etlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
10:16:09 executing program 4:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$PPPIOCATTACH(r0, 0xc004743e, &(0x7f0000000040))
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, 0x0)

10:16:09 executing program 3:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCSARP(r0, 0xc0189436, &(0x7f0000000040)={{0x2, 0x0, @multicast1}, {0x0, @link_local}, 0x0, {0x2, 0x0, @multicast2}, 'batadv_slave_0\x00'})

[ 2805.655240][ T3303] device bridge1769 entered promiscuous mode
[ 2805.796903][ T3311] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2805.802249][ T3306] device macvtap2159 entered promiscuous mode
[ 2805.823887][ T3311] CPU: 1 PID: 3311 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2805.834266][ T3311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2805.844334][ T3311] Call Trace:
[ 2805.847617][ T3311]  <TASK>
[ 2805.850555][ T3311]  dump_stack_lvl+0xd1/0x138
[ 2805.855171][ T3311]  dump_header+0x10b/0x85f
[ 2805.859605][ T3311]  oom_kill_process.cold+0x10/0x15
[ 2805.864736][ T3311]  out_of_memory+0x35c/0x14a0
[ 2805.869449][ T3311]  ? find_held_lock+0x2d/0x110
[ 2805.874254][ T3311]  ? oom_killer_disable+0x280/0x280
[ 2805.879479][ T3311]  ? find_held_lock+0x2d/0x110
[ 2805.884269][ T3311]  mem_cgroup_out_of_memory+0x206/0x270
[ 2805.889834][ T3311]  ? mem_cgroup_margin+0x130/0x130
[ 2805.894960][ T3311]  ? lock_downgrade+0x6e0/0x6e0
[ 2805.899853][ T3311]  try_charge_memcg+0xef8/0x12f0
[ 2805.904819][ T3311]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2805.910820][ T3311]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2805.916557][ T3311]  ? lock_downgrade+0x6e0/0x6e0
[ 2805.921460][ T3311]  obj_cgroup_charge+0x2af/0x5e0
[ 2805.926428][ T3311]  ? vm_area_dup+0x85/0x380
[ 2805.930949][ T3311]  kmem_cache_alloc+0xa3/0x3d0
[ 2805.935739][ T3311]  vm_area_dup+0x85/0x380
[ 2805.940085][ T3311]  ? mt_slot+0xa1/0x170
[ 2805.944254][ T3311]  ? mas_next_nentry+0x610/0xab0
[ 2805.949206][ T3311]  ? mas_next_node+0x547/0xa00
[ 2805.954002][ T3311]  ? mas_find+0x211/0xd10
[ 2805.958360][ T3311]  ? vm_area_alloc+0x100/0x100
[ 2805.963139][ T3311]  ? validate_mm_mt+0x149/0x1b0
[ 2805.968015][ T3311]  ? remove_vma+0x130/0x130
[ 2805.972544][ T3311]  ? can_vma_merge_before+0x390/0x390
[ 2805.977943][ T3311]  __split_vma+0xae/0x5e0
[ 2805.982296][ T3311]  ? vma_merge+0x2cf/0x870
[ 2805.986739][ T3311]  split_vma+0xa3/0xe0
[ 2805.990830][ T3311]  mprotect_fixup+0x6cb/0x960
[ 2805.995538][ T3311]  ? mas_find+0x211/0xd10
[ 2805.999880][ T3311]  ? change_protection+0x4290/0x4290
[ 2806.005199][ T3311]  do_mprotect_pkey+0x6fd/0xa70
[ 2806.010083][ T3311]  ? mprotect_fixup+0x960/0x960
[ 2806.014959][ T3311]  ? up_write+0x1b0/0x520
[ 2806.019351][ T3311]  __x64_sys_mprotect+0x78/0xb0
[ 2806.024231][ T3311]  do_syscall_64+0x39/0xb0
[ 2806.028669][ T3311]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2806.034582][ T3311] RIP: 0033:0x7f8325a8c1e7
[ 2806.039010][ T3311] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2806.058629][ T3311] RSP: 002b:00007fff9cb6b1f8 EFLAGS: 00000206 ORIG_RAX: 000000000000000a
[ 2806.067055][ T3311] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f8325a8c1e7
[ 2806.075032][ T3311] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f8326769000
[ 2806.083008][ T3311] RBP: 00007fff9cb6b2d0 R08: 00000000ffffffff R09: 00007f8326788700
[ 2806.090995][ T3311] R10: 0000000000020022 R11: 0000000000000206 R12: 00007fff9cb6b3f0
[ 2806.098972][ T3311] R13: 00007f8326788700 R14: 0000000000000000 R15: 0000000000022000
[ 2806.106968][ T3311]  </TASK>
[ 2806.170236][ T3311] memory: usage 307200kB, limit 307200kB, failcnt 63849
[ 2806.180498][ T3311] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2806.188201][ T3311] Memory cgroup stats for /syz2:
[ 2806.188431][ T3311] anon 143360
[ 2806.188431][ T3311] file 417792
[ 2806.188431][ T3311] kernel 314011648
[ 2806.188431][ T3311] kernel_stack 65536
[ 2806.188431][ T3311] pagetables 77824
[ 2806.188431][ T3311] sec_pagetables 0
[ 2806.188431][ T3311] percpu 5357600
[ 2806.188431][ T3311] sock 0
[ 2806.188431][ T3311] vmalloc 0
[ 2806.188431][ T3311] shmem 417792
[ 2806.188431][ T3311] zswap 0
[ 2806.188431][ T3311] zswapped 0
[ 2806.188431][ T3311] file_mapped 417792
[ 2806.188431][ T3311] file_dirty 0
[ 2806.188431][ T3311] file_writeback 0
[ 2806.188431][ T3311] swapcached 0
[ 2806.188431][ T3311] anon_thp 0
[ 2806.188431][ T3311] file_thp 0
[ 2806.188431][ T3311] shmem_thp 0
[ 2806.188431][ T3311] inactive_anon 147456
[ 2806.188431][ T3311] active_anon 413696
[ 2806.188431][ T3311] inactive_file 0
[ 2806.188431][ T3311] active_file 0
[ 2806.188431][ T3311] unevictable 0
[ 2806.188431][ T3311] slab_reclaimable 14280
[ 2806.188431][ T3311] slab_unreclaimable 308463520
[ 2806.285327][ T3307] device macvtap2160 entered promiscuous mode
[ 2806.295664][ T3311] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3311,uid=0
[ 2806.316562][ T3311] Memory cgroup out of memory: Killed process 3311 (syz-executor.2) total-vm:54672kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 2806.350193][ T3322] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2806.365536][ T3322] CPU: 0 PID: 3322 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2806.375891][ T3322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2806.385956][ T3322] Call Trace:
[ 2806.389226][ T3322]  <TASK>
[ 2806.392146][ T3322]  dump_stack_lvl+0xd1/0x138
[ 2806.396733][ T3322]  dump_header+0x10b/0x85f
[ 2806.401142][ T3322]  oom_kill_process.cold+0x10/0x15
[ 2806.406245][ T3322]  out_of_memory+0x35c/0x14a0
[ 2806.410919][ T3322]  ? oom_killer_disable+0x280/0x280
[ 2806.416119][ T3322]  ? find_held_lock+0x2d/0x110
[ 2806.420900][ T3322]  mem_cgroup_out_of_memory+0x206/0x270
[ 2806.426474][ T3322]  ? mem_cgroup_margin+0x130/0x130
[ 2806.431596][ T3322]  ? lock_downgrade+0x6e0/0x6e0
[ 2806.436495][ T3322]  try_charge_memcg+0xef8/0x12f0
[ 2806.441463][ T3322]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2806.447467][ T3322]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2806.453202][ T3322]  ? lock_downgrade+0x6e0/0x6e0
[ 2806.458098][ T3322]  obj_cgroup_charge+0x2af/0x5e0
[ 2806.463061][ T3322]  ? vm_area_dup+0x85/0x380
[ 2806.467577][ T3322]  kmem_cache_alloc+0xa3/0x3d0
[ 2806.472373][ T3322]  vm_area_dup+0x85/0x380
[ 2806.476715][ T3322]  ? mt_slot+0xa1/0x170
[ 2806.480882][ T3322]  ? mas_next_nentry+0x610/0xab0
[ 2806.485838][ T3322]  ? mas_next_node+0x547/0xa00
[ 2806.490633][ T3322]  ? mas_find+0x211/0xd10
[ 2806.494986][ T3322]  ? vm_area_alloc+0x100/0x100
[ 2806.499760][ T3322]  ? validate_mm_mt+0x149/0x1b0
[ 2806.504631][ T3322]  ? remove_vma+0x130/0x130
[ 2806.509157][ T3322]  ? can_vma_merge_before+0x390/0x390
[ 2806.514576][ T3322]  __split_vma+0xae/0x5e0
[ 2806.518935][ T3322]  ? vma_merge+0x2cf/0x870
[ 2806.523380][ T3322]  split_vma+0xa3/0xe0
[ 2806.527478][ T3322]  mprotect_fixup+0x6cb/0x960
[ 2806.532186][ T3322]  ? mas_find+0x211/0xd10
[ 2806.536536][ T3322]  ? change_protection+0x4290/0x4290
[ 2806.541859][ T3322]  do_mprotect_pkey+0x6fd/0xa70
[ 2806.546749][ T3322]  ? mprotect_fixup+0x960/0x960
[ 2806.551631][ T3322]  ? up_write+0x1b0/0x520
[ 2806.556026][ T3322]  __x64_sys_mprotect+0x78/0xb0
[ 2806.560911][ T3322]  do_syscall_64+0x39/0xb0
[ 2806.565355][ T3322]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2806.571277][ T3322] RIP: 0033:0x7f69a668c1e7
[ 2806.575703][ T3322] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2806.595324][ T3322] RSP: 002b:00007ffea4dd30a8 EFLAGS: 00000206 ORIG_RAX: 000000000000000a
[ 2806.603755][ T3322] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f69a668c1e7
[ 2806.611736][ T3322] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f69a744d000
[ 2806.619716][ T3322] RBP: 00007ffea4dd3180 R08: 00000000ffffffff R09: 00007f69a746c700
[ 2806.627696][ T3322] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffea4dd32a0
[ 2806.635674][ T3322] R13: 00007f69a746c700 R14: 0000000000000000 R15: 0000000000022000
[ 2806.643684][ T3322]  </TASK>
[ 2806.659073][ T3322] memory: usage 307200kB, limit 307200kB, failcnt 10263
[ 2806.666056][ T3322] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2806.673108][ T3317] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2806.682476][ T3322] Memory cgroup stats for /syz1:
[ 2806.682777][ T3322] anon 143360
[ 2806.682777][ T3322] file 393216
[ 2806.682777][ T3322] kernel 314036224
[ 2806.682777][ T3322] kernel_stack 65536
[ 2806.682777][ T3322] pagetables 81920
[ 2806.682777][ T3322] sec_pagetables 0
[ 2806.682777][ T3322] percpu 5356416
[ 2806.682777][ T3322] sock 0
[ 2806.682777][ T3322] vmalloc 0
[ 2806.682777][ T3322] shmem 385024
[ 2806.682777][ T3322] zswap 0
[ 2806.682777][ T3322] zswapped 0
[ 2806.682777][ T3322] file_mapped 385024
[ 2806.682777][ T3322] file_dirty 0
[ 2806.682777][ T3322] file_writeback 0
[ 2806.682777][ T3322] swapcached 0
[ 2806.682777][ T3322] anon_thp 0
[ 2806.682777][ T3322] file_thp 0
[ 2806.682777][ T3322] shmem_thp 0
[ 2806.682777][ T3322] inactive_anon 188416
[ 2806.682777][ T3322] active_anon 339968
[ 2806.682777][ T3322] inactive_file 4096
[ 2806.682777][ T3322] active_file 4096
[ 2806.682777][ T3322] unevictable 0
[ 2806.682777][ T3322] slab_reclaimable 16512
[ 2806.682777][ T3322] slab_unreclaimable 308471536
10:16:11 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x6558}, 0x0)

10:16:11 executing program 0:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$PPPIOCATTACH(r0, 0xc004743e, &(0x7f0000000000)=0xb90d0100)

10:16:11 executing program 3:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$PPPIOCATTACH(r0, 0xc004743e, &(0x7f0000000000))
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000040)=0x7f)

[ 2806.799698][ T3322] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3322,uid=0
[ 2806.831109][ T3322] Memory cgroup out of memory: Killed process 3322 (syz-executor.1) total-vm:54672kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
10:16:11 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3303}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

10:16:11 executing program 4:
r0 = socket(0xa, 0x3, 0x2)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

[ 2806.897325][ T3324] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
10:16:11 executing program 4:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$PPPIOCATTACH(r0, 0xc004743e, &(0x7f0000000000))

[ 2807.070610][ T3334] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[ 2807.113724][ T3334] CPU: 1 PID: 3334 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2807.124101][ T3334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2807.134180][ T3334] Call Trace:
[ 2807.137476][ T3334]  <TASK>
[ 2807.140425][ T3334]  dump_stack_lvl+0xd1/0x138
[ 2807.145043][ T3334]  dump_header+0x10b/0x85f
[ 2807.149476][ T3334]  oom_kill_process.cold+0x10/0x15
[ 2807.154625][ T3334]  out_of_memory+0x35c/0x14a0
[ 2807.159345][ T3334]  ? find_held_lock+0x2d/0x110
[ 2807.164145][ T3334]  ? oom_killer_disable+0x280/0x280
[ 2807.169355][ T3334]  ? find_held_lock+0x2d/0x110
[ 2807.174173][ T3334]  mem_cgroup_out_of_memory+0x206/0x270
[ 2807.179754][ T3334]  ? mem_cgroup_margin+0x130/0x130
[ 2807.184891][ T3334]  ? lock_downgrade+0x6e0/0x6e0
[ 2807.189804][ T3334]  try_charge_memcg+0xef8/0x12f0
[ 2807.194786][ T3334]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2807.200807][ T3334]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2807.206559][ T3334]  ? lock_downgrade+0x6e0/0x6e0
[ 2807.211460][ T3334]  ? lock_downgrade+0x6e0/0x6e0
[ 2807.216375][ T3334]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2807.221961][ T3334]  __alloc_pages+0x1f3/0x5b0
[ 2807.226594][ T3334]  ? __alloc_pages_slowpath.constprop.0+0x23d0/0x23d0
[ 2807.233397][ T3334]  ? find_held_lock+0x2d/0x110
[ 2807.238213][ T3334]  alloc_pages+0x1aa/0x270
[ 2807.242669][ T3334]  pte_alloc_one+0x1a/0x230
[ 2807.247195][ T3334]  __pte_alloc+0x6d/0x260
[ 2807.251536][ T3334]  ? pmd_install+0x160/0x160
[ 2807.256164][ T3334]  ? hugepage_vma_check+0x24e/0x830
[ 2807.261405][ T3334]  ? _raw_spin_unlock+0x28/0x40
[ 2807.266278][ T3334]  ? __pmd_alloc+0x30c/0x5d0
[ 2807.270878][ T3334]  __handle_mm_fault+0x3527/0x3a40
[ 2807.276026][ T3334]  ? vm_iomap_memory+0x190/0x190
[ 2807.281023][ T3334]  handle_mm_fault+0x1cc/0x780
[ 2807.285810][ T3334]  do_user_addr_fault+0x475/0x1210
[ 2807.290935][ T3334]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2807.296525][ T3334]  exc_page_fault+0x98/0x170
[ 2807.301147][ T3334]  asm_exc_page_fault+0x26/0x30
[ 2807.306023][ T3334] RIP: 0033:0x7f8325a2bd79
[ 2807.310444][ T3334] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2807.330077][ T3334] RSP: 002b:00007fff9cb6b2a0 EFLAGS: 00010246
[ 2807.336160][ T3334] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2807.344132][ T3334] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000555555b4e2e8
[ 2807.352124][ T3334] RBP: 00007fff9cb6b398 R08: 0000000000000000 R09: 0000000000000000
[ 2807.360117][ T3334] R10: 00007f83256000c8 R11: 0000000000000246 R12: 00000000002ad4dd
[ 2807.368113][ T3334] R13: 00007fff9cb6b3c0 R14: 00007f8325babf80 R15: 0000000000000032
[ 2807.376109][ T3334]  </TASK>
[ 2807.383317][ T3334] memory: usage 307200kB, limit 307200kB, failcnt 63978
[ 2807.390679][ T3334] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2807.397894][ T3334] Memory cgroup stats for /syz2:
[ 2807.398091][ T3334] anon 135168
[ 2807.398091][ T3334] file 417792
[ 2807.398091][ T3334] kernel 314019840
[ 2807.398091][ T3334] kernel_stack 65536
[ 2807.398091][ T3334] pagetables 73728
[ 2807.398091][ T3334] sec_pagetables 0
[ 2807.398091][ T3334] percpu 5357600
[ 2807.398091][ T3334] sock 0
[ 2807.398091][ T3334] vmalloc 0
[ 2807.398091][ T3334] shmem 417792
[ 2807.398091][ T3334] zswap 0
[ 2807.398091][ T3334] zswapped 0
[ 2807.398091][ T3334] file_mapped 417792
[ 2807.398091][ T3334] file_dirty 0
[ 2807.398091][ T3334] file_writeback 0
[ 2807.398091][ T3334] swapcached 0
[ 2807.398091][ T3334] anon_thp 0
[ 2807.398091][ T3334] file_thp 0
[ 2807.398091][ T3334] shmem_thp 0
[ 2807.398091][ T3334] inactive_anon 110592
[ 2807.398091][ T3334] active_anon 413696
[ 2807.398091][ T3334] inactive_file 0
[ 2807.398091][ T3334] active_file 0
[ 2807.398091][ T3334] unevictable 0
[ 2807.398091][ T3334] slab_reclaimable 14280
[ 2807.398091][ T3334] slab_unreclaimable 308469280
[ 2807.496747][ T3334] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3334,uid=0
10:16:11 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3400}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

10:16:11 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x39, @local}]}, 0x48}}, 0x0)

[ 2807.512845][ T3334] Memory cgroup out of memory: Killed process 3334 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
[ 2807.544806][ T3331] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2807.619113][ T3331] device bridge1770 entered promiscuous mode
[ 2807.671223][ T3341] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2807.682641][ T3341] CPU: 0 PID: 3341 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2807.693009][ T3341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2807.703090][ T3341] Call Trace:
[ 2807.706383][ T3341]  <TASK>
[ 2807.709331][ T3341]  dump_stack_lvl+0xd1/0x138
[ 2807.713968][ T3341]  dump_header+0x10b/0x85f
[ 2807.718421][ T3341]  oom_kill_process.cold+0x10/0x15
[ 2807.723567][ T3341]  out_of_memory+0x35c/0x14a0
[ 2807.728284][ T3341]  ? find_held_lock+0x2d/0x110
[ 2807.733080][ T3341]  ? oom_killer_disable+0x280/0x280
[ 2807.738310][ T3341]  ? find_held_lock+0x2d/0x110
[ 2807.743116][ T3341]  mem_cgroup_out_of_memory+0x206/0x270
[ 2807.748681][ T3341]  ? mem_cgroup_margin+0x130/0x130
[ 2807.753806][ T3341]  ? lock_downgrade+0x6e0/0x6e0
[ 2807.758703][ T3341]  try_charge_memcg+0xef8/0x12f0
[ 2807.763667][ T3341]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2807.769670][ T3341]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2807.775406][ T3341]  ? lock_downgrade+0x6e0/0x6e0
[ 2807.780303][ T3341]  obj_cgroup_charge+0x2af/0x5e0
[ 2807.785276][ T3341]  ? __anon_vma_prepare+0x64/0x580
[ 2807.790398][ T3341]  kmem_cache_alloc+0xa3/0x3d0
[ 2807.795188][ T3341]  __anon_vma_prepare+0x64/0x580
[ 2807.800139][ T3341]  ? __pmd_alloc+0x30c/0x5d0
[ 2807.804744][ T3341]  __handle_mm_fault+0x35bc/0x3a40
[ 2807.809884][ T3341]  ? vm_iomap_memory+0x190/0x190
[ 2807.814862][ T3341]  handle_mm_fault+0x1cc/0x780
[ 2807.819645][ T3341]  do_user_addr_fault+0x475/0x1210
[ 2807.824779][ T3341]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2807.830359][ T3341]  exc_page_fault+0x98/0x170
[ 2807.834965][ T3341]  asm_exc_page_fault+0x26/0x30
[ 2807.839838][ T3341] RIP: 0033:0x7f8325a2bd79
[ 2807.844262][ T3341] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2807.863878][ T3341] RSP: 002b:00007fff9cb6b2a0 EFLAGS: 00010246
[ 2807.869957][ T3341] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2807.877934][ T3341] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000555555b4e2e8
[ 2807.885912][ T3341] RBP: 00007fff9cb6b398 R08: 0000000000000000 R09: 0000000000000000
[ 2807.893888][ T3341] R10: 00007f83256000c8 R11: 0000000000000246 R12: 00000000002ad72c
[ 2807.901867][ T3341] R13: 00007fff9cb6b3c0 R14: 00007f8325babf80 R15: 0000000000000032
[ 2807.909865][ T3341]  </TASK>
[ 2807.945825][ T3333] device macvtap2160 entered promiscuous mode
[ 2807.954870][ T3341] memory: usage 307200kB, limit 307200kB, failcnt 64069
[ 2807.972293][ T3341] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2807.991928][ T3341] Memory cgroup stats for /syz2:
[ 2807.992136][ T3341] anon 135168
[ 2807.992136][ T3341] file 417792
[ 2807.992136][ T3341] kernel 314019840
[ 2807.992136][ T3341] kernel_stack 65536
[ 2807.992136][ T3341] pagetables 77824
[ 2807.992136][ T3341] sec_pagetables 0
[ 2807.992136][ T3341] percpu 5357600
[ 2807.992136][ T3341] sock 0
[ 2807.992136][ T3341] vmalloc 0
[ 2807.992136][ T3341] shmem 417792
[ 2807.992136][ T3341] zswap 0
[ 2807.992136][ T3341] zswapped 0
[ 2807.992136][ T3341] file_mapped 417792
[ 2807.992136][ T3341] file_dirty 0
[ 2807.992136][ T3341] file_writeback 0
[ 2807.992136][ T3341] swapcached 0
[ 2807.992136][ T3341] anon_thp 0
[ 2807.992136][ T3341] file_thp 0
[ 2807.992136][ T3341] shmem_thp 0
[ 2807.992136][ T3341] inactive_anon 139264
[ 2807.992136][ T3341] active_anon 413696
[ 2807.992136][ T3341] inactive_file 0
[ 2807.992136][ T3341] active_file 0
[ 2807.992136][ T3341] unevictable 0
[ 2807.992136][ T3341] slab_reclaimable 14280
[ 2807.992136][ T3341] slab_unreclaimable 308469280
[ 2808.064291][ T3336] device macvtap2161 entered promiscuous mode
[ 2808.092846][ T3341] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3341,uid=0
[ 2808.108871][ T3341] Memory cgroup out of memory: Killed process 3341 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 2808.126902][ T3343] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2808.143306][ T3343] CPU: 0 PID: 3343 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2808.153675][ T3343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2808.163753][ T3343] Call Trace:
[ 2808.167046][ T3343]  <TASK>
[ 2808.169993][ T3343]  dump_stack_lvl+0xd1/0x138
[ 2808.174620][ T3343]  dump_header+0x10b/0x85f
[ 2808.179078][ T3343]  oom_kill_process.cold+0x10/0x15
[ 2808.184232][ T3343]  out_of_memory+0x35c/0x14a0
[ 2808.188959][ T3343]  ? oom_killer_disable+0x280/0x280
[ 2808.194186][ T3343]  ? find_held_lock+0x2d/0x110
[ 2808.198970][ T3343]  mem_cgroup_out_of_memory+0x206/0x270
[ 2808.204548][ T3343]  ? mem_cgroup_margin+0x130/0x130
[ 2808.209686][ T3343]  ? lock_downgrade+0x6e0/0x6e0
[ 2808.214598][ T3343]  try_charge_memcg+0xef8/0x12f0
[ 2808.219579][ T3343]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2808.225603][ T3343]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2808.231356][ T3343]  ? lock_downgrade+0x6e0/0x6e0
[ 2808.236245][ T3343]  obj_cgroup_charge+0x2af/0x5e0
[ 2808.241189][ T3343]  ? vm_area_dup+0x85/0x380
[ 2808.245688][ T3343]  kmem_cache_alloc+0xa3/0x3d0
[ 2808.250464][ T3343]  vm_area_dup+0x85/0x380
[ 2808.254813][ T3343]  ? mt_slot+0xa1/0x170
[ 2808.258985][ T3343]  ? mas_next_nentry+0x610/0xab0
[ 2808.263939][ T3343]  ? mas_next_node+0x547/0xa00
[ 2808.268734][ T3343]  ? mas_find+0x211/0xd10
[ 2808.273093][ T3343]  ? vm_area_alloc+0x100/0x100
[ 2808.277870][ T3343]  ? validate_mm_mt+0x149/0x1b0
[ 2808.282741][ T3343]  ? remove_vma+0x130/0x130
[ 2808.287272][ T3343]  ? can_vma_merge_before+0x390/0x390
[ 2808.292676][ T3343]  __split_vma+0xae/0x5e0
[ 2808.297022][ T3343]  ? vma_merge+0x2cf/0x870
[ 2808.301466][ T3343]  split_vma+0xa3/0xe0
[ 2808.305559][ T3343]  mprotect_fixup+0x6cb/0x960
[ 2808.310268][ T3343]  ? mas_find+0x211/0xd10
[ 2808.314613][ T3343]  ? change_protection+0x4290/0x4290
[ 2808.319935][ T3343]  do_mprotect_pkey+0x6fd/0xa70
[ 2808.324816][ T3343]  ? mprotect_fixup+0x960/0x960
[ 2808.329689][ T3343]  ? up_write+0x1b0/0x520
[ 2808.334075][ T3343]  __x64_sys_mprotect+0x78/0xb0
[ 2808.338955][ T3343]  do_syscall_64+0x39/0xb0
[ 2808.343397][ T3343]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2808.349317][ T3343] RIP: 0033:0x7f69a668c1e7
[ 2808.353743][ T3343] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2808.373359][ T3343] RSP: 002b:00007ffea4dd30a8 EFLAGS: 00000206 ORIG_RAX: 000000000000000a
[ 2808.381782][ T3343] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f69a668c1e7
[ 2808.389760][ T3343] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f69a744d000
10:16:12 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3401}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2808.397735][ T3343] RBP: 00007ffea4dd3180 R08: 00000000ffffffff R09: 00007f69a746c700
[ 2808.405712][ T3343] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffea4dd32a0
[ 2808.413689][ T3343] R13: 00007f69a746c700 R14: 0000000000000000 R15: 0000000000022000
[ 2808.421688][ T3343]  </TASK>
[ 2808.434255][ T3343] memory: usage 307200kB, limit 307200kB, failcnt 10424
[ 2808.459792][ T3343] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2808.468524][ T3343] Memory cgroup stats for /syz1:
[ 2808.468700][ T3343] anon 143360
[ 2808.468700][ T3343] file 393216
[ 2808.468700][ T3343] kernel 314036224
[ 2808.468700][ T3343] kernel_stack 65536
[ 2808.468700][ T3343] pagetables 81920
[ 2808.468700][ T3343] sec_pagetables 0
[ 2808.468700][ T3343] percpu 5356416
[ 2808.468700][ T3343] sock 0
[ 2808.468700][ T3343] vmalloc 0
[ 2808.468700][ T3343] shmem 385024
[ 2808.468700][ T3343] zswap 0
[ 2808.468700][ T3343] zswapped 0
[ 2808.468700][ T3343] file_mapped 385024
[ 2808.468700][ T3343] file_dirty 0
[ 2808.468700][ T3343] file_writeback 0
[ 2808.468700][ T3343] swapcached 0
[ 2808.468700][ T3343] anon_thp 0
[ 2808.468700][ T3343] file_thp 0
[ 2808.468700][ T3343] shmem_thp 0
[ 2808.468700][ T3343] inactive_anon 188416
[ 2808.468700][ T3343] active_anon 339968
[ 2808.468700][ T3343] inactive_file 4096
[ 2808.468700][ T3343] active_file 4096
[ 2808.468700][ T3343] unevictable 0
[ 2808.468700][ T3343] slab_reclaimable 16512
10:16:12 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x6800}, 0x0)

[ 2808.468700][ T3343] slab_unreclaimable 308477696
[ 2808.568184][ T3344] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2808.577464][ T3343] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3343,uid=0
10:16:12 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x32, 0x0, 0x0)

[ 2808.602014][ T3343] Memory cgroup out of memory: Killed process 3343 (syz-executor.1) total-vm:54672kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2808.659560][ T3345] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2808.679296][ T3345] CPU: 1 PID: 3345 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2808.689673][ T3345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2808.699748][ T3345] Call Trace:
[ 2808.703049][ T3345]  <TASK>
[ 2808.706000][ T3345]  dump_stack_lvl+0xd1/0x138
[ 2808.710647][ T3345]  dump_header+0x10b/0x85f
[ 2808.715100][ T3345]  oom_kill_process.cold+0x10/0x15
[ 2808.720247][ T3345]  out_of_memory+0x35c/0x14a0
[ 2808.724964][ T3345]  ? find_held_lock+0x2d/0x110
[ 2808.729779][ T3345]  ? oom_killer_disable+0x280/0x280
[ 2808.735015][ T3345]  ? find_held_lock+0x2d/0x110
[ 2808.739822][ T3345]  mem_cgroup_out_of_memory+0x206/0x270
[ 2808.745401][ T3345]  ? mem_cgroup_margin+0x130/0x130
[ 2808.750544][ T3345]  ? lock_downgrade+0x6e0/0x6e0
[ 2808.755461][ T3345]  try_charge_memcg+0xef8/0x12f0
[ 2808.760448][ T3345]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2808.766469][ T3345]  ? rcu_read_unlock+0x9/0x60
[ 2808.771159][ T3345]  ? lock_downgrade+0x6e0/0x6e0
[ 2808.776055][ T3345]  charge_memcg+0x99/0x3b0
[ 2808.780500][ T3345]  __mem_cgroup_charge+0x2b/0x90
[ 2808.785458][ T3345]  ? _compound_head+0x5d/0x150
[ 2808.790246][ T3345]  __handle_mm_fault+0x17e7/0x3a40
[ 2808.795380][ T3345]  ? vm_iomap_memory+0x190/0x190
[ 2808.800359][ T3345]  handle_mm_fault+0x1cc/0x780
[ 2808.805148][ T3345]  do_user_addr_fault+0x475/0x1210
[ 2808.810278][ T3345]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2808.815853][ T3345]  exc_page_fault+0x98/0x170
[ 2808.820458][ T3345]  asm_exc_page_fault+0x26/0x30
[ 2808.825333][ T3345] RIP: 0033:0x7f8325a2bd79
[ 2808.829759][ T3345] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2808.849389][ T3345] RSP: 002b:00007fff9cb6b2a0 EFLAGS: 00010246
[ 2808.855471][ T3345] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2808.863453][ T3345] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000555555b4e2e8
[ 2808.871430][ T3345] RBP: 00007fff9cb6b398 R08: 0000000000000000 R09: 0000000000000000
[ 2808.879408][ T3345] R10: 00007f83256000c8 R11: 0000000000000246 R12: 00000000002adb1b
[ 2808.887388][ T3345] R13: 00007fff9cb6b3c0 R14: 00007f8325babf80 R15: 0000000000000032
[ 2808.895388][ T3345]  </TASK>
10:16:13 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x3d, @local}]}, 0x48}}, 0x0)

10:16:13 executing program 0:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$PPPIOCATTACH(r0, 0xc0189436, &(0x7f0000000000))

[ 2808.914341][ T3345] memory: usage 307200kB, limit 307200kB, failcnt 64171
[ 2808.957578][ T3348] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
10:16:13 executing program 0:
r0 = socket$inet(0x2, 0x2, 0x1)
getsockopt$inet_opts(r0, 0x0, 0x4, 0x0, &(0x7f00000000c0))

10:16:13 executing program 3:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$PPPIOCATTACH(r0, 0xc004743e, &(0x7f0000000000))
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000040)=0x7f)

[ 2809.023169][ T3348] device bridge1771 entered promiscuous mode
[ 2809.048084][ T3345] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2809.058727][ T3345] Memory cgroup stats for /syz2:
[ 2809.058958][ T3345] anon 135168
[ 2809.058958][ T3345] file 417792
[ 2809.058958][ T3345] kernel 314019840
[ 2809.058958][ T3345] kernel_stack 65536
[ 2809.058958][ T3345] pagetables 77824
[ 2809.058958][ T3345] sec_pagetables 0
[ 2809.058958][ T3345] percpu 5357600
[ 2809.058958][ T3345] sock 0
[ 2809.058958][ T3345] vmalloc 0
[ 2809.058958][ T3345] shmem 417792
[ 2809.058958][ T3345] zswap 0
[ 2809.058958][ T3345] zswapped 0
[ 2809.058958][ T3345] file_mapped 417792
[ 2809.058958][ T3345] file_dirty 0
[ 2809.058958][ T3345] file_writeback 0
[ 2809.058958][ T3345] swapcached 0
[ 2809.058958][ T3345] anon_thp 0
[ 2809.058958][ T3345] file_thp 0
[ 2809.058958][ T3345] shmem_thp 0
[ 2809.058958][ T3345] inactive_anon 139264
[ 2809.058958][ T3345] active_anon 413696
[ 2809.058958][ T3345] inactive_file 0
[ 2809.058958][ T3345] active_file 0
[ 2809.058958][ T3345] unevictable 0
[ 2809.058958][ T3345] slab_reclaimable 14280
[ 2809.058958][ T3345] slab_unreclaimable 308469680
10:16:13 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000100)=@nat={'nat\x00', 0x1b, 0x7fffffe, 0x360, 0xe8, 0x280, 0xffffffff, 0x0, 0x280, 0x490, 0x490, 0xffffffff, 0x490, 0x490, 0x5, 0x0, {[{{@ip={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'geneve1\x00', 'caif0\x00'}, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @remote, @dev, @port, @gre_key}}}}, {{@uncond, 0x0, 0x70, 0xb8}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv6=@dev, @ipv6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @port, @icmp_id}}}, {{@uncond, 0x0, 0x70, 0xb0}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "363d0c859743257a3dfcb1ce13432ada5d0a91af9780ad1845ba756b1831"}}, {{@uncond, 0x0, 0x70, 0xb8}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv4=@broadcast, @port, @gre_key}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3c0)

10:16:13 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3402}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2809.165840][ T3345] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3345,uid=0
[ 2809.183870][ T3345] Memory cgroup out of memory: Killed process 3345 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 2809.261493][ T3350] device macvtap2161 entered promiscuous mode
[ 2809.329946][ T3352] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2809.366564][ T3352] CPU: 1 PID: 3352 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
10:16:13 executing program 4:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x8917, &(0x7f0000000180)={'sit0\x00', 0x0})

[ 2809.376944][ T3352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2809.387025][ T3352] Call Trace:
[ 2809.390316][ T3352]  <TASK>
[ 2809.393263][ T3352]  dump_stack_lvl+0xd1/0x138
[ 2809.397895][ T3352]  dump_header+0x10b/0x85f
[ 2809.402345][ T3352]  oom_kill_process.cold+0x10/0x15
[ 2809.407498][ T3352]  out_of_memory+0x35c/0x14a0
[ 2809.412220][ T3352]  ? find_held_lock+0x2d/0x110
[ 2809.417031][ T3352]  ? oom_killer_disable+0x280/0x280
[ 2809.422270][ T3352]  ? find_held_lock+0x2d/0x110
[ 2809.427087][ T3352]  mem_cgroup_out_of_memory+0x206/0x270
[ 2809.432670][ T3352]  ? mem_cgroup_margin+0x130/0x130
[ 2809.437817][ T3352]  ? lock_downgrade+0x6e0/0x6e0
[ 2809.442736][ T3352]  try_charge_memcg+0xef8/0x12f0
[ 2809.447716][ T3352]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2809.453732][ T3352]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2809.459471][ T3352]  ? lock_downgrade+0x6e0/0x6e0
[ 2809.464373][ T3352]  obj_cgroup_charge+0x2af/0x5e0
[ 2809.469336][ T3352]  ? vm_area_dup+0x85/0x380
[ 2809.473850][ T3352]  kmem_cache_alloc+0xa3/0x3d0
[ 2809.478636][ T3352]  vm_area_dup+0x85/0x380
[ 2809.482977][ T3352]  ? mt_slot+0xa1/0x170
[ 2809.487151][ T3352]  ? mas_next_nentry+0x610/0xab0
[ 2809.492105][ T3352]  ? mas_next_node+0x547/0xa00
[ 2809.496899][ T3352]  ? mas_find+0x211/0xd10
[ 2809.501256][ T3352]  ? vm_area_alloc+0x100/0x100
[ 2809.506031][ T3352]  ? validate_mm_mt+0x149/0x1b0
[ 2809.510903][ T3352]  ? remove_vma+0x130/0x130
[ 2809.515433][ T3352]  ? can_vma_merge_before+0x390/0x390
[ 2809.520848][ T3352]  __split_vma+0xae/0x5e0
[ 2809.525206][ T3352]  ? vma_merge+0x2cf/0x870
[ 2809.529657][ T3352]  split_vma+0xa3/0xe0
[ 2809.533755][ T3352]  mprotect_fixup+0x6cb/0x960
[ 2809.538464][ T3352]  ? mas_find+0x211/0xd10
[ 2809.542815][ T3352]  ? change_protection+0x4290/0x4290
[ 2809.548146][ T3352]  do_mprotect_pkey+0x6fd/0xa70
[ 2809.553036][ T3352]  ? mprotect_fixup+0x960/0x960
[ 2809.557915][ T3352]  ? up_write+0x1b0/0x520
[ 2809.562306][ T3352]  __x64_sys_mprotect+0x78/0xb0
[ 2809.567185][ T3352]  do_syscall_64+0x39/0xb0
[ 2809.571625][ T3352]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2809.577539][ T3352] RIP: 0033:0x7f69a668c1e7
[ 2809.581966][ T3352] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2809.601586][ T3352] RSP: 002b:00007ffea4dd30a8 EFLAGS: 00000206 ORIG_RAX: 000000000000000a
[ 2809.610018][ T3352] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f69a668c1e7
[ 2809.617998][ T3352] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f69a744d000
[ 2809.625990][ T3352] RBP: 00007ffea4dd3180 R08: 00000000ffffffff R09: 00007f69a746c700
[ 2809.633968][ T3352] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffea4dd32a0
[ 2809.641948][ T3352] R13: 00007f69a746c700 R14: 0000000000000000 R15: 0000000000022000
[ 2809.649962][ T3352]  </TASK>
[ 2809.673538][ T3352] memory: usage 307200kB, limit 307200kB, failcnt 10553
[ 2809.680842][ T3352] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2809.688410][ T3352] Memory cgroup stats for /syz1:
[ 2809.688661][ T3352] anon 143360
[ 2809.688661][ T3352] file 393216
[ 2809.688661][ T3352] kernel 314036224
[ 2809.688661][ T3352] kernel_stack 65536
[ 2809.688661][ T3352] pagetables 81920
[ 2809.688661][ T3352] sec_pagetables 0
[ 2809.688661][ T3352] percpu 5356416
[ 2809.688661][ T3352] sock 0
[ 2809.688661][ T3352] vmalloc 0
[ 2809.688661][ T3352] shmem 385024
[ 2809.688661][ T3352] zswap 0
[ 2809.688661][ T3352] zswapped 0
[ 2809.688661][ T3352] file_mapped 385024
[ 2809.688661][ T3352] file_dirty 0
[ 2809.688661][ T3352] file_writeback 0
[ 2809.688661][ T3352] swapcached 0
[ 2809.688661][ T3352] anon_thp 0
[ 2809.688661][ T3352] file_thp 0
[ 2809.688661][ T3352] shmem_thp 0
[ 2809.688661][ T3352] inactive_anon 188416
[ 2809.688661][ T3352] active_anon 339968
[ 2809.688661][ T3352] inactive_file 4096
[ 2809.688661][ T3352] active_file 4096
[ 2809.688661][ T3352] unevictable 0
[ 2809.688661][ T3352] slab_reclaimable 16512
[ 2809.688661][ T3352] slab_unreclaimable 308477696
[ 2809.706690][ T3353] device macvtap2162 entered promiscuous mode
[ 2809.788229][ T3352] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3352,uid=0
[ 2809.806357][ T3352] Memory cgroup out of memory: Killed process 3352 (syz-executor.1) total-vm:54672kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2809.836533][ T3365] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2809.861179][ T3365] CPU: 0 PID: 3365 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2809.871545][ T3365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2809.881625][ T3365] Call Trace:
[ 2809.884925][ T3365]  <TASK>
[ 2809.887876][ T3365]  dump_stack_lvl+0xd1/0x138
[ 2809.892509][ T3365]  dump_header+0x10b/0x85f
[ 2809.896963][ T3365]  oom_kill_process.cold+0x10/0x15
[ 2809.902114][ T3365]  out_of_memory+0x35c/0x14a0
[ 2809.906833][ T3365]  ? find_held_lock+0x2d/0x110
[ 2809.911639][ T3365]  ? oom_killer_disable+0x280/0x280
[ 2809.916880][ T3365]  ? find_held_lock+0x2d/0x110
[ 2809.921692][ T3365]  mem_cgroup_out_of_memory+0x206/0x270
[ 2809.927269][ T3365]  ? mem_cgroup_margin+0x130/0x130
[ 2809.932409][ T3365]  ? lock_downgrade+0x6e0/0x6e0
[ 2809.937332][ T3365]  try_charge_memcg+0xef8/0x12f0
[ 2809.942328][ T3365]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2809.948357][ T3365]  ? rcu_read_unlock+0x9/0x60
[ 2809.953065][ T3365]  ? lock_downgrade+0x6e0/0x6e0
[ 2809.957983][ T3365]  charge_memcg+0x99/0x3b0
[ 2809.962443][ T3365]  __mem_cgroup_charge+0x2b/0x90
[ 2809.967430][ T3365]  ? _compound_head+0x5d/0x150
[ 2809.972238][ T3365]  __handle_mm_fault+0x17e7/0x3a40
[ 2809.977382][ T3365]  ? vm_iomap_memory+0x190/0x190
[ 2809.982360][ T3365]  handle_mm_fault+0x1cc/0x780
[ 2809.987145][ T3365]  do_user_addr_fault+0x475/0x1210
[ 2809.992280][ T3365]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2809.997855][ T3365]  exc_page_fault+0x98/0x170
[ 2810.002464][ T3365]  asm_exc_page_fault+0x26/0x30
[ 2810.007334][ T3365] RIP: 0033:0x7f8325a2bd79
[ 2810.011763][ T3365] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2810.031383][ T3365] RSP: 002b:00007fff9cb6b2a0 EFLAGS: 00010246
[ 2810.037460][ T3365] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2810.045437][ T3365] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000555555b4e2e8
[ 2810.053416][ T3365] RBP: 00007fff9cb6b398 R08: 0000000000000000 R09: 0000000000000000
[ 2810.061395][ T3365] R10: 00007f83256000c8 R11: 0000000000000246 R12: 00000000002adfc0
[ 2810.069374][ T3365] R13: 00007fff9cb6b3c0 R14: 00007f8325babf80 R15: 0000000000000032
[ 2810.077378][ T3365]  </TASK>
[ 2810.128652][ T3365] memory: usage 307200kB, limit 307200kB, failcnt 64289
[ 2810.141310][ T3365] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2810.160621][ T3365] Memory cgroup stats for /syz2:
[ 2810.160867][ T3365] anon 135168
[ 2810.160867][ T3365] file 417792
[ 2810.160867][ T3365] kernel 314003456
[ 2810.160867][ T3365] kernel_stack 65536
[ 2810.160867][ T3365] pagetables 77824
[ 2810.160867][ T3365] sec_pagetables 0
[ 2810.160867][ T3365] percpu 5357600
[ 2810.160867][ T3365] sock 0
[ 2810.160867][ T3365] vmalloc 0
[ 2810.160867][ T3365] shmem 417792
[ 2810.160867][ T3365] zswap 0
[ 2810.160867][ T3365] zswapped 0
[ 2810.160867][ T3365] file_mapped 417792
[ 2810.160867][ T3365] file_dirty 0
[ 2810.160867][ T3365] file_writeback 0
[ 2810.160867][ T3365] swapcached 0
[ 2810.160867][ T3365] anon_thp 0
[ 2810.160867][ T3365] file_thp 0
[ 2810.160867][ T3365] shmem_thp 0
[ 2810.160867][ T3365] inactive_anon 139264
[ 2810.160867][ T3365] active_anon 413696
[ 2810.160867][ T3365] inactive_file 0
[ 2810.160867][ T3365] active_file 0
[ 2810.160867][ T3365] unevictable 0
[ 2810.160867][ T3365] slab_reclaimable 14280
[ 2810.160867][ T3365] slab_unreclaimable 308458584
[ 2810.263540][ T3365] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3365,uid=0
[ 2810.279452][ T3365] Memory cgroup out of memory: Killed process 3365 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:16:14 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3403}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

