copy_process+0x10/0x10
[ 3220.341479][ T9394]  ? __might_fault+0xc5/0x120
[ 3220.341499][ T9394]  ? __asan_memset+0x23/0x50
[ 3220.341526][ T9394]  kernel_clone+0x21d/0x8d0
[ 3220.341551][ T9394]  ? __pfx_kernel_clone+0x10/0x10
[ 3220.341586][ T9394]  __se_sys_clone3+0x2cb/0x350
[ 3220.341608][ T9394]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3220.341660][ T9394]  ? do_syscall_64+0x108/0x240
[ 3220.341685][ T9394]  ? do_syscall_64+0xb4/0x240
[ 3220.341708][ T9394]  do_syscall_64+0xf9/0x240
[ 3220.341733][ T9394]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3220.341757][ T9394] RIP: 0033:0x7f49312a9b99
[ 3220.341774][ T9394] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3220.341790][ T9394] RSP: 002b:00007f49314cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3220.341812][ T9394] RAX: ffffffffffffffda RBX: 00007f4931252270 RCX: 00007f49312a9b99
[ 3220.341827][ T9394] RDX: 00007f4931252270 RSI: 0000000000000058 RDI: 00007f49314cf960
[ 3220.341839][ T9394] RBP: 00007f4931f096c0 R08: 00007f4931f096c0 R09: 00007f49314cfa47
[ 3220.341851][ T9394] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3220.370318][ T9386] team_slave_0: entered allmulticast mode
[ 3220.373034][ T9394] R13: 000000000000000b R14: 00007f49314cf960 R15: 00007f49314cfa48
[ 3220.373069][ T9394]  </TASK>
[ 3220.408498][ T9394] memory: usage 307200kB, limit 307200kB, failcnt 97732
[ 3220.448389][ T9386] team_slave_1: entered allmulticast mode
[ 3220.490712][ T9394] memory+swap: usage 318844kB, limit 9007199254740988kB, failcnt 0
[ 3220.526365][ T9386] team0: entered promiscuous mode
[ 3220.558019][ T9394] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3220.576795][ T9386] team_slave_0: entered promiscuous mode
[ 3220.608436][ T9394] Memory cgroup stats for 
[ 3220.632355][ T9386] team_slave_1: entered promiscuous mode
[ 3220.653212][ T9394] /syz1
10:58:32 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba80000c1201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3220.667410][ T9389] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3220.690051][ T9394] :
[ 3220.690165][ T9394] cache 0
[ 3220.690173][ T9394] rss 0
[ 3220.690181][ T9394] rss_huge 0
[ 3220.690188][ T9394] shmem 0
[ 3220.690195][ T9394] mapped_file 0
[ 3220.690203][ T9394] dirty 0
[ 3220.690210][ T9394] writeback 0
[ 3220.748375][ T9389] team0: left allmulticast mode
[ 3220.751148][ T9394] workingset_refault_anon 38376
10:58:32 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0xa, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3220.756959][ T9389] team_slave_0: left allmulticast mode
[ 3220.763734][ T9389] team_slave_1: left allmulticast mode
[ 3220.783734][ T9389] team0: left promiscuous mode
[ 3220.789226][ T9389] team_slave_0: left promiscuous mode
[ 3220.795014][ T9394] workingset_refault_file 357
[ 3220.804403][ T9389] team_slave_1: left promiscuous mode
[ 3220.811375][ T9389] bridge0: port 6(team0) entered disabled state
[ 3220.812629][ T9394] swap 11919360
[ 3220.829049][ T9389] 8021q: adding VLAN 0 to HW filter on device team0
[ 3220.830017][ T9394] swapcached 4096
[ 3220.838495][ T9389] team0: entered promiscuous mode
[ 3220.847247][ T9394] pgpgin 3290136
[ 3220.851199][ T9389] team_slave_0: entered promiscuous mode
[ 3220.852421][ T9394] pgpgout 3290135
[ 3220.861195][ T9394] pgfault 3624907
[ 3220.867290][ T9389] team_slave_1: entered promiscuous mode
[ 3220.868450][ T9394] pgmajfault 40310
[ 3220.877782][ T9394] inactive_anon 0
[ 3220.880216][ T9389] team0: entered allmulticast mode
[ 3220.883222][ T9394] active_anon 0
[ 3220.892591][ T9389] team_slave_0: entered allmulticast mode
[ 3220.899499][ T9389] team_slave_1: entered allmulticast mode
[ 3220.907008][ T9389] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3220.912002][ T9394] inactive_file 0
[ 3220.923564][ T9390] bond0: (slave team0): Releasing backup interface
[ 3220.926018][ T9394] active_file 0
[ 3220.936585][ T9390] team0: left allmulticast mode
[ 3220.939717][ T9394] unevictable 0
[ 3220.941564][ T9390] team_slave_0: left allmulticast mode
[ 3220.948581][ T9394] hierarchical_memory_limit 314572800
[ 3220.957982][ T9394] hierarchical_memsw_limit 9223372036854771712
[ 3220.965040][ T9394] total_cache 0
[ 3220.968607][ T9394] total_rss 0
[ 3220.971989][ T9394] total_rss_huge 0
[ 3220.976105][ T9394] total_shmem 0
[ 3220.978339][ T9390] team_slave_1: left allmulticast mode
[ 3220.979643][ T9394] total_mapped_file 0
[ 3220.989559][ T9394] total_dirty 0
[ 3220.993103][ T9394] total_writeback 0
[ 3220.997424][ T9394] total_workingset_refault_anon 38376
[ 3221.002883][ T9394] total_workingset_refault_file 357
[ 3221.012548][ T9390] bridge0: port 6(team0) entered blocking state
[ 3221.014861][ T9394] total_swap 11919360
[ 3221.024020][ T9390] bridge0: port 6(team0) entered disabled state
[ 3221.034883][ T9394] total_swapcached 4096
[ 3221.039141][ T9394] total_pgpgin 3290136
[ 3221.041700][ T9390] team0: entered allmulticast mode
[ 3221.043270][ T9394] total_pgpgout 3290135
[ 3221.057941][ T9390] team_slave_0: entered allmulticast mode
[ 3221.063070][ T9394] total_pgfault 3624907
[ 3221.069423][ T9394] total_pgmajfault 40310
[ 3221.071353][ T9390] team_slave_1: entered allmulticast mode
[ 3221.073738][ T9394] total_inactive_anon 0
[ 3221.098203][ T9395] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:32 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188080f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3221.121564][ T9394] total_active_anon 0
[ 3221.130556][ T9394] total_inactive_file 0
[ 3221.150978][ T9394] total_active_file 0
10:58:33 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0x8}}}]}, 0x78}}, 0x0)

[ 3221.169650][ T9394] total_unevictable 0
[ 3221.173678][ T9394] anon_cost 0
[ 3221.178973][ T9398] team0: left allmulticast mode
[ 3221.184821][ T9398] team_slave_0: left allmulticast mode
[ 3221.190566][ T9398] team_slave_1: left allmulticast mode
[ 3221.195393][ T9394] file_cost 0
[ 3221.199325][ T9394] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=9394,uid=0
[ 3221.200198][ T9398] team0: left promiscuous mode
[ 3221.243968][ T9398] team_slave_0: left promiscuous mode
[ 3221.256481][ T9394] Memory cgroup out of memory: Killed process 9394 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3221.263135][ T9398] team_slave_1: left promiscuous mode
[ 3221.302895][ T9398] bridge0: port 9(team0) entered disabled state
[ 3221.327160][ T9398] 8021q: adding VLAN 0 to HW filter on device team0
[ 3221.346664][ T9398] team0: entered promiscuous mode
10:58:33 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0x600}, 0x0)

[ 3221.357809][ T9398] team_slave_0: entered promiscuous mode
[ 3221.373199][ T9398] team_slave_1: entered promiscuous mode
[ 3221.398172][ T9398] team0: entered allmulticast mode
[ 3221.418974][ T9398] team_slave_0: entered allmulticast mode
[ 3221.439433][ T9398] team_slave_1: entered allmulticast mode
[ 3221.464449][ T9398] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3221.504852][ T9400] bond0: (slave team0): Releasing backup interface
[ 3221.525033][ T9400] team0: left promiscuous mode
[ 3221.529986][ T9400] team_slave_0: left promiscuous mode
[ 3221.536409][ T9400] team_slave_1: left promiscuous mode
[ 3221.550860][ T9400] team0: left allmulticast mode
[ 3221.565297][ T9400] team_slave_0: left allmulticast mode
[ 3221.580889][ T9400] team_slave_1: left allmulticast mode
[ 3221.625792][ T9400] bridge0: port 9(team0) entered blocking state
[ 3221.647825][ T9400] bridge0: port 9(team0) entered disabled state
[ 3221.670811][ T9400] team0: entered allmulticast mode
[ 3221.684294][ T9400] team_slave_0: entered allmulticast mode
[ 3221.690057][ T9400] team_slave_1: entered allmulticast mode
[ 3221.707350][ T9400] team0: entered promiscuous mode
[ 3221.712411][ T9400] team_slave_0: entered promiscuous mode
[ 3221.734583][ T9400] team_slave_1: entered promiscuous mode
[ 3221.742112][ T9404] team0: left allmulticast mode
[ 3221.748215][ T9404] team_slave_0: left allmulticast mode
[ 3221.754061][ T9404] team_slave_1: left allmulticast mode
[ 3221.767089][ T9404] team0: left promiscuous mode
10:58:33 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba80000d1201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3221.783482][ T9404] team_slave_0: left promiscuous mode
[ 3221.807539][ T9410] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 3221.810671][ T9404] team_slave_1: left promiscuous mode
[ 3221.835679][ T9410] CPU: 0 PID: 9410 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3221.846047][ T9410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3221.855540][ T9404] bridge0: port 6(team0) entered disabled state
[ 3221.856087][ T9410] Call Trace:
[ 3221.856098][ T9410]  <TASK>
[ 3221.856106][ T9410]  dump_stack_lvl+0x1e7/0x2e0
[ 3221.856141][ T9410]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3221.878446][ T9410]  ? __pfx__printk+0x10/0x10
[ 3221.883056][ T9410]  ? ___ratelimit+0x4c4/0x670
[ 3221.887763][ T9410]  ? __pfx____ratelimit+0x10/0x10
[ 3221.892816][ T9410]  dump_header+0xda/0x6a0
[ 3221.897178][ T9410]  oom_kill_process+0x3a7/0x930
[ 3221.902056][ T9410]  out_of_memory+0xf67/0x1320
[ 3221.906763][ T9410]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3221.912422][ T9410]  ? __pfx___mutex_lock+0x10/0x10
[ 3221.917471][ T9410]  ? __pfx_out_of_memory+0x10/0x10
[ 3221.922611][ T9410]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3221.928181][ T9410]  ? __pfx_lock_release+0x10/0x10
[ 3221.933229][ T9410]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3221.939325][ T9410]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3221.944545][ T9410]  ? mem_cgroup_iter+0x422/0x560
[ 3221.949507][ T9410]  try_charge_memcg+0xda2/0x18a0
[ 3221.954464][ T9410]  ? mark_lock+0x9a/0x350
[ 3221.958836][ T9410]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3221.964253][ T9410]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3221.970424][ T9410]  charge_memcg+0xa2/0x160
[ 3221.974862][ T9410]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3221.980968][ T9410]  __read_swap_cache_async+0x480/0x8b0
[ 3221.986457][ T9410]  ? mark_lock+0x9a/0x350
[ 3221.990820][ T9410]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3221.996837][ T9410]  swap_cluster_readahead+0x67c/0x810
[ 3222.002228][ T9410]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3222.008138][ T9410]  ? __pfx_lock_release+0x10/0x10
[ 3222.013195][ T9410]  ? xas_descend+0x37e/0x470
[ 3222.017816][ T9410]  swapin_readahead+0x1ea/0x1070
[ 3222.022779][ T9410]  ? filemap_get_entry+0x127/0x4e0
[ 3222.027932][ T9410]  ? __pfx_swapin_readahead+0x10/0x10
[ 3222.033342][ T9410]  ? __filemap_get_folio+0x935/0xbc0
[ 3222.038657][ T9410]  ? swap_cache_get_folio+0x9f/0x570
[ 3222.043975][ T9410]  do_swap_page+0x8ab/0x3da0
[ 3222.048590][ T9410]  ? __pte_offset_map+0x2c4/0x380
[ 3222.053638][ T9410]  ? do_swap_page+0x154/0x3da0
[ 3222.058407][ T9410]  ? __pfx_do_swap_page+0x10/0x10
[ 3222.063444][ T9410]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3222.068917][ T9410]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3222.074765][ T9410]  __handle_mm_fault+0x15e8/0x72d0
[ 3222.079928][ T9410]  ? reacquire_held_locks+0x3eb/0x690
[ 3222.085325][ T9410]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3222.090818][ T9410]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 3222.096565][ T9410]  ? mtree_range_walk+0x6fd/0x8e0
[ 3222.101603][ T9410]  ? lock_vma_under_rcu+0x18a/0x730
[ 3222.106822][ T9410]  ? __pfx_lock_release+0x10/0x10
[ 3222.111862][ T9410]  ? lock_vma_under_rcu+0x2f9/0x730
[ 3222.117102][ T9410]  ? lock_vma_under_rcu+0x18a/0x730
[ 3222.122320][ T9410]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 3222.127889][ T9410]  handle_mm_fault+0x3c1/0x8a0
[ 3222.132693][ T9410]  exc_page_fault+0x456/0x870
[ 3222.137400][ T9410]  asm_exc_page_fault+0x26/0x30
[ 3222.142273][ T9410] RIP: 0033:0x7f4931259666
[ 3222.146708][ T9410] Code: 16 0f 1f 00 48 83 c0 01 8b b4 85 5c 08 00 00 85 f6 0f 85 fd 00 00 00 89 c7 83 f8 04 75 e6 48 8b 4d 60 48 8b 41 08 48 83 e0 f8 <48> 39 85 88 08 00 00 0f 82 4a 02 00 00 48 8d 53 20 48 39 d0 0f 83
[ 3222.166332][ T9410] RSP: 002b:00007f49314cf940 EFLAGS: 00010202
[ 3222.172421][ T9410] RAX: 0000000000020710 RBX: 0000000000000120 RCX: 00005555568578f0
[ 3222.180409][ T9410] RDX: 00007f493137f7e0 RSI: 0000000000000000 RDI: 0000000000000004
[ 3222.188397][ T9410] RBP: 00007f493137f660 R08: 00000000ffffffff R09: 0000000000000000
[ 3222.196388][ T9410] R10: 0000000000021000 R11: 0000000000000010 R12: 0000000000000110
[ 3222.204381][ T9410] R13: 0000000000000012 R14: 00007f493137f6c0 R15: 0000000000000120
[ 3222.212394][ T9410]  </TASK>
[ 3222.224788][ T9410] memory: usage 307200kB, limit 307200kB, failcnt 98057
[ 3222.228202][ T9404] 8021q: adding VLAN 0 to HW filter on device team0
[ 3222.238535][ T9410] memory+swap: usage 318808kB, limit 9007199254740988kB, failcnt 0
[ 3222.238554][ T9410] kmem: usage 307168kB, limit 9007199254740988kB, failcnt 0
[ 3222.238567][ T9410] Memory cgroup stats for /syz1:
[ 3222.238682][ T9410] cache 0
[ 3222.238690][ T9410] rss 12288
[ 3222.238698][ T9410] rss_huge 0
[ 3222.238706][ T9410] shmem 0
[ 3222.238713][ T9410] mapped_file 0
[ 3222.238720][ T9410] dirty 0
[ 3222.238727][ T9410] writeback 0
[ 3222.238734][ T9410] workingset_refault_anon 38469
[ 3222.238743][ T9410] workingset_refault_file 357
[ 3222.238750][ T9410] swap 11907072
[ 3222.238758][ T9410] swapcached 0
[ 3222.238767][ T9410] pgpgin 3290254
[ 3222.238775][ T9410] pgpgout 3290251
[ 3222.238783][ T9410] pgfault 3625081
[ 3222.238791][ T9410] pgmajfault 40409
[ 3222.238799][ T9410] inactive_anon 4096
[ 3222.238805][ T9410] active_anon 8192
[ 3222.238813][ T9410] inactive_file 0
[ 3222.238821][ T9410] active_file 0
[ 3222.238829][ T9410] unevictable 0
[ 3222.238836][ T9410] hierarchical_memory_limit 314572800
[ 3222.238844][ T9410] hierarchical_memsw_limit 9223372036854771712
[ 3222.238853][ T9410] total_cache 0
[ 3222.238861][ T9410] total_rss 12288
[ 3222.238868][ T9410] total_rss_huge 0
[ 3222.238874][ T9410] total_shmem 0
[ 3222.238882][ T9410] total_mapped_file 0
[ 3222.238891][ T9410] total_dirty 0
[ 3222.238898][ T9410] total_writeback 0
[ 3222.238906][ T9410] total_workingset_refault_anon 38469
[ 3222.238914][ T9410] total_workingset_refault_file 357
[ 3222.238924][ T9410] total_swap 11907072
[ 3222.238939][ T9410] total_swapcached 0
[ 3222.238947][ T9410] total_pgpgin 3290254
[ 3222.238956][ T9410] total_pgpgout 3290251
[ 3222.238964][ T9410] total_pgfault 3625081
[ 3222.238971][ T9410] total_pgmajfault 40409
[ 3222.238979][ T9410] total_inactive_anon 4096
[ 3222.238988][ T9410] total_active_anon 8192
[ 3222.238996][ T9410] total_inactive_file 0
[ 3222.239005][ T9410] total_active_file 0
[ 3222.239013][ T9410] total_unevictable 0
[ 3222.239020][ T9410] anon_cost 0
[ 3222.239027][ T9410] file_cost 0
[ 3222.239035][ T9410] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null)
[ 3222.427868][ T9404] team0: entered promiscuous mode
[ 3222.427890][ T9404] team_slave_0: entered promiscuous mode
[ 3222.428063][ T9404] team_slave_1: entered promiscuous mode
[ 3222.428361][ T9404] team0: entered allmulticast mode
[ 3222.433820][ T9410] ,cpuset=
[ 3222.446605][ T9404] team_slave_0: entered allmulticast mode
[ 3222.453168][ T9410] syz1
[ 3222.474406][ T9404] team_slave_1: entered allmulticast mode
[ 3222.510056][ T9404] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3222.510160][ T9410] ,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=9410,uid=0
[ 3222.527983][ T9405] bond0: (slave team0): Releasing backup interface
[ 3222.546431][ T9410] Memory cgroup out of memory: Killed process 9410 (syz-executor.1) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3222.566026][ T9405] team0: left allmulticast mode
[ 3222.570920][ T9405] team_slave_0: left allmulticast mode
[ 3222.577054][ T9405] team_slave_1: left allmulticast mode
10:58:34 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0x700}, 0x0)

[ 3222.606802][ T9405] bridge0: port 6(team0) entered blocking state
[ 3222.613672][ T9405] bridge0: port 6(team0) entered disabled state
[ 3222.629362][ T9405] team0: entered allmulticast mode
[ 3222.641861][ T9405] team_slave_0: entered allmulticast mode
[ 3222.656198][ T9405] team_slave_1: entered allmulticast mode
10:58:34 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188090f46ecdb4cb9cca7480ef410000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3222.677563][ T9408] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:34 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0x9}}}]}, 0x78}}, 0x0)

[ 3222.749769][ T9412] validate_nla: 5 callbacks suppressed
[ 3222.749785][ T9412] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3222.784457][ T9412] team0: left allmulticast mode
[ 3222.789539][ T9412] team_slave_0: left allmulticast mode
[ 3222.814997][ T9412] team_slave_1: left allmulticast mode
[ 3222.827833][ T9412] team0: left promiscuous mode
[ 3222.841898][ T9412] team_slave_0: left promiscuous mode
[ 3222.861320][ T9412] team_slave_1: left promiscuous mode
[ 3222.876378][ T9412] bridge0: port 9(team0) entered disabled state
[ 3222.895621][ T9415] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 3222.912101][ T9412] 8021q: adding VLAN 0 to HW filter on device team0
[ 3222.918570][ T9415] CPU: 1 PID: 9415 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3222.928181][ T9412] team0: entered promiscuous mode
[ 3222.929068][ T9415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3222.929082][ T9415] Call Trace:
[ 3222.929090][ T9415]  <TASK>
[ 3222.929098][ T9415]  dump_stack_lvl+0x1e7/0x2e0
[ 3222.929130][ T9415]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3222.943021][ T9412] team_slave_0: entered promiscuous mode
[ 3222.944179][ T9415]  ? __pfx__printk+0x10/0x10
[ 3222.944208][ T9415]  ? ___ratelimit+0x4c4/0x670
[ 3222.944233][ T9415]  ? __pfx____ratelimit+0x10/0x10
[ 3222.944258][ T9415]  dump_header+0xda/0x6a0
[ 3222.944286][ T9415]  oom_kill_process+0x3a7/0x930
[ 3222.944312][ T9415]  out_of_memory+0xf67/0x1320
[ 3222.944339][ T9415]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3222.944362][ T9415]  ? __pfx___mutex_lock+0x10/0x10
[ 3222.944390][ T9415]  ? __pfx_out_of_memory+0x10/0x10
[ 3222.944422][ T9415]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3222.944442][ T9415]  ? __pfx_lock_release+0x10/0x10
[ 3222.944466][ T9415]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3222.944493][ T9415]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3222.944515][ T9415]  ? mem_cgroup_iter+0x422/0x560
[ 3222.944542][ T9415]  try_charge_memcg+0xda2/0x18a0
[ 3222.944560][ T9415]  ? mark_lock+0x9a/0x350
[ 3222.944600][ T9415]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3222.953168][ T9412] team_slave_1: entered promiscuous mode
[ 3222.955474][ T9415]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3222.955503][ T9415]  charge_memcg+0xa2/0x160
[ 3222.955531][ T9415]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3222.955554][ T9415]  __read_swap_cache_async+0x480/0x8b0
[ 3222.955576][ T9415]  ? mark_lock+0x9a/0x350
[ 3222.955604][ T9415]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3222.955632][ T9415]  ? blk_start_plug+0x6f/0x1b0
[ 3222.955656][ T9415]  swap_cluster_readahead+0x398/0x810
[ 3222.955691][ T9415]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3222.955718][ T9415]  ? __pfx_lock_release+0x10/0x10
[ 3222.955744][ T9415]  ? xas_descend+0x37e/0x470
[ 3222.955776][ T9415]  swapin_readahead+0x1ea/0x1070
[ 3222.955798][ T9415]  ? filemap_get_entry+0x127/0x4e0
[ 3222.955836][ T9415]  ? __pfx_swapin_readahead+0x10/0x10
[ 3222.955867][ T9415]  ? __filemap_get_folio+0x935/0xbc0
[ 3222.955904][ T9415]  ? swap_cache_get_folio+0x9f/0x570
[ 3222.955931][ T9415]  do_swap_page+0x8ab/0x3da0
[ 3222.955955][ T9415]  ? __pte_offset_map+0x2c4/0x380
[ 3222.955986][ T9415]  ? do_swap_page+0x154/0x3da0
[ 3222.956006][ T9415]  ? __pfx_do_swap_page+0x10/0x10
[ 3222.956026][ T9415]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3222.956050][ T9415]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3222.956072][ T9415]  ? __pfx_validate_chain+0x10/0x10
[ 3222.956099][ T9415]  __handle_mm_fault+0x15e8/0x72d0
[ 3222.956153][ T9415]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3222.968338][ T9412] team0: entered allmulticast mode
[ 3222.971549][ T9415]  ? mt_find+0x226/0x850
[ 3222.971578][ T9415]  ? __pfx_lock_release+0x10/0x10
[ 3222.971618][ T9415]  ? mt_find+0x62d/0x850
[ 3222.988297][ T9412] team_slave_0: entered allmulticast mode
[ 3222.990426][ T9415]  ? mt_find+0x226/0x850
[ 3222.990478][ T9415]  ? find_vma+0x142/0x1c0
[ 3223.004762][ T9412] team_slave_1: entered allmulticast mode
[ 3223.005774][ T9415]  ? __pfx_find_vma+0x10/0x10
[ 3223.005801][ T9415]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3223.005831][ T9415]  handle_mm_fault+0x3c1/0x8a0
[ 3223.016236][ T9412] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3223.016464][ T9415]  exc_page_fault+0x2ad/0x870
[ 3223.031152][ T9413] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3223.032727][ T9415]  asm_exc_page_fault+0x26/0x30
[ 3223.032758][ T9415] RIP: 0010:__get_user_8+0x11/0x20
[ 3223.032778][ T9415] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 3223.293424][ T9415] RSP: 0018:ffffc90009bf7d78 EFLAGS: 00050202
[ 3223.299517][ T9415] RAX: 0000555556856da8 RBX: ffff888034816e78 RCX: ffffc90009bf7c03
[ 3223.307509][ T9415] RDX: 0000000000000000 RSI: ffffffff8baac760 RDI: ffffffff8bfe6820
[ 3223.315501][ T9415] RBP: ffffc90009bf7ec0 R08: ffffffff8f855a6f R09: 1ffffffff1f0ab4d
[ 3223.323490][ T9415] R10: dffffc0000000000 R11: fffffbfff1f0ab4e R12: ffffc90009bf7d80
[ 3223.331481][ T9415] R13: ffffc90009bf7fd8 R14: dffffc0000000000 R15: ffff888034815940
[ 3223.339490][ T9415]  __rseq_handle_notify_resume+0x158/0x1490
[ 3223.345432][ T9415]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 3223.351798][ T9415]  ? irqentry_exit_to_user_mode+0x52/0x280
[ 3223.357647][ T9415]  irqentry_exit_to_user_mode+0xbb/0x280
[ 3223.363306][ T9415]  exc_page_fault+0x587/0x870
[ 3223.368010][ T9415]  asm_exc_page_fault+0x26/0x30
[ 3223.372883][ T9415] RIP: 0033:0x7f493125b068
[ 3223.377317][ T9415] Code: 00 0f b6 c0 48 85 c0 0f 85 cd 02 00 00 80 3d a6 f7 c7 00 00 0f 84 48 02 00 00 64 48 83 3c 25 b8 ff ff ff 00 0f 84 c8 02 00 00 <80> 3d 89 4e 12 00 00 0f 85 eb 00 00 00 48 c7 c0 c8 ff ff ff 64 4c
[ 3223.397027][ T9415] RSP: 002b:00007f49314cf990 EFLAGS: 00010202
[ 3223.403117][ T9415] RAX: 0000000000000000 RBX: 0000000000000110 RCX: 00007f493127de67
[ 3223.411113][ T9415] RDX: 0000000000000000 RSI: 0000000000000010 RDI: 0000000000000011
[ 3223.419103][ T9415] RBP: 000000000000000f R08: 00000000ffffffff R09: 0000000000000000
[ 3223.427094][ T9415] R10: 0000000000021000 R11: 0000000000000206 R12: 00007f49314cfc90
[ 3223.435084][ T9415] R13: ffffffffffffffc0 R14: 0000000000001000 R15: 0000000000000000
[ 3223.443098][ T9415]  </TASK>
[ 3223.451146][ T9413] bond0: (slave team0): Releasing backup interface
[ 3223.452291][ T9415] memory: usage 307200kB, limit 307200kB, failcnt 98228
[ 3223.465646][ T9415] memory+swap: usage 318828kB, limit 9007199254740988kB, failcnt 0
[ 3223.466345][ T9413] team0: left promiscuous mode
[ 3223.473681][ T9415] kmem: usage 307168kB, limit 9007199254740988kB, failcnt 0
[ 3223.486426][ T9415] Memory cgroup stats for /syz1:
[ 3223.486555][ T9415] cache 0
[ 3223.494866][ T9415] rss 12288
[ 3223.497727][ T9413] team_slave_0: left promiscuous mode
[ 3223.498084][ T9415] rss_huge 0
[ 3223.507239][ T9413] team_slave_1: left promiscuous mode
[ 3223.515319][ T9413] team0: left allmulticast mode
[ 3223.520378][ T9415] shmem 0
[ 3223.523533][ T9415] mapped_file 0
[ 3223.528383][ T9413] team_slave_0: left allmulticast mode
[ 3223.534621][ T9415] dirty 0
[ 3223.537789][ T9415] writeback 0
[ 3223.541290][ T9415] workingset_refault_anon 38539
[ 3223.548284][ T9413] team_slave_1: left allmulticast mode
[ 3223.562058][ T9415] workingset_refault_file 357
[ 3223.572768][ T9415] swap 11907072
[ 3223.589569][ T9413] bridge0: port 9(team0) entered blocking state
[ 3223.602141][ T9415] swapcached 0
[ 3223.610410][ T9415] pgpgin 3290333
[ 3223.619360][ T9413] bridge0: port 9(team0) entered disabled state
[ 3223.630597][ T9415] pgpgout 3290330
[ 3223.637782][ T9413] team0: entered allmulticast mode
[ 3223.643529][ T9415] pgfault 3625205
[ 3223.654342][ T9413] team_slave_0: entered allmulticast mode
[ 3223.654370][ T9415] pgmajfault 40473
[ 3223.662548][ T9413] team_slave_1: entered allmulticast mode
[ 3223.670101][ T9415] inactive_anon 0
[ 3223.674360][ T9415] active_anon 12288
[ 3223.678303][ T9415] inactive_file 0
[ 3223.682069][ T9415] active_file 0
[ 3223.686771][ T9413] team0: entered promiscuous mode
[ 3223.687397][ T9415] unevictable 0
[ 3223.695903][ T9415] hierarchical_memory_limit 314572800
[ 3223.701372][ T9415] hierarchical_memsw_limit 9223372036854771712
[ 3223.708128][ T9413] team_slave_0: entered promiscuous mode
[ 3223.708338][ T9413] team_slave_1: entered promiscuous mode
10:58:35 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba80000e1201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3223.722252][ T9417] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3223.734153][ T9417] team0: left allmulticast mode
[ 3223.744463][ T9417] team_slave_0: left allmulticast mode
[ 3223.747071][ T9415] total_cache 0
[ 3223.753482][ T9415] total_rss 12288
[ 3223.756663][ T9417] team_slave_1: left allmulticast mode
[ 3223.758644][ T9415] total_rss_huge 0
[ 3223.766969][ T9415] total_shmem 0
[ 3223.770539][ T9415] total_mapped_file 0
[ 3223.779386][ T9415] total_dirty 0
[ 3223.782933][ T9415] total_writeback 0
[ 3223.785592][ T9417] team0: left promiscuous mode
[ 3223.791533][ T9417] team_slave_0: left promiscuous mode
[ 3223.795048][ T9415] total_workingset_refault_anon 38539
[ 3223.817883][ T9417] team_slave_1: left promiscuous mode
[ 3223.820101][ T9415] total_workingset_refault_file 357
[ 3223.836317][ T9417] bridge0: port 6(team0) entered disabled state
[ 3223.838346][ T9415] total_swap 11907072
[ 3223.848522][ T9415] total_swapcached 0
[ 3223.852615][ T9415] total_pgpgin 3290333
[ 3223.857687][ T9415] total_pgpgout 3290330
[ 3223.862141][ T9415] total_pgfault 3625205
[ 3223.863597][ T9417] 8021q: adding VLAN 0 to HW filter on device team0
10:58:35 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0xb, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3223.867619][ T9415] total_pgmajfault 40473
[ 3223.879639][ T9415] total_inactive_anon 0
[ 3223.886869][ T9415] total_active_anon 12288
[ 3223.887736][ T9417] team0: entered promiscuous mode
[ 3223.908172][ T9415] total_inactive_file 0
[ 3223.911152][ T9417] team_slave_0: entered promiscuous mode
[ 3223.918474][ T9415] total_active_file 0
10:58:35 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0x900}, 0x0)

[ 3223.918487][ T9415] total_unevictable 0
[ 3223.918495][ T9415] anon_cost 0
[ 3223.918503][ T9415] file_cost 0
[ 3223.918512][ T9415] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=9415,uid=0
[ 3223.918625][ T9415] Memory cgroup out of memory: Killed process 9415 (syz-executor.1) total-vm:54508kB, anon-rss:376kB, file-rss:8736kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3223.991145][ T9417] team_slave_1: entered promiscuous mode
[ 3224.001006][ T9417] team0: entered allmulticast mode
[ 3224.008946][ T9417] team_slave_0: entered allmulticast mode
[ 3224.063784][ T9417] team_slave_1: entered allmulticast mode
[ 3224.081227][ T9417] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3224.093320][ T9420] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3224.109569][ T9420] bond0: (slave team0): Releasing backup interface
[ 3224.137541][ T9420] team0: left allmulticast mode
[ 3224.154291][ T9420] team_slave_0: left allmulticast mode
[ 3224.168985][ T9420] team_slave_1: left allmulticast mode
[ 3224.195879][ T9420] bridge0: port 6(team0) entered blocking state
[ 3224.210305][ T9420] bridge0: port 6(team0) entered disabled state
[ 3224.228947][ T9420] team0: entered allmulticast mode
10:58:36 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef402000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3224.241445][ T9420] team_slave_0: entered allmulticast mode
[ 3224.251419][ T9420] team_slave_1: entered allmulticast mode
[ 3224.261912][ T9421] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:36 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0xa}}}]}, 0x78}}, 0x0)

[ 3224.371283][ T9424] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3224.380172][ T9424] team0: left allmulticast mode
[ 3224.394590][ T9424] team_slave_0: left allmulticast mode
[ 3224.400281][ T9424] team_slave_1: left allmulticast mode
[ 3224.406781][ T9424] team0: left promiscuous mode
[ 3224.431076][ T9424] team_slave_0: left promiscuous mode
[ 3224.449703][ T9429] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 3224.456735][ T9424] team_slave_1: left promiscuous mode
[ 3224.478867][ T9429] CPU: 0 PID: 9429 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3224.484832][ T9424] bridge0: port 9(team0) entered disabled state
[ 3224.489217][ T9429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3224.489232][ T9429] Call Trace:
[ 3224.489241][ T9429]  <TASK>
[ 3224.489250][ T9429]  dump_stack_lvl+0x1e7/0x2e0
[ 3224.489282][ T9429]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3224.521675][ T9429]  ? __pfx__printk+0x10/0x10
[ 3224.526307][ T9429]  ? ___ratelimit+0x4c4/0x670
[ 3224.531015][ T9429]  ? __pfx____ratelimit+0x10/0x10
[ 3224.536071][ T9429]  dump_header+0xda/0x6a0
[ 3224.540433][ T9429]  oom_kill_process+0x3a7/0x930
[ 3224.545322][ T9429]  out_of_memory+0xf67/0x1320
[ 3224.550029][ T9429]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3224.555704][ T9429]  ? __pfx___mutex_lock+0x10/0x10
[ 3224.560759][ T9429]  ? __pfx_out_of_memory+0x10/0x10
[ 3224.565956][ T9429]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3224.571531][ T9429]  ? __pfx_lock_release+0x10/0x10
[ 3224.576846][ T9429]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3224.582952][ T9429]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3224.588179][ T9429]  ? mem_cgroup_iter+0x422/0x560
[ 3224.593146][ T9429]  try_charge_memcg+0xda2/0x18a0
[ 3224.598106][ T9429]  ? mark_lock+0x9a/0x350
[ 3224.602466][ T9429]  ? __get_sregs_common+0x2a0/0x7f0
[ 3224.607750][ T9429]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3224.613179][ T9429]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3224.619355][ T9429]  charge_memcg+0xa2/0x160
[ 3224.623800][ T9429]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3224.629897][ T9429]  __read_swap_cache_async+0x480/0x8b0
[ 3224.635379][ T9429]  ? mark_lock+0x9a/0x350
[ 3224.639743][ T9429]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3224.645755][ T9429]  ? blk_start_plug+0x6f/0x1b0
[ 3224.650555][ T9429]  swap_cluster_readahead+0x398/0x810
[ 3224.655963][ T9429]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3224.661885][ T9429]  ? __pfx_lock_release+0x10/0x10
[ 3224.666934][ T9429]  ? xas_descend+0x37e/0x470
[ 3224.671553][ T9429]  swapin_readahead+0x1ea/0x1070
[ 3224.676516][ T9429]  ? filemap_get_entry+0x127/0x4e0
[ 3224.681665][ T9429]  ? __pfx_swapin_readahead+0x10/0x10
[ 3224.687083][ T9429]  ? __filemap_get_folio+0x935/0xbc0
[ 3224.692402][ T9429]  ? swap_cache_get_folio+0x9f/0x570
[ 3224.697715][ T9429]  do_swap_page+0x8ab/0x3da0
[ 3224.702333][ T9429]  ? __pte_offset_map+0x2c4/0x380
[ 3224.707388][ T9429]  ? do_swap_page+0x154/0x3da0
[ 3224.712174][ T9429]  ? __pfx_do_swap_page+0x10/0x10
[ 3224.717221][ T9429]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3224.722710][ T9429]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3224.728553][ T9429]  ? __pfx_validate_chain+0x10/0x10
[ 3224.733779][ T9429]  __handle_mm_fault+0x15e8/0x72d0
[ 3224.738955][ T9429]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3224.744449][ T9429]  ? mt_find+0x226/0x850
[ 3224.748726][ T9429]  ? __pfx_lock_release+0x10/0x10
[ 3224.753789][ T9429]  ? mt_find+0x62d/0x850
[ 3224.758057][ T9429]  ? mt_find+0x226/0x850
[ 3224.762347][ T9429]  ? find_vma+0x142/0x1c0
[ 3224.766703][ T9429]  ? __pfx_find_vma+0x10/0x10
[ 3224.771398][ T9429]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3224.777494][ T9429]  handle_mm_fault+0x3c1/0x8a0
[ 3224.782290][ T9429]  exc_page_fault+0x2ad/0x870
[ 3224.786997][ T9429]  asm_exc_page_fault+0x26/0x30
[ 3224.791872][ T9429] RIP: 0010:__get_user_8+0x11/0x20
[ 3224.797004][ T9429] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 3224.816632][ T9429] RSP: 0018:ffffc90009da7d78 EFLAGS: 00050202
[ 3224.822723][ T9429] RAX: 0000555556856da8 RBX: ffff88808114b2f8 RCX: ffffc90009da7c03
[ 3224.830712][ T9429] RDX: 0000000000000000 RSI: ffffffff8baac760 RDI: ffffffff8bfe6820
[ 3224.838702][ T9429] RBP: ffffc90009da7ec0 R08: ffffffff8f855a6f R09: 1ffffffff1f0ab4d
[ 3224.846690][ T9429] R10: dffffc0000000000 R11: fffffbfff1f0ab4e R12: ffffc90009da7d80
[ 3224.854770][ T9429] R13: ffffc90009da7fd8 R14: dffffc0000000000 R15: ffff888081149dc0
[ 3224.862776][ T9429]  __rseq_handle_notify_resume+0x158/0x1490
[ 3224.868769][ T9429]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 3224.875140][ T9429]  ? irqentry_exit_to_user_mode+0x52/0x280
[ 3224.880979][ T9429]  irqentry_exit_to_user_mode+0xbb/0x280
[ 3224.886639][ T9429]  exc_page_fault+0x587/0x870
[ 3224.891351][ T9429]  asm_exc_page_fault+0x26/0x30
[ 3224.896227][ T9429] RIP: 0033:0x7f4931225150
[ 3224.900660][ T9429] Code: 68 02 00 00 00 e9 f0 fe ff ff ff 25 4a 3f 15 00 68 13 00 00 00 e9 e0 fe ff ff ff 25 42 3f 15 00 68 12 00 00 00 e9 d0 fe ff ff <ff> 25 3a 3f 15 00 68 11 00 00 00 e9 c0 fe ff ff ff 25 32 3f 15 00
[ 3224.920284][ T9429] RSP: 002b:00007f49314cf9c8 EFLAGS: 00010246
[ 3224.926382][ T9429] RAX: 0000555556857900 RBX: 00007f4931f096c0 RCX: 00005555568578f0
[ 3224.934372][ T9429] RDX: 0000000000000118 RSI: 0000000000000000 RDI: 0000555556857900
[ 3224.942381][ T9429] RBP: 000000000000000f R08: 00000000ffffffff R09: 0000000000000000
[ 3224.950380][ T9429] R10: 0000000000021000 R11: 0000000000000010 R12: 00007f49314cfc90
[ 3224.958371][ T9429] R13: ffffffffffffffc0 R14: 0000000000001000 R15: 0000000000000000
[ 3224.966375][ T9429]  </TASK>
[ 3224.976621][ T9429] memory: usage 307180kB, limit 307200kB, failcnt 98567
[ 3224.983783][ T9429] memory+swap: usage 318812kB, limit 9007199254740988kB, failcnt 0
[ 3224.992156][ T9429] kmem: usage 307168kB, limit 9007199254740988kB, failcnt 0
[ 3224.995522][ T9424] 8021q: adding VLAN 0 to HW filter on device team0
[ 3225.000049][ T9429] Memory cgroup stats for /syz1:
[ 3225.006503][ T9429] cache 0
[ 3225.014828][ T9429] rss 12288
[ 3225.017956][ T9429] rss_huge 0
[ 3225.021158][ T9429] shmem 0
[ 3225.024820][ T9429] mapped_file 0
[ 3225.030634][ T9429] dirty 0
[ 3225.035142][ T9424] team0: entered promiscuous mode
[ 3225.042249][ T9429] writeback 0
[ 3225.049332][ T9429] workingset_refault_anon 38667
[ 3225.058426][ T9424] team_slave_0: entered promiscuous mode
[ 3225.069386][ T9429] workingset_refault_file 357
[ 3225.071127][ T9424] team_slave_1: entered promiscuous mode
[ 3225.079070][ T9429] swap 11911168
[ 3225.090148][ T9424] team0: entered allmulticast mode
[ 3225.091422][ T9429] swapcached 0
[ 3225.097488][ T9424] team_slave_0: entered allmulticast mode
[ 3225.102080][ T9429] pgpgin 3290477
[ 3225.105712][ T9424] team_slave_1: entered allmulticast mode
[ 3225.111057][ T9429] pgpgout 3290474
[ 3225.122865][ T9429] pgfault 3625419
[ 3225.131412][ T9429] pgmajfault 40594
[ 3225.132883][ T9424] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3225.140299][ T9429] inactive_anon 8192
[ 3225.154752][ T9429] active_anon 4096
[ 3225.161755][ T9429] inactive_file 0
[ 3225.163685][ T9425] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3225.169399][ T9429] active_file 0
[ 3225.185632][ T9429] unevictable 0
[ 3225.192404][ T9429] hierarchical_memory_limit 314572800
[ 3225.192539][ T9425] bond0: (slave team0): Releasing backup interface
[ 3225.203742][ T9429] hierarchical_memsw_limit 9223372036854771712
[ 3225.211647][ T9429] total_cache 0
[ 3225.219124][ T9429] total_rss 12288
[ 3225.223039][ T9429] total_rss_huge 0
[ 3225.223692][ T9425] team0: left promiscuous mode
[ 3225.227335][ T9429] total_shmem 0
[ 3225.227347][ T9429] total_mapped_file 0
[ 3225.227355][ T9429] total_dirty 0
[ 3225.227363][ T9429] total_writeback 0
[ 3225.227371][ T9429] total_workingset_refault_anon 38667
[ 3225.227380][ T9429] total_workingset_refault_file 357
[ 3225.227388][ T9429] total_swap 11911168
[ 3225.227397][ T9429] total_swapcached 0
[ 3225.227405][ T9429] total_pgpgin 3290477
[ 3225.227413][ T9429] total_pgpgout 3290474
[ 3225.227421][ T9429] total_pgfault 3625419
[ 3225.227430][ T9429] total_pgmajfault 40594
[ 3225.227438][ T9429] total_inactive_anon 8192
10:58:37 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0xa00}, 0x0)

[ 3225.227446][ T9429] total_active_anon 4096
[ 3225.227454][ T9429] total_inactive_file 0
[ 3225.227463][ T9429] total_active_file 0
[ 3225.227471][ T9429] total_unevictable 0
[ 3225.227479][ T9429] anon_cost 0
[ 3225.227487][ T9429] file_cost 0
[ 3225.227496][ T9429] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=9429,uid=0
[ 3225.227615][ T9429] Memory cgroup out of memory: Killed process 9429 (syz-executor.1) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3225.414406][ T9425] team_slave_0: left promiscuous mode
[ 3225.423656][ T9425] team_slave_1: left promiscuous mode
[ 3225.436208][ T9425] team0: left allmulticast mode
[ 3225.447565][ T9425] team_slave_0: left allmulticast mode
[ 3225.467313][ T9425] team_slave_1: left allmulticast mode
[ 3225.494133][ T9425] bridge0: port 9(team0) entered blocking state
[ 3225.511727][ T9425] bridge0: port 9(team0) entered disabled state
[ 3225.520823][ T9425] team0: entered allmulticast mode
[ 3225.528753][ T9425] team_slave_0: entered allmulticast mode
[ 3225.542952][ T9425] team_slave_1: entered allmulticast mode
[ 3225.560412][ T9437] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 3225.577985][ T9425] team0: entered promiscuous mode
[ 3225.583155][ T9437] CPU: 1 PID: 9437 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3225.593498][ T9437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3225.603570][ T9437] Call Trace:
[ 3225.606861][ T9437]  <TASK>
[ 3225.609810][ T9437]  dump_stack_lvl+0x1e7/0x2e0
[ 3225.614516][ T9437]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3225.619734][ T9437]  ? __pfx__printk+0x10/0x10
[ 3225.624336][ T9437]  ? ___ratelimit+0x4c4/0x670
[ 3225.629042][ T9437]  ? __pfx____ratelimit+0x10/0x10
[ 3225.634097][ T9437]  dump_header+0xda/0x6a0
[ 3225.638465][ T9437]  oom_kill_process+0x3a7/0x930
[ 3225.643348][ T9437]  out_of_memory+0xf67/0x1320
[ 3225.648055][ T9437]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3225.653712][ T9437]  ? __pfx___mutex_lock+0x10/0x10
[ 3225.658765][ T9437]  ? __pfx_out_of_memory+0x10/0x10
[ 3225.663909][ T9437]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3225.669481][ T9437]  ? __pfx_lock_release+0x10/0x10
[ 3225.674529][ T9437]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3225.680623][ T9437]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3225.685846][ T9437]  ? mem_cgroup_iter+0x422/0x560
[ 3225.690801][ T9437]  try_charge_memcg+0xda2/0x18a0
[ 3225.695761][ T9437]  ? mark_lock+0x9a/0x350
[ 3225.700139][ T9437]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3225.705561][ T9437]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3225.711736][ T9437]  charge_memcg+0xa2/0x160
[ 3225.716182][ T9437]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3225.722273][ T9437]  __read_swap_cache_async+0x480/0x8b0
[ 3225.727755][ T9437]  ? mark_lock+0x9a/0x350
[ 3225.732121][ T9437]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3225.738140][ T9437]  swap_cluster_readahead+0x67c/0x810
[ 3225.743546][ T9437]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3225.749468][ T9437]  ? __pfx_lock_release+0x10/0x10
[ 3225.754519][ T9437]  ? xas_descend+0x37e/0x470
[ 3225.759144][ T9437]  swapin_readahead+0x1ea/0x1070
[ 3225.764110][ T9437]  ? filemap_get_entry+0x127/0x4e0
[ 3225.769266][ T9437]  ? __pfx_swapin_readahead+0x10/0x10
[ 3225.774676][ T9437]  ? __filemap_get_folio+0x935/0xbc0
[ 3225.779995][ T9437]  ? swap_cache_get_folio+0x9f/0x570
[ 3225.785311][ T9437]  do_swap_page+0x8ab/0x3da0
[ 3225.789931][ T9437]  ? __pte_offset_map+0x2c4/0x380
[ 3225.794983][ T9437]  ? __pfx_validate_chain+0x10/0x10
[ 3225.800287][ T9437]  ? do_swap_page+0x154/0x3da0
[ 3225.804636][ T9425] team_slave_0: entered promiscuous mode
[ 3225.805054][ T9437]  ? __pfx_do_swap_page+0x10/0x10
[ 3225.810945][ T9425] team_slave_1: entered promiscuous mode
[ 3225.815675][ T9437]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3225.815703][ T9437]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3225.815734][ T9437]  __handle_mm_fault+0x15e8/0x72d0
[ 3225.815784][ T9437]  ? reacquire_held_locks+0x3eb/0x690
[ 3225.815805][ T9437]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3225.815840][ T9437]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 3225.815877][ T9437]  ? mtree_range_walk+0x6fd/0x8e0
[ 3225.815898][ T9437]  ? lock_vma_under_rcu+0x18a/0x730
10:58:37 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba80000f1201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3225.815919][ T9437]  ? __pfx_lock_release+0x10/0x10
[ 3225.815940][ T9437]  ? lock_vma_under_rcu+0x2f9/0x730
[ 3225.815983][ T9437]  ? lock_vma_under_rcu+0x18a/0x730
[ 3225.816005][ T9437]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 3225.816029][ T9437]  handle_mm_fault+0x3c1/0x8a0
[ 3225.816060][ T9437]  exc_page_fault+0x456/0x870
[ 3225.816090][ T9437]  asm_exc_page_fault+0x26/0x30
[ 3225.816120][ T9437] RIP: 0033:0x7f493125b0eb
[ 3225.816138][ T9437] Code: 00 00 48 f7 d9 48 85 c0 48 c7 c0 00 00 00 fc 48 0f 44 c8 48 21 e9 48 03 49 18 48 29 e9 49 39 cc 4c 0f 42 e1 48 89 de 4c 89 ef <e8> 00 dc ff ff 48 85 c0 0f 84 91 00 00 00 48 8b 50 f8 f6 c2 02 0f
[ 3225.816155][ T9437] RSP: 002b:00007f49314cf990 EFLAGS: 00010246
[ 3225.816174][ T9437] RAX: 00007f493137f660 RBX: 0000000000000110 RCX: 00007f493127de67
[ 3225.816187][ T9437] RDX: 0000000000000001 RSI: 0000000000000110 RDI: 00007f493137f660
[ 3225.946615][ T9437] RBP: 00005555568578f0 R08: 00000000ffffffff R09: 0000000000000000
[ 3225.954601][ T9437] R10: 0000000000021000 R11: 0000000000000206 R12: 0000000000020710
[ 3225.957921][ T9431] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3225.962575][ T9437] R13: 00007f493137f660 R14: 0000000000001000 R15: 0000000000000000
[ 3225.962611][ T9437]  </TASK>
[ 3226.003549][ T9431] team0: left allmulticast mode
[ 3226.019059][ T9431] team_slave_0: left allmulticast mode
[ 3226.033444][ T9437] memory: usage 307180kB, limit 307200kB, failcnt 98795
[ 3226.034509][ T9431] team_slave_1: left allmulticast mode
[ 3226.045826][ T9437] memory+swap: usage 318808kB, limit 9007199254740988kB, failcnt 0
[ 3226.045845][ T9437] kmem: usage 307168kB, limit 9007199254740988kB, failcnt 0
[ 3226.045857][ T9437] Memory cgroup stats for /syz1:
[ 3226.045967][ T9437] cache 0
[ 3226.045976][ T9437] rss 12288
[ 3226.045984][ T9437] rss_huge 0
[ 3226.045992][ T9437] shmem 0
[ 3226.046000][ T9437] mapped_file 0
[ 3226.046008][ T9437] dirty 0
[ 3226.046014][ T9437] writeback 0
[ 3226.046022][ T9437] workingset_refault_anon 38736
[ 3226.046031][ T9437] workingset_refault_file 357
[ 3226.046040][ T9437] swap 11907072
[ 3226.046046][ T9437] swapcached 0
[ 3226.046053][ T9437] pgpgin 3290574
[ 3226.046061][ T9437] pgpgout 3290571
[ 3226.046068][ T9437] pgfault 3625566
10:58:37 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0xb00}, 0x0)

[ 3226.046083][ T9437] pgmajfault 40673
[ 3226.046091][ T9437] inactive_anon 8192
[ 3226.046099][ T9437] active_anon 4096
[ 3226.046108][ T9437] inactive_file 0
[ 3226.046115][ T9437] active_file 0
[ 3226.046124][ T9437] unevictable 0
[ 3226.046131][ T9437] hierarchical_memory_limit 314572800
[ 3226.046141][ T9437] hierarchical_memsw_limit 9223372036854771712
[ 3226.046150][ T9437] total_cache 0
[ 3226.046158][ T9437] total_rss 12288
[ 3226.046166][ T9437] total_rss_huge 0
[ 3226.046174][ T9437] total_shmem 0
[ 3226.046182][ T9437] total_mapped_file 0
[ 3226.046191][ T9437] total_dirty 0
[ 3226.046199][ T9437] total_writeback 0
[ 3226.046207][ T9437] total_workingset_refault_anon 38736
[ 3226.046215][ T9437] total_workingset_refault_file 357
[ 3226.046224][ T9437] total_swap 11907072
[ 3226.046232][ T9437] total_swapcached 0
[ 3226.046240][ T9437] total_pgpgin 3290574
[ 3226.046249][ T9437] total_pgpgout 3290571
[ 3226.046257][ T9437] total_pgfault 3625566
[ 3226.046265][ T9437] total_pgmajfault 40673
[ 3226.046273][ T9437] total_inactive_anon 8192
[ 3226.046281][ T9437] total_active_anon 4096
[ 3226.046289][ T9437] total_inactive_file 0
[ 3226.046298][ T9437] total_active_file 0
[ 3226.046306][ T9437] total_unevictable 0
[ 3226.046314][ T9437] anon_cost 0
[ 3226.046321][ T9437] file_cost 0
[ 3226.046330][ T9437] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=9437,uid=0
[ 3226.046436][ T9437] Memory cgroup out of memory: Killed process 9437 (syz-executor.1) total-vm:54508kB, anon-rss:316kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 3226.373066][ T9442] syz-executor.1 invoked oom-killer: gfp_mask=0x440dc0(GFP_KERNEL_ACCOUNT|__GFP_COMP|__GFP_ZERO), order=0, oom_score_adj=1000
[ 3226.388364][ T9442] CPU: 0 PID: 9442 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3226.398727][ T9442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3226.408807][ T9442] Call Trace:
[ 3226.412106][ T9442]  <TASK>
[ 3226.415151][ T9442]  dump_stack_lvl+0x1e7/0x2e0
[ 3226.419864][ T9442]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3226.425091][ T9442]  ? __pfx__printk+0x10/0x10
[ 3226.429704][ T9442]  ? ___ratelimit+0x4c4/0x670
[ 3226.434415][ T9442]  ? __pfx____ratelimit+0x10/0x10
[ 3226.439468][ T9442]  dump_header+0xda/0x6a0
[ 3226.443827][ T9442]  oom_kill_process+0x3a7/0x930
[ 3226.448696][ T9442]  out_of_memory+0xf67/0x1320
[ 3226.453399][ T9442]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3226.459029][ T9442]  ? __pfx___mutex_lock+0x10/0x10
[ 3226.464057][ T9442]  ? __pfx_out_of_memory+0x10/0x10
[ 3226.469172][ T9442]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3226.474715][ T9442]  ? __pfx_lock_release+0x10/0x10
[ 3226.479741][ T9442]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3226.485812][ T9442]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3226.491008][ T9442]  ? mem_cgroup_iter+0x422/0x560
[ 3226.495951][ T9442]  try_charge_memcg+0xda2/0x18a0
[ 3226.500907][ T9442]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3226.506270][ T9442]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3226.511981][ T9442]  ? __pfx_lock_release+0x10/0x10
[ 3226.516999][ T9442]  ? __lock_acquire+0x1345/0x1fd0
[ 3226.522036][ T9442]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3226.527750][ T9442]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3226.533549][ T9442]  __memcg_kmem_charge_page+0xe1/0x250
[ 3226.539007][ T9442]  __alloc_pages+0x28b/0x680
[ 3226.543594][ T9442]  ? __pfx___alloc_pages+0x10/0x10
[ 3226.548704][ T9442]  ? policy_nodemask+0x1ec/0x720
[ 3226.553638][ T9442]  alloc_pages_mpol+0x3de/0x650
[ 3226.558482][ T9442]  ? do_raw_spin_lock+0x14e/0x370
[ 3226.563500][ T9442]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 3226.568870][ T9442]  ? alloc_pages+0xee/0x170
[ 3226.573364][ T9442]  pte_alloc_one+0x88/0x5d0
[ 3226.577899][ T9442]  ? __pfx_pte_alloc_one+0x10/0x10
[ 3226.583011][ T9442]  ? __thp_vma_allowable_orders+0x796/0x8d0
[ 3226.588920][ T9442]  __do_fault+0xd0/0x460
[ 3226.593162][ T9442]  __handle_mm_fault+0x23c3/0x72d0
[ 3226.598290][ T9442]  ? reacquire_held_locks+0x3eb/0x690
[ 3226.603655][ T9442]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3226.609116][ T9442]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 3226.614836][ T9442]  ? mtree_range_walk+0x6fd/0x8e0
[ 3226.619852][ T9442]  ? lock_vma_under_rcu+0x18a/0x730
[ 3226.625042][ T9442]  ? __pfx_lock_release+0x10/0x10
[ 3226.630057][ T9442]  ? lock_vma_under_rcu+0x2f9/0x730
[ 3226.635260][ T9442]  ? lock_vma_under_rcu+0x18a/0x730
[ 3226.640454][ T9442]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 3226.645994][ T9442]  handle_mm_fault+0x3c1/0x8a0
[ 3226.650757][ T9442]  exc_page_fault+0x456/0x870
[ 3226.655433][ T9442]  asm_exc_page_fault+0x26/0x30
[ 3226.660277][ T9442] RIP: 0033:0x7f4931228266
[ 3226.664682][ T9442] Code: 1f 44 00 00 48 8b 0d 91 d4 ca 00 4c 63 05 7a d4 ca 00 48 8b 05 7b d4 ca 00 49 01 c8 48 39 c8 72 13 4c 39 c0 73 0e 48 8d 50 04 <89> 38 48 89 15 61 d4 ca 00 c3 52 48 8d 35 c3 0e 0a 00 48 89 c2 48
[ 3226.684276][ T9442] RSP: 002b:00007f49314cfb28 EFLAGS: 00010287
[ 3226.690336][ T9442] RAX: 0000001b2ec20000 RBX: 0000000000000003 RCX: 0000001b2ec20000
[ 3226.698303][ T9442] RDX: 0000001b2ec20004 RSI: 0000000000000000 RDI: 0000000000000000
[ 3226.706268][ T9442] RBP: 0000000000000001 R08: 0000001b2f020000 R09: 0000000000040000
[ 3226.714239][ T9442] R10: 0000000000000011 R11: 0000000000000293 R12: 0000000000000000
[ 3226.722197][ T9442] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 3226.730168][ T9442]  </TASK>
[ 3226.735180][ T9431] team0: left promiscuous mode
[ 3226.739978][ T9431] team_slave_0: left promiscuous mode
[ 3226.746109][ T9431] team_slave_1: left promiscuous mode
[ 3226.751878][ T9431] bridge0: port 6(team0) entered disabled state
[ 3226.757661][ T9442] memory: usage 307200kB, limit 307200kB, failcnt 99078
[ 3226.772762][ T9442] memory+swap: usage 318828kB, limit 9007199254740988kB, failcnt 0
[ 3226.792339][ T9442] kmem: usage 307176kB, limit 9007199254740988kB, failcnt 0
[ 3226.801758][ T9442] Memory cgroup stats for /syz1:
[ 3226.801871][ T9442] cache 0
[ 3226.813492][ T9431] 8021q: adding VLAN 0 to HW filter on device team0
[ 3226.820181][ T9442] rss 4096
10:58:38 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0xc00}, 0x0)

[ 3226.820193][ T9442] rss_huge 0
[ 3226.820202][ T9442] shmem 0
[ 3226.820210][ T9442] mapped_file 0
[ 3226.820218][ T9442] dirty 0
[ 3226.820226][ T9442] writeback 0
[ 3226.820235][ T9442] workingset_refault_anon 38828
[ 3226.820244][ T9442] workingset_refault_file 357
[ 3226.820252][ T9442] swap 11907072
[ 3226.820261][ T9442] swapcached 0
[ 3226.820269][ T9442] pgpgin 3290691
[ 3226.820277][ T9442] pgpgout 3290690
[ 3226.820285][ T9442] pgfault 3625735
[ 3226.820293][ T9442] pgmajfault 40774
[ 3226.820301][ T9442] inactive_anon 4096
[ 3226.820310][ T9442] active_anon 0
[ 3226.820318][ T9442] inactive_file 0
[ 3226.820326][ T9442] active_file 0
[ 3226.820334][ T9442] unevictable 0
[ 3226.820342][ T9442] hierarchical_memory_limit 314572800
[ 3226.820351][ T9442] hierarchical_memsw_limit 9223372036854771712
[ 3226.820359][ T9442] total_cache 0
[ 3226.820367][ T9442] total_rss 4096
[ 3226.820374][ T9442] total_rss_huge 0
[ 3226.820382][ T9442] total_shmem 0
[ 3226.820390][ T9442] total_mapped_file 0
[ 3226.820398][ T9442] total_dirty 0
[ 3226.820406][ T9442] total_writeback 0
[ 3226.820414][ T9442] total_workingset_refault_anon 38828
[ 3226.820422][ T9442] total_workingset_refault_file 357
[ 3226.820431][ T9442] total_swap 11907072
[ 3226.820439][ T9442] total_swapcached 0
[ 3226.820447][ T9442] total_pgpgin 3290691
[ 3226.820455][ T9442] total_pgpgout 3290690
[ 3226.820463][ T9442] total_pgfault 3625735
[ 3226.820472][ T9442] total_pgmajfault 40774
[ 3226.820480][ T9442] total_inactive_anon 4096
[ 3226.820488][ T9442] total_active_anon 0
[ 3226.820497][ T9442] total_inactive_file 0
[ 3226.820504][ T9442] total_active_file 0
[ 3226.820512][ T9442] total_unevictable 0
[ 3226.820520][ T9442] anon_cost 0
[ 3226.820528][ T9442] file_cost 0
[ 3226.820536][ T9442] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=9442,uid=0
[ 3226.820649][ T9442] Memory cgroup out of memory: Killed process 9442 (syz-executor.1) total-vm:54376kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
[ 3226.932764][ T9443] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 3227.043025][ T9431] team0: entered promiscuous mode
[ 3227.050492][ T9431] team_slave_0: entered promiscuous mode
[ 3227.059563][ T9431] team_slave_1: entered promiscuous mode
[ 3227.064663][ T9443] CPU: 0 PID: 9443 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3227.066144][ T9431] team0: entered allmulticast mode
[ 3227.075497][ T9443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3227.075511][ T9443] Call Trace:
[ 3227.075519][ T9443]  <TASK>
[ 3227.075527][ T9443]  dump_stack_lvl+0x1e7/0x2e0
[ 3227.089247][ T9431] team_slave_0: entered allmulticast mode
[ 3227.090680][ T9443]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3227.096313][ T9431] team_slave_1: entered allmulticast mode
[ 3227.096880][ T9443]  ? __pfx__printk+0x10/0x10
10:58:38 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0xc, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3227.096907][ T9443]  ? ___ratelimit+0x4c4/0x670
[ 3227.102559][ T9431] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3227.107261][ T9443]  ? __pfx____ratelimit+0x10/0x10
[ 3227.107292][ T9443]  dump_header+0xda/0x6a0
[ 3227.107320][ T9443]  oom_kill_process+0x3a7/0x930
[ 3227.135206][ T9432] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3227.135838][ T9443]  out_of_memory+0xf67/0x1320
[ 3227.162945][ T9443]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3227.170254][ T9443]  ? __pfx___mutex_lock+0x10/0x10
[ 3227.175307][ T9443]  ? __pfx_out_of_memory+0x10/0x10
[ 3227.180452][ T9443]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3227.186070][ T9443]  ? __pfx_lock_release+0x10/0x10
[ 3227.191120][ T9443]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3227.197220][ T9443]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3227.202442][ T9443]  ? mem_cgroup_iter+0x422/0x560
[ 3227.207414][ T9443]  try_charge_memcg+0xda2/0x18a0
[ 3227.212404][ T9443]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3227.214682][ T9435] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3227.217786][ T9443]  ? percpu_ref_tryget+0x14/0x180
[ 3227.232115][ T9443]  charge_memcg+0xa2/0x160
[ 3227.236563][ T9443]  __mem_cgroup_charge+0x27/0x80
[ 3227.241525][ T9443]  folio_prealloc+0x52/0x170
[ 3227.246138][ T9443]  do_wp_page+0x1222/0x4c90
[ 3227.250667][ T9443]  ? page_ext_put+0x9c/0xc0
[ 3227.255193][ T9443]  ? __pfx_do_wp_page+0x10/0x10
[ 3227.260071][ T9443]  ? page_ext_get+0x20/0x2a0
[ 3227.264683][ T9443]  ? page_ext_get+0x1d6/0x2a0
[ 3227.269381][ T9443]  ? __page_table_check_ptes_set+0x220/0x280
[ 3227.275375][ T9443]  ? folio_add_anon_rmap_ptes+0x10d3/0x1750
[ 3227.276884][ T9439] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3227.281274][ T9443]  ? folio_unlock+0x126/0x2f0
[ 3227.281305][ T9443]  do_swap_page+0x207c/0x3da0
[ 3227.294249][ T9439] team0: left allmulticast mode
[ 3227.298771][ T9443]  ? do_swap_page+0x154/0x3da0
[ 3227.298798][ T9443]  ? __pfx_do_swap_page+0x10/0x10
[ 3227.313002][ T9439] team_slave_0: left allmulticast mode
[ 3227.313378][ T9443]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3227.324343][ T9443]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3227.330161][ T9443]  ? __pfx_validate_chain+0x10/0x10
[ 3227.335377][ T9443]  __handle_mm_fault+0x15e8/0x72d0
[ 3227.340540][ T9443]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3227.346032][ T9443]  ? mt_find+0x226/0x850
[ 3227.350301][ T9443]  ? __pfx_lock_release+0x10/0x10
[ 3227.350572][ T9439] team_slave_1: left allmulticast mode
[ 3227.355341][ T9443]  ? mt_find+0x62d/0x850
[ 3227.355369][ T9443]  ? mt_find+0x226/0x850
[ 3227.355409][ T9443]  ? find_vma+0x142/0x1c0
[ 3227.371344][ T9439] team0: left promiscuous mode
[ 3227.373595][ T9443]  ? __pfx_find_vma+0x10/0x10
[ 3227.373624][ T9443]  handle_mm_fault+0x3c1/0x8a0
[ 3227.380240][ T9439] team_slave_0: left promiscuous mode
[ 3227.383024][ T9443]  exc_page_fault+0x2ad/0x870
[ 3227.388378][ T9439] team_slave_1: left promiscuous mode
[ 3227.393139][ T9443]  asm_exc_page_fault+0x26/0x30
[ 3227.393168][ T9443] RIP: 0010:__put_user_4+0x11/0x20
[ 3227.398678][ T9439] bridge0: port 9(team0) entered disabled state
[ 3227.403162][ T9443] Code: 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[ 3227.403180][ T9443] RSP: 0018:ffffc90009da7f00 EFLAGS: 00050206
[ 3227.403198][ T9443] RAX: 00000000000037cf RBX: 0000000000000000 RCX: 0000555556856750
[ 3227.453006][ T9443] RDX: 0000000000000000 RSI: ffffffff8baac760 RDI: ffffffff8bfe6820
[ 3227.460974][ T9443] RBP: ffff8880792ea430 R08: ffffffff8f855a6f R09: 1ffffffff1f0ab4d
[ 3227.468957][ T9443] R10: dffffc0000000000 R11: fffffbfff1f0ab4e R12: 0000000000000000
10:58:39 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef40a000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:58:39 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0xb}}}]}, 0x78}}, 0x0)

[ 3227.476938][ T9443] R13: 0000000000000000 R14: 00000000000037cf R15: dffffc0000000000
[ 3227.484947][ T9443]  schedule_tail+0x95/0xb0
[ 3227.489370][ T9443]  ret_from_fork+0x24/0x80
[ 3227.493782][ T9443]  ret_from_fork_asm+0x1b/0x30
[ 3227.498545][ T9443]  </TASK>
[ 3227.525055][ T9439] 8021q: adding VLAN 0 to HW filter on device team0
[ 3227.532889][ T9443] memory: usage 307160kB, limit 307200kB, failcnt 99158
[ 3227.553489][ T9443] memory+swap: usage 318760kB, limit 9007199254740988kB, failcnt 0
[ 3227.559374][ T9439] team0: entered promiscuous mode
[ 3227.566916][ T9439] team_slave_0: entered promiscuous mode
[ 3227.571195][ T9443] kmem: usage 307156kB, limit 9007199254740988kB, failcnt 0
[ 3227.572895][ T9439] team_slave_1: entered promiscuous mode
[ 3227.587040][ T9439] team0: entered allmulticast mode
[ 3227.589683][ T9443] Memory cgroup stats for /syz1:
[ 3227.592319][ T9439] team_slave_0: entered allmulticast mode
[ 3227.592359][ T9443] cache 0
[ 3227.597907][ T9439] team_slave_1: entered allmulticast mode
[ 3227.600441][ T9439] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3227.609271][ T9443] rss 4096
[ 3227.618196][ T9440] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3227.633122][ T9443] rss_huge 0
[ 3227.637129][ T9443] shmem 0
[ 3227.638007][ T9440] bond0: (slave team0): Releasing backup interface
[ 3227.640063][ T9443] mapped_file 0
[ 3227.640074][ T9443] dirty 0
[ 3227.640081][ T9443] writeback 0
[ 3227.640089][ T9443] workingset_refault_anon 38846
[ 3227.640097][ T9443] workingset_refault_file 357
[ 3227.640105][ T9443] swap 11878400
[ 3227.671268][ T9440] team0: left promiscuous mode
[ 3227.671325][ T9443] swapcached 0
[ 3227.679801][ T9443] pgpgin 3290710
[ 3227.683357][ T9443] pgpgout 3290709
[ 3227.684642][ T9440] team_slave_0: left promiscuous mode
[ 3227.689403][ T9443] pgfault 3625765
[ 3227.696599][ T9443] pgmajfault 40791
[ 3227.697907][ T9440] team_slave_1: left promiscuous mode
[ 3227.700318][ T9443] inactive_anon 4096
[ 3227.700329][ T9443] active_anon 0
[ 3227.700337][ T9443] inactive_file 0
[ 3227.700345][ T9443] active_file 0
[ 3227.700354][ T9443] unevictable 0
[ 3227.700362][ T9443] hierarchical_memory_limit 314572800
[ 3227.700371][ T9443] hierarchical_memsw_limit 9223372036854771712
[ 3227.700380][ T9443] total_cache 0
[ 3227.723199][ T9440] team0: left allmulticast mode
[ 3227.725434][ T9443] total_rss 4096
[ 3227.725445][ T9443] total_rss_huge 0
[ 3227.725453][ T9443] total_shmem 0
[ 3227.725461][ T9443] total_mapped_file 0
[ 3227.725468][ T9443] total_dirty 0
[ 3227.725476][ T9443] total_writeback 0
[ 3227.725484][ T9443] total_workingset_refault_anon 38846
[ 3227.725492][ T9443] total_workingset_refault_file 357
[ 3227.725500][ T9443] total_swap 11878400
[ 3227.725508][ T9443] total_swapcached 0
[ 3227.725515][ T9443] total_pgpgin 3290710
[ 3227.725522][ T9443] total_pgpgout 3290709
[ 3227.725530][ T9443] total_pgfault 3625765
[ 3227.725539][ T9443] total_pgmajfault 40791
[ 3227.725547][ T9443] total_inactive_anon 4096
[ 3227.725555][ T9443] total_active_anon 0
[ 3227.725563][ T9443] total_inactive_file 0
[ 3227.725570][ T9443] total_active_file 0
[ 3227.725578][ T9443] total_unevictable 0
[ 3227.725586][ T9443] anon_cost 0
[ 3227.725594][ T9443] file_cost 0
[ 3227.725601][ T9443] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=6458,uid=0
[ 3227.725733][ T9443] Memory cgroup out of memory: Killed process 6458 (syz-executor.1) total-vm:50536kB, anon-rss:512kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:0
[ 3227.869561][ T9440] team_slave_0: left allmulticast mode
[ 3227.887994][ T9440] team_slave_1: left allmulticast mode
[ 3227.907808][ T9440] bridge0: port 9(team0) entered blocking state
[ 3227.921847][ T9440] bridge0: port 9(team0) entered disabled state
[ 3227.930342][ T9440] team0: entered allmulticast mode
[ 3227.936401][ T9440] team_slave_0: entered allmulticast mode
[ 3227.942422][ T9440] team_slave_1: entered allmulticast mode
[ 3227.960618][ T9440] team0: entered promiscuous mode
[ 3227.967308][ T9440] team_slave_0: entered promiscuous mode
[ 3227.973226][ T9440] team_slave_1: entered promiscuous mode
10:58:39 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000101201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3227.990442][ T9447] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3228.011917][ T9449] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:39 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0xc}}}]}, 0x78}}, 0x0)