10:16:14 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x6c00}, 0x0)

10:16:14 executing program 3:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$PPPIOCATTACH(r0, 0xc004743e, &(0x7f0000000000))
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000040)=0x7f)

[ 2810.493641][ T3360] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2810.616873][ T3369] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2810.652681][ T3369] CPU: 0 PID: 3369 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2810.663058][ T3369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2810.673136][ T3369] Call Trace:
[ 2810.676429][ T3369]  <TASK>
[ 2810.679380][ T3369]  dump_stack_lvl+0xd1/0x138
[ 2810.684013][ T3369]  dump_header+0x10b/0x85f
[ 2810.688465][ T3369]  oom_kill_process.cold+0x10/0x15
[ 2810.693609][ T3369]  out_of_memory+0x35c/0x14a0
[ 2810.698338][ T3369]  ? find_held_lock+0x2d/0x110
[ 2810.703139][ T3369]  ? oom_killer_disable+0x280/0x280
[ 2810.708376][ T3369]  ? find_held_lock+0x2d/0x110
[ 2810.713177][ T3369]  mem_cgroup_out_of_memory+0x206/0x270
[ 2810.718743][ T3369]  ? mem_cgroup_margin+0x130/0x130
[ 2810.723869][ T3369]  ? lock_downgrade+0x6e0/0x6e0
[ 2810.728762][ T3369]  try_charge_memcg+0xef8/0x12f0
[ 2810.733737][ T3369]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2810.739740][ T3369]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2810.745474][ T3369]  ? lock_downgrade+0x6e0/0x6e0
[ 2810.750374][ T3369]  obj_cgroup_charge+0x2af/0x5e0
[ 2810.755338][ T3369]  ? __anon_vma_prepare+0x64/0x580
[ 2810.760470][ T3369]  kmem_cache_alloc+0xa3/0x3d0
[ 2810.765261][ T3369]  __anon_vma_prepare+0x64/0x580
[ 2810.770210][ T3369]  ? __pmd_alloc+0x30c/0x5d0
[ 2810.774818][ T3369]  __handle_mm_fault+0x35bc/0x3a40
[ 2810.779951][ T3369]  ? vm_iomap_memory+0x190/0x190
[ 2810.784930][ T3369]  handle_mm_fault+0x1cc/0x780
[ 2810.789714][ T3369]  do_user_addr_fault+0x475/0x1210
[ 2810.794848][ T3369]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2810.800423][ T3369]  exc_page_fault+0x98/0x170
[ 2810.805032][ T3369]  asm_exc_page_fault+0x26/0x30
[ 2810.809901][ T3369] RIP: 0033:0x7f8325a2bd79
[ 2810.814327][ T3369] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2810.833949][ T3369] RSP: 002b:00007fff9cb6b2a0 EFLAGS: 00010246
[ 2810.840032][ T3369] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2810.848009][ T3369] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000555555b4e2e8
[ 2810.855987][ T3369] RBP: 00007fff9cb6b398 R08: 0000000000000000 R09: 0000000000000000
[ 2810.863965][ T3369] R10: 00007f83256000c8 R11: 0000000000000246 R12: 00000000002ae2b0
[ 2810.871946][ T3369] R13: 00007fff9cb6b3c0 R14: 00007f8325babf80 R15: 0000000000000032
[ 2810.879943][ T3369]  </TASK>
[ 2810.895612][ T3369] memory: usage 307200kB, limit 307200kB, failcnt 64387
[ 2810.903084][ T3369] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2810.910717][ T3369] Memory cgroup stats for /syz2:
[ 2810.910961][ T3369] anon 135168
[ 2810.910961][ T3369] file 417792
[ 2810.910961][ T3369] kernel 314019840
[ 2810.910961][ T3369] kernel_stack 65536
[ 2810.910961][ T3369] pagetables 77824
[ 2810.910961][ T3369] sec_pagetables 0
[ 2810.910961][ T3369] percpu 5357600
[ 2810.910961][ T3369] sock 0
[ 2810.910961][ T3369] vmalloc 0
[ 2810.910961][ T3369] shmem 417792
[ 2810.910961][ T3369] zswap 0
[ 2810.910961][ T3369] zswapped 0
[ 2810.910961][ T3369] file_mapped 417792
[ 2810.910961][ T3369] file_dirty 0
[ 2810.910961][ T3369] file_writeback 0
[ 2810.910961][ T3369] swapcached 0
10:16:15 executing program 4:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$PPPIOCATTACH(r0, 0xc004743e, &(0x7f0000000000)=0x2000)

[ 2810.910961][ T3369] anon_thp 0
[ 2810.910961][ T3369] file_thp 0
[ 2810.910961][ T3369] shmem_thp 0
[ 2810.910961][ T3369] inactive_anon 139264
[ 2810.910961][ T3369] active_anon 413696
[ 2810.910961][ T3369] inactive_file 0
[ 2810.910961][ T3369] active_file 0
[ 2810.910961][ T3369] unevictable 0
[ 2810.910961][ T3369] slab_reclaimable 14280
[ 2810.910961][ T3369] slab_unreclaimable 308469280
[ 2811.035263][ T3371] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2811.054020][ T3369] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3369,uid=0
10:16:15 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x4a, @local}]}, 0x48}}, 0x0)

10:16:15 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3500}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2811.079673][ T3369] Memory cgroup out of memory: Killed process 3369 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 2811.111609][ T3371] device bridge1772 entered promiscuous mode
[ 2811.270658][ T3374] device macvtap2162 entered promiscuous mode
[ 2811.371481][ T3382] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000
[ 2811.388616][ T3382] CPU: 1 PID: 3382 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2811.398989][ T3382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2811.409064][ T3382] Call Trace:
[ 2811.412364][ T3382]  <TASK>
[ 2811.415313][ T3382]  dump_stack_lvl+0xd1/0x138
[ 2811.419944][ T3382]  dump_header+0x10b/0x85f
[ 2811.424393][ T3382]  oom_kill_process.cold+0x10/0x15
[ 2811.429540][ T3382]  out_of_memory+0x35c/0x14a0
[ 2811.434255][ T3382]  ? find_held_lock+0x2d/0x110
[ 2811.439057][ T3382]  ? oom_killer_disable+0x280/0x280
[ 2811.444300][ T3382]  ? find_held_lock+0x2d/0x110
[ 2811.449115][ T3382]  mem_cgroup_out_of_memory+0x206/0x270
[ 2811.454697][ T3382]  ? mem_cgroup_margin+0x130/0x130
[ 2811.459838][ T3382]  ? lock_downgrade+0x6e0/0x6e0
[ 2811.464750][ T3382]  try_charge_memcg+0xef8/0x12f0
[ 2811.469731][ T3382]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2811.475749][ T3382]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2811.481505][ T3382]  ? lock_downgrade+0x6e0/0x6e0
[ 2811.486402][ T3382]  ? lock_downgrade+0x6e0/0x6e0
[ 2811.491296][ T3382]  ? rcu_read_unlock+0x9/0x60
[ 2811.496015][ T3382]  obj_cgroup_charge+0x2af/0x5e0
[ 2811.500998][ T3382]  kmem_cache_alloc_node+0xa9/0x410
[ 2811.506229][ T3382]  ? copy_process+0x5c2/0x7190
[ 2811.511030][ T3382]  copy_process+0x5c2/0x7190
[ 2811.515665][ T3382]  ? find_held_lock+0x2d/0x110
[ 2811.520474][ T3382]  ? find_held_lock+0x2d/0x110
[ 2811.525285][ T3382]  ? __cleanup_sighand+0xb0/0xb0
[ 2811.530253][ T3382]  ? __handle_mm_fault+0x2d0f/0x3a40
[ 2811.535571][ T3382]  ? lock_downgrade+0x6e0/0x6e0
[ 2811.540461][ T3382]  ? folio_flags.constprop.0+0x53/0x150
[ 2811.546058][ T3382]  ? folio_add_lru+0x37b/0x680
[ 2811.550879][ T3382]  kernel_clone+0xeb/0x980
[ 2811.555331][ T3382]  ? create_io_thread+0xf0/0xf0
[ 2811.560222][ T3382]  ? find_held_lock+0x2d/0x110
[ 2811.565041][ T3382]  __do_sys_clone+0xba/0x100
[ 2811.569667][ T3382]  ? kernel_clone+0x980/0x980
[ 2811.574391][ T3382]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2811.580322][ T3382]  do_syscall_64+0x39/0xb0
[ 2811.584779][ T3382]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2811.590711][ T3382] RIP: 0033:0x7f69a668d501
[ 2811.595150][ T3382] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2811.614783][ T3382] RSP: 002b:00007ffea4dd3058 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2811.623227][ T3382] RAX: ffffffffffffffda RBX: 00007f69a746c700 RCX: 00007f69a668d501
[ 2811.631228][ T3382] RDX: 00007f69a746c9d0 RSI: 00007f69a746c2f0 RDI: 00000000003d0f00
[ 2811.639225][ T3382] RBP: 00007ffea4dd32a0 R08: 00007f69a746c700 R09: 00007f69a746c700
[ 2811.647221][ T3382] R10: 00007f69a746c9d0 R11: 0000000000000206 R12: 00007ffea4dd310e
[ 2811.655218][ T3382] R13: 00007ffea4dd310f R14: 00007f69a746c300 R15: 0000000000022000
[ 2811.663234][ T3382]  </TASK>
[ 2811.692609][ T3376] device macvtap2163 entered promiscuous mode
[ 2811.699272][ T3382] memory: usage 307196kB, limit 307200kB, failcnt 10678
[ 2811.706561][ T3382] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2811.714239][ T3382] Memory cgroup stats for /syz1:
[ 2811.714464][ T3382] anon 147456
[ 2811.714464][ T3382] file 393216
[ 2811.714464][ T3382] kernel 314028032
[ 2811.714464][ T3382] kernel_stack 65536
[ 2811.714464][ T3382] pagetables 81920
[ 2811.714464][ T3382] sec_pagetables 0
[ 2811.714464][ T3382] percpu 5356416
[ 2811.714464][ T3382] sock 0
[ 2811.714464][ T3382] vmalloc 0
[ 2811.714464][ T3382] shmem 385024
[ 2811.714464][ T3382] zswap 0
[ 2811.714464][ T3382] zswapped 0
[ 2811.714464][ T3382] file_mapped 385024
[ 2811.714464][ T3382] file_dirty 0
[ 2811.714464][ T3382] file_writeback 0
[ 2811.714464][ T3382] swapcached 0
[ 2811.714464][ T3382] anon_thp 0
[ 2811.714464][ T3382] file_thp 0
[ 2811.714464][ T3382] shmem_thp 0
[ 2811.714464][ T3382] inactive_anon 180224
[ 2811.714464][ T3382] active_anon 339968
[ 2811.714464][ T3382] inactive_file 4096
[ 2811.714464][ T3382] active_file 4096
[ 2811.714464][ T3382] unevictable 0
[ 2811.714464][ T3382] slab_reclaimable 16512
[ 2811.714464][ T3382] slab_unreclaimable 308470328
[ 2811.814554][ T3382] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3382,uid=0
[ 2811.832014][ T3382] Memory cgroup out of memory: Killed process 3382 (syz-executor.1) total-vm:54672kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2811.850793][ T3383] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2811.868442][ T3383] CPU: 1 PID: 3383 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2811.878804][ T3383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2811.888879][ T3383] Call Trace:
[ 2811.892177][ T3383]  <TASK>
[ 2811.895126][ T3383]  dump_stack_lvl+0xd1/0x138
[ 2811.899754][ T3383]  dump_header+0x10b/0x85f
[ 2811.904196][ T3383]  oom_kill_process.cold+0x10/0x15
[ 2811.909329][ T3383]  out_of_memory+0x35c/0x14a0
[ 2811.914035][ T3383]  ? oom_killer_disable+0x280/0x280
[ 2811.919256][ T3383]  ? find_held_lock+0x2d/0x110
[ 2811.924047][ T3383]  mem_cgroup_out_of_memory+0x206/0x270
[ 2811.929616][ T3383]  ? mem_cgroup_margin+0x130/0x130
[ 2811.934738][ T3383]  ? lock_downgrade+0x6e0/0x6e0
[ 2811.939632][ T3383]  try_charge_memcg+0xef8/0x12f0
[ 2811.944598][ T3383]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2811.950604][ T3383]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2811.956344][ T3383]  ? lock_downgrade+0x6e0/0x6e0
[ 2811.961243][ T3383]  obj_cgroup_charge+0x2af/0x5e0
[ 2811.966210][ T3383]  ? vm_area_dup+0x85/0x380
[ 2811.970723][ T3383]  kmem_cache_alloc+0xa3/0x3d0
[ 2811.975509][ T3383]  vm_area_dup+0x85/0x380
[ 2811.979848][ T3383]  ? mt_slot+0xa1/0x170
[ 2811.984018][ T3383]  ? mas_next_nentry+0x610/0xab0
[ 2811.988971][ T3383]  ? mas_next_node+0x547/0xa00
[ 2811.993766][ T3383]  ? mas_find+0x211/0xd10
[ 2811.998124][ T3383]  ? vm_area_alloc+0x100/0x100
[ 2812.002903][ T3383]  ? validate_mm_mt+0x149/0x1b0
[ 2812.007778][ T3383]  ? remove_vma+0x130/0x130
[ 2812.012307][ T3383]  ? can_vma_merge_before+0x390/0x390
[ 2812.017709][ T3383]  __split_vma+0xae/0x5e0
[ 2812.022056][ T3383]  ? vma_merge+0x2cf/0x870
[ 2812.026502][ T3383]  split_vma+0xa3/0xe0
[ 2812.030597][ T3383]  mprotect_fixup+0x6cb/0x960
[ 2812.035309][ T3383]  ? mas_find+0x211/0xd10
[ 2812.039651][ T3383]  ? change_protection+0x4290/0x4290
[ 2812.044972][ T3383]  do_mprotect_pkey+0x6fd/0xa70
[ 2812.049854][ T3383]  ? mprotect_fixup+0x960/0x960
[ 2812.054726][ T3383]  ? up_write+0x1b0/0x520
[ 2812.059119][ T3383]  __x64_sys_mprotect+0x78/0xb0
[ 2812.063995][ T3383]  do_syscall_64+0x39/0xb0
[ 2812.068435][ T3383]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2812.074348][ T3383] RIP: 0033:0x7f8325a8c1e7
[ 2812.078772][ T3383] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2812.098393][ T3383] RSP: 002b:00007fff9cb6b1f8 EFLAGS: 00000206 ORIG_RAX: 000000000000000a
[ 2812.106815][ T3383] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f8325a8c1e7
[ 2812.114792][ T3383] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f8326769000
[ 2812.122771][ T3383] RBP: 00007fff9cb6b2d0 R08: 00000000ffffffff R09: 00007f8326788700
[ 2812.130747][ T3383] R10: 0000000000020022 R11: 0000000000000206 R12: 00007fff9cb6b3f0
10:16:16 executing program 0:
socket(0x10, 0x3, 0x87)

[ 2812.138724][ T3383] R13: 00007f8326788700 R14: 0000000000000000 R15: 0000000000022000
[ 2812.146719][ T3383]  </TASK>
[ 2812.207659][ T3383] memory: usage 307200kB, limit 307200kB, failcnt 64476
[ 2812.215880][ T3383] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2812.238077][ T3383] Memory cgroup stats for /syz2:
[ 2812.238276][ T3383] anon 143360
[ 2812.238276][ T3383] file 417792
[ 2812.238276][ T3383] kernel 314011648
[ 2812.238276][ T3383] kernel_stack 65536
[ 2812.238276][ T3383] pagetables 77824
[ 2812.238276][ T3383] sec_pagetables 0
[ 2812.238276][ T3383] percpu 5357600
[ 2812.238276][ T3383] sock 0
[ 2812.238276][ T3383] vmalloc 0
[ 2812.238276][ T3383] shmem 417792
[ 2812.238276][ T3383] zswap 0
[ 2812.238276][ T3383] zswapped 0
[ 2812.238276][ T3383] file_mapped 417792
[ 2812.238276][ T3383] file_dirty 0
[ 2812.238276][ T3383] file_writeback 0
[ 2812.238276][ T3383] swapcached 0
[ 2812.238276][ T3383] anon_thp 0
[ 2812.238276][ T3383] file_thp 0
[ 2812.238276][ T3383] shmem_thp 0
10:16:16 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @multicast2}, {0x0, @broadcast}, 0x28, {0x2, 0x0, @empty}, 'veth1_to_hsr\x00'})

[ 2812.238276][ T3383] inactive_anon 147456
[ 2812.238276][ T3383] active_anon 413696
[ 2812.238276][ T3383] inactive_file 0
[ 2812.238276][ T3383] active_file 0
[ 2812.238276][ T3383] unevictable 0
[ 2812.238276][ T3383] slab_reclaimable 14280
[ 2812.238276][ T3383] slab_unreclaimable 308463520
[ 2812.342474][ T3383] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3383,uid=0
10:16:16 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x7400}, 0x0)

[ 2812.358809][ T3383] Memory cgroup out of memory: Killed process 3383 (syz-executor.2) total-vm:54672kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 2812.363811][ T3384] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
10:16:16 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x63, @local}]}, 0x48}}, 0x0)

[ 2812.516544][ T3385] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
10:16:16 executing program 3:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$PPPIOCATTACH(r0, 0xc004743e, &(0x7f0000000000))
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000040)=0x7f)

10:16:16 executing program 0:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8942, &(0x7f0000000080)={'wlan1\x00'})

10:16:16 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3501}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2812.649864][ T3393] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
10:16:16 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
socket$packet(0x11, 0x2, 0x300)
sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x2, 0x4623, @local}, 0x10)

[ 2812.727545][ T3393] device bridge1773 entered promiscuous mode
10:16:17 executing program 4:
syz_emit_ethernet(0x1f, &(0x7f0000000040)={@random="8da525806ecf", @dev, @void, {@ipv4={0x800, @dccp={{0x7, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x21, 0x0, @local, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@cipso={0x86, 0x8, 0x0, [{0x0, 0x2}]}]}}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "df3682", 0x0, "e60900"}, "a965406f049a14107c32e98ff8cec25a42fe3c2bed032d05d129f92578900747d36fa13fca7bcddbf05d38ddbe5168a6f6ad0b5753671c981fab3fca5bf32688ed18669e24db8ea437c6c6ce7f5e3570dd1e9fdbb4f9ecc398dec872c3a6847c4910aa4f700a50576b26ec06371de39a86d4040000000000008adaea8bf1b5737fba33d5a34d647ad652"}}}}}, 0x0)

[ 2812.820919][ T3397] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2812.857255][ T3394] device macvtap2163 entered promiscuous mode
[ 2812.873454][ T3397] CPU: 0 PID: 3397 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2812.883831][ T3397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2812.893904][ T3397] Call Trace:
[ 2812.897197][ T3397]  <TASK>
[ 2812.900143][ T3397]  dump_stack_lvl+0xd1/0x138
[ 2812.904769][ T3397]  dump_header+0x10b/0x85f
[ 2812.909213][ T3397]  oom_kill_process.cold+0x10/0x15
[ 2812.914340][ T3397]  out_of_memory+0x35c/0x14a0
[ 2812.919055][ T3397]  ? find_held_lock+0x2d/0x110
[ 2812.923848][ T3397]  ? oom_killer_disable+0x280/0x280
[ 2812.929071][ T3397]  ? find_held_lock+0x2d/0x110
[ 2812.933866][ T3397]  mem_cgroup_out_of_memory+0x206/0x270
[ 2812.939427][ T3397]  ? mem_cgroup_margin+0x130/0x130
[ 2812.944552][ T3397]  ? lock_downgrade+0x6e0/0x6e0
[ 2812.949450][ T3397]  try_charge_memcg+0xef8/0x12f0
[ 2812.954417][ T3397]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2812.960425][ T3397]  ? rcu_read_unlock+0x9/0x60
[ 2812.965114][ T3397]  ? lock_downgrade+0x6e0/0x6e0
[ 2812.970016][ T3397]  charge_memcg+0x99/0x3b0
[ 2812.974458][ T3397]  __mem_cgroup_charge+0x2b/0x90
[ 2812.979416][ T3397]  ? _compound_head+0x5d/0x150
[ 2812.984216][ T3397]  __handle_mm_fault+0x17e7/0x3a40
[ 2812.989355][ T3397]  ? vm_iomap_memory+0x190/0x190
[ 2812.994343][ T3397]  handle_mm_fault+0x1cc/0x780
[ 2812.999132][ T3397]  do_user_addr_fault+0x475/0x1210
[ 2813.004265][ T3397]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2813.009837][ T3397]  exc_page_fault+0x98/0x170
[ 2813.014445][ T3397]  asm_exc_page_fault+0x26/0x30
[ 2813.019314][ T3397] RIP: 0033:0x7f69a662be6a
[ 2813.023737][ T3397] Code: 30 48 8b 34 24 48 85 f6 74 17 8b 44 24 18 0f c8 89 c0 48 89 44 24 18 48 83 fe 01 0f 85 a1 01 00 00 48 8b 44 24 10 8b 74 24 18 <89> 30 e9 d2 fc ff ff 48 8b 44 24 10 8b 10 48 8b 04 24 48 85 c0 0f
[ 2813.043354][ T3397] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2813.049442][ T3397] RAX: 0000000020000200 RBX: 0000000000000000 RCX: 0000000000000000
[ 2813.057421][ T3397] RDX: 1b013dd590c50c23 RSI: 0000000000000014 RDI: 00005555574b22e8
[ 2813.065403][ T3397] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
10:16:17 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCDELRT(r0, 0xc01047d0, 0x0)

[ 2813.073381][ T3397] R10: 00007f69a62002a8 R11: 0000000000000246 R12: 00000000002aeb1c
[ 2813.081361][ T3397] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2813.089358][ T3397]  </TASK>
10:16:17 executing program 4:
syz_emit_ethernet(0x66, &(0x7f0000000180)={@random="8da525806ecf", @dev, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x2f, 0x0, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}}, {{0x0, 0x0, 0x1, 0x0, 0x0, 0x1}}}}}}, 0x0)

10:16:17 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)}, 0x40000140)

[ 2813.156112][ T3395] device macvtap2164 entered promiscuous mode
[ 2813.162810][ T3397] memory: usage 307200kB, limit 307200kB, failcnt 10834
[ 2813.215247][ T3397] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2813.231474][ T3397] Memory cgroup stats for /syz1:
[ 2813.231717][ T3397] anon 139264
[ 2813.231717][ T3397] file 393216
[ 2813.231717][ T3397] kernel 314040320
[ 2813.231717][ T3397] kernel_stack 65536
[ 2813.231717][ T3397] pagetables 81920
[ 2813.231717][ T3397] sec_pagetables 0
[ 2813.231717][ T3397] percpu 5356416
[ 2813.231717][ T3397] sock 0
[ 2813.231717][ T3397] vmalloc 0
[ 2813.231717][ T3397] shmem 385024
[ 2813.231717][ T3397] zswap 0
[ 2813.231717][ T3397] zswapped 0
[ 2813.231717][ T3397] file_mapped 385024
[ 2813.231717][ T3397] file_dirty 0
[ 2813.231717][ T3397] file_writeback 0
[ 2813.231717][ T3397] swapcached 0
[ 2813.231717][ T3397] anon_thp 0
[ 2813.231717][ T3397] file_thp 0
[ 2813.231717][ T3397] shmem_thp 0
[ 2813.231717][ T3397] inactive_anon 184320
[ 2813.231717][ T3397] active_anon 339968
[ 2813.231717][ T3397] inactive_file 4096
[ 2813.231717][ T3397] active_file 4096
10:16:17 executing program 0:
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001100)={&(0x7f00000000c0)={0xd04, 0x14, 0x0, 0x0, 0x0, {}, [@INET_DIAG_REQ_BYTECODE={0x5, 0x1, "8c"}, @INET_DIAG_REQ_BYTECODE={0xce5, 0x1, "9bebcd407ac3543771d23b79cb482e5b927ad5e9a61c1aa5df7ee2d7ca95821b06491f669961132e730db3d163413dab8c53a31ba5da360551f6c5d1004810482f6b8dd0b62c9b4eb18ef44231d21a945c0dd3d1f6ed6c1239cf5421367011624d3f514ae63046f4f9e3ed7aa8443f6e40cb61d5b628f338ab8f11ef2a1e3e46171949b18c48e1298f7b96b8ffe3afc264bf414795e1073def7593264102c712c32f64061395fa7836d704cb5c44bc4107ec7c0b12e28d09fa6aa808f1e5f3b0397bb79e6faded83ab6cbd3fd7e1d5e38c1d03619a194ae1fc967e8028d1cfd9f7caece5b9946077232aeb81baa08067d68d2437f99f67310ff427773fc61111341a010bcbc2f150b6109fa6d714a3f1d80b7bf47a2991e58f7c373a871939059f2667385ad5ddefef4aaf5d4b47d33e1f8e1673d22802e2b52281337fc8f472f4ef81547cc8a9d36eb905f284a2ad51dfbbe6a1680bf098aa19aa435102130b717192b5c9a19838d2ac205c85ca1dda1d0225c4745c9161ddfd38c5d62f605c2adb616488d932395a95fd7d7dc654b8f085bd6efe2958ce6bc6fc6a2c607c3f7dcc86379dd10320c508207f6e7108701eea49f3e1d48d49be8f7521b4dbc503a2691bdd6530e9047b49611498dd48b54e47703c7bf94a533b83852a984d2116964661dba48b97f05ce89b853ed0fe9e7251897f378074c24ce4697ee31cef073d99b4c2f2f495d1643375fb5f266b97695dcb80c51f9c613c31ee71188f04cbf9b6f910d3f38965c20127ec80a14774d7802542d492ccbf9b5fa1a81eebe03c48c858f81ad07df2a67a653f8614b2772f582d8e098054457fbae138d80aaf493cacfb6165bd42626ae592758b805da685475a38d2e34777b6b483ebf107e624243c68bf26888b056f90cf9b0713dbedafcef6073fbfdf84302067fec68d0e84247d55739a9a770a5c60092d3c47f4d94d519d7c2509e43def192956f080d456af6f342f2328c8862cac091d65f44906ce033ed205596894938d398c32d72360cf98f9fc845d23d9ced13c840d471085d5d88ef6bcacc98666f00edc8806e2c2cdd6579d1532f8aa9a50afc5c2a05ef6f3baa4c6a47ffe903b0d3c67e153d7a41221fc3b2eb2a347cef971c553ed7290e9fd1793291dd586fc418150be507a3f3ec465dfd7350aefe987e15c499f53b7ca6c00519781018de6cdf2a4059826e6913064f850fbd10b561e61b84c7cfc8855b7a1768af6a2d1dea120198fc585fdcdec80b50dafd337c26611ce32c54605b33aaf3be7286b4028f1c34e64fb86cfdd312373cfe8924e3d3512eba074dfee3f0a1fbe7f8b32212306a45a2f4f52664adf06661ebe41b6ea1076af210e5af258d534a98cb58aa6846572df4dc65074e13067c7ac3892c32a910bb653879014e58c06f725dd2b8fa0ca3b69e48a878d525b102cc7c0cd8e8f866f7d4e907600ad17c93971a27bb7390f7264a088a3005f0f9809f68d8479d99d21d544290825ec825e77347805decb53230913740309d74bd9bb1fc10e316e97c6c020bdeeec90c8439d5f4bf856d45205c47938a690507e2ff2462d5366c15cc952cb712f90445cb12918ec5c0d3c449079485048f63e4ec87569145c65d3068ea0bbd73a5c7df32e5447da6e6f96640f30ba13018ece0b32ca0b651b11ba8d304a631673b5280abf2cf3242e11091f6debf650be1b9b3b6b847bc1ed9d07b57c2fdb8df5d8ada518d84a6636f86a6efb68b607327f2ec0945a3117bbfa36540079f328b30042d737a6868cbdc3e4918fd244610bb4923a00a1929de788f0a9f878b1d963d5deefd83536abfebda8b9dd5ffd23e62570e147ed623a29a863432dd758e98e72039ee19e625f221807122a54ad6889d7bee57fe3d55852d3af07d8315023fad8e166419668e94875217d744ec6037fbcc3e86659cf58f692a78418c765d72e9a4bf445d37244bd8e73fdc3aaa5a31642b24098e0dbbb342b06ad0ae366bbe132f455e2f2933e9a59a654564cf035167920e2d2058a51ca58f677c058cf0dcaccfbcf5dca4b0cf301dfad3235e389fc04e68c031027c43084306ad8ba68f2d813d33cb1f67b1e93cc3f27cf0cf5608bc3c42d5a25871e9df95f7c3c2e2dfc0ce5b9defb7b839d57e3ebfaa2647579f89031654b078f19dafaf9f77c3046234f4bbfb1f87f2dc5bf0b8f940428c70440aeb4e456f6f47862e8cd1f68fe6d58153ffaa48bd3a3ece0ae0dd6237b9da95e70a36b658ed7f5234ca912c97ddb3d7c6e64c5dca5c000e7f29eeb71bdbcd8b14c34f19209573578d8fc91fbc3de3c042cd38c22d7fb4b0f30a219e8b85008d78eaae3fe3c61f6be972c95d308d4aec902c410b8cc58e19aff7f2ab71e586ac4b97dcd1102b3a27009f16c157709df22a7416480325182a89eabfb3c3a91769e1b4b2bc1a4f89f72b45da9fffea7131a416198b61bfd84d26dc9c1e3200bb0e817619bb21b0bd88466d2cdc88be42fbd08b6f282a100f68d345d6eacf7412f8bdbf1eca807e09eaf12711b45057ae82e219bf1923e2cbd2be41a67e37280053fea862b3674411b62c6c10cc3dfb5bddced54ccbda15d2a70cd56c9871f05a0d744ff8efebdea5ee617020e4f16a451a9a048db11ec1a94b807de39e40edfe6f20ea865666f42a889d79c9663229720ad8f3c0c27c8b555f22191daf1f8e6c562740e1a7a841225f37373cff141a2df7bdb2d8c82609b840ec5a956e980705e8587e744f38d24aab54a07575c08415242a61fbe6479ebfc18928765bbdb7b899be58fa8bd4f8b47154f23c3c3a211c010e90f90fe34e9b62de6b22054a4a1bd55cc81f97892d731afd81bd3a54adbede2dc6c448e455aa5312bbb291ab9c1faa8ddeb88f80df3ca4f84ac1ec67c040cfb87aa4fb7f313d39f8ebfa351288f77ec15ae9e01b9035c415c4ef2214b65591813273821b192d4e7a1ee9119b9404180a01baef244c0fa23cf4993f7b41b12869122fb0a825a4242d112a572c48f9de2db0693e2a105f58fb1fe5a6a2b312f32b1c0a1e5943402b3186ba0be2b26d7cf627493021b40173ec040fad95f50fc045c199aed1d70f2d30149964b8eea004f1e46921a5955bed1b8d873d4c4bdedccea4cc4e9b38e0c9d5335781519e0f29f7697b2c7bbaf64d4142382299a187fb66e72b27fb99b9b77b7690b7b14aae94ebbcd0dcc602aa84d5a7b852828526ac01add39c6d07371312e03d2f1feb49fa65faa7d4641e8caaf2297d0a02398e3a2ea426bbb498f9c69fa80e85857f2a22746b26cf3af938688fc38bfa1f93caab84ead64b9ff3dd6ca0a1d32122dfc4d707aafd9532c89173aba6fb61cfde8fd4937939e50f23b4d2f813df68a39e4a7ee777dca02eb200955b3ed57aaedacbebe7dcc98d20f5e30d9a918e1cdeb307119b9dcf61526af97c974252f8074e902c5232e31346046b1e4958ac81adeff284004eb1857d87c570ad60f99acefe094a198f9587f34ee0dc6aff2bd81b3abb0fb7550b3342c5b17e439ea989bac398d82db83bf7a7d11a28566ef147a105f7af4c589ec3692de8e0eea875a4d1ef326c47b474f6e68e5386ef7b064059986d8f1a75ed0c7eb7b28bb388660da3351f746c51e0ef7323d005c368853ac1bad33c93292ffbb4691a5eb8cbd438a6a17038c37d7b1a0dd66c06c3a1d8c6342b692763a4826f69130ecaee5dec27cee1adf2addbe3d1fadd2bb42f5e4896fddf890db35c08cab43bd8ad2db9f04738f45df2e99c634be16bfc09815573f803a6599d36c1bce51d66ca08c279c392d3244498541f1fda8a8fa9738b8053ee8c1b569a3e0d12176f45a6a812e29827d35f185b962fff69ab21abf291c7b825d3c8cc26fa72bdcf984297dbfc50a5ce8b3e2dd61bc163547682e0f2f50daa8c3c28408f0f76e86dbbb945063c660c874cb0c64d70d5f7709a784b2905881d2e9371e43450a0e61a9c427b7f1466a8429c38653c33e6c478455f8187cf1b19b79ba25f06ddd77e6c9a796121580b9b2edc49b63a23be411b856e2085c55983958355366be5944a412ca85b41ae8c046b5b6ad76ac54730ef66a03621bb2b7d0c0308ec03fd45b047f077882dedac685ad08c09a7a1da17bd63bdf268452c3f85c65316c26e105bae4519c47bdd0d4f938bce41de881d1d5cd8fac36aaaa5aaf67297fb5c3341b442a32bf3552a86e213cd1beffa1367e2113b1428aebbf25b4bb61dde0fd372c02e1bbbc6f731673266f0afa4b403b3ffeeb57b50327d7a7d7471925fc973db32c5bf6fff88354805b1dacc4492c1e28a3e6226d79e5ed8e7aa773f44d68c326b74f86fe8f899ff12ec2cacbbfdb3f628e9597d1ed66e303ec37d57382c813f1a074e06cdc5166894c47b248a8ccf19df263da491b78049534c24c3e8f292c271aa397e5f0f3e4b0e5574b5c18e205a9b30cf703f3abcb4cc6e03b8f9e1e0b243bfa7292bf9aa11291031128d4855de25336bd07d5b9662d72a15a3c89cc0c1d5dc267e0cbb342964e627469bea3fd92a6984b120982db5d383cee4e5b5730a7c867fe7c5b1b896cd69d8109aa9281723af2fded012b3631defe34619a3461c32965d03c15658bc4984301400c79c46bea18a07b5485ca56f460d4a3ceb85b09"}]}, 0xd04}}, 0x0)

10:16:17 executing program 4:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDPRL(r0, 0x8927, &(0x7f0000000040)={'sit0\x00', 0x0})

[ 2813.231717][ T3397] unevictable 0
[ 2813.231717][ T3397] slab_reclaimable 16512
[ 2813.231717][ T3397] slab_unreclaimable 308475640
[ 2813.339979][ T3397] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3397,uid=0
10:16:17 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$TEAM_CMD_NOOP(r0, &(0x7f0000003580)={0x0, 0x0, &(0x7f0000003540)={0x0}}, 0x0)
bind$netlink(r0, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8}, 0xc)

10:16:17 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x7a00}, 0x0)

[ 2813.398725][ T3397] Memory cgroup out of memory: Killed process 3397 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2813.419880][ T3404] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2813.533278][ T3423] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2813.547108][ T3404] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2813.563372][ T3404] CPU: 0 PID: 3404 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2813.573747][ T3404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2813.583846][ T3404] Call Trace:
[ 2813.587145][ T3404]  <TASK>
[ 2813.590101][ T3404]  dump_stack_lvl+0xd1/0x138
[ 2813.594742][ T3404]  dump_header+0x10b/0x85f
[ 2813.599194][ T3404]  oom_kill_process.cold+0x10/0x15
[ 2813.604344][ T3404]  out_of_memory+0x35c/0x14a0
[ 2813.609071][ T3404]  ? find_held_lock+0x2d/0x110
[ 2813.613883][ T3404]  ? oom_killer_disable+0x280/0x280
[ 2813.619127][ T3404]  ? find_held_lock+0x2d/0x110
[ 2813.623954][ T3404]  mem_cgroup_out_of_memory+0x206/0x270
[ 2813.629538][ T3404]  ? mem_cgroup_margin+0x130/0x130
[ 2813.634671][ T3404]  ? lock_downgrade+0x6e0/0x6e0
[ 2813.639593][ T3404]  try_charge_memcg+0xef8/0x12f0
[ 2813.644582][ T3404]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2813.646905][ T3423] device bridge1774 entered promiscuous mode
[ 2813.650584][ T3404]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2813.650621][ T3404]  ? lock_downgrade+0x6e0/0x6e0
[ 2813.667193][ T3404]  ? lock_downgrade+0x6e0/0x6e0
[ 2813.672108][ T3404]  obj_cgroup_charge+0x2af/0x5e0
[ 2813.677098][ T3404]  kmem_cache_alloc_lru+0x141/0x740
[ 2813.682336][ T3404]  ? sock_alloc_inode+0x27/0x1d0
[ 2813.687330][ T3404]  sock_alloc_inode+0x27/0x1d0
[ 2813.692140][ T3404]  ? sock_free_inode+0x30/0x30
[ 2813.696951][ T3404]  alloc_inode+0x61/0x230
[ 2813.701308][ T3404]  new_inode_pseudo+0x17/0x80
[ 2813.706012][ T3404]  sock_alloc+0x40/0x260
[ 2813.710281][ T3404]  __sock_create+0xbd/0x790
[ 2813.714834][ T3404]  __sys_socket+0x133/0x250
[ 2813.719384][ T3404]  ? __sys_socket_file+0x1f0/0x1f0
[ 2813.724553][ T3404]  __x64_sys_socket+0x73/0xb0
[ 2813.729271][ T3404]  do_syscall_64+0x39/0xb0
[ 2813.733725][ T3404]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2813.739661][ T3404] RIP: 0033:0x7f8325a8c0d9
[ 2813.744107][ T3404] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2813.763740][ T3404] RSP: 002b:00007f83267a9168 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 2813.773214][ T3404] RAX: ffffffffffffffda RBX: 00007f8325babf80 RCX: 00007f8325a8c0d9
10:16:17 executing program 4:
r0 = socket$unix(0x1, 0x2, 0x0)
recvmmsg$unix(r0, &(0x7f0000003080)=[{{0x0, 0x0, 0x0}}], 0x1, 0x103, 0x0)

10:16:17 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0xe2, @local}]}, 0x48}}, 0x0)

[ 2813.781215][ T3404] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000010
[ 2813.789299][ T3404] RBP: 00007f8325ae7ae9 R08: 0000000000000000 R09: 0000000000000000
[ 2813.797297][ T3404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2813.805296][ T3404] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2813.813315][ T3404]  </TASK>
[ 2813.848445][ T3425] device macvtap2164 entered promiscuous mode
[ 2813.898335][ T3404] memory: usage 307200kB, limit 307200kB, failcnt 64751
[ 2813.905499][ T3404] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2813.913028][ T3404] Memory cgroup stats for /syz2:
[ 2813.913189][ T3404] anon 143360
[ 2813.913189][ T3404] file 417792
[ 2813.913189][ T3404] kernel 314011648
[ 2813.913189][ T3404] kernel_stack 65536
[ 2813.913189][ T3404] pagetables 77824
[ 2813.913189][ T3404] sec_pagetables 0
[ 2813.913189][ T3404] percpu 5357600
[ 2813.913189][ T3404] sock 0
[ 2813.913189][ T3404] vmalloc 0
[ 2813.913189][ T3404] shmem 417792
[ 2813.913189][ T3404] zswap 0
[ 2813.913189][ T3404] zswapped 0
[ 2813.913189][ T3404] file_mapped 417792
[ 2813.913189][ T3404] file_dirty 0
[ 2813.913189][ T3404] file_writeback 0
[ 2813.913189][ T3404] swapcached 0
[ 2813.913189][ T3404] anon_thp 0
[ 2813.913189][ T3404] file_thp 0
[ 2813.913189][ T3404] shmem_thp 0
[ 2813.913189][ T3404] inactive_anon 147456
[ 2813.913189][ T3404] active_anon 413696
[ 2813.913189][ T3404] inactive_file 0
[ 2813.913189][ T3404] active_file 0
[ 2813.913189][ T3404] unevictable 0
[ 2813.913189][ T3404] slab_reclaimable 18136
[ 2813.913189][ T3404] slab_unreclaimable 308461632
[ 2814.010589][ T3404] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3403,uid=0
[ 2814.026403][ T3404] Memory cgroup out of memory: Killed process 3403 (syz-executor.2) total-vm:54672kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:16:18 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3502}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

10:16:18 executing program 0:
syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @dev, @void, {@ipv4={0x800, @dccp={{0x6, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x21, 0x0, @local, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@ra={0x94, 0x4}]}}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "df3682", 0x0, "e60900"}}}}}}, 0x0)

10:16:18 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_GET_HARDIF(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r1, 0x8d2d0a325177f521, 0x0, 0x0, {0x2}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}}, 0x0)

10:16:18 executing program 4:
socketpair(0x26, 0x5, 0x7, &(0x7f0000000000))

10:16:18 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x8100}, 0x0)

[ 2814.046195][ T3429] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
10:16:18 executing program 4:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000004980)={<r0=>0xffffffffffffffff})
recvmmsg$unix(r0, 0x0, 0x0, 0x0, 0x0)

10:16:18 executing program 0:
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x3, &(0x7f0000000400)=@framed, &(0x7f0000000440)='GPL\x00', 0x3, 0xe5, &(0x7f0000000480)=""/229, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

10:16:18 executing program 3:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x168}, 0x0)

10:16:18 executing program 4:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r0, 0x29, 0x41, &(0x7f0000000140)={'raw\x00', 0x2, [{}, {}]}, 0x48)

[ 2814.183919][ T3426] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
10:16:18 executing program 0:
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001dc0)={0x6, 0x2, &(0x7f0000001c40)=@raw=[@cb_func], &(0x7f0000001cc0)='syzkaller\x00', 0x7fff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

10:16:18 executing program 3:
select(0x40, &(0x7f0000000000)={0x4}, &(0x7f0000000040)={0x7}, 0x0, &(0x7f00000000c0)={0x0, 0x2710})

[ 2814.257629][ T3426] CPU: 1 PID: 3426 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2814.268000][ T3426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2814.278079][ T3426] Call Trace:
[ 2814.281377][ T3426]  <TASK>
[ 2814.284332][ T3426]  dump_stack_lvl+0xd1/0x138
[ 2814.288962][ T3426]  dump_header+0x10b/0x85f
[ 2814.293415][ T3426]  oom_kill_process.cold+0x10/0x15
[ 2814.298563][ T3426]  out_of_memory+0x35c/0x14a0
[ 2814.303281][ T3426]  ? find_held_lock+0x2d/0x110
[ 2814.308090][ T3426]  ? oom_killer_disable+0x280/0x280
[ 2814.313330][ T3426]  ? find_held_lock+0x2d/0x110
[ 2814.318139][ T3426]  mem_cgroup_out_of_memory+0x206/0x270
[ 2814.323722][ T3426]  ? mem_cgroup_margin+0x130/0x130
[ 2814.328865][ T3426]  ? lock_downgrade+0x6e0/0x6e0
[ 2814.333788][ T3426]  try_charge_memcg+0xef8/0x12f0
[ 2814.338770][ T3426]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2814.344787][ T3426]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2814.350541][ T3426]  ? lock_downgrade+0x6e0/0x6e0
[ 2814.355462][ T3426]  obj_cgroup_charge+0x2af/0x5e0
[ 2814.360442][ T3426]  ? vm_area_dup+0x85/0x380
[ 2814.364971][ T3426]  kmem_cache_alloc+0xa3/0x3d0
[ 2814.369772][ T3426]  vm_area_dup+0x85/0x380
[ 2814.374123][ T3426]  ? mt_slot+0xa1/0x170
[ 2814.378306][ T3426]  ? mas_next_nentry+0x610/0xab0
[ 2814.383273][ T3426]  ? mas_next_node+0x547/0xa00
[ 2814.388085][ T3426]  ? mas_find+0x211/0xd10
[ 2814.392450][ T3426]  ? vm_area_alloc+0x100/0x100
[ 2814.397230][ T3426]  ? validate_mm_mt+0x149/0x1b0
[ 2814.397625][ T3437] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2814.402101][ T3426]  ? remove_vma+0x130/0x130
[ 2814.402146][ T3426]  ? can_vma_merge_before+0x390/0x390
[ 2814.402191][ T3426]  __split_vma+0xae/0x5e0
[ 2814.402222][ T3426]  ? vma_merge+0x2cf/0x870
[ 2814.402263][ T3426]  split_vma+0xa3/0xe0
[ 2814.402304][ T3426]  mprotect_fixup+0x6cb/0x960
[ 2814.402351][ T3426]  ? mas_find+0x211/0xd10
[ 2814.402381][ T3426]  ? change_protection+0x4290/0x4290
[ 2814.402436][ T3426]  do_mprotect_pkey+0x6fd/0xa70
[ 2814.402485][ T3426]  ? mprotect_fixup+0x960/0x960
[ 2814.402524][ T3426]  ? up_write+0x1b0/0x520
[ 2814.462666][ T3426]  __x64_sys_mprotect+0x78/0xb0
[ 2814.467551][ T3426]  do_syscall_64+0x39/0xb0
[ 2814.471542][ T3437] device bridge1775 entered promiscuous mode
[ 2814.471988][ T3426]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2814.483875][ T3426] RIP: 0033:0x7f69a668c1e7
[ 2814.488313][ T3426] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2814.507934][ T3426] RSP: 002b:00007ffea4dd30a8 EFLAGS: 00000206 ORIG_RAX: 000000000000000a
[ 2814.516367][ T3426] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f69a668c1e7
[ 2814.524363][ T3426] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f69a744d000
[ 2814.532360][ T3426] RBP: 00007ffea4dd3180 R08: 00000000ffffffff R09: 00007f69a746c700
[ 2814.540355][ T3426] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffea4dd32a0
[ 2814.548348][ T3426] R13: 00007f69a746c700 R14: 0000000000000000 R15: 0000000000022000
[ 2814.556362][ T3426]  </TASK>
[ 2814.579721][ T3438] device macvtap2165 entered promiscuous mode
[ 2814.585198][ T3426] memory: usage 307200kB, limit 307200kB, failcnt 10979
[ 2814.599011][ T3426] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2814.606598][ T3426] Memory cgroup stats for /syz1:
[ 2814.606833][ T3426] anon 143360
[ 2814.606833][ T3426] file 393216
[ 2814.606833][ T3426] kernel 314036224
[ 2814.606833][ T3426] kernel_stack 65536
[ 2814.606833][ T3426] pagetables 81920
[ 2814.606833][ T3426] sec_pagetables 0
[ 2814.606833][ T3426] percpu 5356416
[ 2814.606833][ T3426] sock 0
[ 2814.606833][ T3426] vmalloc 0
[ 2814.606833][ T3426] shmem 385024
[ 2814.606833][ T3426] zswap 0
[ 2814.606833][ T3426] zswapped 0
[ 2814.606833][ T3426] file_mapped 385024
[ 2814.606833][ T3426] file_dirty 0
[ 2814.606833][ T3426] file_writeback 0
[ 2814.606833][ T3426] swapcached 0
[ 2814.606833][ T3426] anon_thp 0
[ 2814.606833][ T3426] file_thp 0
[ 2814.606833][ T3426] shmem_thp 0
[ 2814.606833][ T3426] inactive_anon 188416
[ 2814.606833][ T3426] active_anon 339968
[ 2814.606833][ T3426] inactive_file 0
[ 2814.606833][ T3426] active_file 8192
[ 2814.606833][ T3426] unevictable 0
[ 2814.606833][ T3426] slab_reclaimable 16512
[ 2814.606833][ T3426] slab_unreclaimable 308475640
[ 2814.715700][ T3426] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3426,uid=0
10:16:18 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x118, @local}]}, 0x48}}, 0x0)

[ 2814.732101][ T3426] Memory cgroup out of memory: Killed process 3426 (syz-executor.1) total-vm:54672kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2814.753088][ T3447] device macvtap2166 entered promiscuous mode
[ 2814.820349][ T3440] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000
[ 2814.835306][ T3440] CPU: 1 PID: 3440 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2814.845677][ T3440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2814.855756][ T3440] Call Trace:
[ 2814.859051][ T3440]  <TASK>
[ 2814.861999][ T3440]  dump_stack_lvl+0xd1/0x138
[ 2814.866628][ T3440]  dump_header+0x10b/0x85f
[ 2814.871084][ T3440]  oom_kill_process.cold+0x10/0x15
[ 2814.876231][ T3440]  out_of_memory+0x35c/0x14a0
[ 2814.880953][ T3440]  ? find_held_lock+0x2d/0x110
[ 2814.885755][ T3440]  ? oom_killer_disable+0x280/0x280
[ 2814.890988][ T3440]  ? find_held_lock+0x2d/0x110
[ 2814.895795][ T3440]  mem_cgroup_out_of_memory+0x206/0x270
[ 2814.901370][ T3440]  ? mem_cgroup_margin+0x130/0x130
[ 2814.906515][ T3440]  ? lock_downgrade+0x6e0/0x6e0
[ 2814.911427][ T3440]  try_charge_memcg+0xef8/0x12f0
[ 2814.916405][ T3440]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2814.922424][ T3440]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2814.928187][ T3440]  ? lock_downgrade+0x6e0/0x6e0
[ 2814.933091][ T3440]  ? lock_downgrade+0x6e0/0x6e0
[ 2814.937981][ T3440]  ? rcu_read_unlock+0x9/0x60
[ 2814.942682][ T3440]  obj_cgroup_charge+0x2af/0x5e0
[ 2814.947649][ T3440]  kmem_cache_alloc_node+0xa9/0x410
[ 2814.952864][ T3440]  ? copy_process+0x5c2/0x7190
[ 2814.957647][ T3440]  copy_process+0x5c2/0x7190
[ 2814.962257][ T3440]  ? find_held_lock+0x2d/0x110
[ 2814.967049][ T3440]  ? find_held_lock+0x2d/0x110
[ 2814.971842][ T3440]  ? __cleanup_sighand+0xb0/0xb0
[ 2814.976791][ T3440]  ? __handle_mm_fault+0x2d0f/0x3a40
[ 2814.982089][ T3440]  ? lock_downgrade+0x6e0/0x6e0
[ 2814.986963][ T3440]  ? folio_flags.constprop.0+0x53/0x150
[ 2814.992541][ T3440]  ? folio_add_lru+0x37b/0x680
[ 2814.997334][ T3440]  kernel_clone+0xeb/0x980
[ 2815.001773][ T3440]  ? create_io_thread+0xf0/0xf0
[ 2815.006646][ T3440]  ? find_held_lock+0x2d/0x110
[ 2815.011440][ T3440]  __do_sys_clone+0xba/0x100
[ 2815.016048][ T3440]  ? kernel_clone+0x980/0x980
[ 2815.020755][ T3440]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2815.026670][ T3440]  do_syscall_64+0x39/0xb0
[ 2815.031117][ T3440]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2815.037029][ T3440] RIP: 0033:0x7f8325a8d501
[ 2815.041452][ T3440] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2815.061067][ T3440] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2815.069491][ T3440] RAX: ffffffffffffffda RBX: 00007f8326788700 RCX: 00007f8325a8d501
[ 2815.077468][ T3440] RDX: 00007f83267889d0 RSI: 00007f83267882f0 RDI: 00000000003d0f00
[ 2815.085448][ T3440] RBP: 00007fff9cb6b3f0 R08: 00007f8326788700 R09: 00007f8326788700
[ 2815.093423][ T3440] R10: 00007f83267889d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2815.101400][ T3440] R13: 00007fff9cb6b25f R14: 00007f8326788300 R15: 0000000000022000
[ 2815.109401][ T3440]  </TASK>
[ 2815.142018][ T3446] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2815.151501][ T3440] memory: usage 307196kB, limit 307200kB, failcnt 64877
[ 2815.167977][ T3440] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2815.175001][ T3440] Memory cgroup stats for /syz2:
[ 2815.175204][ T3440] anon 147456
[ 2815.175204][ T3440] file 417792
[ 2815.175204][ T3440] kernel 314003456
[ 2815.175204][ T3440] kernel_stack 65536
[ 2815.175204][ T3440] pagetables 77824
[ 2815.175204][ T3440] sec_pagetables 0
[ 2815.175204][ T3440] percpu 5357600
[ 2815.175204][ T3440] sock 0
[ 2815.175204][ T3440] vmalloc 0
[ 2815.175204][ T3440] shmem 417792
[ 2815.175204][ T3440] zswap 0
[ 2815.175204][ T3440] zswapped 0
[ 2815.175204][ T3440] file_mapped 417792
[ 2815.175204][ T3440] file_dirty 0
[ 2815.175204][ T3440] file_writeback 0
[ 2815.175204][ T3440] swapcached 0
[ 2815.175204][ T3440] anon_thp 0
[ 2815.175204][ T3440] file_thp 0
[ 2815.175204][ T3440] shmem_thp 0
[ 2815.175204][ T3440] inactive_anon 151552
[ 2815.175204][ T3440] active_anon 413696
[ 2815.175204][ T3440] inactive_file 0
[ 2815.175204][ T3440] active_file 0
[ 2815.175204][ T3440] unevictable 0
[ 2815.175204][ T3440] slab_reclaimable 14280
[ 2815.175204][ T3440] slab_unreclaimable 308459128
[ 2815.272552][ T3440] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3440,uid=0
[ 2815.288316][ T3440] Memory cgroup out of memory: Killed process 3440 (syz-executor.2) total-vm:54672kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:16:19 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3503}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

10:16:19 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDPRL(r0, 0x8913, &(0x7f0000000040)={'sit0\x00', 0x0})

10:16:19 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f0000004000)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

10:16:19 executing program 3:
syz_emit_ethernet(0x36, &(0x7f0000000140)={@random="8da525806ecf", @dev, @void, {@ipv4={0x800, @dccp={{0x6, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x21, 0x0, @local, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@rr={0x7, 0x3}]}}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "df3682", 0x0, "e60900"}}}}}}, 0x0)

10:16:19 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x890c}, 0x0)

[ 2815.346998][ T3454] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2815.357276][ T3454] CPU: 1 PID: 3454 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2815.367626][ T3454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2815.377702][ T3454] Call Trace:
[ 2815.380999][ T3454]  <TASK>
[ 2815.383948][ T3454]  dump_stack_lvl+0xd1/0x138
[ 2815.388576][ T3454]  dump_header+0x10b/0x85f
[ 2815.393026][ T3454]  oom_kill_process.cold+0x10/0x15
[ 2815.398175][ T3454]  out_of_memory+0x35c/0x14a0
[ 2815.402894][ T3454]  ? find_held_lock+0x2d/0x110
[ 2815.407701][ T3454]  ? oom_killer_disable+0x280/0x280
[ 2815.412945][ T3454]  ? find_held_lock+0x2d/0x110
[ 2815.417754][ T3454]  mem_cgroup_out_of_memory+0x206/0x270
[ 2815.423335][ T3454]  ? mem_cgroup_margin+0x130/0x130
[ 2815.428484][ T3454]  ? lock_downgrade+0x6e0/0x6e0
[ 2815.433401][ T3454]  try_charge_memcg+0xef8/0x12f0
[ 2815.438388][ T3454]  ? mem_cgroup_handle_over_high+0x520/0x520
10:16:19 executing program 3:
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000003240)={0x6, 0x1, &(0x7f0000003040)=@raw=[@generic={0x5}], &(0x7f0000003080)='syzkaller\x00', 0x6, 0x82, &(0x7f00000030c0)=""/130, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

[ 2815.444409][ T3454]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2815.450165][ T3454]  ? lock_downgrade+0x6e0/0x6e0
[ 2815.455070][ T3454]  ? lock_downgrade+0x6e0/0x6e0
[ 2815.459985][ T3454]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2815.465590][ T3454]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2815.471785][ T3454]  copy_process+0x73e/0x7190
[ 2815.476414][ T3454]  ? __lock_acquire+0xbc3/0x56d0
[ 2815.481408][ T3454]  ? __cleanup_sighand+0xb0/0xb0
[ 2815.486378][ T3454]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2815.492411][ T3454]  ? psi_memstall_leave+0x174/0x250
[ 2815.497654][ T3454]  kernel_clone+0xeb/0x980
[ 2815.502103][ T3454]  ? create_io_thread+0xf0/0xf0
[ 2815.506990][ T3454]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2815.513266][ T3454]  ? lock_downgrade+0x6e0/0x6e0
[ 2815.518180][ T3454]  __do_sys_clone+0xba/0x100
[ 2815.522804][ T3454]  ? kernel_clone+0x980/0x980
[ 2815.527536][ T3454]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2815.533468][ T3454]  do_syscall_64+0x39/0xb0
[ 2815.537928][ T3454]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
10:16:19 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000000)={'ip_vti0\x00', 0x0})

[ 2815.543861][ T3454] RIP: 0033:0x7f69a668d501
[ 2815.548299][ T3454] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2815.567935][ T3454] RSP: 002b:00007ffea4dd3058 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2815.576382][ T3454] RAX: ffffffffffffffda RBX: 00007f69a746c700 RCX: 00007f69a668d501
[ 2815.584381][ T3454] RDX: 00007f69a746c9d0 RSI: 00007f69a746c2f0 RDI: 00000000003d0f00
10:16:19 executing program 0:
select(0x40, &(0x7f0000000080), 0x0, &(0x7f0000000100)={0x6900}, &(0x7f0000000140)={0x77359400})

[ 2815.592374][ T3454] RBP: 00007ffea4dd32a0 R08: 00007f69a746c700 R09: 00007f69a746c700
[ 2815.600372][ T3454] R10: 00007f69a746c9d0 R11: 0000000000000206 R12: 00007ffea4dd310e
[ 2815.608371][ T3454] R13: 00007ffea4dd310f R14: 00007f69a746c300 R15: 0000000000022000
[ 2815.616391][ T3454]  </TASK>
10:16:19 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000140)=0x6, 0x4)

[ 2815.648863][ T3468] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2815.680897][ T3468] device bridge1776 entered promiscuous mode
10:16:19 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_udp_SIOCOUTQ(r0, 0x8953, &(0x7f0000000000))

10:16:19 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f0000001040), 0x48)

[ 2815.772399][ T3473] device macvtap2166 entered promiscuous mode
[ 2815.824654][ T3454] memory: usage 307184kB, limit 307200kB, failcnt 11098
[ 2815.842765][ T3468] device macvtap2167 entered promiscuous mode
[ 2815.849163][ T3454] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2815.856073][ T3454] Memory cgroup stats for /syz1:
[ 2815.856312][ T3454] anon 102400
[ 2815.856312][ T3454] file 393216
[ 2815.856312][ T3454] kernel 314060800
[ 2815.856312][ T3454] kernel_stack 65536
[ 2815.856312][ T3454] pagetables 73728
[ 2815.856312][ T3454] sec_pagetables 0
[ 2815.856312][ T3454] percpu 5356416
[ 2815.856312][ T3454] sock 0
[ 2815.856312][ T3454] vmalloc 0
[ 2815.856312][ T3454] shmem 385024
[ 2815.856312][ T3454] zswap 0
[ 2815.856312][ T3454] zswapped 0
[ 2815.856312][ T3454] file_mapped 385024
[ 2815.856312][ T3454] file_dirty 0
[ 2815.856312][ T3454] file_writeback 0
[ 2815.856312][ T3454] swapcached 0
[ 2815.856312][ T3454] anon_thp 0
[ 2815.856312][ T3454] file_thp 0
[ 2815.856312][ T3454] shmem_thp 0
[ 2815.856312][ T3454] inactive_anon 147456
[ 2815.856312][ T3454] active_anon 339968
[ 2815.856312][ T3454] inactive_file 0
[ 2815.856312][ T3454] active_file 8192
[ 2815.856312][ T3454] unevictable 0
[ 2815.856312][ T3454] slab_reclaimable 14584
[ 2815.856312][ T3454] slab_unreclaimable 308482936
10:16:20 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_udp_SIOCOUTQ(r0, 0x2, &(0x7f0000000000))

[ 2815.974883][ T3454] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3454,uid=0
[ 2815.997641][ T3454] Memory cgroup out of memory: Killed process 3454 (syz-executor.1) total-vm:54672kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 2816.069475][ T3480] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2816.136620][ T3462] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000
[ 2816.155986][ T3462] CPU: 0 PID: 3462 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2816.166358][ T3462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2816.176420][ T3462] Call Trace:
[ 2816.179693][ T3462]  <TASK>
[ 2816.182616][ T3462]  dump_stack_lvl+0xd1/0x138
[ 2816.187203][ T3462]  dump_header+0x10b/0x85f
[ 2816.191612][ T3462]  oom_kill_process.cold+0x10/0x15
[ 2816.196730][ T3462]  out_of_memory+0x35c/0x14a0
[ 2816.201445][ T3462]  ? find_held_lock+0x2d/0x110
[ 2816.206249][ T3462]  ? oom_killer_disable+0x280/0x280
[ 2816.211484][ T3462]  ? find_held_lock+0x2d/0x110
[ 2816.216289][ T3462]  mem_cgroup_out_of_memory+0x206/0x270
[ 2816.221866][ T3462]  ? mem_cgroup_margin+0x130/0x130
[ 2816.226992][ T3462]  ? lock_downgrade+0x6e0/0x6e0
[ 2816.231853][ T3462]  try_charge_memcg+0xef8/0x12f0
[ 2816.236803][ T3462]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2816.242783][ T3462]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2816.248523][ T3462]  ? lock_downgrade+0x6e0/0x6e0
[ 2816.253423][ T3462]  ? lock_downgrade+0x6e0/0x6e0
[ 2816.258312][ T3462]  ? rcu_read_unlock+0x9/0x60
[ 2816.263025][ T3462]  obj_cgroup_charge+0x2af/0x5e0
[ 2816.268007][ T3462]  kmem_cache_alloc_node+0xa9/0x410
[ 2816.273225][ T3462]  ? copy_process+0x5c2/0x7190
[ 2816.277991][ T3462]  copy_process+0x5c2/0x7190
[ 2816.282576][ T3462]  ? __lock_acquire+0xbc3/0x56d0
[ 2816.287520][ T3462]  ? __cleanup_sighand+0xb0/0xb0
[ 2816.292449][ T3462]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2816.298449][ T3462]  ? psi_memstall_leave+0x174/0x250
[ 2816.303695][ T3462]  kernel_clone+0xeb/0x980
[ 2816.308146][ T3462]  ? create_io_thread+0xf0/0xf0
[ 2816.313030][ T3462]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2816.319301][ T3462]  ? lock_downgrade+0x6e0/0x6e0
[ 2816.324188][ T3462]  __do_sys_clone+0xba/0x100
[ 2816.328786][ T3462]  ? kernel_clone+0x980/0x980
[ 2816.333467][ T3462]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2816.339354][ T3462]  do_syscall_64+0x39/0xb0
[ 2816.343764][ T3462]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2816.349674][ T3462] RIP: 0033:0x7f8325a8d501
[ 2816.354109][ T3462] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2816.373741][ T3462] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2816.382183][ T3462] RAX: ffffffffffffffda RBX: 00007f8326788700 RCX: 00007f8325a8d501
[ 2816.390164][ T3462] RDX: 00007f83267889d0 RSI: 00007f83267882f0 RDI: 00000000003d0f00
[ 2816.398136][ T3462] RBP: 00007fff9cb6b3f0 R08: 00007f8326788700 R09: 00007f8326788700
[ 2816.406125][ T3462] R10: 00007f83267889d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2816.414116][ T3462] R13: 00007fff9cb6b25f R14: 00007f8326788300 R15: 0000000000022000
[ 2816.422127][ T3462]  </TASK>
[ 2816.427307][ T3462] memory: usage 307200kB, limit 307200kB, failcnt 65112
[ 2816.434857][ T3462] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2816.443980][ T3462] Memory cgroup stats for /syz2:
[ 2816.444207][ T3462] anon 147456
[ 2816.444207][ T3462] file 417792
[ 2816.444207][ T3462] kernel 314007552
[ 2816.444207][ T3462] kernel_stack 65536
[ 2816.444207][ T3462] pagetables 77824
[ 2816.444207][ T3462] sec_pagetables 0
[ 2816.444207][ T3462] percpu 5357600
[ 2816.444207][ T3462] sock 0
[ 2816.444207][ T3462] vmalloc 8192
[ 2816.444207][ T3462] shmem 417792
[ 2816.444207][ T3462] zswap 0
[ 2816.444207][ T3462] zswapped 0
[ 2816.444207][ T3462] file_mapped 417792
[ 2816.444207][ T3462] file_dirty 0
[ 2816.444207][ T3462] file_writeback 0
[ 2816.444207][ T3462] swapcached 0
[ 2816.444207][ T3462] anon_thp 0
[ 2816.444207][ T3462] file_thp 0
[ 2816.444207][ T3462] shmem_thp 0
[ 2816.444207][ T3462] inactive_anon 126976
[ 2816.444207][ T3462] active_anon 413696
[ 2816.444207][ T3462] inactive_file 0
[ 2816.444207][ T3462] active_file 0
[ 2816.444207][ T3462] unevictable 0
[ 2816.444207][ T3462] slab_reclaimable 14280
[ 2816.444207][ T3462] slab_unreclaimable 308454264
[ 2816.539375][ T3462] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3462,uid=0
[ 2816.556306][ T3462] Memory cgroup out of memory: Killed process 3462 (syz-executor.2) total-vm:54672kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:16:20 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3600}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

10:16:20 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x324, @local}]}, 0x48}}, 0x0)

10:16:20 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_udp_SIOCOUTQ(r0, 0x8940, &(0x7f0000000000))

10:16:20 executing program 3:
bpf$MAP_CREATE(0x11, &(0x7f0000001040), 0x48)

10:16:20 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x8a0c}, 0x0)

10:16:20 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_WOL_SET(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x68000010}, 0xc, &(0x7f0000000240)={&(0x7f0000000f40)={0xec4, 0x0, 0x0, 0x0, 0x0, {}, [@ETHTOOL_A_WOL_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @ETHTOOL_A_WOL_MODES={0xe80, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_MASK={0x59, 0x5, "cc4e61dca331c2fa9078d0f688c953a3c6fbeec2761f6d36db552724402be53e363d3120284706d289eb4602aa2eed1afa4c0040c26d3e90fa5b4492dd8a66d151b07d9351742c6a98c9baed8486febb78aed27096"}, @ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_MASK={0xb9, 0x5, "d28ba99c45f0c94a872d5070973feefc34dbf30aeb4a89daf53781340c4f09c90b3b71ea520941c82c12ff7cd65c9e39d6ff776f5cf949771985cb2f0365f3591794541445faef88d71593a6bc880b5cae453f33515913160b2c206cfaaf98beeb1896046aa1862f7ea6ea6f2b6db4464de4348c46203fe53dbede1c9073b60d0c0ff296150d374b330255cbe327010bc3c3fc1373c5d3713092e945151d6bbacd6acacfe45b5ab51d2cd033324c2f4a5cbc1d65ea"}, @ETHTOOL_A_BITSET_BITS={0xbc, 0x3, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x19, 0x2, '/proc/self/net/pfkey\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, ':#(\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, ']\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '@[\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '\x94$-,!\xc5}].\xbf&[.&\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '-\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}]}, @ETHTOOL_A_BITSET_BITS={0x1a4, 0x3, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x19, 0x2, '/proc/self/net/pfkey\x00'}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x19, 0x2, '/proc/self/net/pfkey\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '/-&\'\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0x19, 0x2, '/proc/self/net/pfkey\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, ']@$/R.}\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0x19, 0x2, '/proc/self/net/pfkey\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '-%\'\x00'}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x19, 0x2, '/proc/self/net/pfkey\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x19, 0x2, '/proc/self/net/pfkey\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x19, 0x2, '/proc/self/net/pfkey\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_VALUE={0xaf1, 0x4, "47fb3370a7b00ede8ef14627d7f6301ce7dbea4a88dc2e4d05e8787747056f3ecd0b9ed79aa58d03c0b1d458a0bf334c78c9ae6c73c5a86fdfcb93d35dd4840fb7989ad6042d1a32d7e42c7b67774e175845c123a8247bd91ff3a2c463e4aa9eda67459b596e59d17b030aa914f44475992440292c766d3c94bda706f76d3b3c8dd56d0fef1493fd1d995eeceab6330915561c16a43b0000be3ed1bc4933c07ef2bbac40f5c6c704c272c22d651edc3e106a70857e30a66bb903c7263b63b19b602ba7c452f6fe792c2563327da56a9580dd5b35934ba640479f6aa7d3fa0737090f52bdc502f627124908cd861794e6883876506c24a51cfe2ea645dcb27333316bc633e5d69a6a39c37cd8da5cd5f2af34f704dff0205c9fef90cd7eba299efcf713b0cad58453ab89e98f61e1858a7d7c6d0e17fb430371c7a1f747d8741122cd7dae23fb96581ae2e208e96fd223860ada606cd354692781c363eed21addd1ff02d418c2f1b7e10ae790ea6a946a98bc56bdd7dd19dc103f2241d20867289dbb293c1836887926a06a5b8ec1948ba247da6a62f6953cb82185f62167d5f294990c9995a1573feb9acc27d036330cd53dd771c1b66ac5d28f92834f20d48d7ca5d268c45a1e88b0e7aea1628763eba5e6cf27331c0f66b892646b3d2ecce28d3bbc49730058aa0c8ab578d1cd2d50bb0e333dd183269998b5325ff5bb6c8c69ba2641f088e67e3ef46f13867ac86d45d8fde6914caf7f4136ec99034e214ad003557f1d6e7975e81e2e4ce549536919ecf8e18b595a77ab0c63b689737d10697f27e2f21d2f53a971b6d62f547ae3bb62ec019236dd1b26f2b62cb04baf191eb97a81107bb1e35a6da99b5a1eef01b9bc498bb04610f7a059812f965aa862753794f06364e1da8de498c3000655e0f14c289d02c0a56844ba73c82f12d04b233d1ede977c286d20e49ced6e6f7e2d3855bdb4bd117b77328e5e300c7bd40e741ad931df1b88e6c8dc38a67793956eb2bccffedf3296b24557eda60f9dc3f0c013f5bf3cc71a2c00177e4e227138e139aa516084740017e8de46feac924c1f0b674f29049988e80c5ae3977dd2f97df7d940a57297f39f81051bab7637152899ed9c50dc8fc6dca4a4686a3f6de4a2282c38e9cbc3afc01553c50247ed815d786caabde381806cc0b4d9eacd1e590548dfd0930697392d824fb79388a387ac4f8196d1d72da117dfa2ca9088853e5f4e15be597230d751d2ea3b275583bcecf8cc6c14603499bc818ae8e3101be525dee345abeca66752a12edce09b741777ad6ffa4c989819bf4b26c35c3702365755fe9d8ab1ece550efe4488ac0884c502c3b2ad577afc95c811a1e499aa0e56dcacbd8b00ef8f79925eb1d0bafdfbc332adbf9e73567abbd52b0b27b68a32966379a7d57b5d103d24d850da0b5f863cc7b4643e602dbb3ecb1b5051734df9f215de3d811df6e5e5b779fde32b7525f7622c94205ff901fa38630a77d32d922bb0e6815d06debf67f6e0910a6990c5071dde475ace9246dbc4bcacb97d0743d3c6cacaa7b41091b1921f313cfa53aaac2bf6e21c11bed157722f1633d0d5011cd844c67271d87ace24dcc3ccddfaad00f62a495dbc8eba6c06f01372171a8ecd6d8f1adf86dbaac45c8e54072568e2b4ea506c537c81bfa11c458040b341658d3d999718d8376b440b2015273a8e71c5410d080ad0563cf40be987fa2a8af89060d76c6da1c88a76ab5024ab5a443025ba45ebb3b15f0d3857dbeaf1e1104bfae7f5378fba8dacfef78c678e28e38ef4da4567915d4de3f24b6e9737c0f34259c2239fa01f87d52e67a10e6119209ed143c3614b82c68542737b04556c64dc01232f2c82137954365fb73d6b61bf6c9e3cf042751978718f696ed573317d1ee8a1b2e45fa21ea3b569a92c9782a1c9449a3bbd6ae15caf22774048a91a19fb7a19cff1393590f8d967d3d9cd9752379aabb219d44b7e4635187b6377c3bc34df83b9a8e619e78acbb1435037e0ef305654383af9179ee266cf9a2cf0e91af93742e769acccf02497c617ceb8cafbcc2a7546f6a48ba248d93e37c92dbf9e7466a6ace2af2deddb4a22bf9c0d426659b82d2798b270fb54428f49de55ad18a68e13eea0aa7e27c4374b35a9e4b92297b6d1e7a9f1193c29a1b163b23afe4c490444b42e02a02ba2f2e08fe7433045c8552d74c0f72b0c1dad401995980b27876b8df14e723b123017a1355bcf5358381eaed2cdafd89e3539515adef3e5a455c017d4d5cdd239b5a657ca48e0d2b7b9e69d05f1548d6d4d7ed0ca0a9fe58ca3df12c7cccb61d73256ac7523742e30115da6bde04132478b213c625bbceb397de8812d1f10a30ae63d25a985cd0888c352addb04778850c34f786dfcdd3f34b2f7212edfff19b940747600c7174483c7253e35038b6bae4796b6dc4baf8ddc08a47f3bc9788d06707db5f1f4a7185c9f6a90f00aaf3de849e24a3621a327d133c74747f72f8e1bbfb0c0d35103ce9fdd90ee70422d3c3dc8e08ccb866d261eafc55078f07228848024c1c69aecc970019a015ccefe68ed1faedc688a11ce28e6292c89e272bfa572b8fd64b4efec3b4d31b179b4ffc1484a97f39c274cef9f531013d662782d859d2cb5b8e907e7749920158f66230bb63bf114fef209d425017c1a3cb600dc629bb51fdf2b13b0745de79284134f91e729a5d1b0ca8fd8fa31448cc33003ca967dead879ddbd7c57c7aad8c3a23889248a4f9c0b2cb74a17617515922ab6862c163cf894f58f7f08795d22de99b14bb8dbc7c4cea9d1313ffde0f52f7e491c5477bf7a90a9d2f1b576a466890014e6c34b88f92979c8535d2c232439d61486b8a40b259a6e1282582797ff72311ebe70828f4aedc43a1eb7c71078582d1f1d50c58ef84b845158f249251c471d7c14715dbe5c8ae44a7b3dd6b836f3fbecec3437425e6875cc8817e10350c53c536e13f7f202dbca620882c9611052143317957f85cd9d70d07f775624f7bdd77bb457274e8067f3e7443078edd43382164eaea91c80fc32224fac7a3ef0eb33e10cfa0fdbceb567363b47efebe8d0f64e51d20ecadb3d702de80118e0274a631891ffcfdf45b77db361c217ef8fae9174723ecae219e4ec0f7ef40e0e7b06f6a813d3aae706f334db0c12e79c14ffa9fb887e0f883ce832d811529d949ee570a080a785b421c64d950c7fadf7d175a9b32fdd0071327ef6724126afd9fe38b15e755a081c692267ad47454f48c6cf614ac80ee50880120518bdd5ecf5558bd388bd64f78c6b33eb022d5196b850d5bfaa8294ef13b051220ca71aa867a841a329d526267178801b9d9dbbef285b57e4ca6f1dc4b8d553df88f1d613b7d1628f4060d075fc5153faa6ef1f3ca69de8200000347bf9052b54bd5755ca8a3a9331faf36e5d85851b1df05b25d596b8d35de3868fb30d3083955361887991559dd0c7969c69f267027a5fbd4b212cc689c2909e2f2c75982ebf5537fae23d6ef5d19d3aae3fdfd10beec0248060183b3107d30aaf88bac62216e55f6a0a7a10383f3bd2b223e13907780bc242972a57dee93b370e826e2dff83b9ecd42a86cb73be22d7aa1c9c8c5f363099b29bb57c28ef378a9b96f0b15ea1e6b5b09272275080bd0393c6a9c729f33648bbb6d224c3c4efdd2524621d0506ecc7a3f5fd4160faa67dce1de84d2a298559c34dcca17e6639e279214c0be6a2ade5c553de9a8c66933af19d1fa6999dfe40b8f69c0ffe819ca1366f7e47d5a55399384448fdbb6444715df2d873f965dfeb3e1e018e36801e3f2aa0bbedfad796183c39266bf526bc078e81b5d90ae5add63ae999f379c0f86d0622279fd7d2e9d7136018da9e0586e7c56dbced8c160385b0d8c660f10c204be3cac0dc133e3e7c9ebf50f37f1214cd1a7b57602d68422d3"}]}]}, 0xec4}}, 0x0)

10:16:20 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x8, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x80)

10:16:20 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x1c, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

[ 2816.698650][ T3486] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
10:16:20 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_WOL_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000f40)={0x14}, 0x14}, 0x7}, 0x0)

10:16:21 executing program 4:
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x1d, 0x1, &(0x7f0000000000)=@raw=[@kfunc], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x80)

10:16:21 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000000c0)={'sit0\x00', &(0x7f0000000200)=ANY=[]})

10:16:21 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$inet_udp_int(r0, 0x11, 0x0, 0x0, &(0x7f0000000300))