[ 3228.070718][ T9450] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3228.085128][ T9450] ip6gre0: entered promiscuous mode
10:58:40 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef47b000000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3228.173565][ T9454] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3228.188642][ T9454] team0: left allmulticast mode
[ 3228.204545][ T9454] team_slave_0: left allmulticast mode
[ 3228.217210][ T9454] team_slave_1: left allmulticast mode
[ 3228.224357][ T9454] team0: left promiscuous mode
[ 3228.229309][ T9454] team_slave_0: left promiscuous mode
[ 3228.237444][ T9454] team_slave_1: left promiscuous mode
[ 3228.243394][ T9454] bridge0: port 9(team0) entered disabled state
[ 3228.259959][ T9454] 8021q: adding VLAN 0 to HW filter on device team0
[ 3228.278947][ T9454] team0: entered promiscuous mode
[ 3228.284890][ T9454] team_slave_0: entered promiscuous mode
[ 3228.297870][ T9454] team_slave_1: entered promiscuous mode
[ 3228.306133][ T9454] team0: entered allmulticast mode
[ 3228.311640][ T9454] team_slave_0: entered allmulticast mode
[ 3228.318496][ T9454] team_slave_1: entered allmulticast mode
10:58:40 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0xf00}, 0x0)

[ 3228.328332][ T9454] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3228.355984][ T9455] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3228.387101][ T9455] bond0: (slave team0): Releasing backup interface
[ 3228.419614][ T9455] team0: left promiscuous mode
[ 3228.446790][ T9455] team_slave_0: left promiscuous mode
[ 3228.464137][ T9455] team_slave_1: left promiscuous mode
[ 3228.470218][ T9455] team0: left allmulticast mode
[ 3228.482881][ T9455] team_slave_0: left allmulticast mode
[ 3228.511907][ T9455] team_slave_1: left allmulticast mode
[ 3228.541273][ T9455] bridge0: port 9(team0) entered blocking state
[ 3228.557149][ T9455] bridge0: port 9(team0) entered disabled state
[ 3228.572823][ T9455] team0: entered allmulticast mode
[ 3228.587386][ T9455] team_slave_0: entered allmulticast mode
[ 3228.600011][ T9455] team_slave_1: entered allmulticast mode
[ 3228.620394][ T9455] team0: entered promiscuous mode
[ 3228.641887][ T9455] team_slave_0: entered promiscuous mode
[ 3228.662615][ T9455] team_slave_1: entered promiscuous mode
[ 3228.678724][ T9461] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:40 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0x1100}, 0x0)

[ 3228.758948][ T9462] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3228.787401][ T9464] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
10:58:40 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0xf}}}]}, 0x78}}, 0x0)

[ 3228.809923][ T9464] bridge1560: entered promiscuous mode
10:58:40 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410020000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:58:40 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000111201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3228.954929][T13499] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3229.044853][ T9470] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3229.111924][T13499] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3229.175174][ T9471] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3229.302929][ T9472] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3229.316750][ T9475] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3229.344320][ T9475] team0: left allmulticast mode
10:58:41 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0x10}}}]}, 0x78}}, 0x0)

10:58:41 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410030000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3229.364820][ T9475] team_slave_0: left allmulticast mode
[ 3229.404326][ T9475] team_slave_1: left allmulticast mode
[ 3229.423275][ T9475] team0: left promiscuous mode
[ 3229.445122][ T9475] team_slave_0: left promiscuous mode
[ 3229.464819][ T9475] team_slave_1: left promiscuous mode
[ 3229.487188][ T9475] bridge0: port 9(team0) entered disabled state
[ 3229.508413][ T9475] 8021q: adding VLAN 0 to HW filter on device team0
[ 3229.527686][ T9475] team0: entered promiscuous mode
[ 3229.545836][ T9475] team_slave_0: entered promiscuous mode
[ 3229.562658][ T9475] team_slave_1: entered promiscuous mode
[ 3229.598238][ T9475] team0: entered allmulticast mode
[ 3229.614289][ T9475] team_slave_0: entered allmulticast mode
[ 3229.620291][ T9475] team_slave_1: entered allmulticast mode
[ 3229.631291][ T9475] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3229.653171][ T9476] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3229.702909][ T9476] bond0: (slave team0): Releasing backup interface
[ 3229.722149][ T9476] team0: left promiscuous mode
[ 3229.736332][ T9476] team_slave_0: left promiscuous mode
[ 3229.750284][ T9476] team_slave_1: left promiscuous mode
[ 3229.766291][ T9476] team0: left allmulticast mode
[ 3229.779325][ T9476] team_slave_0: left allmulticast mode
[ 3229.792733][ T9476] team_slave_1: left allmulticast mode
[ 3229.819628][ T9476] bridge0: port 9(team0) entered blocking state
[ 3229.836993][ T9476] bridge0: port 9(team0) entered disabled state
[ 3229.854569][ T9476] team0: entered allmulticast mode
[ 3229.868135][ T9476] team_slave_0: entered allmulticast mode
[ 3229.885312][ T9476] team_slave_1: entered allmulticast mode
[ 3229.907065][ T9476] team0: entered promiscuous mode
[ 3229.921629][ T9476] team_slave_0: entered promiscuous mode
[ 3229.938102][ T9476] team_slave_1: entered promiscuous mode
10:58:41 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000121201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3230.026171][T13499] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3230.118782][ T9482] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:42 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410040000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3230.202699][ T9486] team0: left allmulticast mode
10:58:42 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0xf, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

10:58:42 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0x11}}}]}, 0x78}}, 0x0)

[ 3230.225884][ T9486] team_slave_0: left allmulticast mode
[ 3230.246114][ T9486] team_slave_1: left allmulticast mode
[ 3230.251641][ T9486] team0: left promiscuous mode
[ 3230.285200][ T9486] team_slave_0: left promiscuous mode
[ 3230.298225][ T9486] team_slave_1: left promiscuous mode
[ 3230.314379][ T9486] bridge0: port 9(team0) entered disabled state
[ 3230.336186][ T9486] 8021q: adding VLAN 0 to HW filter on device team0
[ 3230.358803][ T9486] team0: entered promiscuous mode
[ 3230.370908][ T9486] team_slave_0: entered promiscuous mode
[ 3230.380200][ T9486] team_slave_1: entered promiscuous mode
[ 3230.393135][ T9486] team0: entered allmulticast mode
[ 3230.401890][ T9486] team_slave_0: entered allmulticast mode
[ 3230.418089][ T9486] team_slave_1: entered allmulticast mode
[ 3230.434659][ T9486] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3230.454700][T13499] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3230.489819][ T9487] bond0: (slave team0): Releasing backup interface
[ 3230.499808][ T9487] team0: left promiscuous mode
[ 3230.513983][ T9487] team_slave_0: left promiscuous mode
[ 3230.521858][ T9487] team_slave_1: left promiscuous mode
[ 3230.546502][ T9487] team0: left allmulticast mode
[ 3230.554595][ T9487] team_slave_0: left allmulticast mode
[ 3230.560350][ T9487] team_slave_1: left allmulticast mode
[ 3230.573002][ T9487] bridge0: port 9(team0) entered blocking state
[ 3230.583686][ T9487] bridge0: port 9(team0) entered disabled state
[ 3230.590881][ T9487] team0: entered allmulticast mode
[ 3230.597142][ T9487] team_slave_0: entered allmulticast mode
[ 3230.603160][ T9487] team_slave_1: entered allmulticast mode
10:58:42 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410050000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3230.612033][ T9487] team0: entered promiscuous mode
[ 3230.619311][ T9487] team_slave_0: entered promiscuous mode
[ 3230.626220][ T9487] team_slave_1: entered promiscuous mode
[ 3230.637569][ T9496] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:42 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0x14}}}]}, 0x78}}, 0x0)

10:58:42 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410060000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3230.820095][ T9502] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:42 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000181201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

10:58:42 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410080000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:58:42 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0x15}}}]}, 0x78}}, 0x0)

[ 3231.008988][ T9508] team0: left allmulticast mode
[ 3231.023575][ T9508] team_slave_0: left allmulticast mode
[ 3231.041378][ T9508] team_slave_1: left allmulticast mode
[ 3231.048962][ T9508] team0: left promiscuous mode
[ 3231.054615][ T9508] team_slave_0: left promiscuous mode
[ 3231.060346][ T9508] team_slave_1: left promiscuous mode
[ 3231.069136][ T9508] bridge0: port 9(team0) entered disabled state
[ 3231.082313][ T9508] 8021q: adding VLAN 0 to HW filter on device team0
[ 3231.099307][ T9508] team0: entered promiscuous mode
[ 3231.105266][ T9508] team_slave_0: entered promiscuous mode
[ 3231.117579][ T9508] team_slave_1: entered promiscuous mode
[ 3231.123625][ T9508] team0: entered allmulticast mode
[ 3231.135703][ T9508] team_slave_0: entered allmulticast mode
[ 3231.141637][ T9508] team_slave_1: entered allmulticast mode
[ 3231.150417][ T9508] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3231.245421][ T9513] bond0: (slave team0): Releasing backup interface
[ 3231.263167][ T9513] team0: left promiscuous mode
[ 3231.270956][ T9513] team_slave_0: left promiscuous mode
[ 3231.284536][ T9513] team_slave_1: left promiscuous mode
[ 3231.299806][ T9513] team0: left allmulticast mode
[ 3231.312381][ T9513] team_slave_0: left allmulticast mode
[ 3231.320288][ T9513] team_slave_1: left allmulticast mode
[ 3231.341876][ T9513] bridge0: port 9(team0) entered blocking state
[ 3231.358904][ T9513] bridge0: port 9(team0) entered disabled state
[ 3231.366723][ T9513] team0: entered allmulticast mode
[ 3231.378565][ T9513] team_slave_0: entered allmulticast mode
[ 3231.386502][ T9513] team_slave_1: entered allmulticast mode
[ 3231.396288][ T9513] team0: entered promiscuous mode
[ 3231.401469][ T9513] team_slave_0: entered promiscuous mode
[ 3231.419694][ T9513] team_slave_1: entered promiscuous mode
[ 3231.435452][ T9516] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:43 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef4100a0000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:58:43 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0x48}}}]}, 0x78}}, 0x0)

10:58:43 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef4100c0000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3231.672907][ T9523] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:43 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000211201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

10:58:43 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0x60}}}]}, 0x78}}, 0x0)

10:58:43 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef4100f0000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3232.021646][ T9535] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 3232.038693][ T9535] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 3232.048445][ T9535] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 3232.056806][ T9530] team0: left allmulticast mode
[ 3232.065276][ T9530] team_slave_0: left allmulticast mode
[ 3232.072734][ T9530] team_slave_1: left allmulticast mode
[ 3232.080374][ T9535] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 3232.093210][ T9530] team0: left promiscuous mode
[ 3232.101770][ T9530] team_slave_0: left promiscuous mode
[ 3232.108319][ T9535] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 3232.116378][ T9530] team_slave_1: left promiscuous mode
[ 3232.121924][ T9535] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 3232.131357][ T9530] bridge0: port 9(team0) entered disabled state
[ 3232.148505][ T9530] 8021q: adding VLAN 0 to HW filter on device team0
[ 3232.166711][ T9530] team0: entered promiscuous mode
[ 3232.207202][ T9530] team_slave_0: entered promiscuous mode
[ 3232.231118][ T9530] team_slave_1: entered promiscuous mode
[ 3232.259144][ T9530] team0: entered allmulticast mode
[ 3232.287462][ T9530] team_slave_0: entered allmulticast mode
[ 3232.308863][ T9530] team_slave_1: entered allmulticast mode
[ 3232.335242][ T9530] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3232.369681][ T9536] bond0: (slave team0): Releasing backup interface
[ 3232.386647][ T9536] team0: left promiscuous mode
[ 3232.391939][ T9536] team_slave_0: left promiscuous mode
[ 3232.402686][ T9536] team_slave_1: left promiscuous mode
[ 3232.415631][ T9536] team0: left allmulticast mode
[ 3232.429251][ T9536] team_slave_0: left allmulticast mode
[ 3232.443672][ T9536] team_slave_1: left allmulticast mode
[ 3232.464738][ T9536] bridge0: port 9(team0) entered blocking state
[ 3232.472213][ T9536] bridge0: port 9(team0) entered disabled state
[ 3232.487729][ T9536] team0: entered allmulticast mode
[ 3232.493169][ T9536] team_slave_0: entered allmulticast mode
[ 3232.505446][ T9536] team_slave_1: entered allmulticast mode
[ 3232.513823][ T9536] team0: entered promiscuous mode
[ 3232.530254][ T9536] team_slave_0: entered promiscuous mode
10:58:44 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410100000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3232.544727][ T9536] team_slave_1: entered promiscuous mode
[ 3232.561136][ T9539] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:44 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0x300}}}]}, 0x78}}, 0x0)

10:58:44 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410600000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:58:44 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000241201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3232.833020][ T9556] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3232.946117][ T9560] team0: left allmulticast mode
[ 3232.957649][ T9560] team_slave_0: left allmulticast mode
[ 3232.975140][ T9560] team_slave_1: left allmulticast mode
[ 3232.986736][ T9560] team0: left promiscuous mode
[ 3233.007551][ T9560] team_slave_0: left promiscuous mode
[ 3233.020552][ T9560] team_slave_1: left promiscuous mode
[ 3233.041140][ T9560] bridge0: port 9(team0) entered disabled state
[ 3233.073766][ T9560] 8021q: adding VLAN 0 to HW filter on device team0
[ 3233.092743][ T9560] team0: entered promiscuous mode
[ 3233.108728][ T9560] team_slave_0: entered promiscuous mode
[ 3233.124543][ T9560] team_slave_1: entered promiscuous mode
[ 3233.138867][ T9560] team0: entered allmulticast mode
[ 3233.155258][ T9560] team_slave_0: entered allmulticast mode
[ 3233.167974][ T9560] team_slave_1: entered allmulticast mode
[ 3233.192531][ T9560] bond0: (slave team0): Enslaving as an active interface with an up link
10:58:45 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0x500}}}]}, 0x78}}, 0x0)

[ 3233.241319][ T9564] validate_nla: 26 callbacks suppressed
[ 3233.241335][ T9564] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3233.270495][ T9565] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
10:58:45 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000300e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3233.301431][ T9565] bond0: (slave team0): Releasing backup interface
[ 3233.339825][ T9565] team0: left promiscuous mode
[ 3233.345867][ T9565] team_slave_0: left promiscuous mode
10:58:45 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x10, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3233.351623][ T9565] team_slave_1: left promiscuous mode
[ 3233.364612][ T9565] team0: left allmulticast mode
[ 3233.369498][ T9565] team_slave_0: left allmulticast mode
[ 3233.376733][ T9565] team_slave_1: left allmulticast mode
[ 3233.397531][ T9565] bridge0: port 9(team0) entered blocking state
[ 3233.409175][ T9565] bridge0: port 9(team0) entered disabled state
[ 3233.418019][ T9565] team0: entered allmulticast mode
[ 3233.423298][ T9565] team_slave_0: entered allmulticast mode
[ 3233.429876][ T9565] team_slave_1: entered allmulticast mode
[ 3233.439736][ T9565] team0: entered promiscuous mode
[ 3233.445898][ T9565] team_slave_0: entered promiscuous mode
[ 3233.451754][ T9565] team_slave_1: entered promiscuous mode
[ 3233.569445][ T9572] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3233.578395][ T9574] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:45 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0x600}}}]}, 0x78}}, 0x0)

10:58:45 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000500e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3233.629101][ T9575] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
10:58:45 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000251201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3233.766744][ T9581] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3233.779021][ T9580] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:45 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000600e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3233.919416][ T9581] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3233.938417][ T9583] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3233.961076][ T9583] team0: left allmulticast mode
[ 3233.974727][ T9583] team_slave_0: left allmulticast mode
[ 3233.984609][ T9583] team_slave_1: left allmulticast mode
[ 3233.990146][ T9583] team0: left promiscuous mode
[ 3234.007012][ T9583] team_slave_0: left promiscuous mode
[ 3234.025845][ T9583] team_slave_1: left promiscuous mode
[ 3234.042842][ T9583] bridge0: port 9(team0) entered disabled state
[ 3234.068065][ T9583] 8021q: adding VLAN 0 to HW filter on device team0
[ 3234.088838][ T9583] team0: entered promiscuous mode
[ 3234.103551][ T9583] team_slave_0: entered promiscuous mode
[ 3234.122498][ T9583] team_slave_1: entered promiscuous mode
[ 3234.134111][ T9583] team0: entered allmulticast mode
[ 3234.139498][ T9583] team_slave_0: entered allmulticast mode
[ 3234.162516][ T9583] team_slave_1: entered allmulticast mode
[ 3234.177714][ T9583] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3234.187696][ T5101] Bluetooth: hci0: command 0x0409 tx timeout
10:58:46 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0x700}}}]}, 0x78}}, 0x0)

[ 3234.220134][ T9585] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[ 3234.236688][ T9585] bond0: (slave team0): Releasing backup interface
[ 3234.257094][ T9585] team0: left promiscuous mode
[ 3234.272569][ T9585] team_slave_0: left promiscuous mode
[ 3234.279993][ T9585] team_slave_1: left promiscuous mode
[ 3234.292256][ T9585] team0: left allmulticast mode
[ 3234.297678][ T9585] team_slave_0: left allmulticast mode
[ 3234.303722][ T9585] team_slave_1: left allmulticast mode
[ 3234.337404][ T9585] bridge0: port 9(team0) entered blocking state
[ 3234.351768][ T9585] bridge0: port 9(team0) entered disabled state
[ 3234.361594][ T9585] team0: entered allmulticast mode
[ 3234.369684][ T9585] team_slave_0: entered allmulticast mode
[ 3234.377350][ T9585] team_slave_1: entered allmulticast mode
[ 3234.385640][ T9585] team0: entered promiscuous mode
[ 3234.390855][ T9585] team_slave_0: entered promiscuous mode
[ 3234.397566][ T9585] team_slave_1: entered promiscuous mode
10:58:46 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000a00e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3234.452600][ T9589] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3234.474447][ T9590] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[ 3234.488359][ T9593] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:46 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0x900}}}]}, 0x78}}, 0x0)

10:58:46 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000481201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

10:58:46 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000c00e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3234.824408][ T9602] team0: left allmulticast mode
[ 3234.832725][ T9602] team_slave_0: left allmulticast mode
[ 3234.840685][ T9602] team_slave_1: left allmulticast mode
[ 3234.856866][ T9602] team0: left promiscuous mode
[ 3234.870792][ T9602] team_slave_0: left promiscuous mode
[ 3234.886176][ T9602] team_slave_1: left promiscuous mode
[ 3234.907657][ T9602] bridge0: port 9(team0) entered disabled state
[ 3234.931792][ T9602] 8021q: adding VLAN 0 to HW filter on device team0
[ 3234.948338][ T9602] team0: entered promiscuous mode
[ 3234.958840][ T9602] team_slave_0: entered promiscuous mode
[ 3234.986294][ T9602] team_slave_1: entered promiscuous mode
[ 3235.010178][ T9602] team0: entered allmulticast mode
[ 3235.034548][ T9602] team_slave_0: entered allmulticast mode
[ 3235.051514][ T9602] team_slave_1: entered allmulticast mode
[ 3235.074314][ T9602] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3235.254969][ T9605] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3235.299159][ T9606] bond0: (slave team0): Releasing backup interface
[ 3235.310941][ T9606] team0: left promiscuous mode
[ 3235.316138][ T9606] team_slave_0: left promiscuous mode
[ 3235.321718][ T9606] team_slave_1: left promiscuous mode
[ 3235.327875][ T9606] team0: left allmulticast mode
[ 3235.332756][ T9606] team_slave_0: left allmulticast mode
[ 3235.338637][ T9606] team_slave_1: left allmulticast mode
[ 3235.352626][ T9606] bridge0: port 9(team0) entered blocking state
[ 3235.359524][ T9606] bridge0: port 9(team0) entered disabled state
[ 3235.366398][ T9606] team0: entered allmulticast mode
[ 3235.371546][ T9606] team_slave_0: entered allmulticast mode
[ 3235.377563][ T9606] team_slave_1: entered allmulticast mode
[ 3235.385126][ T9606] team0: entered promiscuous mode
[ 3235.391244][ T9606] team_slave_0: entered promiscuous mode
10:58:47 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000f00e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3235.405287][ T9606] team_slave_1: entered promiscuous mode
10:58:47 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0xa00}}}]}, 0x78}}, 0x0)

10:58:47 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba80004c1201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3235.557297][ T9627] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:47 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410884700e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

10:58:47 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0xb00}}}]}, 0x78}}, 0x0)

[ 3235.757203][ T9631] team0: left allmulticast mode
[ 3235.774706][ T9631] team_slave_0: left allmulticast mode
[ 3235.814471][ T9631] team_slave_1: left allmulticast mode
[ 3235.820037][ T9631] team0: left promiscuous mode
[ 3235.860717][ T9631] team_slave_0: left promiscuous mode
[ 3235.876998][ T9631] team_slave_1: left promiscuous mode
[ 3235.892428][ T9631] bridge0: port 9(team0) entered disabled state
[ 3235.916089][ T9631] 8021q: adding VLAN 0 to HW filter on device team0
[ 3235.930743][ T9631] team0: entered promiscuous mode
[ 3235.946115][ T9631] team_slave_0: entered promiscuous mode
[ 3235.960559][ T9631] team_slave_1: entered promiscuous mode
[ 3235.972957][ T9631] team0: entered allmulticast mode
[ 3235.981989][ T9631] team_slave_0: entered allmulticast mode
[ 3235.992237][ T9631] team_slave_1: entered allmulticast mode
[ 3236.010677][ T9631] bond0: (slave team0): Enslaving as an active interface with an up link
[ 3236.043232][ T9632] bond0: (slave team0): Releasing backup interface
[ 3236.053268][ T9632] team0: left promiscuous mode
[ 3236.059461][ T9632] team_slave_0: left promiscuous mode
[ 3236.066491][ T9632] team_slave_1: left promiscuous mode
[ 3236.072468][ T9632] team0: left allmulticast mode
[ 3236.080457][ T9632] team_slave_0: left allmulticast mode
[ 3236.086738][ T9632] team_slave_1: left allmulticast mode
[ 3236.108494][ T9632] bridge0: port 9(team0) entered blocking state
[ 3236.118703][ T9632] bridge0: port 9(team0) entered disabled state
[ 3236.126020][ T9632] team0: entered allmulticast mode
[ 3236.133807][ T9632] team_slave_0: entered allmulticast mode
[ 3236.140367][ T9632] team_slave_1: entered allmulticast mode
[ 3236.151307][ T9632] team0: entered promiscuous mode
[ 3236.159639][ T9632] team_slave_0: entered promiscuous mode
[ 3236.170238][ T9632] team_slave_1: entered promiscuous mode
10:58:48 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410884800e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3236.214422][ T9639] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3236.264707][ T5101] Bluetooth: hci0: command 0x041b tx timeout
10:58:48 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0xc00}}}]}, 0x78}}, 0x0)

10:58:48 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410655800e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3236.337297][ T9542] chnl_net:caif_netlink_parms(): no params data found
10:58:48 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x11, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3236.419068][ T9645] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
10:58:48 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000601201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

[ 3238.363952][ T5101] Bluetooth: hci0: command 0x040f tx timeout
10:58:51 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x14, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3240.424506][ T5101] Bluetooth: hci0: command 0x0419 tx timeout
10:58:54 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x15, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3244.349556][T13499] hsr_slave_0: left promiscuous mode
[ 3244.356444][T13499] hsr_slave_1: left promiscuous mode
[ 3244.363084][T13499] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 3244.372374][T13499] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 3244.386034][T13499] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 3244.404434][T13499] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 3244.429928][T13499] bridge_slave_1: left allmulticast mode
[ 3244.437805][T13499] bridge_slave_1: left promiscuous mode
[ 3244.443706][T13499] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3244.454541][T13499] bridge_slave_0: left allmulticast mode
[ 3244.460245][T13499] bridge_slave_0: left promiscuous mode
[ 3244.467296][T13499] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3244.504592][T13499] veth1_macvtap: left promiscuous mode
[ 3244.512727][T13499] veth0_macvtap: left promiscuous mode
[ 3244.520898][T13499] veth1_vlan: left promiscuous mode
10:58:57 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x48, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

10:59:00 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x60, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

10:59:03 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x300, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

10:59:06 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x500, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

10:59:09 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x600, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

10:59:12 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x700, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

10:59:15 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x900, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

10:59:18 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x2}, 0x0, 0xf00}}}]}, 0x78}}, 0x0)

10:59:18 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410006000e3bd6efb400109000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

[ 3266.507639][ T1239] ieee802154 phy0 wpan0: encryption failed: -22
[ 3266.514499][ T1239] ieee802154 phy1 wpan1: encryption failed: -22
10:59:18 executing program 2:
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', <r1=>0x0, 0x10, 0x7800, 0x3, 0x1f, {{0x28, 0x4, 0x1, 0x0, 0xa0, 0x66, 0x0, 0xf8, 0x29, 0x0, @empty, @broadcast, {[@noop, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x24, 0xeb, 0x3, 0x9, [{@local, 0x3}, {@local, 0x6}, {@multicast1, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @end, @timestamp_addr={0x44, 0x44, 0x93, 0x1, 0xd, [{@rand_addr=0x64010102}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x48fff2bf}, {@multicast1, 0x7ff}, {@empty, 0x100}, {@remote, 0x3}, {@rand_addr=0x64010100, 0x401}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8001}, {@broadcast, 0xfffffff9}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x7, [0x8, 0x7fff, 0x2, 0x4, 0x0, 0x33c0]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_deladdrlabel={0x4c, 0x49, 0x4, 0x70bd2c, 0x25dfdbff, {0xa, 0x0, 0x1f, 0x0, r1}, [@IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_ADDRESS={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40014}, 0x840)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x2600, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000681201", 0x2e}], 0x1}, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)