[ 2816.842554][ T3486] device bridge1777 entered promiscuous mode
[ 2816.862804][ T3492] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2816.900061][ T3492] CPU: 0 PID: 3492 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2816.910437][ T3492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2816.920519][ T3492] Call Trace:
[ 2816.923814][ T3492]  <TASK>
[ 2816.926764][ T3492]  dump_stack_lvl+0xd1/0x138
[ 2816.931393][ T3492]  dump_header+0x10b/0x85f
[ 2816.935851][ T3492]  oom_kill_process.cold+0x10/0x15
[ 2816.940997][ T3492]  out_of_memory+0x35c/0x14a0
[ 2816.945715][ T3492]  ? find_held_lock+0x2d/0x110
[ 2816.950524][ T3492]  ? oom_killer_disable+0x280/0x280
[ 2816.955760][ T3492]  ? find_held_lock+0x2d/0x110
[ 2816.960573][ T3492]  mem_cgroup_out_of_memory+0x206/0x270
[ 2816.966147][ T3492]  ? mem_cgroup_margin+0x130/0x130
[ 2816.971280][ T3492]  ? lock_downgrade+0x6e0/0x6e0
[ 2816.976204][ T3492]  try_charge_memcg+0xef8/0x12f0
[ 2816.981194][ T3492]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2816.987211][ T3492]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2816.992965][ T3492]  ? lock_downgrade+0x6e0/0x6e0
[ 2816.997882][ T3492]  obj_cgroup_charge+0x2af/0x5e0
[ 2817.002862][ T3492]  ? vm_area_dup+0x85/0x380
[ 2817.007394][ T3492]  kmem_cache_alloc+0xa3/0x3d0
[ 2817.012188][ T3492]  vm_area_dup+0x85/0x380
[ 2817.016532][ T3492]  ? mt_slot+0xa1/0x170
[ 2817.020702][ T3492]  ? mas_next_nentry+0x610/0xab0
[ 2817.025652][ T3492]  ? mas_next_node+0x547/0xa00
[ 2817.030445][ T3492]  ? mas_find+0x211/0xd10
[ 2817.034801][ T3492]  ? vm_area_alloc+0x100/0x100
[ 2817.039578][ T3492]  ? validate_mm_mt+0x149/0x1b0
[ 2817.044451][ T3492]  ? remove_vma+0x130/0x130
[ 2817.048980][ T3492]  ? can_vma_merge_before+0x390/0x390
[ 2817.054380][ T3492]  __split_vma+0xae/0x5e0
[ 2817.058729][ T3492]  ? vma_merge+0x2cf/0x870
[ 2817.063173][ T3492]  split_vma+0xa3/0xe0
[ 2817.067275][ T3492]  mprotect_fixup+0x6cb/0x960
[ 2817.071985][ T3492]  ? mas_find+0x211/0xd10
[ 2817.076333][ T3492]  ? change_protection+0x4290/0x4290
[ 2817.081659][ T3492]  do_mprotect_pkey+0x6fd/0xa70
[ 2817.086544][ T3492]  ? mprotect_fixup+0x960/0x960
[ 2817.091420][ T3492]  ? up_write+0x1b0/0x520
[ 2817.095806][ T3492]  __x64_sys_mprotect+0x78/0xb0
[ 2817.100681][ T3492]  do_syscall_64+0x39/0xb0
[ 2817.105118][ T3492]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2817.111033][ T3492] RIP: 0033:0x7f8325a8c1e7
[ 2817.115457][ T3492] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2817.135074][ T3492] RSP: 002b:00007fff9cb6b1f8 EFLAGS: 00000206 ORIG_RAX: 000000000000000a
[ 2817.143502][ T3492] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f8325a8c1e7
[ 2817.151480][ T3492] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f8326769000
[ 2817.159458][ T3492] RBP: 00007fff9cb6b2d0 R08: 00000000ffffffff R09: 00007f8326788700
[ 2817.167438][ T3492] R10: 0000000000020022 R11: 0000000000000206 R12: 00007fff9cb6b3f0
[ 2817.175416][ T3492] R13: 00007f8326788700 R14: 0000000000000000 R15: 0000000000022000
[ 2817.183416][ T3492]  </TASK>
[ 2817.199287][ T3492] memory: usage 307200kB, limit 307200kB, failcnt 65220
[ 2817.215359][ T3492] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2817.236991][ T3492] Memory cgroup stats for /syz2:
[ 2817.237270][ T3492] anon 143360
[ 2817.237270][ T3492] file 417792
[ 2817.237270][ T3492] kernel 314011648
[ 2817.237270][ T3492] kernel_stack 65536
[ 2817.237270][ T3492] pagetables 77824
[ 2817.237270][ T3492] sec_pagetables 0
[ 2817.237270][ T3492] percpu 5357600
[ 2817.237270][ T3492] sock 0
[ 2817.237270][ T3492] vmalloc 0
[ 2817.237270][ T3492] shmem 417792
[ 2817.237270][ T3492] zswap 0
[ 2817.237270][ T3492] zswapped 0
[ 2817.237270][ T3492] file_mapped 417792
[ 2817.237270][ T3492] file_dirty 0
[ 2817.237270][ T3492] file_writeback 0
[ 2817.237270][ T3492] swapcached 0
[ 2817.237270][ T3492] anon_thp 0
[ 2817.237270][ T3492] file_thp 0
[ 2817.237270][ T3492] shmem_thp 0
[ 2817.237270][ T3492] inactive_anon 147456
[ 2817.237270][ T3492] active_anon 413696
[ 2817.237270][ T3492] inactive_file 0
[ 2817.237270][ T3492] active_file 0
[ 2817.237270][ T3492] unevictable 0
[ 2817.237270][ T3492] slab_reclaimable 14280
[ 2817.237270][ T3492] slab_unreclaimable 308463520
[ 2817.357197][ T3495] device macvtap2167 entered promiscuous mode
[ 2817.361626][ T3492] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3492,uid=0
[ 2817.390111][ T3492] Memory cgroup out of memory: Killed process 3492 (syz-executor.2) total-vm:54672kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 2817.396294][ T3498] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2817.428701][ T3484] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000
10:16:21 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3601}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2817.456303][ T3484] CPU: 1 PID: 3484 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2817.460869][ T3500] device macvtap2168 entered promiscuous mode
[ 2817.466643][ T3484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2817.466661][ T3484] Call Trace:
[ 2817.466671][ T3484]  <TASK>
[ 2817.466682][ T3484]  dump_stack_lvl+0xd1/0x138
[ 2817.493629][ T3484]  dump_header+0x10b/0x85f
[ 2817.498078][ T3484]  oom_kill_process.cold+0x10/0x15
[ 2817.503211][ T3484]  out_of_memory+0x35c/0x14a0
[ 2817.507916][ T3484]  ? oom_killer_disable+0x280/0x280
[ 2817.513135][ T3484]  ? find_held_lock+0x2d/0x110
[ 2817.517924][ T3484]  mem_cgroup_out_of_memory+0x206/0x270
[ 2817.523486][ T3484]  ? mem_cgroup_margin+0x130/0x130
[ 2817.528611][ T3484]  ? lock_downgrade+0x6e0/0x6e0
[ 2817.533502][ T3484]  try_charge_memcg+0xef8/0x12f0
[ 2817.538467][ T3484]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2817.544469][ T3484]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2817.550207][ T3484]  ? lock_downgrade+0x6e0/0x6e0
[ 2817.555087][ T3484]  ? lock_downgrade+0x6e0/0x6e0
[ 2817.559969][ T3484]  ? rcu_read_unlock+0x9/0x60
[ 2817.564669][ T3484]  obj_cgroup_charge+0x2af/0x5e0
[ 2817.569642][ T3484]  kmem_cache_alloc_node+0xa9/0x410
[ 2817.574861][ T3484]  ? copy_process+0x5c2/0x7190
[ 2817.579651][ T3484]  copy_process+0x5c2/0x7190
[ 2817.584265][ T3484]  ? find_held_lock+0x2d/0x110
[ 2817.589062][ T3484]  ? find_held_lock+0x2d/0x110
[ 2817.593855][ T3484]  ? __cleanup_sighand+0xb0/0xb0
[ 2817.598808][ T3484]  ? __handle_mm_fault+0x2d0f/0x3a40
[ 2817.604109][ T3484]  ? lock_downgrade+0x6e0/0x6e0
[ 2817.608982][ T3484]  ? folio_flags.constprop.0+0x53/0x150
[ 2817.614564][ T3484]  ? folio_add_lru+0x37b/0x680
[ 2817.619358][ T3484]  kernel_clone+0xeb/0x980
[ 2817.623794][ T3484]  ? create_io_thread+0xf0/0xf0
[ 2817.628667][ T3484]  ? find_held_lock+0x2d/0x110
[ 2817.633474][ T3484]  __do_sys_clone+0xba/0x100
[ 2817.638081][ T3484]  ? kernel_clone+0x980/0x980
[ 2817.642786][ T3484]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2817.648717][ T3484]  do_syscall_64+0x39/0xb0
[ 2817.653163][ T3484]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2817.659086][ T3484] RIP: 0033:0x7f69a668d501
[ 2817.663517][ T3484] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2817.683138][ T3484] RSP: 002b:00007ffea4dd3058 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2817.691568][ T3484] RAX: ffffffffffffffda RBX: 00007f69a746c700 RCX: 00007f69a668d501
[ 2817.699553][ T3484] RDX: 00007f69a746c9d0 RSI: 00007f69a746c2f0 RDI: 00000000003d0f00
[ 2817.707534][ T3484] RBP: 00007ffea4dd32a0 R08: 00007f69a746c700 R09: 00007f69a746c700
[ 2817.715514][ T3484] R10: 00007f69a746c9d0 R11: 0000000000000206 R12: 00007ffea4dd310e
[ 2817.723493][ T3484] R13: 00007ffea4dd310f R14: 00007f69a746c300 R15: 0000000000022000
[ 2817.731491][ T3484]  </TASK>
[ 2817.738927][ T3484] memory: usage 307196kB, limit 307200kB, failcnt 11163
[ 2817.751533][ T3484] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2817.758961][ T3484] Memory cgroup stats for /syz1:
[ 2817.759198][ T3484] anon 147456
[ 2817.759198][ T3484] file 393216
[ 2817.759198][ T3484] kernel 314028032
[ 2817.759198][ T3484] kernel_stack 65536
[ 2817.759198][ T3484] pagetables 81920
[ 2817.759198][ T3484] sec_pagetables 0
[ 2817.759198][ T3484] percpu 5356416
[ 2817.759198][ T3484] sock 0
[ 2817.759198][ T3484] vmalloc 0
[ 2817.759198][ T3484] shmem 385024
[ 2817.759198][ T3484] zswap 0
[ 2817.759198][ T3484] zswapped 0
[ 2817.759198][ T3484] file_mapped 385024
[ 2817.759198][ T3484] file_dirty 0
[ 2817.759198][ T3484] file_writeback 0
[ 2817.759198][ T3484] swapcached 0
[ 2817.759198][ T3484] anon_thp 0
[ 2817.759198][ T3484] file_thp 0
[ 2817.759198][ T3484] shmem_thp 0
[ 2817.759198][ T3484] inactive_anon 192512
[ 2817.759198][ T3484] active_anon 339968
[ 2817.759198][ T3484] inactive_file 4096
[ 2817.759198][ T3484] active_file 4096
[ 2817.759198][ T3484] unevictable 0
[ 2817.759198][ T3484] slab_reclaimable 16512
[ 2817.759198][ T3484] slab_unreclaimable 308470328
[ 2817.862293][ T3484] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3484,uid=0
[ 2817.878099][ T3484] Memory cgroup out of memory: Killed process 3484 (syz-executor.1) total-vm:54672kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2817.910328][ T3510] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2817.920788][ T3494] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2817.931847][ T3510] CPU: 1 PID: 3510 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2817.942211][ T3510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2817.952372][ T3510] Call Trace:
[ 2817.955667][ T3510]  <TASK>
[ 2817.958619][ T3510]  dump_stack_lvl+0xd1/0x138
[ 2817.963243][ T3510]  dump_header+0x10b/0x85f
[ 2817.967682][ T3510]  oom_kill_process.cold+0x10/0x15
[ 2817.972818][ T3510]  out_of_memory+0x35c/0x14a0
[ 2817.977541][ T3510]  ? find_held_lock+0x2d/0x110
[ 2817.982345][ T3510]  ? oom_killer_disable+0x280/0x280
[ 2817.987569][ T3510]  ? find_held_lock+0x2d/0x110
[ 2817.992380][ T3510]  mem_cgroup_out_of_memory+0x206/0x270
[ 2817.997963][ T3510]  ? mem_cgroup_margin+0x130/0x130
[ 2818.003102][ T3510]  ? lock_downgrade+0x6e0/0x6e0
[ 2818.008023][ T3510]  try_charge_memcg+0xef8/0x12f0
[ 2818.013005][ T3510]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2818.019032][ T3510]  ? rcu_read_unlock+0x9/0x60
[ 2818.023733][ T3510]  ? lock_downgrade+0x6e0/0x6e0
[ 2818.028644][ T3510]  charge_memcg+0x99/0x3b0
[ 2818.033101][ T3510]  __mem_cgroup_charge+0x2b/0x90
[ 2818.038076][ T3510]  ? _compound_head+0x5d/0x150
[ 2818.042883][ T3510]  __handle_mm_fault+0x17e7/0x3a40
[ 2818.048034][ T3510]  ? vm_iomap_memory+0x190/0x190
[ 2818.053030][ T3510]  handle_mm_fault+0x1cc/0x780
[ 2818.057829][ T3510]  do_user_addr_fault+0x475/0x1210
[ 2818.062979][ T3510]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2818.068576][ T3510]  exc_page_fault+0x98/0x170
[ 2818.073200][ T3510]  asm_exc_page_fault+0x26/0x30
[ 2818.078086][ T3510] RIP: 0033:0x7f8325a2be6a
[ 2818.082520][ T3510] Code: 30 48 8b 34 24 48 85 f6 74 17 8b 44 24 18 0f c8 89 c0 48 89 44 24 18 48 83 fe 01 0f 85 a1 01 00 00 48 8b 44 24 10 8b 74 24 18 <89> 30 e9 d2 fc ff ff 48 8b 44 24 10 8b 10 48 8b 04 24 48 85 c0 0f
[ 2818.102154][ T3510] RSP: 002b:00007fff9cb6b2a0 EFLAGS: 00010246
[ 2818.108253][ T3510] RAX: 0000000020000200 RBX: 0000000000000000 RCX: 0000000000000000
[ 2818.116245][ T3510] RDX: c81f92c6f62d1f66 RSI: 0000000000000014 RDI: 0000555555b4e2e8
[ 2818.124239][ T3510] RBP: 00007fff9cb6b398 R08: 0000000000000000 R09: 0000000000000000
[ 2818.132228][ T3510] R10: 00007f83256002a8 R11: 0000000000000246 R12: 00000000002aff4b
[ 2818.140220][ T3510] R13: 00007fff9cb6b3c0 R14: 00007f8325babf80 R15: 0000000000000032
[ 2818.148240][ T3510]  </TASK>
[ 2818.158814][ T3510] memory: usage 307200kB, limit 307200kB, failcnt 65341
[ 2818.165916][ T3510] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2818.173433][ T3510] Memory cgroup stats for /syz2:
[ 2818.173645][ T3510] anon 139264
[ 2818.173645][ T3510] file 417792
[ 2818.173645][ T3510] kernel 314015744
[ 2818.173645][ T3510] kernel_stack 65536
[ 2818.173645][ T3510] pagetables 77824
[ 2818.173645][ T3510] sec_pagetables 0
[ 2818.173645][ T3510] percpu 5357600
[ 2818.173645][ T3510] sock 0
[ 2818.173645][ T3510] vmalloc 0
[ 2818.173645][ T3510] shmem 417792
10:16:22 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x336, @local}]}, 0x48}}, 0x0)

10:16:22 executing program 4:
bpf$MAP_CREATE(0x1c, &(0x7f0000001040), 0x48)

10:16:22 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=@delnexthop={0x18}, 0x18}}, 0x0)

10:16:22 executing program 3:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_REMOVEDEF(r0, &(0x7f0000000980)={&(0x7f0000000a00), 0x5, &(0x7f0000000480)={&(0x7f0000000440)={0x1b}, 0x14}}, 0x0)

10:16:22 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0xa503}, 0x0)

[ 2818.173645][ T3510] zswap 0
[ 2818.173645][ T3510] zswapped 0
[ 2818.173645][ T3510] file_mapped 417792
[ 2818.173645][ T3510] file_dirty 0
[ 2818.173645][ T3510] file_writeback 0
[ 2818.173645][ T3510] swapcached 0
[ 2818.173645][ T3510] anon_thp 0
[ 2818.173645][ T3510] file_thp 0
[ 2818.173645][ T3510] shmem_thp 0
[ 2818.173645][ T3510] inactive_anon 143360
[ 2818.173645][ T3510] active_anon 413696
[ 2818.173645][ T3510] inactive_file 0
[ 2818.173645][ T3510] active_file 0
[ 2818.173645][ T3510] unevictable 0
[ 2818.173645][ T3510] slab_reclaimable 14280
10:16:22 executing program 4:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_REMOVEDEF(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000480)={0x0}, 0x1, 0x0, 0xffffff7f}, 0x0)

[ 2818.173645][ T3510] slab_unreclaimable 308463520
10:16:22 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
getpeername$packet(r0, 0x0, 0x0)

10:16:22 executing program 3:
bpf$MAP_CREATE(0x1d, &(0x7f0000001040), 0x48)

[ 2818.295098][ T3518] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
10:16:22 executing program 4:
bpf$MAP_CREATE(0x8, &(0x7f0000001040), 0x48)

10:16:22 executing program 3:
bpf$MAP_CREATE(0x13, &(0x7f0000001040), 0x48)

10:16:22 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000001c0)={'sit0\x00', &(0x7f0000000200)=ANY=[]})

[ 2818.416734][ T3518] device bridge1778 entered promiscuous mode
[ 2818.483526][ T3529] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
10:16:22 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3602}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2818.529755][ T3510] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3510,uid=0
[ 2818.545702][ T3510] Memory cgroup out of memory: Killed process 3510 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 2818.631180][ T3525] device macvtap2168 entered promiscuous mode
[ 2818.645098][ T3524] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000
[ 2818.672778][ T3524] CPU: 0 PID: 3524 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2818.683159][ T3524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2818.693236][ T3524] Call Trace:
[ 2818.696527][ T3524]  <TASK>
[ 2818.699473][ T3524]  dump_stack_lvl+0xd1/0x138
[ 2818.704107][ T3524]  dump_header+0x10b/0x85f
[ 2818.708558][ T3524]  oom_kill_process.cold+0x10/0x15
[ 2818.713707][ T3524]  out_of_memory+0x35c/0x14a0
[ 2818.718422][ T3524]  ? find_held_lock+0x2d/0x110
[ 2818.723231][ T3524]  ? oom_killer_disable+0x280/0x280
[ 2818.728476][ T3524]  ? find_held_lock+0x2d/0x110
[ 2818.733285][ T3524]  mem_cgroup_out_of_memory+0x206/0x270
[ 2818.738864][ T3524]  ? mem_cgroup_margin+0x130/0x130
[ 2818.744010][ T3524]  ? lock_downgrade+0x6e0/0x6e0
[ 2818.748927][ T3524]  try_charge_memcg+0xef8/0x12f0
[ 2818.753909][ T3524]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2818.759915][ T3524]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2818.765676][ T3524]  ? lock_downgrade+0x6e0/0x6e0
[ 2818.770573][ T3524]  ? lock_downgrade+0x6e0/0x6e0
[ 2818.775466][ T3524]  ? rcu_read_unlock+0x9/0x60
[ 2818.780214][ T3524]  obj_cgroup_charge+0x2af/0x5e0
[ 2818.785199][ T3524]  kmem_cache_alloc_node+0xa9/0x410
[ 2818.787960][ T3532] device macvtap2169 entered promiscuous mode
[ 2818.790409][ T3524]  ? copy_process+0x5c2/0x7190
[ 2818.790450][ T3524]  copy_process+0x5c2/0x7190
[ 2818.805896][ T3524]  ? find_held_lock+0x2d/0x110
[ 2818.810694][ T3524]  ? find_held_lock+0x2d/0x110
[ 2818.815473][ T3524]  ? __cleanup_sighand+0xb0/0xb0
[ 2818.820427][ T3524]  ? __handle_mm_fault+0x2d0f/0x3a40
[ 2818.825704][ T3524]  ? lock_downgrade+0x6e0/0x6e0
[ 2818.830566][ T3524]  ? folio_flags.constprop.0+0x53/0x150
[ 2818.836167][ T3524]  ? folio_add_lru+0x37b/0x680
[ 2818.840986][ T3524]  kernel_clone+0xeb/0x980
[ 2818.845435][ T3524]  ? create_io_thread+0xf0/0xf0
[ 2818.850310][ T3524]  ? find_held_lock+0x2d/0x110
[ 2818.855078][ T3524]  __do_sys_clone+0xba/0x100
[ 2818.859678][ T3524]  ? kernel_clone+0x980/0x980
[ 2818.864380][ T3524]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2818.870272][ T3524]  do_syscall_64+0x39/0xb0
[ 2818.874685][ T3524]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2818.880588][ T3524] RIP: 0033:0x7f69a668d501
[ 2818.885029][ T3524] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2818.904662][ T3524] RSP: 002b:00007ffea4dd3058 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2818.913098][ T3524] RAX: ffffffffffffffda RBX: 00007f69a746c700 RCX: 00007f69a668d501
[ 2818.921063][ T3524] RDX: 00007f69a746c9d0 RSI: 00007f69a746c2f0 RDI: 00000000003d0f00
[ 2818.929039][ T3524] RBP: 00007ffea4dd32a0 R08: 00007f69a746c700 R09: 00007f69a746c700
[ 2818.937039][ T3524] R10: 00007f69a746c9d0 R11: 0000000000000206 R12: 00007ffea4dd310e
[ 2818.945031][ T3524] R13: 00007ffea4dd310f R14: 00007f69a746c300 R15: 0000000000022000
[ 2818.953024][ T3524]  </TASK>
[ 2818.978240][ T3524] memory: usage 307196kB, limit 307200kB, failcnt 11377
[ 2818.988823][ T3524] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2818.998266][ T3524] Memory cgroup stats for /syz1:
[ 2818.998493][ T3524] anon 147456
[ 2818.998493][ T3524] file 393216
[ 2818.998493][ T3524] kernel 314028032
[ 2818.998493][ T3524] kernel_stack 65536
[ 2818.998493][ T3524] pagetables 81920
[ 2818.998493][ T3524] sec_pagetables 0
[ 2818.998493][ T3524] percpu 5356416
[ 2818.998493][ T3524] sock 0
[ 2818.998493][ T3524] vmalloc 0
[ 2818.998493][ T3524] shmem 385024
[ 2818.998493][ T3524] zswap 0
[ 2818.998493][ T3524] zswapped 0
[ 2818.998493][ T3524] file_mapped 385024
[ 2818.998493][ T3524] file_dirty 0
[ 2818.998493][ T3524] file_writeback 0
[ 2818.998493][ T3524] swapcached 0
[ 2818.998493][ T3524] anon_thp 0
[ 2818.998493][ T3524] file_thp 0
[ 2818.998493][ T3524] shmem_thp 0
[ 2818.998493][ T3524] inactive_anon 192512
[ 2818.998493][ T3524] active_anon 339968
[ 2818.998493][ T3524] inactive_file 4096
[ 2818.998493][ T3524] active_file 4096
[ 2818.998493][ T3524] unevictable 0
[ 2818.998493][ T3524] slab_reclaimable 16512
[ 2818.998493][ T3524] slab_unreclaimable 308470328
[ 2819.097885][ T3524] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3524,uid=0
[ 2819.114279][ T3524] Memory cgroup out of memory: Killed process 3524 (syz-executor.1) total-vm:54672kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2819.134015][ T3537] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2819.136290][ T3536] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2819.173604][ T3536] CPU: 0 PID: 3536 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2819.183967][ T3536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2819.194044][ T3536] Call Trace:
[ 2819.197343][ T3536]  <TASK>
[ 2819.200295][ T3536]  dump_stack_lvl+0xd1/0x138
[ 2819.204932][ T3536]  dump_header+0x10b/0x85f
[ 2819.209820][ T3536]  oom_kill_process.cold+0x10/0x15
[ 2819.214969][ T3536]  out_of_memory+0x35c/0x14a0
[ 2819.219692][ T3536]  ? oom_killer_disable+0x280/0x280
[ 2819.224942][ T3536]  ? find_held_lock+0x2d/0x110
[ 2819.229756][ T3536]  mem_cgroup_out_of_memory+0x206/0x270
[ 2819.235339][ T3536]  ? mem_cgroup_margin+0x130/0x130
[ 2819.240489][ T3536]  ? lock_downgrade+0x6e0/0x6e0
[ 2819.245408][ T3536]  try_charge_memcg+0xef8/0x12f0
[ 2819.250393][ T3536]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2819.256410][ T3536]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2819.262166][ T3536]  ? lock_downgrade+0x6e0/0x6e0
[ 2819.267095][ T3536]  obj_cgroup_charge+0x2af/0x5e0
[ 2819.272079][ T3536]  ? vm_area_dup+0x85/0x380
[ 2819.276620][ T3536]  kmem_cache_alloc+0xa3/0x3d0
[ 2819.281422][ T3536]  vm_area_dup+0x85/0x380
[ 2819.285767][ T3536]  ? mt_slot+0xa1/0x170
[ 2819.289936][ T3536]  ? mas_next_nentry+0x610/0xab0
[ 2819.294887][ T3536]  ? mas_next_node+0x547/0xa00
[ 2819.299680][ T3536]  ? mas_find+0x211/0xd10
[ 2819.304039][ T3536]  ? vm_area_alloc+0x100/0x100
[ 2819.308819][ T3536]  ? validate_mm_mt+0x149/0x1b0
[ 2819.313699][ T3536]  ? remove_vma+0x130/0x130
[ 2819.318232][ T3536]  ? can_vma_merge_before+0x390/0x390
[ 2819.323634][ T3536]  __split_vma+0xae/0x5e0
[ 2819.327983][ T3536]  ? vma_merge+0x2cf/0x870
[ 2819.332430][ T3536]  split_vma+0xa3/0xe0
[ 2819.336523][ T3536]  mprotect_fixup+0x6cb/0x960
[ 2819.341231][ T3536]  ? mas_find+0x211/0xd10
[ 2819.345576][ T3536]  ? change_protection+0x4290/0x4290
[ 2819.350898][ T3536]  do_mprotect_pkey+0x6fd/0xa70
[ 2819.355785][ T3536]  ? mprotect_fixup+0x960/0x960
[ 2819.360661][ T3536]  ? up_write+0x1b0/0x520
[ 2819.365048][ T3536]  __x64_sys_mprotect+0x78/0xb0
[ 2819.369929][ T3536]  do_syscall_64+0x39/0xb0
[ 2819.374405][ T3536]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2819.380319][ T3536] RIP: 0033:0x7f8325a8c1e7
[ 2819.384747][ T3536] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2819.404369][ T3536] RSP: 002b:00007fff9cb6b1f8 EFLAGS: 00000206 ORIG_RAX: 000000000000000a
[ 2819.412795][ T3536] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f8325a8c1e7
10:16:23 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x339, @local}]}, 0x48}}, 0x0)

10:16:23 executing program 4:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000200)=0x3, 0x4)

10:16:23 executing program 3:
bpf$MAP_CREATE(0x9, &(0x7f0000001040), 0x48)

10:16:23 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000000c0)={'batadv_slave_0\x00'})

10:16:23 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0xb40b}, 0x0)

[ 2819.420774][ T3536] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f8326769000
[ 2819.428754][ T3536] RBP: 00007fff9cb6b2d0 R08: 00000000ffffffff R09: 00007f8326788700
[ 2819.436734][ T3536] R10: 0000000000020022 R11: 0000000000000206 R12: 00007fff9cb6b3f0
[ 2819.444714][ T3536] R13: 00007f8326788700 R14: 0000000000000000 R15: 0000000000022000
[ 2819.452717][ T3536]  </TASK>
10:16:23 executing program 3:
r0 = socket$packet(0x11, 0x2, 0x300)
getsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000), &(0x7f0000000080)=0x4)

10:16:23 executing program 4:
r0 = socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x3, 0x300)
bind$packet(r0, &(0x7f0000000040)={0x11, 0x17, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)

10:16:23 executing program 0:
syz_emit_ethernet(0x1e, &(0x7f0000000000)={@link_local, @empty, @void, {@can={0xc, {{}, 0x0, 0x0, 0x0, 0x0, "dd88517d5f67e55a"}}}}, 0x0)

[ 2819.504233][ T3545] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
10:16:23 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0xfffffffffffffffe}}, 0x0)

10:16:23 executing program 4:
r0 = socket(0x11, 0x2, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={0x0, 0x7c}}, 0x0)

10:16:23 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8922, &(0x7f0000001880)={'batadv_slave_1\x00'})

[ 2819.688319][ T3545] device bridge1779 entered promiscuous mode
[ 2819.721925][ T3536] memory: usage 307188kB, limit 307200kB, failcnt 65497
[ 2819.729933][ T3536] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2819.736981][ T3536] Memory cgroup stats for /syz2:
[ 2819.737229][ T3536] anon 143360
[ 2819.737229][ T3536] file 417792
[ 2819.737229][ T3536] kernel 313999360
[ 2819.737229][ T3536] kernel_stack 65536
[ 2819.737229][ T3536] pagetables 77824
[ 2819.737229][ T3536] sec_pagetables 0
[ 2819.737229][ T3536] percpu 5357600
[ 2819.737229][ T3536] sock 0
[ 2819.737229][ T3536] vmalloc 0
[ 2819.737229][ T3536] shmem 417792
[ 2819.737229][ T3536] zswap 0
[ 2819.737229][ T3536] zswapped 0
[ 2819.737229][ T3536] file_mapped 417792
[ 2819.737229][ T3536] file_dirty 0
[ 2819.737229][ T3536] file_writeback 0
[ 2819.737229][ T3536] swapcached 0
[ 2819.737229][ T3536] anon_thp 0
[ 2819.737229][ T3536] file_thp 0
[ 2819.737229][ T3536] shmem_thp 0
[ 2819.737229][ T3536] inactive_anon 147456
[ 2819.737229][ T3536] active_anon 413696
[ 2819.737229][ T3536] inactive_file 0
[ 2819.737229][ T3536] active_file 0
[ 2819.737229][ T3536] unevictable 0
[ 2819.737229][ T3536] slab_reclaimable 14280
[ 2819.737229][ T3536] slab_unreclaimable 308452120
[ 2819.779557][ T3548] device macvtap2169 entered promiscuous mode
[ 2819.841004][ T3536] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3536,uid=0
[ 2819.856820][ T3536] Memory cgroup out of memory: Killed process 3536 (syz-executor.2) total-vm:54672kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 2819.874364][ T3546] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2819.897777][ T3546] CPU: 0 PID: 3546 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2819.908143][ T3546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2819.917699][ T3555] device macvtap2170 entered promiscuous mode
[ 2819.918200][ T3546] Call Trace:
[ 2819.918211][ T3546]  <TASK>
[ 2819.918222][ T3546]  dump_stack_lvl+0xd1/0x138
[ 2819.935129][ T3546]  dump_header+0x10b/0x85f
[ 2819.939591][ T3546]  oom_kill_process.cold+0x10/0x15
10:16:24 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3603}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2819.944743][ T3546]  out_of_memory+0x35c/0x14a0
[ 2819.949467][ T3546]  ? oom_killer_disable+0x280/0x280
[ 2819.954705][ T3546]  ? find_held_lock+0x2d/0x110
[ 2819.959518][ T3546]  mem_cgroup_out_of_memory+0x206/0x270
[ 2819.965105][ T3546]  ? mem_cgroup_margin+0x130/0x130
[ 2819.970249][ T3546]  ? lock_downgrade+0x6e0/0x6e0
[ 2819.975161][ T3546]  try_charge_memcg+0xef8/0x12f0
[ 2819.980143][ T3546]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2819.986166][ T3546]  ? rcu_read_unlock+0x9/0x60
[ 2819.990867][ T3546]  ? lock_downgrade+0x6e0/0x6e0
[ 2819.995744][ T3546]  charge_memcg+0x99/0x3b0
[ 2820.000161][ T3546]  __mem_cgroup_charge+0x2b/0x90
[ 2820.005096][ T3546]  ? _compound_head+0x5d/0x150
[ 2820.009884][ T3546]  __handle_mm_fault+0x17e7/0x3a40
[ 2820.015039][ T3546]  ? vm_iomap_memory+0x190/0x190
[ 2820.020035][ T3546]  handle_mm_fault+0x1cc/0x780
[ 2820.024836][ T3546]  do_user_addr_fault+0x475/0x1210
[ 2820.029987][ T3546]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2820.035571][ T3546]  exc_page_fault+0x98/0x170
[ 2820.040177][ T3546]  asm_exc_page_fault+0x26/0x30
[ 2820.045059][ T3546] RIP: 0033:0x7f69a662bd79
[ 2820.049464][ T3546] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2820.069163][ T3546] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2820.075256][ T3546] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2820.083239][ T3546] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2820.091203][ T3546] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2820.099163][ T3546] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b061b
[ 2820.107125][ T3546] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2820.115112][ T3546]  </TASK>
[ 2820.133052][ T3546] memory: usage 307184kB, limit 307200kB, failcnt 11487
[ 2820.140772][ T3546] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2820.147861][ T3546] Memory cgroup stats for /syz1:
[ 2820.148074][ T3546] anon 135168
[ 2820.148074][ T3546] file 393216
[ 2820.148074][ T3546] kernel 314028032
[ 2820.148074][ T3546] kernel_stack 65536
[ 2820.148074][ T3546] pagetables 81920
[ 2820.148074][ T3546] sec_pagetables 0
[ 2820.148074][ T3546] percpu 5356416
[ 2820.148074][ T3546] sock 0
[ 2820.148074][ T3546] vmalloc 0
[ 2820.148074][ T3546] shmem 385024
[ 2820.148074][ T3546] zswap 0
[ 2820.148074][ T3546] zswapped 0
[ 2820.148074][ T3546] file_mapped 385024
[ 2820.148074][ T3546] file_dirty 0
[ 2820.148074][ T3546] file_writeback 0
[ 2820.148074][ T3546] swapcached 0
[ 2820.148074][ T3546] anon_thp 0
[ 2820.148074][ T3546] file_thp 0
[ 2820.148074][ T3546] shmem_thp 0
[ 2820.148074][ T3546] inactive_anon 180224
[ 2820.148074][ T3546] active_anon 339968
[ 2820.148074][ T3546] inactive_file 0
[ 2820.148074][ T3546] active_file 8192
[ 2820.148074][ T3546] unevictable 0
[ 2820.148074][ T3546] slab_reclaimable 16512
[ 2820.148074][ T3546] slab_unreclaimable 308469784
10:16:24 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x700, @local}]}, 0x48}}, 0x0)

10:16:24 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x890c, &(0x7f0000001880)={'batadv_slave_1\x00'})

10:16:24 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8914, 0x0)

10:16:24 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x8940, 0x0)

[ 2820.244909][ T3546] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3546,uid=0
[ 2820.263835][ T3546] Memory cgroup out of memory: Killed process 3546 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2820.281311][ T3561] batadv_slave_1: mtu less than device minimum
[ 2820.341832][ T3562] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2820.378095][ T3562] CPU: 0 PID: 3562 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2820.388468][ T3562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2820.398535][ T3562] Call Trace:
[ 2820.401817][ T3562]  <TASK>
[ 2820.404755][ T3562]  dump_stack_lvl+0xd1/0x138
[ 2820.409368][ T3562]  dump_header+0x10b/0x85f
[ 2820.413803][ T3562]  oom_kill_process.cold+0x10/0x15
[ 2820.418933][ T3562]  out_of_memory+0x35c/0x14a0
[ 2820.423636][ T3562]  ? find_held_lock+0x2d/0x110
[ 2820.428424][ T3562]  ? oom_killer_disable+0x280/0x280
[ 2820.433644][ T3562]  ? find_held_lock+0x2d/0x110
[ 2820.438437][ T3562]  mem_cgroup_out_of_memory+0x206/0x270
[ 2820.444003][ T3562]  ? mem_cgroup_margin+0x130/0x130
[ 2820.449128][ T3562]  ? lock_downgrade+0x6e0/0x6e0
[ 2820.454024][ T3562]  try_charge_memcg+0xef8/0x12f0
[ 2820.458990][ T3562]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2820.465009][ T3562]  ? rcu_read_unlock+0x9/0x60
[ 2820.469709][ T3562]  ? lock_downgrade+0x6e0/0x6e0
[ 2820.474608][ T3562]  charge_memcg+0x99/0x3b0
[ 2820.479049][ T3562]  __mem_cgroup_charge+0x2b/0x90
[ 2820.484013][ T3562]  ? _compound_head+0x5d/0x150
[ 2820.488806][ T3562]  __handle_mm_fault+0x17e7/0x3a40
[ 2820.493940][ T3562]  ? vm_iomap_memory+0x190/0x190
[ 2820.498918][ T3562]  handle_mm_fault+0x1cc/0x780
[ 2820.503704][ T3562]  do_user_addr_fault+0x475/0x1210
[ 2820.508837][ T3562]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2820.514415][ T3562]  exc_page_fault+0x98/0x170
[ 2820.519024][ T3562]  asm_exc_page_fault+0x26/0x30
[ 2820.523901][ T3562] RIP: 0033:0x7f8325a2be6a
[ 2820.528328][ T3562] Code: 30 48 8b 34 24 48 85 f6 74 17 8b 44 24 18 0f c8 89 c0 48 89 44 24 18 48 83 fe 01 0f 85 a1 01 00 00 48 8b 44 24 10 8b 74 24 18 <89> 30 e9 d2 fc ff ff 48 8b 44 24 10 8b 10 48 8b 04 24 48 85 c0 0f
[ 2820.547951][ T3562] RSP: 002b:00007fff9cb6b2a0 EFLAGS: 00010246
[ 2820.554033][ T3562] RAX: 0000000020000200 RBX: 0000000000000000 RCX: 0000000000000000
[ 2820.562014][ T3562] RDX: c81f92c6f62d1f66 RSI: 0000000000000014 RDI: 0000555555b4e2e8
[ 2820.569997][ T3562] RBP: 00007fff9cb6b398 R08: 0000000000000000 R09: 0000000000000000
[ 2820.577978][ T3562] R10: 00007f83256002a8 R11: 0000000000000246 R12: 00000000002b08a7
10:16:24 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0xd103}, 0x0)

10:16:24 executing program 3:
r0 = socket(0x11, 0xa, 0x0)
sendmsg$ETHTOOL_MSG_DEBUG_GET(r0, &(0x7f00000002c0)={&(0x7f0000000000), 0xc, &(0x7f0000000280)={0x0, 0x1c4}}, 0x0)

10:16:24 executing program 4:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x800448d2, &(0x7f0000000180)="85")

[ 2820.585959][ T3562] R13: 00007fff9cb6b3c0 R14: 00007f8325babf80 R15: 0000000000000032
[ 2820.593964][ T3562]  </TASK>
10:16:24 executing program 0:
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f0000000000), &(0x7f0000000040)={0x4}, 0x0, &(0x7f0000000100)={0x0, r0+10000000}, &(0x7f0000000180)={&(0x7f0000000140)={[0x2]}, 0x8})

10:16:24 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$BATADV_CMD_GET_HARDIF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x300, 0x0, 0x3118}, 0x0)

10:16:24 executing program 3:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x6, [@struct={0x3, 0x1, 0x0, 0x4, 0x1, 0x0, [{0xa, 0x0, 0xffffffff}]}]}, {0x0, [0x0, 0x0, 0x5f, 0x30]}}, &(0x7f0000000200)=""/197, 0x36, 0xc5, 0x1}, 0x20)

10:16:24 executing program 0:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xd, 0xd, 0x2, [@datasec={0x0, 0x0, 0x0, 0xf, 0x1, [], 'N'}]}}, &(0x7f0000000500)=""/4096, 0x2a, 0x1000, 0x1}, 0x20)

[ 2820.666861][ T3562] memory: usage 307184kB, limit 307200kB, failcnt 65604
[ 2820.684043][ T3562] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2820.721902][ T3578] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2820.728742][ T3562] Memory cgroup stats for /syz2:
[ 2820.743875][ T3562] anon 139264
[ 2820.743875][ T3562] file 417792
[ 2820.743875][ T3562] kernel 313999360
[ 2820.743875][ T3562] kernel_stack 65536
[ 2820.743875][ T3562] pagetables 77824
[ 2820.743875][ T3562] sec_pagetables 0
[ 2820.743875][ T3562] percpu 5357600
[ 2820.743875][ T3562] sock 0
[ 2820.743875][ T3562] vmalloc 0
[ 2820.743875][ T3562] shmem 417792
[ 2820.743875][ T3562] zswap 0
[ 2820.743875][ T3562] zswapped 0
[ 2820.743875][ T3562] file_mapped 417792
[ 2820.743875][ T3562] file_dirty 0
[ 2820.743875][ T3562] file_writeback 0
[ 2820.743875][ T3562] swapcached 0
[ 2820.743875][ T3562] anon_thp 0
[ 2820.743875][ T3562] file_thp 0
[ 2820.743875][ T3562] shmem_thp 0
[ 2820.743875][ T3562] inactive_anon 143360
[ 2820.743875][ T3562] active_anon 413696
[ 2820.743875][ T3562] inactive_file 0
[ 2820.743875][ T3562] active_file 0
[ 2820.743875][ T3562] unevictable 0
[ 2820.743875][ T3562] slab_reclaimable 14280
[ 2820.743875][ T3562] slab_unreclaimable 308452120
[ 2820.841516][ T3578] device bridge1780 entered promiscuous mode
[ 2820.945807][ T3585] device macvtap2170 entered promiscuous mode
[ 2820.977662][ T3562] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3562,uid=0
10:16:25 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3700}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2821.004839][ T3578] device macvtap2171 entered promiscuous mode
[ 2821.015377][ T3562] Memory cgroup out of memory: Killed process 3562 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 2821.037911][ T3571] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2821.067005][ T3571] CPU: 1 PID: 3571 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2821.077378][ T3571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2821.087452][ T3571] Call Trace:
[ 2821.090739][ T3571]  <TASK>
[ 2821.093674][ T3571]  dump_stack_lvl+0xd1/0x138
[ 2821.098284][ T3571]  dump_header+0x10b/0x85f
[ 2821.102716][ T3571]  oom_kill_process.cold+0x10/0x15
[ 2821.108191][ T3571]  out_of_memory+0x35c/0x14a0
[ 2821.112895][ T3571]  ? oom_killer_disable+0x280/0x280
[ 2821.118112][ T3571]  ? find_held_lock+0x2d/0x110
[ 2821.122903][ T3571]  mem_cgroup_out_of_memory+0x206/0x270
[ 2821.128467][ T3571]  ? mem_cgroup_margin+0x130/0x130
[ 2821.133589][ T3571]  ? lock_downgrade+0x6e0/0x6e0
[ 2821.138481][ T3571]  try_charge_memcg+0xef8/0x12f0
[ 2821.143445][ T3571]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2821.149451][ T3571]  ? rcu_read_unlock+0x9/0x60
[ 2821.154137][ T3571]  ? lock_downgrade+0x6e0/0x6e0
[ 2821.159027][ T3571]  charge_memcg+0x99/0x3b0
[ 2821.163466][ T3571]  __mem_cgroup_charge+0x2b/0x90
[ 2821.168423][ T3571]  ? _compound_head+0x5d/0x150
[ 2821.173211][ T3571]  __handle_mm_fault+0x17e7/0x3a40
[ 2821.178342][ T3571]  ? vm_iomap_memory+0x190/0x190
[ 2821.183315][ T3571]  handle_mm_fault+0x1cc/0x780
[ 2821.188095][ T3571]  do_user_addr_fault+0x475/0x1210
[ 2821.193227][ T3571]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2821.198797][ T3571]  exc_page_fault+0x98/0x170
[ 2821.203399][ T3571]  asm_exc_page_fault+0x26/0x30
[ 2821.208267][ T3571] RIP: 0033:0x7f69a662bd79
[ 2821.212689][ T3571] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2821.232305][ T3571] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2821.238383][ T3571] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2821.246360][ T3571] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2821.254335][ T3571] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2821.262311][ T3571] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b0a90
[ 2821.270286][ T3571] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2821.278281][ T3571]  </TASK>
[ 2821.296425][ T3571] memory: usage 307200kB, limit 307200kB, failcnt 11575
[ 2821.307519][ T3571] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2821.314464][ T3571] Memory cgroup stats for /syz1:
[ 2821.314664][ T3571] anon 135168
[ 2821.314664][ T3571] file 393216
[ 2821.314664][ T3571] kernel 314028032
[ 2821.314664][ T3571] kernel_stack 65536
[ 2821.314664][ T3571] pagetables 81920
[ 2821.314664][ T3571] sec_pagetables 0
[ 2821.314664][ T3571] percpu 5356416
[ 2821.314664][ T3571] sock 0
[ 2821.314664][ T3571] vmalloc 0
[ 2821.314664][ T3571] shmem 385024
[ 2821.314664][ T3571] zswap 0
[ 2821.314664][ T3571] zswapped 0
[ 2821.314664][ T3571] file_mapped 385024
[ 2821.314664][ T3571] file_dirty 0
[ 2821.314664][ T3571] file_writeback 0
[ 2821.314664][ T3571] swapcached 0
[ 2821.314664][ T3571] anon_thp 0
[ 2821.314664][ T3571] file_thp 0
[ 2821.314664][ T3571] shmem_thp 0
[ 2821.314664][ T3571] inactive_anon 180224
[ 2821.314664][ T3571] active_anon 339968
[ 2821.314664][ T3571] inactive_file 0
[ 2821.314664][ T3571] active_file 8192
[ 2821.314664][ T3571] unevictable 0
[ 2821.314664][ T3571] slab_reclaimable 16512
[ 2821.314664][ T3571] slab_unreclaimable 308469784
[ 2821.422797][ T3571] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3571,uid=0
[ 2821.438474][ T3571] Memory cgroup out of memory: Killed process 3571 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2821.455890][ T3589] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
10:16:25 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x7900, @local}]}, 0x48}}, 0x0)

10:16:25 executing program 0:
socket(0x2, 0x1, 0x21)

10:16:25 executing program 4:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000001780)={0x0, 0x0, 0x0, 0x40000}, 0x0)

10:16:25 executing program 3:
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x5, 0x2, 0x6882, 0x80000000}, 0x48)

10:16:25 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0xd200}, 0x0)

[ 2821.466764][ T3589] CPU: 0 PID: 3589 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2821.477131][ T3589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2821.487210][ T3589] Call Trace:
[ 2821.490506][ T3589]  <TASK>
[ 2821.493467][ T3589]  dump_stack_lvl+0xd1/0x138
[ 2821.498106][ T3589]  dump_header+0x10b/0x85f
[ 2821.502564][ T3589]  oom_kill_process.cold+0x10/0x15
[ 2821.507723][ T3589]  out_of_memory+0x35c/0x14a0
[ 2821.512457][ T3589]  ? oom_killer_disable+0x280/0x280
[ 2821.516210][ T3595] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2821.517687][ T3589]  ? find_held_lock+0x2d/0x110
[ 2821.517741][ T3589]  mem_cgroup_out_of_memory+0x206/0x270
[ 2821.517774][ T3589]  ? mem_cgroup_margin+0x130/0x130
[ 2821.517803][ T3589]  ? lock_downgrade+0x6e0/0x6e0
[ 2821.517866][ T3589]  try_charge_memcg+0xef8/0x12f0
[ 2821.517914][ T3589]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2821.517953][ T3589]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2821.517987][ T3589]  ? lock_downgrade+0x6e0/0x6e0
[ 2821.518032][ T3589]  ? lock_downgrade+0x6e0/0x6e0
[ 2821.518092][ T3589]  obj_cgroup_charge+0x2af/0x5e0
[ 2821.518136][ T3589]  kmem_cache_alloc_lru+0x141/0x740
[ 2821.518170][ T3589]  ? sock_alloc_inode+0x27/0x1d0
[ 2821.518221][ T3589]  sock_alloc_inode+0x27/0x1d0
[ 2821.518259][ T3589]  ? sock_free_inode+0x30/0x30
[ 2821.518296][ T3589]  alloc_inode+0x61/0x230
[ 2821.518327][ T3589]  new_inode_pseudo+0x17/0x80
[ 2821.518357][ T3589]  sock_alloc+0x40/0x260
[ 2821.518395][ T3589]  __sock_create+0xbd/0x790
[ 2821.518441][ T3589]  __sys_socket+0x133/0x250
[ 2821.518490][ T3589]  ? __sys_socket_file+0x1f0/0x1f0
[ 2821.518543][ T3589]  __x64_sys_socket+0x73/0xb0
[ 2821.518585][ T3589]  do_syscall_64+0x39/0xb0
[ 2821.635292][ T3589]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2821.641219][ T3589] RIP: 0033:0x7f8325a8c0d9
[ 2821.645645][ T3589] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2821.665273][ T3589] RSP: 002b:00007f83267a9168 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 2821.673705][ T3589] RAX: ffffffffffffffda RBX: 00007f8325babf80 RCX: 00007f8325a8c0d9
[ 2821.681699][ T3589] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000010
[ 2821.689693][ T3589] RBP: 00007f8325ae7ae9 R08: 0000000000000000 R09: 0000000000000000
[ 2821.697680][ T3589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2821.705660][ T3589] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2821.713664][ T3589]  </TASK>
10:16:25 executing program 4:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmmsg$inet6(r0, &(0x7f0000005c80)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @remote}, 0x1c, 0x0, 0x0, &(0x7f00000012c0)=[@dontfrag={{0x10}}, @hoplimit_2292={{0x10}}], 0x20}}], 0x1, 0x0)

10:16:25 executing program 3:
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x13, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x48)

10:16:26 executing program 4:
r0 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000000)={@dev, @mcast2, @mcast2, 0x0, 0x200})

10:16:26 executing program 3:
r0 = socket(0x2, 0x2, 0x0)
sendmsg$ETHTOOL_MSG_WOL_GET(r0, &(0x7f0000002dc0)={0x0, 0x0, &(0x7f0000002d80)={0x0}}, 0x0)

[ 2821.839072][ T3589] memory: usage 307200kB, limit 307200kB, failcnt 65735
[ 2821.874104][ T3589] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2821.927507][ T3589] Memory cgroup stats for /syz2:
[ 2821.927755][ T3589] anon 110592
[ 2821.927755][ T3589] file 417792
[ 2821.927755][ T3589] kernel 314028032
[ 2821.927755][ T3589] kernel_stack 98304
[ 2821.927755][ T3589] pagetables 69632
[ 2821.927755][ T3589] sec_pagetables 0
[ 2821.927755][ T3589] percpu 5357600
[ 2821.927755][ T3589] sock 0
[ 2821.927755][ T3589] vmalloc 0
[ 2821.927755][ T3589] shmem 417792
[ 2821.927755][ T3589] zswap 0
[ 2821.927755][ T3589] zswapped 0
[ 2821.927755][ T3589] file_mapped 417792
10:16:26 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001440), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', <r2=>0x0})
sendmsg$ETHTOOL_MSG_WOL_GET(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000840)={0x20, r1, 0x1, 0x0, 0x0, {0xb}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0x20}}, 0x0)

[ 2821.927755][ T3589] file_dirty 0
[ 2821.927755][ T3589] file_writeback 0
[ 2821.927755][ T3589] swapcached 0
[ 2821.927755][ T3589] anon_thp 0
[ 2821.927755][ T3589] file_thp 0
[ 2821.927755][ T3589] shmem_thp 0
[ 2821.927755][ T3589] inactive_anon 114688
[ 2821.927755][ T3589] active_anon 413696
[ 2821.927755][ T3589] inactive_file 0
[ 2821.927755][ T3589] active_file 0
[ 2821.927755][ T3589] unevictable 0
[ 2821.927755][ T3589] slab_reclaimable 12352
[ 2821.927755][ T3589] slab_unreclaimable 308460048
[ 2822.052952][ T3595] device bridge1781 entered promiscuous mode
10:16:26 executing program 0:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f00000003c0)={0x2, 0x200000000004e23, @broadcast}, 0x10)
setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000480)={@in={{0x2, 0x0, @local}}, 0x0, 0x40, 0x31, 0x0, "000000000000000000000000000000225f15d80700000000000000000003008000000000080000000000000003080000e7ffffff000000000000000000000000002000"}, 0xd8)
sendto$inet(r0, 0x0, 0x0, 0x200007bd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)

[ 2822.130399][ T3589] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3588,uid=0
[ 2822.153693][ T3589] Memory cgroup out of memory: Killed process 3588 (syz-executor.2) total-vm:54672kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
10:16:26 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3701}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2822.193310][ T3609] device macvtap2171 entered promiscuous mode
[ 2822.200254][ T3600] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2822.221266][ T3600] CPU: 0 PID: 3600 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2822.231633][ T3600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2822.241708][ T3600] Call Trace:
[ 2822.245010][ T3600]  <TASK>
[ 2822.247964][ T3600]  dump_stack_lvl+0xd1/0x138
[ 2822.252596][ T3600]  dump_header+0x10b/0x85f
[ 2822.257055][ T3600]  oom_kill_process.cold+0x10/0x15
[ 2822.262206][ T3600]  out_of_memory+0x35c/0x14a0
[ 2822.266931][ T3600]  ? oom_killer_disable+0x280/0x280
[ 2822.272172][ T3600]  ? find_held_lock+0x2d/0x110
[ 2822.276986][ T3600]  mem_cgroup_out_of_memory+0x206/0x270
[ 2822.282568][ T3600]  ? mem_cgroup_margin+0x130/0x130
[ 2822.287707][ T3600]  ? lock_downgrade+0x6e0/0x6e0
[ 2822.292604][ T3600]  try_charge_memcg+0xef8/0x12f0
[ 2822.297570][ T3600]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2822.303572][ T3600]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2822.309310][ T3600]  ? lock_downgrade+0x6e0/0x6e0
[ 2822.314209][ T3600]  obj_cgroup_charge+0x2af/0x5e0
[ 2822.319176][ T3600]  ? __anon_vma_prepare+0x64/0x580
[ 2822.324301][ T3600]  kmem_cache_alloc+0xa3/0x3d0
[ 2822.329092][ T3600]  __anon_vma_prepare+0x64/0x580
[ 2822.334044][ T3600]  ? __pmd_alloc+0x30c/0x5d0
[ 2822.338652][ T3600]  __handle_mm_fault+0x35bc/0x3a40
[ 2822.343785][ T3600]  ? vm_iomap_memory+0x190/0x190
[ 2822.348765][ T3600]  handle_mm_fault+0x1cc/0x780
[ 2822.353551][ T3600]  do_user_addr_fault+0x475/0x1210
[ 2822.358684][ T3600]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2822.364258][ T3600]  exc_page_fault+0x98/0x170
[ 2822.368864][ T3600]  asm_exc_page_fault+0x26/0x30
[ 2822.373736][ T3600] RIP: 0033:0x7f69a662bd79
[ 2822.378162][ T3600] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2822.397782][ T3600] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2822.403859][ T3600] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2822.411837][ T3600] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2822.419816][ T3600] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2822.427793][ T3600] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b0e9a
[ 2822.435773][ T3600] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2822.443772][ T3600]  </TASK>
[ 2822.477690][ T3600] memory: usage 307184kB, limit 307200kB, failcnt 11664
[ 2822.486062][ T3600] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2822.507034][ T3600] Memory cgroup stats for /syz1:
[ 2822.507283][ T3600] anon 135168
[ 2822.507283][ T3600] file 393216
[ 2822.507283][ T3600] kernel 314028032
[ 2822.507283][ T3600] kernel_stack 65536
[ 2822.507283][ T3600] pagetables 81920
[ 2822.507283][ T3600] sec_pagetables 0
[ 2822.507283][ T3600] percpu 5356416
[ 2822.507283][ T3600] sock 0
[ 2822.507283][ T3600] vmalloc 0
[ 2822.507283][ T3600] shmem 385024
[ 2822.507283][ T3600] zswap 0
[ 2822.507283][ T3600] zswapped 0
[ 2822.507283][ T3600] file_mapped 385024
[ 2822.507283][ T3600] file_dirty 0
[ 2822.507283][ T3600] file_writeback 0
[ 2822.507283][ T3600] swapcached 0
[ 2822.507283][ T3600] anon_thp 0
[ 2822.507283][ T3600] file_thp 0
[ 2822.507283][ T3600] shmem_thp 0
[ 2822.507283][ T3600] inactive_anon 180224
[ 2822.507283][ T3600] active_anon 339968
[ 2822.507283][ T3600] inactive_file 0
[ 2822.507283][ T3600] active_file 8192
[ 2822.507283][ T3600] unevictable 0
[ 2822.507283][ T3600] slab_reclaimable 16512
[ 2822.507283][ T3600] slab_unreclaimable 308469080
[ 2822.538564][ T3613] device macvtap2172 entered promiscuous mode
[ 2822.610453][ T3600] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3600,uid=0
[ 2822.631420][ T3600] Memory cgroup out of memory: Killed process 3600 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2822.706395][ T3618] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2822.737010][ T3617] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2822.773140][ T3617] CPU: 1 PID: 3617 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2822.783520][ T3617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2822.793595][ T3617] Call Trace:
[ 2822.796888][ T3617]  <TASK>
[ 2822.799835][ T3617]  dump_stack_lvl+0xd1/0x138
[ 2822.804465][ T3617]  dump_header+0x10b/0x85f
[ 2822.808915][ T3617]  oom_kill_process.cold+0x10/0x15
[ 2822.814075][ T3617]  out_of_memory+0x35c/0x14a0
[ 2822.818790][ T3617]  ? find_held_lock+0x2d/0x110
[ 2822.823590][ T3617]  ? oom_killer_disable+0x280/0x280
[ 2822.828827][ T3617]  ? find_held_lock+0x2d/0x110
[ 2822.833636][ T3617]  mem_cgroup_out_of_memory+0x206/0x270
[ 2822.839223][ T3617]  ? mem_cgroup_margin+0x130/0x130
[ 2822.844369][ T3617]  ? lock_downgrade+0x6e0/0x6e0
[ 2822.849295][ T3617]  try_charge_memcg+0xef8/0x12f0
[ 2822.854280][ T3617]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2822.860302][ T3617]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2822.866056][ T3617]  ? lock_downgrade+0x6e0/0x6e0
[ 2822.870981][ T3617]  obj_cgroup_charge+0x2af/0x5e0
[ 2822.875959][ T3617]  ? vm_area_dup+0x85/0x380
[ 2822.880490][ T3617]  kmem_cache_alloc+0xa3/0x3d0
[ 2822.885299][ T3617]  vm_area_dup+0x85/0x380
[ 2822.889655][ T3617]  ? mt_slot+0xa1/0x170
[ 2822.893837][ T3617]  ? mas_next_nentry+0x610/0xab0
[ 2822.898803][ T3617]  ? mas_next_node+0x547/0xa00
[ 2822.903620][ T3617]  ? mas_find+0x211/0xd10
[ 2822.907997][ T3617]  ? vm_area_alloc+0x100/0x100
[ 2822.912793][ T3617]  ? validate_mm_mt+0x149/0x1b0
[ 2822.917688][ T3617]  ? remove_vma+0x130/0x130
10:16:27 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x7a00, @local}]}, 0x48}}, 0x0)

10:16:27 executing program 4:
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r0=>0x0})
select(0x40, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)={0x9}, &(0x7f0000000100)={0x0, r0/1000+60000})

10:16:27 executing program 0:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$inet_sctp(r0, &(0x7f0000000000)={&(0x7f00000000c0)=@in={0x10, 0x2}, 0x10, 0x0}, 0x0)
shutdown(r0, 0x0)

10:16:27 executing program 3:
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x1a, &(0x7f0000000240), &(0x7f0000000300)=0x8)

10:16:27 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0xd503}, 0x0)

10:16:27 executing program 0:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r0, &(0x7f0000000200)={0x10, 0x2}, 0x10)
connect$inet(r0, &(0x7f0000000040)={0x10, 0x2}, 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000004700)={0x0, 0x0, &(0x7f0000004580)=[{&(0x7f0000000300)="74bdf21a6ada5a9bcad98234d3b3b7520d9838ac94e403a6639d97538ac807fa5e966b0cec66912f2ec89f49016ca462d562a5e04199f8f5a1e603d09a8047474344d48344352ba034c96d43c9858757b062b3bba2a7ac890c9476a0fdebaf05508034f8d7d7b324d90d10ad1d5af311944d80b4a453387163e1a33e22cd9850f9f108303aa4b50db407eb82cfdac8e00a", 0x91}], 0x1}, 0x0)

[ 2822.922236][ T3617]  ? can_vma_merge_before+0x390/0x390
[ 2822.927658][ T3617]  __split_vma+0xae/0x5e0
[ 2822.932027][ T3617]  ? vma_merge+0x2cf/0x870
[ 2822.936490][ T3617]  split_vma+0xa3/0xe0
[ 2822.940599][ T3617]  mprotect_fixup+0x6cb/0x960
[ 2822.945323][ T3617]  ? mas_find+0x211/0xd10
[ 2822.949690][ T3617]  ? change_protection+0x4290/0x4290
[ 2822.955035][ T3617]  do_mprotect_pkey+0x6fd/0xa70
[ 2822.959938][ T3617]  ? mprotect_fixup+0x960/0x960
[ 2822.964829][ T3617]  ? up_write+0x1b0/0x520
[ 2822.969210][ T3617]  ? xfd_validate_state+0x5d/0x180
[ 2822.974407][ T3617]  __x64_sys_mprotect+0x78/0xb0
[ 2822.979304][ T3617]  do_syscall_64+0x39/0xb0
[ 2822.983771][ T3617]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2822.989704][ T3617] RIP: 0033:0x7f8325a8c1e7
[ 2822.994147][ T3617] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2823.013781][ T3617] RSP: 002b:00007fff9cb6b1f8 EFLAGS: 00000206 ORIG_RAX: 000000000000000a
10:16:27 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001440), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_GET(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000020000000c000180080001000634"], 0x20}}, 0x0)

[ 2823.022226][ T3617] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f8325a8c1e7
[ 2823.030222][ T3617] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f8326769000
[ 2823.038219][ T3617] RBP: 00007fff9cb6b2d0 R08: 00000000ffffffff R09: 00007f8326788700
[ 2823.046218][ T3617] R10: 0000000000020022 R11: 0000000000000206 R12: 00007fff9cb6b3f0
[ 2823.054216][ T3617] R13: 00007f8326788700 R14: 0000000000000000 R15: 0000000000022000
[ 2823.062234][ T3617]  </TASK>
10:16:27 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3503}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2823.103297][ T3617] memory: usage 307200kB, limit 307200kB, failcnt 65855
[ 2823.112979][ T3617] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2823.122813][ T3617] Memory cgroup stats for /syz2:
[ 2823.122987][ T3617] anon 143360
[ 2823.122987][ T3617] file 417792
[ 2823.122987][ T3617] kernel 314007552
[ 2823.122987][ T3617] kernel_stack 65536
[ 2823.122987][ T3617] pagetables 77824
[ 2823.122987][ T3617] sec_pagetables 0
[ 2823.122987][ T3617] percpu 5357600
[ 2823.122987][ T3617] sock 0
[ 2823.122987][ T3617] vmalloc 8192
[ 2823.122987][ T3617] shmem 417792
[ 2823.122987][ T3617] zswap 0
[ 2823.122987][ T3617] zswapped 0
[ 2823.122987][ T3617] file_mapped 417792
[ 2823.122987][ T3617] file_dirty 0
[ 2823.122987][ T3617] file_writeback 0
[ 2823.122987][ T3617] swapcached 0
[ 2823.122987][ T3617] anon_thp 0
[ 2823.122987][ T3617] file_thp 0
[ 2823.122987][ T3617] shmem_thp 0
[ 2823.122987][ T3617] inactive_anon 147456
[ 2823.122987][ T3617] active_anon 413696
[ 2823.122987][ T3617] inactive_file 0
10:16:27 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3502}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2823.122987][ T3617] active_file 0
[ 2823.122987][ T3617] unevictable 0
[ 2823.122987][ T3617] slab_reclaimable 14280
[ 2823.122987][ T3617] slab_unreclaimable 308453720
10:16:27 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3501}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2823.295941][ T3617] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3617,uid=0
[ 2823.312161][ T3617] Memory cgroup out of memory: Killed process 3617 (syz-executor.2) total-vm:54672kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 2823.358209][ T3623] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2823.368779][ T3623] CPU: 0 PID: 3623 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2823.379141][ T3623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2823.389209][ T3623] Call Trace:
[ 2823.392479][ T3623]  <TASK>
[ 2823.395411][ T3623]  dump_stack_lvl+0xd1/0x138
[ 2823.400038][ T3623]  dump_header+0x10b/0x85f
[ 2823.404467][ T3623]  oom_kill_process.cold+0x10/0x15
[ 2823.409581][ T3623]  out_of_memory+0x35c/0x14a0
[ 2823.414265][ T3623]  ? find_held_lock+0x2d/0x110
[ 2823.419031][ T3623]  ? oom_killer_disable+0x280/0x280
[ 2823.424226][ T3623]  ? find_held_lock+0x2d/0x110
[ 2823.429009][ T3623]  mem_cgroup_out_of_memory+0x206/0x270
[ 2823.434593][ T3623]  ? mem_cgroup_margin+0x130/0x130
[ 2823.439733][ T3623]  ? lock_downgrade+0x6e0/0x6e0
[ 2823.444647][ T3623]  try_charge_memcg+0xef8/0x12f0
[ 2823.449629][ T3623]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2823.455646][ T3623]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2823.461376][ T3623]  ? lock_downgrade+0x6e0/0x6e0
[ 2823.466265][ T3623]  obj_cgroup_charge+0x2af/0x5e0
[ 2823.471203][ T3623]  ? __anon_vma_prepare+0x64/0x580
[ 2823.476307][ T3623]  kmem_cache_alloc+0xa3/0x3d0
[ 2823.481091][ T3623]  __anon_vma_prepare+0x64/0x580
[ 2823.486055][ T3623]  ? __pmd_alloc+0x30c/0x5d0
[ 2823.490676][ T3623]  __handle_mm_fault+0x35bc/0x3a40
[ 2823.495828][ T3623]  ? vm_iomap_memory+0x190/0x190
[ 2823.500829][ T3623]  handle_mm_fault+0x1cc/0x780
[ 2823.505636][ T3623]  do_user_addr_fault+0x475/0x1210
[ 2823.510771][ T3623]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2823.516323][ T3623]  exc_page_fault+0x98/0x170
[ 2823.520911][ T3623]  asm_exc_page_fault+0x26/0x30
[ 2823.525763][ T3623] RIP: 0033:0x7f69a662bd79
[ 2823.530200][ T3623] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2823.549835][ T3623] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2823.555931][ T3623] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2823.563912][ T3623] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2823.571878][ T3623] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2823.579859][ T3623] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b148a
[ 2823.587857][ T3623] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2823.595883][ T3623]  </TASK>
[ 2823.611217][ T3623] memory: usage 307192kB, limit 307200kB, failcnt 11775
[ 2823.625889][ T3638] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2823.627277][ T3623] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2823.642904][ T3623] Memory cgroup stats for /syz1:
[ 2823.643134][ T3623] anon 135168
[ 2823.643134][ T3623] file 393216
[ 2823.643134][ T3623] kernel 314028032
[ 2823.643134][ T3623] kernel_stack 65536
[ 2823.643134][ T3623] pagetables 81920
[ 2823.643134][ T3623] sec_pagetables 0
[ 2823.643134][ T3623] percpu 5356416
[ 2823.643134][ T3623] sock 0
[ 2823.643134][ T3623] vmalloc 0
[ 2823.643134][ T3623] shmem 385024
[ 2823.643134][ T3623] zswap 0
[ 2823.643134][ T3623] zswapped 0
[ 2823.643134][ T3623] file_mapped 385024
[ 2823.643134][ T3623] file_dirty 0
[ 2823.643134][ T3623] file_writeback 0
[ 2823.643134][ T3623] swapcached 0
[ 2823.643134][ T3623] anon_thp 0
[ 2823.643134][ T3623] file_thp 0
[ 2823.643134][ T3623] shmem_thp 0
[ 2823.643134][ T3623] inactive_anon 180224
[ 2823.643134][ T3623] active_anon 339968
[ 2823.643134][ T3623] inactive_file 4096
[ 2823.643134][ T3623] active_file 4096
[ 2823.643134][ T3623] unevictable 0
[ 2823.643134][ T3623] slab_reclaimable 16512
[ 2823.643134][ T3623] slab_unreclaimable 308471248
[ 2823.693733][ T3638] device bridge1782 entered promiscuous mode
[ 2823.744651][ T3623] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3623,uid=0
10:16:27 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3702}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

10:16:27 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x7b00, @local}]}, 0x48}}, 0x0)

[ 2823.764244][ T3623] Memory cgroup out of memory: Killed process 3623 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2823.859475][ T3642] device macvtap2172 entered promiscuous mode
[ 2823.919502][ T3643] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2823.967023][ T3663] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2823.990460][ T3643] device bridge1323 entered promiscuous mode
[ 2823.996459][ T3663] CPU: 1 PID: 3663 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2823.996494][ T3663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2823.996511][ T3663] Call Trace:
[ 2823.996520][ T3663]  <TASK>
[ 2823.996531][ T3663]  dump_stack_lvl+0xd1/0x138
[ 2824.027683][ T3663]  dump_header+0x10b/0x85f
[ 2824.032123][ T3663]  oom_kill_process.cold+0x10/0x15
[ 2824.037254][ T3663]  out_of_memory+0x35c/0x14a0
[ 2824.041959][ T3663]  ? find_held_lock+0x2d/0x110
[ 2824.046752][ T3663]  ? oom_killer_disable+0x280/0x280
[ 2824.051972][ T3663]  ? find_held_lock+0x2d/0x110
[ 2824.056766][ T3663]  mem_cgroup_out_of_memory+0x206/0x270
[ 2824.062331][ T3663]  ? mem_cgroup_margin+0x130/0x130
[ 2824.067470][ T3663]  ? lock_downgrade+0x6e0/0x6e0
[ 2824.072367][ T3663]  try_charge_memcg+0xef8/0x12f0
[ 2824.077334][ T3663]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2824.083340][ T3663]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2824.089078][ T3663]  ? lock_downgrade+0x6e0/0x6e0
[ 2824.093977][ T3663]  obj_cgroup_charge+0x2af/0x5e0
[ 2824.098942][ T3663]  ? vm_area_dup+0x85/0x380
[ 2824.103457][ T3663]  kmem_cache_alloc+0xa3/0x3d0
[ 2824.108246][ T3663]  vm_area_dup+0x85/0x380
[ 2824.112597][ T3663]  ? mt_slot+0xa1/0x170
[ 2824.116768][ T3663]  ? mas_next_nentry+0x610/0xab0
[ 2824.121719][ T3663]  ? mas_next_node+0x547/0xa00
[ 2824.126515][ T3663]  ? mas_find+0x211/0xd10
[ 2824.130874][ T3663]  ? vm_area_alloc+0x100/0x100
[ 2824.135655][ T3663]  ? validate_mm_mt+0x149/0x1b0
[ 2824.140530][ T3663]  ? remove_vma+0x130/0x130
[ 2824.145064][ T3663]  ? can_vma_merge_before+0x390/0x390
[ 2824.150468][ T3663]  __split_vma+0xae/0x5e0
[ 2824.154817][ T3663]  ? vma_merge+0x2cf/0x870
[ 2824.159260][ T3663]  split_vma+0xa3/0xe0
[ 2824.163357][ T3663]  mprotect_fixup+0x6cb/0x960
[ 2824.168065][ T3663]  ? mas_find+0x211/0xd10
[ 2824.172410][ T3663]  ? change_protection+0x4290/0x4290
[ 2824.177729][ T3663]  do_mprotect_pkey+0x6fd/0xa70
[ 2824.182612][ T3663]  ? mprotect_fixup+0x960/0x960
[ 2824.187488][ T3663]  ? up_write+0x1b0/0x520
[ 2824.191873][ T3663]  __x64_sys_mprotect+0x78/0xb0
[ 2824.196750][ T3663]  do_syscall_64+0x39/0xb0
[ 2824.201195][ T3663]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2824.207458][ T3663] RIP: 0033:0x7f8325a8c1e7
[ 2824.211884][ T3663] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2824.231502][ T3663] RSP: 002b:00007fff9cb6b1f8 EFLAGS: 00000206 ORIG_RAX: 000000000000000a
[ 2824.239926][ T3663] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f8325a8c1e7
[ 2824.247908][ T3663] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f8326769000
[ 2824.255887][ T3663] RBP: 00007fff9cb6b2d0 R08: 00000000ffffffff R09: 00007f8326788700
[ 2824.263866][ T3663] R10: 0000000000020022 R11: 0000000000000206 R12: 00007fff9cb6b3f0
[ 2824.271844][ T3663] R13: 00007f8326788700 R14: 0000000000000000 R15: 0000000000022000
[ 2824.279842][ T3663]  </TASK>
[ 2824.307888][ T3663] memory: usage 307192kB, limit 307200kB, failcnt 65980
[ 2824.318359][ T3663] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2824.336738][ T3663] Memory cgroup stats for /syz2:
[ 2824.336979][ T3663] anon 143360
[ 2824.336979][ T3663] file 417792
[ 2824.336979][ T3663] kernel 313999360
[ 2824.336979][ T3663] kernel_stack 65536
[ 2824.336979][ T3663] pagetables 77824
[ 2824.336979][ T3663] sec_pagetables 0
[ 2824.336979][ T3663] percpu 5357600
[ 2824.336979][ T3663] sock 0
[ 2824.336979][ T3663] vmalloc 0
[ 2824.336979][ T3663] shmem 417792
[ 2824.336979][ T3663] zswap 0
[ 2824.336979][ T3663] zswapped 0
[ 2824.336979][ T3663] file_mapped 417792
[ 2824.336979][ T3663] file_dirty 0
[ 2824.336979][ T3663] file_writeback 0
[ 2824.336979][ T3663] swapcached 0
[ 2824.336979][ T3663] anon_thp 0
[ 2824.336979][ T3663] file_thp 0
[ 2824.336979][ T3663] shmem_thp 0
[ 2824.336979][ T3663] inactive_anon 118784
[ 2824.336979][ T3663] active_anon 413696
[ 2824.336979][ T3663] inactive_file 0
[ 2824.336979][ T3663] active_file 0
[ 2824.336979][ T3663] unevictable 0
[ 2824.336979][ T3663] slab_reclaimable 14280
[ 2824.336979][ T3663] slab_unreclaimable 308452424
[ 2824.353482][ T3646] device macvtap2173 entered promiscuous mode
[ 2824.435008][ T3663] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3663,uid=0
[ 2824.454200][ T3663] Memory cgroup out of memory: Killed process 3663 (syz-executor.2) total-vm:54672kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 2824.472248][ T3665] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2824.482940][ T3665] CPU: 0 PID: 3665 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2824.493340][ T3665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2824.503422][ T3665] Call Trace:
[ 2824.506722][ T3665]  <TASK>
[ 2824.509676][ T3665]  dump_stack_lvl+0xd1/0x138
[ 2824.514314][ T3665]  dump_header+0x10b/0x85f
[ 2824.518786][ T3665]  oom_kill_process.cold+0x10/0x15
[ 2824.523926][ T3665]  out_of_memory+0x35c/0x14a0
[ 2824.528620][ T3665]  ? oom_killer_disable+0x280/0x280
[ 2824.533844][ T3665]  ? find_held_lock+0x2d/0x110
[ 2824.538639][ T3665]  mem_cgroup_out_of_memory+0x206/0x270
[ 2824.544206][ T3665]  ? mem_cgroup_margin+0x130/0x130
[ 2824.549331][ T3665]  ? lock_downgrade+0x6e0/0x6e0
[ 2824.554316][ T3665]  try_charge_memcg+0xef8/0x12f0
[ 2824.559290][ T3665]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2824.565295][ T3665]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2824.571034][ T3665]  ? lock_downgrade+0x6e0/0x6e0
[ 2824.575937][ T3665]  obj_cgroup_charge+0x2af/0x5e0
[ 2824.580904][ T3665]  ? __anon_vma_prepare+0x64/0x580
[ 2824.586031][ T3665]  kmem_cache_alloc+0xa3/0x3d0
[ 2824.590826][ T3665]  __anon_vma_prepare+0x64/0x580
[ 2824.595784][ T3665]  ? __pmd_alloc+0x30c/0x5d0
[ 2824.600396][ T3665]  __handle_mm_fault+0x35bc/0x3a40
[ 2824.605534][ T3665]  ? vm_iomap_memory+0x190/0x190
[ 2824.610517][ T3665]  handle_mm_fault+0x1cc/0x780
[ 2824.615304][ T3665]  do_user_addr_fault+0x475/0x1210
[ 2824.620444][ T3665]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2824.626038][ T3665]  exc_page_fault+0x98/0x170
[ 2824.630653][ T3665]  asm_exc_page_fault+0x26/0x30
[ 2824.635537][ T3665] RIP: 0033:0x7f69a662bd79
[ 2824.639969][ T3665] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2824.659588][ T3665] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2824.665666][ T3665] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2824.673647][ T3665] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2824.681629][ T3665] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2824.689610][ T3665] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b16c9
[ 2824.697591][ T3665] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2824.705595][ T3665]  </TASK>
10:16:28 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0xd901}, 0x0)

[ 2824.740465][ T3665] memory: usage 307192kB, limit 307200kB, failcnt 11817
[ 2824.760371][ T3647] device macvtap1312 entered promiscuous mode
[ 2824.773637][ T3665] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2824.794069][ T3665] Memory cgroup stats for /syz1:
[ 2824.794324][ T3665] anon 135168
[ 2824.794324][ T3665] file 393216
[ 2824.794324][ T3665] kernel 314028032
[ 2824.794324][ T3665] kernel_stack 65536
[ 2824.794324][ T3665] pagetables 81920
[ 2824.794324][ T3665] sec_pagetables 0
[ 2824.794324][ T3665] percpu 5356416
[ 2824.794324][ T3665] sock 0
[ 2824.794324][ T3665] vmalloc 0
[ 2824.794324][ T3665] shmem 385024
[ 2824.794324][ T3665] zswap 0
[ 2824.794324][ T3665] zswapped 0
[ 2824.794324][ T3665] file_mapped 385024
[ 2824.794324][ T3665] file_dirty 0
[ 2824.794324][ T3665] file_writeback 0
[ 2824.794324][ T3665] swapcached 0
[ 2824.794324][ T3665] anon_thp 0
[ 2824.794324][ T3665] file_thp 0
[ 2824.794324][ T3665] shmem_thp 0
[ 2824.794324][ T3665] inactive_anon 180224
[ 2824.794324][ T3665] active_anon 339968
[ 2824.794324][ T3665] inactive_file 4096
[ 2824.794324][ T3665] active_file 4096
[ 2824.794324][ T3665] unevictable 0
[ 2824.794324][ T3665] slab_reclaimable 16512
[ 2824.794324][ T3665] slab_unreclaimable 308469080
10:16:29 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x7c00, @local}]}, 0x48}}, 0x0)