10:59:18 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0xa00, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3267.211830][ T5114] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 3267.236584][ T5114] CPU: 1 PID: 5114 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3267.246964][ T5114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3267.257035][ T5114] Call Trace:
[ 3267.260326][ T5114]  <TASK>
[ 3267.263273][ T5114]  dump_stack_lvl+0x1e7/0x2e0
[ 3267.267981][ T5114]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3267.273204][ T5114]  ? __pfx__printk+0x10/0x10
[ 3267.277811][ T5114]  ? ___ratelimit+0x4c4/0x670
[ 3267.282526][ T5114]  ? __pfx____ratelimit+0x10/0x10
[ 3267.287584][ T5114]  dump_header+0xda/0x6a0
[ 3267.291941][ T5114]  oom_kill_process+0x3a7/0x930
[ 3267.296808][ T5114]  out_of_memory+0xf67/0x1320
[ 3267.301483][ T5114]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3267.307114][ T5114]  ? __pfx___mutex_lock+0x10/0x10
[ 3267.312155][ T5114]  ? __pfx_out_of_memory+0x10/0x10
[ 3267.317279][ T5114]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3267.322823][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3267.327845][ T5114]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3267.333914][ T5114]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3267.339123][ T5114]  ? mem_cgroup_iter+0x422/0x560
[ 3267.344063][ T5114]  try_charge_memcg+0xda2/0x18a0
[ 3267.348993][ T5114]  ? mark_lock+0x9a/0x350
[ 3267.353332][ T5114]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3267.358717][ T5114]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3267.364862][ T5114]  charge_memcg+0xa2/0x160
[ 3267.369276][ T5114]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3267.375337][ T5114]  __read_swap_cache_async+0x480/0x8b0
[ 3267.380788][ T5114]  ? mark_lock+0x9a/0x350
[ 3267.385119][ T5114]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3267.391109][ T5114]  swap_cluster_readahead+0x67c/0x810
[ 3267.396486][ T5114]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3267.402373][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3267.407391][ T5114]  ? xas_descend+0x37e/0x470
[ 3267.411991][ T5114]  swapin_readahead+0x1ea/0x1070
[ 3267.416921][ T5114]  ? filemap_get_entry+0x127/0x4e0
[ 3267.422034][ T5114]  ? __pfx_swapin_readahead+0x10/0x10
[ 3267.427405][ T5114]  ? __filemap_get_folio+0x935/0xbc0
[ 3267.432691][ T5114]  ? swap_cache_get_folio+0x9f/0x570
[ 3267.437981][ T5114]  do_swap_page+0x8ab/0x3da0
[ 3267.442575][ T5114]  ? __pte_offset_map+0x2c4/0x380
[ 3267.447603][ T5114]  ? do_swap_page+0x154/0x3da0
[ 3267.452364][ T5114]  ? __pfx_do_swap_page+0x10/0x10
[ 3267.457382][ T5114]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3267.462838][ T5114]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3267.468634][ T5114]  ? __pfx_validate_chain+0x10/0x10
[ 3267.473831][ T5114]  __handle_mm_fault+0x15e8/0x72d0
[ 3267.478961][ T5114]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3267.484436][ T5114]  ? mt_find+0x226/0x850
[ 3267.488682][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3267.493710][ T5114]  ? mt_find+0x62d/0x850
[ 3267.497949][ T5114]  ? mt_find+0x226/0x850
[ 3267.502200][ T5114]  ? find_vma+0x142/0x1c0
[ 3267.506521][ T5114]  ? __pfx_find_vma+0x10/0x10
[ 3267.511186][ T5114]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3267.517160][ T5114]  handle_mm_fault+0x3c1/0x8a0
[ 3267.521923][ T5114]  exc_page_fault+0x2ad/0x870
[ 3267.526598][ T5114]  asm_exc_page_fault+0x26/0x30
[ 3267.531446][ T5114] RIP: 0010:__get_user_8+0x11/0x20
[ 3267.536548][ T5114] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 3267.556144][ T5114] RSP: 0018:ffffc90003cefd98 EFLAGS: 00050202
[ 3267.562203][ T5114] RAX: 0000555557511da8 RBX: ffff888025e49538 RCX: ffffc90003cefc03
[ 3267.570177][ T5114] RDX: 0000000000000000 RSI: ffffffff8baac760 RDI: ffffffff8bfe6820
[ 3267.578137][ T5114] RBP: ffffc90003cefec8 R08: ffffffff8f855a6f R09: 1ffffffff1f0ab4d
[ 3267.586098][ T5114] R10: dffffc0000000000 R11: fffffbfff1f0ab4e R12: ffffc90003cefda0
[ 3267.594059][ T5114] R13: ffffc90003ceffd8 R14: dffffc0000000000 R15: ffff888025e48000
[ 3267.602033][ T5114]  __rseq_handle_notify_resume+0x158/0x1490
[ 3267.607933][ T5114]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 3267.614258][ T5114]  ? syscall_exit_to_user_mode+0xa2/0x370
[ 3267.619970][ T5114]  syscall_exit_to_user_mode+0x113/0x370
[ 3267.625599][ T5114]  do_syscall_64+0x108/0x240
[ 3267.630188][ T5114]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3267.636081][ T5114] RIP: 0033:0x7fa2eb4a91b5
[ 3267.640484][ T5114] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[ 3267.660080][ T5114] RSP: 002b:00007fa2eb6cfcf0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 3267.668484][ T5114] RAX: 0000000000000000 RBX: 000000000000678f RCX: 00007fa2eb4a91b5
[ 3267.676442][ T5114] RDX: 00007fa2eb6cfd30 RSI: 0000000000000000 RDI: 0000000000000000
[ 3267.684414][ T5114] RBP: 00007fa2eb6cfdbc R08: 0000000000000000 R09: 00007ffcc99b80b0
[ 3267.692389][ T5114] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 3267.700350][ T5114] R13: 000000000031d98e R14: 000000000031d98e R15: 0000000000000000
[ 3267.708326][ T5114]  </TASK>
[ 3267.936477][ T5114] memory: usage 307200kB, limit 307200kB, failcnt 332808
[ 3267.943569][ T5114] memory+swap: usage 308012kB, limit 9007199254740988kB, failcnt 0
[ 3267.993325][ T5114] kmem: usage 307168kB, limit 9007199254740988kB, failcnt 0
[ 3268.031693][ T5114] Memory cgroup stats for /syz3:
[ 3268.031828][ T5114] cache 0
[ 3268.060319][ T5114] rss 0
[ 3268.067024][ T5114] rss_huge 0
[ 3268.070262][ T5114] shmem 0
[ 3268.073205][ T5114] mapped_file 0
[ 3268.110636][ T5114] dirty 0
[ 3268.113645][ T5114] writeback 0
[ 3268.122114][ T5114] workingset_refault_anon 263074
[ 3268.131108][ T5114] workingset_refault_file 72
[ 3268.136236][ T5114] swap 864256
[ 3268.139532][ T5114] swapcached 0
[ 3268.142910][ T5114] pgpgin 1961787
[ 3268.148697][ T5114] pgpgout 1961787
[ 3268.152355][ T5114] pgfault 3432912
[ 3268.157254][ T5114] pgmajfault 214412
[ 3268.161112][ T5114] inactive_anon 0
[ 3268.165574][ T5114] active_anon 0
[ 3268.169046][ T5114] inactive_file 0
[ 3268.172715][ T5114] active_file 0
[ 3268.181248][ T5114] unevictable 0
[ 3268.194706][ T5114] hierarchical_memory_limit 314572800
[ 3268.200107][ T5114] hierarchical_memsw_limit 9223372036854771712
[ 3268.234504][ T5114] total_cache 0
[ 3268.238005][ T5114] total_rss 0
[ 3268.241290][ T5114] total_rss_huge 0
[ 3268.274143][ T5114] total_shmem 0
[ 3268.277636][ T5114] total_mapped_file 0
[ 3268.281619][ T5114] total_dirty 0
[ 3268.304201][ T5114] total_writeback 0
[ 3268.308047][ T5114] total_workingset_refault_anon 263074
[ 3268.313514][ T5114] total_workingset_refault_file 72
[ 3268.335633][ T5114] total_swap 864256
[ 3268.354279][ T5114] total_swapcached 0
[ 3268.358213][ T5114] total_pgpgin 1961787
[ 3268.389567][ T5114] total_pgpgout 1961787
[ 3268.393769][ T5114] total_pgfault 3432912
[ 3268.416326][ T5114] total_pgmajfault 214412
[ 3268.420704][ T5114] total_inactive_anon 0
[ 3268.436266][ T5114] total_active_anon 0
[ 3268.440324][ T5114] total_inactive_file 0
[ 3268.479094][ T5114] total_active_file 0
[ 3268.483129][ T5114] total_unevictable 0
[ 3268.510203][ T5114] anon_cost 0
[ 3268.513549][ T5114] file_cost 0
[ 3268.525922][ T5114] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9674,uid=0
[ 3268.549686][ T9535] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 3268.559962][ T9535] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 3268.568502][ T9535] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
10:59:20 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0xb00, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3268.584855][ T9535] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 3268.594965][ T9535] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 3268.597580][ T5114] Memory cgroup out of memory: Killed process 9674 (syz-executor.3) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3268.620192][ T9535] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 3268.795871][ T5114] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 3268.814230][ T5114] CPU: 1 PID: 5114 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3268.824776][ T5114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3268.834856][ T5114] Call Trace:
[ 3268.838151][ T5114]  <TASK>
[ 3268.841097][ T5114]  dump_stack_lvl+0x1e7/0x2e0
[ 3268.845811][ T5114]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3268.851033][ T5114]  ? __pfx__printk+0x10/0x10
[ 3268.855641][ T5114]  ? ___ratelimit+0x4c4/0x670
[ 3268.860344][ T5114]  ? __pfx____ratelimit+0x10/0x10
[ 3268.865406][ T5114]  dump_header+0xda/0x6a0
[ 3268.869777][ T5114]  oom_kill_process+0x3a7/0x930
[ 3268.874660][ T5114]  out_of_memory+0xf67/0x1320
[ 3268.879356][ T5114]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3268.885010][ T5114]  ? __pfx___mutex_lock+0x10/0x10
[ 3268.890075][ T5114]  ? __pfx_out_of_memory+0x10/0x10
[ 3268.895218][ T5114]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3268.900788][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3268.905844][ T5114]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3268.911940][ T5114]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3268.917155][ T5114]  ? mem_cgroup_iter+0x422/0x560
[ 3268.922091][ T5114]  try_charge_memcg+0xda2/0x18a0
[ 3268.927020][ T5114]  ? mark_lock+0x9a/0x350
[ 3268.931357][ T5114]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3268.936737][ T5114]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3268.942878][ T5114]  charge_memcg+0xa2/0x160
[ 3268.947289][ T5114]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3268.953347][ T5114]  __read_swap_cache_async+0x480/0x8b0
[ 3268.958801][ T5114]  ? mark_lock+0x9a/0x350
[ 3268.963127][ T5114]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3268.969109][ T5114]  swap_cluster_readahead+0x67c/0x810
[ 3268.974487][ T5114]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3268.980377][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3268.985401][ T5114]  ? xas_descend+0x37e/0x470
[ 3268.989991][ T5114]  swapin_readahead+0x1ea/0x1070
[ 3268.994936][ T5114]  ? filemap_get_entry+0x127/0x4e0
[ 3269.000052][ T5114]  ? __pfx_swapin_readahead+0x10/0x10
[ 3269.005423][ T5114]  ? __filemap_get_folio+0x935/0xbc0
[ 3269.010704][ T5114]  ? swap_cache_get_folio+0x9f/0x570
[ 3269.015986][ T5114]  do_swap_page+0x8ab/0x3da0
[ 3269.020572][ T5114]  ? __pte_offset_map+0x2c4/0x380
[ 3269.025592][ T5114]  ? do_swap_page+0x154/0x3da0
[ 3269.030345][ T5114]  ? __pfx_do_swap_page+0x10/0x10
[ 3269.035361][ T5114]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3269.040814][ T5114]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3269.046610][ T5114]  ? __pfx_validate_chain+0x10/0x10
[ 3269.051806][ T5114]  __handle_mm_fault+0x15e8/0x72d0
[ 3269.056940][ T5114]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3269.062394][ T5114]  ? mt_find+0x226/0x850
[ 3269.066634][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3269.071666][ T5114]  ? mt_find+0x62d/0x850
[ 3269.075904][ T5114]  ? mt_find+0x226/0x850
[ 3269.080157][ T5114]  ? find_vma+0x142/0x1c0
[ 3269.084480][ T5114]  ? __pfx_find_vma+0x10/0x10
[ 3269.089149][ T5114]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3269.095124][ T5114]  handle_mm_fault+0x3c1/0x8a0
[ 3269.099885][ T5114]  exc_page_fault+0x2ad/0x870
[ 3269.104559][ T5114]  asm_exc_page_fault+0x26/0x30
[ 3269.109405][ T5114] RIP: 0010:__get_user_8+0x11/0x20
[ 3269.114511][ T5114] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 3269.134118][ T5114] RSP: 0000:ffffc90003cefd98 EFLAGS: 00050202
[ 3269.140177][ T5114] RAX: 0000555557511da8 RBX: ffff888025e49538 RCX: ffffc90003cefc03
[ 3269.148136][ T5114] RDX: 0000000000000000 RSI: ffffffff8baac760 RDI: ffffffff8bfe6820
[ 3269.156096][ T5114] RBP: ffffc90003cefec8 R08: ffffffff8f855a6f R09: 1ffffffff1f0ab4d
[ 3269.164063][ T5114] R10: dffffc0000000000 R11: fffffbfff1f0ab4e R12: ffffc90003cefda0
[ 3269.172034][ T5114] R13: ffffc90003ceffd8 R14: dffffc0000000000 R15: ffff888025e48000
[ 3269.180008][ T5114]  __rseq_handle_notify_resume+0x158/0x1490
[ 3269.185912][ T5114]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 3269.192238][ T5114]  ? syscall_exit_to_user_mode+0xa2/0x370
[ 3269.197957][ T5114]  syscall_exit_to_user_mode+0x113/0x370
[ 3269.203584][ T5114]  do_syscall_64+0x108/0x240
[ 3269.208170][ T5114]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3269.214062][ T5114] RIP: 0033:0x7fa2eb4a91b5
[ 3269.218474][ T5114] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[ 3269.238083][ T5114] RSP: 002b:00007fa2eb6cfcf0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 3269.246498][ T5114] RAX: 0000000000000000 RBX: 0000000000006791 RCX: 00007fa2eb4a91b5
[ 3269.254464][ T5114] RDX: 00007fa2eb6cfd30 RSI: 0000000000000000 RDI: 0000000000000000
[ 3269.262432][ T5114] RBP: 00007fa2eb6cfdbc R08: 0000000000000000 R09: 00007ffcc99b80b0
[ 3269.270400][ T5114] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 3269.278387][ T5114] R13: 000000000031e02c R14: 000000000031e02c R15: 0000000000000000
[ 3269.286388][ T5114]  </TASK>
[ 3269.311292][ T5114] memory: usage 307200kB, limit 307200kB, failcnt 333649
[ 3269.334266][ T5114] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3269.394133][ T5114] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[ 3269.401460][ T5114] Memory cgroup stats for /syz3:
[ 3269.401593][ T5114] cache 0
[ 3269.444203][ T5114] rss 12288
[ 3269.447373][ T5114] rss_huge 0
[ 3269.450576][ T5114] shmem 0
[ 3269.453511][ T5114] mapped_file 0
[ 3269.489382][ T5114] dirty 0
[ 3269.504176][ T5114] writeback 0
[ 3269.507501][ T5114] workingset_refault_anon 263549
[ 3269.512455][ T5114] workingset_refault_file 72
[ 3269.556108][ T5114] swap 819200
[ 3269.559447][ T5114] swapcached 0
[ 3269.562820][ T5114] pgpgin 1962280
[ 3269.597436][ T5114] pgpgout 1962277
[ 3269.601119][ T5114] pgfault 3433548
[ 3269.644175][ T5114] pgmajfault 214870
[ 3269.648045][ T5114] inactive_anon 0
[ 3269.665573][ T5114] active_anon 12288
[ 3269.669418][ T5114] inactive_file 0
[ 3269.673052][ T5114] active_file 0
[ 3269.735437][ T5114] unevictable 0
[ 3269.738944][ T5114] hierarchical_memory_limit 314572800
[ 3269.746330][ T5114] hierarchical_memsw_limit 9223372036854771712
[ 3269.752554][ T5114] total_cache 0
[ 3269.760180][ T5114] total_rss 12288
[ 3269.773365][ T5114] total_rss_huge 0
[ 3269.777767][ T5114] total_shmem 0
[ 3269.781247][ T5114] total_mapped_file 0
[ 3269.785850][ T5114] total_dirty 0
[ 3269.789318][ T5114] total_writeback 0
[ 3269.793124][ T5114] total_workingset_refault_anon 263549
[ 3269.809067][ T5114] total_workingset_refault_file 72
[ 3269.821022][ T9535] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 3269.828948][ T5114] total_swap 819200
[ 3269.832773][ T5114] total_swapcached 0
[ 3269.843530][ T5114] total_pgpgin 1962280
[ 3269.843584][ T9535] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 3269.851758][ T5114] total_pgpgout 1962277
[ 3269.863036][ T5114] total_pgfault 3433548
[ 3269.868631][ T9535] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 3269.883343][ T5114] total_pgmajfault 214870
[ 3269.888238][ T5114] total_inactive_anon 0
[ 3269.896237][ T6454] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 3269.905640][ T6454] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 3269.913611][ T6454] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 3269.916031][ T5114] total_active_anon 12288
[ 3269.923705][ T6454] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 3269.934180][ T5114] total_inactive_file 0
[ 3269.935845][ T6454] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 3269.941478][ T5114] total_active_file 0
[ 3269.959165][ T6454] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 3269.967567][ T5114] total_unevictable 0
[ 3269.971688][ T5114] anon_cost 0
[ 3269.976798][ T5114] file_cost 0
[ 3269.980189][ T5114] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9680,uid=0
[ 3269.996820][ T5114] Memory cgroup out of memory: Killed process 9680 (syz-executor.3) total-vm:54640kB, anon-rss:388kB, file-rss:8896kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3270.015141][ T6454] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 3270.027470][ T6454] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
10:59:21 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0xc00, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3270.036793][ T6454] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 3270.166794][ T9691] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3270.178059][ T9691] CPU: 1 PID: 9691 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3270.188394][ T9691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3270.198447][ T9691] Call Trace:
[ 3270.201716][ T9691]  <TASK>
[ 3270.204644][ T9691]  dump_stack_lvl+0x1e7/0x2e0
[ 3270.209337][ T9691]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3270.214527][ T9691]  ? __pfx__printk+0x10/0x10
[ 3270.219103][ T9691]  ? ___ratelimit+0x4c4/0x670
[ 3270.223770][ T9691]  ? __pfx____ratelimit+0x10/0x10
[ 3270.228780][ T9691]  dump_header+0xda/0x6a0
[ 3270.233100][ T9691]  oom_kill_process+0x3a7/0x930
[ 3270.237960][ T9691]  out_of_memory+0xf67/0x1320
[ 3270.242660][ T9691]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3270.248309][ T9691]  ? __pfx___mutex_lock+0x10/0x10
[ 3270.253349][ T9691]  ? __pfx_out_of_memory+0x10/0x10
[ 3270.258462][ T9691]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3270.263998][ T9691]  ? __pfx_lock_release+0x10/0x10
[ 3270.269012][ T9691]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3270.275068][ T9691]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3270.280255][ T9691]  ? mem_cgroup_iter+0x422/0x560
[ 3270.285195][ T9691]  try_charge_memcg+0xda2/0x18a0
[ 3270.290162][ T9691]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3270.295529][ T9691]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3270.301242][ T9691]  ? __pfx_lock_release+0x10/0x10
[ 3270.306260][ T9691]  ? memcg_account_kmem+0x1e7/0x210
[ 3270.311460][ T9691]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3270.318999][ T9691]  __memcg_kmem_charge_page+0xe1/0x250
[ 3270.324455][ T9691]  memcg_charge_kernel_stack+0x3f8/0x550
[ 3270.330086][ T9691]  dup_task_struct+0x15d/0x7d0
[ 3270.334857][ T9691]  copy_process+0x5d5/0x3fc0
[ 3270.339448][ T9691]  ? __might_fault+0xa9/0x120
[ 3270.344117][ T9691]  ? __pfx_lock_release+0x10/0x10
[ 3270.349139][ T9691]  ? __pfx_copy_process+0x10/0x10
[ 3270.354152][ T9691]  ? __might_fault+0xc5/0x120
[ 3270.358822][ T9691]  ? __asan_memset+0x23/0x50
[ 3270.363422][ T9691]  kernel_clone+0x21d/0x8d0
[ 3270.367939][ T9691]  ? __pfx_kernel_clone+0x10/0x10
[ 3270.372985][ T9691]  __se_sys_clone3+0x2cb/0x350
[ 3270.377812][ T9691]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3270.383123][ T9691]  ? do_syscall_64+0x108/0x240
[ 3270.387893][ T9691]  ? do_syscall_64+0xb4/0x240
[ 3270.392572][ T9691]  do_syscall_64+0xf9/0x240
[ 3270.397080][ T9691]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3270.402981][ T9691] RIP: 0033:0x7fa2eb4a9b99
[ 3270.407394][ T9691] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3270.426995][ T9691] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3270.435405][ T9691] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3270.443367][ T9691] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3270.451326][ T9691] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3270.459287][ T9691] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3270.467245][ T9691] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3270.475225][ T9691]  </TASK>
[ 3270.500664][ T9691] memory: usage 307200kB, limit 307200kB, failcnt 334036
[ 3270.508184][ T9691] memory+swap: usage 308044kB, limit 9007199254740988kB, failcnt 0
[ 3270.517426][ T9691] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3270.529219][ T9691] Memory cgroup stats for /syz3:
[ 3270.529325][ T9691] cache 0
[ 3270.538819][ T9691] rss 20480
[ 3270.541949][ T9691] rss_huge 0
[ 3270.545580][ T9691] shmem 0
[ 3270.548534][ T9691] mapped_file 0
[ 3270.551989][ T9691] dirty 0
[ 3270.555357][ T9691] writeback 0
[ 3270.558645][ T9691] workingset_refault_anon 263642
[ 3270.563582][ T9691] workingset_refault_file 72
[ 3270.568569][ T9691] swap 835584
[ 3270.571865][ T9691] swapcached 8192
[ 3270.575896][ T9691] pgpgin 1962403
[ 3270.579448][ T9691] pgpgout 1962396
[ 3270.583060][ T9691] pgfault 3433733
[ 3270.587043][ T9691] pgmajfault 214979
[ 3270.590854][ T9691] inactive_anon 16384
[ 3270.595272][ T9691] active_anon 0
[ 3270.598737][ T9691] inactive_file 0
[ 3270.602359][ T9691] active_file 0
[ 3270.607394][ T9691] unevictable 0
[ 3270.610863][ T9691] hierarchical_memory_limit 314572800
[ 3270.617317][ T9691] hierarchical_memsw_limit 9223372036854771712
[ 3270.623477][ T9691] total_cache 0
[ 3270.627367][ T9691] total_rss 20480
[ 3270.631009][ T9691] total_rss_huge 0
[ 3270.635932][ T9691] total_shmem 0
[ 3270.644885][ T9691] total_mapped_file 0
[ 3270.648918][ T9691] total_dirty 0
[ 3270.652384][ T9691] total_writeback 0
[ 3270.656563][ T9691] total_workingset_refault_anon 263642
[ 3270.662021][ T9691] total_workingset_refault_file 72
[ 3270.667250][ T6454] Bluetooth: hci1: command 0x0409 tx timeout
[ 3270.673425][ T9691] total_swap 835584
[ 3270.677566][ T9691] total_swapcached 8192
[ 3270.681721][ T9691] total_pgpgin 1962403
[ 3270.686397][ T9691] total_pgpgout 1962396
[ 3270.690555][ T9691] total_pgfault 3433733
[ 3270.695492][ T9691] total_pgmajfault 214979
[ 3270.699824][ T9691] total_inactive_anon 16384
[ 3270.705045][ T9691] total_active_anon 0
[ 3270.709033][ T9691] total_inactive_file 0
[ 3270.713168][ T9691] total_active_file 0
10:59:22 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0xf00, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3270.719247][ T9691] total_unevictable 0
[ 3270.723246][ T9691] anon_cost 0
[ 3270.727887][ T9691] file_cost 0
[ 3270.731187][ T9691] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9691,uid=0
[ 3270.748140][ T9691] Memory cgroup out of memory: Killed process 9691 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3270.869616][ T5114] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 3270.881595][ T5114] CPU: 1 PID: 5114 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3270.891940][ T5114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3270.901989][ T5114] Call Trace:
[ 3270.905261][ T5114]  <TASK>
[ 3270.908184][ T5114]  dump_stack_lvl+0x1e7/0x2e0
[ 3270.912859][ T5114]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3270.918049][ T5114]  ? __pfx__printk+0x10/0x10
[ 3270.922631][ T5114]  ? ___ratelimit+0x4c4/0x670
[ 3270.927309][ T5114]  ? __pfx____ratelimit+0x10/0x10
[ 3270.932331][ T5114]  dump_header+0xda/0x6a0
[ 3270.936658][ T5114]  oom_kill_process+0x3a7/0x930
[ 3270.941503][ T5114]  out_of_memory+0xf67/0x1320
[ 3270.946175][ T5114]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3270.951799][ T5114]  ? __pfx___mutex_lock+0x10/0x10
[ 3270.956822][ T5114]  ? __pfx_out_of_memory+0x10/0x10
[ 3270.961931][ T5114]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3270.967469][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3270.972488][ T5114]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3270.978548][ T5114]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3270.983735][ T5114]  ? mem_cgroup_iter+0x422/0x560
[ 3270.988666][ T5114]  try_charge_memcg+0xda2/0x18a0
[ 3270.993591][ T5114]  ? mark_lock+0x9a/0x350
[ 3270.997927][ T5114]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3271.003342][ T5114]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3271.009489][ T5114]  charge_memcg+0xa2/0x160
[ 3271.013912][ T5114]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3271.019985][ T5114]  __read_swap_cache_async+0x480/0x8b0
[ 3271.025440][ T5114]  ? mark_lock+0x9a/0x350
[ 3271.029767][ T5114]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3271.036197][ T5114]  swap_cluster_readahead+0x67c/0x810
[ 3271.041571][ T5114]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3271.047461][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3271.052480][ T5114]  ? xas_descend+0x37e/0x470
[ 3271.057067][ T5114]  swapin_readahead+0x1ea/0x1070
[ 3271.062000][ T5114]  ? filemap_get_entry+0x127/0x4e0
[ 3271.067123][ T5114]  ? __pfx_swapin_readahead+0x10/0x10
[ 3271.072494][ T5114]  ? __filemap_get_folio+0x935/0xbc0
[ 3271.077776][ T5114]  ? swap_cache_get_folio+0x9f/0x570
[ 3271.083054][ T5114]  do_swap_page+0x8ab/0x3da0
[ 3271.087640][ T5114]  ? __pte_offset_map+0x2c4/0x380
[ 3271.092664][ T5114]  ? do_swap_page+0x154/0x3da0
[ 3271.097422][ T5114]  ? __pfx_do_swap_page+0x10/0x10
[ 3271.102434][ T5114]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3271.107884][ T5114]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3271.113682][ T5114]  ? __pfx_validate_chain+0x10/0x10
[ 3271.118877][ T5114]  __handle_mm_fault+0x15e8/0x72d0
[ 3271.124022][ T5114]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3271.129489][ T5114]  ? mt_find+0x226/0x850
[ 3271.133725][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3271.138757][ T5114]  ? mt_find+0x62d/0x850
[ 3271.142993][ T5114]  ? mt_find+0x226/0x850
[ 3271.147263][ T5114]  ? find_vma+0x142/0x1c0
[ 3271.151595][ T5114]  ? __pfx_find_vma+0x10/0x10
[ 3271.156270][ T5114]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3271.162258][ T5114]  handle_mm_fault+0x3c1/0x8a0
[ 3271.167025][ T5114]  exc_page_fault+0x2ad/0x870
[ 3271.171705][ T5114]  asm_exc_page_fault+0x26/0x30
[ 3271.176552][ T5114] RIP: 0010:__get_user_8+0x11/0x20
[ 3271.181656][ T5114] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 3271.201257][ T5114] RSP: 0018:ffffc90003cefd98 EFLAGS: 00050202
[ 3271.207319][ T5114] RAX: 0000555557511da8 RBX: ffff888025e49538 RCX: ffffc90003cefc03
[ 3271.215297][ T5114] RDX: 0000000000000000 RSI: ffffffff8baac760 RDI: ffffffff8bfe6820
[ 3271.223269][ T5114] RBP: ffffc90003cefec8 R08: ffffffff8f855a6f R09: 1ffffffff1f0ab4d
[ 3271.231241][ T5114] R10: dffffc0000000000 R11: fffffbfff1f0ab4e R12: ffffc90003cefda0
[ 3271.239217][ T5114] R13: ffffc90003ceffd8 R14: dffffc0000000000 R15: ffff888025e48000
[ 3271.247199][ T5114]  __rseq_handle_notify_resume+0x158/0x1490
[ 3271.253103][ T5114]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 3271.259431][ T5114]  ? syscall_exit_to_user_mode+0xa2/0x370
[ 3271.265146][ T5114]  syscall_exit_to_user_mode+0x113/0x370
[ 3271.270773][ T5114]  do_syscall_64+0x108/0x240
[ 3271.275365][ T5114]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3271.281252][ T5114] RIP: 0033:0x7fa2eb4a91b5
[ 3271.285659][ T5114] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[ 3271.305254][ T5114] RSP: 002b:00007fa2eb6cfcf0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 3271.313659][ T5114] RAX: 0000000000000000 RBX: 0000000000006795 RCX: 00007fa2eb4a91b5
[ 3271.321622][ T5114] RDX: 00007fa2eb6cfd30 RSI: 0000000000000000 RDI: 0000000000000000
[ 3271.329581][ T5114] RBP: 00007fa2eb6cfdbc R08: 0000000000000000 R09: 00007ffcc99b80b0
[ 3271.337549][ T5114] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 3271.345512][ T5114] R13: 000000000031e882 R14: 000000000031e882 R15: 0000000000000000
[ 3271.353485][ T5114]  </TASK>
[ 3271.372475][ T5114] memory: usage 307200kB, limit 307200kB, failcnt 334250
[ 3271.387389][ T5114] memory+swap: usage 308020kB, limit 9007199254740988kB, failcnt 0
[ 3271.395928][ T5114] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3271.403222][ T5114] Memory cgroup stats for /syz3:
[ 3271.403303][ T5114] cache 0
[ 3271.411711][ T5114] rss 0
[ 3271.414830][ T5114] rss_huge 0
[ 3271.418032][ T5114] shmem 0
[ 3271.420954][ T5114] mapped_file 0
[ 3271.424758][ T5114] dirty 0
[ 3271.427705][ T5114] writeback 0
[ 3271.430990][ T5114] workingset_refault_anon 263736
[ 3271.436796][ T5114] workingset_refault_file 72
[ 3271.441392][ T5114] swap 839680
[ 3271.445045][ T5114] swapcached 0
[ 3271.448417][ T5114] pgpgin 1962509
[ 3271.451963][ T5114] pgpgout 1962509
[ 3271.455792][ T5114] pgfault 3433887
[ 3271.459405][ T5114] pgmajfault 215071
[ 3271.463188][ T5114] inactive_anon 0
[ 3271.468419][ T5114] active_anon 0
[ 3271.471889][ T5114] inactive_file 0
[ 3271.475872][ T5114] active_file 0
[ 3271.479336][ T5114] unevictable 0
[ 3271.482795][ T5114] hierarchical_memory_limit 314572800
[ 3271.490198][ T5114] hierarchical_memsw_limit 9223372036854771712
[ 3271.497222][ T5114] total_cache 0
[ 3271.500696][ T5114] total_rss 0
[ 3271.504985][ T5114] total_rss_huge 0
[ 3271.508717][ T5114] total_shmem 0
[ 3271.512168][ T5114] total_mapped_file 0
[ 3271.517009][ T5114] total_dirty 0
[ 3271.520477][ T5114] total_writeback 0
[ 3271.524814][ T5114] total_workingset_refault_anon 263736
[ 3271.530270][ T5114] total_workingset_refault_file 72
[ 3271.536242][ T5114] total_swap 839680
[ 3271.540447][ T5114] total_swapcached 0
[ 3271.544628][ T5114] total_pgpgin 1962509
[ 3271.548696][ T5114] total_pgpgout 1962509
[ 3271.552844][ T5114] total_pgfault 3433887
[ 3271.557600][ T5114] total_pgmajfault 215071
[ 3271.561931][ T5114] total_inactive_anon 0
[ 3271.566457][ T5114] total_active_anon 0
[ 3271.570446][ T5114] total_inactive_file 0
[ 3271.575067][ T5114] total_active_file 0
[ 3271.579061][ T5114] total_unevictable 0
[ 3271.583043][ T5114] anon_cost 0
[ 3271.588461][ T5114] file_cost 0
[ 3271.591758][ T5114] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9693,uid=0
10:59:23 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x1100, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3271.607730][ T5114] Memory cgroup out of memory: Killed process 9693 (syz-executor.3) total-vm:54508kB, anon-rss:388kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3271.835211][ T9694] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3271.846913][ T9694] CPU: 0 PID: 9694 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3271.857264][ T9694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3271.867300][ T9694] Call Trace:
[ 3271.870562][ T9694]  <TASK>
[ 3271.873478][ T9694]  dump_stack_lvl+0x1e7/0x2e0
[ 3271.878144][ T9694]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3271.883325][ T9694]  ? __pfx__printk+0x10/0x10
[ 3271.887898][ T9694]  ? ___ratelimit+0x4c4/0x670
[ 3271.892560][ T9694]  ? __pfx____ratelimit+0x10/0x10
[ 3271.897576][ T9694]  dump_header+0xda/0x6a0
[ 3271.901904][ T9694]  oom_kill_process+0x3a7/0x930
[ 3271.906752][ T9694]  out_of_memory+0xf67/0x1320
[ 3271.911421][ T9694]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3271.917049][ T9694]  ? __pfx___mutex_lock+0x10/0x10
[ 3271.922069][ T9694]  ? __pfx_out_of_memory+0x10/0x10
[ 3271.927177][ T9694]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3271.932713][ T9694]  ? __pfx_lock_release+0x10/0x10
[ 3271.937733][ T9694]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3271.943791][ T9694]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3271.948993][ T9694]  ? mem_cgroup_iter+0x422/0x560
[ 3271.953935][ T9694]  try_charge_memcg+0xda2/0x18a0
[ 3271.958906][ T9694]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3271.964270][ T9694]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3271.969980][ T9694]  ? __pfx_lock_release+0x10/0x10
[ 3271.974998][ T9694]  ? memcg_account_kmem+0x1e7/0x210
[ 3271.980207][ T9694]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3271.986007][ T9694]  __memcg_kmem_charge_page+0xe1/0x250
[ 3271.991463][ T9694]  memcg_charge_kernel_stack+0x196/0x550
[ 3271.997090][ T9694]  dup_task_struct+0x15d/0x7d0
[ 3272.001846][ T9694]  copy_process+0x5d5/0x3fc0
[ 3272.006434][ T9694]  ? __might_fault+0xa9/0x120
[ 3272.011102][ T9694]  ? __pfx_lock_release+0x10/0x10
[ 3272.016125][ T9694]  ? __pfx_copy_process+0x10/0x10
[ 3272.021138][ T9694]  ? __might_fault+0xc5/0x120
[ 3272.025806][ T9694]  ? __asan_memset+0x23/0x50
[ 3272.030391][ T9694]  kernel_clone+0x21d/0x8d0
[ 3272.034886][ T9694]  ? __pfx_kernel_clone+0x10/0x10
[ 3272.041216][ T9694]  __se_sys_clone3+0x2cb/0x350
[ 3272.045977][ T9694]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3272.051265][ T9694]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3272.057246][ T9694]  ? exc_page_fault+0x587/0x870
[ 3272.062092][ T9694]  ? do_syscall_64+0xb4/0x240
[ 3272.066761][ T9694]  do_syscall_64+0xf9/0x240
[ 3272.071261][ T9694]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3272.077146][ T9694] RIP: 0033:0x7fa2eb4a9b99
[ 3272.081549][ T9694] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3272.101142][ T9694] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3272.109544][ T9694] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3272.117504][ T9694] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3272.125462][ T9694] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3272.133419][ T9694] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3272.141375][ T9694] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3272.149348][ T9694]  </TASK>
[ 3272.157992][ T9694] memory: usage 307200kB, limit 307200kB, failcnt 334653
[ 3272.165490][ T9694] memory+swap: usage 307980kB, limit 9007199254740988kB, failcnt 0
[ 3272.183791][ T9694] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3272.184175][ T9535] Bluetooth: hci4: command 0x0409 tx timeout
[ 3272.184896][ T6454] Bluetooth: hci3: command 0x0409 tx timeout
[ 3272.192141][ T9694] Memory cgroup stats for /syz3:
[ 3272.204973][ T9694] cache 0
[ 3272.212837][ T9694] rss 12288
[ 3272.216820][ T9694] rss_huge 0
[ 3272.220044][ T9694] shmem 0
[ 3272.223035][ T9694] mapped_file 0
[ 3272.227204][ T9694] dirty 0
[ 3272.230152][ T9694] writeback 0
[ 3272.233447][ T9694] workingset_refault_anon 263911
[ 3272.239051][ T9694] workingset_refault_file 72
[ 3272.243642][ T9694] swap 806912
[ 3272.247267][ T9694] swapcached 0
[ 3272.250641][ T9694] pgpgin 1962694
[ 3272.256401][ T9694] pgpgout 1962691
[ 3272.260058][ T9694] pgfault 3434152
[ 3272.263685][ T9694] pgmajfault 215235
[ 3272.267959][ T9694] inactive_anon 0
[ 3272.271600][ T9694] active_anon 0
[ 3272.275423][ T9694] inactive_file 0
[ 3272.279065][ T9694] active_file 0
[ 3272.282525][ T9694] unevictable 0
[ 3272.286348][ T9694] hierarchical_memory_limit 314572800
[ 3272.291726][ T9694] hierarchical_memsw_limit 9223372036854771712
[ 3272.298409][ T9694] total_cache 0
[ 3272.301875][ T9694] total_rss 12288
[ 3272.305744][ T9694] total_rss_huge 0
[ 3272.309510][ T9694] total_shmem 0
[ 3272.313058][ T9694] total_mapped_file 0
[ 3272.317538][ T9694] total_dirty 0
[ 3272.321121][ T9694] total_writeback 0
[ 3272.325320][ T9694] total_workingset_refault_anon 263911
[ 3272.330776][ T9694] total_workingset_refault_file 72
[ 3272.336230][ T9694] total_swap 806912
[ 3272.340043][ T9694] total_swapcached 0
[ 3272.344304][ T9694] total_pgpgin 1962694
[ 3272.348389][ T9694] total_pgpgout 1962691
[ 3272.352547][ T9694] total_pgfault 3434152
[ 3272.357708][ T9694] total_pgmajfault 215235
[ 3272.362043][ T9694] total_inactive_anon 0
[ 3272.367205][ T9694] total_active_anon 0
[ 3272.371177][ T9694] total_inactive_file 0
[ 3272.375654][ T9694] total_active_file 0
[ 3272.379642][ T9694] total_unevictable 0
[ 3272.383635][ T9694] anon_cost 0
10:59:24 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x1400, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3272.387278][ T9694] file_cost 0
[ 3272.390588][ T9694] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9694,uid=0
[ 3272.406578][ T9694] Memory cgroup out of memory: Killed process 9694 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3272.744703][ T6454] Bluetooth: hci1: command 0x041b tx timeout
[ 3272.768885][ T9695] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3272.779509][ T9695] CPU: 0 PID: 9695 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3272.789827][ T9695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3272.799867][ T9695] Call Trace:
[ 3272.803130][ T9695]  <TASK>
[ 3272.806050][ T9695]  dump_stack_lvl+0x1e7/0x2e0
[ 3272.810721][ T9695]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3272.815903][ T9695]  ? __pfx__printk+0x10/0x10
[ 3272.820478][ T9695]  ? ___ratelimit+0x4c4/0x670
[ 3272.825140][ T9695]  ? __pfx____ratelimit+0x10/0x10
[ 3272.830148][ T9695]  dump_header+0xda/0x6a0
[ 3272.834480][ T9695]  oom_kill_process+0x3a7/0x930
[ 3272.839358][ T9695]  out_of_memory+0xf67/0x1320
[ 3272.844053][ T9695]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3272.849692][ T9695]  ? __pfx___mutex_lock+0x10/0x10
[ 3272.854723][ T9695]  ? __pfx_out_of_memory+0x10/0x10
[ 3272.859823][ T9695]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3272.865353][ T9695]  ? __pfx_lock_release+0x10/0x10
[ 3272.870369][ T9695]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3272.876426][ T9695]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3272.881605][ T9695]  ? mem_cgroup_iter+0x422/0x560
[ 3272.886543][ T9695]  try_charge_memcg+0xda2/0x18a0
[ 3272.891506][ T9695]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3272.896876][ T9695]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3272.902578][ T9695]  ? __pfx_lock_release+0x10/0x10
[ 3272.907588][ T9695]  ? memcg_account_kmem+0x1e7/0x210
[ 3272.912774][ T9695]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3272.918561][ T9695]  __memcg_kmem_charge_page+0xe1/0x250
[ 3272.924007][ T9695]  memcg_charge_kernel_stack+0x196/0x550
[ 3272.929633][ T9695]  dup_task_struct+0x40d/0x7d0
[ 3272.934394][ T9695]  copy_process+0x5d5/0x3fc0
[ 3272.939011][ T9695]  ? __might_fault+0xa9/0x120
[ 3272.943703][ T9695]  ? __pfx_lock_release+0x10/0x10
[ 3272.948739][ T9695]  ? __pfx_copy_process+0x10/0x10
[ 3272.953747][ T9695]  ? __might_fault+0xc5/0x120
[ 3272.958409][ T9695]  ? __asan_memset+0x23/0x50
[ 3272.962988][ T9695]  kernel_clone+0x21d/0x8d0
[ 3272.967479][ T9695]  ? __pfx_kernel_clone+0x10/0x10
[ 3272.972503][ T9695]  __se_sys_clone3+0x2cb/0x350
[ 3272.977269][ T9695]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3272.982534][ T9695]  ? rcu_is_watching+0x15/0xb0
[ 3272.987302][ T9695]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3272.993305][ T9695]  ? exc_page_fault+0x587/0x870
[ 3272.998163][ T9695]  ? do_syscall_64+0xb4/0x240
[ 3273.002835][ T9695]  do_syscall_64+0xf9/0x240
[ 3273.007324][ T9695]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3273.013203][ T9695] RIP: 0033:0x7fa2eb4a9b99
[ 3273.017606][ T9695] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3273.037205][ T9695] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3273.045629][ T9695] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3273.053593][ T9695] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3273.061548][ T9695] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3273.069503][ T9695] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3273.077460][ T9695] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3273.085446][ T9695]  </TASK>
[ 3273.094437][ T9695] memory: usage 307200kB, limit 307200kB, failcnt 335279
[ 3273.101505][ T9695] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3273.121017][ T9695] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3273.129746][ T9695] Memory cgroup stats for /syz3:
[ 3273.129877][ T9695] cache 0
[ 3273.138590][ T9695] rss 8192
[ 3273.141610][ T9695] rss_huge 0
[ 3273.145459][ T9695] shmem 0
[ 3273.148397][ T9695] mapped_file 0
[ 3273.151833][ T9695] dirty 0
[ 3273.155255][ T9695] writeback 0
[ 3273.158546][ T9695] workingset_refault_anon 264153
[ 3273.163485][ T9695] workingset_refault_file 72
[ 3273.169517][ T9695] swap 806912
[ 3273.172815][ T9695] swapcached 4096
[ 3273.177529][ T9695] pgpgin 1962950
[ 3273.181091][ T9695] pgpgout 1962947
[ 3273.185508][ T9695] pgfault 3434508
[ 3273.189141][ T9695] pgmajfault 215456
[ 3273.192932][ T9695] inactive_anon 0
[ 3273.197166][ T9695] active_anon 0
[ 3273.200639][ T9695] inactive_file 0
[ 3273.205268][ T9695] active_file 0
[ 3273.208740][ T9695] unevictable 0
[ 3273.212195][ T9695] hierarchical_memory_limit 314572800
[ 3273.218835][ T9695] hierarchical_memsw_limit 9223372036854771712
[ 3273.225678][ T9695] total_cache 0
[ 3273.229145][ T9695] total_rss 8192
[ 3273.232687][ T9695] total_rss_huge 0
[ 3273.237154][ T9695] total_shmem 0
[ 3273.240642][ T9695] total_mapped_file 0
[ 3273.245611][ T9695] total_dirty 0
[ 3273.249076][ T9695] total_writeback 0
[ 3273.252860][ T9695] total_workingset_refault_anon 264153
[ 3273.259496][ T9695] total_workingset_refault_file 72
[ 3273.265258][ T9695] total_swap 806912
[ 3273.269096][ T9695] total_swapcached 4096
[ 3273.273257][ T9695] total_pgpgin 1962950
[ 3273.278694][ T9695] total_pgpgout 1962947
[ 3273.282865][ T9695] total_pgfault 3434508
[ 3273.287815][ T9695] total_pgmajfault 215456
[ 3273.292155][ T9695] total_inactive_anon 0
[ 3273.297224][ T9695] total_active_anon 0
[ 3273.301232][ T9695] total_inactive_file 0
[ 3273.306937][ T9695] total_active_file 0
[ 3273.310928][ T9695] total_unevictable 0
[ 3273.315261][ T9695] anon_cost 0
[ 3273.318543][ T9695] file_cost 0
[ 3273.321808][ T9695] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9695,uid=0
10:59:25 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x1500, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3273.338030][ T9695] Memory cgroup out of memory: Killed process 9695 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3273.656930][ T9696] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3273.667392][ T9696] CPU: 1 PID: 9696 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3273.677718][ T9696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3273.687782][ T9696] Call Trace:
[ 3273.691054][ T9696]  <TASK>
[ 3273.693982][ T9696]  dump_stack_lvl+0x1e7/0x2e0
[ 3273.698673][ T9696]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3273.703876][ T9696]  ? __pfx__printk+0x10/0x10
[ 3273.708469][ T9696]  ? ___ratelimit+0x4c4/0x670
[ 3273.713144][ T9696]  ? __pfx____ratelimit+0x10/0x10
[ 3273.718164][ T9696]  dump_header+0xda/0x6a0
[ 3273.722490][ T9696]  oom_kill_process+0x3a7/0x930
[ 3273.727337][ T9696]  out_of_memory+0xf67/0x1320
[ 3273.732013][ T9696]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3273.737643][ T9696]  ? __pfx___mutex_lock+0x10/0x10
[ 3273.742666][ T9696]  ? __pfx_out_of_memory+0x10/0x10
[ 3273.747777][ T9696]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3273.753312][ T9696]  ? __pfx_lock_release+0x10/0x10
[ 3273.758339][ T9696]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3273.764405][ T9696]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3273.769598][ T9696]  ? mem_cgroup_iter+0x422/0x560
[ 3273.774532][ T9696]  try_charge_memcg+0xda2/0x18a0
[ 3273.779481][ T9696]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3273.784849][ T9696]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3273.790569][ T9696]  ? __pfx_lock_release+0x10/0x10
[ 3273.795592][ T9696]  ? memcg_account_kmem+0x1e7/0x210
[ 3273.800789][ T9696]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3273.806587][ T9696]  __memcg_kmem_charge_page+0xe1/0x250
[ 3273.812040][ T9696]  memcg_charge_kernel_stack+0x196/0x550
[ 3273.817666][ T9696]  dup_task_struct+0x15d/0x7d0
[ 3273.822421][ T9696]  copy_process+0x5d5/0x3fc0
[ 3273.827012][ T9696]  ? __might_fault+0xa9/0x120
[ 3273.831681][ T9696]  ? __pfx_lock_release+0x10/0x10
[ 3273.836705][ T9696]  ? __lock_acquire+0x1345/0x1fd0
[ 3273.841721][ T9696]  ? __pfx_copy_process+0x10/0x10
[ 3273.846735][ T9696]  ? __might_fault+0xc5/0x120
[ 3273.851405][ T9696]  ? __asan_memset+0x23/0x50
[ 3273.855990][ T9696]  kernel_clone+0x21d/0x8d0
[ 3273.860485][ T9696]  ? __pfx_kernel_clone+0x10/0x10
[ 3273.865507][ T9696]  ? __pfx_lock_release+0x10/0x10
[ 3273.870530][ T9696]  __se_sys_clone3+0x2cb/0x350
[ 3273.875287][ T9696]  ? __might_fault+0xa9/0x120
[ 3273.879954][ T9696]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3273.885226][ T9696]  ? rcu_is_watching+0x15/0xb0
[ 3273.889994][ T9696]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3273.895977][ T9696]  ? exc_page_fault+0x587/0x870
[ 3273.900820][ T9696]  ? do_syscall_64+0xb4/0x240
[ 3273.905490][ T9696]  do_syscall_64+0xf9/0x240
[ 3273.909992][ T9696]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3273.915877][ T9696] RIP: 0033:0x7fa2eb4a9b99
[ 3273.920284][ T9696] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3273.939879][ T9696] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3273.948283][ T9696] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3273.956242][ T9696] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3273.964212][ T9696] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3273.972183][ T9696] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3273.980141][ T9696] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3273.988113][ T9696]  </TASK>
[ 3274.002345][ T9696] memory: usage 307180kB, limit 307200kB, failcnt 335845
[ 3274.009656][ T9696] memory+swap: usage 307980kB, limit 9007199254740988kB, failcnt 0
[ 3274.018163][ T9696] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3274.026239][ T9696] Memory cgroup stats for /syz3:
[ 3274.026376][ T9696] cache 0
[ 3274.034982][ T9696] rss 0
[ 3274.037748][ T9696] rss_huge 0
[ 3274.040921][ T9696] shmem 0
[ 3274.043893][ T9696] mapped_file 0
[ 3274.047400][ T9696] dirty 0
[ 3274.050340][ T9696] writeback 0
[ 3274.053601][ T9696] workingset_refault_anon 264368
[ 3274.059131][ T9696] workingset_refault_file 72
[ 3274.063744][ T9696] swap 819200
[ 3274.067409][ T9696] swapcached 0
[ 3274.070784][ T9696] pgpgin 1963179
[ 3274.074593][ T9696] pgpgout 1963179
[ 3274.078225][ T9696] pgfault 3434821
[ 3274.081833][ T9696] pgmajfault 215654
[ 3274.086015][ T9696] inactive_anon 0
[ 3274.089667][ T9696] active_anon 0
[ 3274.093127][ T9696] inactive_file 0
[ 3274.097706][ T9696] active_file 0
[ 3274.101179][ T9696] unevictable 0
[ 3274.106332][ T9696] hierarchical_memory_limit 314572800
[ 3274.111725][ T9696] hierarchical_memsw_limit 9223372036854771712
[ 3274.118265][ T9696] total_cache 0
[ 3274.121725][ T9696] total_rss 0
[ 3274.125351][ T9696] total_rss_huge 0
[ 3274.129077][ T9696] total_shmem 0
[ 3274.132538][ T9696] total_mapped_file 0
[ 3274.142813][ T9696] total_dirty 0
[ 3274.146931][ T9696] total_writeback 0
[ 3274.150740][ T9696] total_workingset_refault_anon 264368
[ 3274.156730][ T9696] total_workingset_refault_file 72
[ 3274.161851][ T9696] total_swap 819200
[ 3274.166106][ T9696] total_swapcached 0
[ 3274.170001][ T9696] total_pgpgin 1963179
[ 3274.174654][ T9696] total_pgpgout 1963179
[ 3274.178809][ T9696] total_pgfault 3434821
[ 3274.182942][ T9696] total_pgmajfault 215654
[ 3274.187781][ T9696] total_inactive_anon 0
[ 3274.191939][ T9696] total_active_anon 0
[ 3274.196291][ T9696] total_inactive_file 0
[ 3274.200628][ T9696] total_active_file 0
[ 3274.206447][ T9696] total_unevictable 0
[ 3274.210439][ T9696] anon_cost 0
[ 3274.213716][ T9696] file_cost 0
[ 3274.217866][ T9696] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9696,uid=0
[ 3274.233635][ T9696] Memory cgroup out of memory: Killed process 9696 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:59:26 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x1f00, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3274.274920][ T6454] Bluetooth: hci3: command 0x041b tx timeout
[ 3274.280984][ T6454] Bluetooth: hci4: command 0x041b tx timeout
[ 3274.475186][ T9697] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3274.485731][ T9697] CPU: 1 PID: 9697 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3274.496073][ T9697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3274.506134][ T9697] Call Trace:
[ 3274.509410][ T9697]  <TASK>
[ 3274.512332][ T9697]  dump_stack_lvl+0x1e7/0x2e0
[ 3274.517013][ T9697]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3274.522207][ T9697]  ? __pfx__printk+0x10/0x10
[ 3274.526787][ T9697]  ? ___ratelimit+0x4c4/0x670
[ 3274.531458][ T9697]  ? __pfx____ratelimit+0x10/0x10
[ 3274.536484][ T9697]  dump_header+0xda/0x6a0
[ 3274.540834][ T9697]  oom_kill_process+0x3a7/0x930
[ 3274.545703][ T9697]  out_of_memory+0xf67/0x1320
[ 3274.550402][ T9697]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3274.556044][ T9697]  ? __pfx___mutex_lock+0x10/0x10
[ 3274.561077][ T9697]  ? __pfx_out_of_memory+0x10/0x10
[ 3274.566196][ T9697]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3274.571757][ T9697]  ? __pfx_lock_release+0x10/0x10
[ 3274.576787][ T9697]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3274.582854][ T9697]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3274.588059][ T9697]  ? mem_cgroup_iter+0x422/0x560
[ 3274.592996][ T9697]  try_charge_memcg+0xda2/0x18a0
[ 3274.597945][ T9697]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3274.603326][ T9697]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3274.609052][ T9697]  ? __pfx_lock_release+0x10/0x10
[ 3274.614094][ T9697]  ? memcg_account_kmem+0x1e7/0x210
[ 3274.619310][ T9697]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3274.625113][ T9697]  __memcg_kmem_charge_page+0xe1/0x250
[ 3274.630587][ T9697]  memcg_charge_kernel_stack+0x196/0x550
[ 3274.636233][ T9697]  dup_task_struct+0x15d/0x7d0
[ 3274.640999][ T9697]  copy_process+0x5d5/0x3fc0
[ 3274.645594][ T9697]  ? __might_fault+0xa9/0x120
[ 3274.650281][ T9697]  ? __pfx_lock_release+0x10/0x10
[ 3274.655312][ T9697]  ? __pfx_copy_process+0x10/0x10
[ 3274.660330][ T9697]  ? __might_fault+0xc5/0x120
[ 3274.665009][ T9697]  ? __asan_memset+0x23/0x50
[ 3274.669606][ T9697]  kernel_clone+0x21d/0x8d0
[ 3274.674120][ T9697]  ? __pfx_kernel_clone+0x10/0x10
[ 3274.679178][ T9697]  __se_sys_clone3+0x2cb/0x350
[ 3274.683964][ T9697]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3274.689270][ T9697]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3274.695263][ T9697]  ? exc_page_fault+0x587/0x870
[ 3274.700115][ T9697]  ? do_syscall_64+0xb4/0x240
[ 3274.704791][ T9697]  do_syscall_64+0xf9/0x240
[ 3274.709299][ T9697]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3274.715194][ T9697] RIP: 0033:0x7fa2eb4a9b99
[ 3274.719604][ T9697] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3274.739219][ T9697] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3274.747628][ T9697] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3274.755593][ T9697] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3274.763552][ T9697] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3274.771511][ T9697] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3274.779485][ T9697] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3274.787471][ T9697]  </TASK>
[ 3274.804275][ T9697] memory: usage 307200kB, limit 307200kB, failcnt 336299
[ 3274.811365][ T9697] memory+swap: usage 307992kB, limit 9007199254740988kB, failcnt 0
[ 3274.820456][ T9697] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3274.834900][ T6454] Bluetooth: hci1: command 0x040f tx timeout
[ 3274.840995][ T9697] Memory cgroup stats for /syz3:
[ 3274.841124][ T9697] cache 0
[ 3274.849687][ T9697] rss 12288
[ 3274.852916][ T9697] rss_huge 0
[ 3274.858720][ T9697] shmem 0
[ 3274.861686][ T9697] mapped_file 0
[ 3274.865925][ T9697] dirty 0
[ 3274.868964][ T9697] writeback 0
[ 3274.872278][ T9697] workingset_refault_anon 264551
[ 3274.878056][ T9697] workingset_refault_file 72
[ 3274.882746][ T9697] swap 806912
[ 3274.886271][ T9697] swapcached 0
[ 3274.889639][ T9697] pgpgin 1963373
[ 3274.893167][ T9697] pgpgout 1963370
[ 3274.897394][ T9697] pgfault 3435092
[ 3274.901100][ T9697] pgmajfault 215822
[ 3274.913991][ T9697] inactive_anon 0
[ 3274.918689][ T9697] active_anon 12288
[ 3274.922589][ T9697] inactive_file 0
[ 3274.926957][ T9697] active_file 0
[ 3274.930432][ T9697] unevictable 0
[ 3274.934557][ T9697] hierarchical_memory_limit 314572800
[ 3274.939937][ T9697] hierarchical_memsw_limit 9223372036854771712
[ 3274.946940][ T9697] total_cache 0
[ 3274.950413][ T9697] total_rss 12288
[ 3274.954424][ T9697] total_rss_huge 0
[ 3274.958165][ T9697] total_shmem 0
[ 3274.961626][ T9697] total_mapped_file 0
[ 3274.966517][ T9697] total_dirty 0
[ 3274.969983][ T9697] total_writeback 0
[ 3274.973780][ T9697] total_workingset_refault_anon 264551
[ 3274.979581][ T9697] total_workingset_refault_file 72
[ 3274.985242][ T9697] total_swap 806912
[ 3274.989071][ T9697] total_swapcached 0
[ 3274.992958][ T9697] total_pgpgin 1963373
[ 3274.997600][ T9697] total_pgpgout 1963370
[ 3275.001769][ T9697] total_pgfault 3435092
[ 3275.006481][ T9697] total_pgmajfault 215822
[ 3275.010887][ T9697] total_inactive_anon 0
[ 3275.017939][ T9697] total_active_anon 12288
[ 3275.027880][ T9697] total_inactive_file 0
[ 3275.032133][ T9697] total_active_file 0
[ 3275.037130][ T9697] total_unevictable 0
[ 3275.041139][ T9697] anon_cost 0
[ 3275.045092][ T9697] file_cost 0
[ 3275.048393][ T9697] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9697,uid=0
[ 3275.064801][ T9697] Memory cgroup out of memory: Killed process 9697 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:59:26 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x2000, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3275.248623][ T9698] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3275.259089][ T9698] CPU: 0 PID: 9698 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3275.269436][ T9698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3275.279490][ T9698] Call Trace:
[ 3275.282753][ T9698]  <TASK>
[ 3275.285668][ T9698]  dump_stack_lvl+0x1e7/0x2e0
[ 3275.290337][ T9698]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3275.295526][ T9698]  ? __pfx__printk+0x10/0x10
[ 3275.300113][ T9698]  ? ___ratelimit+0x4c4/0x670
[ 3275.304779][ T9698]  ? __pfx____ratelimit+0x10/0x10
[ 3275.309787][ T9698]  dump_header+0xda/0x6a0
[ 3275.314116][ T9698]  oom_kill_process+0x3a7/0x930
[ 3275.318981][ T9698]  out_of_memory+0xf67/0x1320
[ 3275.323657][ T9698]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3275.329284][ T9698]  ? __pfx___mutex_lock+0x10/0x10
[ 3275.334311][ T9698]  ? __pfx_out_of_memory+0x10/0x10
[ 3275.339422][ T9698]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3275.344960][ T9698]  ? __pfx_lock_release+0x10/0x10
[ 3275.349976][ T9698]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3275.356036][ T9698]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3275.361227][ T9698]  ? mem_cgroup_iter+0x422/0x560
[ 3275.366167][ T9698]  try_charge_memcg+0xda2/0x18a0
[ 3275.371115][ T9698]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3275.376479][ T9698]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3275.382188][ T9698]  ? __pfx_lock_release+0x10/0x10
[ 3275.387206][ T9698]  ? memcg_account_kmem+0x1e7/0x210
[ 3275.392404][ T9698]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3275.398198][ T9698]  __memcg_kmem_charge_page+0xe1/0x250
[ 3275.403649][ T9698]  memcg_charge_kernel_stack+0x196/0x550
[ 3275.409275][ T9698]  dup_task_struct+0x40d/0x7d0
[ 3275.414042][ T9698]  copy_process+0x5d5/0x3fc0
[ 3275.418640][ T9698]  ? __might_fault+0xa9/0x120
[ 3275.423307][ T9698]  ? __pfx_lock_release+0x10/0x10
[ 3275.428327][ T9698]  ? __lock_acquire+0x1345/0x1fd0
[ 3275.433371][ T9698]  ? __pfx_copy_process+0x10/0x10
[ 3275.438409][ T9698]  ? __might_fault+0xc5/0x120
[ 3275.443092][ T9698]  ? __asan_memset+0x23/0x50
[ 3275.447696][ T9698]  kernel_clone+0x21d/0x8d0
[ 3275.452205][ T9698]  ? __pfx_kernel_clone+0x10/0x10
[ 3275.457227][ T9698]  ? __pfx_lock_release+0x10/0x10
[ 3275.462248][ T9698]  __se_sys_clone3+0x2cb/0x350
[ 3275.467007][ T9698]  ? __might_fault+0xa9/0x120
[ 3275.471677][ T9698]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3275.476953][ T9698]  ? rcu_is_watching+0x15/0xb0
[ 3275.481720][ T9698]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3275.487701][ T9698]  ? exc_page_fault+0x587/0x870
[ 3275.492546][ T9698]  ? do_syscall_64+0xb4/0x240
[ 3275.497219][ T9698]  do_syscall_64+0xf9/0x240
[ 3275.501738][ T9698]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3275.507650][ T9698] RIP: 0033:0x7fa2eb4a9b99
[ 3275.512065][ T9698] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3275.531672][ T9698] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3275.540083][ T9698] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3275.548047][ T9698] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3275.556007][ T9698] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3275.563976][ T9698] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3275.571948][ T9698] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3275.579936][ T9698]  </TASK>
[ 3275.594318][ T9698] memory: usage 307200kB, limit 307200kB, failcnt 336684
[ 3275.601391][ T9698] memory+swap: usage 308036kB, limit 9007199254740988kB, failcnt 0
[ 3275.610914][ T9698] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3275.618965][ T9698] Memory cgroup stats for /syz3:
[ 3275.619095][ T9698] cache 0
[ 3275.627366][ T9698] rss 0
[ 3275.630110][ T9698] rss_huge 0
[ 3275.633488][ T9698] shmem 0
[ 3275.637062][ T9698] mapped_file 0
[ 3275.640539][ T9698] dirty 0
[ 3275.643480][ T9698] writeback 0
[ 3275.647138][ T9698] workingset_refault_anon 264685
[ 3275.652096][ T9698] workingset_refault_file 72
[ 3275.657115][ T9698] swap 856064
[ 3275.660402][ T9698] swapcached 0
[ 3275.663750][ T9698] pgpgin 1963519
[ 3275.667861][ T9698] pgpgout 1963519
[ 3275.671497][ T9698] pgfault 3435297
[ 3275.675538][ T9698] pgmajfault 215955
[ 3275.679350][ T9698] inactive_anon 0
[ 3275.682959][ T9698] active_anon 0
[ 3275.686755][ T9698] inactive_file 0
[ 3275.690392][ T9698] active_file 0
[ 3275.696149][ T9698] unevictable 0
[ 3275.699615][ T9698] hierarchical_memory_limit 314572800
[ 3275.705329][ T9698] hierarchical_memsw_limit 9223372036854771712
[ 3275.711508][ T9698] total_cache 0
[ 3275.715476][ T9698] total_rss 0
[ 3275.718770][ T9698] total_rss_huge 0
[ 3275.722489][ T9698] total_shmem 0
[ 3275.726484][ T9698] total_mapped_file 0
[ 3275.730472][ T9698] total_dirty 0
[ 3275.734777][ T9698] total_writeback 0
[ 3275.738630][ T9698] total_workingset_refault_anon 264685
[ 3275.746426][ T9698] total_workingset_refault_file 72
[ 3275.751558][ T9698] total_swap 856064
[ 3275.756260][ T9698] total_swapcached 0
[ 3275.760216][ T9698] total_pgpgin 1963519
[ 3275.765001][ T9698] total_pgpgout 1963519
[ 3275.769161][ T9698] total_pgfault 3435297
[ 3275.773291][ T9698] total_pgmajfault 215955
[ 3275.780286][ T9698] total_inactive_anon 0
[ 3275.785223][ T9698] total_active_anon 0
[ 3275.789213][ T9698] total_inactive_file 0
[ 3275.793359][ T9698] total_active_file 0
[ 3275.797764][ T9698] total_unevictable 0
[ 3275.801749][ T9698] anon_cost 0
[ 3275.806886][ T9698] file_cost 0
[ 3275.810185][ T9698] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9698,uid=0
[ 3275.826482][ T9698] Memory cgroup out of memory: Killed process 9698 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:59:27 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x4788, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3276.148050][ T9699] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3276.158758][ T9699] CPU: 0 PID: 9699 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3276.169088][ T9699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3276.179132][ T9699] Call Trace:
[ 3276.182396][ T9699]  <TASK>
[ 3276.185312][ T9699]  dump_stack_lvl+0x1e7/0x2e0
[ 3276.189979][ T9699]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3276.195163][ T9699]  ? __pfx__printk+0x10/0x10
[ 3276.199732][ T9699]  ? ___ratelimit+0x4c4/0x670
[ 3276.204398][ T9699]  ? __pfx____ratelimit+0x10/0x10
[ 3276.209411][ T9699]  dump_header+0xda/0x6a0
[ 3276.213725][ T9699]  oom_kill_process+0x3a7/0x930
[ 3276.218580][ T9699]  out_of_memory+0xf67/0x1320
[ 3276.223265][ T9699]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3276.228892][ T9699]  ? __pfx___mutex_lock+0x10/0x10
[ 3276.233924][ T9699]  ? __pfx_out_of_memory+0x10/0x10
[ 3276.239042][ T9699]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3276.244584][ T9699]  ? __pfx_lock_release+0x10/0x10
[ 3276.249609][ T9699]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3276.255678][ T9699]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3276.260871][ T9699]  ? mem_cgroup_iter+0x422/0x560
[ 3276.265829][ T9699]  try_charge_memcg+0xda2/0x18a0
[ 3276.270791][ T9699]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3276.276161][ T9699]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3276.281877][ T9699]  ? __pfx_lock_release+0x10/0x10
[ 3276.286908][ T9699]  ? memcg_account_kmem+0x1e7/0x210
[ 3276.292108][ T9699]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3276.297908][ T9699]  __memcg_kmem_charge_page+0xe1/0x250
[ 3276.303366][ T9699]  memcg_charge_kernel_stack+0x196/0x550
[ 3276.308994][ T9699]  dup_task_struct+0x40d/0x7d0
[ 3276.313751][ T9699]  copy_process+0x5d5/0x3fc0
[ 3276.318344][ T9699]  ? __might_fault+0xa9/0x120
[ 3276.323020][ T9699]  ? __pfx_lock_release+0x10/0x10
[ 3276.328046][ T9699]  ? __pfx_copy_process+0x10/0x10
[ 3276.333158][ T9699]  ? __might_fault+0xc5/0x120
[ 3276.337827][ T9699]  ? __asan_memset+0x23/0x50
[ 3276.342412][ T9699]  kernel_clone+0x21d/0x8d0
[ 3276.346913][ T9699]  ? __pfx_kernel_clone+0x10/0x10
[ 3276.351942][ T9699]  __se_sys_clone3+0x2cb/0x350
[ 3276.356702][ T9699]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3276.361987][ T9699]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3276.367969][ T9699]  ? exc_page_fault+0x587/0x870
[ 3276.372817][ T9699]  ? do_syscall_64+0xb4/0x240
[ 3276.377488][ T9699]  do_syscall_64+0xf9/0x240
[ 3276.381987][ T9699]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3276.387874][ T9699] RIP: 0033:0x7fa2eb4a9b99
[ 3276.392279][ T9699] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3276.411882][ T9699] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3276.420291][ T9699] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3276.428252][ T9699] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3276.436211][ T9699] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3276.444172][ T9699] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3276.452131][ T9699] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3276.460107][ T9699]  </TASK>
[ 3276.466083][ T6454] Bluetooth: hci4: command 0x040f tx timeout
[ 3276.472112][ T6454] Bluetooth: hci3: command 0x040f tx timeout
[ 3276.481219][ T9699] memory: usage 307200kB, limit 307200kB, failcnt 337286
[ 3276.488790][ T9699] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3276.497137][ T9699] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3276.504804][ T9699] Memory cgroup stats for /syz3:
[ 3276.504934][ T9699] cache 0
[ 3276.512797][ T9699] rss 12288
[ 3276.516598][ T9699] rss_huge 0
[ 3276.519805][ T9699] shmem 0
[ 3276.522740][ T9699] mapped_file 0
[ 3276.526549][ T9699] dirty 0
[ 3276.529489][ T9699] writeback 0
[ 3276.532753][ T9699] workingset_refault_anon 264902
[ 3276.538039][ T9699] workingset_refault_file 72
[ 3276.542627][ T9699] swap 802816
[ 3276.546502][ T9699] swapcached 4096
[ 3276.550136][ T9699] pgpgin 1963751
[ 3276.554294][ T9699] pgpgout 1963747
[ 3276.557946][ T9699] pgfault 3435627
[ 3276.561582][ T9699] pgmajfault 216163
[ 3276.565725][ T9699] inactive_anon 0
[ 3276.569364][ T9699] active_anon 16384
[ 3276.573145][ T9699] inactive_file 0
[ 3276.577381][ T9699] active_file 0
[ 3276.580851][ T9699] unevictable 0
[ 3276.586331][ T9699] hierarchical_memory_limit 314572800
[ 3276.591713][ T9699] hierarchical_memsw_limit 9223372036854771712
[ 3276.598065][ T9699] total_cache 0
[ 3276.601503][ T9699] total_rss 12288
[ 3276.605723][ T9699] total_rss_huge 0
[ 3276.609445][ T9699] total_shmem 0
[ 3276.612881][ T9699] total_mapped_file 0
[ 3276.617200][ T9699] total_dirty 0
[ 3276.620663][ T9699] total_writeback 0
[ 3276.624814][ T9699] total_workingset_refault_anon 264902
[ 3276.630266][ T9699] total_workingset_refault_file 72
[ 3276.637144][ T9699] total_swap 802816
[ 3276.640967][ T9699] total_swapcached 4096
[ 3276.645453][ T9699] total_pgpgin 1963751
[ 3276.649530][ T9699] total_pgpgout 1963747
[ 3276.653683][ T9699] total_pgfault 3435627
[ 3276.658442][ T9699] total_pgmajfault 216163
[ 3276.662772][ T9699] total_inactive_anon 0
[ 3276.667612][ T9699] total_active_anon 16384
[ 3276.671938][ T9699] total_inactive_file 0
[ 3276.676443][ T9699] total_active_file 0
[ 3276.680425][ T9699] total_unevictable 0
[ 3276.684748][ T9699] anon_cost 0
[ 3276.688043][ T9699] file_cost 0
[ 3276.691318][ T9699] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9699,uid=0
[ 3276.708383][ T9699] Memory cgroup out of memory: Killed process 9699 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:59:28 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x4800, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3276.904505][ T9535] Bluetooth: hci1: command 0x0419 tx timeout
[ 3276.994670][ T9700] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3277.005219][ T9700] CPU: 1 PID: 9700 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3277.015551][ T9700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3277.025591][ T9700] Call Trace:
[ 3277.028852][ T9700]  <TASK>
[ 3277.031768][ T9700]  dump_stack_lvl+0x1e7/0x2e0
[ 3277.036440][ T9700]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3277.041620][ T9700]  ? __pfx__printk+0x10/0x10
[ 3277.046192][ T9700]  ? ___ratelimit+0x4c4/0x670
[ 3277.050853][ T9700]  ? __pfx____ratelimit+0x10/0x10
[ 3277.055869][ T9700]  dump_header+0xda/0x6a0
[ 3277.060184][ T9700]  oom_kill_process+0x3a7/0x930
[ 3277.065045][ T9700]  out_of_memory+0xf67/0x1320
[ 3277.069739][ T9700]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3277.075372][ T9700]  ? __pfx___mutex_lock+0x10/0x10
[ 3277.080397][ T9700]  ? __pfx_out_of_memory+0x10/0x10
[ 3277.085506][ T9700]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3277.091047][ T9700]  ? __pfx_lock_release+0x10/0x10
[ 3277.096064][ T9700]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3277.102126][ T9700]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3277.107317][ T9700]  ? mem_cgroup_iter+0x422/0x560
[ 3277.115548][ T9700]  try_charge_memcg+0xda2/0x18a0
[ 3277.120582][ T9700]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3277.125941][ T9700]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3277.131650][ T9700]  ? __pfx_lock_release+0x10/0x10
[ 3277.136670][ T9700]  ? memcg_account_kmem+0x1e7/0x210
[ 3277.141952][ T9700]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3277.147749][ T9700]  __memcg_kmem_charge_page+0xe1/0x250
[ 3277.153202][ T9700]  memcg_charge_kernel_stack+0x196/0x550
[ 3277.158835][ T9700]  dup_task_struct+0x15d/0x7d0
[ 3277.163589][ T9700]  copy_process+0x5d5/0x3fc0
[ 3277.168185][ T9700]  ? __might_fault+0xa9/0x120
[ 3277.172858][ T9700]  ? __pfx_lock_release+0x10/0x10
[ 3277.177881][ T9700]  ? __pfx_copy_process+0x10/0x10
[ 3277.182893][ T9700]  ? __might_fault+0xc5/0x120
[ 3277.187562][ T9700]  ? __asan_memset+0x23/0x50
[ 3277.192147][ T9700]  kernel_clone+0x21d/0x8d0
[ 3277.196647][ T9700]  ? __pfx_kernel_clone+0x10/0x10
[ 3277.201674][ T9700]  __se_sys_clone3+0x2cb/0x350
[ 3277.206429][ T9700]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3277.211714][ T9700]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3277.217697][ T9700]  ? exc_page_fault+0x587/0x870
[ 3277.222545][ T9700]  ? do_syscall_64+0xb4/0x240
[ 3277.227233][ T9700]  do_syscall_64+0xf9/0x240
[ 3277.231743][ T9700]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3277.237635][ T9700] RIP: 0033:0x7fa2eb4a9b99
[ 3277.242050][ T9700] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3277.261663][ T9700] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3277.270074][ T9700] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3277.278043][ T9700] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3277.286007][ T9700] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3277.293976][ T9700] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3277.301934][ T9700] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3277.309906][ T9700]  </TASK>
[ 3277.323456][ T9700] memory: usage 307200kB, limit 307200kB, failcnt 337782
[ 3277.330834][ T9700] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3277.340569][ T9700] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3277.348565][ T9700] Memory cgroup stats for /syz3:
[ 3277.348691][ T9700] cache 0
[ 3277.357109][ T9700] rss 12288
[ 3277.360210][ T9700] rss_huge 0
[ 3277.363383][ T9700] shmem 0
[ 3277.367183][ T9700] mapped_file 0
[ 3277.370646][ T9700] dirty 0
[ 3277.374462][ T9700] writeback 0
[ 3277.377794][ T9700] workingset_refault_anon 265095
[ 3277.382726][ T9700] workingset_refault_file 72
[ 3277.387758][ T9700] swap 806912
[ 3277.391033][ T9700] swapcached 0
[ 3277.394752][ T9700] pgpgin 1963959
[ 3277.398363][ T9700] pgpgout 1963956
[ 3277.402001][ T9700] pgfault 3435918
[ 3277.406033][ T9700] pgmajfault 216340
[ 3277.409842][ T9700] inactive_anon 0
[ 3277.413462][ T9700] active_anon 8192
[ 3277.417603][ T9700] inactive_file 0
[ 3277.421250][ T9700] active_file 0
[ 3277.426402][ T9700] unevictable 0
[ 3277.429873][ T9700] hierarchical_memory_limit 314572800
[ 3277.435667][ T9700] hierarchical_memsw_limit 9223372036854771712
[ 3277.441828][ T9700] total_cache 0
[ 3277.445638][ T9700] total_rss 12288
[ 3277.449281][ T9700] total_rss_huge 0
[ 3277.453012][ T9700] total_shmem 0
[ 3277.456884][ T9700] total_mapped_file 0
[ 3277.460865][ T9700] total_dirty 0
[ 3277.464664][ T9700] total_writeback 0
[ 3277.468478][ T9700] total_workingset_refault_anon 265095
[ 3277.474303][ T9700] total_workingset_refault_file 72
[ 3277.480712][ T9700] total_swap 806912
[ 3277.485585][ T9700] total_swapcached 0
[ 3277.489490][ T9700] total_pgpgin 1963959
[ 3277.493546][ T9700] total_pgpgout 1963956
[ 3277.498774][ T9700] total_pgfault 3435918
[ 3277.502937][ T9700] total_pgmajfault 216340
[ 3277.508341][ T9700] total_inactive_anon 0
[ 3277.512554][ T9700] total_active_anon 8192
[ 3277.517265][ T9700] total_inactive_file 0
[ 3277.521432][ T9700] total_active_file 0
[ 3277.525882][ T9700] total_unevictable 0
[ 3277.529858][ T9700] anon_cost 0
[ 3277.533119][ T9700] file_cost 0
[ 3277.537819][ T9700] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9700,uid=0
[ 3277.554510][ T9700] Memory cgroup out of memory: Killed process 9700 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:59:29 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x4888, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3277.777463][ T9701] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3277.788711][ T9701] CPU: 1 PID: 9701 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3277.799061][ T9701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3277.809111][ T9701] Call Trace:
[ 3277.812399][ T9701]  <TASK>
[ 3277.815319][ T9701]  dump_stack_lvl+0x1e7/0x2e0
[ 3277.819999][ T9701]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3277.825188][ T9701]  ? __pfx__printk+0x10/0x10
[ 3277.829766][ T9701]  ? ___ratelimit+0x4c4/0x670
[ 3277.834436][ T9701]  ? __pfx____ratelimit+0x10/0x10
[ 3277.839457][ T9701]  dump_header+0xda/0x6a0
[ 3277.843786][ T9701]  oom_kill_process+0x3a7/0x930
[ 3277.848640][ T9701]  out_of_memory+0xf67/0x1320
[ 3277.853315][ T9701]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3277.858938][ T9701]  ? __pfx___mutex_lock+0x10/0x10
[ 3277.863958][ T9701]  ? __pfx_out_of_memory+0x10/0x10
[ 3277.869069][ T9701]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3277.874605][ T9701]  ? __pfx_lock_release+0x10/0x10
[ 3277.879621][ T9701]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3277.885682][ T9701]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3277.890874][ T9701]  ? mem_cgroup_iter+0x422/0x560
[ 3277.895811][ T9701]  try_charge_memcg+0xda2/0x18a0
[ 3277.900757][ T9701]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3277.906121][ T9701]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3277.911833][ T9701]  ? __pfx_lock_release+0x10/0x10
[ 3277.916851][ T9701]  ? memcg_account_kmem+0x1e7/0x210
[ 3277.922047][ T9701]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3277.927850][ T9701]  __memcg_kmem_charge_page+0xe1/0x250
[ 3277.933318][ T9701]  memcg_charge_kernel_stack+0x11c/0x550
[ 3277.938945][ T9701]  dup_task_struct+0x15d/0x7d0
[ 3277.943700][ T9701]  copy_process+0x5d5/0x3fc0
[ 3277.948299][ T9701]  ? __might_fault+0xa9/0x120
[ 3277.952970][ T9701]  ? __pfx_lock_release+0x10/0x10
[ 3277.957992][ T9701]  ? __pfx_copy_process+0x10/0x10
[ 3277.963004][ T9701]  ? __might_fault+0xc5/0x120
[ 3277.967673][ T9701]  ? __asan_memset+0x23/0x50
[ 3277.972262][ T9701]  kernel_clone+0x21d/0x8d0
[ 3277.976762][ T9701]  ? __pfx_kernel_clone+0x10/0x10
[ 3277.981788][ T9701]  __se_sys_clone3+0x2cb/0x350
[ 3277.986543][ T9701]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3277.991828][ T9701]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3277.997819][ T9701]  ? exc_page_fault+0x587/0x870
[ 3278.002665][ T9701]  ? do_syscall_64+0xb4/0x240
[ 3278.007336][ T9701]  do_syscall_64+0xf9/0x240
[ 3278.011835][ T9701]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3278.017721][ T9701] RIP: 0033:0x7fa2eb4a9b99
[ 3278.022129][ T9701] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3278.041724][ T9701] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3278.050135][ T9701] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3278.058099][ T9701] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3278.066061][ T9701] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3278.074019][ T9701] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3278.081984][ T9701] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3278.089959][ T9701]  </TASK>
[ 3278.097462][ T9701] memory: usage 307200kB, limit 307200kB, failcnt 338191
[ 3278.105075][ T9701] memory+swap: usage 307984kB, limit 9007199254740988kB, failcnt 0
[ 3278.113055][ T9701] kmem: usage 307176kB, limit 9007199254740988kB, failcnt 0
[ 3278.120851][ T9701] Memory cgroup stats for /syz3:
[ 3278.121074][ T9701] cache 0
[ 3278.129626][ T9701] rss 12288
[ 3278.132806][ T9701] rss_huge 0
[ 3278.136421][ T9701] shmem 0
[ 3278.139429][ T9701] mapped_file 0
[ 3278.143053][ T9701] dirty 0
[ 3278.150618][ T9701] writeback 0
[ 3278.158479][ T9701] workingset_refault_anon 265248
[ 3278.163480][ T9701] workingset_refault_file 72
[ 3278.168514][ T9701] swap 802816
[ 3278.171850][ T9701] swapcached 4096
[ 3278.175915][ T9701] pgpgin 1964124
[ 3278.179522][ T9701] pgpgout 1964120
[ 3278.183175][ T9701] pgfault 3436150
[ 3278.187548][ T9701] pgmajfault 216488
[ 3278.191409][ T9701] inactive_anon 0
[ 3278.196039][ T9701] active_anon 12288
[ 3278.200146][ T9701] inactive_file 0
[ 3278.204387][ T9701] active_file 0
[ 3278.207864][ T9701] unevictable 0
[ 3278.211326][ T9701] hierarchical_memory_limit 314572800
[ 3278.217003][ T9701] hierarchical_memsw_limit 9223372036854771712
[ 3278.223160][ T9701] total_cache 0
[ 3278.227053][ T9701] total_rss 12288
[ 3278.230693][ T9701] total_rss_huge 0
[ 3278.234731][ T9701] total_shmem 0
[ 3278.238200][ T9701] total_mapped_file 0
[ 3278.242174][ T9701] total_dirty 0
[ 3278.246542][ T9701] total_writeback 0
[ 3278.250472][ T9701] total_workingset_refault_anon 265248
[ 3278.257196][ T9701] total_workingset_refault_file 72
[ 3278.262375][ T9701] total_swap 802816
[ 3278.267079][ T9701] total_swapcached 4096
[ 3278.271298][ T9701] total_pgpgin 1964124
[ 3278.276274][ T9701] total_pgpgout 1964120
[ 3278.280513][ T9701] total_pgfault 3436150
[ 3278.286888][ T9701] total_pgmajfault 216488
[ 3278.291252][ T9701] total_inactive_anon 0
[ 3278.296429][ T9701] total_active_anon 12288
[ 3278.300859][ T9701] total_inactive_file 0
[ 3278.305946][ T9701] total_active_file 0
[ 3278.309985][ T9701] total_unevictable 0
[ 3278.320784][ T9701] anon_cost 0
[ 3278.324701][ T9701] file_cost 0
[ 3278.328010][ T9701] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9701,uid=0
[ 3278.343685][ T9701] Memory cgroup out of memory: Killed process 9701 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:59:30 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x5865, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3278.505718][ T9535] Bluetooth: hci3: command 0x0419 tx timeout
[ 3278.505729][ T6454] Bluetooth: hci4: command 0x0419 tx timeout
[ 3278.569440][ T9702] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3278.581212][ T9702] CPU: 1 PID: 9702 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3278.591553][ T9702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3278.601601][ T9702] Call Trace:
[ 3278.604883][ T9702]  <TASK>
[ 3278.607798][ T9702]  dump_stack_lvl+0x1e7/0x2e0
[ 3278.612464][ T9702]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3278.617646][ T9702]  ? __pfx__printk+0x10/0x10
[ 3278.622218][ T9702]  ? ___ratelimit+0x4c4/0x670
[ 3278.626883][ T9702]  ? __pfx____ratelimit+0x10/0x10
[ 3278.631890][ T9702]  dump_header+0xda/0x6a0
[ 3278.636227][ T9702]  oom_kill_process+0x3a7/0x930
[ 3278.641103][ T9702]  out_of_memory+0xf67/0x1320
[ 3278.645795][ T9702]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3278.651429][ T9702]  ? __pfx___mutex_lock+0x10/0x10
[ 3278.656443][ T9702]  ? __pfx_out_of_memory+0x10/0x10
[ 3278.661542][ T9702]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3278.667070][ T9702]  ? __pfx_lock_release+0x10/0x10
[ 3278.672082][ T9702]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3278.678133][ T9702]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3278.683312][ T9702]  ? mem_cgroup_iter+0x422/0x560
[ 3278.688255][ T9702]  try_charge_memcg+0xda2/0x18a0
[ 3278.693233][ T9702]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3278.698612][ T9702]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3278.704331][ T9702]  ? __pfx_lock_release+0x10/0x10
[ 3278.709360][ T9702]  ? memcg_account_kmem+0x1e7/0x210
[ 3278.714548][ T9702]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3278.720336][ T9702]  __memcg_kmem_charge_page+0xe1/0x250
[ 3278.725788][ T9702]  memcg_charge_kernel_stack+0x196/0x550
[ 3278.731406][ T9702]  dup_task_struct+0x15d/0x7d0
[ 3278.736172][ T9702]  copy_process+0x5d5/0x3fc0
[ 3278.740787][ T9702]  ? __might_fault+0xa9/0x120
[ 3278.745473][ T9702]  ? __pfx_lock_release+0x10/0x10
[ 3278.750503][ T9702]  ? __pfx_copy_process+0x10/0x10
[ 3278.755515][ T9702]  ? __might_fault+0xc5/0x120
[ 3278.760181][ T9702]  ? __asan_memset+0x23/0x50
[ 3278.764758][ T9702]  kernel_clone+0x21d/0x8d0
[ 3278.769249][ T9702]  ? __pfx_kernel_clone+0x10/0x10
[ 3278.774266][ T9702]  __se_sys_clone3+0x2cb/0x350
[ 3278.779011][ T9702]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3278.784303][ T9702]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3278.790318][ T9702]  ? exc_page_fault+0x587/0x870
[ 3278.795189][ T9702]  ? do_syscall_64+0xb4/0x240
[ 3278.799856][ T9702]  do_syscall_64+0xf9/0x240
[ 3278.804354][ T9702]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3278.810240][ T9702] RIP: 0033:0x7fa2eb4a9b99
[ 3278.814640][ T9702] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3278.834240][ T9702] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3278.842664][ T9702] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3278.850633][ T9702] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3278.858586][ T9702] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3278.866539][ T9702] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3278.874492][ T9702] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3278.882457][ T9702]  </TASK>
[ 3278.889440][ T9702] memory: usage 307180kB, limit 307200kB, failcnt 338590
[ 3278.896915][ T9702] memory+swap: usage 308016kB, limit 9007199254740988kB, failcnt 0
[ 3278.905178][ T9702] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3278.913253][ T9702] Memory cgroup stats for /syz3:
[ 3278.913373][ T9702] cache 0
[ 3278.921588][ T9702] rss 16384
[ 3278.925028][ T9702] rss_huge 0
[ 3278.928230][ T9702] shmem 0
[ 3278.931180][ T9702] mapped_file 0
[ 3278.934960][ T9702] dirty 0
[ 3278.937977][ T9702] writeback 0
[ 3278.941264][ T9702] workingset_refault_anon 265393
[ 3278.946554][ T9702] workingset_refault_file 72
[ 3278.951150][ T9702] swap 839680
[ 3278.954774][ T9702] swapcached 0
[ 3278.958162][ T9702] pgpgin 1964280
[ 3278.961708][ T9702] pgpgout 1964276
[ 3278.965673][ T9702] pgfault 3436372
[ 3278.969331][ T9702] pgmajfault 216625
[ 3278.973126][ T9702] inactive_anon 0
[ 3278.977036][ T9702] active_anon 16384
[ 3278.980841][ T9702] inactive_file 0
[ 3278.984818][ T9702] active_file 0
[ 3278.988279][ T9702] unevictable 0
[ 3278.991734][ T9702] hierarchical_memory_limit 314572800
[ 3278.998020][ T9702] hierarchical_memsw_limit 9223372036854771712
[ 3279.004590][ T9702] total_cache 0
[ 3279.008052][ T9702] total_rss 16384
[ 3279.012370][ T9702] total_rss_huge 0
[ 3279.016479][ T9702] total_shmem 0
[ 3279.019947][ T9702] total_mapped_file 0
[ 3279.024309][ T9702] total_dirty 0
[ 3279.027769][ T9702] total_writeback 0
[ 3279.031572][ T9702] total_workingset_refault_anon 265393
[ 3279.037356][ T9702] total_workingset_refault_file 72
[ 3279.042488][ T9702] total_swap 839680
[ 3279.046618][ T9702] total_swapcached 0
[ 3279.050515][ T9702] total_pgpgin 1964280
[ 3279.054895][ T9702] total_pgpgout 1964276
[ 3279.059047][ T9702] total_pgfault 3436372
[ 3279.063179][ T9702] total_pgmajfault 216625
[ 3279.068089][ T9702] total_inactive_anon 0
[ 3279.072245][ T9702] total_active_anon 16384
[ 3279.077247][ T9702] total_inactive_file 0
[ 3279.081406][ T9702] total_active_file 0
[ 3279.086312][ T9702] total_unevictable 0
[ 3279.090302][ T9702] anon_cost 0
[ 3279.093569][ T9702] file_cost 0
[ 3279.097959][ T9702] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9702,uid=0
[ 3279.114745][ T9702] Memory cgroup out of memory: Killed process 9702 (syz-executor.3) total-vm:54508kB, anon-rss:356kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:59:31 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x6000, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3279.367749][ T9703] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3279.378341][ T9703] CPU: 1 PID: 9703 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3279.388682][ T9703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3279.398733][ T9703] Call Trace:
[ 3279.401998][ T9703]  <TASK>
[ 3279.404941][ T9703]  dump_stack_lvl+0x1e7/0x2e0
[ 3279.409653][ T9703]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3279.414879][ T9703]  ? __pfx__printk+0x10/0x10
[ 3279.419480][ T9703]  ? ___ratelimit+0x4c4/0x670
[ 3279.424177][ T9703]  ? __pfx____ratelimit+0x10/0x10
[ 3279.429214][ T9703]  dump_header+0xda/0x6a0
[ 3279.433534][ T9703]  oom_kill_process+0x3a7/0x930
[ 3279.438380][ T9703]  out_of_memory+0xf67/0x1320
[ 3279.443076][ T9703]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3279.448703][ T9703]  ? __pfx___mutex_lock+0x10/0x10
[ 3279.453741][ T9703]  ? __pfx_out_of_memory+0x10/0x10
[ 3279.458863][ T9703]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3279.464436][ T9703]  ? __pfx_lock_release+0x10/0x10
[ 3279.469472][ T9703]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3279.475543][ T9703]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3279.480750][ T9703]  ? mem_cgroup_iter+0x422/0x560
[ 3279.485684][ T9703]  try_charge_memcg+0xda2/0x18a0
[ 3279.490637][ T9703]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3279.496003][ T9703]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3279.501722][ T9703]  ? __pfx_lock_release+0x10/0x10
[ 3279.506833][ T9703]  ? memcg_account_kmem+0x1e7/0x210
[ 3279.512033][ T9703]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3279.517834][ T9703]  __memcg_kmem_charge_page+0xe1/0x250
[ 3279.523299][ T9703]  memcg_charge_kernel_stack+0x196/0x550
[ 3279.528931][ T9703]  dup_task_struct+0x15d/0x7d0
[ 3279.533711][ T9703]  copy_process+0x5d5/0x3fc0
[ 3279.538305][ T9703]  ? __might_fault+0xa9/0x120
[ 3279.542976][ T9703]  ? __pfx_lock_release+0x10/0x10
[ 3279.548002][ T9703]  ? __lock_acquire+0x1345/0x1fd0
[ 3279.553029][ T9703]  ? __pfx_copy_process+0x10/0x10
[ 3279.558046][ T9703]  ? __might_fault+0xc5/0x120
[ 3279.562740][ T9703]  ? __asan_memset+0x23/0x50
[ 3279.567341][ T9703]  kernel_clone+0x21d/0x8d0
[ 3279.571846][ T9703]  ? __pfx_kernel_clone+0x10/0x10
[ 3279.576878][ T9703]  ? __pfx_lock_release+0x10/0x10
[ 3279.581922][ T9703]  __se_sys_clone3+0x2cb/0x350
[ 3279.586689][ T9703]  ? __might_fault+0xa9/0x120
[ 3279.591373][ T9703]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3279.596657][ T9703]  ? rcu_is_watching+0x15/0xb0
[ 3279.601435][ T9703]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3279.607428][ T9703]  ? exc_page_fault+0x587/0x870
[ 3279.612280][ T9703]  ? do_syscall_64+0xb4/0x240
[ 3279.616958][ T9703]  do_syscall_64+0xf9/0x240
[ 3279.621461][ T9703]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3279.627355][ T9703] RIP: 0033:0x7fa2eb4a9b99
[ 3279.631763][ T9703] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3279.651366][ T9703] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3279.659776][ T9703] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3279.667754][ T9703] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3279.675725][ T9703] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3279.683692][ T9703] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3279.691658][ T9703] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3279.699638][ T9703]  </TASK>
[ 3279.719175][ T9703] memory: usage 307200kB, limit 307200kB, failcnt 339096
[ 3279.726493][ T9703] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3279.736166][ T9703] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3279.743468][ T9703] Memory cgroup stats for /syz3:
[ 3279.743545][ T9703] cache 0
[ 3279.751738][ T9703] rss 0
[ 3279.755377][ T9703] rss_huge 0
[ 3279.758585][ T9703] shmem 0
[ 3279.761502][ T9703] mapped_file 0
[ 3279.765427][ T9703] dirty 0
[ 3279.768378][ T9703] writeback 0
[ 3279.771659][ T9703] workingset_refault_anon 265573
[ 3279.777200][ T9703] workingset_refault_file 72
[ 3279.781799][ T9703] swap 819200
[ 3279.785653][ T9703] swapcached 0
[ 3279.789033][ T9703] pgpgin 1964475
[ 3279.792559][ T9703] pgpgout 1964475
[ 3279.796526][ T9703] pgfault 3436646
[ 3279.800179][ T9703] pgmajfault 216791
[ 3279.804355][ T9703] inactive_anon 0
[ 3279.807990][ T9703] active_anon 0
[ 3279.811436][ T9703] inactive_file 0
[ 3279.816805][ T9703] active_file 0
[ 3279.820283][ T9703] unevictable 0
[ 3279.823721][ T9703] hierarchical_memory_limit 314572800
[ 3279.830495][ T9703] hierarchical_memsw_limit 9223372036854771712
[ 3279.837041][ T9703] total_cache 0
[ 3279.840484][ T9703] total_rss 0
[ 3279.843746][ T9703] total_rss_huge 0
[ 3279.848138][ T9703] total_shmem 0
[ 3279.851778][ T9703] total_mapped_file 0
[ 3279.856906][ T9703] total_dirty 0
[ 3279.860381][ T9703] total_writeback 0
[ 3279.867895][ T9703] total_workingset_refault_anon 265573
[ 3279.873370][ T9703] total_workingset_refault_file 72
[ 3279.878931][ T9703] total_swap 819200
[ 3279.882720][ T9703] total_swapcached 0
[ 3279.887436][ T9703] total_pgpgin 1964475
[ 3279.891528][ T9703] total_pgpgout 1964475
[ 3279.896074][ T9703] total_pgfault 3436646
[ 3279.900241][ T9703] total_pgmajfault 216791
[ 3279.905237][ T9703] total_inactive_anon 0
[ 3279.909393][ T9703] total_active_anon 0
[ 3279.913350][ T9703] total_inactive_file 0
[ 3279.917886][ T9703] total_active_file 0
[ 3279.921872][ T9703] total_unevictable 0
[ 3279.927050][ T9703] anon_cost 0
[ 3279.930344][ T9703] file_cost 0
[ 3279.935126][ T9703] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9703,uid=0
[ 3279.954154][ T9703] Memory cgroup out of memory: Killed process 9703 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:59:31 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x6558, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3280.244960][ T5114] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 3280.256671][ T5114] CPU: 0 PID: 5114 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3280.267014][ T5114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3280.277057][ T5114] Call Trace:
[ 3280.280321][ T5114]  <TASK>
[ 3280.283239][ T5114]  dump_stack_lvl+0x1e7/0x2e0
[ 3280.287915][ T5114]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3280.293098][ T5114]  ? __pfx__printk+0x10/0x10
[ 3280.297676][ T5114]  ? ___ratelimit+0x4c4/0x670
[ 3280.302341][ T5114]  ? __pfx____ratelimit+0x10/0x10
[ 3280.307358][ T5114]  dump_header+0xda/0x6a0
[ 3280.311691][ T5114]  oom_kill_process+0x3a7/0x930
[ 3280.316540][ T5114]  out_of_memory+0xf67/0x1320
[ 3280.321210][ T5114]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3280.326832][ T5114]  ? __pfx___mutex_lock+0x10/0x10
[ 3280.331852][ T5114]  ? __pfx_out_of_memory+0x10/0x10
[ 3280.336970][ T5114]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3280.342517][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3280.347547][ T5114]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3280.353610][ T5114]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3280.358808][ T5114]  ? mem_cgroup_iter+0x422/0x560
[ 3280.363742][ T5114]  try_charge_memcg+0xda2/0x18a0
[ 3280.368670][ T5114]  ? mark_lock+0x9a/0x350
[ 3280.373004][ T5114]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3280.378385][ T5114]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3280.384527][ T5114]  charge_memcg+0xa2/0x160
[ 3280.388940][ T5114]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3280.395000][ T5114]  __read_swap_cache_async+0x480/0x8b0
[ 3280.400455][ T5114]  ? mark_lock+0x9a/0x350
[ 3280.404787][ T5114]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3280.410764][ T5114]  ? blk_start_plug+0x6f/0x1b0
[ 3280.415522][ T5114]  swap_cluster_readahead+0x398/0x810
[ 3280.420897][ T5114]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3280.426803][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3280.431845][ T5114]  ? xas_descend+0x37e/0x470
[ 3280.436447][ T5114]  swapin_readahead+0x1ea/0x1070
[ 3280.441385][ T5114]  ? filemap_get_entry+0x127/0x4e0
[ 3280.446509][ T5114]  ? __pfx_swapin_readahead+0x10/0x10
[ 3280.451887][ T5114]  ? __filemap_get_folio+0x935/0xbc0
[ 3280.457182][ T5114]  ? swap_cache_get_folio+0x9f/0x570
[ 3280.462476][ T5114]  do_swap_page+0x8ab/0x3da0
[ 3280.467069][ T5114]  ? __pte_offset_map+0x2c4/0x380
[ 3280.472092][ T5114]  ? do_swap_page+0x154/0x3da0
[ 3280.476848][ T5114]  ? __pfx_do_swap_page+0x10/0x10
[ 3280.481865][ T5114]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3280.487325][ T5114]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3280.493156][ T5114]  __handle_mm_fault+0x15e8/0x72d0
[ 3280.498318][ T5114]  ? reacquire_held_locks+0x3eb/0x690
[ 3280.503689][ T5114]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3280.509154][ T5114]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 3280.514880][ T5114]  ? mtree_range_walk+0x6fd/0x8e0
[ 3280.519902][ T5114]  ? lock_vma_under_rcu+0x18a/0x730
[ 3280.525094][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3280.530113][ T5114]  ? lock_vma_under_rcu+0x2f9/0x730
[ 3280.535324][ T5114]  ? lock_vma_under_rcu+0x18a/0x730
[ 3280.540518][ T5114]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 3280.546062][ T5114]  handle_mm_fault+0x3c1/0x8a0
[ 3280.550828][ T5114]  exc_page_fault+0x456/0x870
[ 3280.555517][ T5114]  asm_exc_page_fault+0x26/0x30
[ 3280.560364][ T5114] RIP: 0033:0x7fa2eb47a780
[ 3280.564770][ T5114] Code: ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 <80> 3d 71 57 10 00 00 49 89 ca 74 14 b8 3d 00 00 00 0f 05 48 3d 00
[ 3280.584363][ T5114] RSP: 002b:00007fa2eb6cfd58 EFLAGS: 00010246
[ 3280.590421][ T5114] RAX: 00000000000000ab RBX: 00000000000067a0 RCX: 0000000000000000
[ 3280.598378][ T5114] RDX: 0000000040000001 RSI: 00007fa2eb6cfdbc RDI: 00000000ffffffff
[ 3280.606339][ T5114] RBP: 00007fa2eb6cfdbc R08: 0000000000000010 R09: 00007ffcc99b80b0
[ 3280.614302][ T5114] R10: 00007ffcc99b8080 R11: 000000000009b5a2 R12: 0000000000000032
[ 3280.622262][ T5114] R13: 0000000000320ca1 R14: 0000000000320ca1 R15: 0000000000000000
[ 3280.630235][ T5114]  </TASK>
[ 3280.644687][ T5114] memory: usage 307180kB, limit 307200kB, failcnt 339646
[ 3280.652298][ T5114] memory+swap: usage 307988kB, limit 9007199254740988kB, failcnt 0
[ 3280.661709][ T5114] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3280.669504][ T5114] Memory cgroup stats for /syz3:
[ 3280.669633][ T5114] cache 0
[ 3280.677855][ T5114] rss 16384
[ 3280.680965][ T5114] rss_huge 0
[ 3280.685754][ T5114] shmem 0
[ 3280.688727][ T5114] mapped_file 0
[ 3280.692189][ T5114] dirty 0
[ 3280.696072][ T5114] writeback 0
[ 3280.699366][ T5114] workingset_refault_anon 265765
[ 3280.705072][ T5114] workingset_refault_file 72
[ 3280.709667][ T5114] swap 811008
[ 3280.712929][ T5114] swapcached 0
[ 3280.717392][ T5114] pgpgin 1964681
[ 3280.720967][ T5114] pgpgout 1964677
[ 3280.725345][ T5114] pgfault 3436944
[ 3280.729041][ T5114] pgmajfault 216979
[ 3280.732856][ T5114] inactive_anon 12288
[ 3280.737161][ T5114] active_anon 4096
[ 3280.740892][ T5114] inactive_file 0
[ 3280.746800][ T5114] active_file 0
[ 3280.750367][ T5114] unevictable 0
[ 3280.755071][ T5114] hierarchical_memory_limit 314572800
[ 3280.760457][ T5114] hierarchical_memsw_limit 9223372036854771712
[ 3280.767258][ T5114] total_cache 0
[ 3280.770737][ T5114] total_rss 16384
[ 3280.774852][ T5114] total_rss_huge 0
[ 3280.778583][ T5114] total_shmem 0
[ 3280.782058][ T5114] total_mapped_file 0
[ 3280.786379][ T5114] total_dirty 0
[ 3280.789849][ T5114] total_writeback 0
[ 3280.793649][ T5114] total_workingset_refault_anon 265765
[ 3280.799446][ T5114] total_workingset_refault_file 72
[ 3280.804908][ T5114] total_swap 811008
[ 3280.808721][ T5114] total_swapcached 0
[ 3280.812604][ T5114] total_pgpgin 1964681
[ 3280.816977][ T5114] total_pgpgout 1964677
[ 3280.821126][ T5114] total_pgfault 3436944
[ 3280.825949][ T5114] total_pgmajfault 216979
[ 3280.830282][ T5114] total_inactive_anon 12288
[ 3280.835131][ T5114] total_active_anon 4096
[ 3280.839370][ T5114] total_inactive_file 0
[ 3280.843502][ T5114] total_active_file 0
10:59:32 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x8100, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3280.847814][ T5114] total_unevictable 0
[ 3280.851797][ T5114] anon_cost 0
[ 3280.856487][ T5114] file_cost 0
[ 3280.859785][ T5114] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9704,uid=0
[ 3280.879851][ T5114] Memory cgroup out of memory: Killed process 9704 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3281.137759][ T9705] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3281.148678][ T9705] CPU: 1 PID: 9705 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3281.159020][ T9705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3281.169083][ T9705] Call Trace:
[ 3281.172346][ T9705]  <TASK>
[ 3281.175278][ T9705]  dump_stack_lvl+0x1e7/0x2e0
[ 3281.179968][ T9705]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3281.185164][ T9705]  ? __pfx__printk+0x10/0x10
[ 3281.189755][ T9705]  ? ___ratelimit+0x4c4/0x670
[ 3281.194442][ T9705]  ? __pfx____ratelimit+0x10/0x10
[ 3281.199474][ T9705]  dump_header+0xda/0x6a0
[ 3281.203793][ T9705]  oom_kill_process+0x3a7/0x930
[ 3281.208651][ T9705]  out_of_memory+0xf67/0x1320
[ 3281.213335][ T9705]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3281.218953][ T9705]  ? __pfx___mutex_lock+0x10/0x10
[ 3281.223982][ T9705]  ? __pfx_out_of_memory+0x10/0x10
[ 3281.229117][ T9705]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3281.234680][ T9705]  ? __pfx_lock_release+0x10/0x10
[ 3281.239711][ T9705]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3281.245782][ T9705]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3281.250985][ T9705]  ? mem_cgroup_iter+0x422/0x560
[ 3281.255914][ T9705]  try_charge_memcg+0xda2/0x18a0
[ 3281.260846][ T9705]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3281.266218][ T9705]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3281.271950][ T9705]  ? __pfx_lock_release+0x10/0x10
[ 3281.276983][ T9705]  ? memcg_account_kmem+0x1e7/0x210
[ 3281.282173][ T9705]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3281.287977][ T9705]  __memcg_kmem_charge_page+0xe1/0x250
[ 3281.293444][ T9705]  memcg_charge_kernel_stack+0x196/0x550
[ 3281.299070][ T9705]  dup_task_struct+0x15d/0x7d0
[ 3281.303832][ T9705]  copy_process+0x5d5/0x3fc0
[ 3281.308448][ T9705]  ? __might_fault+0xa9/0x120
[ 3281.313134][ T9705]  ? __pfx_lock_release+0x10/0x10
[ 3281.318156][ T9705]  ? __pfx_copy_process+0x10/0x10
[ 3281.323163][ T9705]  ? __might_fault+0xc5/0x120
[ 3281.327841][ T9705]  ? __asan_memset+0x23/0x50
[ 3281.332436][ T9705]  kernel_clone+0x21d/0x8d0
[ 3281.336933][ T9705]  ? __pfx_kernel_clone+0x10/0x10
[ 3281.341957][ T9705]  __se_sys_clone3+0x2cb/0x350
[ 3281.346722][ T9705]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3281.352015][ T9705]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3281.357992][ T9705]  ? exc_page_fault+0x587/0x870
[ 3281.362829][ T9705]  ? do_syscall_64+0xb4/0x240
[ 3281.367507][ T9705]  do_syscall_64+0xf9/0x240
[ 3281.372024][ T9705]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3281.377923][ T9705] RIP: 0033:0x7fa2eb4a9b99
[ 3281.382334][ T9705] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3281.401934][ T9705] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3281.410348][ T9705] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3281.418319][ T9705] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3281.426289][ T9705] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3281.434280][ T9705] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3281.442264][ T9705] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3281.450235][ T9705]  </TASK>
[ 3281.463237][ T9705] memory: usage 307180kB, limit 307200kB, failcnt 340175
[ 3281.471524][ T9705] memory+swap: usage 307980kB, limit 9007199254740988kB, failcnt 0
[ 3281.479844][ T9705] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3281.487461][ T9705] Memory cgroup stats for /syz3:
[ 3281.487577][ T9705] cache 0
[ 3281.495704][ T9705] rss 16384
[ 3281.498810][ T9705] rss_huge 0
[ 3281.501987][ T9705] shmem 0
[ 3281.505270][ T9705] mapped_file 0
[ 3281.508748][ T9705] dirty 0
[ 3281.511712][ T9705] writeback 0
[ 3281.515370][ T9705] workingset_refault_anon 265981
[ 3281.520322][ T9705] workingset_refault_file 72
[ 3281.525251][ T9705] swap 802816
[ 3281.528533][ T9705] swapcached 0
[ 3281.531883][ T9705] pgpgin 1964910
[ 3281.535754][ T9705] pgpgout 1964906
[ 3281.539398][ T9705] pgfault 3437257
[ 3281.543025][ T9705] pgmajfault 217177
[ 3281.547220][ T9705] inactive_anon 0
[ 3281.550863][ T9705] active_anon 12288
[ 3281.555001][ T9705] inactive_file 0
[ 3281.558643][ T9705] active_file 0
[ 3281.562092][ T9705] unevictable 0
[ 3281.567093][ T9705] hierarchical_memory_limit 314572800
[ 3281.573126][ T9705] hierarchical_memsw_limit 9223372036854771712
[ 3281.579645][ T9705] total_cache 0
[ 3281.583112][ T9705] total_rss 16384
[ 3281.587117][ T9705] total_rss_huge 0
[ 3281.590838][ T9705] total_shmem 0
[ 3281.594617][ T9705] total_mapped_file 0
[ 3281.598613][ T9705] total_dirty 0
[ 3281.602074][ T9705] total_writeback 0
[ 3281.606269][ T9705] total_workingset_refault_anon 265981
[ 3281.611730][ T9705] total_workingset_refault_file 72
[ 3281.617211][ T9705] total_swap 802816
[ 3281.621019][ T9705] total_swapcached 0
[ 3281.625261][ T9705] total_pgpgin 1964910
[ 3281.629325][ T9705] total_pgpgout 1964906
[ 3281.633454][ T9705] total_pgfault 3437257
[ 3281.637919][ T9705] total_pgmajfault 217177
[ 3281.642242][ T9705] total_inactive_anon 0
[ 3281.646743][ T9705] total_active_anon 12288
[ 3281.651084][ T9705] total_inactive_file 0
[ 3281.655614][ T9705] total_active_file 0
[ 3281.659614][ T9705] total_unevictable 0
[ 3281.663596][ T9705] anon_cost 0
[ 3281.667233][ T9705] file_cost 0
[ 3281.670528][ T9705] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9705,uid=0
[ 3281.688432][ T9705] Memory cgroup out of memory: Killed process 9705 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:59:33 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x8847, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3281.989173][ T9706] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3282.000786][ T9706] CPU: 0 PID: 9706 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3282.011136][ T9706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3282.021195][ T9706] Call Trace:
[ 3282.024463][ T9706]  <TASK>
[ 3282.027375][ T9706]  dump_stack_lvl+0x1e7/0x2e0
[ 3282.032044][ T9706]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3282.037227][ T9706]  ? __pfx__printk+0x10/0x10
[ 3282.041804][ T9706]  ? ___ratelimit+0x4c4/0x670
[ 3282.046469][ T9706]  ? __pfx____ratelimit+0x10/0x10
[ 3282.051477][ T9706]  dump_header+0xda/0x6a0
[ 3282.055817][ T9706]  oom_kill_process+0x3a7/0x930
[ 3282.060679][ T9706]  out_of_memory+0xf67/0x1320
[ 3282.065352][ T9706]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3282.070981][ T9706]  ? __pfx___mutex_lock+0x10/0x10
[ 3282.076006][ T9706]  ? __pfx_out_of_memory+0x10/0x10
[ 3282.081114][ T9706]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3282.086654][ T9706]  ? __pfx_lock_release+0x10/0x10
[ 3282.091674][ T9706]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3282.097735][ T9706]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3282.102923][ T9706]  ? mem_cgroup_iter+0x422/0x560
[ 3282.107856][ T9706]  try_charge_memcg+0xda2/0x18a0
[ 3282.112803][ T9706]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3282.118163][ T9706]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3282.123871][ T9706]  ? __pfx_lock_release+0x10/0x10
[ 3282.128890][ T9706]  ? memcg_account_kmem+0x1e7/0x210
[ 3282.134090][ T9706]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3282.139885][ T9706]  __memcg_kmem_charge_page+0xe1/0x250
[ 3282.145339][ T9706]  memcg_charge_kernel_stack+0x196/0x550
[ 3282.150963][ T9706]  dup_task_struct+0x15d/0x7d0
[ 3282.155727][ T9706]  copy_process+0x5d5/0x3fc0
[ 3282.160314][ T9706]  ? __might_fault+0xa9/0x120
[ 3282.164986][ T9706]  ? __pfx_lock_release+0x10/0x10
[ 3282.170010][ T9706]  ? __pfx_copy_process+0x10/0x10
[ 3282.175021][ T9706]  ? __might_fault+0xc5/0x120
[ 3282.179691][ T9706]  ? __asan_memset+0x23/0x50
[ 3282.184275][ T9706]  kernel_clone+0x21d/0x8d0
[ 3282.188774][ T9706]  ? __pfx_kernel_clone+0x10/0x10
[ 3282.193800][ T9706]  __se_sys_clone3+0x2cb/0x350
[ 3282.198566][ T9706]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3282.203859][ T9706]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3282.209850][ T9706]  ? exc_page_fault+0x587/0x870
[ 3282.214693][ T9706]  ? do_syscall_64+0xb4/0x240
[ 3282.219470][ T9706]  do_syscall_64+0xf9/0x240
[ 3282.223983][ T9706]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3282.229875][ T9706] RIP: 0033:0x7fa2eb4a9b99
[ 3282.234282][ T9706] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3282.253890][ T9706] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3282.262315][ T9706] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3282.270291][ T9706] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3282.278258][ T9706] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3282.286223][ T9706] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3282.294191][ T9706] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3282.302172][ T9706]  </TASK>
[ 3282.317120][ T9706] memory: usage 307200kB, limit 307200kB, failcnt 340780
[ 3282.324558][ T9706] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3282.332504][ T9706] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3282.340475][ T9706] Memory cgroup stats for /syz3:
[ 3282.340609][ T9706] cache 0
[ 3282.349051][ T9706] rss 0
[ 3282.351807][ T9706] rss_huge 0
[ 3282.355347][ T9706] shmem 0
[ 3282.358284][ T9706] mapped_file 0
[ 3282.361721][ T9706] dirty 0
[ 3282.367177][ T9706] writeback 0
[ 3282.370465][ T9706] workingset_refault_anon 266186
[ 3282.376103][ T9706] workingset_refault_file 72
[ 3282.380710][ T9706] swap 819200
[ 3282.384763][ T9706] swapcached 0
[ 3282.388162][ T9706] pgpgin 1965128
[ 3282.391905][ T9706] pgpgout 1965128
[ 3282.396264][ T9706] pgfault 3437563
[ 3282.399887][ T9706] pgmajfault 217372
[ 3282.403668][ T9706] inactive_anon 0
[ 3282.407630][ T9706] active_anon 0
[ 3282.411109][ T9706] inactive_file 0
[ 3282.416756][ T9706] active_file 0
[ 3282.420227][ T9706] unevictable 0
[ 3282.423664][ T9706] hierarchical_memory_limit 314572800
[ 3282.430028][ T9706] hierarchical_memsw_limit 9223372036854771712
[ 3282.438192][ T9706] total_cache 0
[ 3282.441669][ T9706] total_rss 0
[ 3282.447985][ T9706] total_rss_huge 0
[ 3282.452301][ T9706] total_shmem 0
[ 3282.456403][ T9706] total_mapped_file 0
[ 3282.460403][ T9706] total_dirty 0
[ 3282.464969][ T9706] total_writeback 0
[ 3282.468789][ T9706] total_workingset_refault_anon 266186
[ 3282.475011][ T9706] total_workingset_refault_file 72
[ 3282.480124][ T9706] total_swap 819200
[ 3282.484284][ T9706] total_swapcached 0
[ 3282.488179][ T9706] total_pgpgin 1965128
[ 3282.492240][ T9706] total_pgpgout 1965128
[ 3282.497059][ T9706] total_pgfault 3437563
[ 3282.501217][ T9706] total_pgmajfault 217372
[ 3282.506243][ T9706] total_inactive_anon 0
[ 3282.510402][ T9706] total_active_anon 0
[ 3282.518719][ T9706] total_inactive_file 0
[ 3282.522890][ T9706] total_active_file 0
[ 3282.532521][ T9706] total_unevictable 0
[ 3282.542158][ T9706] anon_cost 0
[ 3282.545885][ T9706] file_cost 0
[ 3282.549195][ T9706] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9706,uid=0
[ 3282.565647][ T9706] Memory cgroup out of memory: Killed process 9706 (syz-executor.3) total-vm:54508kB, anon-rss:368kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:59:34 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x8848, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3282.960935][ T9707] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3282.971438][ T9707] CPU: 0 PID: 9707 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3282.981761][ T9707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3282.991817][ T9707] Call Trace:
[ 3282.995107][ T9707]  <TASK>
[ 3282.998052][ T9707]  dump_stack_lvl+0x1e7/0x2e0
[ 3283.002777][ T9707]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3283.008000][ T9707]  ? __pfx__printk+0x10/0x10
[ 3283.012614][ T9707]  ? ___ratelimit+0x4c4/0x670
[ 3283.017309][ T9707]  ? __pfx____ratelimit+0x10/0x10
[ 3283.022336][ T9707]  dump_header+0xda/0x6a0
[ 3283.026668][ T9707]  oom_kill_process+0x3a7/0x930
[ 3283.031517][ T9707]  out_of_memory+0xf67/0x1320
[ 3283.036195][ T9707]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3283.041824][ T9707]  ? __pfx___mutex_lock+0x10/0x10
[ 3283.046860][ T9707]  ? __pfx_out_of_memory+0x10/0x10
[ 3283.051996][ T9707]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3283.057551][ T9707]  ? __pfx_lock_release+0x10/0x10
[ 3283.062577][ T9707]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3283.068653][ T9707]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3283.073868][ T9707]  ? mem_cgroup_iter+0x422/0x560
[ 3283.078821][ T9707]  try_charge_memcg+0xda2/0x18a0
[ 3283.083770][ T9707]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3283.089137][ T9707]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3283.094858][ T9707]  ? __pfx_lock_release+0x10/0x10
[ 3283.099896][ T9707]  ? memcg_account_kmem+0x1e7/0x210
[ 3283.105102][ T9707]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3283.110908][ T9707]  __memcg_kmem_charge_page+0xe1/0x250
[ 3283.116383][ T9707]  memcg_charge_kernel_stack+0x3f8/0x550
[ 3283.122105][ T9707]  dup_task_struct+0x40d/0x7d0
[ 3283.126878][ T9707]  copy_process+0x5d5/0x3fc0
[ 3283.131477][ T9707]  ? __might_fault+0xa9/0x120
[ 3283.136148][ T9707]  ? __pfx_lock_release+0x10/0x10
[ 3283.141172][ T9707]  ? __pfx_copy_process+0x10/0x10
[ 3283.146190][ T9707]  ? __might_fault+0xc5/0x120
[ 3283.150866][ T9707]  ? __asan_memset+0x23/0x50
[ 3283.155461][ T9707]  kernel_clone+0x21d/0x8d0
[ 3283.159967][ T9707]  ? __pfx_kernel_clone+0x10/0x10
[ 3283.165015][ T9707]  __se_sys_clone3+0x2cb/0x350
[ 3283.169787][ T9707]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3283.175080][ T9707]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3283.181084][ T9707]  ? exc_page_fault+0x587/0x870
[ 3283.185939][ T9707]  ? do_syscall_64+0xb4/0x240
[ 3283.190626][ T9707]  do_syscall_64+0xf9/0x240
[ 3283.195129][ T9707]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3283.201031][ T9707] RIP: 0033:0x7fa2eb4a9b99
[ 3283.205450][ T9707] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3283.225058][ T9707] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3283.233469][ T9707] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3283.241447][ T9707] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3283.249417][ T9707] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3283.257388][ T9707] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3283.265350][ T9707] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3283.273345][ T9707]  </TASK>
[ 3283.294215][ T9707] memory: usage 307200kB, limit 307200kB, failcnt 341340
[ 3283.301743][ T9707] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3283.324156][ T9707] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3283.331889][ T9707] Memory cgroup stats for /syz3:
[ 3283.332022][ T9707] cache 0
[ 3283.344371][ T9707] rss 16384
[ 3283.347800][ T9707] rss_huge 0
[ 3283.351072][ T9707] shmem 0
[ 3283.374620][ T9707] mapped_file 0
[ 3283.378127][ T9707] dirty 0
[ 3283.381077][ T9707] writeback 0
[ 3283.384885][ T9707] workingset_refault_anon 266386
[ 3283.389833][ T9707] workingset_refault_file 72
[ 3283.400213][ T9707] swap 802816
[ 3283.403519][ T9707] swapcached 0
[ 3283.418073][ T9707] pgpgin 1965341
[ 3283.421639][ T9707] pgpgout 1965337
[ 3283.428487][ T9707] pgfault 3437856
[ 3283.432169][ T9707] pgmajfault 217553
[ 3283.436740][ T9707] inactive_anon 16384
[ 3283.440734][ T9707] active_anon 0
[ 3283.444719][ T9707] inactive_file 0
[ 3283.448360][ T9707] active_file 0
[ 3283.454286][ T9707] unevictable 0
[ 3283.457775][ T9707] hierarchical_memory_limit 314572800
[ 3283.463154][ T9707] hierarchical_memsw_limit 9223372036854771712
[ 3283.469945][ T9707] total_cache 0
[ 3283.473416][ T9707] total_rss 16384
[ 3283.477480][ T9707] total_rss_huge 0
[ 3283.481200][ T9707] total_shmem 0
[ 3283.485215][ T9707] total_mapped_file 0
[ 3283.489218][ T9707] total_dirty 0
[ 3283.492684][ T9707] total_writeback 0
[ 3283.497115][ T9707] total_workingset_refault_anon 266386
[ 3283.502581][ T9707] total_workingset_refault_file 72
[ 3283.508908][ T9707] total_swap 802816
[ 3283.512737][ T9707] total_swapcached 0
[ 3283.522164][ T9707] total_pgpgin 1965341
[ 3283.529457][ T9707] total_pgpgout 1965337
[ 3283.533620][ T9707] total_pgfault 3437856
[ 3283.538538][ T9707] total_pgmajfault 217553
[ 3283.542880][ T9707] total_inactive_anon 16384
[ 3283.548174][ T9707] total_active_anon 0
[ 3283.552164][ T9707] total_inactive_file 0
[ 3283.557384][ T9707] total_active_file 0
[ 3283.561383][ T9707] total_unevictable 0
[ 3283.566119][ T9707] anon_cost 0
[ 3283.569518][ T9707] file_cost 0
10:59:35 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3283.572812][ T9707] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9707,uid=0
[ 3283.589069][ T9707] Memory cgroup out of memory: Killed process 9707 (syz-executor.3) total-vm:54508kB, anon-rss:356kB, file-rss:8912kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3283.809716][ T9708] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3283.820282][ T9708] CPU: 0 PID: 9708 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3283.830616][ T9708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3283.840661][ T9708] Call Trace:
[ 3283.843935][ T9708]  <TASK>
[ 3283.846874][ T9708]  dump_stack_lvl+0x1e7/0x2e0
[ 3283.851573][ T9708]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3283.856776][ T9708]  ? __pfx__printk+0x10/0x10
[ 3283.861349][ T9708]  ? ___ratelimit+0x4c4/0x670
[ 3283.866029][ T9708]  ? __pfx____ratelimit+0x10/0x10
[ 3283.871065][ T9708]  dump_header+0xda/0x6a0
[ 3283.875405][ T9708]  oom_kill_process+0x3a7/0x930
[ 3283.880270][ T9708]  out_of_memory+0xf67/0x1320
[ 3283.884976][ T9708]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3283.890613][ T9708]  ? __pfx___mutex_lock+0x10/0x10
[ 3283.895630][ T9708]  ? __pfx_out_of_memory+0x10/0x10
[ 3283.900732][ T9708]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3283.906272][ T9708]  ? __pfx_lock_release+0x10/0x10
[ 3283.911300][ T9708]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3283.917357][ T9708]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3283.922543][ T9708]  ? mem_cgroup_iter+0x422/0x560
[ 3283.927486][ T9708]  try_charge_memcg+0xda2/0x18a0
[ 3283.932442][ T9708]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3283.937802][ T9708]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3283.943505][ T9708]  ? __pfx_lock_release+0x10/0x10
[ 3283.948551][ T9708]  ? memcg_account_kmem+0x1e7/0x210
[ 3283.953763][ T9708]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3283.959555][ T9708]  __memcg_kmem_charge_page+0xe1/0x250
[ 3283.965021][ T9708]  memcg_charge_kernel_stack+0x3f8/0x550
[ 3283.970660][ T9708]  dup_task_struct+0x40d/0x7d0
[ 3283.975419][ T9708]  copy_process+0x5d5/0x3fc0
[ 3283.980000][ T9708]  ? __might_fault+0xa9/0x120
[ 3283.984677][ T9708]  ? __pfx_lock_release+0x10/0x10
[ 3283.989725][ T9708]  ? __pfx_copy_process+0x10/0x10
[ 3283.994763][ T9708]  ? __might_fault+0xc5/0x120
[ 3283.999449][ T9708]  ? __asan_memset+0x23/0x50
[ 3284.004039][ T9708]  kernel_clone+0x21d/0x8d0
[ 3284.008569][ T9708]  ? __pfx_kernel_clone+0x10/0x10
[ 3284.013615][ T9708]  __se_sys_clone3+0x2cb/0x350
[ 3284.018369][ T9708]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3284.023656][ T9708]  ? do_syscall_64+0x108/0x240
[ 3284.028430][ T9708]  ? do_syscall_64+0xb4/0x240
[ 3284.033130][ T9708]  do_syscall_64+0xf9/0x240
[ 3284.037644][ T9708]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3284.043543][ T9708] RIP: 0033:0x7fa2eb4a9b99
[ 3284.047959][ T9708] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3284.067584][ T9708] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3284.076445][ T9708] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3284.084676][ T9708] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3284.092653][ T9708] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3284.100699][ T9708] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3284.108674][ T9708] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3284.116661][ T9708]  </TASK>
[ 3284.123499][ T9708] memory: usage 307200kB, limit 307200kB, failcnt 341783
[ 3284.131328][ T9708] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3284.139626][ T9708] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3284.147569][ T9708] Memory cgroup stats for /syz3:
[ 3284.147698][ T9708] cache 0
[ 3284.155945][ T9708] rss 0
[ 3284.158707][ T9708] rss_huge 0
[ 3284.161885][ T9708] shmem 0
[ 3284.165155][ T9708] mapped_file 0
[ 3284.168620][ T9708] dirty 0
[ 3284.171555][ T9708] writeback 0
[ 3284.175416][ T9708] workingset_refault_anon 266575
[ 3284.180372][ T9708] workingset_refault_file 72
[ 3284.185304][ T9708] swap 819200
[ 3284.188629][ T9708] swapcached 0
[ 3284.192005][ T9708] pgpgin 1965548
[ 3284.195970][ T9708] pgpgout 1965548
[ 3284.199621][ T9708] pgfault 3438149
[ 3284.203264][ T9708] pgmajfault 217726
[ 3284.207734][ T9708] inactive_anon 0
[ 3284.211385][ T9708] active_anon 0
[ 3284.215239][ T9708] inactive_file 0
[ 3284.218887][ T9708] active_file 0
[ 3284.222337][ T9708] unevictable 0
[ 3284.228073][ T9708] hierarchical_memory_limit 314572800
[ 3284.233720][ T9708] hierarchical_memsw_limit 9223372036854771712
[ 3284.240270][ T9708] total_cache 0
[ 3284.243730][ T9708] total_rss 0
[ 3284.247392][ T9708] total_rss_huge 0
[ 3284.251114][ T9708] total_shmem 0
[ 3284.254953][ T9708] total_mapped_file 0
[ 3284.258937][ T9708] total_dirty 0
[ 3284.262405][ T9708] total_writeback 0
[ 3284.266790][ T9708] total_workingset_refault_anon 266575
[ 3284.272252][ T9708] total_workingset_refault_file 72
[ 3284.277684][ T9708] total_swap 819200
[ 3284.281489][ T9708] total_swapcached 0
[ 3284.285734][ T9708] total_pgpgin 1965548
[ 3284.289799][ T9708] total_pgpgout 1965548
[ 3284.294527][ T9708] total_pgfault 3438149
[ 3284.298685][ T9708] total_pgmajfault 217726
[ 3284.302991][ T9708] total_inactive_anon 0
[ 3284.307511][ T9708] total_active_anon 0
[ 3284.311497][ T9708] total_inactive_file 0
[ 3284.316010][ T9708] total_active_file 0
[ 3284.320075][ T9708] total_unevictable 0
[ 3284.324621][ T9708] anon_cost 0
[ 3284.327918][ T9708] file_cost 0
[ 3284.331196][ T9708] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9708,uid=0
10:59:36 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3284.347731][ T9708] Memory cgroup out of memory: Killed process 9708 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8704kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3284.620860][ T9709] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3284.632485][ T9709] CPU: 1 PID: 9709 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3284.642838][ T9709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3284.652884][ T9709] Call Trace:
[ 3284.656154][ T9709]  <TASK>
[ 3284.659071][ T9709]  dump_stack_lvl+0x1e7/0x2e0
[ 3284.663735][ T9709]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3284.668917][ T9709]  ? __pfx__printk+0x10/0x10
[ 3284.673486][ T9709]  ? ___ratelimit+0x4c4/0x670
[ 3284.678148][ T9709]  ? __pfx____ratelimit+0x10/0x10
[ 3284.683154][ T9709]  dump_header+0xda/0x6a0
[ 3284.687488][ T9709]  oom_kill_process+0x3a7/0x930
[ 3284.692358][ T9709]  out_of_memory+0xf67/0x1320
[ 3284.697043][ T9709]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3284.702672][ T9709]  ? __pfx___mutex_lock+0x10/0x10
[ 3284.707687][ T9709]  ? __pfx_out_of_memory+0x10/0x10
[ 3284.712786][ T9709]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3284.718316][ T9709]  ? __pfx_lock_release+0x10/0x10
[ 3284.723325][ T9709]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3284.729377][ T9709]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3284.734573][ T9709]  ? mem_cgroup_iter+0x422/0x560
[ 3284.739530][ T9709]  try_charge_memcg+0xda2/0x18a0
[ 3284.744498][ T9709]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3284.749867][ T9709]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3284.755579][ T9709]  ? __pfx_lock_release+0x10/0x10
[ 3284.760598][ T9709]  ? memcg_account_kmem+0x1e7/0x210
[ 3284.765795][ T9709]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3284.771590][ T9709]  __memcg_kmem_charge_page+0xe1/0x250
[ 3284.777045][ T9709]  memcg_charge_kernel_stack+0x3f8/0x550
[ 3284.782672][ T9709]  dup_task_struct+0x40d/0x7d0
[ 3284.787445][ T9709]  copy_process+0x5d5/0x3fc0
[ 3284.792041][ T9709]  ? __might_fault+0xa9/0x120
[ 3284.796708][ T9709]  ? __pfx_lock_release+0x10/0x10
[ 3284.801730][ T9709]  ? __pfx_copy_process+0x10/0x10
[ 3284.806745][ T9709]  ? __might_fault+0xc5/0x120
[ 3284.811418][ T9709]  ? __asan_memset+0x23/0x50
[ 3284.816006][ T9709]  kernel_clone+0x21d/0x8d0
[ 3284.820501][ T9709]  ? __pfx_kernel_clone+0x10/0x10
[ 3284.825532][ T9709]  __se_sys_clone3+0x2cb/0x350
[ 3284.830287][ T9709]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3284.835573][ T9709]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3284.841556][ T9709]  ? exc_page_fault+0x587/0x870
[ 3284.846400][ T9709]  ? do_syscall_64+0xb4/0x240
[ 3284.851074][ T9709]  do_syscall_64+0xf9/0x240
[ 3284.855576][ T9709]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3284.861465][ T9709] RIP: 0033:0x7fa2eb4a9b99
[ 3284.865874][ T9709] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3284.885558][ T9709] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3284.893963][ T9709] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3284.901923][ T9709] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3284.909882][ T9709] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3284.917928][ T9709] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3284.925886][ T9709] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3284.933866][ T9709]  </TASK>
[ 3284.951165][ T9709] memory: usage 307200kB, limit 307200kB, failcnt 342281
[ 3284.962423][ T9709] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3284.970697][ T9709] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3284.978190][ T9709] Memory cgroup stats for /syz3:
[ 3284.978274][ T9709] cache 0
[ 3284.986501][ T9709] rss 12288
[ 3284.989618][ T9709] rss_huge 0
[ 3284.992794][ T9709] shmem 0
[ 3284.996077][ T9709] mapped_file 0
[ 3284.999535][ T9709] dirty 0
[ 3285.002456][ T9709] writeback 0
[ 3285.006040][ T9709] workingset_refault_anon 266780
[ 3285.010982][ T9709] workingset_refault_file 72
[ 3285.015937][ T9709] swap 806912
[ 3285.019225][ T9709] swapcached 4096
[ 3285.022838][ T9709] pgpgin 1965769
[ 3285.026960][ T9709] pgpgout 1965766
[ 3285.030608][ T9709] pgfault 3438469
[ 3285.035012][ T9709] pgmajfault 217914
[ 3285.038825][ T9709] inactive_anon 0
[ 3285.042433][ T9709] active_anon 12288
[ 3285.048185][ T9709] inactive_file 0
[ 3285.051854][ T9709] active_file 0
[ 3285.056781][ T9709] unevictable 0
[ 3285.060255][ T9709] hierarchical_memory_limit 314572800
[ 3285.068598][ T9709] hierarchical_memsw_limit 9223372036854771712
[ 3285.077251][ T9709] total_cache 0
[ 3285.080726][ T9709] total_rss 12288
[ 3285.085198][ T9709] total_rss_huge 0
[ 3285.088933][ T9709] total_shmem 0
[ 3285.092384][ T9709] total_mapped_file 0
[ 3285.096756][ T9709] total_dirty 0
[ 3285.100242][ T9709] total_writeback 0
[ 3285.104381][ T9709] total_workingset_refault_anon 266780
[ 3285.109835][ T9709] total_workingset_refault_file 72
[ 3285.115526][ T9709] total_swap 806912
[ 3285.119331][ T9709] total_swapcached 4096
[ 3285.123459][ T9709] total_pgpgin 1965769
[ 3285.127860][ T9709] total_pgpgout 1965766
[ 3285.132015][ T9709] total_pgfault 3438469
[ 3285.136524][ T9709] total_pgmajfault 217914
[ 3285.140855][ T9709] total_inactive_anon 0
[ 3285.145861][ T9709] total_active_anon 12288
[ 3285.150190][ T9709] total_inactive_file 0
[ 3285.154711][ T9709] total_active_file 0
[ 3285.159214][ T9709] total_unevictable 0
[ 3285.163199][ T9709] anon_cost 0
[ 3285.167208][ T9709] file_cost 0
10:59:37 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x3}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3285.170516][ T9709] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9709,uid=0
[ 3285.188231][ T9709] Memory cgroup out of memory: Killed process 9709 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3285.443656][ T9710] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3285.455132][ T9710] CPU: 0 PID: 9710 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3285.465486][ T9710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3285.475562][ T9710] Call Trace:
[ 3285.478840][ T9710]  <TASK>
[ 3285.481771][ T9710]  dump_stack_lvl+0x1e7/0x2e0
[ 3285.486469][ T9710]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3285.491688][ T9710]  ? __pfx__printk+0x10/0x10
[ 3285.496276][ T9710]  ? ___ratelimit+0x4c4/0x670
[ 3285.500945][ T9710]  ? __pfx____ratelimit+0x10/0x10
[ 3285.505972][ T9710]  dump_header+0xda/0x6a0
[ 3285.510311][ T9710]  oom_kill_process+0x3a7/0x930
[ 3285.515162][ T9710]  out_of_memory+0xf67/0x1320
[ 3285.519838][ T9710]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3285.525468][ T9710]  ? __pfx___mutex_lock+0x10/0x10
[ 3285.530497][ T9710]  ? __pfx_out_of_memory+0x10/0x10
[ 3285.535611][ T9710]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3285.541155][ T9710]  ? __pfx_lock_release+0x10/0x10
[ 3285.546188][ T9710]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3285.552264][ T9710]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3285.557463][ T9710]  ? mem_cgroup_iter+0x422/0x560
[ 3285.562400][ T9710]  try_charge_memcg+0xda2/0x18a0
[ 3285.567353][ T9710]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3285.572720][ T9710]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3285.578438][ T9710]  ? __pfx_lock_release+0x10/0x10
[ 3285.583463][ T9710]  ? memcg_account_kmem+0x1e7/0x210
[ 3285.588663][ T9710]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3285.594468][ T9710]  __memcg_kmem_charge_page+0xe1/0x250
[ 3285.599930][ T9710]  memcg_charge_kernel_stack+0x196/0x550
[ 3285.605559][ T9710]  dup_task_struct+0x40d/0x7d0
[ 3285.610318][ T9710]  copy_process+0x5d5/0x3fc0
[ 3285.614910][ T9710]  ? __might_fault+0xa9/0x120
[ 3285.619578][ T9710]  ? __pfx_lock_release+0x10/0x10
[ 3285.624606][ T9710]  ? __pfx_copy_process+0x10/0x10
[ 3285.629641][ T9710]  ? __might_fault+0xc5/0x120
[ 3285.634333][ T9710]  ? __asan_memset+0x23/0x50
[ 3285.638928][ T9710]  kernel_clone+0x21d/0x8d0
[ 3285.643428][ T9710]  ? __pfx_kernel_clone+0x10/0x10
[ 3285.648460][ T9710]  __se_sys_clone3+0x2cb/0x350
[ 3285.653222][ T9710]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3285.658501][ T9710]  ? rcu_is_watching+0x15/0xb0
[ 3285.663270][ T9710]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3285.669260][ T9710]  ? exc_page_fault+0x587/0x870
[ 3285.674121][ T9710]  ? do_syscall_64+0xb4/0x240
[ 3285.678809][ T9710]  do_syscall_64+0xf9/0x240
[ 3285.683308][ T9710]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3285.689197][ T9710] RIP: 0033:0x7fa2eb4a9b99
[ 3285.693604][ T9710] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3285.713203][ T9710] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3285.721626][ T9710] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3285.729587][ T9710] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3285.737566][ T9710] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3285.745541][ T9710] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3285.753573][ T9710] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3285.761635][ T9710]  </TASK>
[ 3285.783316][ T9710] memory: usage 307200kB, limit 307200kB, failcnt 342795
[ 3285.790702][ T9710] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3285.799552][ T9710] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3285.807579][ T9710] Memory cgroup stats for /syz3:
[ 3285.807710][ T9710] cache 0
[ 3285.816064][ T9710] rss 8192
[ 3285.819082][ T9710] rss_huge 0
[ 3285.822262][ T9710] shmem 0
[ 3285.826513][ T9710] mapped_file 0
[ 3285.830001][ T9710] dirty 0
[ 3285.832944][ T9710] writeback 0
[ 3285.836620][ T9710] workingset_refault_anon 266981
[ 3285.841580][ T9710] workingset_refault_file 72
[ 3285.846554][ T9710] swap 811008
[ 3285.849847][ T9710] swapcached 0
[ 3285.853212][ T9710] pgpgin 1965983
[ 3285.857254][ T9710] pgpgout 1965981
[ 3285.860874][ T9710] pgfault 3438774
[ 3285.864839][ T9710] pgmajfault 218108
[ 3285.868658][ T9710] inactive_anon 0
[ 3285.872765][ T9710] active_anon 8192
[ 3285.878354][ T9710] inactive_file 0
[ 3285.881990][ T9710] active_file 0
[ 3285.886122][ T9710] unevictable 0
[ 3285.889617][ T9710] hierarchical_memory_limit 314572800
[ 3285.899125][ T9710] hierarchical_memsw_limit 9223372036854771712
[ 3285.906485][ T9710] total_cache 0
[ 3285.909961][ T9710] total_rss 8192
[ 3285.913499][ T9710] total_rss_huge 0
[ 3285.918255][ T9710] total_shmem 0
[ 3285.921727][ T9710] total_mapped_file 0
[ 3285.926004][ T9710] total_dirty 0
[ 3285.929459][ T9710] total_writeback 0
[ 3285.933242][ T9710] total_workingset_refault_anon 266981
[ 3285.939077][ T9710] total_workingset_refault_file 72
[ 3285.944824][ T9710] total_swap 811008
[ 3285.948661][ T9710] total_swapcached 0
[ 3285.952531][ T9710] total_pgpgin 1965983
[ 3285.957001][ T9710] total_pgpgout 1965981
[ 3285.961159][ T9710] total_pgfault 3438774
[ 3285.965678][ T9710] total_pgmajfault 218108
[ 3285.970350][ T9710] total_inactive_anon 0
[ 3285.975334][ T9710] total_active_anon 8192
[ 3285.979587][ T9710] total_inactive_file 0
[ 3285.983739][ T9710] total_active_file 0
[ 3285.988331][ T9710] total_unevictable 0
[ 3285.992322][ T9710] anon_cost 0
[ 3286.003143][ T9710] file_cost 0
[ 3286.006802][ T9710] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9710,uid=0
[ 3286.023157][ T9710] Memory cgroup out of memory: Killed process 9710 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:59:37 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x4}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3286.306373][ T9711] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3286.317290][ T9711] CPU: 0 PID: 9711 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3286.327639][ T9711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3286.337683][ T9711] Call Trace:
[ 3286.340948][ T9711]  <TASK>
[ 3286.343872][ T9711]  dump_stack_lvl+0x1e7/0x2e0
[ 3286.348561][ T9711]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3286.353741][ T9711]  ? __pfx__printk+0x10/0x10
[ 3286.358315][ T9711]  ? ___ratelimit+0x4c4/0x670
[ 3286.362989][ T9711]  ? __pfx____ratelimit+0x10/0x10
[ 3286.367997][ T9711]  dump_header+0xda/0x6a0
[ 3286.372316][ T9711]  oom_kill_process+0x3a7/0x930
[ 3286.377164][ T9711]  out_of_memory+0xf67/0x1320
[ 3286.381828][ T9711]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3286.387457][ T9711]  ? __pfx___mutex_lock+0x10/0x10
[ 3286.392477][ T9711]  ? __pfx_out_of_memory+0x10/0x10
[ 3286.397579][ T9711]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3286.403108][ T9711]  ? __pfx_lock_release+0x10/0x10
[ 3286.408119][ T9711]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3286.414182][ T9711]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3286.419373][ T9711]  ? mem_cgroup_iter+0x422/0x560
[ 3286.424307][ T9711]  try_charge_memcg+0xda2/0x18a0
[ 3286.429261][ T9711]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3286.434621][ T9711]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3286.440338][ T9711]  ? __pfx_lock_release+0x10/0x10
[ 3286.445364][ T9711]  ? memcg_account_kmem+0x1e7/0x210
[ 3286.450557][ T9711]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3286.456362][ T9711]  __memcg_kmem_charge_page+0xe1/0x250
[ 3286.461820][ T9711]  memcg_charge_kernel_stack+0x196/0x550
[ 3286.467557][ T9711]  dup_task_struct+0x40d/0x7d0
[ 3286.472322][ T9711]  copy_process+0x5d5/0x3fc0
[ 3286.476920][ T9711]  ? __might_fault+0xa9/0x120
[ 3286.481589][ T9711]  ? __pfx_lock_release+0x10/0x10
[ 3286.486628][ T9711]  ? __pfx_copy_process+0x10/0x10
[ 3286.491665][ T9711]  ? __might_fault+0xc5/0x120
[ 3286.496348][ T9711]  ? __asan_memset+0x23/0x50
[ 3286.500931][ T9711]  kernel_clone+0x21d/0x8d0
[ 3286.505432][ T9711]  ? __pfx_kernel_clone+0x10/0x10
[ 3286.510466][ T9711]  __se_sys_clone3+0x2cb/0x350
[ 3286.515227][ T9711]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3286.520504][ T9711]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3286.526482][ T9711]  ? exc_page_fault+0x587/0x870
[ 3286.531324][ T9711]  ? do_syscall_64+0xb4/0x240
[ 3286.535994][ T9711]  do_syscall_64+0xf9/0x240
[ 3286.540489][ T9711]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3286.546374][ T9711] RIP: 0033:0x7fa2eb4a9b99
[ 3286.550775][ T9711] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3286.570368][ T9711] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3286.578770][ T9711] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3286.586769][ T9711] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3286.594731][ T9711] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3286.602687][ T9711] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3286.610639][ T9711] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3286.618603][ T9711]  </TASK>
[ 3286.626273][ T9711] memory: usage 307188kB, limit 307200kB, failcnt 343323
[ 3286.633338][ T9711] memory+swap: usage 308024kB, limit 9007199254740988kB, failcnt 0
[ 3286.642018][ T9711] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3286.655132][ T9711] Memory cgroup stats for /syz3:
[ 3286.655231][ T9711] cache 0
[ 3286.663081][ T9711] rss 12288
[ 3286.668478][ T9711] rss_huge 0
[ 3286.671670][ T9711] shmem 0
[ 3286.675197][ T9711] mapped_file 0
[ 3286.678644][ T9711] dirty 0
[ 3286.681557][ T9711] writeback 0
[ 3286.685860][ T9711] workingset_refault_anon 267169
[ 3286.690816][ T9711] workingset_refault_file 72
[ 3286.697023][ T9711] swap 843776
[ 3286.700325][ T9711] swapcached 0
[ 3286.703674][ T9711] pgpgin 1966183
[ 3286.707907][ T9711] pgpgout 1966180
[ 3286.711572][ T9711] pgfault 3439061
[ 3286.715976][ T9711] pgmajfault 218286
[ 3286.719800][ T9711] inactive_anon 0
[ 3286.723418][ T9711] active_anon 12288
[ 3286.727500][ T9711] inactive_file 0
[ 3286.731150][ T9711] active_file 0
[ 3286.737870][ T9711] unevictable 0
[ 3286.741354][ T9711] hierarchical_memory_limit 314572800
[ 3286.747169][ T9711] hierarchical_memsw_limit 9223372036854771712
[ 3286.753345][ T9711] total_cache 0
[ 3286.757296][ T9711] total_rss 12288
[ 3286.761037][ T9711] total_rss_huge 0
[ 3286.765371][ T9711] total_shmem 0
[ 3286.768839][ T9711] total_mapped_file 0
[ 3286.772810][ T9711] total_dirty 0
[ 3286.776659][ T9711] total_writeback 0
[ 3286.780470][ T9711] total_workingset_refault_anon 267169
[ 3286.786280][ T9711] total_workingset_refault_file 72
[ 3286.791387][ T9711] total_swap 843776
[ 3286.796236][ T9711] total_swapcached 0
[ 3286.800146][ T9711] total_pgpgin 1966183
[ 3286.805581][ T9711] total_pgpgout 1966180
[ 3286.809748][ T9711] total_pgfault 3439061
[ 3286.814259][ T9711] total_pgmajfault 218286
[ 3286.818594][ T9711] total_inactive_anon 0
[ 3286.822763][ T9711] total_active_anon 12288
[ 3286.827948][ T9711] total_inactive_file 0
[ 3286.832201][ T9711] total_active_file 0
[ 3286.836573][ T9711] total_unevictable 0
[ 3286.840557][ T9711] anon_cost 0
[ 3286.846266][ T9711] file_cost 0
[ 3286.849567][ T9711] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9711,uid=0
[ 3286.865833][ T9711] Memory cgroup out of memory: Killed process 9711 (syz-executor.3) total-vm:54508kB, anon-rss:504kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:59:38 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x5}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3287.150365][ T9712] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3287.161376][ T9712] CPU: 0 PID: 9712 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3287.171720][ T9712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3287.181767][ T9712] Call Trace:
[ 3287.185043][ T9712]  <TASK>
[ 3287.187973][ T9712]  dump_stack_lvl+0x1e7/0x2e0
[ 3287.192641][ T9712]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3287.197845][ T9712]  ? __pfx__printk+0x10/0x10
[ 3287.202444][ T9712]  ? ___ratelimit+0x4c4/0x670
[ 3287.207120][ T9712]  ? __pfx____ratelimit+0x10/0x10
[ 3287.212137][ T9712]  dump_header+0xda/0x6a0
[ 3287.216474][ T9712]  oom_kill_process+0x3a7/0x930
[ 3287.221345][ T9712]  out_of_memory+0xf67/0x1320
[ 3287.226030][ T9712]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3287.231753][ T9712]  ? __pfx___mutex_lock+0x10/0x10
[ 3287.236783][ T9712]  ? __pfx_out_of_memory+0x10/0x10
[ 3287.241907][ T9712]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3287.247448][ T9712]  ? __pfx_lock_release+0x10/0x10
[ 3287.252461][ T9712]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3287.258521][ T9712]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3287.263705][ T9712]  ? mem_cgroup_iter+0x422/0x560
[ 3287.268633][ T9712]  try_charge_memcg+0xda2/0x18a0
[ 3287.273570][ T9712]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3287.278937][ T9712]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3287.284664][ T9712]  ? __pfx_lock_release+0x10/0x10
[ 3287.289697][ T9712]  ? memcg_account_kmem+0x1e7/0x210
[ 3287.294913][ T9712]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3287.300726][ T9712]  __memcg_kmem_charge_page+0xe1/0x250
[ 3287.306196][ T9712]  memcg_charge_kernel_stack+0x196/0x550
[ 3287.311849][ T9712]  dup_task_struct+0x40d/0x7d0
[ 3287.316628][ T9712]  copy_process+0x5d5/0x3fc0
[ 3287.321235][ T9712]  ? __might_fault+0xa9/0x120
[ 3287.325914][ T9712]  ? __pfx_lock_release+0x10/0x10
[ 3287.330951][ T9712]  ? __pfx_copy_process+0x10/0x10
[ 3287.335974][ T9712]  ? __might_fault+0xc5/0x120
[ 3287.340658][ T9712]  ? __asan_memset+0x23/0x50
[ 3287.345262][ T9712]  kernel_clone+0x21d/0x8d0
[ 3287.349771][ T9712]  ? __pfx_kernel_clone+0x10/0x10
[ 3287.354815][ T9712]  __se_sys_clone3+0x2cb/0x350
[ 3287.359593][ T9712]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3287.364903][ T9712]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3287.370899][ T9712]  ? exc_page_fault+0x587/0x870
[ 3287.375755][ T9712]  ? do_syscall_64+0xb4/0x240
[ 3287.380441][ T9712]  do_syscall_64+0xf9/0x240
[ 3287.384954][ T9712]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3287.390855][ T9712] RIP: 0033:0x7fa2eb4a9b99
[ 3287.395265][ T9712] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3287.414891][ T9712] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3287.423317][ T9712] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3287.431284][ T9712] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3287.439262][ T9712] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3287.447227][ T9712] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3287.455202][ T9712] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3287.463186][ T9712]  </TASK>
[ 3287.469859][ T9712] memory: usage 307200kB, limit 307200kB, failcnt 343844
[ 3287.477307][ T9712] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3287.485554][ T9712] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3287.492856][ T9712] Memory cgroup stats for /syz3:
[ 3287.492969][ T9712] cache 0
[ 3287.501437][ T9712] rss 4096
[ 3287.504822][ T9712] rss_huge 0
[ 3287.508028][ T9712] shmem 0
[ 3287.511215][ T9712] mapped_file 0
[ 3287.515031][ T9712] dirty 0
[ 3287.517977][ T9712] writeback 0
[ 3287.521252][ T9712] workingset_refault_anon 267345
[ 3287.526786][ T9712] workingset_refault_file 72
[ 3287.531466][ T9712] swap 815104
[ 3287.535095][ T9712] swapcached 0
[ 3287.538477][ T9712] pgpgin 1966372
[ 3287.542019][ T9712] pgpgout 1966371
[ 3287.546010][ T9712] pgfault 3439331
[ 3287.549643][ T9712] pgmajfault 218459
[ 3287.553430][ T9712] inactive_anon 0
[ 3287.557649][ T9712] active_anon 4096
[ 3287.561367][ T9712] inactive_file 0
[ 3287.565339][ T9712] active_file 0
[ 3287.568805][ T9712] unevictable 0
[ 3287.572255][ T9712] hierarchical_memory_limit 314572800
[ 3287.579336][ T9712] hierarchical_memsw_limit 9223372036854771712
[ 3287.586174][ T9712] total_cache 0
[ 3287.589634][ T9712] total_rss 4096
[ 3287.593156][ T9712] total_rss_huge 0
[ 3287.597297][ T9712] total_shmem 0
[ 3287.600849][ T9712] total_mapped_file 0
[ 3287.605180][ T9712] total_dirty 0
[ 3287.608644][ T9712] total_writeback 0
[ 3287.612439][ T9712] total_workingset_refault_anon 267345
[ 3287.618803][ T9712] total_workingset_refault_file 72
[ 3287.624298][ T9712] total_swap 815104
[ 3287.628135][ T9712] total_swapcached 0
[ 3287.632228][ T9712] total_pgpgin 1966372
[ 3287.636669][ T9712] total_pgpgout 1966371
[ 3287.640823][ T9712] total_pgfault 3439331
[ 3287.645747][ T9712] total_pgmajfault 218459
[ 3287.650074][ T9712] total_inactive_anon 0
[ 3287.654603][ T9712] total_active_anon 4096
[ 3287.658858][ T9712] total_inactive_file 0
[ 3287.663002][ T9712] total_active_file 0
[ 3287.667325][ T9712] total_unevictable 0
[ 3287.671324][ T9712] anon_cost 0
[ 3287.675328][ T9712] file_cost 0
[ 3287.678637][ T9712] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9712,uid=0
10:59:39 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3287.696162][ T9712] Memory cgroup out of memory: Killed process 9712 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3287.917855][ T9713] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3287.928975][ T9713] CPU: 1 PID: 9713 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3287.939330][ T9713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3287.949386][ T9713] Call Trace:
[ 3287.952650][ T9713]  <TASK>
[ 3287.955567][ T9713]  dump_stack_lvl+0x1e7/0x2e0
[ 3287.960241][ T9713]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3287.965424][ T9713]  ? __pfx__printk+0x10/0x10
[ 3287.969998][ T9713]  ? ___ratelimit+0x4c4/0x670
[ 3287.974662][ T9713]  ? __pfx____ratelimit+0x10/0x10
[ 3287.979669][ T9713]  dump_header+0xda/0x6a0
[ 3287.984001][ T9713]  oom_kill_process+0x3a7/0x930
[ 3287.988864][ T9713]  out_of_memory+0xf67/0x1320
[ 3287.993541][ T9713]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3287.999167][ T9713]  ? __pfx___mutex_lock+0x10/0x10
[ 3288.004192][ T9713]  ? __pfx_out_of_memory+0x10/0x10
[ 3288.009368][ T9713]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3288.014907][ T9713]  ? __pfx_lock_release+0x10/0x10
[ 3288.019935][ T9713]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3288.025999][ T9713]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3288.031191][ T9713]  ? mem_cgroup_iter+0x422/0x560
[ 3288.036126][ T9713]  try_charge_memcg+0xda2/0x18a0
[ 3288.041161][ T9713]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3288.046523][ T9713]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3288.052233][ T9713]  ? __pfx_lock_release+0x10/0x10
[ 3288.057260][ T9713]  ? memcg_account_kmem+0x1e7/0x210
[ 3288.062458][ T9713]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3288.068257][ T9713]  __memcg_kmem_charge_page+0xe1/0x250
[ 3288.073712][ T9713]  memcg_charge_kernel_stack+0x196/0x550
[ 3288.079340][ T9713]  dup_task_struct+0x40d/0x7d0
[ 3288.084105][ T9713]  copy_process+0x5d5/0x3fc0
[ 3288.088709][ T9713]  ? __might_fault+0xa9/0x120
[ 3288.093378][ T9713]  ? __pfx_lock_release+0x10/0x10
[ 3288.098399][ T9713]  ? __pfx_copy_process+0x10/0x10
[ 3288.103413][ T9713]  ? __might_fault+0xc5/0x120
[ 3288.108114][ T9713]  ? __asan_memset+0x23/0x50
[ 3288.112702][ T9713]  kernel_clone+0x21d/0x8d0
[ 3288.117202][ T9713]  ? __pfx_kernel_clone+0x10/0x10
[ 3288.122229][ T9713]  __se_sys_clone3+0x2cb/0x350
[ 3288.126987][ T9713]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3288.132275][ T9713]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3288.138258][ T9713]  ? exc_page_fault+0x587/0x870
[ 3288.143108][ T9713]  ? do_syscall_64+0xb4/0x240
[ 3288.147778][ T9713]  do_syscall_64+0xf9/0x240
[ 3288.152279][ T9713]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3288.158168][ T9713] RIP: 0033:0x7fa2eb4a9b99
[ 3288.162577][ T9713] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3288.182191][ T9713] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3288.190621][ T9713] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3288.198592][ T9713] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3288.206559][ T9713] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3288.214525][ T9713] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3288.222499][ T9713] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3288.230475][ T9713]  </TASK>
[ 3288.238479][ T9713] memory: usage 307200kB, limit 307200kB, failcnt 344245
[ 3288.253002][ T9713] memory+swap: usage 308028kB, limit 9007199254740988kB, failcnt 0
[ 3288.261296][ T9713] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3288.269915][ T9713] Memory cgroup stats for /syz3:
[ 3288.270050][ T9713] cache 0
[ 3288.278463][ T9713] rss 0
[ 3288.281251][ T9713] rss_huge 0
[ 3288.284938][ T9713] shmem 0
[ 3288.287864][ T9713] mapped_file 0
[ 3288.291300][ T9713] dirty 0
[ 3288.294735][ T9713] writeback 0
[ 3288.298079][ T9713] workingset_refault_anon 267483
[ 3288.303088][ T9713] workingset_refault_file 72
[ 3288.308054][ T9713] swap 847872
[ 3288.311365][ T9713] swapcached 0
[ 3288.315197][ T9713] pgpgin 1966523
[ 3288.318751][ T9713] pgpgout 1966523
[ 3288.322377][ T9713] pgfault 3439549
[ 3288.326698][ T9713] pgmajfault 218593
[ 3288.330994][ T9713] inactive_anon 0
[ 3288.335136][ T9713] active_anon 0
[ 3288.338586][ T9713] inactive_file 0
[ 3288.342195][ T9713] active_file 0
[ 3288.351664][ T9713] unevictable 0
[ 3288.355782][ T9713] hierarchical_memory_limit 314572800
[ 3288.361212][ T9713] hierarchical_memsw_limit 9223372036854771712
[ 3288.368217][ T9713] total_cache 0
[ 3288.371699][ T9713] total_rss 0
[ 3288.375597][ T9713] total_rss_huge 0
[ 3288.379331][ T9713] total_shmem 0
[ 3288.382788][ T9713] total_mapped_file 0
[ 3288.387147][ T9713] total_dirty 0
[ 3288.390639][ T9713] total_writeback 0
[ 3288.394878][ T9713] total_workingset_refault_anon 267483
[ 3288.400422][ T9713] total_workingset_refault_file 72
[ 3288.405869][ T9713] total_swap 847872
[ 3288.409680][ T9713] total_swapcached 0
[ 3288.413557][ T9713] total_pgpgin 1966523
[ 3288.417962][ T9713] total_pgpgout 1966523
[ 3288.422129][ T9713] total_pgfault 3439549
[ 3288.426826][ T9713] total_pgmajfault 218593
[ 3288.431166][ T9713] total_inactive_anon 0
[ 3288.436370][ T9713] total_active_anon 0
[ 3288.440371][ T9713] total_inactive_file 0
[ 3288.444911][ T9713] total_active_file 0
[ 3288.448901][ T9713] total_unevictable 0
[ 3288.452896][ T9713] anon_cost 0
[ 3288.457738][ T9713] file_cost 0
[ 3288.461032][ T9713] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9713,uid=0
[ 3288.477002][ T9713] Memory cgroup out of memory: Killed process 9713 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:59:40 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3288.759620][ T9715] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3288.770544][ T9715] CPU: 0 PID: 9715 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3288.780892][ T9715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3288.790957][ T9715] Call Trace:
[ 3288.794238][ T9715]  <TASK>
[ 3288.797180][ T9715]  dump_stack_lvl+0x1e7/0x2e0
[ 3288.801872][ T9715]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3288.807062][ T9715]  ? __pfx__printk+0x10/0x10
[ 3288.811636][ T9715]  ? ___ratelimit+0x4c4/0x670
[ 3288.816321][ T9715]  ? __pfx____ratelimit+0x10/0x10
[ 3288.821361][ T9715]  dump_header+0xda/0x6a0
[ 3288.825704][ T9715]  oom_kill_process+0x3a7/0x930
[ 3288.830545][ T9715]  out_of_memory+0xf67/0x1320
[ 3288.835218][ T9715]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3288.840843][ T9715]  ? __pfx___mutex_lock+0x10/0x10
[ 3288.845875][ T9715]  ? __pfx_out_of_memory+0x10/0x10
[ 3288.850987][ T9715]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3288.856527][ T9715]  ? __pfx_lock_release+0x10/0x10
[ 3288.861566][ T9715]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3288.867655][ T9715]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3288.872860][ T9715]  ? mem_cgroup_iter+0x422/0x560
[ 3288.877802][ T9715]  try_charge_memcg+0xda2/0x18a0
[ 3288.882754][ T9715]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3288.888128][ T9715]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3288.893845][ T9715]  ? __pfx_lock_release+0x10/0x10
[ 3288.898883][ T9715]  ? memcg_account_kmem+0x1e7/0x210
[ 3288.904101][ T9715]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3288.909915][ T9715]  __memcg_kmem_charge_page+0xe1/0x250
[ 3288.915374][ T9715]  memcg_charge_kernel_stack+0x196/0x550
[ 3288.921003][ T9715]  dup_task_struct+0x15d/0x7d0
[ 3288.925761][ T9715]  copy_process+0x5d5/0x3fc0
[ 3288.930356][ T9715]  ? __might_fault+0xa9/0x120
[ 3288.935029][ T9715]  ? __pfx_lock_release+0x10/0x10
[ 3288.940056][ T9715]  ? __pfx_copy_process+0x10/0x10
[ 3288.945077][ T9715]  ? __might_fault+0xc5/0x120
[ 3288.949751][ T9715]  ? __asan_memset+0x23/0x50
[ 3288.954353][ T9715]  kernel_clone+0x21d/0x8d0
[ 3288.958863][ T9715]  ? __pfx_kernel_clone+0x10/0x10
[ 3288.963905][ T9715]  __se_sys_clone3+0x2cb/0x350
[ 3288.968674][ T9715]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3288.973973][ T9715]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3288.979965][ T9715]  ? exc_page_fault+0x587/0x870
[ 3288.984809][ T9715]  ? do_syscall_64+0xb4/0x240
[ 3288.989480][ T9715]  do_syscall_64+0xf9/0x240
[ 3288.993989][ T9715]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3288.999888][ T9715] RIP: 0033:0x7fa2eb4a9b99
[ 3289.004294][ T9715] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3289.023895][ T9715] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3289.032318][ T9715] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3289.040280][ T9715] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3289.048244][ T9715] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3289.056211][ T9715] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3289.064182][ T9715] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3289.072166][ T9715]  </TASK>