[ 2824.895781][ T3665] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3665,uid=0
[ 2824.905865][ T3648] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2824.911912][ T3665] Memory cgroup out of memory: Killed process 3665 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2824.964659][ T3648] device bridge531 entered promiscuous mode
[ 2824.979604][ T3650] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2825.009294][ T3650] device bridge443 entered promiscuous mode
[ 2825.022967][ T3651] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2825.073296][ T3651] device macvtap1313 entered promiscuous mode
[ 2825.134194][ T3675] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2825.144719][ T3675] CPU: 0 PID: 3675 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2825.155092][ T3675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2825.165168][ T3675] Call Trace:
[ 2825.168461][ T3675]  <TASK>
[ 2825.171415][ T3675]  dump_stack_lvl+0xd1/0x138
[ 2825.176026][ T3675]  dump_header+0x10b/0x85f
[ 2825.180449][ T3675]  oom_kill_process.cold+0x10/0x15
[ 2825.185559][ T3675]  out_of_memory+0x35c/0x14a0
[ 2825.190248][ T3675]  ? find_held_lock+0x2d/0x110
[ 2825.195027][ T3675]  ? oom_killer_disable+0x280/0x280
[ 2825.200259][ T3675]  ? find_held_lock+0x2d/0x110
[ 2825.205506][ T3675]  mem_cgroup_out_of_memory+0x206/0x270
[ 2825.211070][ T3675]  ? mem_cgroup_margin+0x130/0x130
[ 2825.216193][ T3675]  ? lock_downgrade+0x6e0/0x6e0
[ 2825.221095][ T3675]  try_charge_memcg+0xef8/0x12f0
[ 2825.226064][ T3675]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2825.232066][ T3675]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2825.237802][ T3675]  ? lock_downgrade+0x6e0/0x6e0
[ 2825.242702][ T3675]  obj_cgroup_charge+0x2af/0x5e0
[ 2825.247673][ T3675]  ? __anon_vma_prepare+0x64/0x580
[ 2825.252799][ T3675]  kmem_cache_alloc+0xa3/0x3d0
[ 2825.257599][ T3675]  __anon_vma_prepare+0x64/0x580
[ 2825.262550][ T3675]  ? __pmd_alloc+0x30c/0x5d0
[ 2825.267158][ T3675]  __handle_mm_fault+0x35bc/0x3a40
[ 2825.272299][ T3675]  ? vm_iomap_memory+0x190/0x190
[ 2825.277275][ T3675]  handle_mm_fault+0x1cc/0x780
[ 2825.282059][ T3675]  do_user_addr_fault+0x475/0x1210
[ 2825.287193][ T3675]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2825.292773][ T3675]  exc_page_fault+0x98/0x170
[ 2825.297383][ T3675]  asm_exc_page_fault+0x26/0x30
[ 2825.302257][ T3675] RIP: 0033:0x7f69a662bd79
[ 2825.306682][ T3675] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2825.326302][ T3675] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2825.332382][ T3675] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2825.340362][ T3675] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2825.348340][ T3675] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2825.356324][ T3675] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b1b59
[ 2825.364304][ T3675] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2825.372304][ T3675]  </TASK>
[ 2825.379543][ T3675] memory: usage 307200kB, limit 307200kB, failcnt 11905
[ 2825.386516][ T3675] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2825.397196][ T3675] Memory cgroup stats for /syz1:
[ 2825.397656][ T3675] anon 135168
[ 2825.397656][ T3675] file 393216
[ 2825.397656][ T3675] kernel 314044416
[ 2825.397656][ T3675] kernel_stack 65536
[ 2825.397656][ T3675] pagetables 81920
[ 2825.397656][ T3675] sec_pagetables 0
[ 2825.397656][ T3675] percpu 5356416
[ 2825.397656][ T3675] sock 0
[ 2825.397656][ T3675] vmalloc 0
[ 2825.397656][ T3675] shmem 385024
[ 2825.397656][ T3675] zswap 0
[ 2825.397656][ T3675] zswapped 0
[ 2825.397656][ T3675] file_mapped 385024
[ 2825.397656][ T3675] file_dirty 0
[ 2825.397656][ T3675] file_writeback 0
[ 2825.397656][ T3675] swapcached 0
[ 2825.397656][ T3675] anon_thp 0
[ 2825.397656][ T3675] file_thp 0
[ 2825.397656][ T3675] shmem_thp 0
[ 2825.397656][ T3675] inactive_anon 180224
[ 2825.397656][ T3675] active_anon 339968
[ 2825.397656][ T3675] inactive_file 4096
[ 2825.397656][ T3675] active_file 4096
[ 2825.397656][ T3675] unevictable 0
10:16:29 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x7b00, @local}]}, 0x48}}, 0x0)

[ 2825.397656][ T3675] slab_reclaimable 16512
[ 2825.397656][ T3675] slab_unreclaimable 308480480
[ 2825.480644][ T3652] device macvtap558 entered promiscuous mode
[ 2825.494290][ T3675] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3675,uid=0
[ 2825.527322][ T3675] Memory cgroup out of memory: Killed process 3675 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
10:16:29 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x7d00, @local}]}, 0x48}}, 0x0)

[ 2825.583379][ T3653] device macvtap458 entered promiscuous mode
[ 2825.599521][ T3657] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2825.636495][ T3657] device macvtap559 entered promiscuous mode
10:16:29 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x7a00, @local}]}, 0x48}}, 0x0)

[ 2825.697254][ T3661] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2825.754065][ T3661] device macvtap459 entered promiscuous mode
[ 2825.765831][ T3684] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2825.802752][ T3684] CPU: 0 PID: 3684 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2825.813145][ T3684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2825.823238][ T3684] Call Trace:
[ 2825.826540][ T3684]  <TASK>
[ 2825.829491][ T3684]  dump_stack_lvl+0xd1/0x138
[ 2825.834129][ T3684]  dump_header+0x10b/0x85f
[ 2825.838593][ T3684]  oom_kill_process.cold+0x10/0x15
[ 2825.843733][ T3684]  out_of_memory+0x35c/0x14a0
[ 2825.848432][ T3684]  ? find_held_lock+0x2d/0x110
[ 2825.853241][ T3684]  ? oom_killer_disable+0x280/0x280
[ 2825.858496][ T3684]  ? find_held_lock+0x2d/0x110
[ 2825.863308][ T3684]  mem_cgroup_out_of_memory+0x206/0x270
[ 2825.868893][ T3684]  ? mem_cgroup_margin+0x130/0x130
[ 2825.874039][ T3684]  ? lock_downgrade+0x6e0/0x6e0
[ 2825.878963][ T3684]  try_charge_memcg+0xef8/0x12f0
[ 2825.883955][ T3684]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2825.889987][ T3684]  ? rcu_read_unlock+0x9/0x60
[ 2825.894697][ T3684]  ? lock_downgrade+0x6e0/0x6e0
[ 2825.899619][ T3684]  charge_memcg+0x99/0x3b0
[ 2825.904078][ T3684]  __mem_cgroup_charge+0x2b/0x90
[ 2825.909062][ T3684]  wp_page_copy+0x2bf/0x1ca0
[ 2825.913697][ T3684]  ? page_try_dup_anon_rmap.constprop.0+0xd10/0xd10
[ 2825.920295][ T3684]  ? lock_downgrade+0x6e0/0x6e0
[ 2825.925155][ T3684]  ? vm_normal_page+0x14a/0x2a0
[ 2825.930012][ T3684]  do_wp_page+0x1d1/0x1930
[ 2825.934430][ T3684]  __handle_mm_fault+0x181b/0x3a40
[ 2825.939544][ T3684]  ? vm_iomap_memory+0x190/0x190
[ 2825.944505][ T3684]  handle_mm_fault+0x1cc/0x780
[ 2825.949290][ T3684]  do_user_addr_fault+0x475/0x1210
[ 2825.954442][ T3684]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2825.960036][ T3684]  exc_page_fault+0x98/0x170
[ 2825.964663][ T3684]  asm_exc_page_fault+0x26/0x30
[ 2825.969543][ T3684] RIP: 0033:0x7f69a6639580
[ 2825.973969][ T3684] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48
[ 2825.993593][ T3684] RSP: 002b:00007ffea4dd30b0 EFLAGS: 00010246
[ 2825.999670][ T3684] RAX: 0000000080c770a3 RBX: 00007f69a67ac018 RCX: 0000001b31f20000
[ 2826.007670][ T3684] RDX: 0000000000000000 RSI: 0000001b31f20018 RDI: 000000000a22ceb9
[ 2826.015662][ T3684] RBP: 0000000080c770a3 R08: 00000000000010a3 R09: 0000000080c770a7
[ 2826.023639][ T3684] R10: 00007ffea4dd3270 R11: 0000000000000246 R12: 00007f69a67a0000
[ 2826.031607][ T3684] R13: 0000000000000001 R14: 0000000000000011 R15: ffffffff83cc9a08
[ 2826.039597][ T3684]  ? apparmor_socket_create+0x228/0x660
[ 2826.045213][ T3684]  </TASK>
[ 2826.052941][ T3684] memory: usage 307184kB, limit 307200kB, failcnt 11969
[ 2826.060090][ T3684] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2826.067096][ T3684] Memory cgroup stats for /syz1:
[ 2826.067328][ T3684] anon 131072
[ 2826.067328][ T3684] file 393216
[ 2826.067328][ T3684] kernel 314032128
[ 2826.067328][ T3684] kernel_stack 65536
[ 2826.067328][ T3684] pagetables 73728
[ 2826.067328][ T3684] sec_pagetables 0
[ 2826.067328][ T3684] percpu 5356416
[ 2826.067328][ T3684] sock 0
[ 2826.067328][ T3684] vmalloc 0
[ 2826.067328][ T3684] shmem 385024
[ 2826.067328][ T3684] zswap 0
[ 2826.067328][ T3684] zswapped 0
[ 2826.067328][ T3684] file_mapped 385024
[ 2826.067328][ T3684] file_dirty 0
[ 2826.067328][ T3684] file_writeback 0
[ 2826.067328][ T3684] swapcached 0
[ 2826.067328][ T3684] anon_thp 0
[ 2826.067328][ T3684] file_thp 0
[ 2826.067328][ T3684] shmem_thp 0
[ 2826.067328][ T3684] inactive_anon 176128
[ 2826.067328][ T3684] active_anon 339968
[ 2826.067328][ T3684] inactive_file 4096
[ 2826.067328][ T3684] active_file 4096
[ 2826.067328][ T3684] unevictable 0
[ 2826.067328][ T3684] slab_reclaimable 14584
[ 2826.067328][ T3684] slab_unreclaimable 308480136
[ 2826.074881][ T3664] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
10:16:30 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3701}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

10:16:30 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x7e00, @local}]}, 0x48}}, 0x0)

[ 2826.217800][ T3684] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3684,uid=0
[ 2826.233946][ T3684] Memory cgroup out of memory: Killed process 3684 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:16:30 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3703}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2826.300548][ T3668] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2826.357078][ T3668] device bridge1783 entered promiscuous mode
[ 2826.486197][ T3672] device macvtap2173 entered promiscuous mode
[ 2826.526988][ T3705] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2826.549816][ T3705] CPU: 1 PID: 3705 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2826.560193][ T3705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2826.570276][ T3705] Call Trace:
[ 2826.573569][ T3705]  <TASK>
[ 2826.576521][ T3705]  dump_stack_lvl+0xd1/0x138
[ 2826.581156][ T3705]  dump_header+0x10b/0x85f
[ 2826.585611][ T3705]  oom_kill_process.cold+0x10/0x15
[ 2826.590763][ T3705]  out_of_memory+0x35c/0x14a0
[ 2826.595485][ T3705]  ? find_held_lock+0x2d/0x110
[ 2826.600294][ T3705]  ? oom_killer_disable+0x280/0x280
[ 2826.605534][ T3705]  ? find_held_lock+0x2d/0x110
[ 2826.610349][ T3705]  mem_cgroup_out_of_memory+0x206/0x270
[ 2826.615932][ T3705]  ? mem_cgroup_margin+0x130/0x130
[ 2826.621071][ T3705]  ? lock_downgrade+0x6e0/0x6e0
[ 2826.625975][ T3705]  try_charge_memcg+0xef8/0x12f0
[ 2826.630947][ T3705]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2826.636951][ T3705]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2826.642689][ T3705]  ? lock_downgrade+0x6e0/0x6e0
[ 2826.647574][ T3705]  ? lock_downgrade+0x6e0/0x6e0
[ 2826.652469][ T3705]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2826.658042][ T3705]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2826.664219][ T3705]  copy_process+0x15ed/0x7190
[ 2826.668941][ T3705]  ? find_held_lock+0x2d/0x110
[ 2826.673760][ T3705]  ? __cleanup_sighand+0xb0/0xb0
[ 2826.678720][ T3705]  ? __handle_mm_fault+0x2d0f/0x3a40
[ 2826.684025][ T3705]  ? lock_downgrade+0x6e0/0x6e0
[ 2826.688909][ T3705]  ? folio_flags.constprop.0+0x53/0x150
[ 2826.694495][ T3705]  ? folio_add_lru+0x37b/0x680
[ 2826.699294][ T3705]  kernel_clone+0xeb/0x980
[ 2826.703731][ T3705]  ? create_io_thread+0xf0/0xf0
[ 2826.708609][ T3705]  ? find_held_lock+0x2d/0x110
[ 2826.713409][ T3705]  __do_sys_clone+0xba/0x100
[ 2826.718017][ T3705]  ? kernel_clone+0x980/0x980
[ 2826.722727][ T3705]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2826.728643][ T3705]  do_syscall_64+0x39/0xb0
[ 2826.733085][ T3705]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2826.739006][ T3705] RIP: 0033:0x7f8325a8d501
[ 2826.743432][ T3705] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2826.763054][ T3705] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2826.771484][ T3705] RAX: ffffffffffffffda RBX: 00007f8326788700 RCX: 00007f8325a8d501
[ 2826.779468][ T3705] RDX: 00007f83267889d0 RSI: 00007f83267882f0 RDI: 00000000003d0f00
[ 2826.787450][ T3705] RBP: 00007fff9cb6b3f0 R08: 00007f8326788700 R09: 00007f8326788700
[ 2826.795433][ T3705] R10: 00007f83267889d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2826.803414][ T3705] R13: 00007fff9cb6b25f R14: 00007f8326788300 R15: 0000000000022000
[ 2826.811414][ T3705]  </TASK>
[ 2826.845032][ T3673] device macvtap2174 entered promiscuous mode
[ 2826.856619][ T3705] memory: usage 307184kB, limit 307200kB, failcnt 66086
[ 2826.864139][ T3705] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2826.907589][ T3705] Memory cgroup stats for /syz2
[ 2826.907611][ T3681] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2826.923065][ T3705] :
[ 2826.923533][ T3705] anon 147456
[ 2826.923533][ T3705] file 417792
[ 2826.923533][ T3705] kernel 313991168
[ 2826.923533][ T3705] kernel_stack 65536
[ 2826.923533][ T3705] pagetables 77824
[ 2826.923533][ T3705] sec_pagetables 0
[ 2826.923533][ T3705] percpu 5357600
[ 2826.923533][ T3705] sock 0
[ 2826.923533][ T3705] vmalloc 0
[ 2826.923533][ T3705] shmem 417792
[ 2826.923533][ T3705] zswap 0
[ 2826.923533][ T3705] zswapped 0
[ 2826.923533][ T3705] file_mapped 417792
[ 2826.923533][ T3705] file_dirty 0
[ 2826.923533][ T3705] file_writeback 0
[ 2826.923533][ T3705] swapcached 0
[ 2826.923533][ T3705] anon_thp 0
[ 2826.923533][ T3705] file_thp 0
[ 2826.923533][ T3705] shmem_thp 0
[ 2826.923533][ T3705] inactive_anon 151552
[ 2826.923533][ T3705] active_anon 413696
[ 2826.923533][ T3705] inactive_file 0
[ 2826.923533][ T3705] active_file 0
[ 2826.923533][ T3705] unevictable 0
10:16:31 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0xde00}, 0x0)

[ 2826.923533][ T3705] slab_reclaimable 14280
[ 2826.923533][ T3705] slab_unreclaimable 308449064
[ 2826.943660][ T3681] device bridge1324 entered promiscuous mode
[ 2827.067838][ T3705] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3705,uid=0
[ 2827.068634][ T3682] device macvtap1313 entered promiscuous mode
[ 2827.083920][ T3705] Memory cgroup out of memory: Killed process 3705 (syz-executor.2) total-vm:54672kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 2827.143294][ T3703] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2827.153885][ T3703] CPU: 1 PID: 3703 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2827.164250][ T3703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2827.174330][ T3703] Call Trace:
[ 2827.177632][ T3703]  <TASK>
[ 2827.180585][ T3703]  dump_stack_lvl+0xd1/0x138
[ 2827.185217][ T3703]  dump_header+0x10b/0x85f
[ 2827.189673][ T3703]  oom_kill_process.cold+0x10/0x15
[ 2827.194823][ T3703]  out_of_memory+0x35c/0x14a0
[ 2827.199541][ T3703]  ? find_held_lock+0x2d/0x110
[ 2827.204353][ T3703]  ? oom_killer_disable+0x280/0x280
[ 2827.209592][ T3703]  ? find_held_lock+0x2d/0x110
[ 2827.214404][ T3703]  mem_cgroup_out_of_memory+0x206/0x270
[ 2827.220078][ T3703]  ? mem_cgroup_margin+0x130/0x130
[ 2827.225228][ T3703]  ? lock_downgrade+0x6e0/0x6e0
[ 2827.230148][ T3703]  try_charge_memcg+0xef8/0x12f0
[ 2827.235138][ T3703]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2827.241154][ T3703]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2827.246898][ T3703]  ? lock_downgrade+0x6e0/0x6e0
[ 2827.251802][ T3703]  obj_cgroup_charge+0x2af/0x5e0
[ 2827.256775][ T3703]  ? __anon_vma_prepare+0x64/0x580
[ 2827.261901][ T3703]  kmem_cache_alloc+0xa3/0x3d0
[ 2827.266692][ T3703]  __anon_vma_prepare+0x64/0x580
[ 2827.271645][ T3703]  ? __pmd_alloc+0x30c/0x5d0
[ 2827.276253][ T3703]  __handle_mm_fault+0x35bc/0x3a40
[ 2827.281391][ T3703]  ? vm_iomap_memory+0x190/0x190
[ 2827.286372][ T3703]  handle_mm_fault+0x1cc/0x780
[ 2827.291160][ T3703]  do_user_addr_fault+0x475/0x1210
[ 2827.296296][ T3703]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2827.301874][ T3703]  exc_page_fault+0x98/0x170
[ 2827.306485][ T3703]  asm_exc_page_fault+0x26/0x30
[ 2827.311360][ T3703] RIP: 0033:0x7f69a662bd79
[ 2827.315787][ T3703] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2827.335410][ T3703] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2827.341494][ T3703] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2827.349475][ T3703] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2827.357455][ T3703] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2827.365436][ T3703] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b234b
[ 2827.373417][ T3703] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2827.381419][ T3703]  </TASK>
[ 2827.398109][ T3703] memory: usage 307200kB, limit 307200kB, failcnt 12078
[ 2827.410952][ T3703] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2827.423463][ T3703] Memory cgroup stats for /syz1:
[ 2827.423717][ T3703] anon 135168
[ 2827.423717][ T3703] file 393216
[ 2827.423717][ T3703] kernel 314044416
[ 2827.423717][ T3703] kernel_stack 65536
[ 2827.423717][ T3703] pagetables 81920
[ 2827.423717][ T3703] sec_pagetables 0
[ 2827.423717][ T3703] percpu 5356416
[ 2827.423717][ T3703] sock 0
[ 2827.423717][ T3703] vmalloc 0
[ 2827.423717][ T3703] shmem 385024
[ 2827.423717][ T3703] zswap 0
[ 2827.423717][ T3703] zswapped 0
[ 2827.423717][ T3703] file_mapped 385024
[ 2827.423717][ T3703] file_dirty 0
[ 2827.423717][ T3703] file_writeback 0
[ 2827.423717][ T3703] swapcached 0
[ 2827.423717][ T3703] anon_thp 0
[ 2827.423717][ T3703] file_thp 0
[ 2827.423717][ T3703] shmem_thp 0
[ 2827.423717][ T3703] inactive_anon 180224
[ 2827.423717][ T3703] active_anon 339968
[ 2827.423717][ T3703] inactive_file 4096
[ 2827.423717][ T3703] active_file 4096
[ 2827.423717][ T3703] unevictable 0
[ 2827.423717][ T3703] slab_reclaimable 16512
[ 2827.423717][ T3703] slab_unreclaimable 308480480
10:16:31 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3501}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2827.539109][ T3688] device macvtap1314 entered promiscuous mode
[ 2827.545992][ T3703] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3703,uid=0
[ 2827.556730][ T3690] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
10:16:31 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x7f00, @local}]}, 0x48}}, 0x0)

[ 2827.596967][ T3690] device bridge532 entered promiscuous mode
[ 2827.610732][ T3703] Memory cgroup out of memory: Killed process 3703 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2827.636885][ T3722] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2827.670931][ T3722] device bridge1325 entered promiscuous mode
[ 2827.759494][ T3692] device macvtap559 entered promiscuous mode
[ 2827.791361][ T3723] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2827.801896][ T3723] CPU: 0 PID: 3723 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2827.812263][ T3723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2827.822344][ T3723] Call Trace:
[ 2827.825624][ T3693] device macvtap560 entered promiscuous mode
[ 2827.831621][ T3723]  <TASK>
[ 2827.834575][ T3723]  dump_stack_lvl+0xd1/0x138
[ 2827.839211][ T3723]  dump_header+0x10b/0x85f
[ 2827.841728][ T3695] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2827.843651][ T3723]  oom_kill_process.cold+0x10/0x15
[ 2827.843692][ T3723]  out_of_memory+0x35c/0x14a0
[ 2827.843732][ T3723]  ? find_held_lock+0x2d/0x110
[ 2827.867468][ T3723]  ? oom_killer_disable+0x280/0x280
[ 2827.872709][ T3723]  ? find_held_lock+0x2d/0x110
[ 2827.877526][ T3723]  mem_cgroup_out_of_memory+0x206/0x270
[ 2827.883116][ T3723]  ? mem_cgroup_margin+0x130/0x130
[ 2827.888262][ T3723]  ? lock_downgrade+0x6e0/0x6e0
[ 2827.893186][ T3723]  try_charge_memcg+0xef8/0x12f0
[ 2827.898171][ T3723]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2827.900950][ T3695] device bridge444 entered promiscuous mode
[ 2827.904178][ T3723]  ? rcu_read_unlock+0x9/0x60
[ 2827.904210][ T3723]  ? lock_downgrade+0x6e0/0x6e0
[ 2827.904268][ T3723]  charge_memcg+0x99/0x3b0
[ 2827.924076][ T3723]  __mem_cgroup_charge+0x2b/0x90
[ 2827.929042][ T3723]  ? _compound_head+0x5d/0x150
[ 2827.933839][ T3723]  __handle_mm_fault+0x17e7/0x3a40
[ 2827.938975][ T3723]  ? vm_iomap_memory+0x190/0x190
[ 2827.943961][ T3723]  handle_mm_fault+0x1cc/0x780
[ 2827.948756][ T3723]  do_user_addr_fault+0x475/0x1210
[ 2827.953896][ T3723]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2827.959473][ T3723]  exc_page_fault+0x98/0x170
[ 2827.964142][ T3723]  asm_exc_page_fault+0x26/0x30
[ 2827.969027][ T3723] RIP: 0033:0x7f69a662bd79
[ 2827.973455][ T3723] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2827.993079][ T3723] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2827.999163][ T3723] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2828.007146][ T3723] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2828.015144][ T3723] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2828.023130][ T3723] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b25b0
[ 2828.031115][ T3723] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2828.039120][ T3723]  </TASK>
[ 2828.045883][ T3723] memory: usage 307200kB, limit 307200kB, failcnt 12175
[ 2828.053181][ T3723] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
10:16:32 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x4a, @local}]}, 0x48}}, 0x0)

[ 2828.060353][ T3723] Memory cgroup stats for /syz1:
[ 2828.060571][ T3723] anon 135168
[ 2828.060571][ T3723] file 393216
[ 2828.060571][ T3723] kernel 314044416
[ 2828.060571][ T3723] kernel_stack 65536
[ 2828.060571][ T3723] pagetables 81920
[ 2828.060571][ T3723] sec_pagetables 0
[ 2828.060571][ T3723] percpu 5356416
[ 2828.060571][ T3723] sock 0
[ 2828.060571][ T3723] vmalloc 0
[ 2828.060571][ T3723] shmem 385024
[ 2828.060571][ T3723] zswap 0
[ 2828.060571][ T3723] zswapped 0
[ 2828.060571][ T3723] file_mapped 385024
[ 2828.060571][ T3723] file_dirty 0
[ 2828.060571][ T3723] file_writeback 0
[ 2828.060571][ T3723] swapcached 0
[ 2828.060571][ T3723] anon_thp 0
[ 2828.060571][ T3723] file_thp 0
[ 2828.060571][ T3723] shmem_thp 0
[ 2828.060571][ T3723] inactive_anon 180224
[ 2828.060571][ T3723] active_anon 339968
[ 2828.060571][ T3723] inactive_file 4096
[ 2828.060571][ T3723] active_file 4096
[ 2828.060571][ T3723] unevictable 0
[ 2828.060571][ T3723] slab_reclaimable 16512
[ 2828.060571][ T3723] slab_unreclaimable 308480880
[ 2828.174149][ T3704] device macvtap459 entered promiscuous mode
[ 2828.190593][ T3723] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3723,uid=0
[ 2828.206226][ T3706] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
10:16:32 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x8100, @local}]}, 0x48}}, 0x0)

[ 2828.221452][ T3723] Memory cgroup out of memory: Killed process 3723 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2828.258830][ T3706] device macvtap460 entered promiscuous mode
10:16:32 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x6c00}, 0x0)

[ 2828.371811][ T3711] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2828.448862][ T3731] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2828.474694][ T3731] CPU: 0 PID: 3731 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2828.485071][ T3731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2828.495242][ T3731] Call Trace:
[ 2828.498516][ T3731]  <TASK>
[ 2828.501454][ T3731]  dump_stack_lvl+0xd1/0x138
[ 2828.506098][ T3731]  dump_header+0x10b/0x85f
[ 2828.510556][ T3731]  oom_kill_process.cold+0x10/0x15
[ 2828.515710][ T3731]  out_of_memory+0x35c/0x14a0
[ 2828.520411][ T3731]  ? find_held_lock+0x2d/0x110
[ 2828.525212][ T3731]  ? oom_killer_disable+0x280/0x280
[ 2828.530425][ T3731]  ? find_held_lock+0x2d/0x110
[ 2828.535230][ T3731]  mem_cgroup_out_of_memory+0x206/0x270
[ 2828.540806][ T3731]  ? mem_cgroup_margin+0x130/0x130
[ 2828.545938][ T3731]  ? lock_downgrade+0x6e0/0x6e0
[ 2828.550926][ T3731]  try_charge_memcg+0xef8/0x12f0
[ 2828.555902][ T3731]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2828.561917][ T3731]  ? rcu_read_unlock+0x9/0x60
[ 2828.566609][ T3731]  ? lock_downgrade+0x6e0/0x6e0
[ 2828.571511][ T3731]  charge_memcg+0x99/0x3b0
[ 2828.575958][ T3731]  __mem_cgroup_charge+0x2b/0x90
[ 2828.580923][ T3731]  ? _compound_head+0x5d/0x150
[ 2828.585721][ T3731]  __handle_mm_fault+0x17e7/0x3a40
[ 2828.590860][ T3731]  ? vm_iomap_memory+0x190/0x190
[ 2828.595843][ T3731]  handle_mm_fault+0x1cc/0x780
[ 2828.600633][ T3731]  do_user_addr_fault+0x475/0x1210
[ 2828.605770][ T3731]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2828.611351][ T3731]  exc_page_fault+0x98/0x170
[ 2828.615962][ T3731]  asm_exc_page_fault+0x26/0x30
[ 2828.620840][ T3731] RIP: 0033:0x7f69a662bd79
[ 2828.625266][ T3731] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2828.644891][ T3731] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2828.650973][ T3731] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2828.658962][ T3731] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2828.666956][ T3731] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2828.674943][ T3731] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b2855
[ 2828.683102][ T3731] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2828.691107][ T3731]  </TASK>
[ 2828.701671][ T3731] memory: usage 307200kB, limit 307200kB, failcnt 12267
[ 2828.720194][ T3731] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2828.727245][ T3731] Memory cgroup stats for /syz1:
[ 2828.727990][ T3731] anon 135168
[ 2828.727990][ T3731] file 393216
[ 2828.727990][ T3731] kernel 314044416
[ 2828.727990][ T3731] kernel_stack 65536
[ 2828.727990][ T3731] pagetables 81920
[ 2828.727990][ T3731] sec_pagetables 0
[ 2828.727990][ T3731] percpu 5356416
[ 2828.727990][ T3731] sock 0
[ 2828.727990][ T3731] vmalloc 0
[ 2828.727990][ T3731] shmem 385024
[ 2828.727990][ T3731] zswap 0
[ 2828.727990][ T3731] zswapped 0
[ 2828.727990][ T3731] file_mapped 385024
[ 2828.727990][ T3731] file_dirty 0
[ 2828.727990][ T3731] file_writeback 0
[ 2828.727990][ T3731] swapcached 0
[ 2828.727990][ T3731] anon_thp 0
[ 2828.727990][ T3731] file_thp 0
[ 2828.727990][ T3731] shmem_thp 0
[ 2828.727990][ T3731] inactive_anon 180224
[ 2828.727990][ T3731] active_anon 339968
[ 2828.727990][ T3731] inactive_file 4096
[ 2828.727990][ T3731] active_file 4096
[ 2828.727990][ T3731] unevictable 0
[ 2828.727990][ T3731] slab_reclaimable 16512
[ 2828.727990][ T3731] slab_unreclaimable 308480880
[ 2828.830294][ T3731] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=
[ 2828.830444][ T3717] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
10:16:33 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x8200, @local}]}, 0x48}}, 0x0)

10:16:33 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3800}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2828.851379][ T3731] syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3731,uid=0
[ 2828.862099][ T3731] Memory cgroup out of memory: Killed process 3731 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2828.893662][ T3717] device bridge1784 entered promiscuous mode
[ 2829.051121][ T3718] device macvtap2174 entered promiscuous mode
[ 2829.061781][ T3738] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000
[ 2829.074171][ T3738] CPU: 0 PID: 3738 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2829.084532][ T3738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2829.094602][ T3738] Call Trace:
[ 2829.097893][ T3738]  <TASK>
[ 2829.100848][ T3738]  dump_stack_lvl+0xd1/0x138
[ 2829.105483][ T3738]  dump_header+0x10b/0x85f
[ 2829.109934][ T3738]  oom_kill_process.cold+0x10/0x15
[ 2829.115089][ T3738]  out_of_memory+0x35c/0x14a0
[ 2829.119800][ T3738]  ? find_held_lock+0x2d/0x110
[ 2829.124594][ T3738]  ? oom_killer_disable+0x280/0x280
[ 2829.125794][ T3724] device macvtap1315 entered promiscuous mode
[ 2829.129807][ T3738]  ? find_held_lock+0x2d/0x110
[ 2829.129852][ T3738]  mem_cgroup_out_of_memory+0x206/0x270
[ 2829.129885][ T3738]  ? mem_cgroup_margin+0x130/0x130
[ 2829.129913][ T3738]  ? lock_downgrade+0x6e0/0x6e0
[ 2829.129982][ T3738]  try_charge_memcg+0xef8/0x12f0
[ 2829.130028][ T3738]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2829.130068][ T3738]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2829.130101][ T3738]  ? lock_downgrade+0x6e0/0x6e0
[ 2829.130147][ T3738]  ? lock_downgrade+0x6e0/0x6e0
[ 2829.130190][ T3738]  ? rcu_read_unlock+0x9/0x60
[ 2829.130232][ T3738]  obj_cgroup_charge+0x2af/0x5e0
[ 2829.130277][ T3738]  kmem_cache_alloc_node+0xa9/0x410
[ 2829.130309][ T3738]  ? copy_process+0x5c2/0x7190
[ 2829.130345][ T3738]  copy_process+0x5c2/0x7190
[ 2829.130380][ T3738]  ? find_held_lock+0x2d/0x110
[ 2829.130421][ T3738]  ? find_held_lock+0x2d/0x110
[ 2829.130462][ T3738]  ? __cleanup_sighand+0xb0/0xb0
[ 2829.221586][ T3738]  ? __handle_mm_fault+0x2d0f/0x3a40
[ 2829.226893][ T3738]  ? lock_downgrade+0x6e0/0x6e0
[ 2829.231780][ T3738]  ? folio_flags.constprop.0+0x53/0x150
[ 2829.237366][ T3738]  ? folio_add_lru+0x37b/0x680
[ 2829.242165][ T3738]  kernel_clone+0xeb/0x980
[ 2829.246604][ T3738]  ? create_io_thread+0xf0/0xf0
[ 2829.251482][ T3738]  ? find_held_lock+0x2d/0x110
[ 2829.256286][ T3738]  __do_sys_clone+0xba/0x100
[ 2829.260897][ T3738]  ? kernel_clone+0x980/0x980
[ 2829.265699][ T3738]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2829.271620][ T3738]  do_syscall_64+0x39/0xb0
[ 2829.276064][ T3738]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2829.281981][ T3738] RIP: 0033:0x7f8325a8d501
[ 2829.286411][ T3738] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2829.306041][ T3738] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2829.314470][ T3738] RAX: ffffffffffffffda RBX: 00007f8326788700 RCX: 00007f8325a8d501
[ 2829.322453][ T3738] RDX: 00007f83267889d0 RSI: 00007f83267882f0 RDI: 00000000003d0f00
[ 2829.330435][ T3738] RBP: 00007fff9cb6b3f0 R08: 00007f8326788700 R09: 00007f8326788700
[ 2829.338416][ T3738] R10: 00007f83267889d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
10:16:33 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0xe003}, 0x0)

[ 2829.346398][ T3738] R13: 00007fff9cb6b25f R14: 00007f8326788300 R15: 0000000000022000
[ 2829.354400][ T3738]  </TASK>
[ 2829.361209][ T3738] memory: usage 307200kB, limit 307200kB, failcnt 66269
[ 2829.382356][ T3738] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2829.392554][ T3722] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2829.405691][ T3738] Memory cgroup stats for /syz2:
[ 2829.405941][ T3738] anon 147456
[ 2829.405941][ T3738] file 417792
[ 2829.405941][ T3738] kernel 313991168
[ 2829.405941][ T3738] kernel_stack 65536
[ 2829.405941][ T3738] pagetables 77824
[ 2829.405941][ T3738] sec_pagetables 0
[ 2829.405941][ T3738] percpu 5357600
[ 2829.405941][ T3738] sock 0
[ 2829.405941][ T3738] vmalloc 0
[ 2829.405941][ T3738] shmem 417792
[ 2829.405941][ T3738] zswap 0
[ 2829.405941][ T3738] zswapped 0
[ 2829.405941][ T3738] file_mapped 417792
[ 2829.405941][ T3738] file_dirty 0
[ 2829.405941][ T3738] file_writeback 0
[ 2829.405941][ T3738] swapcached 0
[ 2829.405941][ T3738] anon_thp 0
[ 2829.405941][ T3738] file_thp 0
[ 2829.405941][ T3738] shmem_thp 0
[ 2829.405941][ T3738] inactive_anon 151552
[ 2829.405941][ T3738] active_anon 413696
[ 2829.405941][ T3738] inactive_file 0
[ 2829.405941][ T3738] active_file 0
[ 2829.405941][ T3738] unevictable 0
[ 2829.405941][ T3738] slab_reclaimable 14280
[ 2829.405941][ T3738] slab_unreclaimable 308449784
[ 2829.505600][ T3738] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3738,uid=0
[ 2829.519896][ T3722] device macvtap1316 entered promiscuous mode
[ 2829.522279][ T3738] Memory cgroup out of memory: Killed process 3738 (syz-executor.2) total-vm:54672kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 2829.547712][ T3740] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2829.564868][ T3740] CPU: 1 PID: 3740 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2829.575235][ T3740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2829.585314][ T3740] Call Trace:
[ 2829.588612][ T3740]  <TASK>
[ 2829.591565][ T3740]  dump_stack_lvl+0xd1/0x138
[ 2829.596200][ T3740]  dump_header+0x10b/0x85f
[ 2829.600661][ T3740]  oom_kill_process.cold+0x10/0x15
[ 2829.605817][ T3740]  out_of_memory+0x35c/0x14a0
[ 2829.610547][ T3740]  ? oom_killer_disable+0x280/0x280
[ 2829.615789][ T3740]  ? find_held_lock+0x2d/0x110
[ 2829.620602][ T3740]  mem_cgroup_out_of_memory+0x206/0x270
[ 2829.626185][ T3740]  ? mem_cgroup_margin+0x130/0x130
[ 2829.631327][ T3740]  ? lock_downgrade+0x6e0/0x6e0
[ 2829.636251][ T3740]  try_charge_memcg+0xef8/0x12f0
[ 2829.641237][ T3740]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2829.647267][ T3740]  ? rcu_read_unlock+0x9/0x60
[ 2829.651975][ T3740]  ? lock_downgrade+0x6e0/0x6e0
[ 2829.656890][ T3740]  charge_memcg+0x99/0x3b0
[ 2829.661354][ T3740]  __mem_cgroup_charge+0x2b/0x90
[ 2829.666341][ T3740]  wp_page_copy+0x2bf/0x1ca0
[ 2829.670997][ T3740]  ? page_try_dup_anon_rmap.constprop.0+0xd10/0xd10
[ 2829.677654][ T3740]  ? lock_downgrade+0x6e0/0x6e0
[ 2829.682551][ T3740]  ? vm_normal_page+0x14a/0x2a0
[ 2829.687451][ T3740]  do_wp_page+0x1d1/0x1930
[ 2829.691907][ T3740]  __handle_mm_fault+0x181b/0x3a40
[ 2829.697062][ T3740]  ? vm_iomap_memory+0x190/0x190
[ 2829.702067][ T3740]  handle_mm_fault+0x1cc/0x780
[ 2829.706872][ T3740]  do_user_addr_fault+0x475/0x1210
[ 2829.712028][ T3740]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2829.717623][ T3740]  exc_page_fault+0x98/0x170
[ 2829.722249][ T3740]  asm_exc_page_fault+0x26/0x30
[ 2829.727138][ T3740] RIP: 0033:0x7f69a6639580
[ 2829.731581][ T3740] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48
[ 2829.751218][ T3740] RSP: 002b:00007ffea4dd30b0 EFLAGS: 00010246
[ 2829.757316][ T3740] RAX: 0000000080c770a3 RBX: 00007f69a67ac018 RCX: 0000001b31f20000
[ 2829.765314][ T3740] RDX: 0000000000000000 RSI: 0000001b31f20018 RDI: 000000000a22ceb9
[ 2829.773310][ T3740] RBP: 0000000080c770a3 R08: 00000000000010a3 R09: 0000000080c770a7
[ 2829.781306][ T3740] R10: 00007ffea4dd3270 R11: 0000000000000246 R12: 00007f69a67a0000
[ 2829.789305][ T3740] R13: 0000000000000001 R14: 0000000000000011 R15: ffffffff83cc9a08
[ 2829.797300][ T3740]  ? apparmor_socket_create+0x228/0x660
[ 2829.802917][ T3740]  </TASK>
[ 2829.813952][ T3740] memory: usage 307184kB, limit 307200kB, failcnt 12319
[ 2829.821175][ T3740] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2829.840922][ T3740] Memory cgroup stats for /syz1:
[ 2829.841167][ T3740] anon 131072
[ 2829.841167][ T3740] file 393216
[ 2829.841167][ T3740] kernel 314032128
[ 2829.841167][ T3740] kernel_stack 65536
[ 2829.841167][ T3740] pagetables 73728
[ 2829.841167][ T3740] sec_pagetables 0
[ 2829.841167][ T3740] percpu 5356416
[ 2829.841167][ T3740] sock 0
[ 2829.841167][ T3740] vmalloc 0
[ 2829.841167][ T3740] shmem 385024
[ 2829.841167][ T3740] zswap 0
[ 2829.841167][ T3740] zswapped 0
[ 2829.841167][ T3740] file_mapped 385024
[ 2829.841167][ T3740] file_dirty 0
[ 2829.841167][ T3740] file_writeback 0
[ 2829.841167][ T3740] swapcached 0
[ 2829.841167][ T3740] anon_thp 0
[ 2829.841167][ T3740] file_thp 0
[ 2829.841167][ T3740] shmem_thp 0
[ 2829.841167][ T3740] inactive_anon 176128
[ 2829.841167][ T3740] active_anon 339968
[ 2829.841167][ T3740] inactive_file 4096
[ 2829.841167][ T3740] active_file 4096
[ 2829.841167][ T3740] unevictable 0
[ 2829.841167][ T3740] slab_reclaimable 14584
[ 2829.841167][ T3740] slab_unreclaimable 308480136
[ 2829.871231][ T3727] device bridge533 entered promiscuous mode
[ 2829.937780][ T3740] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3740,uid=0
10:16:34 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x8100, @local}]}, 0x48}}, 0x0)

10:16:34 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x8300, @local}]}, 0x48}}, 0x0)