[ 3289.088289][ T9715] memory: usage 307200kB, limit 307200kB, failcnt 344784
[ 3289.095714][ T9715] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3289.103683][ T9715] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3289.112195][ T9715] Memory cgroup stats for /syz3:
[ 3289.112326][ T9715] cache 0
[ 3289.120613][ T9715] rss 12288
[ 3289.123722][ T9715] rss_huge 0
[ 3289.127371][ T9715] shmem 0
[ 3289.130318][ T9715] mapped_file 0
[ 3289.133756][ T9715] dirty 0
[ 3289.137251][ T9715] writeback 0
[ 3289.140550][ T9715] workingset_refault_anon 267691
[ 3289.146001][ T9715] workingset_refault_file 72
[ 3289.150796][ T9715] swap 806912
[ 3289.154449][ T9715] swapcached 0
[ 3289.157829][ T9715] pgpgin 1966747
[ 3289.161368][ T9715] pgpgout 1966744
[ 3289.165516][ T9715] pgfault 3439870
[ 3289.169137][ T9715] pgmajfault 218792
[ 3289.172919][ T9715] inactive_anon 0
[ 3289.176862][ T9715] active_anon 12288
[ 3289.180679][ T9715] inactive_file 0
[ 3289.186072][ T9715] active_file 0
[ 3289.189535][ T9715] unevictable 0
[ 3289.193062][ T9715] hierarchical_memory_limit 314572800
[ 3289.199009][ T9715] hierarchical_memsw_limit 9223372036854771712
[ 3289.205509][ T9715] total_cache 0
[ 3289.208985][ T9715] total_rss 12288
[ 3289.212622][ T9715] total_rss_huge 0
[ 3289.216706][ T9715] total_shmem 0
[ 3289.220180][ T9715] total_mapped_file 0
[ 3289.224746][ T9715] total_dirty 0
[ 3289.228217][ T9715] total_writeback 0
[ 3289.232006][ T9715] total_workingset_refault_anon 267691
[ 3289.237798][ T9715] total_workingset_refault_file 72
[ 3289.242909][ T9715] total_swap 806912
[ 3289.247018][ T9715] total_swapcached 0
[ 3289.250898][ T9715] total_pgpgin 1966747
[ 3289.255875][ T9715] total_pgpgout 1966744
[ 3289.260049][ T9715] total_pgfault 3439870
[ 3289.264525][ T9715] total_pgmajfault 218792
[ 3289.268862][ T9715] total_inactive_anon 0
[ 3289.273009][ T9715] total_active_anon 12288
[ 3289.277709][ T9715] total_inactive_file 0
[ 3289.281876][ T9715] total_active_file 0
[ 3289.286451][ T9715] total_unevictable 0
[ 3289.290437][ T9715] anon_cost 0
[ 3289.293702][ T9715] file_cost 0
10:59:41 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x8}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3289.299105][ T9715] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9715,uid=0
[ 3289.315544][ T9715] Memory cgroup out of memory: Killed process 9715 (syz-executor.3) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3289.576088][ T9716] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3289.586503][ T9716] CPU: 1 PID: 9716 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3289.596843][ T9716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3289.606989][ T9716] Call Trace:
[ 3289.610252][ T9716]  <TASK>
[ 3289.613166][ T9716]  dump_stack_lvl+0x1e7/0x2e0
[ 3289.617837][ T9716]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3289.623020][ T9716]  ? __pfx__printk+0x10/0x10
[ 3289.627591][ T9716]  ? ___ratelimit+0x4c4/0x670
[ 3289.632253][ T9716]  ? __pfx____ratelimit+0x10/0x10
[ 3289.637265][ T9716]  dump_header+0xda/0x6a0
[ 3289.641587][ T9716]  oom_kill_process+0x3a7/0x930
[ 3289.646445][ T9716]  out_of_memory+0xf67/0x1320
[ 3289.651138][ T9716]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3289.656768][ T9716]  ? __pfx___mutex_lock+0x10/0x10
[ 3289.661791][ T9716]  ? __pfx_out_of_memory+0x10/0x10
[ 3289.666906][ T9716]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3289.672445][ T9716]  ? __pfx_lock_release+0x10/0x10
[ 3289.677463][ T9716]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3289.683526][ T9716]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3289.688718][ T9716]  ? mem_cgroup_iter+0x422/0x560
[ 3289.693652][ T9716]  try_charge_memcg+0xda2/0x18a0
[ 3289.698600][ T9716]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3289.703966][ T9716]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3289.709677][ T9716]  ? __pfx_lock_release+0x10/0x10
[ 3289.714695][ T9716]  ? memcg_account_kmem+0x1e7/0x210
[ 3289.719893][ T9716]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3289.725689][ T9716]  __memcg_kmem_charge_page+0xe1/0x250
[ 3289.731154][ T9716]  memcg_charge_kernel_stack+0x196/0x550
[ 3289.736781][ T9716]  dup_task_struct+0x15d/0x7d0
[ 3289.741539][ T9716]  copy_process+0x5d5/0x3fc0
[ 3289.746135][ T9716]  ? __might_fault+0xa9/0x120
[ 3289.750806][ T9716]  ? __pfx_lock_release+0x10/0x10
[ 3289.755850][ T9716]  ? __lock_acquire+0x1345/0x1fd0
[ 3289.760939][ T9716]  ? __pfx_copy_process+0x10/0x10
[ 3289.765956][ T9716]  ? __might_fault+0xc5/0x120
[ 3289.770630][ T9716]  ? __asan_memset+0x23/0x50
[ 3289.775224][ T9716]  kernel_clone+0x21d/0x8d0
[ 3289.779724][ T9716]  ? __pfx_kernel_clone+0x10/0x10
[ 3289.784744][ T9716]  ? __pfx_lock_release+0x10/0x10
[ 3289.789766][ T9716]  __se_sys_clone3+0x2cb/0x350
[ 3289.794527][ T9716]  ? __might_fault+0xa9/0x120
[ 3289.799214][ T9716]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3289.804490][ T9716]  ? rcu_is_watching+0x15/0xb0
[ 3289.809260][ T9716]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3289.815242][ T9716]  ? exc_page_fault+0x587/0x870
[ 3289.820087][ T9716]  ? do_syscall_64+0xb4/0x240
[ 3289.824758][ T9716]  do_syscall_64+0xf9/0x240
[ 3289.829260][ T9716]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3289.835147][ T9716] RIP: 0033:0x7fa2eb4a9b99
[ 3289.839554][ T9716] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3289.859152][ T9716] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3289.867561][ T9716] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3289.875524][ T9716] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3289.883485][ T9716] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3289.891446][ T9716] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3289.899407][ T9716] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3289.907383][ T9716]  </TASK>
[ 3289.922059][ T9716] memory: usage 307200kB, limit 307200kB, failcnt 345264
[ 3289.929444][ T9716] memory+swap: usage 307980kB, limit 9007199254740988kB, failcnt 0
[ 3289.937654][ T9716] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3289.945457][ T9716] Memory cgroup stats for /syz3:
[ 3289.945542][ T9716] cache 0
[ 3289.953367][ T9716] rss 16384
[ 3289.957217][ T9716] rss_huge 0
[ 3289.960422][ T9716] shmem 0
[ 3289.963350][ T9716] mapped_file 0
[ 3289.967267][ T9716] dirty 0
[ 3289.970853][ T9716] writeback 0
[ 3289.974504][ T9716] workingset_refault_anon 267873
[ 3289.979447][ T9716] workingset_refault_file 72
[ 3289.984615][ T9716] swap 802816
[ 3289.987925][ T9716] swapcached 0
[ 3289.991288][ T9716] pgpgin 1966948
[ 3289.995240][ T9716] pgpgout 1966944
[ 3289.998878][ T9716] pgfault 3440141
[ 3290.002505][ T9716] pgmajfault 218950
[ 3290.006633][ T9716] inactive_anon 0
[ 3290.010253][ T9716] active_anon 16384
[ 3290.014660][ T9716] inactive_file 0
[ 3290.018372][ T9716] active_file 0
[ 3290.021827][ T9716] unevictable 0
[ 3290.027214][ T9716] hierarchical_memory_limit 314572800
[ 3290.032591][ T9716] hierarchical_memsw_limit 9223372036854771712
[ 3290.039128][ T9716] total_cache 0
[ 3290.042587][ T9716] total_rss 16384
[ 3290.046757][ T9716] total_rss_huge 0
[ 3290.050489][ T9716] total_shmem 0
[ 3290.054365][ T9716] total_mapped_file 0
[ 3290.058350][ T9716] total_dirty 0
[ 3290.061807][ T9716] total_writeback 0
[ 3290.065825][ T9716] total_workingset_refault_anon 267873
[ 3290.071484][ T9716] total_workingset_refault_file 72
[ 3290.077305][ T9716] total_swap 802816
[ 3290.081125][ T9716] total_swapcached 0
[ 3290.085288][ T9716] total_pgpgin 1966948
[ 3290.089351][ T9716] total_pgpgout 1966944
[ 3290.093487][ T9716] total_pgfault 3440141
[ 3290.098031][ T9716] total_pgmajfault 218950
[ 3290.102361][ T9716] total_inactive_anon 0
[ 3290.107456][ T9716] total_active_anon 16384
[ 3290.111797][ T9716] total_inactive_file 0
[ 3290.116345][ T9716] total_active_file 0
[ 3290.120330][ T9716] total_unevictable 0
[ 3290.124682][ T9716] anon_cost 0
[ 3290.127976][ T9716] file_cost 0
[ 3290.131292][ T9716] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9716,uid=0
[ 3290.149028][ T9716] Memory cgroup out of memory: Killed process 9716 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:59:42 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3290.451036][ T5114] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 3290.462492][ T5114] CPU: 0 PID: 5114 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3290.472818][ T5114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3290.482871][ T5114] Call Trace:
[ 3290.486150][ T5114]  <TASK>
[ 3290.489090][ T5114]  dump_stack_lvl+0x1e7/0x2e0
[ 3290.493779][ T5114]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3290.498972][ T5114]  ? __pfx__printk+0x10/0x10
[ 3290.503546][ T5114]  ? ___ratelimit+0x4c4/0x670
[ 3290.508219][ T5114]  ? __pfx____ratelimit+0x10/0x10
[ 3290.513241][ T5114]  dump_header+0xda/0x6a0
[ 3290.517570][ T5114]  oom_kill_process+0x3a7/0x930
[ 3290.522420][ T5114]  out_of_memory+0xf67/0x1320
[ 3290.527092][ T5114]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3290.532729][ T5114]  ? __pfx___mutex_lock+0x10/0x10
[ 3290.537768][ T5114]  ? __pfx_out_of_memory+0x10/0x10
[ 3290.542890][ T5114]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3290.548523][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3290.553548][ T5114]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3290.559619][ T5114]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3290.564906][ T5114]  ? mem_cgroup_iter+0x422/0x560
[ 3290.569848][ T5114]  try_charge_memcg+0xda2/0x18a0
[ 3290.574780][ T5114]  ? mark_lock+0x9a/0x350
[ 3290.579120][ T5114]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3290.584516][ T5114]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3290.590666][ T5114]  charge_memcg+0xa2/0x160
[ 3290.595087][ T5114]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3290.601148][ T5114]  __read_swap_cache_async+0x480/0x8b0
[ 3290.606606][ T5114]  ? mark_lock+0x9a/0x350
[ 3290.610939][ T5114]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3290.616948][ T5114]  swap_cluster_readahead+0x67c/0x810
[ 3290.622321][ T5114]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3290.628214][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3290.633237][ T5114]  ? xas_descend+0x37e/0x470
[ 3290.637825][ T5114]  swapin_readahead+0x1ea/0x1070
[ 3290.642756][ T5114]  ? filemap_get_entry+0x127/0x4e0
[ 3290.647882][ T5114]  ? __pfx_swapin_readahead+0x10/0x10
[ 3290.653255][ T5114]  ? __filemap_get_folio+0x935/0xbc0
[ 3290.658540][ T5114]  ? swap_cache_get_folio+0x9f/0x570
[ 3290.663835][ T5114]  do_swap_page+0x8ab/0x3da0
[ 3290.668430][ T5114]  ? __pte_offset_map+0x2c4/0x380
[ 3290.673452][ T5114]  ? __pfx_validate_chain+0x10/0x10
[ 3290.678644][ T5114]  ? do_swap_page+0x154/0x3da0
[ 3290.683399][ T5114]  ? __pfx_do_swap_page+0x10/0x10
[ 3290.688419][ T5114]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3290.693883][ T5114]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3290.699704][ T5114]  __handle_mm_fault+0x15e8/0x72d0
[ 3290.704831][ T5114]  ? reacquire_held_locks+0x3eb/0x690
[ 3290.710194][ T5114]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3290.715665][ T5114]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 3290.721390][ T5114]  ? mtree_range_walk+0x6fd/0x8e0
[ 3290.726667][ T5114]  ? lock_vma_under_rcu+0x18a/0x730
[ 3290.731870][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3290.736896][ T5114]  ? lock_vma_under_rcu+0x2f9/0x730
[ 3290.742113][ T5114]  ? lock_vma_under_rcu+0x18a/0x730
[ 3290.747399][ T5114]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 3290.752948][ T5114]  handle_mm_fault+0x3c1/0x8a0
[ 3290.757798][ T5114]  exc_page_fault+0x456/0x870
[ 3290.762554][ T5114]  asm_exc_page_fault+0x26/0x30
[ 3290.767397][ T5114] RIP: 0033:0x7fa2eb47a780
[ 3290.771804][ T5114] Code: ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 <80> 3d 71 57 10 00 00 49 89 ca 74 14 b8 3d 00 00 00 0f 05 48 3d 00
[ 3290.791402][ T5114] RSP: 002b:00007fa2eb6cfd58 EFLAGS: 00010246
[ 3290.797463][ T5114] RAX: 00000000000000a6 RBX: 00000000000067ac RCX: 0000000000000000
[ 3290.805424][ T5114] RDX: 0000000040000001 RSI: 00007fa2eb6cfdbc RDI: 00000000ffffffff
[ 3290.813385][ T5114] RBP: 00007fa2eb6cfdbc R08: 0000000000000010 R09: 00007ffcc99b80b0
[ 3290.821346][ T5114] R10: 00007ffcc99b8080 R11: 000000000009bc84 R12: 0000000000000032
[ 3290.829308][ T5114] R13: 000000000032346d R14: 000000000032346d R15: 0000000000000000
[ 3290.837281][ T5114]  </TASK>
[ 3290.851210][ T5114] memory: usage 307180kB, limit 307200kB, failcnt 345802
[ 3290.859403][ T5114] memory+swap: usage 307980kB, limit 9007199254740988kB, failcnt 0
[ 3290.867734][ T5114] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3290.875446][ T5114] Memory cgroup stats for /syz3:
[ 3290.875576][ T5114] cache 0
[ 3290.883416][ T5114] rss 12288
[ 3290.887149][ T5114] rss_huge 0
[ 3290.890843][ T5114] shmem 0
[ 3290.893796][ T5114] mapped_file 0
[ 3290.897622][ T5114] dirty 0
[ 3290.900566][ T5114] writeback 0
[ 3290.904234][ T5114] workingset_refault_anon 268075
[ 3290.909195][ T5114] workingset_refault_file 72
[ 3290.913781][ T5114] swap 806912
[ 3290.917410][ T5114] swapcached 0
[ 3290.920787][ T5114] pgpgin 1967162
[ 3290.924703][ T5114] pgpgout 1967159
[ 3290.928343][ T5114] pgfault 3440434
[ 3290.931971][ T5114] pgmajfault 219134
[ 3290.936029][ T5114] inactive_anon 0
[ 3290.939686][ T5114] active_anon 12288
[ 3290.943497][ T5114] inactive_file 0
[ 3290.947792][ T5114] active_file 0
[ 3290.951279][ T5114] unevictable 0
[ 3290.958385][ T5114] hierarchical_memory_limit 314572800
[ 3290.963773][ T5114] hierarchical_memsw_limit 9223372036854771712
[ 3290.971661][ T5114] total_cache 0
[ 3290.975613][ T5114] total_rss 12288
[ 3290.979257][ T5114] total_rss_huge 0
[ 3290.982966][ T5114] total_shmem 0
[ 3290.987287][ T5114] total_mapped_file 0
[ 3290.991273][ T5114] total_dirty 0
[ 3290.996165][ T5114] total_writeback 0
[ 3290.999983][ T5114] total_workingset_refault_anon 268075
[ 3291.006031][ T5114] total_workingset_refault_file 72
[ 3291.011142][ T5114] total_swap 806912
[ 3291.015567][ T5114] total_swapcached 0
[ 3291.019486][ T5114] total_pgpgin 1967162
[ 3291.023568][ T5114] total_pgpgout 1967159
[ 3291.028232][ T5114] total_pgfault 3440434
[ 3291.032395][ T5114] total_pgmajfault 219134
[ 3291.037289][ T5114] total_inactive_anon 0
[ 3291.041449][ T5114] total_active_anon 12288
[ 3291.046373][ T5114] total_inactive_file 0
[ 3291.050533][ T5114] total_active_file 0
[ 3291.056263][ T5114] total_unevictable 0
[ 3291.060249][ T5114] anon_cost 0
[ 3291.063519][ T5114] file_cost 0
[ 3291.067360][ T5114] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9717,uid=0
[ 3291.083580][ T5114] Memory cgroup out of memory: Killed process 9717 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:59:42 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xa}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3291.406604][ T9718] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3291.417473][ T9718] CPU: 0 PID: 9718 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3291.427830][ T9718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3291.437901][ T9718] Call Trace:
[ 3291.441170][ T9718]  <TASK>
[ 3291.444098][ T9718]  dump_stack_lvl+0x1e7/0x2e0
[ 3291.448802][ T9718]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3291.454020][ T9718]  ? __pfx__printk+0x10/0x10
[ 3291.458885][ T9718]  ? ___ratelimit+0x4c4/0x670
[ 3291.463560][ T9718]  ? __pfx____ratelimit+0x10/0x10
[ 3291.468587][ T9718]  dump_header+0xda/0x6a0
[ 3291.472918][ T9718]  oom_kill_process+0x3a7/0x930
[ 3291.477775][ T9718]  out_of_memory+0xf67/0x1320
[ 3291.482449][ T9718]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3291.488077][ T9718]  ? __pfx___mutex_lock+0x10/0x10
[ 3291.493100][ T9718]  ? __pfx_out_of_memory+0x10/0x10
[ 3291.498214][ T9718]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3291.503757][ T9718]  ? __pfx_lock_release+0x10/0x10
[ 3291.508794][ T9718]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3291.514861][ T9718]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3291.520056][ T9718]  ? mem_cgroup_iter+0x422/0x560
[ 3291.524996][ T9718]  try_charge_memcg+0xda2/0x18a0
[ 3291.529948][ T9718]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3291.535314][ T9718]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3291.541033][ T9718]  ? __pfx_lock_release+0x10/0x10
[ 3291.546053][ T9718]  ? memcg_account_kmem+0x1e7/0x210
[ 3291.551251][ T9718]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3291.557052][ T9718]  __memcg_kmem_charge_page+0xe1/0x250
[ 3291.562536][ T9718]  memcg_charge_kernel_stack+0x3f8/0x550
[ 3291.568183][ T9718]  dup_task_struct+0x40d/0x7d0
[ 3291.572952][ T9718]  copy_process+0x5d5/0x3fc0
[ 3291.577546][ T9718]  ? __might_fault+0xa9/0x120
[ 3291.582218][ T9718]  ? __pfx_lock_release+0x10/0x10
[ 3291.587243][ T9718]  ? __pfx_copy_process+0x10/0x10
[ 3291.592265][ T9718]  ? __might_fault+0xc5/0x120
[ 3291.596941][ T9718]  ? __asan_memset+0x23/0x50
[ 3291.601534][ T9718]  kernel_clone+0x21d/0x8d0
[ 3291.606039][ T9718]  ? __pfx_kernel_clone+0x10/0x10
[ 3291.611077][ T9718]  __se_sys_clone3+0x2cb/0x350
[ 3291.615843][ T9718]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3291.621132][ T9718]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3291.627133][ T9718]  ? exc_page_fault+0x587/0x870
[ 3291.631988][ T9718]  ? do_syscall_64+0xb4/0x240
[ 3291.636666][ T9718]  do_syscall_64+0xf9/0x240
[ 3291.641171][ T9718]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3291.647064][ T9718] RIP: 0033:0x7fa2eb4a9b99
[ 3291.651473][ T9718] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3291.671075][ T9718] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3291.679484][ T9718] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3291.687446][ T9718] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3291.695410][ T9718] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3291.703374][ T9718] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3291.711338][ T9718] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3291.719317][ T9718]  </TASK>
[ 3291.727194][ T9718] memory: usage 307200kB, limit 307200kB, failcnt 346399
[ 3291.736254][ T9718] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3291.744855][ T9718] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3291.752158][ T9718] Memory cgroup stats for /syz3:
[ 3291.752292][ T9718] cache 0
[ 3291.761765][ T9718] rss 16384
[ 3291.765293][ T9718] rss_huge 0
[ 3291.768844][ T9718] shmem 0
[ 3291.771797][ T9718] mapped_file 0
[ 3291.775871][ T9718] dirty 0
[ 3291.778828][ T9718] writeback 0
[ 3291.782121][ T9718] workingset_refault_anon 268299
[ 3291.787462][ T9718] workingset_refault_file 72
[ 3291.792064][ T9718] swap 802816
[ 3291.795827][ T9718] swapcached 0
[ 3291.799206][ T9718] pgpgin 1967397
[ 3291.802756][ T9718] pgpgout 1967393
[ 3291.806930][ T9718] pgfault 3440755
[ 3291.810581][ T9718] pgmajfault 219338
[ 3291.815009][ T9718] inactive_anon 0
[ 3291.818656][ T9718] active_anon 12288
[ 3291.822456][ T9718] inactive_file 0
[ 3291.826411][ T9718] active_file 0
[ 3291.829872][ T9718] unevictable 0
[ 3291.833347][ T9718] hierarchical_memory_limit 314572800
[ 3291.840739][ T9718] hierarchical_memsw_limit 9223372036854771712
[ 3291.847165][ T9718] total_cache 0
[ 3291.850618][ T9718] total_rss 16384
[ 3291.854621][ T9718] total_rss_huge 0
[ 3291.858365][ T9718] total_shmem 0
[ 3291.861826][ T9718] total_mapped_file 0
[ 3291.866482][ T9718] total_dirty 0
[ 3291.869940][ T9718] total_writeback 0
[ 3291.873732][ T9718] total_workingset_refault_anon 268299
[ 3291.879491][ T9718] total_workingset_refault_file 72
[ 3291.884958][ T9718] total_swap 802816
[ 3291.888766][ T9718] total_swapcached 0
[ 3291.892635][ T9718] total_pgpgin 1967397
[ 3291.897224][ T9718] total_pgpgout 1967393
[ 3291.901382][ T9718] total_pgfault 3440755
[ 3291.905903][ T9718] total_pgmajfault 219338
[ 3291.910243][ T9718] total_inactive_anon 0
[ 3291.915015][ T9718] total_active_anon 12288
[ 3291.919359][ T9718] total_inactive_file 0
[ 3291.923509][ T9718] total_active_file 0
[ 3291.928088][ T9718] total_unevictable 0
[ 3291.932071][ T9718] anon_cost 0
[ 3291.935671][ T9718] file_cost 0
[ 3291.938954][ T9718] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9718,uid=0
10:59:43 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xb}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3291.955753][ T9718] Memory cgroup out of memory: Killed process 9718 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3292.252509][ T5114] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 3292.264494][ T5114] CPU: 0 PID: 5114 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3292.274856][ T5114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3292.284934][ T5114] Call Trace:
[ 3292.288225][ T5114]  <TASK>
[ 3292.291158][ T5114]  dump_stack_lvl+0x1e7/0x2e0
[ 3292.295837][ T5114]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3292.301030][ T5114]  ? __pfx__printk+0x10/0x10
[ 3292.305617][ T5114]  ? ___ratelimit+0x4c4/0x670
[ 3292.310303][ T5114]  ? __pfx____ratelimit+0x10/0x10
[ 3292.315335][ T5114]  dump_header+0xda/0x6a0
[ 3292.319678][ T5114]  oom_kill_process+0x3a7/0x930
[ 3292.324540][ T5114]  out_of_memory+0xf67/0x1320
[ 3292.329243][ T5114]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3292.334895][ T5114]  ? __pfx___mutex_lock+0x10/0x10
[ 3292.339929][ T5114]  ? __pfx_out_of_memory+0x10/0x10
[ 3292.345056][ T5114]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3292.350622][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3292.355655][ T5114]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3292.361714][ T5114]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3292.366903][ T5114]  ? mem_cgroup_iter+0x422/0x560
[ 3292.371840][ T5114]  try_charge_memcg+0xda2/0x18a0
[ 3292.376774][ T5114]  ? mark_lock+0x9a/0x350
[ 3292.381115][ T5114]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3292.386506][ T5114]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3292.392654][ T5114]  charge_memcg+0xa2/0x160
[ 3292.397072][ T5114]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3292.403148][ T5114]  __read_swap_cache_async+0x480/0x8b0
[ 3292.408613][ T5114]  ? mark_lock+0x9a/0x350
[ 3292.412953][ T5114]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3292.418937][ T5114]  ? blk_start_plug+0x6f/0x1b0
[ 3292.423706][ T5114]  swap_cluster_readahead+0x398/0x810
[ 3292.429089][ T5114]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3292.434989][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3292.440019][ T5114]  ? xas_descend+0x37e/0x470
[ 3292.444610][ T5114]  swapin_readahead+0x1ea/0x1070
[ 3292.449545][ T5114]  ? filemap_get_entry+0x127/0x4e0
[ 3292.454662][ T5114]  ? __pfx_swapin_readahead+0x10/0x10
[ 3292.460059][ T5114]  ? __filemap_get_folio+0x935/0xbc0
[ 3292.465344][ T5114]  ? swap_cache_get_folio+0x9f/0x570
[ 3292.470629][ T5114]  do_swap_page+0x8ab/0x3da0
[ 3292.475216][ T5114]  ? __pte_offset_map+0x2c4/0x380
[ 3292.480242][ T5114]  ? __pfx_validate_chain+0x10/0x10
[ 3292.485432][ T5114]  ? do_swap_page+0x154/0x3da0
[ 3292.490191][ T5114]  ? __pfx_do_swap_page+0x10/0x10
[ 3292.495206][ T5114]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3292.500657][ T5114]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3292.506474][ T5114]  __handle_mm_fault+0x15e8/0x72d0
[ 3292.511599][ T5114]  ? reacquire_held_locks+0x3eb/0x690
[ 3292.516962][ T5114]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3292.522421][ T5114]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 3292.528162][ T5114]  ? mtree_range_walk+0x6fd/0x8e0
[ 3292.533191][ T5114]  ? lock_vma_under_rcu+0x18a/0x730
[ 3292.538384][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3292.543400][ T5114]  ? lock_vma_under_rcu+0x2f9/0x730
[ 3292.548607][ T5114]  ? lock_vma_under_rcu+0x18a/0x730
[ 3292.553799][ T5114]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 3292.559352][ T5114]  handle_mm_fault+0x3c1/0x8a0
[ 3292.564117][ T5114]  exc_page_fault+0x456/0x870
[ 3292.568799][ T5114]  asm_exc_page_fault+0x26/0x30
[ 3292.573647][ T5114] RIP: 0033:0x7fa2eb4a4c15
[ 3292.578055][ T5114] Code: 00 00 f0 83 88 08 03 00 00 10 64 48 8b 3c 25 00 03 00 00 e8 1d 13 00 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 83 e7 02 74 0b <c3> 66 2e 0f 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 8b 90
[ 3292.597653][ T5114] RSP: 002b:00007fa2eb6cfce8 EFLAGS: 00010297
[ 3292.603711][ T5114] RAX: 0000000000000002 RBX: 00000000000067ae RCX: 0000000000000000
[ 3292.611671][ T5114] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000555557511788
[ 3292.619634][ T5114] RBP: 00007fa2eb6cfdbc R08: 0000000000000000 R09: 00007ffcc99b80b0
[ 3292.627683][ T5114] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 3292.635647][ T5114] R13: 0000000000323b54 R14: 0000000000323b54 R15: 0000000000000000
[ 3292.643622][ T5114]  </TASK>
[ 3292.658611][ T5114] memory: usage 307200kB, limit 307200kB, failcnt 346932
[ 3292.666111][ T5114] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3292.674419][ T5114] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3292.681715][ T5114] Memory cgroup stats for /syz3:
[ 3292.681849][ T5114] cache 0
[ 3292.690217][ T5114] rss 0
[ 3292.692988][ T5114] rss_huge 0
[ 3292.696601][ T5114] shmem 0
[ 3292.699552][ T5114] mapped_file 0
[ 3292.703009][ T5114] dirty 0
[ 3292.710108][ T5114] writeback 0
[ 3292.713448][ T5114] workingset_refault_anon 268514
[ 3292.718799][ T5114] workingset_refault_file 72
[ 3292.723396][ T5114] swap 819200
[ 3292.726984][ T5114] swapcached 0
[ 3292.730359][ T5114] pgpgin 1967623
[ 3292.735249][ T5114] pgpgout 1967623
[ 3292.738901][ T5114] pgfault 3441087
[ 3292.742534][ T5114] pgmajfault 219545
[ 3292.747237][ T5114] inactive_anon 0
[ 3292.750880][ T5114] active_anon 0
[ 3292.755499][ T5114] inactive_file 0
[ 3292.759140][ T5114] active_file 0
[ 3292.762578][ T5114] unevictable 0
[ 3292.766376][ T5114] hierarchical_memory_limit 314572800
[ 3292.772186][ T5114] hierarchical_memsw_limit 9223372036854771712
[ 3292.778634][ T5114] total_cache 0
[ 3292.782109][ T5114] total_rss 0
[ 3292.786105][ T5114] total_rss_huge 0
[ 3292.789844][ T5114] total_shmem 0
[ 3292.793303][ T5114] total_mapped_file 0
[ 3292.797847][ T5114] total_dirty 0
[ 3292.801309][ T5114] total_writeback 0
[ 3292.805487][ T5114] total_workingset_refault_anon 268514
[ 3292.810960][ T5114] total_workingset_refault_file 72
[ 3292.816444][ T5114] total_swap 819200
[ 3292.820254][ T5114] total_swapcached 0
[ 3292.824539][ T5114] total_pgpgin 1967623
[ 3292.828614][ T5114] total_pgpgout 1967623
[ 3292.832761][ T5114] total_pgfault 3441087
[ 3292.837837][ T5114] total_pgmajfault 219545
[ 3292.842403][ T5114] total_inactive_anon 0
[ 3292.847254][ T5114] total_active_anon 0
[ 3292.851253][ T5114] total_inactive_file 0
[ 3292.856182][ T5114] total_active_file 0
10:59:44 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xc}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3292.860166][ T5114] total_unevictable 0
[ 3292.865127][ T5114] anon_cost 0
[ 3292.868426][ T5114] file_cost 0
[ 3292.871690][ T5114] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9719,uid=0
[ 3292.893908][ T5114] Memory cgroup out of memory: Killed process 9719 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3293.092824][ T9720] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000
[ 3293.103421][ T9720] CPU: 0 PID: 9720 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3293.113742][ T9720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3293.123789][ T9720] Call Trace:
[ 3293.127076][ T9720]  <TASK>
[ 3293.130015][ T9720]  dump_stack_lvl+0x1e7/0x2e0
[ 3293.134705][ T9720]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3293.139914][ T9720]  ? __pfx__printk+0x10/0x10
[ 3293.144507][ T9720]  ? ___ratelimit+0x4c4/0x670
[ 3293.149197][ T9720]  ? __pfx____ratelimit+0x10/0x10
[ 3293.154227][ T9720]  dump_header+0xda/0x6a0
[ 3293.158566][ T9720]  oom_kill_process+0x3a7/0x930
[ 3293.163434][ T9720]  out_of_memory+0xf67/0x1320
[ 3293.168122][ T9720]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3293.173757][ T9720]  ? __pfx___mutex_lock+0x10/0x10
[ 3293.178784][ T9720]  ? __pfx_out_of_memory+0x10/0x10
[ 3293.183908][ T9720]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3293.189490][ T9720]  ? __pfx_lock_release+0x10/0x10
[ 3293.194535][ T9720]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3293.200606][ T9720]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3293.205817][ T9720]  ? mem_cgroup_iter+0x422/0x560
[ 3293.210760][ T9720]  try_charge_memcg+0xda2/0x18a0
[ 3293.215712][ T9720]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3293.221078][ T9720]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3293.226802][ T9720]  ? __pfx_lock_release+0x10/0x10
[ 3293.231837][ T9720]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3293.237825][ T9720]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3293.243542][ T9720]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3293.249351][ T9720]  obj_cgroup_charge+0x389/0x630
[ 3293.254302][ T9720]  ? obj_cgroup_charge+0x121/0x630
[ 3293.259414][ T9720]  ? __pfx_obj_cgroup_charge+0x10/0x10
[ 3293.264871][ T9720]  ? __pfx___might_resched+0x10/0x10
[ 3293.270155][ T9720]  __memcg_slab_pre_alloc_hook+0x28d/0x2b0
[ 3293.275963][ T9720]  kmem_cache_alloc_node+0x284/0x380
[ 3293.281244][ T9720]  ? dup_task_struct+0x57/0x7d0
[ 3293.286089][ T9720]  dup_task_struct+0x57/0x7d0
[ 3293.290754][ T9720]  ? _raw_spin_unlock_irq+0x23/0x50
[ 3293.295948][ T9720]  ? lockdep_hardirqs_on+0x98/0x140
[ 3293.301139][ T9720]  copy_process+0x5d5/0x3fc0
[ 3293.305752][ T9720]  ? __might_fault+0xa9/0x120
[ 3293.310422][ T9720]  ? __pfx_lock_release+0x10/0x10
[ 3293.315443][ T9720]  ? __lock_acquire+0x1345/0x1fd0
[ 3293.320465][ T9720]  ? __pfx_copy_process+0x10/0x10
[ 3293.325478][ T9720]  ? __might_fault+0xc5/0x120
[ 3293.330150][ T9720]  ? __asan_memset+0x23/0x50
[ 3293.334738][ T9720]  kernel_clone+0x21d/0x8d0
[ 3293.339240][ T9720]  ? __pfx_kernel_clone+0x10/0x10
[ 3293.344262][ T9720]  ? __pfx_lock_release+0x10/0x10
[ 3293.349287][ T9720]  __se_sys_clone3+0x2cb/0x350
[ 3293.354054][ T9720]  ? __might_fault+0xa9/0x120
[ 3293.358736][ T9720]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3293.364019][ T9720]  ? rcu_is_watching+0x15/0xb0
[ 3293.368796][ T9720]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3293.374782][ T9720]  ? exc_page_fault+0x587/0x870
[ 3293.379628][ T9720]  ? do_syscall_64+0xb4/0x240
[ 3293.384302][ T9720]  do_syscall_64+0xf9/0x240
[ 3293.388804][ T9720]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3293.394691][ T9720] RIP: 0033:0x7fa2eb4a9b99
[ 3293.399099][ T9720] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3293.418711][ T9720] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3293.427138][ T9720] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3293.435119][ T9720] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3293.443101][ T9720] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3293.451083][ T9720] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3293.459057][ T9720] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3293.467039][ T9720]  </TASK>
[ 3293.483058][ T9720] memory: usage 307200kB, limit 307200kB, failcnt 347289
[ 3293.490868][ T9720] memory+swap: usage 307964kB, limit 9007199254740988kB, failcnt 0
[ 3293.499811][ T9720] kmem: usage 307164kB, limit 9007199254740988kB, failcnt 0
[ 3293.512081][ T9720] Memory cgroup stats for /syz3:
[ 3293.512180][ T9720] cache 0
[ 3293.520397][ T9720] rss 8192
[ 3293.523404][ T9720] rss_huge 0
[ 3293.527229][ T9720] shmem 0
[ 3293.530182][ T9720] mapped_file 0
[ 3293.533639][ T9720] dirty 0
[ 3293.536923][ T9720] writeback 0
[ 3293.540238][ T9720] workingset_refault_anon 268670
[ 3293.545610][ T9720] workingset_refault_file 72
[ 3293.550211][ T9720] swap 806912
[ 3293.554415][ T9720] swapcached 4096
[ 3293.558148][ T9720] pgpgin 1967790
[ 3293.561700][ T9720] pgpgout 1967787
[ 3293.565643][ T9720] pgfault 3441321
[ 3293.569280][ T9720] pgmajfault 219695
[ 3293.573068][ T9720] inactive_anon 0
[ 3293.577240][ T9720] active_anon 0
[ 3293.580766][ T9720] inactive_file 0
[ 3293.586140][ T9720] active_file 0
[ 3293.589698][ T9720] unevictable 0
[ 3293.593422][ T9720] hierarchical_memory_limit 314572800
[ 3293.599542][ T9720] hierarchical_memsw_limit 9223372036854771712
[ 3293.607142][ T9720] total_cache 0
[ 3293.610652][ T9720] total_rss 8192
[ 3293.614563][ T9720] total_rss_huge 0
[ 3293.618291][ T9720] total_shmem 0
[ 3293.621762][ T9720] total_mapped_file 0
[ 3293.626045][ T9720] total_dirty 0
[ 3293.629506][ T9720] total_writeback 0
[ 3293.633295][ T9720] total_workingset_refault_anon 268670
[ 3293.639061][ T9720] total_workingset_refault_file 72
[ 3293.644520][ T9720] total_swap 806912
[ 3293.648344][ T9720] total_swapcached 4096
[ 3293.652501][ T9720] total_pgpgin 1967790
[ 3293.658154][ T9720] total_pgpgout 1967787
[ 3293.662348][ T9720] total_pgfault 3441321
[ 3293.666843][ T9720] total_pgmajfault 219695
[ 3293.671188][ T9720] total_inactive_anon 0
[ 3293.675720][ T9720] total_active_anon 0
[ 3293.679706][ T9720] total_inactive_file 0
[ 3293.683965][ T9720] total_active_file 0
[ 3293.687957][ T9720] total_unevictable 0
[ 3293.691932][ T9720] anon_cost 0
10:59:45 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xf}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3293.696327][ T9720] file_cost 0
[ 3293.699625][ T9720] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9720,uid=0
[ 3293.716865][ T9720] Memory cgroup out of memory: Killed process 9720 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3293.968595][ T9721] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000
[ 3293.979231][ T9721] CPU: 0 PID: 9721 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3293.989561][ T9721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3293.999623][ T9721] Call Trace:
[ 3294.002887][ T9721]  <TASK>
[ 3294.005808][ T9721]  dump_stack_lvl+0x1e7/0x2e0
[ 3294.010475][ T9721]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3294.015659][ T9721]  ? __pfx__printk+0x10/0x10
[ 3294.020239][ T9721]  ? ___ratelimit+0x4c4/0x670
[ 3294.024902][ T9721]  ? __pfx____ratelimit+0x10/0x10
[ 3294.029911][ T9721]  dump_header+0xda/0x6a0
[ 3294.034240][ T9721]  oom_kill_process+0x3a7/0x930
[ 3294.039107][ T9721]  out_of_memory+0xf67/0x1320
[ 3294.043792][ T9721]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3294.049427][ T9721]  ? __pfx___mutex_lock+0x10/0x10
[ 3294.054449][ T9721]  ? __pfx_out_of_memory+0x10/0x10
[ 3294.059562][ T9721]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3294.065104][ T9721]  ? __pfx_lock_release+0x10/0x10
[ 3294.070125][ T9721]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3294.076192][ T9721]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3294.081383][ T9721]  ? mem_cgroup_iter+0x422/0x560
[ 3294.086317][ T9721]  try_charge_memcg+0xda2/0x18a0
[ 3294.091267][ T9721]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3294.096634][ T9721]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3294.102342][ T9721]  ? __pfx_lock_release+0x10/0x10
[ 3294.107362][ T9721]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3294.113343][ T9721]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3294.119051][ T9721]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3294.124859][ T9721]  obj_cgroup_charge+0x389/0x630
[ 3294.129802][ T9721]  ? obj_cgroup_charge+0x121/0x630
[ 3294.134909][ T9721]  ? __pfx_obj_cgroup_charge+0x10/0x10
[ 3294.140369][ T9721]  ? __pfx___might_resched+0x10/0x10
[ 3294.145650][ T9721]  __memcg_slab_pre_alloc_hook+0x28d/0x2b0
[ 3294.151457][ T9721]  kmem_cache_alloc_node+0x284/0x380
[ 3294.156733][ T9721]  ? dup_task_struct+0x57/0x7d0
[ 3294.161578][ T9721]  dup_task_struct+0x57/0x7d0
[ 3294.166246][ T9721]  ? _raw_spin_unlock_irq+0x23/0x50
[ 3294.171445][ T9721]  ? lockdep_hardirqs_on+0x98/0x140
[ 3294.176639][ T9721]  copy_process+0x5d5/0x3fc0
[ 3294.181230][ T9721]  ? __might_fault+0xa9/0x120
[ 3294.185903][ T9721]  ? __pfx_lock_release+0x10/0x10
[ 3294.190945][ T9721]  ? __pfx_copy_process+0x10/0x10
[ 3294.195959][ T9721]  ? __might_fault+0xc5/0x120
[ 3294.200629][ T9721]  ? __asan_memset+0x23/0x50
[ 3294.205219][ T9721]  kernel_clone+0x21d/0x8d0
[ 3294.209718][ T9721]  ? __pfx_kernel_clone+0x10/0x10
[ 3294.214752][ T9721]  __se_sys_clone3+0x2cb/0x350
[ 3294.219512][ T9721]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3294.224803][ T9721]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3294.230787][ T9721]  ? exc_page_fault+0x587/0x870
[ 3294.235643][ T9721]  ? do_syscall_64+0xb4/0x240
[ 3294.240324][ T9721]  do_syscall_64+0xf9/0x240
[ 3294.244999][ T9721]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3294.250903][ T9721] RIP: 0033:0x7fa2eb4a9b99
[ 3294.255321][ T9721] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3294.275018][ T9721] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3294.283429][ T9721] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3294.291396][ T9721] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3294.299369][ T9721] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3294.307336][ T9721] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3294.315305][ T9721] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3294.323281][ T9721]  </TASK>
[ 3294.334525][ T9721] memory: usage 307196kB, limit 307200kB, failcnt 347753
[ 3294.345013][ T9721] memory+swap: usage 307984kB, limit 9007199254740988kB, failcnt 0
[ 3294.353019][ T9721] kmem: usage 307164kB, limit 9007199254740988kB, failcnt 0
[ 3294.361437][ T9721] Memory cgroup stats for /syz3:
[ 3294.361564][ T9721] cache 0
[ 3294.370357][ T9721] rss 12288
[ 3294.373710][ T9721] rss_huge 0
[ 3294.377459][ T9721] shmem 0
[ 3294.380434][ T9721] mapped_file 0
[ 3294.384872][ T9721] dirty 0
[ 3294.387825][ T9721] writeback 0
[ 3294.391108][ T9721] workingset_refault_anon 268889
[ 3294.396340][ T9721] workingset_refault_file 72
[ 3294.400954][ T9721] swap 806912
[ 3294.404487][ T9721] swapcached 0
[ 3294.407853][ T9721] pgpgin 1968026
[ 3294.411381][ T9721] pgpgout 1968023
[ 3294.415856][ T9721] pgfault 3441649
[ 3294.419500][ T9721] pgmajfault 219896
[ 3294.423307][ T9721] inactive_anon 0
[ 3294.427406][ T9721] active_anon 12288
[ 3294.431218][ T9721] inactive_file 0
[ 3294.436796][ T9721] active_file 0
[ 3294.440293][ T9721] unevictable 0
[ 3294.443772][ T9721] hierarchical_memory_limit 314572800
[ 3294.450247][ T9721] hierarchical_memsw_limit 9223372036854771712
[ 3294.456832][ T9721] total_cache 0
[ 3294.460305][ T9721] total_rss 12288
[ 3294.464347][ T9721] total_rss_huge 0
[ 3294.468381][ T9721] total_shmem 0
[ 3294.471855][ T9721] total_mapped_file 0
[ 3294.477008][ T9721] total_dirty 0
[ 3294.481210][ T9721] total_writeback 0
[ 3294.486042][ T9721] total_workingset_refault_anon 268889
[ 3294.491566][ T9721] total_workingset_refault_file 72
[ 3294.497331][ T9721] total_swap 806912
[ 3294.501198][ T9721] total_swapcached 0
[ 3294.514077][ T9721] total_pgpgin 1968026
[ 3294.518245][ T9721] total_pgpgout 1968023
[ 3294.522506][ T9721] total_pgfault 3441649
[ 3294.527645][ T9721] total_pgmajfault 219896
[ 3294.532070][ T9721] total_inactive_anon 0
[ 3294.536552][ T9721] total_active_anon 12288
[ 3294.540900][ T9721] total_inactive_file 0
[ 3294.547795][ T9721] total_active_file 0
[ 3294.551805][ T9721] total_unevictable 0
[ 3294.556160][ T9721] anon_cost 0
[ 3294.559454][ T9721] file_cost 0
10:59:46 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x10}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3294.562754][ T9721] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9721,uid=0
[ 3294.579468][ T9721] Memory cgroup out of memory: Killed process 9721 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3294.709286][ T9722] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 3294.721452][ T9722] CPU: 1 PID: 9722 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3294.731804][ T9722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3294.741879][ T9722] Call Trace:
[ 3294.745163][ T9722]  <TASK>
[ 3294.748100][ T9722]  dump_stack_lvl+0x1e7/0x2e0
[ 3294.752784][ T9722]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3294.757994][ T9722]  ? __pfx__printk+0x10/0x10
[ 3294.762586][ T9722]  ? ___ratelimit+0x4c4/0x670
[ 3294.767268][ T9722]  ? __pfx____ratelimit+0x10/0x10
[ 3294.772295][ T9722]  dump_header+0xda/0x6a0
[ 3294.776642][ T9722]  oom_kill_process+0x3a7/0x930
[ 3294.781507][ T9722]  out_of_memory+0xf67/0x1320
[ 3294.786196][ T9722]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3294.791830][ T9722]  ? __pfx___mutex_lock+0x10/0x10
[ 3294.796857][ T9722]  ? __pfx_out_of_memory+0x10/0x10
[ 3294.801977][ T9722]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3294.807538][ T9722]  ? __pfx_lock_release+0x10/0x10
[ 3294.812571][ T9722]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3294.818645][ T9722]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3294.823856][ T9722]  ? mem_cgroup_iter+0x422/0x560
[ 3294.828799][ T9722]  try_charge_memcg+0xda2/0x18a0
[ 3294.833756][ T9722]  ? mark_lock+0x9a/0x350
[ 3294.838093][ T9722]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3294.843479][ T9722]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3294.849641][ T9722]  charge_memcg+0xa2/0x160
[ 3294.854077][ T9722]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3294.860164][ T9722]  __read_swap_cache_async+0x480/0x8b0
[ 3294.865632][ T9722]  ? mark_lock+0x9a/0x350
[ 3294.869971][ T9722]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3294.875964][ T9722]  swap_cluster_readahead+0x67c/0x810
[ 3294.881348][ T9722]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3294.887247][ T9722]  ? __pfx_lock_release+0x10/0x10
[ 3294.892274][ T9722]  ? xas_descend+0x37e/0x470
[ 3294.896873][ T9722]  swapin_readahead+0x1ea/0x1070
[ 3294.901811][ T9722]  ? filemap_get_entry+0x127/0x4e0
[ 3294.906931][ T9722]  ? __pfx_swapin_readahead+0x10/0x10
[ 3294.912312][ T9722]  ? __filemap_get_folio+0x935/0xbc0
[ 3294.917598][ T9722]  ? swap_cache_get_folio+0x9f/0x570
[ 3294.922881][ T9722]  do_swap_page+0x8ab/0x3da0
[ 3294.927476][ T9722]  ? __pte_offset_map+0x2c4/0x380
[ 3294.932502][ T9722]  ? do_swap_page+0x154/0x3da0
[ 3294.937261][ T9722]  ? __pfx_do_swap_page+0x10/0x10
[ 3294.942277][ T9722]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3294.947732][ T9722]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3294.953553][ T9722]  ? __pfx_validate_chain+0x10/0x10
[ 3294.958761][ T9722]  __handle_mm_fault+0x15e8/0x72d0
[ 3294.963912][ T9722]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3294.969384][ T9722]  ? mt_find+0x226/0x850
[ 3294.973627][ T9722]  ? __pfx_lock_release+0x10/0x10
[ 3294.978671][ T9722]  ? mt_find+0x62d/0x850
[ 3294.982925][ T9722]  ? mt_find+0x226/0x850
[ 3294.987188][ T9722]  ? find_vma+0x142/0x1c0
[ 3294.991518][ T9722]  ? __pfx_find_vma+0x10/0x10
[ 3294.996197][ T9722]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3295.002178][ T9722]  handle_mm_fault+0x3c1/0x8a0
[ 3295.006946][ T9722]  exc_page_fault+0x2ad/0x870
[ 3295.011624][ T9722]  asm_exc_page_fault+0x26/0x30
[ 3295.016476][ T9722] RIP: 0010:__get_user_8+0x11/0x20
[ 3295.021580][ T9722] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 3295.041179][ T9722] RSP: 0018:ffffc9000362fd78 EFLAGS: 00050202
[ 3295.047242][ T9722] RAX: 0000555557511da8 RBX: ffff8880236dee78 RCX: ffffc9000362fc03
[ 3295.055208][ T9722] RDX: 0000000000000000 RSI: ffffffff8baac760 RDI: ffffffff8bfe6820
[ 3295.063168][ T9722] RBP: ffffc9000362fec0 R08: ffffffff8f855a6f R09: 1ffffffff1f0ab4d
[ 3295.071133][ T9722] R10: dffffc0000000000 R11: fffffbfff1f0ab4e R12: ffffc9000362fd80
[ 3295.079097][ T9722] R13: ffffc9000362ffd8 R14: dffffc0000000000 R15: ffff8880236dd940
[ 3295.087086][ T9722]  __rseq_handle_notify_resume+0x158/0x1490
[ 3295.093002][ T9722]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 3295.099509][ T9722]  ? irqentry_exit_to_user_mode+0x52/0x280
[ 3295.105314][ T9722]  irqentry_exit_to_user_mode+0xbb/0x280
[ 3295.110944][ T9722]  exc_page_fault+0x587/0x870
[ 3295.115618][ T9722]  asm_exc_page_fault+0x26/0x30
[ 3295.120465][ T9722] RIP: 0033:0x7fa2eb45274e
[ 3295.124871][ T9722] Code: 64 24 60 4c 89 e7 e8 11 0e 00 00 89 c5 85 c0 0f 85 a2 00 00 00 c6 44 24 43 01 eb 09 c6 44 24 43 00 4c 8b 24 24 e8 a2 b4 02 00 <4c> 8b 2d c3 2f c8 00 48 8b 0d cc 2f c8 00 31 d2 8d 68 ff 89 c3 4c
[ 3295.144479][ T9722] RSP: 002b:00007fa2eb6cf9f0 EFLAGS: 00010206
[ 3295.150554][ T9722] RAX: 0000000000001000 RBX: 00007fa2eb6cfc90 RCX: 00007fa2eb5abf80
[ 3295.158516][ T9722] RDX: 00007fa2eb434bb0 RSI: 00007fa2eb6cfc90 RDI: 00007fa2eb6cfc48
[ 3295.166482][ T9722] RBP: 0000000000000000 R08: 00007fa2eb5abf8c R09: 00007fa2eb5abf8c
[ 3295.174792][ T9722] R10: 00007fa2eb000060 R11: 0000000000000246 R12: 00007fa2eb6cfc90
[ 3295.182754][ T9722] R13: 0000000000000064 R14: 00007fa2eb5abf80 R15: 00007fa2eb434bb0
[ 3295.190729][ T9722]  </TASK>
[ 3295.200021][ T9722] memory: usage 307200kB, limit 307200kB, failcnt 347956
[ 3295.207699][ T9722] memory+swap: usage 307976kB, limit 9007199254740988kB, failcnt 0
[ 3295.225559][ T9722] kmem: usage 307164kB, limit 9007199254740988kB, failcnt 0
[ 3295.232994][ T9722] Memory cgroup stats for /syz3:
[ 3295.233120][ T9722] cache 0
[ 3295.241646][ T9722] rss 16384
[ 3295.245190][ T9722] rss_huge 0
[ 3295.248403][ T9722] shmem 0
[ 3295.251342][ T9722] mapped_file 0
[ 3295.255162][ T9722] dirty 0
[ 3295.258103][ T9722] writeback 0
[ 3295.261381][ T9722] workingset_refault_anon 268973
[ 3295.266668][ T9722] workingset_refault_file 72
[ 3295.271266][ T9722] swap 794624
[ 3295.274990][ T9722] swapcached 0
[ 3295.278376][ T9722] pgpgin 1968121
[ 3295.281914][ T9722] pgpgout 1968117
[ 3295.285875][ T9722] pgfault 3441783
[ 3295.289534][ T9722] pgmajfault 219977
[ 3295.295095][ T9722] inactive_anon 0
[ 3295.298828][ T9722] active_anon 12288
[ 3295.302651][ T9722] inactive_file 0
[ 3295.312875][ T9722] active_file 0
[ 3295.318542][ T9722] unevictable 0
[ 3295.322088][ T9722] hierarchical_memory_limit 314572800
[ 3295.328014][ T9722] hierarchical_memsw_limit 9223372036854771712
[ 3295.334677][ T9722] total_cache 0
[ 3295.338197][ T9722] total_rss 16384
[ 3295.341858][ T9722] total_rss_huge 0
[ 3295.346044][ T9722] total_shmem 0
[ 3295.349586][ T9722] total_mapped_file 0
[ 3295.353655][ T9722] total_dirty 0
[ 3295.357639][ T9722] total_writeback 0
[ 3295.361542][ T9722] total_workingset_refault_anon 268973
[ 3295.367420][ T9722] total_workingset_refault_file 72
[ 3295.372607][ T9722] total_swap 794624
[ 3295.376886][ T9722] total_swapcached 0
[ 3295.380858][ T9722] total_pgpgin 1968121
[ 3295.386497][ T9722] total_pgpgout 1968117
[ 3295.390708][ T9722] total_pgfault 3441783
[ 3295.396231][ T9722] total_pgmajfault 219977
[ 3295.400580][ T9722] total_inactive_anon 0
[ 3295.405342][ T9722] total_active_anon 12288
[ 3295.409684][ T9722] total_inactive_file 0
[ 3295.416544][ T9722] total_active_file 0
[ 3295.420551][ T9722] total_unevictable 0
[ 3295.425015][ T9722] anon_cost 0
[ 3295.428324][ T9722] file_cost 0
[ 3295.431632][ T9722] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9722,uid=0
10:59:47 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x11}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3295.448008][ T9722] Memory cgroup out of memory: Killed process 9722 (syz-executor.3) total-vm:54376kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3295.800689][ T9723] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3295.816969][ T9723] CPU: 0 PID: 9723 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3295.827355][ T9723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3295.837398][ T9723] Call Trace:
[ 3295.840661][ T9723]  <TASK>
[ 3295.843576][ T9723]  dump_stack_lvl+0x1e7/0x2e0
[ 3295.848249][ T9723]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3295.853433][ T9723]  ? __pfx__printk+0x10/0x10
[ 3295.858013][ T9723]  ? ___ratelimit+0x4c4/0x670
[ 3295.862675][ T9723]  ? __pfx____ratelimit+0x10/0x10
[ 3295.867695][ T9723]  dump_header+0xda/0x6a0
[ 3295.872013][ T9723]  oom_kill_process+0x3a7/0x930
[ 3295.876870][ T9723]  out_of_memory+0xf67/0x1320
[ 3295.881565][ T9723]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3295.887199][ T9723]  ? __pfx___mutex_lock+0x10/0x10
[ 3295.892214][ T9723]  ? __pfx_out_of_memory+0x10/0x10
[ 3295.897316][ T9723]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3295.902843][ T9723]  ? __pfx_lock_release+0x10/0x10
[ 3295.907869][ T9723]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3295.913944][ T9723]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3295.919128][ T9723]  ? mem_cgroup_iter+0x422/0x560
[ 3295.924063][ T9723]  try_charge_memcg+0xda2/0x18a0
[ 3295.929042][ T9723]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3295.934425][ T9723]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3295.940127][ T9723]  ? __pfx_lock_release+0x10/0x10
[ 3295.945139][ T9723]  ? memcg_account_kmem+0x1e7/0x210
[ 3295.950332][ T9723]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3295.956122][ T9723]  __memcg_kmem_charge_page+0xe1/0x250
[ 3295.961567][ T9723]  memcg_charge_kernel_stack+0x3f8/0x550
[ 3295.967186][ T9723]  dup_task_struct+0x40d/0x7d0
[ 3295.971940][ T9723]  copy_process+0x5d5/0x3fc0
[ 3295.976541][ T9723]  ? __might_fault+0xa9/0x120
[ 3295.981231][ T9723]  ? __pfx_lock_release+0x10/0x10
[ 3295.986260][ T9723]  ? __pfx_copy_process+0x10/0x10
[ 3295.991268][ T9723]  ? __might_fault+0xc5/0x120
[ 3295.995931][ T9723]  ? __asan_memset+0x23/0x50
[ 3296.000505][ T9723]  kernel_clone+0x21d/0x8d0
[ 3296.004994][ T9723]  ? __pfx_kernel_clone+0x10/0x10
[ 3296.010032][ T9723]  __se_sys_clone3+0x2cb/0x350
[ 3296.014804][ T9723]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3296.020089][ T9723]  ? do_syscall_64+0x108/0x240
[ 3296.024853][ T9723]  ? do_syscall_64+0xb4/0x240
[ 3296.029547][ T9723]  do_syscall_64+0xf9/0x240
[ 3296.034059][ T9723]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3296.039939][ T9723] RIP: 0033:0x7fa2eb4a9b99
[ 3296.044343][ T9723] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3296.063942][ T9723] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3296.072337][ T9723] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3296.080304][ T9723] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3296.088275][ T9723] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3296.096245][ T9723] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3296.104219][ T9723] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3296.112207][ T9723]  </TASK>
[ 3296.124403][ T9723] memory: usage 307200kB, limit 307200kB, failcnt 348637
[ 3296.131676][ T9723] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3296.139948][ T9723] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3296.149459][ T9723] Memory cgroup stats for /syz3:
[ 3296.149586][ T9723] cache 0
[ 3296.158073][ T9723] rss 28672
[ 3296.161192][ T9723] rss_huge 0
[ 3296.165256][ T9723] shmem 0
[ 3296.168207][ T9723] mapped_file 0
[ 3296.171657][ T9723] dirty 0
[ 3296.175571][ T9723] writeback 0
[ 3296.178868][ T9723] workingset_refault_anon 269265
[ 3296.183779][ T9723] workingset_refault_file 72
[ 3296.189175][ T9723] swap 790528
[ 3296.192472][ T9723] swapcached 0
[ 3296.196231][ T9723] pgpgin 1968425
[ 3296.201282][ T9723] pgpgout 1968418
[ 3296.205877][ T9723] pgfault 3442222
[ 3296.209536][ T9723] pgmajfault 220250
[ 3296.213356][ T9723] inactive_anon 28672
[ 3296.219038][ T9723] active_anon 0
[ 3296.222505][ T9723] inactive_file 0
[ 3296.228369][ T9723] active_file 0
[ 3296.231840][ T9723] unevictable 0
[ 3296.236191][ T9723] hierarchical_memory_limit 314572800
[ 3296.241586][ T9723] hierarchical_memsw_limit 9223372036854771712
[ 3296.248452][ T9723] total_cache 0
[ 3296.253467][ T9723] total_rss 28672
[ 3296.259561][ T9723] total_rss_huge 0
[ 3296.263304][ T9723] total_shmem 0
[ 3296.267392][ T9723] total_mapped_file 0
[ 3296.271392][ T9723] total_dirty 0
[ 3296.275665][ T9723] total_writeback 0
[ 3296.279489][ T9723] total_workingset_refault_anon 269265
[ 3296.285687][ T9723] total_workingset_refault_file 72
[ 3296.290805][ T9723] total_swap 790528
[ 3296.296301][ T9723] total_swapcached 0
[ 3296.300225][ T9723] total_pgpgin 1968425
[ 3296.304681][ T9723] total_pgpgout 1968418
[ 3296.309195][ T9723] total_pgfault 3442222
[ 3296.313342][ T9723] total_pgmajfault 220250
[ 3296.318732][ T9723] total_inactive_anon 28672
[ 3296.323241][ T9723] total_active_anon 0
[ 3296.327634][ T9723] total_inactive_file 0
[ 3296.331879][ T9723] total_active_file 0
[ 3296.336189][ T9723] total_unevictable 0
[ 3296.340192][ T9723] anon_cost 0
[ 3296.343478][ T9723] file_cost 0
[ 3296.350252][ T9723] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9723,uid=0
[ 3296.384175][ T9723] Memory cgroup out of memory: Killed process 9723 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:59:48 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x14}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3296.749801][ T5114] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 3296.804807][ T5114] CPU: 1 PID: 5114 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3296.815194][ T5114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3296.825243][ T5114] Call Trace:
[ 3296.828512][ T5114]  <TASK>
[ 3296.831521][ T5114]  dump_stack_lvl+0x1e7/0x2e0
[ 3296.836210][ T5114]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3296.841402][ T5114]  ? __pfx__printk+0x10/0x10
[ 3296.845985][ T5114]  ? ___ratelimit+0x4c4/0x670
[ 3296.850668][ T5114]  ? __pfx____ratelimit+0x10/0x10
[ 3296.855690][ T5114]  dump_header+0xda/0x6a0
[ 3296.860019][ T5114]  oom_kill_process+0x3a7/0x930
[ 3296.864869][ T5114]  out_of_memory+0xf67/0x1320
[ 3296.869547][ T5114]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3296.875174][ T5114]  ? __pfx___mutex_lock+0x10/0x10
[ 3296.880198][ T5114]  ? __pfx_out_of_memory+0x10/0x10
[ 3296.885319][ T5114]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3296.890859][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3296.895880][ T5114]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3296.901941][ T5114]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3296.907143][ T5114]  ? mem_cgroup_iter+0x422/0x560
[ 3296.912078][ T5114]  try_charge_memcg+0xda2/0x18a0
[ 3296.917006][ T5114]  ? mark_lock+0x9a/0x350
[ 3296.921344][ T5114]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3296.926727][ T5114]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3296.932871][ T5114]  charge_memcg+0xa2/0x160
[ 3296.937301][ T5114]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3296.943363][ T5114]  __read_swap_cache_async+0x480/0x8b0
[ 3296.948817][ T5114]  ? mark_lock+0x9a/0x350
[ 3296.953145][ T5114]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3296.959126][ T5114]  swap_cluster_readahead+0x67c/0x810
[ 3296.964508][ T5114]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3296.970402][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3296.975423][ T5114]  ? xas_descend+0x37e/0x470
[ 3296.980012][ T5114]  swapin_readahead+0x1ea/0x1070
[ 3296.984944][ T5114]  ? filemap_get_entry+0x127/0x4e0
[ 3296.990058][ T5114]  ? __pfx_swapin_readahead+0x10/0x10
[ 3296.995435][ T5114]  ? __filemap_get_folio+0x935/0xbc0
[ 3297.000718][ T5114]  ? swap_cache_get_folio+0x9f/0x570
[ 3297.006001][ T5114]  do_swap_page+0x8ab/0x3da0
[ 3297.010585][ T5114]  ? __pte_offset_map+0x2c4/0x380
[ 3297.015607][ T5114]  ? do_swap_page+0x154/0x3da0
[ 3297.020362][ T5114]  ? __pfx_do_swap_page+0x10/0x10
[ 3297.025378][ T5114]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3297.030830][ T5114]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3297.036634][ T5114]  ? __pfx_validate_chain+0x10/0x10
[ 3297.041829][ T5114]  __handle_mm_fault+0x15e8/0x72d0
[ 3297.046958][ T5114]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3297.052421][ T5114]  ? mt_find+0x226/0x850
[ 3297.056661][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3297.061691][ T5114]  ? mt_find+0x62d/0x850
[ 3297.065929][ T5114]  ? mt_find+0x226/0x850
[ 3297.070177][ T5114]  ? find_vma+0x142/0x1c0
[ 3297.074498][ T5114]  ? __pfx_find_vma+0x10/0x10
[ 3297.079166][ T5114]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3297.085144][ T5114]  handle_mm_fault+0x3c1/0x8a0
[ 3297.089906][ T5114]  exc_page_fault+0x2ad/0x870
[ 3297.094582][ T5114]  asm_exc_page_fault+0x26/0x30
[ 3297.099428][ T5114] RIP: 0010:__get_user_8+0x11/0x20
[ 3297.104534][ T5114] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 3297.124132][ T5114] RSP: 0000:ffffc90003cefd98 EFLAGS: 00050202
[ 3297.130201][ T5114] RAX: 0000555557511da8 RBX: ffff888025e49538 RCX: ffffc90003cefc03
[ 3297.138169][ T5114] RDX: 0000000000000000 RSI: ffffffff8baac760 RDI: ffffffff8bfe6820
[ 3297.146135][ T5114] RBP: ffffc90003cefec8 R08: ffffffff8f855a6f R09: 1ffffffff1f0ab4d
[ 3297.154103][ T5114] R10: dffffc0000000000 R11: fffffbfff1f0ab4e R12: ffffc90003cefda0
[ 3297.162066][ T5114] R13: ffffc90003ceffd8 R14: dffffc0000000000 R15: ffff888025e48000
[ 3297.170042][ T5114]  __rseq_handle_notify_resume+0x158/0x1490
[ 3297.175947][ T5114]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 3297.182276][ T5114]  ? syscall_exit_to_user_mode+0xa2/0x370
[ 3297.187991][ T5114]  syscall_exit_to_user_mode+0x113/0x370
[ 3297.193619][ T5114]  do_syscall_64+0x108/0x240
[ 3297.198209][ T5114]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3297.204103][ T5114] RIP: 0033:0x7fa2eb4a91b5
[ 3297.208522][ T5114] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[ 3297.228121][ T5114] RSP: 002b:00007fa2eb6cfcf0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 3297.236531][ T5114] RAX: 0000000000000000 RBX: 00000000000067b3 RCX: 00007fa2eb4a91b5
[ 3297.244497][ T5114] RDX: 00007fa2eb6cfd30 RSI: 0000000000000000 RDI: 0000000000000000
[ 3297.252463][ T5114] RBP: 00007fa2eb6cfdbc R08: 0000000000000000 R09: 00007ffcc99b80b0
[ 3297.260438][ T5114] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 3297.268413][ T5114] R13: 0000000000324d3b R14: 0000000000324d3b R15: 0000000000000000
[ 3297.276404][ T5114]  </TASK>
[ 3297.343676][ T5114] memory: usage 307200kB, limit 307200kB, failcnt 348850
[ 3297.351187][ T5114] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3297.369598][ T5114] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3297.386603][ T5114] Memory cgroup stats for /syz3:
[ 3297.386740][ T5114] cache 0
[ 3297.401473][ T5114] rss 16384
[ 3297.410580][ T5114] rss_huge 0
[ 3297.418121][ T5114] shmem 0
[ 3297.421083][ T5114] mapped_file 0
[ 3297.428075][ T5114] dirty 0
[ 3297.431038][ T5114] writeback 0
[ 3297.441594][ T5114] workingset_refault_anon 269344
[ 3297.451941][ T5114] workingset_refault_file 72
[ 3297.463603][ T5114] swap 802816
[ 3297.470870][ T5114] swapcached 0
[ 3297.478250][ T5114] pgpgin 1968517
[ 3297.481805][ T5114] pgpgout 1968513
[ 3297.488723][ T5114] pgfault 3442354
[ 3297.492375][ T5114] pgmajfault 220323
[ 3297.501956][ T5114] inactive_anon 16384
[ 3297.511872][ T5114] active_anon 0
[ 3297.519171][ T5114] inactive_file 0
[ 3297.522823][ T5114] active_file 0
[ 3297.534459][ T5114] unevictable 0
[ 3297.537958][ T5114] hierarchical_memory_limit 314572800
[ 3297.543335][ T5114] hierarchical_memsw_limit 9223372036854771712
[ 3297.557978][ T5114] total_cache 0
[ 3297.561468][ T5114] total_rss 16384
[ 3297.571396][ T5114] total_rss_huge 0
[ 3297.580128][ T5114] total_shmem 0
[ 3297.583615][ T5114] total_mapped_file 0
[ 3297.593325][ T5114] total_dirty 0
[ 3297.597944][ T5114] total_writeback 0
[ 3297.601772][ T5114] total_workingset_refault_anon 269344
[ 3297.618855][ T5114] total_workingset_refault_file 72
[ 3297.627439][ T5114] total_swap 802816
[ 3297.635296][ T5114] total_swapcached 0
[ 3297.640005][ T5114] total_pgpgin 1968517
[ 3297.653040][ T5114] total_pgpgout 1968513
[ 3297.662939][ T5114] total_pgfault 3442354
[ 3297.672267][ T5114] total_pgmajfault 220323
[ 3297.679416][ T5114] total_inactive_anon 16384
[ 3297.687331][ T5114] total_active_anon 0
[ 3297.691326][ T5114] total_inactive_file 0
[ 3297.699266][ T5114] total_active_file 0
[ 3297.703283][ T5114] total_unevictable 0
[ 3297.714880][ T5114] anon_cost 0
[ 3297.718200][ T5114] file_cost 0
[ 3297.721487][ T5114] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9724,uid=0
[ 3297.752428][ T5114] Memory cgroup out of memory: Killed process 9724 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:59:49 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x15}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3297.961014][ T5114] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 3297.973713][ T5114] CPU: 0 PID: 5114 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3297.984072][ T5114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3297.994143][ T5114] Call Trace:
[ 3297.997435][ T5114]  <TASK>
[ 3298.000378][ T5114]  dump_stack_lvl+0x1e7/0x2e0
[ 3298.005086][ T5114]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3298.010399][ T5114]  ? __pfx__printk+0x10/0x10
[ 3298.015010][ T5114]  ? ___ratelimit+0x4c4/0x670
[ 3298.019712][ T5114]  ? __pfx____ratelimit+0x10/0x10
[ 3298.024760][ T5114]  dump_header+0xda/0x6a0
[ 3298.029105][ T5114]  oom_kill_process+0x3a7/0x930
[ 3298.033958][ T5114]  out_of_memory+0xf67/0x1320
[ 3298.038631][ T5114]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3298.044258][ T5114]  ? __pfx___mutex_lock+0x10/0x10
[ 3298.049280][ T5114]  ? __pfx_out_of_memory+0x10/0x10
[ 3298.054393][ T5114]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3298.059934][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3298.064958][ T5114]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3298.071023][ T5114]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3298.076217][ T5114]  ? mem_cgroup_iter+0x422/0x560
[ 3298.081153][ T5114]  try_charge_memcg+0xda2/0x18a0
[ 3298.086079][ T5114]  ? mark_lock+0x9a/0x350
[ 3298.090418][ T5114]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3298.095800][ T5114]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3298.101940][ T5114]  charge_memcg+0xa2/0x160
[ 3298.106352][ T5114]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3298.112415][ T5114]  __read_swap_cache_async+0x480/0x8b0
[ 3298.117865][ T5114]  ? mark_lock+0x9a/0x350
[ 3298.122200][ T5114]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3298.128182][ T5114]  swap_cluster_readahead+0x67c/0x810
[ 3298.133556][ T5114]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3298.139448][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3298.144467][ T5114]  ? xas_descend+0x37e/0x470
[ 3298.149055][ T5114]  swapin_readahead+0x1ea/0x1070
[ 3298.153985][ T5114]  ? filemap_get_entry+0x127/0x4e0
[ 3298.159096][ T5114]  ? __pfx_swapin_readahead+0x10/0x10
[ 3298.164557][ T5114]  ? __filemap_get_folio+0x935/0xbc0
[ 3298.169842][ T5114]  ? swap_cache_get_folio+0x9f/0x570
[ 3298.175130][ T5114]  do_swap_page+0x8ab/0x3da0
[ 3298.179722][ T5114]  ? __pte_offset_map+0x2c4/0x380
[ 3298.184742][ T5114]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3298.189934][ T5114]  ? do_swap_page+0x154/0x3da0
[ 3298.194687][ T5114]  ? __pfx_do_swap_page+0x10/0x10
[ 3298.199702][ T5114]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3298.205155][ T5114]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3298.210953][ T5114]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 3298.217295][ T5114]  __handle_mm_fault+0x15e8/0x72d0
[ 3298.222444][ T5114]  ? reacquire_held_locks+0x3eb/0x690
[ 3298.227824][ T5114]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3298.233385][ T5114]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 3298.239116][ T5114]  ? mtree_range_walk+0x6fd/0x8e0
[ 3298.244142][ T5114]  ? lock_vma_under_rcu+0x18a/0x730
[ 3298.249337][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3298.254357][ T5114]  ? lock_vma_under_rcu+0x2f9/0x730
[ 3298.259565][ T5114]  ? lock_vma_under_rcu+0x18a/0x730
[ 3298.264757][ T5114]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 3298.270301][ T5114]  handle_mm_fault+0x3c1/0x8a0
[ 3298.275066][ T5114]  exc_page_fault+0x456/0x870
[ 3298.279748][ T5114]  asm_exc_page_fault+0x26/0x30
[ 3298.284594][ T5114] RIP: 0033:0x7fa2eb4a91b8
[ 3298.288999][ T5114] Code: 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 44 89 c7 <48> 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8 c3 0f 1f
[ 3298.308598][ T5114] RSP: 002b:00007fa2eb6cfcf0 EFLAGS: 00010293
[ 3298.314656][ T5114] RAX: 0000000000000000 RBX: 00000000000067b5 RCX: 00007fa2eb4a91b5
[ 3298.322616][ T5114] RDX: 00007fa2eb6cfd30 RSI: 0000000000000000 RDI: 0000000000000000
[ 3298.330579][ T5114] RBP: 00007fa2eb6cfdbc R08: 0000000000000000 R09: 00007ffcc99b80b0
[ 3298.338549][ T5114] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 3298.346525][ T5114] R13: 0000000000325218 R14: 0000000000325218 R15: 0000000000000000
[ 3298.354498][ T5114]  </TASK>
[ 3298.408809][ T5114] memory: usage 307200kB, limit 307200kB, failcnt 349012
[ 3298.421943][ T5114] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3298.430739][ T5114] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3298.452131][ T5114] Memory cgroup stats for /syz3:
[ 3298.452265][ T5114] cache 0
[ 3298.466800][ T5114] rss 12288
[ 3298.470201][ T5114] rss_huge 0
[ 3298.473411][ T5114] shmem 0
[ 3298.480335][ T5114] mapped_file 0
[ 3298.488592][ T5114] dirty 0
[ 3298.491552][ T5114] writeback 0
[ 3298.497256][ T5114] workingset_refault_anon 269405
[ 3298.502206][ T5114] workingset_refault_file 72
[ 3298.523018][ T5114] swap 806912
[ 3298.527203][ T5114] swapcached 0
[ 3298.530602][ T5114] pgpgin 1968589
[ 3298.541494][ T5114] pgpgout 1968586
[ 3298.545886][ T5114] pgfault 3442465
[ 3298.550510][ T5114] pgmajfault 220379
[ 3298.563620][ T5114] inactive_anon 0
[ 3298.568260][ T5114] active_anon 12288
[ 3298.572370][ T5114] inactive_file 0
[ 3298.583222][ T5114] active_file 0
[ 3298.587401][ T5114] unevictable 0
[ 3298.590907][ T5114] hierarchical_memory_limit 314572800
[ 3298.616037][ T5114] hierarchical_memsw_limit 9223372036854771712
[ 3298.622222][ T5114] total_cache 0
[ 3298.639018][ T5114] total_rss 12288
[ 3298.642694][ T5114] total_rss_huge 0
[ 3298.647721][ T5114] total_shmem 0
[ 3298.651200][ T5114] total_mapped_file 0
[ 3298.666056][ T5114] total_dirty 0
[ 3298.669544][ T5114] total_writeback 0
[ 3298.684902][ T5114] total_workingset_refault_anon 269405
[ 3298.690393][ T5114] total_workingset_refault_file 72
[ 3298.702290][ T5114] total_swap 806912
[ 3298.706781][ T5114] total_swapcached 0
[ 3298.710694][ T5114] total_pgpgin 1968589
[ 3298.725918][ T5114] total_pgpgout 1968586
[ 3298.730105][ T5114] total_pgfault 3442465
[ 3298.743169][ T5114] total_pgmajfault 220379
[ 3298.748543][ T5114] total_inactive_anon 0
[ 3298.752720][ T5114] total_active_anon 12288
[ 3298.763403][ T5114] total_inactive_file 0
[ 3298.769158][ T5114] total_active_file 0
[ 3298.773158][ T5114] total_unevictable 0
[ 3298.787216][ T5114] anon_cost 0
[ 3298.790526][ T5114] file_cost 0
[ 3298.799211][ T5114] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9726,uid=0
10:59:50 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x48}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3298.824767][ T5114] Memory cgroup out of memory: Killed process 9726 (syz-executor.3) total-vm:54508kB, anon-rss:384kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3299.051728][ T9729] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3299.075175][ T9729] CPU: 1 PID: 9729 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3299.085545][ T9729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3299.095615][ T9729] Call Trace:
[ 3299.098905][ T9729]  <TASK>
[ 3299.101849][ T9729]  dump_stack_lvl+0x1e7/0x2e0
[ 3299.106552][ T9729]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3299.111777][ T9729]  ? __pfx__printk+0x10/0x10
[ 3299.116394][ T9729]  ? ___ratelimit+0x4c4/0x670
[ 3299.121104][ T9729]  ? __pfx____ratelimit+0x10/0x10
[ 3299.126158][ T9729]  dump_header+0xda/0x6a0
[ 3299.130517][ T9729]  oom_kill_process+0x3a7/0x930
[ 3299.135397][ T9729]  out_of_memory+0xf67/0x1320
[ 3299.140106][ T9729]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3299.145757][ T9729]  ? __pfx___mutex_lock+0x10/0x10
[ 3299.150808][ T9729]  ? __pfx_out_of_memory+0x10/0x10
[ 3299.155948][ T9729]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3299.161517][ T9729]  ? __pfx_lock_release+0x10/0x10
[ 3299.166566][ T9729]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3299.172666][ T9729]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3299.177900][ T9729]  ? mem_cgroup_iter+0x422/0x560
[ 3299.182864][ T9729]  try_charge_memcg+0xda2/0x18a0
[ 3299.187890][ T9729]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3299.193282][ T9729]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3299.199032][ T9729]  ? __pfx_lock_release+0x10/0x10
[ 3299.204085][ T9729]  ? memcg_account_kmem+0x1e7/0x210
[ 3299.209314][ T9729]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3299.215124][ T9729]  __memcg_kmem_charge_page+0xe1/0x250
[ 3299.220585][ T9729]  memcg_charge_kernel_stack+0x3f8/0x550
[ 3299.226229][ T9729]  dup_task_struct+0x15d/0x7d0
[ 3299.230997][ T9729]  copy_process+0x5d5/0x3fc0
[ 3299.235593][ T9729]  ? __might_fault+0xa9/0x120
[ 3299.240369][ T9729]  ? __pfx_lock_release+0x10/0x10
[ 3299.245404][ T9729]  ? __pfx_copy_process+0x10/0x10
[ 3299.250424][ T9729]  ? __might_fault+0xc5/0x120
[ 3299.255099][ T9729]  ? __asan_memset+0x23/0x50
[ 3299.259687][ T9729]  kernel_clone+0x21d/0x8d0
[ 3299.264200][ T9729]  ? __pfx_kernel_clone+0x10/0x10
[ 3299.269245][ T9729]  __se_sys_clone3+0x2cb/0x350
[ 3299.274014][ T9729]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3299.279319][ T9729]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3299.285309][ T9729]  ? exc_page_fault+0x587/0x870
[ 3299.290168][ T9729]  ? do_syscall_64+0xb4/0x240
[ 3299.294849][ T9729]  do_syscall_64+0xf9/0x240
[ 3299.299356][ T9729]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3299.305245][ T9729] RIP: 0033:0x7fa2eb4a9b99
[ 3299.309654][ T9729] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3299.329252][ T9729] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3299.337665][ T9729] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3299.345628][ T9729] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3299.353590][ T9729] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3299.361550][ T9729] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3299.369528][ T9729] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3299.377513][ T9729]  </TASK>
[ 3299.393098][ T6454] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[ 3299.404407][ T9729] memory: usage 307200kB, limit 307200kB, failcnt 349186
[ 3299.411460][ T9729] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3299.419906][ T9729] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3299.427535][ T9729] Memory cgroup stats for /syz3:
[ 3299.427656][ T9729] cache 0
[ 3299.435881][ T9729] rss 12288
[ 3299.439000][ T9729] rss_huge 0
[ 3299.442203][ T9729] shmem 0
[ 3299.445736][ T9729] mapped_file 0
[ 3299.449210][ T9729] dirty 0
[ 3299.452152][ T9729] writeback 0
[ 3299.455821][ T9729] workingset_refault_anon 269432
[ 3299.460762][ T9729] workingset_refault_file 72
[ 3299.465900][ T9729] swap 806912
[ 3299.469195][ T9729] swapcached 4096
[ 3299.472839][ T9729] pgpgin 1968661
[ 3299.477006][ T9729] pgpgout 1968658
[ 3299.480645][ T9729] pgfault 3442573
[ 3299.484581][ T9729] pgmajfault 220432
[ 3299.488394][ T9729] inactive_anon 0
[ 3299.493093][ T9729] active_anon 12288
[ 3299.498810][ T9729] inactive_file 0
[ 3299.502459][ T9729] active_file 0
[ 3299.506585][ T6454] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[ 3299.523039][ T9729] unevictable 0
[ 3299.527139][ T6454] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[ 3299.539318][ T9729] hierarchical_memory_limit 314572800
[ 3299.547598][ T6454] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[ 3299.547648][ T9729] hierarchical_memsw_limit 9223372036854771712
[ 3299.561342][ T9729] total_cache 0
[ 3299.561382][ T6454] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[ 3299.574704][ T9729] total_rss 12288
[ 3299.578464][ T6454] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[ 3299.585767][ T9729] total_rss_huge 0
[ 3299.589503][ T9729] total_shmem 0
[ 3299.592971][ T9729] total_mapped_file 0
[ 3299.598074][ T9729] total_dirty 0
[ 3299.601849][ T9729] total_writeback 0
[ 3299.608623][ T9729] total_workingset_refault_anon 269432
[ 3299.614471][ T9729] total_workingset_refault_file 72
[ 3299.619593][ T9729] total_swap 806912
[ 3299.623481][ T9729] total_swapcached 4096
[ 3299.628252][ T9729] total_pgpgin 1968661
[ 3299.632370][ T9729] total_pgpgout 1968658
[ 3299.636879][ T9729] total_pgfault 3442573
[ 3299.641046][ T9729] total_pgmajfault 220432
[ 3299.645716][ T9729] total_inactive_anon 0
[ 3299.649882][ T9729] total_active_anon 12288
[ 3299.654780][ T9729] total_inactive_file 0
[ 3299.658948][ T9729] total_active_file 0
[ 3299.662963][ T9729] total_unevictable 0
[ 3299.667321][ T9729] anon_cost 0
[ 3299.670621][ T9729] file_cost 0
[ 3299.674292][ T9729] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9729,uid=0
10:59:51 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x60}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3299.705683][ T9729] Memory cgroup out of memory: Killed process 9729 (syz-executor.3) total-vm:54508kB, anon-rss:384kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3299.867398][ T5114] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 3299.899500][ T5114] CPU: 0 PID: 5114 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3299.909879][ T5114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3299.919954][ T5114] Call Trace:
[ 3299.923249][ T5114]  <TASK>
[ 3299.926194][ T5114]  dump_stack_lvl+0x1e7/0x2e0
[ 3299.930898][ T5114]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3299.936116][ T5114]  ? __pfx__printk+0x10/0x10
[ 3299.940730][ T5114]  ? ___ratelimit+0x4c4/0x670
[ 3299.945440][ T5114]  ? __pfx____ratelimit+0x10/0x10
[ 3299.950485][ T5114]  dump_header+0xda/0x6a0
[ 3299.954840][ T5114]  oom_kill_process+0x3a7/0x930
[ 3299.959706][ T5114]  out_of_memory+0xf67/0x1320
[ 3299.964414][ T5114]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3299.970067][ T5114]  ? __pfx___mutex_lock+0x10/0x10
[ 3299.975120][ T5114]  ? __pfx_out_of_memory+0x10/0x10
[ 3299.980259][ T5114]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3299.985823][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3299.990867][ T5114]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3299.996956][ T5114]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3300.002172][ T5114]  ? mem_cgroup_iter+0x422/0x560
[ 3300.007126][ T5114]  try_charge_memcg+0xda2/0x18a0
[ 3300.012060][ T5114]  ? mark_lock+0x9a/0x350
[ 3300.016395][ T5114]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3300.021778][ T5114]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3300.027920][ T5114]  charge_memcg+0xa2/0x160
[ 3300.032331][ T5114]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3300.038389][ T5114]  __read_swap_cache_async+0x480/0x8b0
[ 3300.043841][ T5114]  ? mark_lock+0x9a/0x350
[ 3300.048166][ T5114]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3300.054157][ T5114]  swap_cluster_readahead+0x67c/0x810
[ 3300.059542][ T5114]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3300.065432][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3300.070451][ T5114]  ? xas_descend+0x37e/0x470
[ 3300.075039][ T5114]  swapin_readahead+0x1ea/0x1070
[ 3300.079968][ T5114]  ? filemap_get_entry+0x127/0x4e0
[ 3300.085081][ T5114]  ? __pfx_swapin_readahead+0x10/0x10
[ 3300.090453][ T5114]  ? __filemap_get_folio+0x935/0xbc0
[ 3300.095734][ T5114]  ? swap_cache_get_folio+0x9f/0x570
[ 3300.101037][ T5114]  do_swap_page+0x8ab/0x3da0
[ 3300.105635][ T5114]  ? __pte_offset_map+0x2c4/0x380
[ 3300.110670][ T5114]  ? do_swap_page+0x154/0x3da0
[ 3300.115432][ T5114]  ? __pfx_do_swap_page+0x10/0x10
[ 3300.120446][ T5114]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3300.125899][ T5114]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3300.131702][ T5114]  ? __pfx_validate_chain+0x10/0x10
[ 3300.136895][ T5114]  __handle_mm_fault+0x15e8/0x72d0
[ 3300.142021][ T5114]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3300.147478][ T5114]  ? mt_find+0x226/0x850
[ 3300.151715][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3300.156748][ T5114]  ? mt_find+0x62d/0x850
[ 3300.160986][ T5114]  ? mt_find+0x226/0x850
[ 3300.165238][ T5114]  ? find_vma+0x142/0x1c0
[ 3300.169556][ T5114]  ? __pfx_find_vma+0x10/0x10
[ 3300.174222][ T5114]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3300.180200][ T5114]  handle_mm_fault+0x3c1/0x8a0
[ 3300.184964][ T5114]  exc_page_fault+0x2ad/0x870
[ 3300.189637][ T5114]  asm_exc_page_fault+0x26/0x30
[ 3300.194492][ T5114] RIP: 0010:__get_user_8+0x11/0x20
[ 3300.199595][ T5114] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 3300.219195][ T5114] RSP: 0018:ffffc90003cefd98 EFLAGS: 00050202
[ 3300.225256][ T5114] RAX: 0000555557511da8 RBX: ffff888025e49538 RCX: ffffc90003cefc03
[ 3300.233217][ T5114] RDX: 0000000000000000 RSI: ffffffff8baac760 RDI: ffffffff8bfe6820
[ 3300.241176][ T5114] RBP: ffffc90003cefec8 R08: ffffffff8f855a6f R09: 1ffffffff1f0ab4d
[ 3300.249139][ T5114] R10: dffffc0000000000 R11: fffffbfff1f0ab4e R12: ffffc90003cefda0
[ 3300.257100][ T5114] R13: ffffc90003ceffd8 R14: dffffc0000000000 R15: ffff888025e48000
[ 3300.265090][ T5114]  __rseq_handle_notify_resume+0x158/0x1490
[ 3300.271007][ T5114]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 3300.277341][ T5114]  ? syscall_exit_to_user_mode+0xa2/0x370
[ 3300.283146][ T5114]  syscall_exit_to_user_mode+0x113/0x370
[ 3300.288777][ T5114]  do_syscall_64+0x108/0x240
[ 3300.293367][ T5114]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3300.299265][ T5114] RIP: 0033:0x7fa2eb4a91b5
[ 3300.303673][ T5114] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[ 3300.323278][ T5114] RSP: 002b:00007fa2eb6cfcf0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 3300.331690][ T5114] RAX: 0000000000000000 RBX: 00000000000067b8 RCX: 00007fa2eb4a91b5
[ 3300.339657][ T5114] RDX: 00007fa2eb6cfd30 RSI: 0000000000000000 RDI: 0000000000000000
[ 3300.347619][ T5114] RBP: 00007fa2eb6cfdbc R08: 0000000000000000 R09: 00007ffcc99b80b0
[ 3300.355581][ T5114] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 3300.363546][ T5114] R13: 00000000003259b3 R14: 00000000003259b3 R15: 0000000000000000
[ 3300.371535][ T5114]  </TASK>
[ 3300.390568][ T5114] memory: usage 307200kB, limit 307200kB, failcnt 349367
[ 3300.403426][ T5114] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3300.413648][ T5114] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3300.424390][ T5114] Memory cgroup stats for /syz3:
[ 3300.428560][ T5114] cache 0
[ 3300.437462][ T5114] rss 20480
[ 3300.440585][ T5114] rss_huge 0
[ 3300.443781][ T5114] shmem 0
[ 3300.447201][ T5114] mapped_file 0
[ 3300.450674][ T5114] dirty 0
[ 3300.453624][ T5114] writeback 0
[ 3300.457311][ T5114] workingset_refault_anon 269486
[ 3300.462257][ T5114] workingset_refault_file 72
[ 3300.471211][ T5114] swap 798720
[ 3300.474912][ T5114] swapcached 0
[ 3300.480625][ T5114] pgpgin 1968744
[ 3300.484473][ T5114] pgpgout 1968739
[ 3300.488116][ T5114] pgfault 3442690
[ 3300.491765][ T5114] pgmajfault 220495
[ 3300.497176][ T5114] inactive_anon 0
[ 3300.500881][ T5114] active_anon 20480
[ 3300.505416][ T5114] inactive_file 0
[ 3300.509062][ T5114] active_file 0
[ 3300.512522][ T5114] unevictable 0
[ 3300.518301][ T5114] hierarchical_memory_limit 314572800
[ 3300.523698][ T5114] hierarchical_memsw_limit 9223372036854771712
[ 3300.533621][ T5114] total_cache 0
[ 3300.539333][ T5114] total_rss 20480
[ 3300.542988][ T5114] total_rss_huge 0
[ 3300.547513][ T5114] total_shmem 0
[ 3300.550985][ T5114] total_mapped_file 0
[ 3300.558978][ T5114] total_dirty 0
[ 3300.562465][ T5114] total_writeback 0
[ 3300.567191][ T5114] total_workingset_refault_anon 269486
[ 3300.572669][ T5114] total_workingset_refault_file 72
[ 3300.578597][ T5114] total_swap 798720
[ 3300.582417][ T5114] total_swapcached 0
[ 3300.587150][ T5114] total_pgpgin 1968744
[ 3300.591307][ T5114] total_pgpgout 1968739
[ 3300.597394][ T5114] total_pgfault 3442690
[ 3300.601581][ T5114] total_pgmajfault 220495
[ 3300.608284][ T5114] total_inactive_anon 0
[ 3300.612451][ T5114] total_active_anon 20480
[ 3300.623264][ T5114] total_inactive_file 0
[ 3300.628233][ T5114] total_active_file 0
[ 3300.632919][ T5114] total_unevictable 0
10:59:52 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x300}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3300.638813][ T5114] anon_cost 0
[ 3300.642199][ T5114] file_cost 0
[ 3300.651050][ T5114] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9733,uid=0
[ 3300.667610][ T5114] Memory cgroup out of memory: Killed process 9733 (syz-executor.3) total-vm:54508kB, anon-rss:376kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3300.915802][ T9734] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3300.933911][ T9734] CPU: 1 PID: 9734 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3300.944276][ T9734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3300.954343][ T9734] Call Trace:
[ 3300.957623][ T9734]  <TASK>
[ 3300.960541][ T9734]  dump_stack_lvl+0x1e7/0x2e0
[ 3300.965225][ T9734]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3300.970438][ T9734]  ? __pfx__printk+0x10/0x10
[ 3300.975026][ T9734]  ? ___ratelimit+0x4c4/0x670
[ 3300.979696][ T9734]  ? __pfx____ratelimit+0x10/0x10
[ 3300.984722][ T9734]  dump_header+0xda/0x6a0
[ 3300.989068][ T9734]  oom_kill_process+0x3a7/0x930
[ 3300.993938][ T9734]  out_of_memory+0xf67/0x1320
[ 3300.998630][ T9734]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3301.004262][ T9734]  ? __pfx___mutex_lock+0x10/0x10
[ 3301.009308][ T9734]  ? __pfx_out_of_memory+0x10/0x10
[ 3301.014448][ T9734]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3301.019999][ T9734]  ? __pfx_lock_release+0x10/0x10
[ 3301.025026][ T9734]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3301.031093][ T9734]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3301.036288][ T9734]  ? mem_cgroup_iter+0x422/0x560
[ 3301.041225][ T9734]  try_charge_memcg+0xda2/0x18a0
[ 3301.046175][ T9734]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3301.051540][ T9734]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3301.057257][ T9734]  ? __pfx_lock_release+0x10/0x10
[ 3301.062275][ T9734]  ? memcg_account_kmem+0x1e7/0x210
[ 3301.067473][ T9734]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3301.073269][ T9734]  __memcg_kmem_charge_page+0xe1/0x250
[ 3301.078726][ T9734]  memcg_charge_kernel_stack+0x3f8/0x550
[ 3301.084356][ T9734]  dup_task_struct+0x15d/0x7d0
[ 3301.089113][ T9734]  copy_process+0x5d5/0x3fc0
[ 3301.093702][ T9734]  ? __might_fault+0xa9/0x120
[ 3301.098372][ T9734]  ? __pfx_lock_release+0x10/0x10
[ 3301.103393][ T9734]  ? __lock_acquire+0x1345/0x1fd0
[ 3301.108415][ T9734]  ? __pfx_copy_process+0x10/0x10
[ 3301.113431][ T9734]  ? __might_fault+0xc5/0x120
[ 3301.118104][ T9734]  ? __asan_memset+0x23/0x50
[ 3301.122688][ T9734]  kernel_clone+0x21d/0x8d0
[ 3301.127188][ T9734]  ? __pfx_kernel_clone+0x10/0x10
[ 3301.132211][ T9734]  ? __pfx_lock_release+0x10/0x10
[ 3301.137325][ T9734]  __se_sys_clone3+0x2cb/0x350
[ 3301.142082][ T9734]  ? __might_fault+0xa9/0x120
[ 3301.146752][ T9734]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3301.152028][ T9734]  ? rcu_is_watching+0x15/0xb0
[ 3301.156798][ T9734]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3301.162779][ T9734]  ? exc_page_fault+0x587/0x870
[ 3301.167625][ T9734]  ? do_syscall_64+0xb4/0x240
[ 3301.172300][ T9734]  do_syscall_64+0xf9/0x240
[ 3301.176803][ T9734]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3301.182689][ T9734] RIP: 0033:0x7fa2eb4a9b99
[ 3301.187095][ T9734] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3301.206692][ T9734] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3301.215100][ T9734] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3301.223064][ T9734] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3301.231296][ T9734] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3301.239270][ T9734] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3301.247237][ T9734] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3301.255216][ T9734]  </TASK>
[ 3301.267753][ T9734] memory: usage 307200kB, limit 307200kB, failcnt 349867
[ 3301.278152][ T9734] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3301.286518][ T9734] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3301.294415][ T9734] Memory cgroup stats for /syz3:
[ 3301.294622][ T9734] cache 0
[ 3301.302844][ T9734] rss 12288
[ 3301.306320][ T9734] rss_huge 0
[ 3301.309520][ T9734] shmem 0
[ 3301.312436][ T9734] mapped_file 0
[ 3301.316282][ T9734] dirty 0
[ 3301.319224][ T9734] writeback 0
[ 3301.324212][ T9734] workingset_refault_anon 269676
[ 3301.329171][ T9734] workingset_refault_file 72
[ 3301.333750][ T9734] swap 806912
[ 3301.338160][ T9734] swapcached 0
[ 3301.341546][ T9734] pgpgin 1968949
[ 3301.345626][ T9734] pgpgout 1968946
[ 3301.349281][ T9734] pgfault 3442986
[ 3301.352916][ T9734] pgmajfault 220676
[ 3301.357144][ T9734] inactive_anon 0
[ 3301.360794][ T9734] active_anon 12288
[ 3301.366556][ T9734] inactive_file 0
[ 3301.370200][ T9734] active_file 0
[ 3301.373637][ T9734] unevictable 0
[ 3301.377593][ T9734] hierarchical_memory_limit 314572800
[ 3301.382966][ T9734] hierarchical_memsw_limit 9223372036854771712
[ 3301.389523][ T9734] total_cache 0
[ 3301.392994][ T9734] total_rss 12288
[ 3301.397019][ T9734] total_rss_huge 0
[ 3301.400750][ T9734] total_shmem 0
[ 3301.404836][ T9734] total_mapped_file 0
[ 3301.408836][ T9734] total_dirty 0
[ 3301.412272][ T9734] total_writeback 0
[ 3301.416524][ T9734] total_workingset_refault_anon 269676
[ 3301.421990][ T9734] total_workingset_refault_file 72
[ 3301.427403][ T9734] total_swap 806912
[ 3301.431208][ T9734] total_swapcached 0
[ 3301.435698][ T9734] total_pgpgin 1968949
[ 3301.440042][ T9734] total_pgpgout 1968946
[ 3301.444613][ T9734] total_pgfault 3442986
[ 3301.448768][ T9734] total_pgmajfault 220676
[ 3301.453081][ T9734] total_inactive_anon 0
[ 3301.457558][ T9734] total_active_anon 12288
[ 3301.461892][ T9734] total_inactive_file 0
[ 3301.466757][ T9734] total_active_file 0
[ 3301.470769][ T9734] total_unevictable 0
[ 3301.476939][ T9734] anon_cost 0
[ 3301.480257][ T9734] file_cost 0
[ 3301.483547][ T9734] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9734,uid=0
[ 3301.499725][ T9734] Memory cgroup out of memory: Killed process 9734 (syz-executor.3) total-vm:54508kB, anon-rss:372kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:59:53 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x500}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3301.624264][ T6454] Bluetooth: hci8: command 0x0409 tx timeout
[ 3301.748356][ T9735] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3301.759229][ T9735] CPU: 1 PID: 9735 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3301.769626][ T9735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3301.779712][ T9735] Call Trace:
[ 3301.782989][ T9735]  <TASK>
[ 3301.785924][ T9735]  dump_stack_lvl+0x1e7/0x2e0
[ 3301.790608][ T9735]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3301.795808][ T9735]  ? __pfx__printk+0x10/0x10
[ 3301.800395][ T9735]  ? ___ratelimit+0x4c4/0x670
[ 3301.805074][ T9735]  ? __pfx____ratelimit+0x10/0x10
[ 3301.810103][ T9735]  dump_header+0xda/0x6a0
[ 3301.814437][ T9735]  oom_kill_process+0x3a7/0x930
[ 3301.819289][ T9735]  out_of_memory+0xf67/0x1320
[ 3301.823977][ T9735]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3301.829624][ T9735]  ? __pfx___mutex_lock+0x10/0x10
[ 3301.834661][ T9735]  ? __pfx_out_of_memory+0x10/0x10
[ 3301.839777][ T9735]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3301.845318][ T9735]  ? __pfx_lock_release+0x10/0x10
[ 3301.850345][ T9735]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3301.856413][ T9735]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3301.861614][ T9735]  ? mem_cgroup_iter+0x422/0x560
[ 3301.866553][ T9735]  try_charge_memcg+0xda2/0x18a0
[ 3301.871506][ T9735]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3301.876875][ T9735]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3301.882590][ T9735]  ? __pfx_lock_release+0x10/0x10
[ 3301.887627][ T9735]  ? memcg_account_kmem+0x1e7/0x210
[ 3301.892831][ T9735]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3301.898633][ T9735]  __memcg_kmem_charge_page+0xe1/0x250
[ 3301.904105][ T9735]  memcg_charge_kernel_stack+0x196/0x550
[ 3301.909743][ T9735]  dup_task_struct+0x15d/0x7d0
[ 3301.914523][ T9735]  copy_process+0x5d5/0x3fc0
[ 3301.919207][ T9735]  ? __might_fault+0xa9/0x120
[ 3301.923895][ T9735]  ? __pfx_lock_release+0x10/0x10
[ 3301.928933][ T9735]  ? __pfx_copy_process+0x10/0x10
[ 3301.933964][ T9735]  ? __might_fault+0xc5/0x120
[ 3301.938798][ T9735]  ? __asan_memset+0x23/0x50
[ 3301.943413][ T9735]  kernel_clone+0x21d/0x8d0
[ 3301.947924][ T9735]  ? __pfx_kernel_clone+0x10/0x10
[ 3301.952964][ T9735]  __se_sys_clone3+0x2cb/0x350
[ 3301.957733][ T9735]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3301.963032][ T9735]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3301.969031][ T9735]  ? exc_page_fault+0x587/0x870
[ 3301.973899][ T9735]  ? do_syscall_64+0xb4/0x240
[ 3301.978588][ T9735]  do_syscall_64+0xf9/0x240
[ 3301.983097][ T9735]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3301.988990][ T9735] RIP: 0033:0x7fa2eb4a9b99
[ 3301.993407][ T9735] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3302.013018][ T9735] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3302.021430][ T9735] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3302.029406][ T9735] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3302.037372][ T9735] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3302.045342][ T9735] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3302.053310][ T9735] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3302.061291][ T9735]  </TASK>
[ 3302.074769][ T9735] memory: usage 307200kB, limit 307200kB, failcnt 350375
[ 3302.081828][ T9735] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3302.090909][ T9735] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3302.100690][ T9735] Memory cgroup stats for /syz3:
[ 3302.100811][ T9735] cache 0
[ 3302.109747][ T9735] rss 8192
[ 3302.112787][ T9735] rss_huge 0
[ 3302.117018][ T9735] shmem 0
[ 3302.119976][ T9735] mapped_file 0
[ 3302.123440][ T9735] dirty 0
[ 3302.127371][ T9735] writeback 0
[ 3302.130670][ T9735] workingset_refault_anon 269871
[ 3302.136544][ T9735] workingset_refault_file 72
[ 3302.141401][ T9735] swap 811008
[ 3302.145423][ T9735] swapcached 0
[ 3302.148822][ T9735] pgpgin 1969161
[ 3302.152405][ T9735] pgpgout 1969159
[ 3302.157278][ T9735] pgfault 3443292
[ 3302.160939][ T9735] pgmajfault 220864
[ 3302.165565][ T9735] inactive_anon 0
[ 3302.169210][ T9735] active_anon 8192
[ 3302.172916][ T9735] inactive_file 0
[ 3302.178833][ T9735] active_file 0
[ 3302.182309][ T9735] unevictable 0
[ 3302.186942][ T9735] hierarchical_memory_limit 314572800
[ 3302.192335][ T9735] hierarchical_memsw_limit 9223372036854771712
[ 3302.200197][ T9735] total_cache 0
[ 3302.203682][ T9735] total_rss 8192
[ 3302.208272][ T9735] total_rss_huge 0
[ 3302.212009][ T9735] total_shmem 0
[ 3302.215774][ T9735] total_mapped_file 0
[ 3302.219790][ T9735] total_dirty 0
[ 3302.223259][ T9735] total_writeback 0
[ 3302.227431][ T9735] total_workingset_refault_anon 269871
[ 3302.232894][ T9735] total_workingset_refault_file 72
[ 3302.238288][ T9735] total_swap 811008
[ 3302.242094][ T9735] total_swapcached 0
[ 3302.246350][ T9735] total_pgpgin 1969161
[ 3302.250426][ T9735] total_pgpgout 1969159
[ 3302.254943][ T9735] total_pgfault 3443292
[ 3302.259733][ T9735] total_pgmajfault 220864
[ 3302.264430][ T9735] total_inactive_anon 0
[ 3302.268596][ T9735] total_active_anon 8192
[ 3302.272837][ T9735] total_inactive_file 0
[ 3302.277293][ T9735] total_active_file 0
[ 3302.281302][ T9735] total_unevictable 0
[ 3302.285665][ T9735] anon_cost 0
[ 3302.288965][ T9735] file_cost 0
[ 3302.292278][ T9735] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9735,uid=0
[ 3302.309903][ T9735] Memory cgroup out of memory: Killed process 9735 (syz-executor.3) total-vm:54508kB, anon-rss:372kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:59:54 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x600}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3302.545954][ T9736] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3302.556590][ T9736] CPU: 0 PID: 9736 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3302.566950][ T9736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3302.577023][ T9736] Call Trace:
[ 3302.580296][ T9736]  <TASK>
[ 3302.583222][ T9736]  dump_stack_lvl+0x1e7/0x2e0
[ 3302.587905][ T9736]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3302.593096][ T9736]  ? __pfx__printk+0x10/0x10
[ 3302.597677][ T9736]  ? ___ratelimit+0x4c4/0x670
[ 3302.602438][ T9736]  ? __pfx____ratelimit+0x10/0x10
[ 3302.607458][ T9736]  dump_header+0xda/0x6a0
[ 3302.611786][ T9736]  oom_kill_process+0x3a7/0x930
[ 3302.616656][ T9736]  out_of_memory+0xf67/0x1320
[ 3302.621359][ T9736]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3302.627017][ T9736]  ? __pfx___mutex_lock+0x10/0x10
[ 3302.632076][ T9736]  ? __pfx_out_of_memory+0x10/0x10
[ 3302.637199][ T9736]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3302.642738][ T9736]  ? __pfx_lock_release+0x10/0x10
[ 3302.647773][ T9736]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3302.653847][ T9736]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3302.659051][ T9736]  ? mem_cgroup_iter+0x422/0x560
[ 3302.663996][ T9736]  try_charge_memcg+0xda2/0x18a0
[ 3302.668970][ T9736]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3302.674348][ T9736]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3302.680071][ T9736]  ? __pfx_lock_release+0x10/0x10
[ 3302.685100][ T9736]  ? memcg_account_kmem+0x1e7/0x210
[ 3302.690319][ T9736]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3302.696135][ T9736]  __memcg_kmem_charge_page+0xe1/0x250
[ 3302.701604][ T9736]  memcg_charge_kernel_stack+0x196/0x550
[ 3302.707247][ T9736]  dup_task_struct+0x40d/0x7d0
[ 3302.712019][ T9736]  copy_process+0x5d5/0x3fc0
[ 3302.716624][ T9736]  ? __might_fault+0xa9/0x120
[ 3302.721306][ T9736]  ? __pfx_lock_release+0x10/0x10
[ 3302.726337][ T9736]  ? __pfx_copy_process+0x10/0x10
[ 3302.731358][ T9736]  ? __might_fault+0xc5/0x120
[ 3302.736035][ T9736]  ? __asan_memset+0x23/0x50
[ 3302.740630][ T9736]  kernel_clone+0x21d/0x8d0
[ 3302.745134][ T9736]  ? __pfx_kernel_clone+0x10/0x10
[ 3302.750180][ T9736]  __se_sys_clone3+0x2cb/0x350
[ 3302.754945][ T9736]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3302.760232][ T9736]  ? rcu_is_watching+0x15/0xb0
[ 3302.765015][ T9736]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3302.771011][ T9736]  ? exc_page_fault+0x587/0x870
[ 3302.775868][ T9736]  ? do_syscall_64+0xb4/0x240
[ 3302.780558][ T9736]  do_syscall_64+0xf9/0x240
[ 3302.785077][ T9736]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3302.790982][ T9736] RIP: 0033:0x7fa2eb4a9b99
[ 3302.795396][ T9736] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3302.815092][ T9736] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3302.823504][ T9736] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3302.831471][ T9736] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3302.839439][ T9736] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3302.847417][ T9736] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3302.855385][ T9736] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3302.863367][ T9736]  </TASK>
[ 3302.882324][ T9736] memory: usage 307200kB, limit 307200kB, failcnt 350864
[ 3302.889801][ T9736] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3302.898745][ T9736] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3302.906521][ T9736] Memory cgroup stats for /syz3:
[ 3302.906599][ T9736] cache 0
[ 3302.914958][ T9736] rss 0
[ 3302.917738][ T9736] rss_huge 0
[ 3302.920918][ T9736] shmem 0
[ 3302.924453][ T9736] mapped_file 0
[ 3302.927928][ T9736] dirty 0
[ 3302.931190][ T9736] writeback 0
[ 3302.934784][ T9736] workingset_refault_anon 270039
[ 3302.939724][ T9736] workingset_refault_file 72
[ 3302.944656][ T9736] swap 819200
[ 3302.947967][ T9736] swapcached 0
[ 3302.951350][ T9736] pgpgin 1969344
[ 3302.955530][ T9736] pgpgout 1969344
[ 3302.959175][ T9736] pgfault 3443559
[ 3302.962813][ T9736] pgmajfault 221024
[ 3302.967031][ T9736] inactive_anon 0
[ 3302.970675][ T9736] active_anon 0
[ 3302.975109][ T9736] inactive_file 0
[ 3302.978762][ T9736] active_file 0
[ 3302.982205][ T9736] unevictable 0
[ 3302.987219][ T9736] hierarchical_memory_limit 314572800
[ 3302.992614][ T9736] hierarchical_memsw_limit 9223372036854771712
[ 3302.999738][ T9736] total_cache 0
[ 3303.003230][ T9736] total_rss 0
[ 3303.007062][ T9736] total_rss_huge 0
[ 3303.010863][ T9736] total_shmem 0
[ 3303.015213][ T9736] total_mapped_file 0
[ 3303.019215][ T9736] total_dirty 0
[ 3303.022680][ T9736] total_writeback 0
[ 3303.027043][ T9736] total_workingset_refault_anon 270039
[ 3303.032498][ T9736] total_workingset_refault_file 72
[ 3303.038012][ T9736] total_swap 819200
[ 3303.041814][ T9736] total_swapcached 0
[ 3303.046888][ T9736] total_pgpgin 1969344
[ 3303.050982][ T9736] total_pgpgout 1969344
[ 3303.055870][ T9736] total_pgfault 3443559
[ 3303.060032][ T9736] total_pgmajfault 221024
[ 3303.065134][ T9736] total_inactive_anon 0
[ 3303.069315][ T9736] total_active_anon 0
[ 3303.073315][ T9736] total_inactive_file 0
[ 3303.078723][ T9736] total_active_file 0
[ 3303.082713][ T9736] total_unevictable 0
[ 3303.087547][ T9736] anon_cost 0
[ 3303.090856][ T9736] file_cost 0
10:59:54 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x700}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3303.095165][ T9736] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9736,uid=0
[ 3303.112351][ T9736] Memory cgroup out of memory: Killed process 9736 (syz-executor.3) total-vm:54508kB, anon-rss:372kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3303.341017][ T9737] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3303.351933][ T9737] CPU: 0 PID: 9737 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3303.362299][ T9737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3303.372376][ T9737] Call Trace:
[ 3303.375709][ T9737]  <TASK>
[ 3303.378663][ T9737]  dump_stack_lvl+0x1e7/0x2e0
[ 3303.383382][ T9737]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3303.388609][ T9737]  ? __pfx__printk+0x10/0x10
[ 3303.393224][ T9737]  ? ___ratelimit+0x4c4/0x670
[ 3303.397983][ T9737]  ? __pfx____ratelimit+0x10/0x10
[ 3303.403044][ T9737]  dump_header+0xda/0x6a0
[ 3303.407410][ T9737]  oom_kill_process+0x3a7/0x930
[ 3303.412298][ T9737]  out_of_memory+0xf67/0x1320
[ 3303.417024][ T9737]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3303.422690][ T9737]  ? __pfx___mutex_lock+0x10/0x10
[ 3303.427837][ T9737]  ? __pfx_out_of_memory+0x10/0x10
[ 3303.432992][ T9737]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3303.438568][ T9737]  ? __pfx_lock_release+0x10/0x10
[ 3303.443632][ T9737]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3303.449732][ T9737]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3303.454963][ T9737]  ? mem_cgroup_iter+0x422/0x560
[ 3303.459939][ T9737]  try_charge_memcg+0xda2/0x18a0
[ 3303.464932][ T9737]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3303.470334][ T9737]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3303.476079][ T9737]  ? __pfx_lock_release+0x10/0x10
[ 3303.481131][ T9737]  ? memcg_account_kmem+0x1e7/0x210
[ 3303.486367][ T9737]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3303.492200][ T9737]  __memcg_kmem_charge_page+0xe1/0x250
[ 3303.497694][ T9737]  memcg_charge_kernel_stack+0x11c/0x550
[ 3303.503354][ T9737]  dup_task_struct+0x40d/0x7d0
[ 3303.508157][ T9737]  copy_process+0x5d5/0x3fc0
[ 3303.512784][ T9737]  ? __might_fault+0xa9/0x120
[ 3303.517490][ T9737]  ? __pfx_lock_release+0x10/0x10
[ 3303.522554][ T9737]  ? __pfx_copy_process+0x10/0x10
[ 3303.527702][ T9737]  ? __might_fault+0xc5/0x120
[ 3303.532419][ T9737]  ? __asan_memset+0x23/0x50
[ 3303.537044][ T9737]  kernel_clone+0x21d/0x8d0
[ 3303.541578][ T9737]  ? __pfx_kernel_clone+0x10/0x10
[ 3303.546651][ T9737]  __se_sys_clone3+0x2cb/0x350
[ 3303.551447][ T9737]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3303.556766][ T9737]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3303.562782][ T9737]  ? exc_page_fault+0x587/0x870
[ 3303.567674][ T9737]  ? do_syscall_64+0xb4/0x240
[ 3303.572388][ T9737]  do_syscall_64+0xf9/0x240
[ 3303.576927][ T9737]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3303.582858][ T9737] RIP: 0033:0x7fa2eb4a9b99
[ 3303.587296][ T9737] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3303.606929][ T9737] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3303.615372][ T9737] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3303.623365][ T9737] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3303.631359][ T9737] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3303.639440][ T9737] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3303.647431][ T9737] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3303.655535][ T9737]  </TASK>
[ 3303.667374][ T9737] memory: usage 307188kB, limit 307200kB, failcnt 351749
[ 3303.674793][ T9737] memory+swap: usage 307984kB, limit 9007199254740988kB, failcnt 0
[ 3303.682732][ T9737] kmem: usage 307176kB, limit 9007199254740988kB, failcnt 0
[ 3303.691762][ T9737] Memory cgroup stats for /syz3:
[ 3303.692015][ T9737] cache 0
[ 3303.700213][ T9737] rss 0
[ 3303.702983][ T9737] rss_huge 0
[ 3303.706531][ T9737] shmem 0
[ 3303.709520][ T9737] mapped_file 0
[ 3303.712985][ T9737] dirty 0
[ 3303.715097][ T6454] Bluetooth: hci8: command 0x041b tx timeout
[ 3303.717030][ T9737] writeback 0
[ 3303.725580][ T9737] workingset_refault_anon 270328
[ 3303.730679][ T9737] workingset_refault_file 72
[ 3303.735722][ T9737] swap 819200
[ 3303.739022][ T9737] swapcached 0
[ 3303.742393][ T9737] pgpgin 1969646
[ 3303.746513][ T9737] pgpgout 1969646
[ 3303.750179][ T9737] pgfault 3443974
[ 3303.754153][ T9737] pgmajfault 221285
[ 3303.758075][ T9737] inactive_anon 0
[ 3303.761803][ T9737] active_anon 0
[ 3303.765752][ T9737] inactive_file 0
[ 3303.769402][ T9737] active_file 0
[ 3303.772950][ T9737] unevictable 0
[ 3303.777210][ T9737] hierarchical_memory_limit 314572800
[ 3303.782658][ T9737] hierarchical_memsw_limit 9223372036854771712
[ 3303.792844][ T9737] total_cache 0
[ 3303.796766][ T9737] total_rss 0
[ 3303.800111][ T9737] total_rss_huge 0
[ 3303.804101][ T9737] total_shmem 0
[ 3303.809326][ T9737] total_mapped_file 0
[ 3303.813343][ T9737] total_dirty 0
[ 3303.817991][ T9737] total_writeback 0
[ 3303.821826][ T9737] total_workingset_refault_anon 270328
[ 3303.828061][ T9737] total_workingset_refault_file 72
[ 3303.833179][ T9737] total_swap 819200
[ 3303.838261][ T9737] total_swapcached 0
[ 3303.842220][ T9737] total_pgpgin 1969646
[ 3303.847987][ T9737] total_pgpgout 1969646
[ 3303.852188][ T9737] total_pgfault 3443974
[ 3303.860098][ T9737] total_pgmajfault 221285
[ 3303.865271][ T9737] total_inactive_anon 0
[ 3303.869444][ T9737] total_active_anon 0
[ 3303.873446][ T9737] total_inactive_file 0
[ 3303.878318][ T9737] total_active_file 0
[ 3303.882326][ T9737] total_unevictable 0
[ 3303.888166][ T9737] anon_cost 0
10:59:55 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x900}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3303.891463][ T9737] file_cost 0
[ 3303.896692][ T9737] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9737,uid=0
[ 3303.912446][ T9737] Memory cgroup out of memory: Killed process 9737 (syz-executor.3) total-vm:54508kB, anon-rss:372kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3304.170092][ T9738] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3304.180606][ T9738] CPU: 0 PID: 9738 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3304.190960][ T9738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3304.201020][ T9738] Call Trace:
[ 3304.204300][ T9738]  <TASK>
[ 3304.207226][ T9738]  dump_stack_lvl+0x1e7/0x2e0
[ 3304.211898][ T9738]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3304.217093][ T9738]  ? __pfx__printk+0x10/0x10
[ 3304.221671][ T9738]  ? ___ratelimit+0x4c4/0x670
[ 3304.226339][ T9738]  ? __pfx____ratelimit+0x10/0x10
[ 3304.231373][ T9738]  dump_header+0xda/0x6a0
[ 3304.235741][ T9738]  oom_kill_process+0x3a7/0x930
[ 3304.240623][ T9738]  out_of_memory+0xf67/0x1320
[ 3304.245321][ T9738]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3304.250974][ T9738]  ? __pfx___mutex_lock+0x10/0x10
[ 3304.256019][ T9738]  ? __pfx_out_of_memory+0x10/0x10
[ 3304.261155][ T9738]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3304.266718][ T9738]  ? __pfx_lock_release+0x10/0x10
[ 3304.271741][ T9738]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3304.277811][ T9738]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3304.283000][ T9738]  ? mem_cgroup_iter+0x422/0x560
[ 3304.287949][ T9738]  try_charge_memcg+0xda2/0x18a0
[ 3304.292923][ T9738]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3304.298300][ T9738]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3304.304020][ T9738]  ? __pfx_lock_release+0x10/0x10
[ 3304.309058][ T9738]  ? memcg_account_kmem+0x1e7/0x210
[ 3304.314254][ T9738]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3304.320048][ T9738]  __memcg_kmem_charge_page+0xe1/0x250
[ 3304.325501][ T9738]  memcg_charge_kernel_stack+0x196/0x550
[ 3304.331136][ T9738]  dup_task_struct+0x15d/0x7d0
[ 3304.335909][ T9738]  copy_process+0x5d5/0x3fc0
[ 3304.340531][ T9738]  ? __might_fault+0xa9/0x120
[ 3304.345220][ T9738]  ? __pfx_lock_release+0x10/0x10
[ 3304.350244][ T9738]  ? __pfx_copy_process+0x10/0x10
[ 3304.355257][ T9738]  ? __might_fault+0xc5/0x120
[ 3304.359924][ T9738]  ? __asan_memset+0x23/0x50
[ 3304.364510][ T9738]  kernel_clone+0x21d/0x8d0
[ 3304.369004][ T9738]  ? __pfx_kernel_clone+0x10/0x10
[ 3304.374026][ T9738]  __se_sys_clone3+0x2cb/0x350
[ 3304.378779][ T9738]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3304.384082][ T9738]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3304.390095][ T9738]  ? exc_page_fault+0x587/0x870
[ 3304.394961][ T9738]  ? do_syscall_64+0xb4/0x240
[ 3304.399633][ T9738]  do_syscall_64+0xf9/0x240
[ 3304.404131][ T9738]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3304.410022][ T9738] RIP: 0033:0x7fa2eb4a9b99
[ 3304.414431][ T9738] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3304.434045][ T9738] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3304.442484][ T9738] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3304.450469][ T9738] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3304.458435][ T9738] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3304.466396][ T9738] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3304.474357][ T9738] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3304.482327][ T9738]  </TASK>
[ 3304.489102][ T9738] memory: usage 307200kB, limit 307200kB, failcnt 352204
[ 3304.496506][ T9738] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3304.504870][ T9738] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3304.512421][ T9738] Memory cgroup stats for /syz3:
[ 3304.512547][ T9738] cache 0
[ 3304.521008][ T9738] rss 8192
[ 3304.524400][ T9738] rss_huge 0
[ 3304.527598][ T9738] shmem 0
[ 3304.530515][ T9738] mapped_file 0
[ 3304.534314][ T9738] dirty 0
[ 3304.537264][ T9738] writeback 0
[ 3304.540558][ T9738] workingset_refault_anon 270490
[ 3304.546055][ T9738] workingset_refault_file 72
[ 3304.550640][ T9738] swap 811008
[ 3304.554270][ T9738] swapcached 0
[ 3304.557662][ T9738] pgpgin 1969819
[ 3304.561212][ T9738] pgpgout 1969817
[ 3304.565171][ T9738] pgfault 3444222
[ 3304.568811][ T9738] pgmajfault 221439
[ 3304.572614][ T9738] inactive_anon 0
[ 3304.576773][ T9738] active_anon 8192
[ 3304.580488][ T9738] inactive_file 0
[ 3304.584463][ T9738] active_file 0
[ 3304.587935][ T9738] unevictable 0
[ 3304.591391][ T9738] hierarchical_memory_limit 314572800
[ 3304.598717][ T9738] hierarchical_memsw_limit 9223372036854771712
[ 3304.605371][ T9738] total_cache 0
[ 3304.608845][ T9738] total_rss 8192
[ 3304.612559][ T9738] total_rss_huge 0
[ 3304.616672][ T9738] total_shmem 0
[ 3304.620147][ T9738] total_mapped_file 0
[ 3304.624480][ T9738] total_dirty 0
[ 3304.627976][ T9738] total_writeback 0
[ 3304.631805][ T9738] total_workingset_refault_anon 270490
[ 3304.637782][ T9738] total_workingset_refault_file 72
[ 3304.642902][ T9738] total_swap 811008
[ 3304.647069][ T9738] total_swapcached 0
[ 3304.650978][ T9738] total_pgpgin 1969819
[ 3304.655375][ T9738] total_pgpgout 1969817
[ 3304.659540][ T9738] total_pgfault 3444222
[ 3304.663677][ T9738] total_pgmajfault 221439
[ 3304.668543][ T9738] total_inactive_anon 0
[ 3304.672690][ T9738] total_active_anon 8192
[ 3304.677380][ T9738] total_inactive_file 0
[ 3304.681550][ T9738] total_active_file 0
[ 3304.685777][ T9738] total_unevictable 0
[ 3304.689744][ T9738] anon_cost 0
[ 3304.693009][ T9738] file_cost 0
[ 3304.696763][ T9738] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9738,uid=0
10:59:56 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xa00}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3304.713730][ T9738] Memory cgroup out of memory: Killed process 9738 (syz-executor.3) total-vm:54508kB, anon-rss:372kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3304.970594][ T9739] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3304.981033][ T9739] CPU: 0 PID: 9739 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3304.991377][ T9739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3305.001447][ T9739] Call Trace:
[ 3305.004717][ T9739]  <TASK>
[ 3305.007639][ T9739]  dump_stack_lvl+0x1e7/0x2e0
[ 3305.012307][ T9739]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3305.017497][ T9739]  ? __pfx__printk+0x10/0x10
[ 3305.022081][ T9739]  ? ___ratelimit+0x4c4/0x670
[ 3305.026756][ T9739]  ? __pfx____ratelimit+0x10/0x10
[ 3305.031770][ T9739]  dump_header+0xda/0x6a0
[ 3305.036104][ T9739]  oom_kill_process+0x3a7/0x930
[ 3305.040965][ T9739]  out_of_memory+0xf67/0x1320
[ 3305.045643][ T9739]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3305.051273][ T9739]  ? __pfx___mutex_lock+0x10/0x10
[ 3305.056299][ T9739]  ? __pfx_out_of_memory+0x10/0x10
[ 3305.061410][ T9739]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3305.066954][ T9739]  ? __pfx_lock_release+0x10/0x10
[ 3305.071974][ T9739]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3305.078036][ T9739]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3305.083227][ T9739]  ? mem_cgroup_iter+0x422/0x560
[ 3305.088169][ T9739]  try_charge_memcg+0xda2/0x18a0
[ 3305.093119][ T9739]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3305.098487][ T9739]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3305.104204][ T9739]  ? __pfx_lock_release+0x10/0x10
[ 3305.109228][ T9739]  ? memcg_account_kmem+0x1e7/0x210
[ 3305.114434][ T9739]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3305.120234][ T9739]  __memcg_kmem_charge_page+0xe1/0x250
[ 3305.125703][ T9739]  memcg_charge_kernel_stack+0x196/0x550
[ 3305.131338][ T9739]  dup_task_struct+0x15d/0x7d0
[ 3305.136102][ T9739]  copy_process+0x5d5/0x3fc0
[ 3305.140700][ T9739]  ? __might_fault+0xa9/0x120
[ 3305.145372][ T9739]  ? __pfx_lock_release+0x10/0x10
[ 3305.150396][ T9739]  ? __lock_acquire+0x1345/0x1fd0
[ 3305.155421][ T9739]  ? __pfx_copy_process+0x10/0x10
[ 3305.160442][ T9739]  ? __might_fault+0xc5/0x120
[ 3305.165120][ T9739]  ? __asan_memset+0x23/0x50
[ 3305.169713][ T9739]  kernel_clone+0x21d/0x8d0
[ 3305.174217][ T9739]  ? __pfx_kernel_clone+0x10/0x10
[ 3305.179240][ T9739]  ? __pfx_lock_release+0x10/0x10
[ 3305.184281][ T9739]  __se_sys_clone3+0x2cb/0x350
[ 3305.189054][ T9739]  ? __might_fault+0xa9/0x120
[ 3305.193733][ T9739]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3305.199013][ T9739]  ? rcu_is_watching+0x15/0xb0
[ 3305.203783][ T9739]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3305.209774][ T9739]  ? exc_page_fault+0x587/0x870
[ 3305.214640][ T9739]  ? do_syscall_64+0xb4/0x240
[ 3305.219315][ T9739]  do_syscall_64+0xf9/0x240
[ 3305.223826][ T9739]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3305.229719][ T9739] RIP: 0033:0x7fa2eb4a9b99
[ 3305.234138][ T9739] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3305.253752][ T9739] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3305.262188][ T9739] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3305.270166][ T9739] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3305.278147][ T9739] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3305.286124][ T9739] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3305.294100][ T9739] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3305.302080][ T9739]  </TASK>
[ 3305.310660][ T9739] memory: usage 307200kB, limit 307200kB, failcnt 352705
[ 3305.318429][ T9739] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3305.326750][ T9739] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3305.342270][ T9739] Memory cgroup stats for /syz3:
[ 3305.342374][ T9739] cache 0
[ 3305.350759][ T9739] rss 4096
[ 3305.353766][ T9739] rss_huge 0
[ 3305.357331][ T9739] shmem 0
[ 3305.360282][ T9739] mapped_file 0
[ 3305.363737][ T9739] dirty 0
[ 3305.367141][ T9739] writeback 0
[ 3305.370476][ T9739] workingset_refault_anon 270671
[ 3305.375866][ T9739] workingset_refault_file 72
[ 3305.380558][ T9739] swap 815104
[ 3305.384275][ T9739] swapcached 0
[ 3305.387670][ T9739] pgpgin 1970012
[ 3305.391222][ T9739] pgpgout 1970011
[ 3305.395200][ T9739] pgfault 3444496
[ 3305.398851][ T9739] pgmajfault 221612
[ 3305.402776][ T9739] inactive_anon 0
[ 3305.406833][ T9739] active_anon 4096
[ 3305.410583][ T9739] inactive_file 0
[ 3305.414549][ T9739] active_file 0
[ 3305.418031][ T9739] unevictable 0
[ 3305.421477][ T9739] hierarchical_memory_limit 314572800
[ 3305.428301][ T9739] hierarchical_memsw_limit 9223372036854771712
[ 3305.436259][ T9739] total_cache 0
[ 3305.439758][ T9739] total_rss 4096
[ 3305.443319][ T9739] total_rss_huge 0
[ 3305.447446][ T9739] total_shmem 0
[ 3305.450921][ T9739] total_mapped_file 0
[ 3305.455282][ T9739] total_dirty 0
[ 3305.458758][ T9739] total_writeback 0
[ 3305.462573][ T9739] total_workingset_refault_anon 270671
[ 3305.468586][ T9739] total_workingset_refault_file 72
[ 3305.473755][ T9739] total_swap 815104
[ 3305.477936][ T9739] total_swapcached 0
[ 3305.481836][ T9739] total_pgpgin 1970012
[ 3305.486243][ T9739] total_pgpgout 1970011
[ 3305.490391][ T9739] total_pgfault 3444496
[ 3305.494862][ T9739] total_pgmajfault 221612
[ 3305.499292][ T9739] total_inactive_anon 0
[ 3305.503467][ T9739] total_active_anon 4096
[ 3305.508180][ T9739] total_inactive_file 0
[ 3305.512380][ T9739] total_active_file 0
[ 3305.516725][ T9739] total_unevictable 0
[ 3305.520727][ T9739] anon_cost 0
[ 3305.524443][ T9739] file_cost 0
[ 3305.527747][ T9739] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9739,uid=0
[ 3305.544998][ T9739] Memory cgroup out of memory: Killed process 9739 (syz-executor.3) total-vm:54508kB, anon-rss:372kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:59:57 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xb00}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3305.784597][ T6454] Bluetooth: hci8: command 0x040f tx timeout
[ 3305.806063][ T9740] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 3305.817866][ T9740] CPU: 1 PID: 9740 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3305.828212][ T9740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3305.838266][ T9740] Call Trace:
[ 3305.841542][ T9740]  <TASK>
[ 3305.844488][ T9740]  dump_stack_lvl+0x1e7/0x2e0
[ 3305.849188][ T9740]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3305.854405][ T9740]  ? __pfx__printk+0x10/0x10
[ 3305.859008][ T9740]  ? ___ratelimit+0x4c4/0x670
[ 3305.863691][ T9740]  ? __pfx____ratelimit+0x10/0x10
[ 3305.868722][ T9740]  dump_header+0xda/0x6a0
[ 3305.873061][ T9740]  oom_kill_process+0x3a7/0x930
[ 3305.877932][ T9740]  out_of_memory+0xf67/0x1320
[ 3305.882606][ T9740]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3305.888231][ T9740]  ? __pfx___mutex_lock+0x10/0x10
[ 3305.893256][ T9740]  ? __pfx_out_of_memory+0x10/0x10
[ 3305.898376][ T9740]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3305.903929][ T9740]  ? __pfx_lock_release+0x10/0x10
[ 3305.908964][ T9740]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3305.915032][ T9740]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3305.920228][ T9740]  ? mem_cgroup_iter+0x422/0x560
[ 3305.925165][ T9740]  try_charge_memcg+0xda2/0x18a0
[ 3305.930102][ T9740]  ? mark_lock+0x9a/0x350
[ 3305.934443][ T9740]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3305.939831][ T9740]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3305.945982][ T9740]  charge_memcg+0xa2/0x160
[ 3305.950408][ T9740]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3305.956472][ T9740]  __read_swap_cache_async+0x480/0x8b0
[ 3305.961933][ T9740]  ? mark_lock+0x9a/0x350
[ 3305.966268][ T9740]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3305.972254][ T9740]  swap_cluster_readahead+0x67c/0x810
[ 3305.977637][ T9740]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3305.983531][ T9740]  ? __pfx_lock_release+0x10/0x10
[ 3305.988560][ T9740]  ? xas_descend+0x37e/0x470
[ 3305.993153][ T9740]  swapin_readahead+0x1ea/0x1070
[ 3305.998092][ T9740]  ? filemap_get_entry+0x127/0x4e0
[ 3306.003209][ T9740]  ? __pfx_swapin_readahead+0x10/0x10
[ 3306.008588][ T9740]  ? __filemap_get_folio+0x935/0xbc0
[ 3306.013889][ T9740]  ? swap_cache_get_folio+0x9f/0x570
[ 3306.019270][ T9740]  do_swap_page+0x8ab/0x3da0
[ 3306.023866][ T9740]  ? __pte_offset_map+0x2c4/0x380
[ 3306.028905][ T9740]  ? do_swap_page+0x154/0x3da0
[ 3306.033661][ T9740]  ? __pfx_do_swap_page+0x10/0x10
[ 3306.038679][ T9740]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3306.044139][ T9740]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3306.049947][ T9740]  ? __pfx_validate_chain+0x10/0x10
[ 3306.055148][ T9740]  __handle_mm_fault+0x15e8/0x72d0
[ 3306.060276][ T9740]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3306.065738][ T9740]  ? mt_find+0x226/0x850
[ 3306.069979][ T9740]  ? __pfx_lock_release+0x10/0x10
[ 3306.075015][ T9740]  ? mt_find+0x62d/0x850
[ 3306.079254][ T9740]  ? mt_find+0x226/0x850
[ 3306.083509][ T9740]  ? find_vma+0x142/0x1c0
[ 3306.087839][ T9740]  ? __pfx_find_vma+0x10/0x10
[ 3306.092510][ T9740]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3306.098493][ T9740]  handle_mm_fault+0x3c1/0x8a0
[ 3306.103261][ T9740]  exc_page_fault+0x2ad/0x870
[ 3306.107945][ T9740]  asm_exc_page_fault+0x26/0x30
[ 3306.112795][ T9740] RIP: 0010:__get_user_8+0x11/0x20
[ 3306.117904][ T9740] Code: ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 3306.137508][ T9740] RSP: 0018:ffffc9000370fd78 EFLAGS: 00050202
[ 3306.143572][ T9740] RAX: 0000555557511da8 RBX: ffff88802bf56e78 RCX: ffffc9000370fc03
[ 3306.151546][ T9740] RDX: 0000000000000000 RSI: ffffffff8baac760 RDI: ffffffff8bfe6820
[ 3306.159517][ T9740] RBP: ffffc9000370fec0 R08: ffffffff8f855a6f R09: 1ffffffff1f0ab4d
[ 3306.167486][ T9740] R10: dffffc0000000000 R11: fffffbfff1f0ab4e R12: ffffc9000370fd80
[ 3306.175454][ T9740] R13: ffffc9000370ffd8 R14: dffffc0000000000 R15: ffff88802bf55940
[ 3306.183436][ T9740]  __rseq_handle_notify_resume+0x158/0x1490
[ 3306.189347][ T9740]  ? __pfx___rseq_handle_notify_resume+0x10/0x10
[ 3306.195683][ T9740]  ? irqentry_exit_to_user_mode+0x52/0x280
[ 3306.201492][ T9740]  irqentry_exit_to_user_mode+0xbb/0x280
[ 3306.207122][ T9740]  exc_page_fault+0x587/0x870
[ 3306.211801][ T9740]  asm_exc_page_fault+0x26/0x30
[ 3306.216650][ T9740] RIP: 0033:0x7fa2eb45edef
[ 3306.221065][ T9740] Code: fa 20 72 37 c5 fe 6f 06 48 83 fa 40 0f 87 b9 00 00 00 c5 fe 6f 4c 16 e0 c5 fe 7f 07 c5 fe 7f 4c 17 e0 0f 01 d6 75 04 c5 f8 77 <c3> c5 fc 77 c3 66 66 2e 0f 1f 84 00 00 00 00 00 90 83 fa 10 73 2d
[ 3306.240666][ T9740] RSP: 002b:00007fa2eb6cf988 EFLAGS: 00010242
[ 3306.246730][ T9740] RAX: 00007fa2ec1db598 RBX: 0000000000000128 RCX: 0000555557512910
[ 3306.254698][ T9740] RDX: 0000000000000020 RSI: 00007fa2eb51d5f0 RDI: 00007fa2ec1db578
[ 3306.262664][ T9740] RBP: 0000000000000020 R08: 0000000000000001 R09: 0000000000000000
[ 3306.270627][ T9740] R10: 0000000000021000 R11: 0000000000000149 R12: 0000000000000001
[ 3306.278620][ T9740] R13: 00007fa2ec0d5b60 R14: 0000000000000000 R15: 0000000000000001
[ 3306.286600][ T9740]  </TASK>
[ 3306.295897][ T9740] memory: usage 307200kB, limit 307200kB, failcnt 353138
[ 3306.302949][ T9740] memory+swap: usage 307984kB, limit 9007199254740988kB, failcnt 0
[ 3306.311365][ T9740] kmem: usage 307164kB, limit 9007199254740988kB, failcnt 0
[ 3306.319058][ T9740] Memory cgroup stats for /syz3:
[ 3306.319184][ T9740] cache 0
[ 3306.328021][ T9740] rss 16384
[ 3306.331152][ T9740] rss_huge 0
[ 3306.334777][ T9740] shmem 0
[ 3306.337756][ T9740] mapped_file 0
[ 3306.341221][ T9740] dirty 0
[ 3306.345096][ T9740] writeback 0
[ 3306.348401][ T9740] workingset_refault_anon 270825
[ 3306.353612][ T9740] workingset_refault_file 72
[ 3306.359029][ T9740] swap 802816
[ 3306.362339][ T9740] swapcached 0
[ 3306.366239][ T9740] pgpgin 1970180
[ 3306.369829][ T9740] pgpgout 1970176
[ 3306.373461][ T9740] pgfault 3444738
[ 3306.377502][ T9740] pgmajfault 221755
[ 3306.381326][ T9740] inactive_anon 0
[ 3306.385427][ T9740] active_anon 12288
[ 3306.389280][ T9740] inactive_file 0
[ 3306.392918][ T9740] active_file 0
[ 3306.396801][ T9740] unevictable 0
[ 3306.400279][ T9740] hierarchical_memory_limit 314572800
[ 3306.407715][ T9740] hierarchical_memsw_limit 9223372036854771712
[ 3306.414556][ T9740] total_cache 0
[ 3306.418088][ T9740] total_rss 16384
[ 3306.421723][ T9740] total_rss_huge 0
[ 3306.425969][ T9740] total_shmem 0
[ 3306.429454][ T9740] total_mapped_file 0
[ 3306.433460][ T9740] total_dirty 0
[ 3306.437373][ T9740] total_writeback 0
[ 3306.441199][ T9740] total_workingset_refault_anon 270825
[ 3306.447253][ T9740] total_workingset_refault_file 72
[ 3306.452378][ T9740] total_swap 802816
[ 3306.457115][ T9740] total_swapcached 0
[ 3306.461041][ T9740] total_pgpgin 1970180
[ 3306.465466][ T9740] total_pgpgout 1970176
[ 3306.469641][ T9740] total_pgfault 3444738
[ 3306.474491][ T9740] total_pgmajfault 221755
[ 3306.478886][ T9740] total_inactive_anon 0
[ 3306.483046][ T9740] total_active_anon 12288
[ 3306.487741][ T9740] total_inactive_file 0
[ 3306.491924][ T9740] total_active_file 0
[ 3306.496246][ T9740] total_unevictable 0
[ 3306.500232][ T9740] anon_cost 0
[ 3306.503506][ T9740] file_cost 0
[ 3306.507497][ T9740] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9740,uid=0
10:59:58 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xc00}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3306.525004][ T9740] Memory cgroup out of memory: Killed process 9740 (syz-executor.3) total-vm:54508kB, anon-rss:372kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3306.764522][ T9741] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3306.775442][ T9741] CPU: 0 PID: 9741 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3306.785794][ T9741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3306.795852][ T9741] Call Trace:
[ 3306.799122][ T9741]  <TASK>
[ 3306.802039][ T9741]  dump_stack_lvl+0x1e7/0x2e0
[ 3306.806721][ T9741]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3306.811926][ T9741]  ? __pfx__printk+0x10/0x10
[ 3306.816516][ T9741]  ? ___ratelimit+0x4c4/0x670
[ 3306.821190][ T9741]  ? __pfx____ratelimit+0x10/0x10
[ 3306.826210][ T9741]  dump_header+0xda/0x6a0
[ 3306.830566][ T9741]  oom_kill_process+0x3a7/0x930
[ 3306.835432][ T9741]  out_of_memory+0xf67/0x1320
[ 3306.840124][ T9741]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3306.845754][ T9741]  ? __pfx___mutex_lock+0x10/0x10
[ 3306.850786][ T9741]  ? __pfx_out_of_memory+0x10/0x10
[ 3306.855903][ T9741]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3306.861447][ T9741]  ? __pfx_lock_release+0x10/0x10
[ 3306.866486][ T9741]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3306.872569][ T9741]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3306.877766][ T9741]  ? mem_cgroup_iter+0x422/0x560
[ 3306.882702][ T9741]  try_charge_memcg+0xda2/0x18a0
[ 3306.887658][ T9741]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3306.893027][ T9741]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3306.898741][ T9741]  ? __pfx_lock_release+0x10/0x10
[ 3306.903766][ T9741]  ? memcg_account_kmem+0x1e7/0x210
[ 3306.908974][ T9741]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3306.914792][ T9741]  __memcg_kmem_charge_page+0xe1/0x250
[ 3306.920283][ T9741]  memcg_charge_kernel_stack+0x3f8/0x550
[ 3306.925926][ T9741]  dup_task_struct+0x40d/0x7d0
[ 3306.930693][ T9741]  copy_process+0x5d5/0x3fc0
[ 3306.935298][ T9741]  ? __might_fault+0xa9/0x120
[ 3306.939992][ T9741]  ? __pfx_lock_release+0x10/0x10
[ 3306.945038][ T9741]  ? __pfx_copy_process+0x10/0x10
[ 3306.950062][ T9741]  ? __might_fault+0xc5/0x120
[ 3306.954738][ T9741]  ? __asan_memset+0x23/0x50
[ 3306.959336][ T9741]  kernel_clone+0x21d/0x8d0
[ 3306.963848][ T9741]  ? __pfx_kernel_clone+0x10/0x10
[ 3306.968890][ T9741]  __se_sys_clone3+0x2cb/0x350
[ 3306.973662][ T9741]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3306.978953][ T9741]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3306.984945][ T9741]  ? exc_page_fault+0x587/0x870
[ 3306.989802][ T9741]  ? do_syscall_64+0xb4/0x240
[ 3306.994478][ T9741]  do_syscall_64+0xf9/0x240
[ 3306.998983][ T9741]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3307.004881][ T9741] RIP: 0033:0x7fa2eb4a9b99
[ 3307.009295][ T9741] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3307.029023][ T9741] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3307.037435][ T9741] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3307.045401][ T9741] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3307.053365][ T9741] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3307.061330][ T9741] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3307.069306][ T9741] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3307.077286][ T9741]  </TASK>
[ 3307.095047][ T9741] memory: usage 307200kB, limit 307200kB, failcnt 353581
[ 3307.102108][ T9741] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3307.112600][ T9741] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[ 3307.123862][ T9741] Memory cgroup stats for /syz3:
[ 3307.123993][ T9741] cache 0
[ 3307.131850][ T9741] rss 0
[ 3307.136011][ T9741] rss_huge 0
[ 3307.139230][ T9741] shmem 0
[ 3307.142170][ T9741] mapped_file 0
[ 3307.145876][ T9741] dirty 0
[ 3307.148819][ T9741] writeback 0
[ 3307.152083][ T9741] workingset_refault_anon 271018
[ 3307.157392][ T9741] workingset_refault_file 72
[ 3307.162047][ T9741] swap 819200
[ 3307.165748][ T9741] swapcached 0
[ 3307.169129][ T9741] pgpgin 1970387
[ 3307.173104][ T9741] pgpgout 1970387
[ 3307.177122][ T9741] pgfault 3445034
[ 3307.180767][ T9741] pgmajfault 221935
[ 3307.184948][ T9741] inactive_anon 0
[ 3307.188599][ T9741] active_anon 0
[ 3307.192068][ T9741] inactive_file 0
[ 3307.196278][ T9741] active_file 0
[ 3307.199753][ T9741] unevictable 0
[ 3307.203214][ T9741] hierarchical_memory_limit 314572800
[ 3307.208919][ T9741] hierarchical_memsw_limit 9223372036854771712
[ 3307.219387][ T9741] total_cache 0
[ 3307.222859][ T9741] total_rss 0
[ 3307.227229][ T9741] total_rss_huge 0
[ 3307.230979][ T9741] total_shmem 0
[ 3307.235420][ T9741] total_mapped_file 0
[ 3307.239436][ T9741] total_dirty 0
[ 3307.242909][ T9741] total_writeback 0
[ 3307.247709][ T9741] total_workingset_refault_anon 271018
[ 3307.253192][ T9741] total_workingset_refault_file 72
[ 3307.259007][ T9741] total_swap 819200
[ 3307.262813][ T9741] total_swapcached 0
[ 3307.267533][ T9741] total_pgpgin 1970387
[ 3307.271610][ T9741] total_pgpgout 1970387
[ 3307.276373][ T9741] total_pgfault 3445034
[ 3307.280544][ T9741] total_pgmajfault 221935
[ 3307.286052][ T9741] total_inactive_anon 0
[ 3307.290222][ T9741] total_active_anon 0
[ 3307.296471][ T9741] total_inactive_file 0
[ 3307.300666][ T9741] total_active_file 0
[ 3307.306455][ T9741] total_unevictable 0
[ 3307.310475][ T9741] anon_cost 0
[ 3307.313785][ T9741] file_cost 0
[ 3307.317684][ T9741] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9741,uid=0
[ 3307.333516][ T9741] Memory cgroup out of memory: Killed process 9741 (syz-executor.3) total-vm:54508kB, anon-rss:372kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:59:59 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xf00}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3307.616461][ T9742] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3307.627061][ T9742] CPU: 1 PID: 9742 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3307.637412][ T9742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3307.647498][ T9742] Call Trace:
[ 3307.650779][ T9742]  <TASK>
[ 3307.653714][ T9742]  dump_stack_lvl+0x1e7/0x2e0
[ 3307.658406][ T9742]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3307.663615][ T9742]  ? __pfx__printk+0x10/0x10
[ 3307.668199][ T9742]  ? ___ratelimit+0x4c4/0x670
[ 3307.672874][ T9742]  ? __pfx____ratelimit+0x10/0x10
[ 3307.677906][ T9742]  dump_header+0xda/0x6a0
[ 3307.682259][ T9742]  oom_kill_process+0x3a7/0x930
[ 3307.687120][ T9742]  out_of_memory+0xf67/0x1320
[ 3307.691795][ T9742]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3307.697444][ T9742]  ? __pfx___mutex_lock+0x10/0x10
[ 3307.702498][ T9742]  ? __pfx_out_of_memory+0x10/0x10
[ 3307.707634][ T9742]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3307.713182][ T9742]  ? __pfx_lock_release+0x10/0x10
[ 3307.718207][ T9742]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3307.724278][ T9742]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3307.729476][ T9742]  ? mem_cgroup_iter+0x422/0x560
[ 3307.734433][ T9742]  try_charge_memcg+0xda2/0x18a0
[ 3307.739406][ T9742]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3307.744780][ T9742]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3307.750496][ T9742]  ? __pfx_lock_release+0x10/0x10
[ 3307.755524][ T9742]  ? memcg_account_kmem+0x1e7/0x210
[ 3307.760727][ T9742]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3307.766530][ T9742]  __memcg_kmem_charge_page+0xe1/0x250
[ 3307.771990][ T9742]  memcg_charge_kernel_stack+0x196/0x550
[ 3307.777646][ T9742]  dup_task_struct+0x40d/0x7d0
[ 3307.782406][ T9742]  copy_process+0x5d5/0x3fc0
[ 3307.787011][ T9742]  ? __might_fault+0xa9/0x120
[ 3307.791687][ T9742]  ? __pfx_lock_release+0x10/0x10
[ 3307.796712][ T9742]  ? __lock_acquire+0x1345/0x1fd0
[ 3307.801739][ T9742]  ? __pfx_copy_process+0x10/0x10
[ 3307.806764][ T9742]  ? __might_fault+0xc5/0x120
[ 3307.811443][ T9742]  ? __asan_memset+0x23/0x50
[ 3307.816036][ T9742]  kernel_clone+0x21d/0x8d0
[ 3307.820541][ T9742]  ? __pfx_kernel_clone+0x10/0x10
[ 3307.825565][ T9742]  ? __pfx_lock_release+0x10/0x10
[ 3307.830594][ T9742]  __se_sys_clone3+0x2cb/0x350
[ 3307.835353][ T9742]  ? __might_fault+0xa9/0x120
[ 3307.840032][ T9742]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3307.845317][ T9742]  ? rcu_is_watching+0x15/0xb0
[ 3307.850088][ T9742]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3307.856077][ T9742]  ? exc_page_fault+0x587/0x870
[ 3307.860932][ T9742]  ? do_syscall_64+0xb4/0x240
[ 3307.865607][ T9742]  do_syscall_64+0xf9/0x240
[ 3307.870112][ T9742]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3307.876014][ T9742] RIP: 0033:0x7fa2eb4a9b99
[ 3307.880428][ T9742] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3307.900205][ T9742] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3307.908618][ T9742] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3307.916583][ T9742] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3307.924548][ T9742] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3307.932511][ T9742] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3307.940475][ T9742] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3307.948454][ T9742]  </TASK>
[ 3307.954142][ T6454] Bluetooth: hci8: command 0x0419 tx timeout
[ 3307.969814][ T9742] memory: usage 307192kB, limit 307200kB, failcnt 354114
[ 3307.977430][ T9742] memory+swap: usage 307980kB, limit 9007199254740988kB, failcnt 0
[ 3307.985661][ T9742] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3307.993216][ T9742] Memory cgroup stats for /syz3:
[ 3307.993340][ T9742] cache 0
[ 3308.001965][ T9742] rss 16384
[ 3308.005840][ T9742] rss_huge 0
[ 3308.009044][ T9742] shmem 0
[ 3308.011984][ T9742] mapped_file 0
[ 3308.016046][ T9742] dirty 0
[ 3308.019007][ T9742] writeback 0
[ 3308.022304][ T9742] workingset_refault_anon 271215
[ 3308.028000][ T9742] workingset_refault_file 72
[ 3308.032607][ T9742] swap 802816
[ 3308.036463][ T9742] swapcached 0
[ 3308.039842][ T9742] pgpgin 1970599
[ 3308.043377][ T9742] pgpgout 1970595
[ 3308.047340][ T9742] pgfault 3445331
[ 3308.050980][ T9742] pgmajfault 222122
[ 3308.055217][ T9742] inactive_anon 0
[ 3308.058857][ T9742] active_anon 8192
[ 3308.062565][ T9742] inactive_file 0
[ 3308.066803][ T9742] active_file 0
[ 3308.070272][ T9742] unevictable 0
[ 3308.073747][ T9742] hierarchical_memory_limit 314572800
[ 3308.080923][ T9742] hierarchical_memsw_limit 9223372036854771712
[ 3308.087485][ T9742] total_cache 0
[ 3308.090960][ T9742] total_rss 16384
[ 3308.095453][ T9742] total_rss_huge 0
[ 3308.099183][ T9742] total_shmem 0
[ 3308.102626][ T9742] total_mapped_file 0
[ 3308.107263][ T9742] total_dirty 0
[ 3308.110732][ T9742] total_writeback 0
[ 3308.114893][ T9742] total_workingset_refault_anon 271215
[ 3308.120392][ T9742] total_workingset_refault_file 72
[ 3308.126285][ T9742] total_swap 802816
[ 3308.130110][ T9742] total_swapcached 0
[ 3308.134480][ T9742] total_pgpgin 1970599
[ 3308.138556][ T9742] total_pgpgout 1970595
[ 3308.142703][ T9742] total_pgfault 3445331
[ 3308.147277][ T9742] total_pgmajfault 222122
[ 3308.151835][ T9742] total_inactive_anon 0
[ 3308.156888][ T9742] total_active_anon 8192
[ 3308.161189][ T9742] total_inactive_file 0
[ 3308.165956][ T9742] total_active_file 0
11:00:00 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x1100}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3308.169991][ T9742] total_unevictable 0
[ 3308.174476][ T9742] anon_cost 0
[ 3308.177834][ T9742] file_cost 0
[ 3308.181123][ T9742] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9742,uid=0
[ 3308.203741][ T9742] Memory cgroup out of memory: Killed process 9742 (syz-executor.3) total-vm:54508kB, anon-rss:372kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3308.442458][ T5114] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 3308.454495][ T5114] CPU: 0 PID: 5114 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3308.464856][ T5114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3308.474904][ T5114] Call Trace:
[ 3308.478181][ T5114]  <TASK>
[ 3308.481105][ T5114]  dump_stack_lvl+0x1e7/0x2e0
[ 3308.485787][ T5114]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3308.490982][ T5114]  ? __pfx__printk+0x10/0x10
[ 3308.495575][ T5114]  ? ___ratelimit+0x4c4/0x670
[ 3308.500256][ T5114]  ? __pfx____ratelimit+0x10/0x10
[ 3308.505299][ T5114]  dump_header+0xda/0x6a0
[ 3308.509662][ T5114]  oom_kill_process+0x3a7/0x930
[ 3308.514531][ T5114]  out_of_memory+0xf67/0x1320
[ 3308.519212][ T5114]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3308.524844][ T5114]  ? __pfx___mutex_lock+0x10/0x10
[ 3308.529865][ T5114]  ? __pfx_out_of_memory+0x10/0x10
[ 3308.534971][ T5114]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3308.540507][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3308.545529][ T5114]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3308.551592][ T5114]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3308.556803][ T5114]  ? mem_cgroup_iter+0x422/0x560
[ 3308.561762][ T5114]  try_charge_memcg+0xda2/0x18a0
[ 3308.566694][ T5114]  ? mark_lock+0x9a/0x350
[ 3308.571039][ T5114]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3308.576426][ T5114]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3308.582575][ T5114]  charge_memcg+0xa2/0x160
[ 3308.586994][ T5114]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3308.593057][ T5114]  __read_swap_cache_async+0x480/0x8b0
[ 3308.598514][ T5114]  ? mark_lock+0x9a/0x350
[ 3308.602847][ T5114]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3308.608842][ T5114]  swap_cluster_readahead+0x67c/0x810
[ 3308.614226][ T5114]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3308.620122][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3308.625149][ T5114]  ? xas_descend+0x37e/0x470
[ 3308.629744][ T5114]  swapin_readahead+0x1ea/0x1070
[ 3308.634679][ T5114]  ? filemap_get_entry+0x127/0x4e0
[ 3308.639798][ T5114]  ? __pfx_swapin_readahead+0x10/0x10
[ 3308.645180][ T5114]  ? __filemap_get_folio+0x935/0xbc0
[ 3308.650469][ T5114]  ? swap_cache_get_folio+0x9f/0x570
[ 3308.655762][ T5114]  do_swap_page+0x8ab/0x3da0
[ 3308.660351][ T5114]  ? __pte_offset_map+0x2c4/0x380
[ 3308.665379][ T5114]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3308.670573][ T5114]  ? do_swap_page+0x154/0x3da0
[ 3308.675332][ T5114]  ? __pfx_do_swap_page+0x10/0x10
[ 3308.680350][ T5114]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3308.685805][ T5114]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3308.691610][ T5114]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 3308.697942][ T5114]  __handle_mm_fault+0x15e8/0x72d0
[ 3308.703069][ T5114]  ? reacquire_held_locks+0x3eb/0x690
[ 3308.708444][ T5114]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3308.713922][ T5114]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 3308.719647][ T5114]  ? mtree_range_walk+0x6fd/0x8e0
[ 3308.724666][ T5114]  ? lock_vma_under_rcu+0x18a/0x730
[ 3308.729858][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3308.734883][ T5114]  ? lock_vma_under_rcu+0x2f9/0x730
[ 3308.740089][ T5114]  ? lock_vma_under_rcu+0x18a/0x730
[ 3308.745285][ T5114]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 3308.750831][ T5114]  handle_mm_fault+0x3c1/0x8a0
[ 3308.755599][ T5114]  exc_page_fault+0x456/0x870
[ 3308.760281][ T5114]  asm_exc_page_fault+0x26/0x30
[ 3308.765131][ T5114] RIP: 0033:0x7fa2eb4a91b8
[ 3308.769543][ T5114] Code: 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 44 89 c7 <48> 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8 c3 0f 1f
[ 3308.789141][ T5114] RSP: 002b:00007fa2eb6cfcf0 EFLAGS: 00010293
[ 3308.795205][ T5114] RAX: 0000000000000000 RBX: 00000000000067c2 RCX: 00007fa2eb4a91b5
[ 3308.803168][ T5114] RDX: 00007fa2eb6cfd30 RSI: 0000000000000000 RDI: 0000000000000000
[ 3308.811135][ T5114] RBP: 00007fa2eb6cfdbc R08: 0000000000000000 R09: 00007ffcc99b80b0
[ 3308.819100][ T5114] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 3308.827068][ T5114] R13: 0000000000327af2 R14: 0000000000327af2 R15: 0000000000000000
[ 3308.835045][ T5114]  </TASK>
[ 3308.852549][ T5114] memory: usage 307188kB, limit 307200kB, failcnt 354618
[ 3308.859878][ T5114] memory+swap: usage 307988kB, limit 9007199254740988kB, failcnt 0
[ 3308.868898][ T5114] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3308.876815][ T5114] Memory cgroup stats for /syz3:
[ 3308.876944][ T5114] cache 0
[ 3308.885500][ T5114] rss 0
[ 3308.888279][ T5114] rss_huge 0
[ 3308.891478][ T5114] shmem 0
[ 3308.895022][ T5114] mapped_file 0
[ 3308.898486][ T5114] dirty 0
[ 3308.901409][ T5114] writeback 0
[ 3308.905116][ T5114] workingset_refault_anon 271399
[ 3308.910059][ T5114] workingset_refault_file 72
[ 3308.915326][ T5114] swap 819200
[ 3308.918626][ T5114] swapcached 0
[ 3308.921997][ T5114] pgpgin 1970804
[ 3308.926425][ T5114] pgpgout 1970804
[ 3308.930070][ T5114] pgfault 3445622
[ 3308.933688][ T5114] pgmajfault 222289
[ 3308.937896][ T5114] inactive_anon 0
[ 3308.941535][ T5114] active_anon 0
[ 3308.947302][ T5114] inactive_file 0
[ 3308.950947][ T5114] active_file 0
[ 3308.955428][ T5114] unevictable 0
[ 3308.958902][ T5114] hierarchical_memory_limit 314572800
[ 3308.964825][ T5114] hierarchical_memsw_limit 9223372036854771712
[ 3308.971023][ T5114] total_cache 0
[ 3308.975052][ T5114] total_rss 0
[ 3308.978350][ T5114] total_rss_huge 0
[ 3308.982162][ T5114] total_shmem 0
[ 3308.986889][ T5114] total_mapped_file 0
[ 3308.990891][ T5114] total_dirty 0
[ 3308.995168][ T5114] total_writeback 0
[ 3308.998993][ T5114] total_workingset_refault_anon 271399
[ 3309.005225][ T5114] total_workingset_refault_file 72
[ 3309.010390][ T5114] total_swap 819200
[ 3309.015506][ T5114] total_swapcached 0
[ 3309.019413][ T5114] total_pgpgin 1970804
[ 3309.023460][ T5114] total_pgpgout 1970804
[ 3309.028190][ T5114] total_pgfault 3445622
[ 3309.032338][ T5114] total_pgmajfault 222289
[ 3309.037407][ T5114] total_inactive_anon 0
[ 3309.041570][ T5114] total_active_anon 0
[ 3309.046597][ T5114] total_inactive_file 0
[ 3309.050825][ T5114] total_active_file 0
[ 3309.058913][ T5114] total_unevictable 0
[ 3309.062904][ T5114] anon_cost 0
[ 3309.066569][ T5114] file_cost 0
[ 3309.069863][ T5114] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9743,uid=0
[ 3309.085841][ T5114] Memory cgroup out of memory: Killed process 9743 (syz-executor.3) total-vm:54508kB, anon-rss:372kB, file-rss:8704kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
11:00:00 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x1400}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3309.370737][ T9744] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3309.381496][ T9744] CPU: 1 PID: 9744 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3309.391835][ T9744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3309.401890][ T9744] Call Trace:
[ 3309.405179][ T9744]  <TASK>
[ 3309.408117][ T9744]  dump_stack_lvl+0x1e7/0x2e0
[ 3309.412800][ T9744]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3309.418274][ T9744]  ? __pfx__printk+0x10/0x10
[ 3309.422882][ T9744]  ? ___ratelimit+0x4c4/0x670
[ 3309.427564][ T9744]  ? __pfx____ratelimit+0x10/0x10
[ 3309.432601][ T9744]  dump_header+0xda/0x6a0
[ 3309.436947][ T9744]  oom_kill_process+0x3a7/0x930
[ 3309.441806][ T9744]  out_of_memory+0xf67/0x1320
[ 3309.446493][ T9744]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3309.452124][ T9744]  ? __pfx___mutex_lock+0x10/0x10
[ 3309.457152][ T9744]  ? __pfx_out_of_memory+0x10/0x10
[ 3309.462270][ T9744]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3309.467819][ T9744]  ? __pfx_lock_release+0x10/0x10
[ 3309.472846][ T9744]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3309.478923][ T9744]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3309.484131][ T9744]  ? mem_cgroup_iter+0x422/0x560
[ 3309.489075][ T9744]  try_charge_memcg+0xda2/0x18a0
[ 3309.494042][ T9744]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3309.499452][ T9744]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3309.505170][ T9744]  ? __pfx_lock_release+0x10/0x10
[ 3309.510221][ T9744]  ? memcg_account_kmem+0x1e7/0x210
[ 3309.515449][ T9744]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3309.521268][ T9744]  __memcg_kmem_charge_page+0xe1/0x250
[ 3309.526752][ T9744]  memcg_charge_kernel_stack+0x196/0x550
[ 3309.532407][ T9744]  dup_task_struct+0x40d/0x7d0
[ 3309.537181][ T9744]  copy_process+0x5d5/0x3fc0
[ 3309.541795][ T9744]  ? __might_fault+0xa9/0x120
[ 3309.546489][ T9744]  ? __pfx_lock_release+0x10/0x10
[ 3309.551523][ T9744]  ? __pfx_copy_process+0x10/0x10
[ 3309.556547][ T9744]  ? __might_fault+0xc5/0x120
[ 3309.561230][ T9744]  ? __asan_memset+0x23/0x50
[ 3309.565835][ T9744]  kernel_clone+0x21d/0x8d0
[ 3309.570347][ T9744]  ? __pfx_kernel_clone+0x10/0x10
[ 3309.575388][ T9744]  __se_sys_clone3+0x2cb/0x350
[ 3309.580157][ T9744]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3309.585452][ T9744]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3309.591441][ T9744]  ? exc_page_fault+0x587/0x870
[ 3309.596295][ T9744]  ? do_syscall_64+0xb4/0x240
[ 3309.600975][ T9744]  do_syscall_64+0xf9/0x240
[ 3309.605483][ T9744]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3309.611390][ T9744] RIP: 0033:0x7fa2eb4a9b99
[ 3309.615812][ T9744] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3309.635431][ T9744] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3309.643853][ T9744] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3309.651834][ T9744] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3309.659815][ T9744] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3309.667792][ T9744] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3309.675765][ T9744] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3309.683752][ T9744]  </TASK>
[ 3309.700637][ T9744] memory: usage 307192kB, limit 307200kB, failcnt 355175
[ 3309.711987][ T9744] memory+swap: usage 307980kB, limit 9007199254740988kB, failcnt 0
[ 3309.720641][ T9744] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3309.731413][ T9744] Memory cgroup stats for /syz3:
[ 3309.731513][ T9744] cache 0
[ 3309.739730][ T9744] rss 12288
[ 3309.742833][ T9744] rss_huge 0
[ 3309.746346][ T9744] shmem 0
[ 3309.749343][ T9744] mapped_file 0
[ 3309.752815][ T9744] dirty 0
[ 3309.756217][ T9744] writeback 0
[ 3309.759531][ T9744] workingset_refault_anon 271592
[ 3309.764923][ T9744] workingset_refault_file 72
[ 3309.769519][ T9744] swap 806912
[ 3309.772808][ T9744] swapcached 0
[ 3309.776521][ T9744] pgpgin 1971011
[ 3309.780161][ T9744] pgpgout 1971008
[ 3309.787609][ T9744] pgfault 3445912
[ 3309.791265][ T9744] pgmajfault 222475
[ 3309.795407][ T9744] inactive_anon 0
[ 3309.799062][ T9744] active_anon 12288
[ 3309.802893][ T9744] inactive_file 0
[ 3309.808211][ T9744] active_file 0
[ 3309.811702][ T9744] unevictable 0
[ 3309.815651][ T9744] hierarchical_memory_limit 314572800
[ 3309.821052][ T9744] hierarchical_memsw_limit 9223372036854771712
[ 3309.827595][ T9744] total_cache 0
[ 3309.831069][ T9744] total_rss 12288
[ 3309.835706][ T9744] total_rss_huge 0
[ 3309.839453][ T9744] total_shmem 0
[ 3309.842925][ T9744] total_mapped_file 0
[ 3309.847341][ T9744] total_dirty 0
[ 3309.850819][ T9744] total_writeback 0
[ 3309.854893][ T9744] total_workingset_refault_anon 271592
[ 3309.860355][ T9744] total_workingset_refault_file 72
[ 3309.866322][ T9744] total_swap 806912
[ 3309.870141][ T9744] total_swapcached 0
[ 3309.874613][ T9744] total_pgpgin 1971011
[ 3309.878692][ T9744] total_pgpgout 1971008
[ 3309.882847][ T9744] total_pgfault 3445912
[ 3309.887695][ T9744] total_pgmajfault 222475
[ 3309.892059][ T9744] total_inactive_anon 0
[ 3309.896745][ T9744] total_active_anon 12288
[ 3309.901094][ T9744] total_inactive_file 0
[ 3309.905838][ T9744] total_active_file 0
[ 3309.909866][ T9744] total_unevictable 0
[ 3309.915638][ T9744] anon_cost 0
[ 3309.918948][ T9744] file_cost 0
[ 3309.922235][ T9744] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9744,uid=0
[ 3309.939679][ T9744] Memory cgroup out of memory: Killed process 9744 (syz-executor.3) total-vm:54508kB, anon-rss:372kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
11:00:01 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x1500}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3310.261648][ T9745] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3310.273639][ T9745] CPU: 0 PID: 9745 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3310.284004][ T9745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3310.294068][ T9745] Call Trace:
[ 3310.297337][ T9745]  <TASK>
[ 3310.300256][ T9745]  dump_stack_lvl+0x1e7/0x2e0
[ 3310.304932][ T9745]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3310.310122][ T9745]  ? __pfx__printk+0x10/0x10
[ 3310.314714][ T9745]  ? ___ratelimit+0x4c4/0x670
[ 3310.319422][ T9745]  ? __pfx____ratelimit+0x10/0x10