[ 2829.957779][ T3740] Memory cgroup out of memory: Killed process 3740 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 2830.044338][ T3729] device macvtap561 entered promiscuous mode
10:16:34 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3202}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2830.096372][ T3730] device macvtap562 entered promiscuous mode
[ 2830.132304][ T3735] device bridge445 entered promiscuous mode
[ 2830.200478][ T3748] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2830.216017][ T3736] device macvtap460 entered promiscuous mode
[ 2830.224017][ T3748] CPU: 1 PID: 3748 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2830.234392][ T3748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2830.244474][ T3748] Call Trace:
[ 2830.247770][ T3748]  <TASK>
[ 2830.250727][ T3748]  dump_stack_lvl+0xd1/0x138
[ 2830.255369][ T3748]  dump_header+0x10b/0x85f
[ 2830.259824][ T3748]  oom_kill_process.cold+0x10/0x15
[ 2830.264975][ T3748]  out_of_memory+0x35c/0x14a0
[ 2830.269700][ T3748]  ? find_held_lock+0x2d/0x110
[ 2830.274509][ T3748]  ? oom_killer_disable+0x280/0x280
[ 2830.279842][ T3748]  ? find_held_lock+0x2d/0x110
[ 2830.284665][ T3748]  mem_cgroup_out_of_memory+0x206/0x270
[ 2830.290251][ T3748]  ? mem_cgroup_margin+0x130/0x130
[ 2830.295396][ T3748]  ? lock_downgrade+0x6e0/0x6e0
[ 2830.300316][ T3748]  try_charge_memcg+0xef8/0x12f0
[ 2830.305311][ T3748]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2830.311348][ T3748]  ? rcu_read_unlock+0x9/0x60
[ 2830.316150][ T3748]  ? lock_downgrade+0x6e0/0x6e0
[ 2830.321067][ T3748]  charge_memcg+0x99/0x3b0
[ 2830.325527][ T3748]  __mem_cgroup_charge+0x2b/0x90
[ 2830.330510][ T3748]  wp_page_copy+0x2bf/0x1ca0
[ 2830.335160][ T3748]  ? page_try_dup_anon_rmap.constprop.0+0xd10/0xd10
[ 2830.341796][ T3748]  ? lock_downgrade+0x6e0/0x6e0
[ 2830.346703][ T3748]  ? vm_normal_page+0x14a/0x2a0
[ 2830.351605][ T3748]  do_wp_page+0x1d1/0x1930
[ 2830.356058][ T3748]  __handle_mm_fault+0x181b/0x3a40
[ 2830.361214][ T3748]  ? vm_iomap_memory+0x190/0x190
[ 2830.366220][ T3748]  handle_mm_fault+0x1cc/0x780
[ 2830.371026][ T3748]  do_user_addr_fault+0x475/0x1210
[ 2830.376182][ T3748]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2830.381782][ T3748]  exc_page_fault+0x98/0x170
[ 2830.386406][ T3748]  asm_exc_page_fault+0x26/0x30
[ 2830.391300][ T3748] RIP: 0033:0x7f69a6639580
[ 2830.395746][ T3748] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48
[ 2830.415391][ T3748] RSP: 002b:00007ffea4dd30b0 EFLAGS: 00010246
[ 2830.421488][ T3748] RAX: 0000000080c770a3 RBX: 00007f69a67ac018 RCX: 0000001b31f20000
[ 2830.429489][ T3748] RDX: 0000000000000000 RSI: 0000001b31f20018 RDI: 000000000a22ceb9
[ 2830.437488][ T3748] RBP: 0000000080c770a3 R08: 00000000000010a3 R09: 0000000080c770a7
[ 2830.445481][ T3748] R10: 00007ffea4dd3270 R11: 0000000000000246 R12: 00007f69a67a0000
[ 2830.453471][ T3748] R13: 0000000000000001 R14: 0000000000000011 R15: ffffffff83cc9a08
[ 2830.461466][ T3748]  ? apparmor_socket_create+0x228/0x660
[ 2830.463504][ T3737] device macvtap461 entered promiscuous mode
[ 2830.467052][ T3748]  </TASK>
[ 2830.481053][ T3748] memory: usage 307184kB, limit 307200kB, failcnt 12411
[ 2830.488500][ T3748] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2830.495757][ T3748] Memory cgroup stats for /syz1:
[ 2830.495957][ T3748] anon 131072
[ 2830.495957][ T3748] file 393216
[ 2830.495957][ T3748] kernel 314032128
[ 2830.495957][ T3748] kernel_stack 65536
[ 2830.495957][ T3748] pagetables 73728
[ 2830.495957][ T3748] sec_pagetables 0
[ 2830.495957][ T3748] percpu 5356416
[ 2830.495957][ T3748] sock 0
[ 2830.495957][ T3748] vmalloc 0
[ 2830.495957][ T3748] shmem 385024
[ 2830.495957][ T3748] zswap 0
[ 2830.495957][ T3748] zswapped 0
[ 2830.495957][ T3748] file_mapped 385024
[ 2830.495957][ T3748] file_dirty 0
[ 2830.495957][ T3748] file_writeback 0
[ 2830.495957][ T3748] swapcached 0
[ 2830.495957][ T3748] anon_thp 0
[ 2830.495957][ T3748] file_thp 0
[ 2830.495957][ T3748] shmem_thp 0
[ 2830.495957][ T3748] inactive_anon 176128
[ 2830.495957][ T3748] active_anon 339968
[ 2830.495957][ T3748] inactive_file 4096
[ 2830.495957][ T3748] active_file 4096
[ 2830.495957][ T3748] unevictable 0
[ 2830.495957][ T3748] slab_reclaimable 14584
[ 2830.495957][ T3748] slab_unreclaimable 308480136
10:16:34 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x8400, @local}]}, 0x48}}, 0x0)

[ 2830.595824][ T3748] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3748,uid=0
[ 2830.611872][ T3748] Memory cgroup out of memory: Killed process 3748 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:16:34 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0xf, @local}]}, 0x48}}, 0x0)

[ 2830.750842][ T3756] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2830.761221][ T3756] CPU: 0 PID: 3756 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2830.771761][ T3756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2830.781848][ T3756] Call Trace:
[ 2830.785147][ T3756]  <TASK>
[ 2830.788094][ T3756]  dump_stack_lvl+0xd1/0x138
[ 2830.792730][ T3756]  dump_header+0x10b/0x85f
[ 2830.797155][ T3756]  oom_kill_process.cold+0x10/0x15
[ 2830.802270][ T3756]  out_of_memory+0x35c/0x14a0
[ 2830.806970][ T3756]  ? find_held_lock+0x2d/0x110
[ 2830.811789][ T3756]  ? oom_killer_disable+0x280/0x280
[ 2830.817046][ T3756]  ? find_held_lock+0x2d/0x110
[ 2830.821871][ T3756]  mem_cgroup_out_of_memory+0x206/0x270
[ 2830.827464][ T3756]  ? mem_cgroup_margin+0x130/0x130
[ 2830.832617][ T3756]  ? lock_downgrade+0x6e0/0x6e0
[ 2830.837545][ T3756]  try_charge_memcg+0xef8/0x12f0
[ 2830.842527][ T3756]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2830.848547][ T3756]  ? rcu_read_unlock+0x9/0x60
[ 2830.853248][ T3756]  ? lock_downgrade+0x6e0/0x6e0
[ 2830.858145][ T3756]  charge_memcg+0x99/0x3b0
[ 2830.862633][ T3756]  __mem_cgroup_charge+0x2b/0x90
[ 2830.867613][ T3756]  wp_page_copy+0x2bf/0x1ca0
[ 2830.872270][ T3756]  ? page_try_dup_anon_rmap.constprop.0+0xd10/0xd10
[ 2830.878902][ T3756]  ? lock_downgrade+0x6e0/0x6e0
[ 2830.883832][ T3756]  ? vm_normal_page+0x14a/0x2a0
[ 2830.888722][ T3756]  do_wp_page+0x1d1/0x1930
[ 2830.893166][ T3756]  __handle_mm_fault+0x181b/0x3a40
[ 2830.898309][ T3756]  ? vm_iomap_memory+0x190/0x190
[ 2830.903303][ T3756]  handle_mm_fault+0x1cc/0x780
[ 2830.908100][ T3756]  do_user_addr_fault+0x475/0x1210
[ 2830.913236][ T3756]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2830.918817][ T3756]  exc_page_fault+0x98/0x170
[ 2830.923424][ T3756]  asm_exc_page_fault+0x26/0x30
[ 2830.928296][ T3756] RIP: 0033:0x7f69a6639580
[ 2830.932724][ T3756] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48
[ 2830.952350][ T3756] RSP: 002b:00007ffea4dd30b0 EFLAGS: 00010246
[ 2830.958432][ T3756] RAX: 0000000080c770a3 RBX: 00007f69a67ac018 RCX: 0000001b31f20000
[ 2830.966482][ T3756] RDX: 0000000000000000 RSI: 0000001b31f20018 RDI: 000000000a22ceb9
[ 2830.974477][ T3756] RBP: 0000000080c770a3 R08: 00000000000010a3 R09: 0000000080c770a7
[ 2830.982576][ T3756] R10: 00007ffea4dd3270 R11: 0000000000000246 R12: 00007f69a67a0000
[ 2830.990569][ T3756] R13: 0000000000000001 R14: 0000000000000011 R15: ffffffff83cc9a08
[ 2830.998561][ T3756]  ? apparmor_socket_create+0x228/0x660
[ 2831.004160][ T3756]  </TASK>
[ 2831.021679][ T3756] memory: usage 307192kB, limit 307200kB, failcnt 12493
[ 2831.029405][ T3756] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2831.047703][ T3756] Memory cgroup stats for /syz1:
[ 2831.047940][ T3756] anon 131072
[ 2831.047940][ T3756] file 393216
[ 2831.047940][ T3756] kernel 314032128
[ 2831.047940][ T3756] kernel_stack 65536
[ 2831.047940][ T3756] pagetables 73728
[ 2831.047940][ T3756] sec_pagetables 0
[ 2831.047940][ T3756] percpu 5356416
[ 2831.047940][ T3756] sock 0
[ 2831.047940][ T3756] vmalloc 0
[ 2831.047940][ T3756] shmem 385024
[ 2831.047940][ T3756] zswap 0
[ 2831.047940][ T3756] zswapped 0
[ 2831.047940][ T3756] file_mapped 385024
[ 2831.047940][ T3756] file_dirty 0
[ 2831.047940][ T3756] file_writeback 0
[ 2831.047940][ T3756] swapcached 0
[ 2831.047940][ T3756] anon_thp 0
[ 2831.047940][ T3756] file_thp 0
[ 2831.047940][ T3756] shmem_thp 0
[ 2831.047940][ T3756] inactive_anon 176128
[ 2831.047940][ T3756] active_anon 339968
[ 2831.047940][ T3756] inactive_file 4096
[ 2831.047940][ T3756] active_file 4096
[ 2831.047940][ T3756] unevictable 0
[ 2831.047940][ T3756] slab_reclaimable 14584
[ 2831.047940][ T3756] slab_unreclaimable 308480136
10:16:35 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3801}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2831.154614][ T3743] __nla_validate_parse: 3 callbacks suppressed
[ 2831.154633][ T3743] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2831.202939][ T3743] device bridge1785 entered promiscuous mode
[ 2831.270653][ T3756] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3756,uid=0
[ 2831.300341][ T3744] device macvtap2175 entered promiscuous mode
[ 2831.341114][ T3756] Memory cgroup out of memory: Killed process 3756 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 2831.371101][ T3762] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2831.391195][ T3745] device macvtap2176 entered promiscuous mode
[ 2831.397605][ T3762] CPU: 0 PID: 3762 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2831.407974][ T3762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2831.418053][ T3762] Call Trace:
[ 2831.421353][ T3762]  <TASK>
[ 2831.424311][ T3762]  dump_stack_lvl+0xd1/0x138
[ 2831.428940][ T3762]  dump_header+0x10b/0x85f
[ 2831.433392][ T3762]  oom_kill_process.cold+0x10/0x15
10:16:35 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x8500, @local}]}, 0x48}}, 0x0)

[ 2831.438540][ T3762]  out_of_memory+0x35c/0x14a0
[ 2831.443264][ T3762]  ? oom_killer_disable+0x280/0x280
[ 2831.448509][ T3762]  ? find_held_lock+0x2d/0x110
[ 2831.453325][ T3762]  mem_cgroup_out_of_memory+0x206/0x270
[ 2831.458909][ T3762]  ? mem_cgroup_margin+0x130/0x130
[ 2831.464049][ T3762]  ? lock_downgrade+0x6e0/0x6e0
[ 2831.468985][ T3762]  try_charge_memcg+0xef8/0x12f0
[ 2831.473985][ T3762]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2831.480010][ T3762]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2831.485768][ T3762]  ? lock_downgrade+0x6e0/0x6e0
[ 2831.490690][ T3762]  obj_cgroup_charge+0x2af/0x5e0
[ 2831.495673][ T3762]  ? vm_area_dup+0x85/0x380
[ 2831.500207][ T3762]  kmem_cache_alloc+0xa3/0x3d0
[ 2831.505000][ T3762]  vm_area_dup+0x85/0x380
[ 2831.509339][ T3762]  ? mt_slot+0xa1/0x170
[ 2831.513522][ T3762]  ? mas_next_nentry+0x610/0xab0
[ 2831.518486][ T3762]  ? mas_next_node+0x547/0xa00
[ 2831.523306][ T3762]  ? mas_find+0x211/0xd10
[ 2831.527662][ T3762]  ? vm_area_alloc+0x100/0x100
[ 2831.532432][ T3762]  ? validate_mm_mt+0x149/0x1b0
[ 2831.537285][ T3762]  ? remove_vma+0x130/0x130
[ 2831.541793][ T3762]  ? can_vma_merge_before+0x390/0x390
[ 2831.547168][ T3762]  __split_vma+0xae/0x5e0
[ 2831.551497][ T3762]  ? vma_merge+0x2cf/0x870
[ 2831.555915][ T3762]  split_vma+0xa3/0xe0
[ 2831.560001][ T3762]  mprotect_fixup+0x6cb/0x960
[ 2831.564731][ T3762]  ? mas_find+0x211/0xd10
[ 2831.569090][ T3762]  ? change_protection+0x4290/0x4290
[ 2831.574431][ T3762]  do_mprotect_pkey+0x6fd/0xa70
[ 2831.579319][ T3762]  ? mprotect_fixup+0x960/0x960
[ 2831.584171][ T3762]  ? up_write+0x1b0/0x520
[ 2831.588537][ T3762]  __x64_sys_mprotect+0x78/0xb0
[ 2831.593389][ T3762]  do_syscall_64+0x39/0xb0
[ 2831.597806][ T3762]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2831.603697][ T3762] RIP: 0033:0x7f8325a8c1e7
[ 2831.608115][ T3762] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2831.627735][ T3762] RSP: 002b:00007fff9cb6b1f8 EFLAGS: 00000206 ORIG_RAX: 000000000000000a
[ 2831.636141][ T3762] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f8325a8c1e7
[ 2831.644106][ T3762] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f8326769000
[ 2831.652074][ T3762] RBP: 00007fff9cb6b2d0 R08: 00000000ffffffff R09: 00007f8326788700
[ 2831.660053][ T3762] R10: 0000000000020022 R11: 0000000000000206 R12: 00007fff9cb6b3f0
[ 2831.668055][ T3762] R13: 00007f8326788700 R14: 0000000000000000 R15: 0000000000022000
[ 2831.676073][ T3762]  </TASK>
[ 2831.694553][ T3762] memory: usage 307176kB, limit 307200kB, failcnt 66437
[ 2831.701872][ T3762] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2831.710148][ T3762] Memory cgroup stats for /syz2:
[ 2831.710394][ T3762] anon 143360
[ 2831.710394][ T3762] file 417792
[ 2831.710394][ T3762] kernel 313987072
[ 2831.710394][ T3762] kernel_stack 65536
[ 2831.710394][ T3762] pagetables 77824
[ 2831.710394][ T3762] sec_pagetables 0
[ 2831.710394][ T3762] percpu 5357600
[ 2831.710394][ T3762] sock 0
[ 2831.710394][ T3762] vmalloc 0
[ 2831.710394][ T3762] shmem 417792
[ 2831.710394][ T3762] zswap 0
[ 2831.710394][ T3762] zswapped 0
[ 2831.710394][ T3762] file_mapped 417792
[ 2831.710394][ T3762] file_dirty 0
[ 2831.710394][ T3762] file_writeback 0
[ 2831.710394][ T3762] swapcached 0
[ 2831.710394][ T3762] anon_thp 0
[ 2831.710394][ T3762] file_thp 0
[ 2831.710394][ T3762] shmem_thp 0
[ 2831.710394][ T3762] inactive_anon 139264
[ 2831.710394][ T3762] active_anon 413696
[ 2831.710394][ T3762] inactive_file 0
[ 2831.710394][ T3762] active_file 0
[ 2831.710394][ T3762] unevictable 0
[ 2831.710394][ T3762] slab_reclaimable 14280
[ 2831.710394][ T3762] slab_unreclaimable 308447184
[ 2831.811464][ T3762] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3762,uid=0
[ 2831.827164][ T3747] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
10:16:36 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0xf000}, 0x0)

[ 2831.827880][ T3762] Memory cgroup out of memory: Killed process 3762 (syz-executor.2) total-vm:54672kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 2831.873770][ T3747] device bridge1326 entered promiscuous mode
[ 2831.904662][ T3764] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2831.927731][ T3764] CPU: 1 PID: 3764 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2831.938107][ T3764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2831.941516][ T3767] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2831.948161][ T3764] Call Trace:
[ 2831.948173][ T3764]  <TASK>
[ 2831.948184][ T3764]  dump_stack_lvl+0xd1/0x138
[ 2831.948224][ T3764]  dump_header+0x10b/0x85f
[ 2831.948259][ T3764]  oom_kill_process.cold+0x10/0x15
[ 2831.948293][ T3764]  out_of_memory+0x35c/0x14a0
[ 2831.948333][ T3764]  ? find_held_lock+0x2d/0x110
[ 2831.987268][ T3764]  ? oom_killer_disable+0x280/0x280
[ 2831.992496][ T3764]  ? find_held_lock+0x2d/0x110
[ 2831.997294][ T3764]  mem_cgroup_out_of_memory+0x206/0x270
[ 2832.002857][ T3764]  ? mem_cgroup_margin+0x130/0x130
[ 2832.007980][ T3764]  ? lock_downgrade+0x6e0/0x6e0
[ 2832.012874][ T3764]  try_charge_memcg+0xef8/0x12f0
[ 2832.017839][ T3764]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2832.023846][ T3764]  ? rcu_read_unlock+0x9/0x60
[ 2832.028538][ T3764]  ? lock_downgrade+0x6e0/0x6e0
[ 2832.033428][ T3764]  charge_memcg+0x99/0x3b0
[ 2832.037866][ T3764]  __mem_cgroup_charge+0x2b/0x90
[ 2832.042830][ T3764]  wp_page_copy+0x2bf/0x1ca0
[ 2832.047461][ T3764]  ? page_try_dup_anon_rmap.constprop.0+0xd10/0xd10
[ 2832.054080][ T3764]  ? lock_downgrade+0x6e0/0x6e0
[ 2832.058957][ T3764]  ? vm_normal_page+0x14a/0x2a0
[ 2832.063835][ T3764]  do_wp_page+0x1d1/0x1930
[ 2832.068270][ T3764]  __handle_mm_fault+0x181b/0x3a40
[ 2832.073403][ T3764]  ? vm_iomap_memory+0x190/0x190
[ 2832.078379][ T3764]  handle_mm_fault+0x1cc/0x780
[ 2832.083163][ T3764]  do_user_addr_fault+0x475/0x1210
[ 2832.088295][ T3764]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2832.093873][ T3764]  exc_page_fault+0x98/0x170
[ 2832.098479][ T3764]  asm_exc_page_fault+0x26/0x30
[ 2832.103348][ T3764] RIP: 0033:0x7f69a6639580
[ 2832.107782][ T3764] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48
[ 2832.127408][ T3764] RSP: 002b:00007ffea4dd30b0 EFLAGS: 00010246
[ 2832.133486][ T3764] RAX: 0000000080c770a3 RBX: 00007f69a67ac018 RCX: 0000001b31f20000
[ 2832.141465][ T3764] RDX: 0000000000000000 RSI: 0000001b31f20018 RDI: 000000000a22ceb9
[ 2832.149442][ T3764] RBP: 0000000080c770a3 R08: 00000000000010a3 R09: 0000000080c770a7
[ 2832.157421][ T3764] R10: 00007ffea4dd3270 R11: 0000000000000246 R12: 00007f69a67a0000
[ 2832.165398][ T3764] R13: 0000000000000001 R14: 0000000000000011 R15: ffffffff83cc9a08
[ 2832.173377][ T3764]  ? apparmor_socket_create+0x228/0x660
[ 2832.178967][ T3764]  </TASK>
[ 2832.196799][ T3767] device bridge1786 entered promiscuous mode
[ 2832.219395][ T3764] memory: usage 307184kB, limit 307200kB, failcnt 12592
[ 2832.226607][ T3764] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2832.234103][ T3764] Memory cgroup stats for /syz1:
[ 2832.234339][ T3764] anon 131072
[ 2832.234339][ T3764] file 393216
[ 2832.234339][ T3764] kernel 314032128
[ 2832.234339][ T3764] kernel_stack 65536
[ 2832.234339][ T3764] pagetables 73728
[ 2832.234339][ T3764] sec_pagetables 0
[ 2832.234339][ T3764] percpu 5356416
[ 2832.234339][ T3764] sock 0
[ 2832.234339][ T3764] vmalloc 0
[ 2832.234339][ T3764] shmem 385024
[ 2832.234339][ T3764] zswap 0
[ 2832.234339][ T3764] zswapped 0
[ 2832.234339][ T3764] file_mapped 385024
[ 2832.234339][ T3764] file_dirty 0
[ 2832.234339][ T3764] file_writeback 0
[ 2832.234339][ T3764] swapcached 0
[ 2832.234339][ T3764] anon_thp 0
[ 2832.234339][ T3764] file_thp 0
[ 2832.234339][ T3764] shmem_thp 0
[ 2832.234339][ T3764] inactive_anon 176128
[ 2832.234339][ T3764] active_anon 339968
[ 2832.234339][ T3764] inactive_file 4096
[ 2832.234339][ T3764] active_file 4096
[ 2832.234339][ T3764] unevictable 0
[ 2832.234339][ T3764] slab_reclaimable 14584
[ 2832.234339][ T3764] slab_unreclaimable 308479832
[ 2832.285862][ T3749] device macvtap1316 entered promiscuous mode
[ 2832.341186][ T3764] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3764,uid=0
10:16:36 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x8600, @local}]}, 0x48}}, 0x0)

[ 2832.356851][ T3764] Memory cgroup out of memory: Killed process 3764 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 2832.479394][ T3751] device macvtap1317 entered promiscuous mode
[ 2832.510811][ T3753] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2832.520483][ T3769] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2832.535043][ T3769] CPU: 1 PID: 3769 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2832.545414][ T3769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2832.555494][ T3769] Call Trace:
[ 2832.558794][ T3769]  <TASK>
[ 2832.561742][ T3769]  dump_stack_lvl+0xd1/0x138
[ 2832.566361][ T3769]  dump_header+0x10b/0x85f
[ 2832.570800][ T3769]  oom_kill_process.cold+0x10/0x15
[ 2832.575935][ T3769]  out_of_memory+0x35c/0x14a0
[ 2832.580639][ T3769]  ? find_held_lock+0x2d/0x110
[ 2832.585430][ T3769]  ? oom_killer_disable+0x280/0x280
[ 2832.590652][ T3769]  ? find_held_lock+0x2d/0x110
[ 2832.595447][ T3769]  mem_cgroup_out_of_memory+0x206/0x270
[ 2832.601011][ T3769]  ? mem_cgroup_margin+0x130/0x130
[ 2832.606137][ T3769]  ? lock_downgrade+0x6e0/0x6e0
[ 2832.611038][ T3769]  try_charge_memcg+0xef8/0x12f0
[ 2832.616005][ T3769]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2832.622016][ T3769]  ? rcu_read_unlock+0x9/0x60
[ 2832.626707][ T3769]  ? lock_downgrade+0x6e0/0x6e0
[ 2832.631602][ T3769]  charge_memcg+0x99/0x3b0
[ 2832.636045][ T3769]  __mem_cgroup_charge+0x2b/0x90
[ 2832.641008][ T3769]  wp_page_copy+0x2bf/0x1ca0
[ 2832.645641][ T3769]  ? page_try_dup_anon_rmap.constprop.0+0xd10/0xd10
[ 2832.652263][ T3769]  ? lock_downgrade+0x6e0/0x6e0
[ 2832.657141][ T3769]  ? vm_normal_page+0x14a/0x2a0
[ 2832.662018][ T3769]  do_wp_page+0x1d1/0x1930
[ 2832.666454][ T3769]  __handle_mm_fault+0x181b/0x3a40
[ 2832.671589][ T3769]  ? vm_iomap_memory+0x190/0x190
[ 2832.676567][ T3769]  handle_mm_fault+0x1cc/0x780
[ 2832.681355][ T3769]  do_user_addr_fault+0x475/0x1210
[ 2832.686490][ T3769]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2832.692065][ T3769]  exc_page_fault+0x98/0x170
[ 2832.696674][ T3769]  asm_exc_page_fault+0x26/0x30
[ 2832.701551][ T3769] RIP: 0033:0x7f69a6639580
[ 2832.705980][ T3769] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48
[ 2832.725599][ T3769] RSP: 002b:00007ffea4dd30b0 EFLAGS: 00010246
[ 2832.731677][ T3769] RAX: 0000000080c770a3 RBX: 00007f69a67ac018 RCX: 0000001b31f20000
[ 2832.739660][ T3769] RDX: 0000000000000000 RSI: 0000001b31f20018 RDI: 000000000a22ceb9
[ 2832.747648][ T3769] RBP: 0000000080c770a3 R08: 00000000000010a3 R09: 0000000080c770a7
[ 2832.755646][ T3769] R10: 00007ffea4dd3270 R11: 0000000000000246 R12: 00007f69a67a0000
[ 2832.763641][ T3769] R13: 0000000000000001 R14: 0000000000000011 R15: ffffffff83cc9a08
[ 2832.771629][ T3769]  ? apparmor_socket_create+0x228/0x660
[ 2832.777232][ T3769]  </TASK>
10:16:36 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0xa, @local}]}, 0x48}}, 0x0)

[ 2832.798328][ T3769] memory: usage 307192kB, limit 307200kB, failcnt 12660
[ 2832.805058][ T3753] device bridge534 entered promiscuous mode
[ 2832.805470][ T3769] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2832.823196][ T3769] Memory cgroup stats for /syz1:
[ 2832.823435][ T3769] anon 131072
[ 2832.823435][ T3769] file 393216
[ 2832.823435][ T3769] kernel 314032128
[ 2832.823435][ T3769] kernel_stack 65536
[ 2832.823435][ T3769] pagetables 73728
[ 2832.823435][ T3769] sec_pagetables 0
[ 2832.823435][ T3769] percpu 5356416
[ 2832.823435][ T3769] sock 0
[ 2832.823435][ T3769] vmalloc 0
[ 2832.823435][ T3769] shmem 385024
[ 2832.823435][ T3769] zswap 0
[ 2832.823435][ T3769] zswapped 0
[ 2832.823435][ T3769] file_mapped 385024
[ 2832.823435][ T3769] file_dirty 0
[ 2832.823435][ T3769] file_writeback 0
[ 2832.823435][ T3769] swapcached 0
[ 2832.823435][ T3769] anon_thp 0
[ 2832.823435][ T3769] file_thp 0
[ 2832.823435][ T3769] shmem_thp 0
[ 2832.823435][ T3769] inactive_anon 176128
[ 2832.823435][ T3769] active_anon 339968
[ 2832.823435][ T3769] inactive_file 4096
[ 2832.823435][ T3769] active_file 4096
[ 2832.823435][ T3769] unevictable 0
[ 2832.823435][ T3769] slab_reclaimable 14584
[ 2832.823435][ T3769] slab_unreclaimable 308480136
[ 2832.904047][ T3754] device macvtap563 entered promiscuous mode
[ 2832.928475][ T3769] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3769,uid=0
10:16:37 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x8700, @local}]}, 0x48}}, 0x0)

[ 2832.944850][ T3769] Memory cgroup out of memory: Killed process 3769 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 2832.962621][ T3755] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2833.021577][ T3755] device macvtap564 entered promiscuous mode
10:16:37 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x3f00}, 0x0)

[ 2833.110114][ T3759] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2833.167909][ T3759] device bridge446 entered promiscuous mode
[ 2833.179895][ T3776] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2833.204990][ T3776] CPU: 0 PID: 3776 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2833.215362][ T3776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2833.225440][ T3776] Call Trace:
[ 2833.228735][ T3776]  <TASK>
[ 2833.231682][ T3776]  dump_stack_lvl+0xd1/0x138
[ 2833.236315][ T3776]  dump_header+0x10b/0x85f
[ 2833.240764][ T3776]  oom_kill_process.cold+0x10/0x15
[ 2833.245902][ T3776]  out_of_memory+0x35c/0x14a0
[ 2833.250599][ T3776]  ? find_held_lock+0x2d/0x110
[ 2833.255402][ T3776]  ? oom_killer_disable+0x280/0x280
[ 2833.260628][ T3776]  ? find_held_lock+0x2d/0x110
[ 2833.265426][ T3776]  mem_cgroup_out_of_memory+0x206/0x270
[ 2833.270989][ T3776]  ? mem_cgroup_margin+0x130/0x130
[ 2833.276116][ T3776]  ? lock_downgrade+0x6e0/0x6e0
[ 2833.281017][ T3776]  try_charge_memcg+0xef8/0x12f0
[ 2833.285984][ T3776]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2833.291994][ T3776]  ? rcu_read_unlock+0x9/0x60
[ 2833.296682][ T3776]  ? lock_downgrade+0x6e0/0x6e0
[ 2833.301576][ T3776]  charge_memcg+0x99/0x3b0
[ 2833.306017][ T3776]  __mem_cgroup_charge+0x2b/0x90
[ 2833.310980][ T3776]  wp_page_copy+0x2bf/0x1ca0
[ 2833.315606][ T3776]  ? page_try_dup_anon_rmap.constprop.0+0xd10/0xd10
[ 2833.322225][ T3776]  ? lock_downgrade+0x6e0/0x6e0
[ 2833.327102][ T3776]  ? vm_normal_page+0x14a/0x2a0
[ 2833.331983][ T3776]  do_wp_page+0x1d1/0x1930
[ 2833.336417][ T3776]  __handle_mm_fault+0x181b/0x3a40
[ 2833.341553][ T3776]  ? vm_iomap_memory+0x190/0x190
[ 2833.346532][ T3776]  handle_mm_fault+0x1cc/0x780
[ 2833.351321][ T3776]  do_user_addr_fault+0x475/0x1210
[ 2833.356459][ T3776]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2833.362032][ T3776]  exc_page_fault+0x98/0x170
[ 2833.366642][ T3776]  asm_exc_page_fault+0x26/0x30
[ 2833.371518][ T3776] RIP: 0033:0x7f69a6639580
[ 2833.375945][ T3776] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48
[ 2833.395563][ T3776] RSP: 002b:00007ffea4dd30b0 EFLAGS: 00010246
[ 2833.401640][ T3776] RAX: 00000000abd0756a RBX: 00007f69a67ac018 RCX: 0000001b31f20000
[ 2833.409620][ T3776] RDX: 0000000000000000 RSI: 0000001b31f20018 RDI: 000000000a22cf67
[ 2833.417600][ T3776] RBP: 00000000abd0756a R08: 000000000000156a R09: 00000000abd0756e
[ 2833.425582][ T3776] R10: 00007ffea4dd3270 R11: 0000000000000246 R12: 00007f69a67a0000
[ 2833.433560][ T3776] R13: 0000000000000001 R14: 000000000000000c R15: ffffffff83cc98bf
[ 2833.441541][ T3776]  ? apparmor_socket_create+0xdf/0x660
[ 2833.447045][ T3776]  </TASK>
[ 2833.459434][ T3776] memory: usage 307200kB, limit 307200kB, failcnt 12744
[ 2833.471931][ T3776] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2833.479489][ T3776] Memory cgroup stats for /syz1:
[ 2833.479694][ T3776] anon 126976
[ 2833.479694][ T3776] file 393216
[ 2833.479694][ T3776] kernel 314032128
[ 2833.479694][ T3776] kernel_stack 65536
[ 2833.479694][ T3776] pagetables 73728
[ 2833.479694][ T3776] sec_pagetables 0
[ 2833.479694][ T3776] percpu 5356416
[ 2833.479694][ T3776] sock 0
[ 2833.479694][ T3776] vmalloc 0
[ 2833.479694][ T3776] shmem 385024
[ 2833.479694][ T3776] zswap 0
[ 2833.479694][ T3776] zswapped 0
[ 2833.479694][ T3776] file_mapped 385024
[ 2833.479694][ T3776] file_dirty 0
[ 2833.479694][ T3776] file_writeback 0
[ 2833.479694][ T3776] swapcached 0
[ 2833.479694][ T3776] anon_thp 0
[ 2833.479694][ T3776] file_thp 0
[ 2833.479694][ T3776] shmem_thp 0
[ 2833.479694][ T3776] inactive_anon 172032
[ 2833.479694][ T3776] active_anon 339968
[ 2833.479694][ T3776] inactive_file 0
[ 2833.479694][ T3776] active_file 8192
[ 2833.479694][ T3776] unevictable 0
[ 2833.479694][ T3776] slab_reclaimable 14584
10:16:37 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x8800, @local}]}, 0x48}}, 0x0)

[ 2833.479694][ T3776] slab_unreclaimable 308480136
[ 2833.482306][ T3760] device macvtap461 entered promiscuous mode
[ 2833.484941][ T3776] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3776,uid=0
[ 2833.604296][ T3776] Memory cgroup out of memory: Killed process 3776 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 2833.737622][ T3761] netlink: 'syz-executor.4': attribute type 15 has an invalid length.
[ 2833.750494][ T3782] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2833.772592][ T3782] CPU: 1 PID: 3782 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2833.782967][ T3782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2833.793047][ T3782] Call Trace:
[ 2833.796340][ T3782]  <TASK>
[ 2833.799293][ T3782]  dump_stack_lvl+0xd1/0x138
[ 2833.803923][ T3782]  dump_header+0x10b/0x85f
[ 2833.808369][ T3782]  oom_kill_process.cold+0x10/0x15
[ 2833.813503][ T3782]  out_of_memory+0x35c/0x14a0
[ 2833.818216][ T3782]  ? find_held_lock+0x2d/0x110
[ 2833.823025][ T3782]  ? oom_killer_disable+0x280/0x280
[ 2833.828267][ T3782]  ? find_held_lock+0x2d/0x110
[ 2833.833075][ T3782]  mem_cgroup_out_of_memory+0x206/0x270
[ 2833.838657][ T3782]  ? mem_cgroup_margin+0x130/0x130
[ 2833.839504][ T3761] device macvtap462 entered promiscuous mode
[ 2833.843777][ T3782]  ? lock_downgrade+0x6e0/0x6e0
[ 2833.843844][ T3782]  try_charge_memcg+0xef8/0x12f0
[ 2833.859627][ T3782]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2833.865652][ T3782]  ? rcu_read_unlock+0x9/0x60
[ 2833.870359][ T3782]  ? lock_downgrade+0x6e0/0x6e0
[ 2833.875263][ T3782]  charge_memcg+0x99/0x3b0
[ 2833.879705][ T3782]  __mem_cgroup_charge+0x2b/0x90
[ 2833.884678][ T3782]  wp_page_copy+0x2bf/0x1ca0
[ 2833.889329][ T3782]  ? page_try_dup_anon_rmap.constprop.0+0xd10/0xd10
[ 2833.895970][ T3782]  ? lock_downgrade+0x6e0/0x6e0
[ 2833.900868][ T3782]  ? vm_normal_page+0x14a/0x2a0
[ 2833.905767][ T3782]  do_wp_page+0x1d1/0x1930
[ 2833.910227][ T3782]  __handle_mm_fault+0x181b/0x3a40
[ 2833.915383][ T3782]  ? vm_iomap_memory+0x190/0x190
[ 2833.920382][ T3782]  handle_mm_fault+0x1cc/0x780
[ 2833.925182][ T3782]  do_user_addr_fault+0x475/0x1210
[ 2833.930336][ T3782]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2833.935930][ T3782]  exc_page_fault+0x98/0x170
[ 2833.940551][ T3782]  asm_exc_page_fault+0x26/0x30
[ 2833.945440][ T3782] RIP: 0033:0x7f69a6639580
[ 2833.949878][ T3782] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48
[ 2833.959653][   T29] oom_reaper: reaped process 3762 (syz-executor.2), now anon-rss:0kB, file-rss:8192kB, shmem-rss:8kB
[ 2833.969495][ T3782] RSP: 002b:00007ffea4dd30b0 EFLAGS: 00010246
10:16:38 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0x7bf, 0x1, @local}]}, 0x48}}, 0x0)

[ 2833.969522][ T3782] RAX: 0000000080c770a3 RBX: 00007f69a67ac018 RCX: 0000001b31f20000
[ 2833.969541][ T3782] RDX: 0000000000000000 RSI: 0000001b31f20018 RDI: 000000000a22ceb9
[ 2833.969559][ T3782] RBP: 0000000080c770a3 R08: 00000000000010a3 R09: 0000000080c770a7
[ 2833.969578][ T3782] R10: 00007ffea4dd3270 R11: 0000000000000246 R12: 00007f69a67a0000
[ 2833.969598][ T3782] R13: 0000000000000001 R14: 0000000000000011 R15: ffffffff83cc9a08
[ 2833.969617][ T3782]  ? apparmor_socket_create+0x228/0x660
[ 2833.969684][ T3782]  </TASK>
[ 2834.024219][ T3763] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2834.049532][ T3782] memory: usage 307200kB, limit 307200kB, failcnt 12830
[ 2834.056751][ T3782] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2834.065063][ T3782] Memory cgroup stats for /syz1:
[ 2834.065315][ T3782] anon 131072
[ 2834.065315][ T3782] file 393216
[ 2834.065315][ T3782] kernel 314048512
[ 2834.065315][ T3782] kernel_stack 65536
[ 2834.065315][ T3782] pagetables 73728
[ 2834.065315][ T3782] sec_pagetables 0
[ 2834.065315][ T3782] percpu 5356416
[ 2834.065315][ T3782] sock 0
[ 2834.065315][ T3782] vmalloc 0
[ 2834.065315][ T3782] shmem 385024
[ 2834.065315][ T3782] zswap 0
[ 2834.065315][ T3782] zswapped 0
[ 2834.065315][ T3782] file_mapped 385024
[ 2834.065315][ T3782] file_dirty 0
[ 2834.065315][ T3782] file_writeback 0
[ 2834.065315][ T3782] swapcached 0
[ 2834.065315][ T3782] anon_thp 0
[ 2834.065315][ T3782] file_thp 0
[ 2834.065315][ T3782] shmem_thp 0
[ 2834.065315][ T3782] inactive_anon 176128
[ 2834.065315][ T3782] active_anon 339968
[ 2834.065315][ T3782] inactive_file 4096
[ 2834.065315][ T3782] active_file 4096
[ 2834.065315][ T3782] unevictable 0
[ 2834.065315][ T3782] slab_reclaimable 14584
[ 2834.065315][ T3782] slab_unreclaimable 308491232
[ 2834.097605][ T3763] device bridge2111 entered promiscuous mode
10:16:38 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x8900, @local}]}, 0x48}}, 0x0)