[ 3310.324448][ T9745]  dump_header+0xda/0x6a0
[ 3310.328781][ T9745]  oom_kill_process+0x3a7/0x930
[ 3310.333637][ T9745]  out_of_memory+0xf67/0x1320
[ 3310.338315][ T9745]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3310.343948][ T9745]  ? __pfx___mutex_lock+0x10/0x10
[ 3310.348978][ T9745]  ? __pfx_out_of_memory+0x10/0x10
[ 3310.354101][ T9745]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3310.359721][ T9745]  ? __pfx_lock_release+0x10/0x10
[ 3310.364749][ T9745]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3310.370819][ T9745]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3310.376015][ T9745]  ? mem_cgroup_iter+0x422/0x560
[ 3310.380953][ T9745]  try_charge_memcg+0xda2/0x18a0
[ 3310.385921][ T9745]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3310.391289][ T9745]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3310.397003][ T9745]  ? __pfx_lock_release+0x10/0x10
[ 3310.402026][ T9745]  ? memcg_account_kmem+0x1e7/0x210
[ 3310.407232][ T9745]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3310.413036][ T9745]  __memcg_kmem_charge_page+0xe1/0x250
[ 3310.418512][ T9745]  memcg_charge_kernel_stack+0x196/0x550
[ 3310.424147][ T9745]  dup_task_struct+0x15d/0x7d0
[ 3310.428913][ T9745]  copy_process+0x5d5/0x3fc0
[ 3310.433507][ T9745]  ? __might_fault+0xa9/0x120
[ 3310.438203][ T9745]  ? __pfx_lock_release+0x10/0x10
[ 3310.443248][ T9745]  ? __pfx_copy_process+0x10/0x10
[ 3310.448294][ T9745]  ? __might_fault+0xc5/0x120
[ 3310.452991][ T9745]  ? __asan_memset+0x23/0x50
[ 3310.457592][ T9745]  kernel_clone+0x21d/0x8d0
[ 3310.462099][ T9745]  ? __pfx_kernel_clone+0x10/0x10
[ 3310.467138][ T9745]  __se_sys_clone3+0x2cb/0x350
[ 3310.471944][ T9745]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3310.477236][ T9745]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3310.483225][ T9745]  ? exc_page_fault+0x587/0x870
[ 3310.488079][ T9745]  ? do_syscall_64+0xb4/0x240
[ 3310.492758][ T9745]  do_syscall_64+0xf9/0x240
[ 3310.497267][ T9745]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3310.503160][ T9745] RIP: 0033:0x7fa2eb4a9b99
[ 3310.507576][ T9745] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3310.527181][ T9745] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3310.535592][ T9745] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3310.543562][ T9745] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3310.551531][ T9745] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3310.559512][ T9745] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3310.567484][ T9745] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3310.575463][ T9745]  </TASK>
[ 3310.591713][ T9745] memory: usage 307180kB, limit 307200kB, failcnt 355767
[ 3310.599422][ T9745] memory+swap: usage 307980kB, limit 9007199254740988kB, failcnt 0
[ 3310.608136][ T9745] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3310.622062][ T9745] Memory cgroup stats for /syz3:
[ 3310.622193][ T9745] cache 0
[ 3310.630403][ T9745] rss 8192
[ 3310.633414][ T9745] rss_huge 0
[ 3310.637115][ T9745] shmem 0
[ 3310.640062][ T9745] mapped_file 0
[ 3310.643502][ T9745] dirty 0
[ 3310.646802][ T9745] writeback 0
[ 3310.650091][ T9745] workingset_refault_anon 271822
[ 3310.655677][ T9745] workingset_refault_file 72
[ 3310.660274][ T9745] swap 811008
[ 3310.663543][ T9745] swapcached 0
[ 3310.667544][ T9745] pgpgin 1971256
[ 3310.671085][ T9745] pgpgout 1971254
[ 3310.675091][ T9745] pgfault 3446247
[ 3310.678729][ T9745] pgmajfault 222680
[ 3310.682517][ T9745] inactive_anon 0
[ 3310.688167][ T9745] active_anon 8192
[ 3310.691901][ T9745] inactive_file 0
[ 3310.695866][ T9745] active_file 0
[ 3310.699341][ T9745] unevictable 0
[ 3310.702821][ T9745] hierarchical_memory_limit 314572800
[ 3310.708578][ T9745] hierarchical_memsw_limit 9223372036854771712
[ 3310.715096][ T9745] total_cache 0
[ 3310.718567][ T9745] total_rss 8192
[ 3310.722112][ T9745] total_rss_huge 0
[ 3310.726431][ T9745] total_shmem 0
[ 3310.729912][ T9745] total_mapped_file 0
[ 3310.734252][ T9745] total_dirty 0
[ 3310.737721][ T9745] total_writeback 0
[ 3310.741534][ T9745] total_workingset_refault_anon 271822
[ 3310.747510][ T9745] total_workingset_refault_file 72
[ 3310.752626][ T9745] total_swap 811008
[ 3310.757329][ T9745] total_swapcached 0
[ 3310.761237][ T9745] total_pgpgin 1971256
[ 3310.765566][ T9745] total_pgpgout 1971254
[ 3310.769731][ T9745] total_pgfault 3446247
[ 3310.774273][ T9745] total_pgmajfault 222680
[ 3310.778713][ T9745] total_inactive_anon 0
[ 3310.782879][ T9745] total_active_anon 8192
[ 3310.787679][ T9745] total_inactive_file 0
[ 3310.791827][ T9745] total_active_file 0
[ 3310.797181][ T9745] total_unevictable 0
[ 3310.801162][ T9745] anon_cost 0
[ 3310.804810][ T9745] file_cost 0
11:00:02 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x1f00}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3310.808190][ T9745] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9745,uid=0
[ 3310.824383][ T9745] Memory cgroup out of memory: Killed process 9745 (syz-executor.3) total-vm:54508kB, anon-rss:372kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3311.086674][ T9746] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3311.097172][ T9746] CPU: 0 PID: 9746 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3311.107525][ T9746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3311.117583][ T9746] Call Trace:
[ 3311.120852][ T9746]  <TASK>
[ 3311.123770][ T9746]  dump_stack_lvl+0x1e7/0x2e0
[ 3311.128452][ T9746]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3311.133644][ T9746]  ? __pfx__printk+0x10/0x10
[ 3311.138225][ T9746]  ? ___ratelimit+0x4c4/0x670
[ 3311.143068][ T9746]  ? __pfx____ratelimit+0x10/0x10
[ 3311.148084][ T9746]  dump_header+0xda/0x6a0
[ 3311.152412][ T9746]  oom_kill_process+0x3a7/0x930
[ 3311.157274][ T9746]  out_of_memory+0xf67/0x1320
[ 3311.161987][ T9746]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3311.167642][ T9746]  ? __pfx___mutex_lock+0x10/0x10
[ 3311.172687][ T9746]  ? __pfx_out_of_memory+0x10/0x10
[ 3311.177973][ T9746]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3311.183507][ T9746]  ? __pfx_lock_release+0x10/0x10
[ 3311.188521][ T9746]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3311.194581][ T9746]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3311.199769][ T9746]  ? mem_cgroup_iter+0x422/0x560
[ 3311.204721][ T9746]  try_charge_memcg+0xda2/0x18a0
[ 3311.209701][ T9746]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3311.215087][ T9746]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3311.220810][ T9746]  ? __pfx_lock_release+0x10/0x10
[ 3311.225859][ T9746]  ? memcg_account_kmem+0x1e7/0x210
[ 3311.231071][ T9746]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3311.236881][ T9746]  __memcg_kmem_charge_page+0xe1/0x250
[ 3311.242350][ T9746]  memcg_charge_kernel_stack+0x196/0x550
[ 3311.247988][ T9746]  dup_task_struct+0x40d/0x7d0
[ 3311.252756][ T9746]  copy_process+0x5d5/0x3fc0
[ 3311.257359][ T9746]  ? __might_fault+0xa9/0x120
[ 3311.262038][ T9746]  ? __pfx_lock_release+0x10/0x10
[ 3311.267077][ T9746]  ? __pfx_copy_process+0x10/0x10
[ 3311.272112][ T9746]  ? __might_fault+0xc5/0x120
[ 3311.276810][ T9746]  ? __asan_memset+0x23/0x50
[ 3311.281419][ T9746]  kernel_clone+0x21d/0x8d0
[ 3311.285933][ T9746]  ? __pfx_kernel_clone+0x10/0x10
[ 3311.290973][ T9746]  __se_sys_clone3+0x2cb/0x350
[ 3311.295743][ T9746]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3311.301046][ T9746]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3311.307047][ T9746]  ? exc_page_fault+0x587/0x870
[ 3311.311990][ T9746]  ? do_syscall_64+0xb4/0x240
[ 3311.316672][ T9746]  do_syscall_64+0xf9/0x240
[ 3311.321178][ T9746]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3311.327074][ T9746] RIP: 0033:0x7fa2eb4a9b99
[ 3311.331484][ T9746] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3311.351086][ T9746] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3311.359499][ T9746] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3311.367467][ T9746] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3311.375436][ T9746] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3311.383443][ T9746] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3311.391413][ T9746] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3311.399437][ T9746]  </TASK>
[ 3311.414297][ T9746] memory: usage 307180kB, limit 307200kB, failcnt 356263
[ 3311.423473][ T9746] memory+swap: usage 307980kB, limit 9007199254740988kB, failcnt 0
[ 3311.431895][ T9746] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3311.439524][ T9746] Memory cgroup stats for /syz3:
[ 3311.439604][ T9746] cache 0
[ 3311.447794][ T9746] rss 0
[ 3311.450548][ T9746] rss_huge 0
[ 3311.453731][ T9746] shmem 0
[ 3311.457035][ T9746] mapped_file 0
[ 3311.460504][ T9746] dirty 0
[ 3311.463446][ T9746] writeback 0
[ 3311.467154][ T9746] workingset_refault_anon 272008
[ 3311.472583][ T9746] workingset_refault_file 72
[ 3311.477597][ T9746] swap 819200
[ 3311.480897][ T9746] swapcached 0
[ 3311.484599][ T9746] pgpgin 1971454
[ 3311.488151][ T9746] pgpgout 1971454
[ 3311.491767][ T9746] pgfault 3446529
[ 3311.495928][ T9746] pgmajfault 222856
[ 3311.499745][ T9746] inactive_anon 0
[ 3311.503362][ T9746] active_anon 0
[ 3311.507222][ T9746] inactive_file 0
[ 3311.510870][ T9746] active_file 0
[ 3311.514851][ T9746] unevictable 0
[ 3311.518327][ T9746] hierarchical_memory_limit 314572800
[ 3311.523700][ T9746] hierarchical_memsw_limit 9223372036854771712
[ 3311.533839][ T9746] total_cache 0
[ 3311.538396][ T9746] total_rss 0
[ 3311.541697][ T9746] total_rss_huge 0
[ 3311.546368][ T9746] total_shmem 0
[ 3311.549848][ T9746] total_mapped_file 0
[ 3311.554376][ T9746] total_dirty 0
[ 3311.557847][ T9746] total_writeback 0
[ 3311.561637][ T9746] total_workingset_refault_anon 272008
[ 3311.567518][ T9746] total_workingset_refault_file 72
[ 3311.572652][ T9746] total_swap 819200
[ 3311.578182][ T9746] total_swapcached 0
[ 3311.582097][ T9746] total_pgpgin 1971454
[ 3311.586701][ T9746] total_pgpgout 1971454
[ 3311.590891][ T9746] total_pgfault 3446529
[ 3311.595640][ T9746] total_pgmajfault 222856
[ 3311.599984][ T9746] total_inactive_anon 0
[ 3311.604832][ T9746] total_active_anon 0
[ 3311.608832][ T9746] total_inactive_file 0
[ 3311.612981][ T9746] total_active_file 0
[ 3311.617644][ T9746] total_unevictable 0
[ 3311.621637][ T9746] anon_cost 0
[ 3311.625548][ T9746] file_cost 0
11:00:03 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x2000}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3311.628864][ T9746] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9746,uid=0
[ 3311.646276][ T9746] Memory cgroup out of memory: Killed process 9746 (syz-executor.3) total-vm:54508kB, anon-rss:372kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3311.918606][ T9747] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3311.929416][ T9747] CPU: 0 PID: 9747 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3311.939758][ T9747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3311.949815][ T9747] Call Trace:
[ 3311.953098][ T9747]  <TASK>
[ 3311.956025][ T9747]  dump_stack_lvl+0x1e7/0x2e0
[ 3311.960698][ T9747]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3311.965883][ T9747]  ? __pfx__printk+0x10/0x10
[ 3311.970462][ T9747]  ? ___ratelimit+0x4c4/0x670
[ 3311.975133][ T9747]  ? __pfx____ratelimit+0x10/0x10
[ 3311.980147][ T9747]  dump_header+0xda/0x6a0
[ 3311.984483][ T9747]  oom_kill_process+0x3a7/0x930
[ 3311.989362][ T9747]  out_of_memory+0xf67/0x1320
[ 3311.994071][ T9747]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3311.999717][ T9747]  ? __pfx___mutex_lock+0x10/0x10
[ 3312.004738][ T9747]  ? __pfx_out_of_memory+0x10/0x10
[ 3312.009842][ T9747]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3312.015376][ T9747]  ? __pfx_lock_release+0x10/0x10
[ 3312.020389][ T9747]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3312.026634][ T9747]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3312.031874][ T9747]  ? mem_cgroup_iter+0x422/0x560
[ 3312.036908][ T9747]  try_charge_memcg+0xda2/0x18a0
[ 3312.041895][ T9747]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3312.047294][ T9747]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3312.053019][ T9747]  ? __pfx_lock_release+0x10/0x10
[ 3312.058042][ T9747]  ? memcg_account_kmem+0x1e7/0x210
[ 3312.063233][ T9747]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3312.069027][ T9747]  __memcg_kmem_charge_page+0xe1/0x250
[ 3312.074507][ T9747]  memcg_charge_kernel_stack+0x196/0x550
[ 3312.080136][ T9747]  dup_task_struct+0x15d/0x7d0
[ 3312.084910][ T9747]  copy_process+0x5d5/0x3fc0
[ 3312.089549][ T9747]  ? __might_fault+0xa9/0x120
[ 3312.094247][ T9747]  ? __pfx_lock_release+0x10/0x10
[ 3312.099267][ T9747]  ? __pfx_copy_process+0x10/0x10
[ 3312.104276][ T9747]  ? __might_fault+0xc5/0x120
[ 3312.108943][ T9747]  ? __asan_memset+0x23/0x50
[ 3312.113521][ T9747]  kernel_clone+0x21d/0x8d0
[ 3312.118015][ T9747]  ? __pfx_kernel_clone+0x10/0x10
[ 3312.123037][ T9747]  __se_sys_clone3+0x2cb/0x350
[ 3312.127793][ T9747]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3312.133072][ T9747]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3312.139072][ T9747]  ? exc_page_fault+0x587/0x870
[ 3312.143941][ T9747]  ? do_syscall_64+0xb4/0x240
[ 3312.148634][ T9747]  do_syscall_64+0xf9/0x240
[ 3312.153151][ T9747]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3312.159042][ T9747] RIP: 0033:0x7fa2eb4a9b99
[ 3312.163443][ T9747] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3312.183050][ T9747] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3312.191472][ T9747] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3312.199451][ T9747] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3312.207411][ T9747] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3312.215370][ T9747] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3312.223343][ T9747] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3312.231333][ T9747]  </TASK>
[ 3312.242481][ T9747] memory: usage 307200kB, limit 307200kB, failcnt 356800
[ 3312.249799][ T9747] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3312.258242][ T9747] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3312.266208][ T9747] Memory cgroup stats for /syz3:
[ 3312.266334][ T9747] cache 0
[ 3312.274805][ T9747] rss 16384
[ 3312.277923][ T9747] rss_huge 0
[ 3312.281103][ T9747] shmem 0
[ 3312.284408][ T9747] mapped_file 0
[ 3312.287871][ T9747] dirty 0
[ 3312.290791][ T9747] writeback 0
[ 3312.294950][ T9747] workingset_refault_anon 272210
[ 3312.299914][ T9747] workingset_refault_file 72
[ 3312.304864][ T9747] swap 802816
[ 3312.308160][ T9747] swapcached 0
[ 3312.311524][ T9747] pgpgin 1971668
[ 3312.315404][ T9747] pgpgout 1971664
[ 3312.319038][ T9747] pgfault 3446849
[ 3312.322648][ T9747] pgmajfault 223056
[ 3312.327061][ T9747] inactive_anon 0
[ 3312.330698][ T9747] active_anon 16384
[ 3312.334855][ T9747] inactive_file 0
[ 3312.338490][ T9747] active_file 0
[ 3312.341928][ T9747] unevictable 0
[ 3312.347349][ T9747] hierarchical_memory_limit 314572800
[ 3312.352726][ T9747] hierarchical_memsw_limit 9223372036854771712
[ 3312.359513][ T9747] total_cache 0
[ 3312.362983][ T9747] total_rss 16384
[ 3312.366991][ T9747] total_rss_huge 0
[ 3312.370731][ T9747] total_shmem 0
[ 3312.374552][ T9747] total_mapped_file 0
[ 3312.378554][ T9747] total_dirty 0
[ 3312.382016][ T9747] total_writeback 0
[ 3312.386420][ T9747] total_workingset_refault_anon 272210
[ 3312.391886][ T9747] total_workingset_refault_file 72
[ 3312.397563][ T9747] total_swap 802816
[ 3312.401375][ T9747] total_swapcached 0
[ 3312.405615][ T9747] total_pgpgin 1971668
[ 3312.409682][ T9747] total_pgpgout 1971664
[ 3312.414447][ T9747] total_pgfault 3446849
[ 3312.418614][ T9747] total_pgmajfault 223056
[ 3312.422942][ T9747] total_inactive_anon 0
[ 3312.427643][ T9747] total_active_anon 16384
[ 3312.431988][ T9747] total_inactive_file 0
[ 3312.436360][ T9747] total_active_file 0
[ 3312.440336][ T9747] total_unevictable 0
[ 3312.444888][ T9747] anon_cost 0
[ 3312.448186][ T9747] file_cost 0
[ 3312.451487][ T9747] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9747,uid=0
11:00:04 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x4788}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3312.468853][ T9747] Memory cgroup out of memory: Killed process 9747 (syz-executor.3) total-vm:54508kB, anon-rss:372kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3312.604433][ T9748] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 3312.616479][ T9748] CPU: 1 PID: 9748 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3312.626842][ T9748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3312.636895][ T9748] Call Trace:
[ 3312.640168][ T9748]  <TASK>
[ 3312.643094][ T9748]  dump_stack_lvl+0x1e7/0x2e0
[ 3312.647781][ T9748]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3312.653065][ T9748]  ? __pfx__printk+0x10/0x10
[ 3312.657648][ T9748]  ? ___ratelimit+0x4c4/0x670
[ 3312.662328][ T9748]  ? __pfx____ratelimit+0x10/0x10
[ 3312.667353][ T9748]  dump_header+0xda/0x6a0
[ 3312.671685][ T9748]  oom_kill_process+0x3a7/0x930
[ 3312.676535][ T9748]  out_of_memory+0xf67/0x1320
[ 3312.681213][ T9748]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3312.686846][ T9748]  ? __pfx___mutex_lock+0x10/0x10
[ 3312.691872][ T9748]  ? __pfx_out_of_memory+0x10/0x10
[ 3312.696987][ T9748]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3312.702537][ T9748]  ? __pfx_lock_release+0x10/0x10
[ 3312.707566][ T9748]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3312.713633][ T9748]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3312.718827][ T9748]  ? mem_cgroup_iter+0x422/0x560
[ 3312.723772][ T9748]  try_charge_memcg+0xda2/0x18a0
[ 3312.728709][ T9748]  ? mark_lock+0x9a/0x350
[ 3312.733049][ T9748]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3312.738435][ T9748]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3312.744582][ T9748]  charge_memcg+0xa2/0x160
[ 3312.749003][ T9748]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3312.755068][ T9748]  __read_swap_cache_async+0x480/0x8b0
[ 3312.760523][ T9748]  ? mark_lock+0x9a/0x350
[ 3312.764854][ T9748]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3312.770839][ T9748]  swap_cluster_readahead+0x67c/0x810
[ 3312.776227][ T9748]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3312.782117][ T9748]  ? __pfx_lock_release+0x10/0x10
[ 3312.787145][ T9748]  ? xas_descend+0x37e/0x470
[ 3312.791739][ T9748]  swapin_readahead+0x1ea/0x1070
[ 3312.796674][ T9748]  ? filemap_get_entry+0x127/0x4e0
[ 3312.801793][ T9748]  ? __pfx_swapin_readahead+0x10/0x10
[ 3312.807173][ T9748]  ? __filemap_get_folio+0x935/0xbc0
[ 3312.812463][ T9748]  ? swap_cache_get_folio+0x9f/0x570
[ 3312.817749][ T9748]  do_swap_page+0x8ab/0x3da0
[ 3312.822337][ T9748]  ? __pte_offset_map+0x2c4/0x380
[ 3312.827378][ T9748]  ? __pfx_validate_chain+0x10/0x10
[ 3312.832572][ T9748]  ? do_swap_page+0x154/0x3da0
[ 3312.837330][ T9748]  ? __pfx_do_swap_page+0x10/0x10
[ 3312.842347][ T9748]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3312.847808][ T9748]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3312.853611][ T9748]  ? fault_dirty_shared_page+0x2aa/0x440
[ 3312.859245][ T9748]  __handle_mm_fault+0x15e8/0x72d0
[ 3312.864375][ T9748]  ? reacquire_held_locks+0x3eb/0x690
[ 3312.869744][ T9748]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3312.875297][ T9748]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 3312.881022][ T9748]  ? mtree_range_walk+0x6fd/0x8e0
[ 3312.886041][ T9748]  ? lock_vma_under_rcu+0x18a/0x730
[ 3312.891232][ T9748]  ? __pfx_lock_release+0x10/0x10
[ 3312.896253][ T9748]  ? lock_vma_under_rcu+0x2f9/0x730
[ 3312.901460][ T9748]  ? lock_vma_under_rcu+0x18a/0x730
[ 3312.906674][ T9748]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 3312.912480][ T9748]  handle_mm_fault+0x3c1/0x8a0
[ 3312.917248][ T9748]  exc_page_fault+0x456/0x870
[ 3312.921927][ T9748]  asm_exc_page_fault+0x26/0x30
[ 3312.926777][ T9748] RIP: 0033:0x7fa2eb428268
[ 3312.931183][ T9748] Code: 00 00 48 8b 0d 91 d4 ca 00 4c 63 05 7a d4 ca 00 48 8b 05 7b d4 ca 00 49 01 c8 48 39 c8 72 13 4c 39 c0 73 0e 48 8d 50 04 89 38 <48> 89 15 61 d4 ca 00 c3 52 48 8d 35 c3 0e 0a 00 48 89 c2 48 8d 3d
[ 3312.950788][ T9748] RSP: 002b:00007fa2eb6cfb28 EFLAGS: 00010287
[ 3312.956854][ T9748] RAX: 0000001b32420000 RBX: 0000000000000003 RCX: 0000001b32420000
[ 3312.964820][ T9748] RDX: 0000001b32420004 RSI: 0000000000000000 RDI: 0000000000000000
[ 3312.972784][ T9748] RBP: 0000000000000001 R08: 0000001b32820000 R09: 0000000000040000
[ 3312.980749][ T9748] R10: 0000000000000011 R11: 0000000000000293 R12: 0000000000000000
[ 3312.988715][ T9748] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 3312.996694][ T9748]  </TASK>
[ 3313.003163][ T9748] memory: usage 307188kB, limit 307200kB, failcnt 357052
[ 3313.015455][ T9748] memory+swap: usage 307948kB, limit 9007199254740988kB, failcnt 0
[ 3313.023485][ T9748] kmem: usage 307160kB, limit 9007199254740988kB, failcnt 0
[ 3313.032648][ T9748] Memory cgroup stats for /syz3:
[ 3313.032766][ T9748] cache 0
[ 3313.041249][ T9748] rss 24576
[ 3313.054669][ T9748] rss_huge 0
[ 3313.057980][ T9748] shmem 0
[ 3313.061010][ T9748] mapped_file 0
[ 3313.064889][ T9748] dirty 0
[ 3313.067928][ T9748] writeback 0
[ 3313.071256][ T9748] workingset_refault_anon 272275
[ 3313.077155][ T9748] workingset_refault_file 72
[ 3313.081762][ T9748] swap 815104
[ 3313.085400][ T9748] swapcached 4096
[ 3313.089036][ T9748] pgpgin 1971742
[ 3313.092569][ T9748] pgpgout 1971736
[ 3313.096588][ T9748] pgfault 3446961
[ 3313.100309][ T9748] pgmajfault 223118
[ 3313.104474][ T9748] inactive_anon 0
[ 3313.108121][ T9748] active_anon 4096
[ 3313.112473][ T9748] inactive_file 0
[ 3313.117100][ T9748] active_file 0
[ 3313.120621][ T9748] unevictable 0
[ 3313.125170][ T9748] hierarchical_memory_limit 314572800
[ 3313.130564][ T9748] hierarchical_memsw_limit 9223372036854771712
[ 3313.139580][ T9748] total_cache 0
[ 3313.143134][ T9748] total_rss 24576
[ 3313.148506][ T9748] total_rss_huge 0
[ 3313.156081][ T9748] total_shmem 0
[ 3313.159560][ T9748] total_mapped_file 0
[ 3313.163528][ T9748] total_dirty 0
[ 3313.167616][ T9748] total_writeback 0
[ 3313.171516][ T9748] total_workingset_refault_anon 272275
[ 3313.177337][ T9748] total_workingset_refault_file 72
[ 3313.182462][ T9748] total_swap 815104
[ 3313.187035][ T9748] total_swapcached 4096
[ 3313.191289][ T9748] total_pgpgin 1971742
[ 3313.196532][ T9748] total_pgpgout 1971736
[ 3313.200725][ T9748] total_pgfault 3446961
[ 3313.205818][ T9748] total_pgmajfault 223118
[ 3313.210169][ T9748] total_inactive_anon 0
[ 3313.215477][ T9748] total_active_anon 4096
[ 3313.219737][ T9748] total_inactive_file 0
[ 3313.224397][ T9748] total_active_file 0
[ 3313.228400][ T9748] total_unevictable 0
[ 3313.232388][ T9748] anon_cost 0
[ 3313.236223][ T9748] file_cost 0
[ 3313.239527][ T9748] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9748,uid=0
11:00:05 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x4800}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3313.256886][ T9748] Memory cgroup out of memory: Killed process 9748 (syz-executor.3) total-vm:54376kB, anon-rss:372kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
[ 3313.496657][ T9749] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3313.507549][ T9749] CPU: 0 PID: 9749 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3313.517895][ T9749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3313.527952][ T9749] Call Trace:
[ 3313.531223][ T9749]  <TASK>
[ 3313.534154][ T9749]  dump_stack_lvl+0x1e7/0x2e0
[ 3313.538833][ T9749]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3313.544034][ T9749]  ? __pfx__printk+0x10/0x10
[ 3313.548629][ T9749]  ? ___ratelimit+0x4c4/0x670
[ 3313.553301][ T9749]  ? __pfx____ratelimit+0x10/0x10
[ 3313.558317][ T9749]  dump_header+0xda/0x6a0
[ 3313.562639][ T9749]  oom_kill_process+0x3a7/0x930
[ 3313.567504][ T9749]  out_of_memory+0xf67/0x1320
[ 3313.572208][ T9749]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3313.577854][ T9749]  ? __pfx___mutex_lock+0x10/0x10
[ 3313.582900][ T9749]  ? __pfx_out_of_memory+0x10/0x10
[ 3313.588017][ T9749]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3313.593553][ T9749]  ? __pfx_lock_release+0x10/0x10
[ 3313.598568][ T9749]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3313.604631][ T9749]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3313.609821][ T9749]  ? mem_cgroup_iter+0x422/0x560
[ 3313.614770][ T9749]  try_charge_memcg+0xda2/0x18a0
[ 3313.619767][ T9749]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3313.625162][ T9749]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3313.630884][ T9749]  ? __pfx_lock_release+0x10/0x10
[ 3313.635905][ T9749]  ? memcg_account_kmem+0x1e7/0x210
[ 3313.641109][ T9749]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3313.646913][ T9749]  __memcg_kmem_charge_page+0xe1/0x250
[ 3313.652366][ T9749]  memcg_charge_kernel_stack+0x196/0x550
[ 3313.657990][ T9749]  dup_task_struct+0x15d/0x7d0
[ 3313.662745][ T9749]  copy_process+0x5d5/0x3fc0
[ 3313.667358][ T9749]  ? __might_fault+0xa9/0x120
[ 3313.672065][ T9749]  ? __pfx_lock_release+0x10/0x10
[ 3313.677102][ T9749]  ? __pfx_copy_process+0x10/0x10
[ 3313.682112][ T9749]  ? __might_fault+0xc5/0x120
[ 3313.686781][ T9749]  ? __asan_memset+0x23/0x50
[ 3313.691364][ T9749]  kernel_clone+0x21d/0x8d0
[ 3313.695857][ T9749]  ? __pfx_kernel_clone+0x10/0x10
[ 3313.700882][ T9749]  __se_sys_clone3+0x2cb/0x350
[ 3313.705642][ T9749]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3313.710913][ T9749]  ? rcu_is_watching+0x15/0xb0
[ 3313.715703][ T9749]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3313.721726][ T9749]  ? exc_page_fault+0x587/0x870
[ 3313.726619][ T9749]  ? do_syscall_64+0xb4/0x240
[ 3313.731292][ T9749]  do_syscall_64+0xf9/0x240
[ 3313.735788][ T9749]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3313.741686][ T9749] RIP: 0033:0x7fa2eb4a9b99
[ 3313.746089][ T9749] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3313.765702][ T9749] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3313.774139][ T9749] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3313.782128][ T9749] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3313.790097][ T9749] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3313.798055][ T9749] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3313.806012][ T9749] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3313.814002][ T9749]  </TASK>
[ 3313.821166][ T9749] memory: usage 307200kB, limit 307200kB, failcnt 357460
[ 3313.828946][ T9749] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3313.837207][ T9749] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3313.845110][ T9749] Memory cgroup stats for /syz3:
[ 3313.845241][ T9749] cache 0
[ 3313.853107][ T9749] rss 16384
[ 3313.856592][ T9749] rss_huge 0
[ 3313.859805][ T9749] shmem 0
[ 3313.862764][ T9749] mapped_file 0
[ 3313.866644][ T9749] dirty 0
[ 3313.869586][ T9749] writeback 0
[ 3313.872850][ T9749] workingset_refault_anon 272454
[ 3313.878444][ T9749] workingset_refault_file 72
[ 3313.883048][ T9749] swap 802816
[ 3313.886688][ T9749] swapcached 0
[ 3313.890064][ T9749] pgpgin 1971935
[ 3313.893592][ T9749] pgpgout 1971931
[ 3313.897556][ T9749] pgfault 3447242
[ 3313.901192][ T9749] pgmajfault 223294
[ 3313.905620][ T9749] inactive_anon 0
[ 3313.909273][ T9749] active_anon 16384
[ 3313.913100][ T9749] inactive_file 0
[ 3313.917109][ T9749] active_file 0
[ 3313.920576][ T9749] unevictable 0
[ 3313.925929][ T9749] hierarchical_memory_limit 314572800
[ 3313.931519][ T9749] hierarchical_memsw_limit 9223372036854771712
[ 3313.938492][ T9749] total_cache 0
[ 3313.941976][ T9749] total_rss 16384
[ 3313.945980][ T9749] total_rss_huge 0
[ 3313.949702][ T9749] total_shmem 0
[ 3313.953322][ T9749] total_mapped_file 0
[ 3313.957624][ T9749] total_dirty 0
[ 3313.961086][ T9749] total_writeback 0
[ 3313.965502][ T9749] total_workingset_refault_anon 272454
[ 3313.970985][ T9749] total_workingset_refault_file 72
[ 3313.976407][ T9749] total_swap 802816
[ 3313.980304][ T9749] total_swapcached 0
[ 3313.984507][ T9749] total_pgpgin 1971935
[ 3313.988611][ T9749] total_pgpgout 1971931
[ 3313.992750][ T9749] total_pgfault 3447242
[ 3313.997480][ T9749] total_pgmajfault 223294
[ 3314.001817][ T9749] total_inactive_anon 0
[ 3314.006265][ T9749] total_active_anon 16384
[ 3314.010590][ T9749] total_inactive_file 0
[ 3314.015099][ T9749] total_active_file 0
[ 3314.019081][ T9749] total_unevictable 0
[ 3314.023048][ T9749] anon_cost 0
[ 3314.027130][ T9749] file_cost 0
[ 3314.030425][ T9749] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9749,uid=0
[ 3314.046852][ T9749] Memory cgroup out of memory: Killed process 9749 (syz-executor.3) total-vm:54508kB, anon-rss:372kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
11:00:05 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x4888}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3314.351958][ T5114] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 3314.364335][ T5114] CPU: 0 PID: 5114 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3314.374715][ T5114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3314.384776][ T5114] Call Trace:
[ 3314.388053][ T5114]  <TASK>
[ 3314.390983][ T5114]  dump_stack_lvl+0x1e7/0x2e0
[ 3314.395665][ T5114]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3314.400864][ T5114]  ? __pfx__printk+0x10/0x10
[ 3314.405471][ T5114]  ? ___ratelimit+0x4c4/0x670
[ 3314.410194][ T5114]  ? __pfx____ratelimit+0x10/0x10
[ 3314.415229][ T5114]  dump_header+0xda/0x6a0
[ 3314.419575][ T5114]  oom_kill_process+0x3a7/0x930
[ 3314.424442][ T5114]  out_of_memory+0xf67/0x1320
[ 3314.429148][ T5114]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3314.434782][ T5114]  ? __pfx___mutex_lock+0x10/0x10
[ 3314.439821][ T5114]  ? __pfx_out_of_memory+0x10/0x10
[ 3314.444943][ T5114]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3314.450489][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3314.455512][ T5114]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3314.461579][ T5114]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3314.466772][ T5114]  ? mem_cgroup_iter+0x422/0x560
[ 3314.471725][ T5114]  try_charge_memcg+0xda2/0x18a0
[ 3314.476659][ T5114]  ? mark_lock+0x9a/0x350
[ 3314.480999][ T5114]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3314.486389][ T5114]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3314.492536][ T5114]  charge_memcg+0xa2/0x160
[ 3314.496954][ T5114]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3314.503016][ T5114]  __read_swap_cache_async+0x480/0x8b0
[ 3314.508473][ T5114]  ? mark_lock+0x9a/0x350
[ 3314.512808][ T5114]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3314.518794][ T5114]  ? blk_start_plug+0x6f/0x1b0
[ 3314.523557][ T5114]  swap_cluster_readahead+0x398/0x810
[ 3314.528936][ T5114]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3314.534854][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3314.539889][ T5114]  ? xas_descend+0x37e/0x470
[ 3314.544490][ T5114]  swapin_readahead+0x1ea/0x1070
[ 3314.549436][ T5114]  ? filemap_get_entry+0x127/0x4e0
[ 3314.554565][ T5114]  ? __pfx_swapin_readahead+0x10/0x10
[ 3314.559958][ T5114]  ? __filemap_get_folio+0x935/0xbc0
[ 3314.565255][ T5114]  ? swap_cache_get_folio+0x9f/0x570
[ 3314.570551][ T5114]  do_swap_page+0x8ab/0x3da0
[ 3314.575144][ T5114]  ? __pte_offset_map+0x2c4/0x380
[ 3314.580175][ T5114]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3314.585368][ T5114]  ? do_swap_page+0x154/0x3da0
[ 3314.590127][ T5114]  ? __pfx_do_swap_page+0x10/0x10
[ 3314.595150][ T5114]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3314.600608][ T5114]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3314.606413][ T5114]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 3314.612751][ T5114]  __handle_mm_fault+0x15e8/0x72d0
[ 3314.617881][ T5114]  ? reacquire_held_locks+0x3eb/0x690
[ 3314.623248][ T5114]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3314.628717][ T5114]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 3314.634463][ T5114]  ? mtree_range_walk+0x6fd/0x8e0
[ 3314.639484][ T5114]  ? lock_vma_under_rcu+0x18a/0x730
[ 3314.644678][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3314.649701][ T5114]  ? lock_vma_under_rcu+0x2f9/0x730
[ 3314.654919][ T5114]  ? lock_vma_under_rcu+0x18a/0x730
[ 3314.660117][ T5114]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 3314.665662][ T5114]  handle_mm_fault+0x3c1/0x8a0
[ 3314.670433][ T5114]  exc_page_fault+0x456/0x870
[ 3314.675114][ T5114]  asm_exc_page_fault+0x26/0x30
[ 3314.679969][ T5114] RIP: 0033:0x7fa2eb4a91b8
[ 3314.684379][ T5114] Code: 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 44 89 c7 <48> 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8 c3 0f 1f
[ 3314.703980][ T5114] RSP: 002b:00007fa2eb6cfcf0 EFLAGS: 00010293
[ 3314.710131][ T5114] RAX: 0000000000000000 RBX: 00000000000067c9 RCX: 00007fa2eb4a91b5
[ 3314.718097][ T5114] RDX: 00007fa2eb6cfd30 RSI: 0000000000000000 RDI: 0000000000000000
[ 3314.726067][ T5114] RBP: 00007fa2eb6cfdbc R08: 0000000000000000 R09: 00007ffcc99b80b0
[ 3314.734035][ T5114] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 3314.741997][ T5114] R13: 00000000003291e9 R14: 00000000003291e9 R15: 0000000000000000
[ 3314.749979][ T5114]  </TASK>
[ 3314.759979][ T5114] memory: usage 307200kB, limit 307200kB, failcnt 358057
[ 3314.767501][ T5114] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3314.776092][ T5114] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3314.783383][ T5114] Memory cgroup stats for /syz3:
[ 3314.783514][ T5114] cache 0
[ 3314.791733][ T5114] rss 12288
[ 3314.795207][ T5114] rss_huge 0
[ 3314.798407][ T5114] shmem 0
[ 3314.801325][ T5114] mapped_file 0
[ 3314.805384][ T5114] dirty 0
[ 3314.808325][ T5114] writeback 0
[ 3314.811594][ T5114] workingset_refault_anon 272665
[ 3314.816858][ T5114] workingset_refault_file 72
[ 3314.821451][ T5114] swap 806912
[ 3314.825109][ T5114] swapcached 0
[ 3314.828483][ T5114] pgpgin 1972161
[ 3314.832011][ T5114] pgpgout 1972158
[ 3314.836286][ T5114] pgfault 3447557
[ 3314.839925][ T5114] pgmajfault 223492
[ 3314.843731][ T5114] inactive_anon 0
[ 3314.847694][ T5114] active_anon 8192
[ 3314.851671][ T5114] inactive_file 0
[ 3314.855685][ T5114] active_file 0
[ 3314.859149][ T5114] unevictable 0
[ 3314.862589][ T5114] hierarchical_memory_limit 314572800
[ 3314.869444][ T5114] hierarchical_memsw_limit 9223372036854771712
[ 3314.875991][ T5114] total_cache 0
[ 3314.879451][ T5114] total_rss 12288
[ 3314.883063][ T5114] total_rss_huge 0
[ 3314.887253][ T5114] total_shmem 0
[ 3314.890725][ T5114] total_mapped_file 0
[ 3314.896371][ T5114] total_dirty 0
[ 3314.899865][ T5114] total_writeback 0
[ 3314.903672][ T5114] total_workingset_refault_anon 272665
[ 3314.910433][ T5114] total_workingset_refault_file 72
[ 3314.916189][ T5114] total_swap 806912
[ 3314.920018][ T5114] total_swapcached 0
[ 3314.924812][ T5114] total_pgpgin 1972161
[ 3314.928909][ T5114] total_pgpgout 1972158
[ 3314.933080][ T5114] total_pgfault 3447557
[ 3314.937687][ T5114] total_pgmajfault 223492
[ 3314.942028][ T5114] total_inactive_anon 0
[ 3314.946596][ T5114] total_active_anon 8192
[ 3314.950929][ T5114] total_inactive_file 0
[ 3314.955983][ T5114] total_active_file 0
11:00:06 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x5865}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3314.959980][ T5114] total_unevictable 0
[ 3314.964343][ T5114] anon_cost 0
[ 3314.967638][ T5114] file_cost 0
[ 3314.970927][ T5114] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9750,uid=0
[ 3314.987631][ T5114] Memory cgroup out of memory: Killed process 9750 (syz-executor.3) total-vm:54508kB, anon-rss:372kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3315.202316][ T9751] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3315.212786][ T9751] CPU: 0 PID: 9751 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3315.223119][ T9751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3315.233187][ T9751] Call Trace:
[ 3315.236461][ T9751]  <TASK>
[ 3315.239385][ T9751]  dump_stack_lvl+0x1e7/0x2e0
[ 3315.244057][ T9751]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3315.249253][ T9751]  ? __pfx__printk+0x10/0x10
[ 3315.253835][ T9751]  ? ___ratelimit+0x4c4/0x670
[ 3315.258512][ T9751]  ? __pfx____ratelimit+0x10/0x10
[ 3315.263540][ T9751]  dump_header+0xda/0x6a0
[ 3315.267903][ T9751]  oom_kill_process+0x3a7/0x930
[ 3315.272786][ T9751]  out_of_memory+0xf67/0x1320
[ 3315.277504][ T9751]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3315.283154][ T9751]  ? __pfx___mutex_lock+0x10/0x10
[ 3315.288258][ T9751]  ? __pfx_out_of_memory+0x10/0x10
[ 3315.293377][ T9751]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3315.298921][ T9751]  ? __pfx_lock_release+0x10/0x10
[ 3315.303940][ T9751]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3315.310004][ T9751]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3315.315210][ T9751]  ? mem_cgroup_iter+0x422/0x560
[ 3315.320160][ T9751]  try_charge_memcg+0xda2/0x18a0
[ 3315.325112][ T9751]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3315.330481][ T9751]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3315.336193][ T9751]  ? __pfx_lock_release+0x10/0x10
[ 3315.341217][ T9751]  ? memcg_account_kmem+0x1e7/0x210
[ 3315.346418][ T9751]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3315.352220][ T9751]  __memcg_kmem_charge_page+0xe1/0x250
[ 3315.357679][ T9751]  memcg_charge_kernel_stack+0x196/0x550
[ 3315.363319][ T9751]  dup_task_struct+0x15d/0x7d0
[ 3315.368114][ T9751]  copy_process+0x5d5/0x3fc0
[ 3315.372741][ T9751]  ? __might_fault+0xa9/0x120
[ 3315.377424][ T9751]  ? __pfx_lock_release+0x10/0x10
[ 3315.382456][ T9751]  ? __pfx_copy_process+0x10/0x10
[ 3315.387485][ T9751]  ? __might_fault+0xc5/0x120
[ 3315.392167][ T9751]  ? __asan_memset+0x23/0x50
[ 3315.396769][ T9751]  kernel_clone+0x21d/0x8d0
[ 3315.401275][ T9751]  ? __pfx_kernel_clone+0x10/0x10
[ 3315.406308][ T9751]  __se_sys_clone3+0x2cb/0x350
[ 3315.411072][ T9751]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3315.416364][ T9751]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3315.422356][ T9751]  ? exc_page_fault+0x587/0x870
[ 3315.427210][ T9751]  ? do_syscall_64+0xb4/0x240
[ 3315.431889][ T9751]  do_syscall_64+0xf9/0x240
[ 3315.436391][ T9751]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3315.442281][ T9751] RIP: 0033:0x7fa2eb4a9b99
[ 3315.446697][ T9751] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3315.466302][ T9751] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3315.474713][ T9751] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3315.482678][ T9751] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3315.490641][ T9751] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3315.498622][ T9751] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3315.506602][ T9751] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3315.514590][ T9751]  </TASK>
[ 3315.522458][ T9751] memory: usage 307200kB, limit 307200kB, failcnt 358498
[ 3315.530474][ T9751] memory+swap: usage 307984kB, limit 9007199254740988kB, failcnt 0
[ 3315.538853][ T9751] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3315.546701][ T9751] Memory cgroup stats for /syz3:
[ 3315.546800][ T9751] cache 0
[ 3315.555145][ T9751] rss 16384
[ 3315.558273][ T9751] rss_huge 0
[ 3315.561470][ T9751] shmem 0
[ 3315.564802][ T9751] mapped_file 0
[ 3315.568517][ T9751] dirty 0
[ 3315.571532][ T9751] writeback 0
[ 3315.575399][ T9751] workingset_refault_anon 272838
[ 3315.580337][ T9751] workingset_refault_file 72
[ 3315.585310][ T9751] swap 806912
[ 3315.588598][ T9751] swapcached 0
[ 3315.591950][ T9751] pgpgin 1972347
[ 3315.595940][ T9751] pgpgout 1972343
[ 3315.599587][ T9751] pgfault 3447817
[ 3315.603218][ T9751] pgmajfault 223643
[ 3315.607541][ T9751] inactive_anon 0
[ 3315.611178][ T9751] active_anon 16384
[ 3315.615411][ T9751] inactive_file 0
[ 3315.619052][ T9751] active_file 0
[ 3315.622509][ T9751] unevictable 0
[ 3315.627906][ T9751] hierarchical_memory_limit 314572800
[ 3315.635791][ T9751] hierarchical_memsw_limit 9223372036854771712
[ 3315.643274][ T9751] total_cache 0
[ 3315.647041][ T9751] total_rss 16384
[ 3315.650673][ T9751] total_rss_huge 0
[ 3315.654727][ T9751] total_shmem 0
[ 3315.658191][ T9751] total_mapped_file 0
[ 3315.662151][ T9751] total_dirty 0
[ 3315.666248][ T9751] total_writeback 0
[ 3315.670071][ T9751] total_workingset_refault_anon 272838
[ 3315.676056][ T9751] total_workingset_refault_file 72
[ 3315.681180][ T9751] total_swap 806912
[ 3315.685398][ T9751] total_swapcached 0
[ 3315.689293][ T9751] total_pgpgin 1972347
[ 3315.693339][ T9751] total_pgpgout 1972343
[ 3315.698156][ T9751] total_pgfault 3447817
[ 3315.702335][ T9751] total_pgmajfault 223643
[ 3315.707064][ T9751] total_inactive_anon 0
[ 3315.711748][ T9751] total_active_anon 16384
[ 3315.716483][ T9751] total_inactive_file 0
[ 3315.720646][ T9751] total_active_file 0
[ 3315.726340][ T9751] total_unevictable 0
[ 3315.730300][ T9751] anon_cost 0
[ 3315.733563][ T9751] file_cost 0
[ 3315.737432][ T9751] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9751,uid=0
11:00:07 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x6000}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3315.755527][ T9751] Memory cgroup out of memory: Killed process 9751 (syz-executor.3) total-vm:54508kB, anon-rss:372kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3315.998945][ T9752] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3316.009498][ T9752] CPU: 1 PID: 9752 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3316.019818][ T9752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3316.029869][ T9752] Call Trace:
[ 3316.033136][ T9752]  <TASK>
[ 3316.036071][ T9752]  dump_stack_lvl+0x1e7/0x2e0
[ 3316.040761][ T9752]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3316.045971][ T9752]  ? __pfx__printk+0x10/0x10
[ 3316.050577][ T9752]  ? ___ratelimit+0x4c4/0x670
[ 3316.055283][ T9752]  ? __pfx____ratelimit+0x10/0x10
[ 3316.060316][ T9752]  dump_header+0xda/0x6a0
[ 3316.064654][ T9752]  oom_kill_process+0x3a7/0x930
[ 3316.069519][ T9752]  out_of_memory+0xf67/0x1320
[ 3316.074211][ T9752]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3316.079859][ T9752]  ? __pfx___mutex_lock+0x10/0x10
[ 3316.084895][ T9752]  ? __pfx_out_of_memory+0x10/0x10
[ 3316.090374][ T9752]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3316.095915][ T9752]  ? __pfx_lock_release+0x10/0x10
[ 3316.100940][ T9752]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3316.107009][ T9752]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3316.112204][ T9752]  ? mem_cgroup_iter+0x422/0x560
[ 3316.117142][ T9752]  try_charge_memcg+0xda2/0x18a0
[ 3316.122091][ T9752]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3316.127458][ T9752]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3316.133172][ T9752]  ? __pfx_lock_release+0x10/0x10
[ 3316.138197][ T9752]  ? memcg_account_kmem+0x1e7/0x210
[ 3316.143395][ T9752]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3316.149199][ T9752]  __memcg_kmem_charge_page+0xe1/0x250
[ 3316.154660][ T9752]  memcg_charge_kernel_stack+0x196/0x550
[ 3316.160288][ T9752]  dup_task_struct+0x40d/0x7d0
[ 3316.165048][ T9752]  copy_process+0x5d5/0x3fc0
[ 3316.169641][ T9752]  ? __might_fault+0xa9/0x120
[ 3316.174322][ T9752]  ? __pfx_lock_release+0x10/0x10
[ 3316.179361][ T9752]  ? __pfx_copy_process+0x10/0x10
[ 3316.184729][ T9752]  ? __might_fault+0xc5/0x120
[ 3316.189406][ T9752]  ? __asan_memset+0x23/0x50
[ 3316.194004][ T9752]  kernel_clone+0x21d/0x8d0
[ 3316.198516][ T9752]  ? __pfx_kernel_clone+0x10/0x10
[ 3316.203547][ T9752]  __se_sys_clone3+0x2cb/0x350
[ 3316.208308][ T9752]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3316.213600][ T9752]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3316.219593][ T9752]  ? exc_page_fault+0x587/0x870
[ 3316.224445][ T9752]  ? do_syscall_64+0xb4/0x240
[ 3316.229120][ T9752]  do_syscall_64+0xf9/0x240
[ 3316.233622][ T9752]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3316.239515][ T9752] RIP: 0033:0x7fa2eb4a9b99
[ 3316.243936][ T9752] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3316.263544][ T9752] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3316.271957][ T9752] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3316.279923][ T9752] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3316.287887][ T9752] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3316.295853][ T9752] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3316.303820][ T9752] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3316.311804][ T9752]  </TASK>
[ 3316.326994][ T9752] memory: usage 307200kB, limit 307200kB, failcnt 358927
[ 3316.340399][ T9752] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3316.349386][ T9752] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3316.357245][ T9752] Memory cgroup stats for /syz3:
[ 3316.357371][ T9752] cache 0
[ 3316.365993][ T9752] rss 16384
[ 3316.369121][ T9752] rss_huge 0
[ 3316.372324][ T9752] shmem 0
[ 3316.375951][ T9752] mapped_file 0
[ 3316.379416][ T9752] dirty 0
[ 3316.382348][ T9752] writeback 0
[ 3316.386475][ T9752] workingset_refault_anon 272977
[ 3316.392169][ T9752] workingset_refault_file 72
[ 3316.397510][ T9752] swap 802816
[ 3316.400827][ T9752] swapcached 0
[ 3316.404719][ T9752] pgpgin 1972504
[ 3316.408280][ T9752] pgpgout 1972500
[ 3316.411932][ T9752] pgfault 3448040
[ 3316.416153][ T9752] pgmajfault 223781
[ 3316.419965][ T9752] inactive_anon 0
[ 3316.423581][ T9752] active_anon 16384
[ 3316.427822][ T9752] inactive_file 0
[ 3316.431492][ T9752] active_file 0
[ 3316.442202][ T9752] unevictable 0
[ 3316.447429][ T9752] hierarchical_memory_limit 314572800
[ 3316.452807][ T9752] hierarchical_memsw_limit 9223372036854771712
[ 3316.459297][ T9752] total_cache 0
[ 3316.462770][ T9752] total_rss 16384
[ 3316.466764][ T9752] total_rss_huge 0
[ 3316.470489][ T9752] total_shmem 0
[ 3316.474554][ T9752] total_mapped_file 0
[ 3316.478575][ T9752] total_dirty 0
[ 3316.482037][ T9752] total_writeback 0
[ 3316.486284][ T9752] total_workingset_refault_anon 272977
[ 3316.491943][ T9752] total_workingset_refault_file 72
[ 3316.497462][ T9752] total_swap 802816
[ 3316.501279][ T9752] total_swapcached 0
[ 3316.505756][ T9752] total_pgpgin 1972504
[ 3316.509825][ T9752] total_pgpgout 1972500
[ 3316.514455][ T9752] total_pgfault 3448040
[ 3316.518616][ T9752] total_pgmajfault 223781
[ 3316.522927][ T9752] total_inactive_anon 0
[ 3316.527437][ T9752] total_active_anon 16384
[ 3316.531793][ T9752] total_inactive_file 0
[ 3316.536533][ T9752] total_active_file 0
[ 3316.540530][ T9752] total_unevictable 0
[ 3316.549165][ T9752] anon_cost 0
[ 3316.552462][ T9752] file_cost 0
[ 3316.557693][ T9752] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9752,uid=0
[ 3316.573720][ T9752] Memory cgroup out of memory: Killed process 9752 (syz-executor.3) total-vm:54508kB, anon-rss:372kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
11:00:08 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x6558}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3316.925371][ T9753] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3316.940361][ T9753] CPU: 1 PID: 9753 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3316.950726][ T9753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3316.960801][ T9753] Call Trace:
[ 3316.964096][ T9753]  <TASK>
[ 3316.967038][ T9753]  dump_stack_lvl+0x1e7/0x2e0
[ 3316.971724][ T9753]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3316.976930][ T9753]  ? __pfx__printk+0x10/0x10
[ 3316.981528][ T9753]  ? ___ratelimit+0x4c4/0x670
[ 3316.986201][ T9753]  ? __pfx____ratelimit+0x10/0x10
[ 3316.991218][ T9753]  dump_header+0xda/0x6a0
[ 3316.995558][ T9753]  oom_kill_process+0x3a7/0x930
[ 3317.000434][ T9753]  out_of_memory+0xf67/0x1320
[ 3317.005139][ T9753]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3317.010780][ T9753]  ? __pfx___mutex_lock+0x10/0x10
[ 3317.015817][ T9753]  ? __pfx_out_of_memory+0x10/0x10
[ 3317.020956][ T9753]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3317.026604][ T9753]  ? __pfx_lock_release+0x10/0x10
[ 3317.031703][ T9753]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3317.037788][ T9753]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3317.043003][ T9753]  ? mem_cgroup_iter+0x422/0x560
[ 3317.047946][ T9753]  try_charge_memcg+0xda2/0x18a0
[ 3317.052903][ T9753]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3317.058271][ T9753]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3317.063996][ T9753]  ? __pfx_lock_release+0x10/0x10
[ 3317.069037][ T9753]  ? memcg_account_kmem+0x1e7/0x210
[ 3317.074256][ T9753]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3317.080087][ T9753]  __memcg_kmem_charge_page+0xe1/0x250
[ 3317.085563][ T9753]  memcg_charge_kernel_stack+0x196/0x550
[ 3317.091213][ T9753]  dup_task_struct+0x40d/0x7d0
[ 3317.096024][ T9753]  copy_process+0x5d5/0x3fc0
[ 3317.100644][ T9753]  ? __might_fault+0xa9/0x120
[ 3317.105333][ T9753]  ? __pfx_lock_release+0x10/0x10
[ 3317.110360][ T9753]  ? __lock_acquire+0x1345/0x1fd0
[ 3317.115385][ T9753]  ? __pfx_copy_process+0x10/0x10
[ 3317.120414][ T9753]  ? __might_fault+0xc5/0x120
[ 3317.125095][ T9753]  ? __asan_memset+0x23/0x50
[ 3317.129685][ T9753]  kernel_clone+0x21d/0x8d0
[ 3317.134189][ T9753]  ? __pfx_kernel_clone+0x10/0x10
[ 3317.139215][ T9753]  ? __pfx_lock_release+0x10/0x10
[ 3317.144265][ T9753]  __se_sys_clone3+0x2cb/0x350
[ 3317.149042][ T9753]  ? __might_fault+0xa9/0x120
[ 3317.153724][ T9753]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3317.159016][ T9753]  ? rcu_is_watching+0x15/0xb0
[ 3317.163817][ T9753]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3317.169835][ T9753]  ? exc_page_fault+0x587/0x870
[ 3317.174698][ T9753]  ? do_syscall_64+0xb4/0x240
[ 3317.179394][ T9753]  do_syscall_64+0xf9/0x240
[ 3317.183926][ T9753]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3317.189846][ T9753] RIP: 0033:0x7fa2eb4a9b99
[ 3317.194342][ T9753] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3317.213951][ T9753] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3317.222395][ T9753] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3317.230375][ T9753] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3317.238348][ T9753] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3317.246317][ T9753] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3317.254281][ T9753] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3317.262261][ T9753]  </TASK>
[ 3317.271454][ T9753] memory: usage 307180kB, limit 307200kB, failcnt 359647
[ 3317.279649][ T9753] memory+swap: usage 307980kB, limit 9007199254740988kB, failcnt 0
[ 3317.287896][ T9753] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3317.295748][ T9753] Memory cgroup stats for /syz3:
[ 3317.295878][ T9753] cache 0
[ 3317.303724][ T9753] rss 12288
[ 3317.307142][ T9753] rss_huge 0
[ 3317.310525][ T9753] shmem 0
[ 3317.313464][ T9753] mapped_file 0
[ 3317.317223][ T9753] dirty 0
[ 3317.320164][ T9753] writeback 0
[ 3317.323433][ T9753] workingset_refault_anon 273233
[ 3317.328947][ T9753] workingset_refault_file 72
[ 3317.333539][ T9753] swap 806912
[ 3317.337137][ T9753] swapcached 0
[ 3317.340496][ T9753] pgpgin 1972772
[ 3317.344372][ T9753] pgpgout 1972769
[ 3317.348008][ T9753] pgfault 3448416
[ 3317.351647][ T9753] pgmajfault 224028
[ 3317.355817][ T9753] inactive_anon 8192
[ 3317.359693][ T9753] active_anon 4096
[ 3317.363388][ T9753] inactive_file 0
[ 3317.367363][ T9753] active_file 0
[ 3317.370827][ T9753] unevictable 0
[ 3317.374810][ T9753] hierarchical_memory_limit 314572800
[ 3317.380183][ T9753] hierarchical_memsw_limit 9223372036854771712
[ 3317.388552][ T9753] total_cache 0
[ 3317.392029][ T9753] total_rss 12288
[ 3317.396020][ T9753] total_rss_huge 0
[ 3317.399740][ T9753] total_shmem 0
[ 3317.403202][ T9753] total_mapped_file 0
[ 3317.416481][ T9753] total_dirty 0
[ 3317.419980][ T9753] total_writeback 0
[ 3317.424140][ T9753] total_workingset_refault_anon 273233
[ 3317.429602][ T9753] total_workingset_refault_file 72
[ 3317.435040][ T9753] total_swap 806912
[ 3317.438834][ T9753] total_swapcached 0
[ 3317.442707][ T9753] total_pgpgin 1972772
[ 3317.447378][ T9753] total_pgpgout 1972769
[ 3317.451535][ T9753] total_pgfault 3448416
[ 3317.455994][ T9753] total_pgmajfault 224028
[ 3317.460309][ T9753] total_inactive_anon 8192
[ 3317.465061][ T9753] total_active_anon 4096
[ 3317.469308][ T9753] total_inactive_file 0
[ 3317.473460][ T9753] total_active_file 0
[ 3317.478020][ T9753] total_unevictable 0
[ 3317.482003][ T9753] anon_cost 0
[ 3317.485502][ T9753] file_cost 0
[ 3317.488770][ T9753] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9753,uid=0
[ 3317.505810][ T9753] Memory cgroup out of memory: Killed process 9753 (syz-executor.3) total-vm:54508kB, anon-rss:372kB, file-rss:8704kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
11:00:09 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x8100}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3317.703204][ T9754] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3317.716842][ T9754] CPU: 1 PID: 9754 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3317.727216][ T9754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3317.737287][ T9754] Call Trace:
[ 3317.740572][ T9754]  <TASK>
[ 3317.743489][ T9754]  dump_stack_lvl+0x1e7/0x2e0
[ 3317.748174][ T9754]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3317.753387][ T9754]  ? __pfx__printk+0x10/0x10
[ 3317.757971][ T9754]  ? ___ratelimit+0x4c4/0x670
[ 3317.762646][ T9754]  ? __pfx____ratelimit+0x10/0x10
[ 3317.767672][ T9754]  dump_header+0xda/0x6a0
[ 3317.772003][ T9754]  oom_kill_process+0x3a7/0x930
[ 3317.776849][ T9754]  out_of_memory+0xf67/0x1320
[ 3317.781522][ T9754]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3317.787148][ T9754]  ? __pfx___mutex_lock+0x10/0x10
[ 3317.792175][ T9754]  ? __pfx_out_of_memory+0x10/0x10
[ 3317.797287][ T9754]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3317.803087][ T9754]  ? __pfx_lock_release+0x10/0x10
[ 3317.808108][ T9754]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3317.814180][ T9754]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3317.819375][ T9754]  ? mem_cgroup_iter+0x422/0x560
[ 3317.824309][ T9754]  try_charge_memcg+0xda2/0x18a0
[ 3317.829258][ T9754]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3317.834626][ T9754]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3317.840336][ T9754]  ? __pfx_lock_release+0x10/0x10
[ 3317.845355][ T9754]  ? memcg_account_kmem+0x1e7/0x210
[ 3317.850557][ T9754]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3317.856354][ T9754]  __memcg_kmem_charge_page+0xe1/0x250
[ 3317.861813][ T9754]  memcg_charge_kernel_stack+0x196/0x550
[ 3317.867444][ T9754]  dup_task_struct+0x15d/0x7d0
[ 3317.872200][ T9754]  copy_process+0x5d5/0x3fc0
[ 3317.876793][ T9754]  ? __might_fault+0xa9/0x120
[ 3317.881464][ T9754]  ? __pfx_lock_release+0x10/0x10
[ 3317.886487][ T9754]  ? __lock_acquire+0x1345/0x1fd0
[ 3317.891505][ T9754]  ? __pfx_copy_process+0x10/0x10
[ 3317.896519][ T9754]  ? __might_fault+0xc5/0x120
[ 3317.901189][ T9754]  ? __asan_memset+0x23/0x50
[ 3317.905779][ T9754]  kernel_clone+0x21d/0x8d0
[ 3317.910279][ T9754]  ? __pfx_kernel_clone+0x10/0x10
[ 3317.915303][ T9754]  ? __pfx_lock_release+0x10/0x10
[ 3317.920330][ T9754]  __se_sys_clone3+0x2cb/0x350
[ 3317.925093][ T9754]  ? __might_fault+0xa9/0x120
[ 3317.929786][ T9754]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3317.935060][ T9754]  ? rcu_is_watching+0x15/0xb0
[ 3317.939825][ T9754]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3317.945809][ T9754]  ? exc_page_fault+0x587/0x870
[ 3317.950658][ T9754]  ? do_syscall_64+0xb4/0x240
[ 3317.955334][ T9754]  do_syscall_64+0xf9/0x240
[ 3317.959834][ T9754]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3317.965722][ T9754] RIP: 0033:0x7fa2eb4a9b99
[ 3317.970129][ T9754] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3317.989727][ T9754] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3317.998134][ T9754] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3318.006107][ T9754] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3318.014073][ T9754] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3318.022052][ T9754] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3318.030018][ T9754] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3318.037991][ T9754]  </TASK>
[ 3318.049811][ T9754] memory: usage 307200kB, limit 307200kB, failcnt 360028
[ 3318.057208][ T9754] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3318.065797][ T9754] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3318.073090][ T9754] Memory cgroup stats for /syz3:
[ 3318.073168][ T9754] cache 0
[ 3318.081657][ T9754] rss 12288
[ 3318.085148][ T9754] rss_huge 0
[ 3318.088365][ T9754] shmem 0
[ 3318.091307][ T9754] mapped_file 0
[ 3318.095125][ T9754] dirty 0
[ 3318.098075][ T9754] writeback 0
[ 3318.101358][ T9754] workingset_refault_anon 273377
[ 3318.107079][ T9754] workingset_refault_file 72
[ 3318.111674][ T9754] swap 806912
[ 3318.115330][ T9754] swapcached 0
[ 3318.118705][ T9754] pgpgin 1972927
[ 3318.122237][ T9754] pgpgout 1972924
[ 3318.126224][ T9754] pgfault 3448635
[ 3318.130371][ T9754] pgmajfault 224158
[ 3318.134853][ T9754] inactive_anon 0
[ 3318.138681][ T9754] active_anon 12288
[ 3318.142489][ T9754] inactive_file 0
[ 3318.146729][ T9754] active_file 0
[ 3318.150201][ T9754] unevictable 0
[ 3318.153637][ T9754] hierarchical_memory_limit 314572800
[ 3318.159920][ T9754] hierarchical_memsw_limit 9223372036854771712
[ 3318.167447][ T9754] total_cache 0
[ 3318.170919][ T9754] total_rss 12288
[ 3318.175250][ T9754] total_rss_huge 0
[ 3318.178991][ T9754] total_shmem 0
[ 3318.182469][ T9754] total_mapped_file 0
[ 3318.186867][ T9754] total_dirty 0
[ 3318.190349][ T9754] total_writeback 0
[ 3318.194557][ T9754] total_workingset_refault_anon 273377
[ 3318.200014][ T9754] total_workingset_refault_file 72
[ 3318.205578][ T9754] total_swap 806912
[ 3318.209412][ T9754] total_swapcached 0
[ 3318.213304][ T9754] total_pgpgin 1972927
[ 3318.217775][ T9754] total_pgpgout 1972924
[ 3318.221950][ T9754] total_pgfault 3448635
[ 3318.226754][ T9754] total_pgmajfault 224158
[ 3318.232316][ T9754] total_inactive_anon 0
[ 3318.236779][ T9754] total_active_anon 12288
[ 3318.241127][ T9754] total_inactive_file 0
[ 3318.245644][ T9754] total_active_file 0
[ 3318.249639][ T9754] total_unevictable 0
11:00:10 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x8847}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3318.253601][ T9754] anon_cost 0
[ 3318.257236][ T9754] file_cost 0
[ 3318.260533][ T9754] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9754,uid=0
[ 3318.277840][ T9754] Memory cgroup out of memory: Killed process 9754 (syz-executor.3) total-vm:54508kB, anon-rss:380kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3318.516462][ T9755] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 3318.527378][ T9755] CPU: 0 PID: 9755 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3318.537730][ T9755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3318.547793][ T9755] Call Trace:
[ 3318.551058][ T9755]  <TASK>
[ 3318.553975][ T9755]  dump_stack_lvl+0x1e7/0x2e0
[ 3318.558646][ T9755]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3318.564006][ T9755]  ? __pfx__printk+0x10/0x10
[ 3318.568580][ T9755]  ? ___ratelimit+0x4c4/0x670
[ 3318.573246][ T9755]  ? __pfx____ratelimit+0x10/0x10
[ 3318.578255][ T9755]  dump_header+0xda/0x6a0
[ 3318.582573][ T9755]  oom_kill_process+0x3a7/0x930
[ 3318.587428][ T9755]  out_of_memory+0xf67/0x1320
[ 3318.592122][ T9755]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3318.597762][ T9755]  ? __pfx___mutex_lock+0x10/0x10
[ 3318.602791][ T9755]  ? __pfx_out_of_memory+0x10/0x10
[ 3318.607894][ T9755]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3318.613423][ T9755]  ? __pfx_lock_release+0x10/0x10
[ 3318.618437][ T9755]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3318.624491][ T9755]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3318.629692][ T9755]  ? mem_cgroup_iter+0x422/0x560
[ 3318.634637][ T9755]  try_charge_memcg+0xda2/0x18a0
[ 3318.639604][ T9755]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3318.644977][ T9755]  ? get_mem_cgroup_from_objcg+0x19/0x150
[ 3318.650692][ T9755]  ? __pfx_lock_release+0x10/0x10
[ 3318.655734][ T9755]  ? memcg_account_kmem+0x1e7/0x210
[ 3318.660950][ T9755]  ? get_mem_cgroup_from_objcg+0x13b/0x150
[ 3318.666761][ T9755]  __memcg_kmem_charge_page+0xe1/0x250
[ 3318.672233][ T9755]  memcg_charge_kernel_stack+0x196/0x550
[ 3318.677895][ T9755]  dup_task_struct+0x40d/0x7d0
[ 3318.682685][ T9755]  copy_process+0x5d5/0x3fc0
[ 3318.687292][ T9755]  ? __might_fault+0xa9/0x120
[ 3318.691968][ T9755]  ? __pfx_lock_release+0x10/0x10
[ 3318.697003][ T9755]  ? __lock_acquire+0x1345/0x1fd0
[ 3318.702029][ T9755]  ? __pfx_copy_process+0x10/0x10
[ 3318.707048][ T9755]  ? __might_fault+0xc5/0x120
[ 3318.711722][ T9755]  ? __asan_memset+0x23/0x50
[ 3318.716309][ T9755]  kernel_clone+0x21d/0x8d0
[ 3318.720807][ T9755]  ? __pfx_kernel_clone+0x10/0x10
[ 3318.725830][ T9755]  ? __pfx_lock_release+0x10/0x10
[ 3318.731115][ T9755]  __se_sys_clone3+0x2cb/0x350
[ 3318.735869][ T9755]  ? __might_fault+0xa9/0x120
[ 3318.740536][ T9755]  ? __pfx___se_sys_clone3+0x10/0x10
[ 3318.745816][ T9755]  ? rcu_is_watching+0x15/0xb0
[ 3318.750588][ T9755]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3318.756573][ T9755]  ? exc_page_fault+0x587/0x870
[ 3318.761420][ T9755]  ? do_syscall_64+0xb4/0x240
[ 3318.766096][ T9755]  do_syscall_64+0xf9/0x240
[ 3318.770594][ T9755]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3318.776479][ T9755] RIP: 0033:0x7fa2eb4a9b99
[ 3318.780884][ T9755] Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 3318.800483][ T9755] RSP: 002b:00007fa2eb6cf918 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3
[ 3318.808900][ T9755] RAX: ffffffffffffffda RBX: 00007fa2eb452270 RCX: 00007fa2eb4a9b99
[ 3318.816864][ T9755] RDX: 00007fa2eb452270 RSI: 0000000000000058 RDI: 00007fa2eb6cf960
[ 3318.824825][ T9755] RBP: 00007fa2ec1db6c0 R08: 00007fa2ec1db6c0 R09: 00007fa2eb6cfa47
[ 3318.832783][ T9755] R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0
[ 3318.840744][ T9755] R13: 000000000000000b R14: 00007fa2eb6cf960 R15: 00007fa2eb6cfa48
[ 3318.848720][ T9755]  </TASK>
[ 3318.858858][ T9755] memory: usage 307200kB, limit 307200kB, failcnt 360478
[ 3318.872047][ T9755] memory+swap: usage 308000kB, limit 9007199254740988kB, failcnt 0
[ 3318.880565][ T9755] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[ 3318.888423][ T9755] Memory cgroup stats for /syz3:
[ 3318.888555][ T9755] cache 0
[ 3318.896668][ T9755] rss 12288
[ 3318.899767][ T9755] rss_huge 0
[ 3318.902943][ T9755] shmem 0
[ 3318.906557][ T9755] mapped_file 0
[ 3318.910042][ T9755] dirty 0
[ 3318.912974][ T9755] writeback 0
[ 3318.916658][ T9755] workingset_refault_anon 273548
[ 3318.921609][ T9755] workingset_refault_file 72
[ 3318.926570][ T9755] swap 806912
[ 3318.929870][ T9755] swapcached 0
[ 3318.933259][ T9755] pgpgin 1973109
[ 3318.937440][ T9755] pgpgout 1973106
[ 3318.941095][ T9755] pgfault 3448884
[ 3318.945118][ T9755] pgmajfault 224319
[ 3318.949181][ T9755] inactive_anon 0
[ 3318.952826][ T9755] active_anon 12288
[ 3318.957001][ T9755] inactive_file 0
[ 3318.960641][ T9755] active_file 0
[ 3318.965663][ T9755] unevictable 0
[ 3318.969137][ T9755] hierarchical_memory_limit 314572800
[ 3318.976497][ T9755] hierarchical_memsw_limit 9223372036854771712
[ 3318.982666][ T9755] total_cache 0
[ 3318.987459][ T9755] total_rss 12288
[ 3318.991136][ T9755] total_rss_huge 0
[ 3318.995948][ T9755] total_shmem 0
[ 3318.999422][ T9755] total_mapped_file 0
[ 3319.003393][ T9755] total_dirty 0
[ 3319.007389][ T9755] total_writeback 0
[ 3319.011189][ T9755] total_workingset_refault_anon 273548
[ 3319.017160][ T9755] total_workingset_refault_file 72
[ 3319.022272][ T9755] total_swap 806912
[ 3319.027167][ T9755] total_swapcached 0
[ 3319.031081][ T9755] total_pgpgin 1973109
[ 3319.035960][ T9755] total_pgpgout 1973106
[ 3319.040141][ T9755] total_pgfault 3448884
[ 3319.045162][ T9755] total_pgmajfault 224319
[ 3319.049787][ T9755] total_inactive_anon 0
[ 3319.055023][ T9755] total_active_anon 12288
[ 3319.059366][ T9755] total_inactive_file 0
[ 3319.063503][ T9755] total_active_file 0
[ 3319.068288][ T9755] total_unevictable 0
[ 3319.072388][ T9755] anon_cost 0
[ 3319.077606][ T9755] file_cost 0
[ 3319.080904][ T9755] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9755,uid=0
[ 3319.097024][ T9755] Memory cgroup out of memory: Killed process 9755 (syz-executor.3) total-vm:54508kB, anon-rss:372kB, file-rss:8832kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3319.150899][ T5114] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 3319.162640][ T5114] CPU: 1 PID: 5114 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3319.172988][ T5114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3319.183035][ T5114] Call Trace:
[ 3319.186308][ T5114]  <TASK>
[ 3319.189227][ T5114]  dump_stack_lvl+0x1e7/0x2e0
[ 3319.193910][ T5114]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3319.199120][ T5114]  ? __pfx__printk+0x10/0x10
[ 3319.203698][ T5114]  ? ___ratelimit+0x4c4/0x670
[ 3319.208364][ T5114]  ? __pfx____ratelimit+0x10/0x10
[ 3319.213374][ T5114]  dump_header+0xda/0x6a0
[ 3319.217694][ T5114]  oom_kill_process+0x3a7/0x930
[ 3319.222534][ T5114]  out_of_memory+0xf67/0x1320
[ 3319.227217][ T5114]  ? mem_cgroup_out_of_memory+0xf7/0x3b0
[ 3319.232880][ T5114]  ? __pfx___mutex_lock+0x10/0x10
[ 3319.237903][ T5114]  ? __pfx_out_of_memory+0x10/0x10
[ 3319.243005][ T5114]  mem_cgroup_out_of_memory+0x263/0x3b0
[ 3319.248549][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3319.253566][ T5114]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 3319.259629][ T5114]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3319.264822][ T5114]  ? mem_cgroup_iter+0x422/0x560
[ 3319.269751][ T5114]  try_charge_memcg+0xda2/0x18a0
[ 3319.274675][ T5114]  ? mark_lock+0x9a/0x350
[ 3319.279003][ T5114]  ? __pfx_try_charge_memcg+0x10/0x10
[ 3319.284378][ T5114]  ? mem_cgroup_swapin_charge_folio+0x35/0x3a0
[ 3319.290517][ T5114]  charge_memcg+0xa2/0x160
[ 3319.294939][ T5114]  mem_cgroup_swapin_charge_folio+0x267/0x3a0
[ 3319.301021][ T5114]  __read_swap_cache_async+0x480/0x8b0
[ 3319.306483][ T5114]  ? mark_lock+0x9a/0x350
[ 3319.310805][ T5114]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 3319.316781][ T5114]  ? blk_start_plug+0x6f/0x1b0
[ 3319.321539][ T5114]  swap_cluster_readahead+0x398/0x810
[ 3319.326909][ T5114]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 3319.332795][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3319.337899][ T5114]  ? xas_descend+0x37e/0x470
[ 3319.342482][ T5114]  swapin_readahead+0x1ea/0x1070
[ 3319.347408][ T5114]  ? filemap_get_entry+0x127/0x4e0
[ 3319.352514][ T5114]  ? __pfx_swapin_readahead+0x10/0x10
[ 3319.357884][ T5114]  ? __filemap_get_folio+0x935/0xbc0
[ 3319.363162][ T5114]  ? swap_cache_get_folio+0x9f/0x570
[ 3319.368444][ T5114]  do_swap_page+0x8ab/0x3da0
[ 3319.373024][ T5114]  ? __pte_offset_map+0x2c4/0x380
[ 3319.378055][ T5114]  ? do_raw_spin_unlock+0x13b/0x8b0
[ 3319.383238][ T5114]  ? do_swap_page+0x154/0x3da0
[ 3319.387989][ T5114]  ? __pfx_do_swap_page+0x10/0x10
[ 3319.393000][ T5114]  ? pte_offset_map_nolock+0x137/0x1f0
[ 3319.398477][ T5114]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[ 3319.404302][ T5114]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 3319.410649][ T5114]  __handle_mm_fault+0x15e8/0x72d0
[ 3319.415767][ T5114]  ? reacquire_held_locks+0x3eb/0x690
[ 3319.421124][ T5114]  ? __pfx___handle_mm_fault+0x10/0x10
[ 3319.426578][ T5114]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 3319.432295][ T5114]  ? mtree_range_walk+0x6fd/0x8e0
[ 3319.437307][ T5114]  ? lock_vma_under_rcu+0x18a/0x730
[ 3319.442492][ T5114]  ? __pfx_lock_release+0x10/0x10
[ 3319.447509][ T5114]  ? lock_vma_under_rcu+0x2f9/0x730
[ 3319.452705][ T5114]  ? lock_vma_under_rcu+0x18a/0x730
[ 3319.457979][ T5114]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 3319.463524][ T5114]  handle_mm_fault+0x3c1/0x8a0
[ 3319.468291][ T5114]  exc_page_fault+0x456/0x870
[ 3319.472957][ T5114]  asm_exc_page_fault+0x26/0x30
[ 3319.477797][ T5114] RIP: 0033:0x7fa2eb4a91b8
[ 3319.482200][ T5114] Code: 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 44 89 c7 <48> 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8 c3 0f 1f
[ 3319.501793][ T5114] RSP: 002b:00007fa2eb6cfcf0 EFLAGS: 00010293
[ 3319.507848][ T5114] RAX: 0000000000000000 RBX: 00000000000067ce RCX: 00007fa2eb4a91b5
[ 3319.515819][ T5114] RDX: 00007fa2eb6cfd30 RSI: 0000000000000000 RDI: 0000000000000000
[ 3319.523790][ T5114] RBP: 00007fa2eb6cfdbc R08: 0000000000000000 R09: 00007ffcc99b80b0
[ 3319.531857][ T5114] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 3319.539818][ T5114] R13: 000000000032a239 R14: 000000000032a239 R15: 0000000000000000
[ 3319.547792][ T5114]  </TASK>
[ 3319.565148][ T5114] memory: usage 307100kB, limit 307200kB, failcnt 360531
[ 3319.572363][ T5114] memory+swap: usage 307896kB, limit 9007199254740988kB, failcnt 0
[ 3319.584338][ T5114] kmem: usage 307008kB, limit 9007199254740988kB, failcnt 0
[ 3319.593729][ T5114] Memory cgroup stats for /syz3:
[ 3319.594495][ T5114] cache 0
[ 3319.602375][ T5114] rss 0
[ 3319.608693][ T5114] rss_huge 0
[ 3319.611889][ T5114] shmem 0
[ 3319.615456][ T5114] mapped_file 0
[ 3319.618908][ T5114] dirty 0
[ 3319.621821][ T5114] writeback 0
[ 3319.627885][ T5114] workingset_refault_anon 273549
[ 3319.632842][ T5114] workingset_refault_file 72
[ 3319.638246][ T5114] swap 815104
[ 3319.641544][ T5114] swapcached 0
[ 3319.645673][ T5114] pgpgin 1973110
[ 3319.649227][ T5114] pgpgout 1973110
[ 3319.652851][ T5114] pgfault 3448885
[ 3319.657248][ T5114] pgmajfault 224320
[ 3319.661075][ T5114] inactive_anon 0
[ 3319.667705][ T5114] active_anon 0
[ 3319.671180][ T5114] inactive_file 0
[ 3319.675614][ T5114] active_file 0
[ 3319.679090][ T5114] unevictable 0
[ 3319.682549][ T5114] hierarchical_memory_limit 314572800
[ 3319.689234][ T5114] hierarchical_memsw_limit 9223372036854771712
[ 3319.696075][ T5114] total_cache 0
[ 3319.699545][ T5114] total_rss 0
[ 3319.702820][ T5114] total_rss_huge 0
[ 3319.706995][ T5114] total_shmem 0
[ 3319.710465][ T5114] total_mapped_file 0
[ 3319.715181][ T5114] total_dirty 0
[ 3319.718661][ T5114] total_writeback 0
[ 3319.722462][ T5114] total_workingset_refault_anon 273549
[ 3319.728642][ T5114] total_workingset_refault_file 72
[ 3319.733757][ T5114] total_swap 815104
[ 3319.739367][ T5114] total_swapcached 0
[ 3319.743277][ T5114] total_pgpgin 1973110
[ 3319.747699][ T5114] total_pgpgout 1973110
[ 3319.751857][ T5114] total_pgfault 3448885
[ 3319.756700][ T5114] total_pgmajfault 224320
[ 3319.761035][ T5114] total_inactive_anon 0
[ 3319.765543][ T5114] total_active_anon 0
[ 3319.769942][ T5114] total_inactive_file 0
[ 3319.774480][ T5114] total_active_file 0
[ 3319.778468][ T5114] total_unevictable 0
[ 3319.782443][ T5114] anon_cost 0
[ 3319.786450][ T5114] file_cost 0
[ 3319.789849][ T5114] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22838,uid=0
11:00:11 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x8848}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3319.806251][ T5114] Memory cgroup out of memory: Killed process 22838 (syz-executor.3) total-vm:54508kB, anon-rss:500kB, file-rss:8112kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 3327.946724][ T1239] ieee802154 phy0 wpan0: encryption failed: -22
[ 3327.953077][ T1239] ieee802154 phy1 wpan1: encryption failed: -22
[ 3335.056212][ T9535] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[ 3335.074250][ T9535] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[ 3335.084594][ T9535] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[ 3335.095155][ T9535] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[ 3335.103318][ T9535] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[ 3335.111176][ T9535] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[ 3336.028836][ T9535] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[ 3336.042176][ T9535] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[ 3336.053343][ T9535] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[ 3336.061741][ T9535] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[ 3336.070244][ T9535] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[ 3336.078705][ T9535] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[ 3336.742765][ T9535] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[ 3336.753346][ T9535] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[ 3336.768092][ T9535] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[ 3336.776502][ T9535] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[ 3336.784620][ T9535] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[ 3336.792027][ T9535] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[ 3337.144682][ T6454] Bluetooth: hci9: command 0x0409 tx timeout
[ 3338.184899][ T6454] Bluetooth: hci10: command 0x0409 tx timeout
[ 3338.824820][ T6454] Bluetooth: hci11: command 0x0409 tx timeout
[ 3339.224262][ T6454] Bluetooth: hci9: command 0x041b tx timeout
[ 3340.264012][ T6454] Bluetooth: hci10: command 0x041b tx timeout
[ 3340.915255][ T6454] Bluetooth: hci11: command 0x041b tx timeout
[ 3341.314159][ T6454] Bluetooth: hci9: command 0x040f tx timeout
[ 3342.344218][ T6454] Bluetooth: hci10: command 0x040f tx timeout
[ 3342.984012][ T6454] Bluetooth: hci11: command 0x040f tx timeout
[ 3343.383982][ T6454] Bluetooth: hci9: command 0x0419 tx timeout
[ 3344.424207][ T6454] Bluetooth: hci10: command 0x0419 tx timeout
[ 3345.064104][ T6454] Bluetooth: hci11: command 0x0419 tx timeout
11:00:41 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0)

[ 3351.957863][ T9535] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[ 3351.966782][ T9535] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[ 3351.976148][ T9535] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[ 3351.985347][ T9535] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[ 3351.994830][ T9535] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[ 3352.002816][ T9535] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[ 3354.024202][ T6454] Bluetooth: hci12: command 0x0409 tx timeout
[ 3355.627209][ T6454] Bluetooth: hci0: command 0x0406 tx timeout
[ 3356.104546][ T9535] Bluetooth: hci12: command 0x041b tx timeout
[ 3358.184178][ T9535] Bluetooth: hci12: command 0x040f tx timeout
[ 3360.263877][ T9535] Bluetooth: hci12: command 0x0419 tx timeout
[ 3365.054743][ T6454] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[ 3365.066222][ T6454] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[ 3365.081783][ T6454] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[ 3365.089770][ T6454] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[ 3365.098852][ T6454] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[ 3365.109324][ T6454] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[ 3367.144087][ T6454] Bluetooth: hci13: command 0x0409 tx timeout
[ 3369.225031][ T6454] Bluetooth: hci13: command 0x041b tx timeout
[ 3371.304053][ T6454] Bluetooth: hci13: command 0x040f tx timeout
[ 3373.384610][ T6454] Bluetooth: hci13: command 0x0419 tx timeout
[ 3389.388245][ T1239] ieee802154 phy0 wpan0: encryption failed: -22
[ 3389.394723][ T1239] ieee802154 phy1 wpan1: encryption failed: -22
[ 3389.395979][   T29] INFO: task kworker/1:2:4487 blocked for more than 143 seconds.
[ 3389.414036][   T29]       Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3389.421600][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 3389.430467][   T29] task:kworker/1:2     state:D stack:20760 pid:4487  tgid:4487  ppid:2      flags:0x00004000
[ 3389.441390][   T29] Workqueue: events switchdev_deferred_process_work
[ 3389.453099][   T29] Call Trace:
[ 3389.456817][   T29]  <TASK>
[ 3389.459775][   T29]  __schedule+0x17d1/0x49f0
[ 3389.465148][   T29]  ? __pfx___schedule+0x10/0x10
[ 3389.470049][   T29]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3389.476712][   T29]  ? __pfx_lock_release+0x10/0x10
[ 3389.481783][   T29]  ? _raw_spin_unlock_irq+0x23/0x50
[ 3389.489905][   T29]  ? lockdep_hardirqs_on+0x98/0x140
[ 3389.495761][   T29]  ? schedule+0x8e/0x260
[ 3389.500036][   T29]  schedule+0x149/0x260
[ 3389.505879][   T29]  schedule_preempt_disabled+0x13/0x30
[ 3389.511381][   T29]  __mutex_lock+0x6a3/0xd70
[ 3389.516585][   T29]  ? __mutex_lock+0x526/0xd70
[ 3389.521301][   T29]  ? switchdev_deferred_process_work+0xe/0x20
[ 3389.528029][   T29]  ? __pfx___mutex_lock+0x10/0x10
[ 3389.533101][   T29]  ? process_scheduled_works+0x825/0x1420
[ 3389.539450][   T29]  switchdev_deferred_process_work+0xe/0x20
[ 3389.545816][   T29]  process_scheduled_works+0x913/0x1420
[ 3389.551429][   T29]  ? __pfx_process_scheduled_works+0x10/0x10
[ 3389.558067][   T29]  ? assign_work+0x364/0x3d0
[ 3389.562694][   T29]  worker_thread+0xa5f/0x1000
[ 3389.568047][   T29]  ? __pfx_worker_thread+0x10/0x10
[ 3389.573277][   T29]  kthread+0x2ef/0x390
[ 3389.577931][   T29]  ? __pfx_worker_thread+0x10/0x10
[ 3389.583087][   T29]  ? __pfx_kthread+0x10/0x10
[ 3389.588280][   T29]  ret_from_fork+0x4b/0x80
[ 3389.592724][   T29]  ? __pfx_kthread+0x10/0x10
[ 3389.599095][   T29]  ret_from_fork_asm+0x1b/0x30
[ 3389.605631][   T29]  </TASK>
[ 3389.612764][   T29] INFO: task dhcpcd:4739 blocked for more than 143 seconds.
[ 3389.620651][   T29]       Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3389.628751][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 3389.637923][   T29] task:dhcpcd          state:D stack:23024 pid:4739  tgid:4739  ppid:1      flags:0x00004002
[ 3389.648589][   T29] Call Trace:
[ 3389.651885][   T29]  <TASK>
[ 3389.655394][   T29]  __schedule+0x17d1/0x49f0
[ 3389.659955][   T29]  ? __pfx___schedule+0x10/0x10
[ 3389.665327][   T29]  ? __pfx_lock_release+0x10/0x10
[ 3389.670388][   T29]  ? __mutex_trylock_common+0x91/0x2e0
[ 3389.676365][   T29]  ? schedule+0x8e/0x260
[ 3389.680631][   T29]  schedule+0x149/0x260
[ 3389.685368][   T29]  schedule_preempt_disabled+0x13/0x30
[ 3389.690851][   T29]  __mutex_lock+0x6a3/0xd70
[ 3389.695966][   T29]  ? __mutex_lock+0x526/0xd70
[ 3389.700671][   T29]  ? vlan_ioctl_handler+0x112/0x9d0
[ 3389.708175][   T29]  ? __pfx___mutex_lock+0x10/0x10
[ 3389.713242][   T29]  ? __might_fault+0xc5/0x120
[ 3389.718551][   T29]  vlan_ioctl_handler+0x112/0x9d0
[ 3389.723596][   T29]  ? sock_ioctl+0x664/0x8e0
[ 3389.728675][   T29]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[ 3389.734936][   T29]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[ 3389.740508][   T29]  sock_ioctl+0x683/0x8e0
[ 3389.745477][   T29]  ? __pfx_sock_ioctl+0x10/0x10
[ 3389.750361][   T29]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 3389.755967][   T29]  ? security_file_ioctl+0x87/0xb0
[ 3389.761170][   T29]  ? __pfx_sock_ioctl+0x10/0x10
[ 3389.766479][   T29]  __se_sys_ioctl+0xfc/0x170
[ 3389.771096][   T29]  do_syscall_64+0xf9/0x240
[ 3389.776162][   T29]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3389.782083][   T29] RIP: 0033:0x7f4a16d9fd49
[ 3389.787028][   T29] RSP: 002b:00007ffcf2f3cab8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3389.795929][   T29] RAX: ffffffffffffffda RBX: 000055610094c6f0 RCX: 00007f4a16d9fd49
[ 3389.804334][   T29] RDX: 00007ffcf2f3cac0 RSI: 0000000000008982 RDI: 0000000000000011
[ 3389.813450][   T29] RBP: 0000000000000002 R08: 0000000000000008 R09: 0000000000000000
[ 3389.825134][   T29] R10: 00007ffcf2f4d140 R11: 0000000000000246 R12: 00007ffcf2f3cac0
[ 3389.833135][   T29] R13: 00007ffcf2f3cb80 R14: 000055610094c6f0 R15: 0000556100865650
[ 3389.841933][   T29]  </TASK>
[ 3389.845514][   T29] INFO: task kworker/1:3:20625 blocked for more than 143 seconds.
[ 3389.853330][   T29]       Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3389.864308][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 3389.873010][   T29] task:kworker/1:3     state:D stack:22704 pid:20625 tgid:20625 ppid:2      flags:0x00004000
[ 3389.883983][   T29] Workqueue: events linkwatch_event
[ 3389.889220][   T29] Call Trace:
[ 3389.892504][   T29]  <TASK>
[ 3389.896039][   T29]  __schedule+0x17d1/0x49f0
[ 3389.900601][   T29]  ? __pfx___schedule+0x10/0x10
[ 3389.906087][   T29]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3389.912660][   T29]  ? __pfx_lock_release+0x10/0x10
[ 3389.918403][   T29]  ? _raw_spin_unlock_irq+0x23/0x50
[ 3389.923628][   T29]  ? lockdep_hardirqs_on+0x98/0x140
[ 3389.930607][   T29]  ? schedule+0x8e/0x260
[ 3389.935273][   T29]  schedule+0x149/0x260
[ 3389.939457][   T29]  schedule_preempt_disabled+0x13/0x30
[ 3389.945482][   T29]  __mutex_lock+0x6a3/0xd70
[ 3389.950024][   T29]  ? __mutex_lock+0x526/0xd70
[ 3389.955709][   T29]  ? linkwatch_event+0xe/0x60
[ 3389.960429][   T29]  ? __pfx___mutex_lock+0x10/0x10
[ 3389.966100][   T29]  ? process_scheduled_works+0x825/0x1420
[ 3389.971847][   T29]  linkwatch_event+0xe/0x60
[ 3389.976956][   T29]  process_scheduled_works+0x913/0x1420
[ 3389.982554][   T29]  ? __pfx_process_scheduled_works+0x10/0x10
[ 3389.989329][   T29]  ? assign_work+0x364/0x3d0
[ 3389.994361][   T29]  worker_thread+0xa5f/0x1000
[ 3389.999092][   T29]  ? __pfx_worker_thread+0x10/0x10
[ 3390.004815][   T29]  kthread+0x2ef/0x390
[ 3390.008905][   T29]  ? __pfx_worker_thread+0x10/0x10
[ 3390.018871][   T29]  ? __pfx_kthread+0x10/0x10
[ 3390.023494][   T29]  ret_from_fork+0x4b/0x80
[ 3390.028566][   T29]  ? __pfx_kthread+0x10/0x10
[ 3390.033181][   T29]  ret_from_fork_asm+0x1b/0x30
[ 3390.039793][   T29]  </TASK>
[ 3390.042882][   T29] INFO: task syz-executor.1:9542 blocked for more than 144 seconds.
[ 3390.051758][   T29]       Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3390.059714][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 3390.068881][   T29] task:syz-executor.1  state:D stack:19408 pid:9542  tgid:9542  ppid:1      flags:0x00004006
[ 3390.083553][   T29] Call Trace:
[ 3390.087263][   T29]  <TASK>
[ 3390.090214][   T29]  __schedule+0x17d1/0x49f0
[ 3390.095388][   T29]  ? __pfx___schedule+0x10/0x10
[ 3390.100268][   T29]  ? __pfx_lock_release+0x10/0x10
[ 3390.105811][   T29]  ? __mutex_trylock_common+0x91/0x2e0
[ 3390.111278][   T29]  ? schedule+0x8e/0x260
[ 3390.117012][   T29]  schedule+0x149/0x260
[ 3390.121187][   T29]  schedule_preempt_disabled+0x13/0x30
[ 3390.127398][   T29]  __mutex_lock+0x6a3/0xd70
[ 3390.131924][   T29]  ? __mutex_lock+0x526/0xd70
[ 3390.137010][   T29]  ? rtnetlink_rcv_msg+0x82c/0x1040
[ 3390.142241][   T29]  ? __pfx___mutex_lock+0x10/0x10
[ 3390.148547][   T29]  rtnetlink_rcv_msg+0x82c/0x1040
[ 3390.153600][   T29]  ? rtnetlink_rcv_msg+0x208/0x1040
[ 3390.160287][   T29]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 3390.166293][   T29]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 3390.172466][   T29]  ? __pfx_validate_chain+0x10/0x10
[ 3390.178653][   T29]  ? __pfx_validate_chain+0x10/0x10
[ 3390.184138][   T29]  ? mark_lock+0x9a/0x350
[ 3390.188482][   T29]  ? __pfx_validate_chain+0x10/0x10
[ 3390.193667][   T29]  ? __lock_acquire+0x1345/0x1fd0
[ 3390.198840][   T29]  ? mark_lock+0x9a/0x350
[ 3390.203178][   T29]  ? __lock_acquire+0x1345/0x1fd0
[ 3390.208437][   T29]  netlink_rcv_skb+0x1e3/0x430
[ 3390.213243][   T29]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 3390.219478][   T29]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 3390.224996][   T29]  ? netlink_deliver_tap+0x2e/0x1b0
[ 3390.230224][   T29]  netlink_unicast+0x7ea/0x980
[ 3390.235171][   T29]  ? __pfx_netlink_unicast+0x10/0x10
[ 3390.240475][   T29]  ? __virt_addr_valid+0x44e/0x520
[ 3390.245772][   T29]  ? __phys_addr_symbol+0x2f/0x70
[ 3390.250825][   T29]  ? __check_object_size+0x4bb/0xa00
[ 3390.257066][   T29]  ? bpf_lsm_netlink_send+0x9/0x10
[ 3390.262219][   T29]  netlink_sendmsg+0xa3b/0xd70
[ 3390.270897][   T29]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3390.279048][   T29]  ? aa_sock_msg_perm+0x91/0x160
[ 3390.284590][   T29]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 3390.289896][   T29]  ? security_socket_sendmsg+0x87/0xb0
[ 3390.296024][   T29]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3390.301330][   T29]  __sock_sendmsg+0x221/0x270
[ 3390.306935][   T29]  __sys_sendto+0x3a4/0x4f0
[ 3390.311548][   T29]  ? __pfx___sys_sendto+0x10/0x10
[ 3390.316994][   T29]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3390.323415][   T29]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 3390.330213][   T29]  __x64_sys_sendto+0xde/0x100
[ 3390.335794][   T29]  do_syscall_64+0xf9/0x240
[ 3390.340329][   T29]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3390.346870][   T29] RIP: 0033:0x7f6f7207fa9c
[ 3390.351309][   T29] RSP: 002b:00007f6f722cf690 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[ 3390.360438][   T29] RAX: ffffffffffffffda RBX: 00007f6f72cd4620 RCX: 00007f6f7207fa9c
[ 3390.369221][   T29] RDX: 000000000000003c RSI: 00007f6f72cd4670 RDI: 0000000000000003
[ 3390.378386][   T29] RBP: 0000000000000000 R08: 00007f6f722cf6e4 R09: 000000000000000c
[ 3390.386784][   T29] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[ 3390.394968][   T29] R13: 0000000000000000 R14: 00007f6f72cd4670 R15: 0000000000000000
[ 3390.402972][   T29]  </TASK>
[ 3390.406378][   T29] INFO: task syz-executor.0:9649 blocked for more than 144 seconds.
[ 3390.414996][   T29]       Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3390.422758][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 3390.432373][   T29] task:syz-executor.0  state:D stack:26768 pid:9649  tgid:9644  ppid:6456   flags:0x00004006
[ 3390.443192][   T29] Call Trace:
[ 3390.446828][   T29]  <TASK>
[ 3390.449756][   T29]  __schedule+0x17d1/0x49f0
[ 3390.454790][   T29]  ? __pfx___schedule+0x10/0x10
[ 3390.459670][   T29]  ? __pfx_lock_release+0x10/0x10
[ 3390.464966][   T29]  ? __mutex_trylock_common+0x91/0x2e0
[ 3390.470459][   T29]  ? schedule+0x8e/0x260
[ 3390.474953][   T29]  schedule+0x149/0x260
[ 3390.479136][   T29]  schedule_preempt_disabled+0x13/0x30
[ 3390.486265][   T29]  __mutex_lock+0x6a3/0xd70
[ 3390.490805][   T29]  ? __mutex_lock+0x526/0xd70
[ 3390.498718][   T29]  ? rtnetlink_rcv_msg+0x82c/0x1040
[ 3390.504161][   T29]  ? __pfx___mutex_lock+0x10/0x10
[ 3390.509213][   T29]  rtnetlink_rcv_msg+0x82c/0x1040
[ 3390.514629][   T29]  ? rtnetlink_rcv_msg+0x208/0x1040
[ 3390.519865][   T29]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 3390.525974][   T29]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3390.531979][   T29]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 3390.538578][   T29]  ? __local_bh_enable_ip+0x168/0x200
[ 3390.544212][   T29]  ? lockdep_hardirqs_on+0x98/0x140
[ 3390.549431][   T29]  ? __local_bh_enable_ip+0x168/0x200
[ 3390.554947][   T29]  ? __dev_queue_xmit+0x2c4/0x3b10
[ 3390.560052][   T29]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 3390.565940][   T29]  ? __dev_queue_xmit+0x2c4/0x3b10
[ 3390.571063][   T29]  ? __dev_queue_xmit+0x15fd/0x3b10
[ 3390.576529][   T29]  ? __dev_queue_xmit+0x2c4/0x3b10
[ 3390.581725][   T29]  ? ref_tracker_free+0x643/0x7e0
[ 3390.587727][   T29]  netlink_rcv_skb+0x1e3/0x430
[ 3390.592527][   T29]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 3390.602778][   T29]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 3390.612160][   T29]  ? netlink_deliver_tap+0x2e/0x1b0
[ 3390.620453][   T29]  netlink_unicast+0x7ea/0x980
[ 3390.625575][   T29]  ? __pfx_netlink_unicast+0x10/0x10
[ 3390.630988][   T29]  ? __virt_addr_valid+0x44e/0x520
[ 3390.637685][   T29]  ? __phys_addr_symbol+0x2f/0x70
[ 3390.642746][   T29]  ? __check_object_size+0x4bb/0xa00
[ 3390.648758][   T29]  ? bpf_lsm_netlink_send+0x9/0x10
[ 3390.654482][   T29]  netlink_sendmsg+0xa3b/0xd70
[ 3390.659268][   T29]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3390.665480][   T29]  ? __import_iovec+0x552/0x890
[ 3390.670357][   T29]  ? aa_sock_msg_perm+0x91/0x160
[ 3390.675936][   T29]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 3390.681252][   T29]  ? security_socket_sendmsg+0x87/0xb0
[ 3390.687130][   T29]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3390.692410][   T29]  __sock_sendmsg+0x221/0x270
[ 3390.698049][   T29]  ____sys_sendmsg+0x525/0x7d0
[ 3390.702856][   T29]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 3390.710402][   T29]  __sys_sendmsg+0x2b0/0x3a0
[ 3390.715307][   T29]  ? __pfx___sys_sendmsg+0x10/0x10
[ 3390.720468][   T29]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 3390.726626][   T29]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 3390.733114][   T29]  ? do_syscall_64+0x108/0x240
[ 3390.738129][   T29]  ? do_syscall_64+0xb4/0x240
[ 3390.742820][   T29]  do_syscall_64+0xf9/0x240
[ 3390.747840][   T29]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3390.753750][   T29] RIP: 0033:0x7fe850a7dda9
[ 3390.758229][   T29] RSP: 002b:00007fe8517090c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3390.767153][   T29] RAX: ffffffffffffffda RBX: 00007fe850bac050 RCX: 00007fe850a7dda9
[ 3390.775415][   T29] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003
[ 3390.783392][   T29] RBP: 00007fe850aca47a R08: 0000000000000000 R09: 0000000000000000
[ 3390.791590][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 3390.799960][   T29] R13: 000000000000006e R14: 00007fe850bac050 R15: 00007fe850ccfa48
[ 3390.808170][   T29]  </TASK>
[ 3390.811219][   T29] INFO: task syz-executor.4:9647 blocked for more than 144 seconds.
[ 3390.819565][   T29]       Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3390.829218][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 3390.838360][   T29] task:syz-executor.4  state:D stack:26768 pid:9647  tgid:9646  ppid:6444   flags:0x00004006
[ 3390.848799][   T29] Call Trace:
[ 3390.852086][   T29]  <TASK>
[ 3390.855518][   T29]  __schedule+0x17d1/0x49f0
[ 3390.860053][   T29]  ? __pfx___schedule+0x10/0x10
[ 3390.865173][   T29]  ? __pfx_lock_release+0x10/0x10
[ 3390.870218][   T29]  ? __mutex_trylock_common+0x91/0x2e0
[ 3390.875955][   T29]  ? schedule+0x8e/0x260
[ 3390.880219][   T29]  schedule+0x149/0x260
[ 3390.884873][   T29]  schedule_preempt_disabled+0x13/0x30
[ 3390.890342][   T29]  __mutex_lock+0x6a3/0xd70
[ 3390.895132][   T29]  ? __mutex_lock+0x526/0xd70
[ 3390.899821][   T29]  ? rtnetlink_rcv_msg+0x82c/0x1040
[ 3390.905307][   T29]  ? __pfx___mutex_lock+0x10/0x10
[ 3390.910353][   T29]  rtnetlink_rcv_msg+0x82c/0x1040
[ 3390.915875][   T29]  ? rtnetlink_rcv_msg+0x208/0x1040
[ 3390.921088][   T29]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 3390.926780][   T29]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3390.932774][   T29]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 3390.940805][   T29]  ? __local_bh_enable_ip+0x168/0x200
[ 3390.946697][   T29]  ? lockdep_hardirqs_on+0x98/0x140
[ 3390.951920][   T29]  ? __local_bh_enable_ip+0x168/0x200
[ 3390.957734][   T29]  ? __dev_queue_xmit+0x2c4/0x3b10
[ 3390.962876][   T29]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 3390.968882][   T29]  ? __dev_queue_xmit+0x2c4/0x3b10
[ 3390.974457][   T29]  ? __dev_queue_xmit+0x15fd/0x3b10
[ 3390.979686][   T29]  ? __dev_queue_xmit+0x2c4/0x3b10
[ 3390.985757][   T29]  ? ref_tracker_free+0x643/0x7e0
[ 3390.990800][   T29]  netlink_rcv_skb+0x1e3/0x430
[ 3390.995845][   T29]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 3391.001321][   T29]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 3391.006906][   T29]  ? netlink_deliver_tap+0x2e/0x1b0
[ 3391.012122][   T29]  netlink_unicast+0x7ea/0x980
[ 3391.017370][   T29]  ? __pfx_netlink_unicast+0x10/0x10
[ 3391.022667][   T29]  ? __virt_addr_valid+0x44e/0x520
[ 3391.028012][   T29]  ? __phys_addr_symbol+0x2f/0x70
[ 3391.033048][   T29]  ? __check_object_size+0x4bb/0xa00
[ 3391.038898][   T29]  ? bpf_lsm_netlink_send+0x9/0x10
[ 3391.046138][   T29]  netlink_sendmsg+0xa3b/0xd70
[ 3391.050932][   T29]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3391.056468][   T29]  ? __import_iovec+0x552/0x890
[ 3391.061335][   T29]  ? aa_sock_msg_perm+0x91/0x160
[ 3391.066527][   T29]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 3391.071825][   T29]  ? security_socket_sendmsg+0x87/0xb0
[ 3391.077774][   T29]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3391.083090][   T29]  __sock_sendmsg+0x221/0x270
[ 3391.088048][   T29]  ____sys_sendmsg+0x525/0x7d0
[ 3391.092842][   T29]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 3391.098422][   T29]  __sys_sendmsg+0x2b0/0x3a0
[ 3391.103030][   T29]  ? __pfx___sys_sendmsg+0x10/0x10
[ 3391.108596][   T29]  ? restore_fpregs_from_fpstate+0x100/0x250
[ 3391.114853][   T29]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 3391.121196][   T29]  ? do_syscall_64+0x108/0x240
[ 3391.126209][   T29]  ? do_syscall_64+0xb4/0x240
[ 3391.130891][   T29]  do_syscall_64+0xf9/0x240
[ 3391.135904][   T29]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3391.142025][   T29] RIP: 0033:0x7f288f87dda9
[ 3391.146893][   T29] RSP: 002b:00007f288ebff0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3391.157255][   T29] RAX: ffffffffffffffda RBX: 00007f288f9abf80 RCX: 00007f288f87dda9
[ 3391.165737][   T29] RDX: 0000000000000000 RSI: 0000000020000600 RDI: 0000000000000003
[ 3391.173729][   T29] RBP: 00007f288f8ca47a R08: 0000000000000000 R09: 0000000000000000
[ 3391.181939][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 3391.190061][   T29] R13: 000000000000000b R14: 00007f288f9abf80 R15: 00007f288facfa48
[ 3391.198653][   T29]  </TASK>
[ 3391.201741][   T29] INFO: task syz-executor.4:9650 blocked for more than 145 seconds.
[ 3391.210005][   T29]       Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3391.217797][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 3391.227141][   T29] task:syz-executor.4  state:D stack:26768 pid:9650  tgid:9646  ppid:6444   flags:0x00004006
[ 3391.237602][   T29] Call Trace:
[ 3391.240897][   T29]  <TASK>
[ 3391.244339][   T29]  __schedule+0x17d1/0x49f0
[ 3391.248883][   T29]  ? __pfx___schedule+0x10/0x10
[ 3391.253729][   T29]  ? __pfx_lock_release+0x10/0x10
[ 3391.259256][   T29]  ? __mutex_trylock_common+0x91/0x2e0
[ 3391.266412][   T29]  ? schedule+0x8e/0x260
[ 3391.270676][   T29]  schedule+0x149/0x260
[ 3391.275114][   T29]  schedule_preempt_disabled+0x13/0x30
[ 3391.280586][   T29]  __mutex_lock+0x6a3/0xd70
[ 3391.285527][   T29]  ? __mutex_lock+0x526/0xd70
[ 3391.290213][   T29]  ? rtnetlink_rcv_msg+0x82c/0x1040
[ 3391.295684][   T29]  ? __pfx___mutex_lock+0x10/0x10
[ 3391.300734][   T29]  rtnetlink_rcv_msg+0x82c/0x1040
[ 3391.306221][   T29]  ? rtnetlink_rcv_msg+0x208/0x1040
[ 3391.311447][   T29]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 3391.317540][   T29]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3391.323556][   T29]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 3391.330134][   T29]  ? __local_bh_enable_ip+0x168/0x200
[ 3391.335790][   T29]  ? lockdep_hardirqs_on+0x98/0x140
[ 3391.341014][   T29]  ? __local_bh_enable_ip+0x168/0x200
[ 3391.347068][   T29]  ? __dev_queue_xmit+0x2c4/0x3b10
[ 3391.352205][   T29]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 3391.358202][   T29]  ? __dev_queue_xmit+0x2c4/0x3b10
[ 3391.363378][   T29]  ? __dev_queue_xmit+0x15fd/0x3b10
[ 3391.368816][   T29]  ? __dev_queue_xmit+0x2c4/0x3b10
[ 3391.376072][   T29]  ? ref_tracker_free+0x643/0x7e0
[ 3391.381127][   T29]  netlink_rcv_skb+0x1e3/0x430
[ 3391.386096][   T29]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 3391.391671][   T29]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 3391.397195][   T29]  ? netlink_deliver_tap+0x2e/0x1b0
[ 3391.402421][   T29]  netlink_unicast+0x7ea/0x980
[ 3391.407683][   T29]  ? __pfx_netlink_unicast+0x10/0x10
[ 3391.412987][   T29]  ? __virt_addr_valid+0x44e/0x520
[ 3391.418367][   T29]  ? __phys_addr_symbol+0x2f/0x70
[ 3391.423410][   T29]  ? __check_object_size+0x4bb/0xa00
[ 3391.428950][   T29]  ? bpf_lsm_netlink_send+0x9/0x10
[ 3391.434560][   T29]  netlink_sendmsg+0xa3b/0xd70
[ 3391.439338][   T29]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3391.444886][   T29]  ? __import_iovec+0x552/0x890
[ 3391.449948][   T29]  ? aa_sock_msg_perm+0x91/0x160
[ 3391.455212][   T29]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 3391.460519][   T29]  ? security_socket_sendmsg+0x87/0xb0
[ 3391.465997][ T6454] Bluetooth: hci1: command 0x0406 tx timeout
[ 3391.472442][   T29]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3391.478003][   T29]  __sock_sendmsg+0x221/0x270
[ 3391.482702][   T29]  ____sys_sendmsg+0x525/0x7d0
[ 3391.487910][   T29]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 3391.493231][   T29]  __sys_sendmsg+0x2b0/0x3a0
[ 3391.502838][   T29]  ? __pfx___sys_sendmsg+0x10/0x10
[ 3391.508287][   T29]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 3391.514802][   T29]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 3391.521168][   T29]  ? do_syscall_64+0x108/0x240
[ 3391.526308][   T29]  ? do_syscall_64+0xb4/0x240
[ 3391.530987][   T29]  do_syscall_64+0xf9/0x240
[ 3391.536004][   T29]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3391.541922][   T29] RIP: 0033:0x7f288f87dda9
[ 3391.546582][   T29] RSP: 002b:00007f288ebde0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3391.555594][   T29] RAX: ffffffffffffffda RBX: 00007f288f9ac050 RCX: 00007f288f87dda9
[ 3391.563582][   T29] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003
[ 3391.571731][   T29] RBP: 00007f288f8ca47a R08: 0000000000000000 R09: 0000000000000000
[ 3391.580334][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 3391.593538][   T29] R13: 000000000000006e R14: 00007f288f9ac050 R15: 00007f288facfa48
[ 3391.601962][   T29]  </TASK>
[ 3391.608562][   T29] INFO: task syz-executor.2:9652 blocked for more than 145 seconds.
[ 3391.617237][   T29]       Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3391.625193][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 3391.634423][   T29] task:syz-executor.2  state:D stack:26672 pid:9652  tgid:9651  ppid:6457   flags:0x00004006
[ 3391.645067][   T29] Call Trace:
[ 3391.648342][   T29]  <TASK>
[ 3391.651468][   T29]  __schedule+0x17d1/0x49f0
[ 3391.656856][   T29]  ? __pfx___schedule+0x10/0x10
[ 3391.661726][   T29]  ? __pfx_lock_release+0x10/0x10
[ 3391.667399][   T29]  ? __mutex_trylock_common+0x91/0x2e0
[ 3391.672883][   T29]  ? schedule+0x8e/0x260
[ 3391.677694][   T29]  schedule+0x149/0x260
[ 3391.681852][   T29]  schedule_preempt_disabled+0x13/0x30
[ 3391.687611][   T29]  __mutex_lock+0x6a3/0xd70
[ 3391.692158][   T29]  ? __mutex_lock+0x526/0xd70
[ 3391.698534][   T29]  ? rtnetlink_rcv_msg+0x82c/0x1040
[ 3391.703804][   T29]  ? __pfx___mutex_lock+0x10/0x10
[ 3391.708871][   T29]  rtnetlink_rcv_msg+0x82c/0x1040
[ 3391.714337][   T29]  ? rtnetlink_rcv_msg+0x208/0x1040
[ 3391.719563][   T29]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 3391.725248][   T29]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3391.731247][   T29]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 3391.737872][   T29]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[ 3391.743985][   T29]  ? lockdep_hardirqs_on+0x98/0x140
[ 3391.749200][   T29]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 3391.756513][   T29]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 3391.762919][   T29]  ? __dev_queue_xmit+0x15fd/0x3b10
[ 3391.768260][   T29]  ? rcu_preempt_deferred_qs_irqrestore+0x87b/0xc70
[ 3391.775098][   T29]  ? __dev_queue_xmit+0x2c4/0x3b10
[ 3391.780233][   T29]  netlink_rcv_skb+0x1e3/0x430
[ 3391.785155][   T29]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 3391.790627][   T29]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 3391.796163][   T29]  ? __rcu_read_unlock+0xa0/0x110
[ 3391.801197][   T29]  ? netlink_deliver_tap+0x2e/0x1b0
[ 3391.806681][   T29]  netlink_unicast+0x7ea/0x980
[ 3391.811480][   T29]  ? __pfx_netlink_unicast+0x10/0x10
[ 3391.818061][   T29]  ? __virt_addr_valid+0x44e/0x520
[ 3391.823206][   T29]  ? __phys_addr_symbol+0x2f/0x70
[ 3391.828740][   T29]  ? __check_object_size+0x4bb/0xa00
[ 3391.834297][   T29]  ? bpf_lsm_netlink_send+0x9/0x10
[ 3391.839425][   T29]  netlink_sendmsg+0xa3b/0xd70
[ 3391.844333][   T29]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3391.849625][   T29]  ? __import_iovec+0x552/0x890
[ 3391.854721][   T29]  ? aa_sock_msg_perm+0x91/0x160
[ 3391.860247][   T29]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 3391.865782][   T29]  ? security_socket_sendmsg+0x87/0xb0
[ 3391.871315][   T29]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3391.876813][   T29]  __sock_sendmsg+0x221/0x270
[ 3391.881525][   T29]  ____sys_sendmsg+0x525/0x7d0
[ 3391.886384][   T29]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 3391.891669][   T29]  __sys_sendmsg+0x2b0/0x3a0
[ 3391.896507][   T29]  ? __pfx___sys_sendmsg+0x10/0x10
[ 3391.901648][   T29]  ? restore_fpregs_from_fpstate+0x100/0x250
[ 3391.907835][   T29]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 3391.914441][   T29]  ? do_syscall_64+0x108/0x240
[ 3391.919227][   T29]  ? do_syscall_64+0xb4/0x240
[ 3391.925267][   T29]  do_syscall_64+0xf9/0x240
[ 3391.929796][   T29]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3391.935910][   T29] RIP: 0033:0x7f8ab607dda9
[ 3391.940344][   T29] RSP: 002b:00007f8ab6de20c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3391.948953][   T29] RAX: ffffffffffffffda RBX: 00007f8ab61abf80 RCX: 00007f8ab607dda9
[ 3391.957194][   T29] RDX: 0000000000000000 RSI: 0000000020000600 RDI: 0000000000000004
[ 3391.965890][   T29] RBP: 00007f8ab60ca47a R08: 0000000000000000 R09: 0000000000000000
[ 3391.974111][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 3391.982100][   T29] R13: 000000000000000b R14: 00007f8ab61abf80 R15: 00007f8ab62cfa48
[ 3391.990220][   T29]  </TASK>
[ 3391.997369][   T29] INFO: task syz-executor.2:9654 blocked for more than 145 seconds.
[ 3392.012760][   T29]       Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3392.020723][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 3392.029946][   T29] task:syz-executor.2  state:D stack:26768 pid:9654  tgid:9651  ppid:6457   flags:0x00004006
[ 3392.040698][   T29] Call Trace:
[ 3392.046159][   T29]  <TASK>
[ 3392.049322][   T29]  __schedule+0x17d1/0x49f0
[ 3392.054134][   T29]  ? __pfx___schedule+0x10/0x10
[ 3392.059003][   T29]  ? __pfx_lock_release+0x10/0x10
[ 3392.064694][   T29]  ? __mutex_trylock_common+0x91/0x2e0
[ 3392.070175][   T29]  ? schedule+0x8e/0x260
[ 3392.074691][   T29]  schedule+0x149/0x260
[ 3392.078868][   T29]  schedule_preempt_disabled+0x13/0x30
[ 3392.084504][   T29]  __mutex_lock+0x6a3/0xd70
[ 3392.089004][   T29]  ? __mutex_lock+0x526/0xd70
[ 3392.093666][   T29]  ? rtnetlink_rcv_msg+0x82c/0x1040
[ 3392.099288][   T29]  ? __pfx___mutex_lock+0x10/0x10
[ 3392.104791][   T29]  rtnetlink_rcv_msg+0x82c/0x1040
[ 3392.109842][   T29]  ? rtnetlink_rcv_msg+0x208/0x1040
[ 3392.115333][   T29]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 3392.120819][   T29]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[ 3392.127181][   T29]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 3392.133508][   T29]  ? __local_bh_enable_ip+0x168/0x200
[ 3392.139130][   T29]  ? lockdep_hardirqs_on+0x98/0x140
[ 3392.144478][   T29]  ? __local_bh_enable_ip+0x168/0x200
[ 3392.149841][   T29]  ? __dev_queue_xmit+0x2c4/0x3b10
[ 3392.157200][   T29]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 3392.163178][   T29]  ? __dev_queue_xmit+0x2c4/0x3b10
[ 3392.168542][   T29]  ? __dev_queue_xmit+0x15fd/0x3b10
[ 3392.174011][   T29]  ? __dev_queue_xmit+0x2c4/0x3b10
[ 3392.179152][   T29]  ? ref_tracker_free+0x643/0x7e0
[ 3392.184491][   T29]  netlink_rcv_skb+0x1e3/0x430
[ 3392.189253][   T29]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 3392.194967][   T29]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 3392.200278][   T29]  ? netlink_deliver_tap+0x2e/0x1b0
[ 3392.205752][   T29]  netlink_unicast+0x7ea/0x980
[ 3392.210533][   T29]  ? __pfx_netlink_unicast+0x10/0x10
[ 3392.216190][   T29]  ? __virt_addr_valid+0x44e/0x520
[ 3392.221296][   T29]  ? __phys_addr_symbol+0x2f/0x70
[ 3392.226582][   T29]  ? __check_object_size+0x4bb/0xa00
[ 3392.231889][   T29]  ? bpf_lsm_netlink_send+0x9/0x10
[ 3392.237304][   T29]  netlink_sendmsg+0xa3b/0xd70
[ 3392.242091][   T29]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3392.247764][   T29]  ? __import_iovec+0x552/0x890
[ 3392.252619][   T29]  ? aa_sock_msg_perm+0x91/0x160
[ 3392.257824][   T29]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 3392.263126][   T29]  ? security_socket_sendmsg+0x87/0xb0
[ 3392.269631][   T29]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3392.277957][   T29]  __sock_sendmsg+0x221/0x270
[ 3392.282643][   T29]  ____sys_sendmsg+0x525/0x7d0
[ 3392.288188][   T29]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 3392.293511][   T29]  __sys_sendmsg+0x2b0/0x3a0
[ 3392.298714][   T29]  ? __pfx___sys_sendmsg+0x10/0x10
[ 3392.304028][   T29]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 3392.309946][   T29]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 3392.316521][   T29]  ? do_syscall_64+0x108/0x240
[ 3392.321304][   T29]  ? do_syscall_64+0xb4/0x240
[ 3392.326139][   T29]  do_syscall_64+0xf9/0x240
[ 3392.330657][   T29]  entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 3392.336737][   T29] RIP: 0033:0x7f8ab607dda9
[ 3392.341158][   T29] RSP: 002b:00007f8ab6dc10c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3392.350704][   T29] RAX: ffffffffffffffda RBX: 00007f8ab61ac050 RCX: 00007f8ab607dda9
[ 3392.362060][   T29] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000004
[ 3392.371172][   T29] RBP: 00007f8ab60ca47a R08: 0000000000000000 R09: 0000000000000000
[ 3392.381336][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 3392.389681][   T29] R13: 000000000000006e R14: 00007f8ab61ac050 R15: 00007f8ab62cfa48
[ 3392.398449][   T29]  </TASK>
[ 3392.401513][   T29] 
[ 3392.401513][   T29] Showing all locks held in the system:
[ 3392.410149][   T29] 1 lock held by khungtaskd/29:
[ 3392.415709][   T29]  #0: ffffffff8e130ae0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[ 3392.426469][   T29] 3 locks held by kworker/1:2/4487:
[ 3392.431684][   T29]  #0: ffff888014c8c938 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[ 3392.443213][   T29]  #1: ffffc9000d977d20 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[ 3392.454806][   T29]  #2: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20
[ 3392.465736][   T29] 2 locks held by dhcpcd/4739:
[ 3392.470702][   T29]  #0: ffffffff8f35a4a8 (vlan_ioctl_mutex){+.+.}-{3:3}, at: sock_ioctl+0x664/0x8e0
[ 3392.481000][   T29]  #1: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: vlan_ioctl_handler+0x112/0x9d0
[ 3392.491720][   T29] 2 locks held by getty/4829:
[ 3392.496666][   T29]  #0: ffff88802afbc0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 3392.506765][   T29]  #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b4/0x1e10
[ 3392.517453][   T29] 3 locks held by kworker/0:6/7648:
[ 3392.522659][   T29]  #0: ffff888029a8f938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[ 3392.534725][   T29]  #1: ffffc9000b1dfd20 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[ 3392.548916][   T29]  #2: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30
[ 3392.558727][   T29] 5 locks held by kworker/u4:0/13499:
[ 3392.564366][   T29]  #0: ffff8880162f4938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[ 3392.576032][   T29]  #1: ffffc90004727d20 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[ 3392.586822][   T29]  #2: ffffffff8f3689d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xf5/0xb90
[ 3392.598014][   T29]  #3: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe8/0x9d0
[ 3392.608472][   T29]  #4: ffffffff8e136478 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x3a3/0x890
[ 3392.619589][   T29] 3 locks held by kworker/1:3/20625:
[ 3392.625146][   T29]  #0: ffff888014c8c938 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[ 3392.636533][   T29]  #1: ffffc900052efd20 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[ 3392.647762][   T29]  #2: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[ 3392.657022][   T29] 3 locks held by kworker/1:4/6542:
[ 3392.662218][   T29]  #0: ffff888029a8f938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[ 3392.674637][   T29]  #1: ffffc90004767d20 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[ 3392.688839][   T29]  #2: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30
[ 3392.698721][   T29] 2 locks held by kworker/1:5/9456:
[ 3392.705417][   T29]  #0: ffff888014c8e538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[ 3392.716642][   T29]  #1: ffffc90009d7fd20 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[ 3392.729015][   T29] 1 lock held by syz-executor.1/9542:
[ 3392.734890][   T29]  #0: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x82c/0x1040
[ 3392.744738][   T29] 1 lock held by syz-executor.0/9649:
[ 3392.750120][   T29]  #0: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x82c/0x1040
[ 3392.759803][   T29] 1 lock held by syz-executor.4/9647:
[ 3392.765656][   T29]  #0: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x82c/0x1040
[ 3392.775434][   T29] 1 lock held by syz-executor.4/9650:
[ 3392.780970][   T29]  #0: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x82c/0x1040
[ 3392.790751][   T29] 1 lock held by syz-executor.2/9652:
[ 3392.796627][   T29]  #0: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x82c/0x1040
[ 3392.806400][   T29] 1 lock held by syz-executor.2/9654:
[ 3392.811774][   T29]  #0: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x82c/0x1040
[ 3392.822489][   T29] 2 locks held by syz-executor.0/9679:
[ 3392.828824][   T29]  #0: ffffffff8f3689d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c7/0x7b0
[ 3392.838528][   T29]  #1: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_net_init+0x10a/0x1e0
[ 3392.848260][   T29] 2 locks held by syz-executor.2/9688:
[ 3392.853718][   T29]  #0: ffffffff8f3689d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c7/0x7b0
[ 3392.863621][   T29]  #1: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_net_init+0x10a/0x1e0
[ 3392.873205][   T29] 2 locks held by syz-executor.4/9690:
[ 3392.878893][   T29]  #0: ffffffff8f3689d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c7/0x7b0
[ 3392.889043][   T29]  #1: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_net_init+0x10a/0x1e0
[ 3392.898623][   T29] 2 locks held by syz-executor.1/9732:
[ 3392.904303][   T29]  #0: ffffffff8f3689d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c7/0x7b0
[ 3392.913738][   T29]  #1: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_net_init+0x10a/0x1e0
[ 3392.923645][   T29] 1 lock held by syz-executor.3/9757:
[ 3392.930266][   T29]  #0: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x82c/0x1040
[ 3392.940012][   T29] 1 lock held by syz-executor.3/9758:
[ 3392.945754][   T29]  #0: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x82c/0x1040
[ 3392.955515][   T29] 1 lock held by syz-executor.3/9759:
[ 3392.960903][   T29]  #0: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x82c/0x1040
[ 3392.970567][   T29] 2 locks held by syz-executor.0/9765:
[ 3392.976422][   T29]  #0: ffffffff8f3689d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c7/0x7b0
[ 3392.986533][   T29]  #1: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_net_init+0x10a/0x1e0
[ 3392.996153][   T29] 2 locks held by syz-executor.4/9768:
[ 3393.001609][   T29]  #0: ffffffff8f3689d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c7/0x7b0
[ 3393.011390][   T29]  #1: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_net_init+0x10a/0x1e0
[ 3393.021025][   T29] 2 locks held by syz-executor.2/9771:
[ 3393.026620][   T29]  #0: ffffffff8f3689d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c7/0x7b0
[ 3393.038204][   T29]  #1: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_net_init+0x10a/0x1e0
[ 3393.047895][   T29] 2 locks held by syz-executor.3/9775:
[ 3393.053351][   T29]  #0: ffffffff8f3689d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c7/0x7b0
[ 3393.063004][   T29]  #1: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_net_init+0x10a/0x1e0
[ 3393.073062][   T29] 2 locks held by syz-executor.1/9780:
[ 3393.078768][   T29]  #0: ffffffff8f3689d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c7/0x7b0
[ 3393.088703][   T29]  #1: ffffffff8f374f48 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_net_init+0x10a/0x1e0
[ 3393.098544][   T29] 
[ 3393.100887][   T29] =============================================
[ 3393.100887][   T29] 
[ 3393.109523][   T29] NMI backtrace for cpu 0
[ 3393.113865][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3393.123674][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3393.133713][   T29] Call Trace:
[ 3393.136976][   T29]  <TASK>
[ 3393.139893][   T29]  dump_stack_lvl+0x1e7/0x2e0
[ 3393.144561][   T29]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3393.149741][   T29]  ? __pfx__printk+0x10/0x10
[ 3393.154313][   T29]  ? vprintk_emit+0x607/0x720
[ 3393.158975][   T29]  ? __pfx_vprintk_emit+0x10/0x10
[ 3393.164002][   T29]  nmi_cpu_backtrace+0x49c/0x4d0
[ 3393.168955][   T29]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 3393.174428][   T29]  ? _printk+0xd5/0x120
[ 3393.178621][   T29]  ? __pfx__printk+0x10/0x10
[ 3393.183196][   T29]  ? __wake_up_klogd+0xcc/0x110
[ 3393.188043][   T29]  ? __pfx__printk+0x10/0x10
[ 3393.192627][   T29]  ? __rcu_read_unlock+0xa0/0x110
[ 3393.197650][   T29]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 3393.203613][   T29]  nmi_trigger_cpumask_backtrace+0x198/0x320
[ 3393.209576][   T29]  watchdog+0xfaf/0xff0
[ 3393.213719][   T29]  ? watchdog+0x1e9/0xff0
[ 3393.218047][   T29]  ? __pfx_watchdog+0x10/0x10
[ 3393.222728][   T29]  kthread+0x2ef/0x390
[ 3393.226786][   T29]  ? __pfx_watchdog+0x10/0x10
[ 3393.231455][   T29]  ? __pfx_kthread+0x10/0x10
[ 3393.236035][   T29]  ret_from_fork+0x4b/0x80
[ 3393.240441][   T29]  ? __pfx_kthread+0x10/0x10
[ 3393.245019][   T29]  ret_from_fork_asm+0x1b/0x30
[ 3393.249829][   T29]  </TASK>
[ 3393.254792][   T29] Sending NMI from CPU 0 to CPUs 1:
[ 3393.260026][    C1] NMI backtrace for cpu 1
[ 3393.260036][    C1] CPU: 1 PID: 2472 Comm: kworker/u4:10 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3393.260054][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3393.260065][    C1] Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet
[ 3393.260152][    C1] RIP: 0010:batadv_iv_ogm_schedule+0xa07/0x1090
[ 3393.260175][    C1] Code: 30 48 c1 e8 03 48 89 44 24 60 49 c7 c7 00 0c 89 94 49 8d 5e 78 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 80 3c 08 00 <74> 08 48 89 df e8 0f 3b c7 f6 48 8b 1b 48 b8 00 00 00 00 00 fc ff
[ 3393.260190][    C1] RSP: 0018:ffffc90004737a00 EFLAGS: 00000246
[ 3393.260204][    C1] RAX: 1ffff11005d70c0f RBX: ffff88802eb86078 RCX: dffffc0000000000
[ 3393.260216][    C1] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000000
[ 3393.260227][    C1] RBP: ffffc90004737b38 R08: ffffffff8b2e5143 R09: 1ffff110168fd404
[ 3393.260239][    C1] R10: dffffc0000000000 R11: ffffed10168fd405 R12: ffff8880b47e9078
[ 3393.260251][    C1] R13: ffff8880b47e9000 R14: ffff88802eb86000 R15: ffffffff94890c00
[ 3393.260264][    C1] FS:  0000000000000000(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[ 3393.260278][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 3393.260289][    C1] CR2: 000056183053a608 CR3: 000000000df32000 CR4: 00000000003506f0
[ 3393.260303][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 00000000effac4fc
[ 3393.260313][    C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 3393.260323][    C1] Call Trace:
[ 3393.260328][    C1]  <NMI>
[ 3393.260335][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[ 3393.260351][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 3393.260374][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 3393.260389][    C1]  ? nmi_handle+0x2a/0x580
[ 3393.260420][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 3393.260438][    C1]  ? nmi_handle+0x14f/0x580
[ 3393.260453][    C1]  ? nmi_handle+0x2a/0x580
[ 3393.260468][    C1]  ? batadv_iv_ogm_schedule+0xa07/0x1090
[ 3393.260488][    C1]  ? default_do_nmi+0x63/0x160
[ 3393.260503][    C1]  ? exc_nmi+0x121/0x210
[ 3393.260518][    C1]  ? end_repeat_nmi+0xf/0x60
[ 3393.260545][    C1]  ? batadv_iv_ogm_schedule+0xcb3/0x1090
[ 3393.260566][    C1]  ? batadv_iv_ogm_schedule+0xa07/0x1090
[ 3393.260586][    C1]  ? batadv_iv_ogm_schedule+0xa07/0x1090
[ 3393.260608][    C1]  ? batadv_iv_ogm_schedule+0xa07/0x1090
[ 3393.260628][    C1]  </NMI>
[ 3393.260634][    C1]  <TASK>
[ 3393.260643][    C1]  ? batadv_iv_ogm_schedule+0x8b8/0x1090
[ 3393.260666][    C1]  ? __pfx_batadv_iv_ogm_schedule+0x10/0x10
[ 3393.260688][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 3393.260713][    C1]  batadv_iv_send_outstanding_bat_ogm_packet+0x6fe/0x810
[ 3393.260743][    C1]  ? process_scheduled_works+0x825/0x1420
[ 3393.260766][    C1]  process_scheduled_works+0x913/0x1420
[ 3393.260803][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[ 3393.260830][    C1]  ? assign_work+0x364/0x3d0
[ 3393.260855][    C1]  worker_thread+0xa5f/0x1000
[ 3393.260894][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 3393.260916][    C1]  kthread+0x2ef/0x390
[ 3393.260932][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 3393.260953][    C1]  ? __pfx_kthread+0x10/0x10
[ 3393.260970][    C1]  ret_from_fork+0x4b/0x80
[ 3393.260990][    C1]  ? __pfx_kthread+0x10/0x10
[ 3393.261006][    C1]  ret_from_fork_asm+0x1b/0x30
[ 3393.261035][    C1]  </TASK>
[ 3393.266344][   T29] Kernel panic - not syncing: hung_task: blocked tasks
[ 3393.266357][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
[ 3393.266382][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[ 3393.266392][   T29] Call Trace:
[ 3393.266398][   T29]  <TASK>
[ 3393.266405][   T29]  dump_stack_lvl+0x1e7/0x2e0
[ 3393.266434][   T29]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3393.266455][   T29]  ? __pfx__printk+0x10/0x10
[ 3393.266481][   T29]  ? vscnprintf+0x5d/0x90
[ 3393.266499][   T29]  panic+0x349/0x860
[ 3393.266520][   T29]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 3393.266538][   T29]  ? __pfx_panic+0x10/0x10
[ 3393.266554][   T29]  ? tick_nohz_tick_stopped+0x7b/0xc0
[ 3393.266573][   T29]  ? __irq_work_queue_local+0x137/0x3e0
[ 3393.266594][   T29]  ? preempt_schedule_thunk+0x1a/0x30
[ 3393.266611][   T29]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 3393.266626][   T29]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[ 3393.266644][   T29]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[ 3393.266662][   T29]  watchdog+0xfee/0xff0
[ 3393.266685][   T29]  ? watchdog+0x1e9/0xff0
[ 3393.266710][   T29]  ? __pfx_watchdog+0x10/0x10
[ 3393.266731][   T29]  kthread+0x2ef/0x390
[ 3393.266748][   T29]  ? __pfx_watchdog+0x10/0x10
[ 3393.266768][   T29]  ? __pfx_kthread+0x10/0x10
[ 3393.266785][   T29]  ret_from_fork+0x4b/0x80
[ 3393.266806][   T29]  ? __pfx_kthread+0x10/0x10
[ 3393.266823][   T29]  ret_from_fork_asm+0x1b/0x30
[ 3393.266856][   T29]  </TASK>
[ 3393.268199][   T29] Kernel Offset: disabled
[ 3393.727603][   T29] Rebooting in 86400 seconds..