[ 2834.175015][ T3782] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3782,uid=0
[ 2834.190751][ T3782] Memory cgroup out of memory: Killed process 3782 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
10:16:38 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3802}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2834.336605][ T3768] device macvtap2176 entered promiscuous mode
[ 2834.428095][ T3788] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2834.446800][ T3767] device macvtap2177 entered promiscuous mode
[ 2834.451682][ T3788] CPU: 0 PID: 3788 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2834.463233][ T3788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2834.473310][ T3788] Call Trace:
[ 2834.476639][ T3788]  <TASK>
[ 2834.479601][ T3788]  dump_stack_lvl+0xd1/0x138
[ 2834.484231][ T3788]  dump_header+0x10b/0x85f
[ 2834.488698][ T3788]  oom_kill_process.cold+0x10/0x15
[ 2834.493852][ T3788]  out_of_memory+0x35c/0x14a0
[ 2834.498571][ T3788]  ? find_held_lock+0x2d/0x110
[ 2834.503379][ T3788]  ? oom_killer_disable+0x280/0x280
[ 2834.508635][ T3788]  ? find_held_lock+0x2d/0x110
[ 2834.513454][ T3788]  mem_cgroup_out_of_memory+0x206/0x270
[ 2834.519038][ T3788]  ? mem_cgroup_margin+0x130/0x130
[ 2834.524182][ T3788]  ? lock_downgrade+0x6e0/0x6e0
[ 2834.529103][ T3788]  try_charge_memcg+0xef8/0x12f0
[ 2834.534082][ T3788]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2834.540068][ T3788]  ? rcu_read_unlock+0x9/0x60
[ 2834.544753][ T3788]  ? lock_downgrade+0x6e0/0x6e0
[ 2834.549644][ T3788]  charge_memcg+0x99/0x3b0
[ 2834.554100][ T3788]  __mem_cgroup_charge+0x2b/0x90
[ 2834.559080][ T3788]  wp_page_copy+0x2bf/0x1ca0
[ 2834.563733][ T3788]  ? page_try_dup_anon_rmap.constprop.0+0xd10/0xd10
[ 2834.570455][ T3788]  ? lock_downgrade+0x6e0/0x6e0
[ 2834.575350][ T3788]  ? vm_normal_page+0x14a/0x2a0
[ 2834.580228][ T3788]  do_wp_page+0x1d1/0x1930
[ 2834.584644][ T3788]  __handle_mm_fault+0x181b/0x3a40
[ 2834.589753][ T3788]  ? vm_iomap_memory+0x190/0x190
[ 2834.594701][ T3788]  handle_mm_fault+0x1cc/0x780
[ 2834.599482][ T3788]  do_user_addr_fault+0x475/0x1210
[ 2834.604632][ T3788]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2834.610223][ T3788]  exc_page_fault+0x98/0x170
[ 2834.614848][ T3788]  asm_exc_page_fault+0x26/0x30
[ 2834.619734][ T3788] RIP: 0033:0x7f8325a39580
[ 2834.624177][ T3788] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48
[ 2834.643811][ T3788] RSP: 002b:00007fff9cb6b200 EFLAGS: 00010246
[ 2834.649905][ T3788] RAX: 0000000017a21b3b RBX: 00007f8325bac018 RCX: 0000001b2d620000
[ 2834.657899][ T3788] RDX: 0000000000000000 RSI: 0000001b2d620018 RDI: 000000000c50288f
[ 2834.665892][ T3788] RBP: 0000000017a21b3b R08: 0000000000001b3b R09: 0000000017a21b3f
[ 2834.673889][ T3788] R10: 00007fff9cb6b3c0 R11: 0000000000000246 R12: 00007f8325ba0000
[ 2834.681886][ T3788] R13: 0000000000000001 R14: 0000000000000001 R15: ffffffff87aa736c
[ 2834.689879][ T3788]  ? __sys_socket+0x7c/0x250
[ 2834.694530][ T3788]  </TASK>
[ 2834.702783][ T3788] memory: usage 307192kB, limit 307200kB, failcnt 66542
[ 2834.709942][ T3788] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2834.716926][ T3788] Memory cgroup stats for /syz2:
[ 2834.717159][ T3788] anon 106496
[ 2834.717159][ T3788] file 417792
[ 2834.717159][ T3788] kernel 314040320
[ 2834.717159][ T3788] kernel_stack 65536
[ 2834.717159][ T3788] pagetables 69632
[ 2834.717159][ T3788] sec_pagetables 0
[ 2834.717159][ T3788] percpu 5358784
[ 2834.717159][ T3788] sock 0
[ 2834.717159][ T3788] vmalloc 0
[ 2834.717159][ T3788] shmem 417792
[ 2834.717159][ T3788] zswap 0
[ 2834.717159][ T3788] zswapped 0
[ 2834.717159][ T3788] file_mapped 417792
[ 2834.717159][ T3788] file_dirty 0
[ 2834.717159][ T3788] file_writeback 0
[ 2834.717159][ T3788] swapcached 0
[ 2834.717159][ T3788] anon_thp 0
[ 2834.717159][ T3788] file_thp 0
[ 2834.717159][ T3788] shmem_thp 0
[ 2834.717159][ T3788] inactive_anon 110592
[ 2834.717159][ T3788] active_anon 413696
[ 2834.717159][ T3788] inactive_file 0
[ 2834.717159][ T3788] active_file 0
[ 2834.717159][ T3788] unevictable 0
[ 2834.717159][ T3788] slab_reclaimable 12352
[ 2834.717159][ T3788] slab_unreclaimable 308507888
10:16:39 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0xf803}, 0x0)

[ 2834.849486][ T3773] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2834.884765][ T3773] device bridge1327 entered promiscuous mode
[ 2834.944731][ T3788] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3788,uid=0
[ 2834.962237][ T3788] Memory cgroup out of memory: Killed process 3788 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2834.992895][ T3789] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2834.998707][ T3774] device macvtap1318 entered promiscuous mode
[ 2835.004245][ T3789] CPU: 0 PID: 3789 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2835.019510][ T3789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2835.029586][ T3789] Call Trace:
[ 2835.032881][ T3789]  <TASK>
[ 2835.035825][ T3789]  dump_stack_lvl+0xd1/0x138
[ 2835.037116][ T3775] netlink: 'syz-executor.0': attribute type 10 has an invalid length.
[ 2835.040428][ T3789]  dump_header+0x10b/0x85f
[ 2835.040467][ T3789]  oom_kill_process.cold+0x10/0x15
[ 2835.040503][ T3789]  out_of_memory+0x35c/0x14a0
[ 2835.062862][ T3789]  ? find_held_lock+0x2d/0x110
[ 2835.067657][ T3789]  ? oom_killer_disable+0x280/0x280
[ 2835.072882][ T3789]  ? find_held_lock+0x2d/0x110
[ 2835.077680][ T3789]  mem_cgroup_out_of_memory+0x206/0x270
[ 2835.083422][ T3789]  ? mem_cgroup_margin+0x130/0x130
[ 2835.088636][ T3789]  ? lock_downgrade+0x6e0/0x6e0
[ 2835.093531][ T3789]  try_charge_memcg+0xef8/0x12f0
[ 2835.098500][ T3789]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2835.104509][ T3789]  ? rcu_read_unlock+0x9/0x60
[ 2835.109201][ T3789]  ? lock_downgrade+0x6e0/0x6e0
[ 2835.114096][ T3789]  charge_memcg+0x99/0x3b0
[ 2835.118537][ T3789]  __mem_cgroup_charge+0x2b/0x90
[ 2835.123502][ T3789]  wp_page_copy+0x2bf/0x1ca0
[ 2835.128132][ T3789]  ? page_try_dup_anon_rmap.constprop.0+0xd10/0xd10
[ 2835.134926][ T3789]  ? lock_downgrade+0x6e0/0x6e0
[ 2835.139805][ T3789]  ? vm_normal_page+0x14a/0x2a0
[ 2835.144685][ T3789]  do_wp_page+0x1d1/0x1930
[ 2835.149126][ T3789]  __handle_mm_fault+0x181b/0x3a40
[ 2835.154272][ T3789]  ? vm_iomap_memory+0x190/0x190
[ 2835.159272][ T3789]  handle_mm_fault+0x1cc/0x780
[ 2835.164245][ T3789]  do_user_addr_fault+0x475/0x1210
[ 2835.169400][ T3789]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2835.174983][ T3789]  exc_page_fault+0x98/0x170
[ 2835.179594][ T3789]  asm_exc_page_fault+0x26/0x30
[ 2835.184467][ T3789] RIP: 0033:0x7f69a6639580
[ 2835.188902][ T3789] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48
[ 2835.208530][ T3789] RSP: 002b:00007ffea4dd30b0 EFLAGS: 00010246
[ 2835.214628][ T3789] RAX: 0000000080c770a3 RBX: 00007f69a67ac018 RCX: 0000001b31f20000
[ 2835.222614][ T3789] RDX: 0000000000000000 RSI: 0000001b31f20018 RDI: 000000000a22ceb9
[ 2835.230595][ T3789] RBP: 0000000080c770a3 R08: 00000000000010a3 R09: 0000000080c770a7
10:16:39 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3803}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2835.238576][ T3789] R10: 00007ffea4dd3270 R11: 0000000000000246 R12: 00007f69a67a0000
[ 2835.246563][ T3789] R13: 0000000000000001 R14: 0000000000000011 R15: ffffffff83cc9a08
[ 2835.254549][ T3789]  ? apparmor_socket_create+0x228/0x660
[ 2835.260148][ T3789]  </TASK>
[ 2835.276323][ T3789] memory: usage 307184kB, limit 307200kB, failcnt 12966
[ 2835.295316][ T3789] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2835.311637][ T3789] Memory cgroup stats for /syz1:
[ 2835.311834][ T3789] anon 131072
[ 2835.311834][ T3789] file 393216
[ 2835.311834][ T3789] kernel 314032128
[ 2835.311834][ T3789] kernel_stack 65536
[ 2835.311834][ T3789] pagetables 73728
[ 2835.311834][ T3789] sec_pagetables 0
[ 2835.311834][ T3789] percpu 5356416
[ 2835.311834][ T3789] sock 0
[ 2835.311834][ T3789] vmalloc 0
[ 2835.311834][ T3789] shmem 385024
[ 2835.311834][ T3789] zswap 0
[ 2835.311834][ T3789] zswapped 0
[ 2835.311834][ T3789] file_mapped 385024
[ 2835.311834][ T3789] file_dirty 0
[ 2835.311834][ T3789] file_writeback 0
[ 2835.311834][ T3789] swapcached 0
[ 2835.311834][ T3789] anon_thp 0
[ 2835.311834][ T3789] file_thp 0
[ 2835.311834][ T3789] shmem_thp 0
[ 2835.311834][ T3789] inactive_anon 176128
[ 2835.311834][ T3789] active_anon 339968
[ 2835.311834][ T3789] inactive_file 0
[ 2835.311834][ T3789] active_file 8192
[ 2835.311834][ T3789] unevictable 0
[ 2835.311834][ T3789] slab_reclaimable 14584
[ 2835.311834][ T3789] slab_unreclaimable 308479832
[ 2835.317029][ T3775] device macvtap1319 entered promiscuous mode
[ 2835.462142][ T3789] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3789,uid=0
[ 2835.478247][ T3789] Memory cgroup out of memory: Killed process 3789 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 2835.505880][ T3796] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2835.525305][ T3796] CPU: 0 PID: 3796 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2835.535668][ T3796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2835.545746][ T3796] Call Trace:
[ 2835.549041][ T3796]  <TASK>
[ 2835.551989][ T3796]  dump_stack_lvl+0xd1/0x138
[ 2835.556623][ T3796]  dump_header+0x10b/0x85f
10:16:39 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x8a00, @local}]}, 0x48}}, 0x0)

[ 2835.561077][ T3796]  oom_kill_process.cold+0x10/0x15
[ 2835.566228][ T3796]  out_of_memory+0x35c/0x14a0
[ 2835.570954][ T3796]  ? find_held_lock+0x2d/0x110
[ 2835.575763][ T3796]  ? oom_killer_disable+0x280/0x280
[ 2835.581003][ T3796]  ? find_held_lock+0x2d/0x110
[ 2835.585812][ T3796]  mem_cgroup_out_of_memory+0x206/0x270
[ 2835.591393][ T3796]  ? mem_cgroup_margin+0x130/0x130
[ 2835.596561][ T3796]  ? lock_downgrade+0x6e0/0x6e0
[ 2835.601483][ T3796]  try_charge_memcg+0xef8/0x12f0
[ 2835.606473][ T3796]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2835.612507][ T3796]  ? rcu_read_unlock+0x9/0x60
[ 2835.617215][ T3796]  ? lock_downgrade+0x6e0/0x6e0
[ 2835.622130][ T3796]  charge_memcg+0x99/0x3b0
[ 2835.626593][ T3796]  __mem_cgroup_charge+0x2b/0x90
[ 2835.631588][ T3796]  wp_page_copy+0x2bf/0x1ca0
[ 2835.636252][ T3796]  ? page_try_dup_anon_rmap.constprop.0+0xd10/0xd10
[ 2835.642890][ T3796]  ? lock_downgrade+0x6e0/0x6e0
[ 2835.647791][ T3796]  ? vm_normal_page+0x14a/0x2a0
[ 2835.652693][ T3796]  do_wp_page+0x538/0x1930
[ 2835.657149][ T3796]  __handle_mm_fault+0x181b/0x3a40
[ 2835.662307][ T3796]  ? vm_iomap_memory+0x190/0x190
[ 2835.667307][ T3796]  handle_mm_fault+0x1cc/0x780
[ 2835.672111][ T3796]  do_user_addr_fault+0x475/0x1210
[ 2835.677266][ T3796]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2835.682868][ T3796]  exc_page_fault+0x98/0x170
[ 2835.687492][ T3796]  asm_exc_page_fault+0x26/0x30
[ 2835.692394][ T3796] RIP: 0033:0x7f8325a36655
[ 2835.696832][ T3796] Code: 0f 1f 44 00 00 48 8b 57 18 48 83 fa ff 74 22 48 81 fa e7 03 00 00 0f 87 ee 00 00 00 48 c1 e2 04 48 8d 0d 6e 1a 17 00 48 01 ca <c6> 02 01 48 89 42 08 48 8b 0d 1d 73 17 00 48 8b 53 10 4c 8d 81 00
[ 2835.716470][ T3796] RSP: 002b:00007fff9cb6b2b0 EFLAGS: 00010206
[ 2835.722572][ T3796] RAX: 0000000000000003 RBX: 00007f8325babf80 RCX: 00007f8325ba80c0
[ 2835.730581][ T3796] RDX: 00007f8325ba80c0 RSI: 0000000000000080 RDI: 00007f8325babf80
[ 2835.738578][ T3796] RBP: 00007f8325babf80 R08: 00007fff9cb80080 R09: 0000000000000000
[ 2835.746573][ T3796] R10: 00007fff9cb6b3c0 R11: 0000000000000246 R12: 00000000002b4409
[ 2835.754566][ T3796] R13: 00007fff9cb6b3c0 R14: 00007f8325babf80 R15: 0000000000000032
[ 2835.762566][ T3796]  </TASK>
[ 2835.775195][ T3796] memory: usage 307200kB, limit 307200kB, failcnt 66637
[ 2835.782460][ T3779] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2835.782504][ T3796] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2835.782533][ T3796] Memory cgroup stats for /syz2:
[ 2835.799717][ T3796] anon 98304
[ 2835.799717][ T3796] file 417792
[ 2835.799717][ T3796] kernel 314056704
[ 2835.799717][ T3796] kernel_stack 65536
[ 2835.799717][ T3796] pagetables 69632
[ 2835.799717][ T3796] sec_pagetables 0
[ 2835.799717][ T3796] percpu 5358784
[ 2835.799717][ T3796] sock 0
[ 2835.799717][ T3796] vmalloc 0
[ 2835.799717][ T3796] shmem 417792
[ 2835.799717][ T3796] zswap 0
[ 2835.799717][ T3796] zswapped 0
[ 2835.799717][ T3796] file_mapped 417792
[ 2835.799717][ T3796] file_dirty 0
[ 2835.799717][ T3796] file_writeback 0
[ 2835.799717][ T3796] swapcached 0
[ 2835.799717][ T3796] anon_thp 0
[ 2835.799717][ T3796] file_thp 0
[ 2835.799717][ T3796] shmem_thp 0
[ 2835.799717][ T3796] inactive_anon 102400
[ 2835.799717][ T3796] active_anon 413696
[ 2835.799717][ T3796] inactive_file 0
[ 2835.799717][ T3796] active_file 0
[ 2835.799717][ T3796] unevictable 0
[ 2835.799717][ T3796] slab_reclaimable 12352
[ 2835.799717][ T3796] slab_unreclaimable 308519288
[ 2835.840721][ T3779] device bridge535 entered promiscuous mode
[ 2835.897633][ T3796] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3796,uid=0
10:16:40 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x2e02}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

10:16:40 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3900}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2835.940788][ T1243] ieee802154 phy0 wpan0: encryption failed: -22
[ 2835.947174][ T1243] ieee802154 phy1 wpan1: encryption failed: -22
[ 2835.969591][ T3796] Memory cgroup out of memory: Killed process 3796 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2836.039201][ T3780] device macvtap564 entered promiscuous mode
[ 2836.088604][ T3781] device macvtap565 entered promiscuous mode
[ 2836.089833][ T3798] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2836.123261][ T3798] CPU: 1 PID: 3798 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2836.133628][ T3798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2836.143711][ T3798] Call Trace:
[ 2836.147012][ T3798]  <TASK>
[ 2836.149964][ T3798]  dump_stack_lvl+0xd1/0x138
[ 2836.154598][ T3798]  dump_header+0x10b/0x85f
[ 2836.159061][ T3798]  oom_kill_process.cold+0x10/0x15
[ 2836.164194][ T3798]  out_of_memory+0x35c/0x14a0
[ 2836.168899][ T3798]  ? find_held_lock+0x2d/0x110
[ 2836.173706][ T3798]  ? oom_killer_disable+0x280/0x280
[ 2836.178943][ T3798]  ? find_held_lock+0x2d/0x110
[ 2836.183746][ T3798]  mem_cgroup_out_of_memory+0x206/0x270
[ 2836.189307][ T3798]  ? mem_cgroup_margin+0x130/0x130
[ 2836.194434][ T3798]  ? lock_downgrade+0x6e0/0x6e0
[ 2836.199331][ T3798]  try_charge_memcg+0xef8/0x12f0
[ 2836.204300][ T3798]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2836.210304][ T3798]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2836.216041][ T3798]  ? lock_downgrade+0x6e0/0x6e0
[ 2836.220942][ T3798]  obj_cgroup_charge+0x2af/0x5e0
[ 2836.225913][ T3798]  ? __anon_vma_prepare+0x64/0x580
[ 2836.231039][ T3798]  kmem_cache_alloc+0xa3/0x3d0
[ 2836.235827][ T3798]  __anon_vma_prepare+0x64/0x580
[ 2836.240778][ T3798]  ? __pmd_alloc+0x30c/0x5d0
[ 2836.245386][ T3798]  __handle_mm_fault+0x35bc/0x3a40
[ 2836.250521][ T3798]  ? vm_iomap_memory+0x190/0x190
[ 2836.255500][ T3798]  handle_mm_fault+0x1cc/0x780
[ 2836.260285][ T3798]  do_user_addr_fault+0x475/0x1210
[ 2836.265419][ T3798]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2836.271002][ T3798]  exc_page_fault+0x98/0x170
[ 2836.275611][ T3798]  asm_exc_page_fault+0x26/0x30
[ 2836.280486][ T3798] RIP: 0033:0x7f69a662bd79
[ 2836.284912][ T3798] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2836.304534][ T3798] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2836.310614][ T3798] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2836.318593][ T3798] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2836.326573][ T3798] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2836.334552][ T3798] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b4625
[ 2836.342531][ T3798] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2836.350529][ T3798]  </TASK>
[ 2836.362017][ T3798] memory: usage 307184kB, limit 307200kB, failcnt 13094
[ 2836.383048][ T3798] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2836.391194][ T3798] Memory cgroup stats for /syz1:
[ 2836.391271][ T3785] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2836.391591][ T3798] anon 135168
[ 2836.391591][ T3798] file 393216
[ 2836.391591][ T3798] kernel 314028032
[ 2836.391591][ T3798] kernel_stack 65536
[ 2836.391591][ T3798] pagetables 81920
[ 2836.391591][ T3798] sec_pagetables 0
[ 2836.391591][ T3798] percpu 5356416
[ 2836.391591][ T3798] sock 0
[ 2836.391591][ T3798] vmalloc 0
[ 2836.391591][ T3798] shmem 385024
[ 2836.391591][ T3798] zswap 0
[ 2836.391591][ T3798] zswapped 0
[ 2836.391591][ T3798] file_mapped 385024
[ 2836.391591][ T3798] file_dirty 0
[ 2836.391591][ T3798] file_writeback 0
[ 2836.391591][ T3798] swapcached 0
[ 2836.391591][ T3798] anon_thp 0
[ 2836.391591][ T3798] file_thp 0
[ 2836.391591][ T3798] shmem_thp 0
[ 2836.391591][ T3798] inactive_anon 180224
[ 2836.391591][ T3798] active_anon 339968
[ 2836.391591][ T3798] inactive_file 4096
[ 2836.391591][ T3798] active_file 4096
[ 2836.391591][ T3798] unevictable 0
[ 2836.391591][ T3798] slab_reclaimable 16512
10:16:40 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x3f00}, 0x0)

[ 2836.391591][ T3798] slab_unreclaimable 308469384
[ 2836.456301][ T3785] device bridge447 entered promiscuous mode
[ 2836.515279][ T3798] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3798,uid=0
10:16:40 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x8b00, @local}]}, 0x48}}, 0x0)

[ 2836.531839][ T3798] Memory cgroup out of memory: Killed process 3798 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2836.552760][ T3802] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2836.573287][ T3802] CPU: 1 PID: 3802 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2836.583657][ T3802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2836.593732][ T3802] Call Trace:
[ 2836.597028][ T3802]  <TASK>
[ 2836.599985][ T3802]  dump_stack_lvl+0xd1/0x138
[ 2836.604605][ T3802]  dump_header+0x10b/0x85f
[ 2836.609061][ T3802]  oom_kill_process.cold+0x10/0x15
[ 2836.614206][ T3802]  out_of_memory+0x35c/0x14a0
[ 2836.618916][ T3802]  ? oom_killer_disable+0x280/0x280
[ 2836.624136][ T3802]  ? find_held_lock+0x2d/0x110
[ 2836.628939][ T3802]  mem_cgroup_out_of_memory+0x206/0x270
[ 2836.634505][ T3802]  ? mem_cgroup_margin+0x130/0x130
[ 2836.639632][ T3802]  ? lock_downgrade+0x6e0/0x6e0
[ 2836.644529][ T3802]  try_charge_memcg+0xef8/0x12f0
[ 2836.649498][ T3802]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2836.655541][ T3802]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2836.661286][ T3802]  ? lock_downgrade+0x6e0/0x6e0
[ 2836.666178][ T3802]  ? lock_downgrade+0x6e0/0x6e0
[ 2836.671764][ T3802]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2836.677337][ T3802]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2836.683525][ T3802]  copy_process+0x73e/0x7190
[ 2836.688137][ T3802]  ? __lock_acquire+0xbc3/0x56d0
[ 2836.693115][ T3802]  ? __cleanup_sighand+0xb0/0xb0
[ 2836.698068][ T3802]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2836.704079][ T3802]  ? psi_memstall_leave+0x174/0x250
[ 2836.709307][ T3802]  kernel_clone+0xeb/0x980
[ 2836.713742][ T3802]  ? create_io_thread+0xf0/0xf0
[ 2836.718615][ T3802]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2836.724884][ T3802]  ? lock_downgrade+0x6e0/0x6e0
[ 2836.729778][ T3802]  __do_sys_clone+0xba/0x100
[ 2836.734387][ T3802]  ? kernel_clone+0x980/0x980
[ 2836.739097][ T3802]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2836.745016][ T3802]  do_syscall_64+0x39/0xb0
[ 2836.749457][ T3802]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2836.755371][ T3802] RIP: 0033:0x7f8325a8d501
[ 2836.759798][ T3802] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2836.779419][ T3802] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2836.787847][ T3802] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2836.795828][ T3802] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2836.803820][ T3802] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2836.811802][ T3802] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2836.819782][ T3802] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2836.827781][ T3802]  </TASK>
[ 2836.848613][ T3802] memory: usage 307200kB, limit 307200kB, failcnt 66734
[ 2836.855688][ T3802] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2836.863574][ T3802] Memory cgroup stats for /syz2:
[ 2836.863746][ T3802] anon 90112
[ 2836.863746][ T3802] file 417792
[ 2836.863746][ T3802] kernel 314064896
[ 2836.863746][ T3802] kernel_stack 32768
[ 2836.863746][ T3802] pagetables 69632
[ 2836.863746][ T3802] sec_pagetables 0
[ 2836.863746][ T3802] percpu 5358784
[ 2836.863746][ T3802] sock 0
[ 2836.863746][ T3802] vmalloc 0
[ 2836.863746][ T3802] shmem 417792
[ 2836.863746][ T3802] zswap 0
[ 2836.863746][ T3802] zswapped 0
[ 2836.863746][ T3802] file_mapped 417792
[ 2836.863746][ T3802] file_dirty 0
[ 2836.863746][ T3802] file_writeback 0
[ 2836.863746][ T3802] swapcached 0
[ 2836.863746][ T3802] anon_thp 0
[ 2836.863746][ T3802] file_thp 0
[ 2836.863746][ T3802] shmem_thp 0
[ 2836.863746][ T3802] inactive_anon 94208
[ 2836.863746][ T3802] active_anon 413696
[ 2836.863746][ T3802] inactive_file 0
[ 2836.863746][ T3802] active_file 0
[ 2836.863746][ T3802] unevictable 0
[ 2836.863746][ T3802] slab_reclaimable 10424
[ 2836.863746][ T3802] slab_unreclaimable 308529576
[ 2836.906817][ T3786] device macvtap463 entered promiscuous mode
[ 2836.967006][ T3802] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3802,uid=0
[ 2836.983023][ T3802] Memory cgroup out of memory: Killed process 3802 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
10:16:41 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3901}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2837.023741][ T3807] syz-executor.1 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[ 2837.051415][ T3807] CPU: 1 PID: 3807 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2837.061775][ T3807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2837.071853][ T3807] Call Trace:
[ 2837.075155][ T3807]  <TASK>
[ 2837.078107][ T3807]  dump_stack_lvl+0xd1/0x138
[ 2837.082738][ T3807]  dump_header+0x10b/0x85f
[ 2837.087193][ T3807]  oom_kill_process.cold+0x10/0x15
[ 2837.089159][ T3787] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2837.092322][ T3807]  out_of_memory+0x35c/0x14a0
[ 2837.092367][ T3807]  ? find_held_lock+0x2d/0x110
[ 2837.111109][ T3807]  ? oom_killer_disable+0x280/0x280
[ 2837.116329][ T3807]  ? find_held_lock+0x2d/0x110
[ 2837.121215][ T3807]  mem_cgroup_out_of_memory+0x206/0x270
[ 2837.124618][ T3787] device macvtap464 entered promiscuous mode
[ 2837.126769][ T3807]  ? mem_cgroup_margin+0x130/0x130
[ 2837.126803][ T3807]  ? lock_downgrade+0x6e0/0x6e0
[ 2837.142814][ T3807]  try_charge_memcg+0xef8/0x12f0
[ 2837.147800][ T3807]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2837.153822][ T3807]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2837.159578][ T3807]  ? lock_downgrade+0x6e0/0x6e0
[ 2837.164474][ T3807]  ? lock_downgrade+0x6e0/0x6e0
10:16:41 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x2e02}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2837.169390][ T3807]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2837.174982][ T3807]  __alloc_pages+0x1f3/0x5b0
[ 2837.179616][ T3807]  ? __alloc_pages_slowpath.constprop.0+0x23d0/0x23d0
[ 2837.186435][ T3807]  ? find_held_lock+0x2d/0x110
[ 2837.191250][ T3807]  alloc_pages+0x1aa/0x270
[ 2837.195711][ T3807]  pte_alloc_one+0x1a/0x230
[ 2837.200255][ T3807]  __pte_alloc+0x6d/0x260
[ 2837.204631][ T3807]  ? pmd_install+0x160/0x160
[ 2837.209267][ T3807]  ? hugepage_vma_check+0x24e/0x830
[ 2837.214502][ T3807]  ? _raw_spin_unlock+0x28/0x40
[ 2837.219385][ T3807]  ? __pmd_alloc+0x30c/0x5d0
[ 2837.224007][ T3807]  __handle_mm_fault+0x3527/0x3a40
[ 2837.229157][ T3807]  ? vm_iomap_memory+0x190/0x190
[ 2837.234158][ T3807]  handle_mm_fault+0x1cc/0x780
[ 2837.238961][ T3807]  do_user_addr_fault+0x475/0x1210
[ 2837.244111][ T3807]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2837.249714][ T3807]  exc_page_fault+0x98/0x170
[ 2837.254341][ T3807]  asm_exc_page_fault+0x26/0x30
[ 2837.255266][ T3814] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2837.259210][ T3807] RIP: 0033:0x7f69a662bd79
[ 2837.259237][ T3807] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2837.259264][ T3807] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2837.259288][ T3807] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2837.259308][ T3807] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2837.259326][ T3807] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2837.259345][ T3807] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b49d6
[ 2837.259364][ T3807] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2837.259406][ T3807]  </TASK>
[ 2837.268113][ T3807] memory: usage 307200kB, limit 307200kB, failcnt 13152
[ 2837.350060][ T3807] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2837.352315][ T3814] device bridge448 entered promiscuous mode
[ 2837.358725][ T3807] Memory cgroup stats for /syz1:
[ 2837.363367][ T3807] anon 135168
[ 2837.363367][ T3807] file 393216
[ 2837.363367][ T3807] kernel 314044416
[ 2837.363367][ T3807] kernel_stack 65536
[ 2837.363367][ T3807] pagetables 77824
[ 2837.363367][ T3807] sec_pagetables 0
[ 2837.363367][ T3807] percpu 5356416
[ 2837.363367][ T3807] sock 0
[ 2837.363367][ T3807] vmalloc 0
[ 2837.363367][ T3807] shmem 385024
[ 2837.363367][ T3807] zswap 0
[ 2837.363367][ T3807] zswapped 0
[ 2837.363367][ T3807] file_mapped 385024
[ 2837.363367][ T3807] file_dirty 0
[ 2837.363367][ T3807] file_writeback 0
[ 2837.363367][ T3807] swapcached 0
[ 2837.363367][ T3807] anon_thp 0
[ 2837.363367][ T3807] file_thp 0
[ 2837.363367][ T3807] shmem_thp 0
[ 2837.363367][ T3807] inactive_anon 180224
[ 2837.363367][ T3807] active_anon 339968
[ 2837.363367][ T3807] inactive_file 0
[ 2837.363367][ T3807] active_file 8192
[ 2837.363367][ T3807] unevictable 0
[ 2837.363367][ T3807] slab_reclaimable 16512
[ 2837.363367][ T3807] slab_unreclaimable 308480480
[ 2837.408337][ T3793] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2837.478424][ T3807] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3807,uid=0
[ 2837.495328][ T3807] Memory cgroup out of memory: Killed process 3807 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[ 2837.515213][ T3793] device bridge1787 entered promiscuous mode
[ 2837.565993][ T3811] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2837.584834][ T3811] CPU: 0 PID: 3811 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2837.595200][ T3811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2837.605277][ T3811] Call Trace:
[ 2837.608574][ T3811]  <TASK>
[ 2837.611527][ T3811]  dump_stack_lvl+0xd1/0x138
[ 2837.616162][ T3811]  dump_header+0x10b/0x85f
[ 2837.620617][ T3811]  oom_kill_process.cold+0x10/0x15
[ 2837.625769][ T3811]  out_of_memory+0x35c/0x14a0
[ 2837.630490][ T3811]  ? find_held_lock+0x2d/0x110
[ 2837.635297][ T3811]  ? oom_killer_disable+0x280/0x280
[ 2837.640537][ T3811]  ? find_held_lock+0x2d/0x110
[ 2837.645351][ T3811]  mem_cgroup_out_of_memory+0x206/0x270
[ 2837.650935][ T3811]  ? mem_cgroup_margin+0x130/0x130
[ 2837.656077][ T3811]  ? lock_downgrade+0x6e0/0x6e0
[ 2837.660993][ T3811]  try_charge_memcg+0xef8/0x12f0
[ 2837.665979][ T3811]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2837.672087][ T3811]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2837.677840][ T3811]  ? lock_downgrade+0x6e0/0x6e0
[ 2837.682722][ T3811]  ? lock_downgrade+0x6e0/0x6e0
[ 2837.685708][ T3794] device macvtap2177 entered promiscuous mode
[ 2837.687604][ T3811]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2837.687650][ T3811]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2837.687686][ T3811]  copy_process+0x73e/0x7190
[ 2837.687721][ T3811]  ? __lock_acquire+0xbc3/0x56d0
[ 2837.687777][ T3811]  ? __cleanup_sighand+0xb0/0xb0
[ 2837.687809][ T3811]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2837.687859][ T3811]  ? psi_memstall_leave+0x174/0x250
[ 2837.687906][ T3811]  kernel_clone+0xeb/0x980
[ 2837.687941][ T3811]  ? create_io_thread+0xf0/0xf0
[ 2837.687976][ T3811]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2837.688010][ T3811]  ? lock_downgrade+0x6e0/0x6e0
[ 2837.688069][ T3811]  __do_sys_clone+0xba/0x100
[ 2837.688100][ T3811]  ? kernel_clone+0x980/0x980
[ 2837.688149][ T3811]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2837.688190][ T3811]  do_syscall_64+0x39/0xb0
[ 2837.688227][ T3811]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2837.688264][ T3811] RIP: 0033:0x7f8325a8d501
[ 2837.688286][ T3811] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2837.688312][ T3811] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
10:16:41 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x8c00, @local}]}, 0x48}}, 0x0)

[ 2837.688338][ T3811] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2837.688356][ T3811] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2837.688373][ T3811] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2837.688398][ T3811] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2837.688415][ T3811] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2837.688456][ T3811]  </TASK>
[ 2837.898891][ T3795] device macvtap2178 entered promiscuous mode
[ 2837.905967][ T3811] memory: usage 307200kB, limit 307200kB, failcnt 66853
[ 2837.917538][ T3811] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2837.924420][ T3811] Memory cgroup stats for /syz2:
[ 2837.924652][ T3811] anon 90112
[ 2837.924652][ T3811] file 417792
[ 2837.924652][ T3811] kernel 314064896
[ 2837.924652][ T3811] kernel_stack 32768
[ 2837.924652][ T3811] pagetables 69632
[ 2837.924652][ T3811] sec_pagetables 0
[ 2837.924652][ T3811] percpu 5358784
[ 2837.924652][ T3811] sock 0
[ 2837.924652][ T3811] vmalloc 0
[ 2837.924652][ T3811] shmem 417792
[ 2837.924652][ T3811] zswap 0
[ 2837.924652][ T3811] zswapped 0
[ 2837.924652][ T3811] file_mapped 417792
[ 2837.924652][ T3811] file_dirty 0
[ 2837.924652][ T3811] file_writeback 0
[ 2837.924652][ T3811] swapcached 0
[ 2837.924652][ T3811] anon_thp 0
[ 2837.924652][ T3811] file_thp 0
[ 2837.924652][ T3811] shmem_thp 0
[ 2837.924652][ T3811] inactive_anon 94208
[ 2837.924652][ T3811] active_anon 413696
[ 2837.924652][ T3811] inactive_file 0
[ 2837.924652][ T3811] active_file 0
[ 2837.924652][ T3811] unevictable 0
[ 2837.924652][ T3811] slab_reclaimable 10424
[ 2837.924652][ T3811] slab_unreclaimable 308529576
[ 2838.041103][ T3811] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3811,uid=0
[ 2838.057344][ T3811] Memory cgroup out of memory: Killed process 3811 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
10:16:42 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3902}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

10:16:42 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0xfd01}, 0x0)

[ 2838.090382][ T3801] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2838.186512][ T3801] device bridge1328 entered promiscuous mode
[ 2838.194032][ T3819] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2838.204761][ T3819] CPU: 0 PID: 3819 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2838.215118][ T3819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2838.225196][ T3819] Call Trace:
[ 2838.228495][ T3819]  <TASK>
[ 2838.231442][ T3819]  dump_stack_lvl+0xd1/0x138
[ 2838.236069][ T3819]  dump_header+0x10b/0x85f
[ 2838.240524][ T3819]  oom_kill_process.cold+0x10/0x15
[ 2838.245666][ T3819]  out_of_memory+0x35c/0x14a0
[ 2838.250376][ T3819]  ? find_held_lock+0x2d/0x110
[ 2838.255174][ T3819]  ? oom_killer_disable+0x280/0x280
[ 2838.260405][ T3819]  ? find_held_lock+0x2d/0x110
[ 2838.265234][ T3819]  mem_cgroup_out_of_memory+0x206/0x270
[ 2838.270813][ T3819]  ? mem_cgroup_margin+0x130/0x130
[ 2838.275950][ T3819]  ? lock_downgrade+0x6e0/0x6e0
[ 2838.280853][ T3819]  try_charge_memcg+0xef8/0x12f0
[ 2838.282217][ T3803] device macvtap1319 entered promiscuous mode
[ 2838.285820][ T3819]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2838.285863][ T3819]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2838.303633][ T3819]  ? lock_downgrade+0x6e0/0x6e0
[ 2838.308524][ T3819]  ? lock_downgrade+0x6e0/0x6e0
[ 2838.313424][ T3819]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2838.318997][ T3819]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2838.325177][ T3819]  copy_process+0x73e/0x7190
[ 2838.329782][ T3819]  ? wp_page_copy+0x311/0x1ca0
[ 2838.334593][ T3819]  ? __cleanup_sighand+0xb0/0xb0
[ 2838.339555][ T3819]  ? do_wp_page+0x1d9/0x1930
[ 2838.344162][ T3819]  kernel_clone+0xeb/0x980
[ 2838.348598][ T3819]  ? create_io_thread+0xf0/0xf0
[ 2838.353471][ T3819]  ? find_held_lock+0x2d/0x110
[ 2838.358269][ T3819]  __do_sys_clone+0xba/0x100
[ 2838.362875][ T3819]  ? kernel_clone+0x980/0x980
[ 2838.367581][ T3819]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2838.373497][ T3819]  do_syscall_64+0x39/0xb0
[ 2838.377937][ T3819]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2838.383852][ T3819] RIP: 0033:0x7f8325a8d501
[ 2838.388277][ T3819] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2838.407901][ T3819] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2838.416325][ T3819] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2838.424313][ T3819] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2838.432294][ T3819] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2838.440276][ T3819] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2838.448254][ T3819] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2838.456250][ T3819]  </TASK>
[ 2838.463473][ T3819] memory: usage 307188kB, limit 307200kB, failcnt 66930
[ 2838.472674][ T3819] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2838.480678][ T3819] Memory cgroup stats for /syz2:
[ 2838.480927][ T3819] anon 90112
[ 2838.480927][ T3819] file 417792
[ 2838.480927][ T3819] kernel 314052608
[ 2838.480927][ T3819] kernel_stack 32768
[ 2838.480927][ T3819] pagetables 69632
[ 2838.480927][ T3819] sec_pagetables 0
[ 2838.480927][ T3819] percpu 5358784
[ 2838.480927][ T3819] sock 0
[ 2838.480927][ T3819] vmalloc 0
[ 2838.480927][ T3819] shmem 417792
[ 2838.480927][ T3819] zswap 0
[ 2838.480927][ T3819] zswapped 0
[ 2838.480927][ T3819] file_mapped 417792
[ 2838.480927][ T3819] file_dirty 0
[ 2838.480927][ T3819] file_writeback 0
[ 2838.480927][ T3819] swapcached 0
[ 2838.480927][ T3819] anon_thp 0
[ 2838.480927][ T3819] file_thp 0
[ 2838.480927][ T3819] shmem_thp 0
[ 2838.480927][ T3819] inactive_anon 94208
[ 2838.480927][ T3819] active_anon 413696
[ 2838.480927][ T3819] inactive_file 0
[ 2838.480927][ T3819] active_file 0
[ 2838.480927][ T3819] unevictable 0
[ 2838.480927][ T3819] slab_reclaimable 10424
[ 2838.480927][ T3819] slab_unreclaimable 308529576
[ 2838.485025][ T3804] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2838.577238][ T3819] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3819,uid=0
[ 2838.602181][ T3819] Memory cgroup out of memory: Killed process 3819 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2838.620622][ T3816] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2838.635769][ T3816] CPU: 1 PID: 3816 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2838.646237][ T3816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2838.656320][ T3816] Call Trace:
[ 2838.659622][ T3816]  <TASK>
[ 2838.662573][ T3816]  dump_stack_lvl+0xd1/0x138
[ 2838.667208][ T3816]  dump_header+0x10b/0x85f
[ 2838.671667][ T3816]  oom_kill_process.cold+0x10/0x15
[ 2838.676822][ T3816]  out_of_memory+0x35c/0x14a0
[ 2838.681548][ T3816]  ? oom_killer_disable+0x280/0x280
[ 2838.686785][ T3816]  ? find_held_lock+0x2d/0x110
[ 2838.691598][ T3816]  mem_cgroup_out_of_memory+0x206/0x270
[ 2838.697181][ T3816]  ? mem_cgroup_margin+0x130/0x130
[ 2838.702327][ T3816]  ? lock_downgrade+0x6e0/0x6e0
[ 2838.707248][ T3816]  try_charge_memcg+0xef8/0x12f0
[ 2838.712244][ T3816]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2838.718270][ T3816]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2838.724024][ T3816]  ? lock_downgrade+0x6e0/0x6e0
[ 2838.728956][ T3816]  obj_cgroup_charge+0x2af/0x5e0
[ 2838.733940][ T3816]  ? __anon_vma_prepare+0x64/0x580
[ 2838.739082][ T3816]  kmem_cache_alloc+0xa3/0x3d0
[ 2838.743889][ T3816]  __anon_vma_prepare+0x64/0x580
[ 2838.748853][ T3816]  ? __pmd_alloc+0x30c/0x5d0
[ 2838.753651][ T3816]  __handle_mm_fault+0x35bc/0x3a40
[ 2838.758801][ T3816]  ? vm_iomap_memory+0x190/0x190
[ 2838.763812][ T3816]  handle_mm_fault+0x1cc/0x780
[ 2838.768613][ T3816]  do_user_addr_fault+0x475/0x1210
[ 2838.773759][ T3816]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2838.779341][ T3816]  exc_page_fault+0x98/0x170
[ 2838.783950][ T3816]  asm_exc_page_fault+0x26/0x30
[ 2838.788821][ T3816] RIP: 0033:0x7f69a662bd79
[ 2838.793246][ T3816] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2838.812865][ T3816] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2838.818945][ T3816] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2838.826927][ T3816] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2838.834909][ T3816] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2838.842888][ T3816] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b4e47
[ 2838.850867][ T3816] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2838.858866][ T3816]  </TASK>
10:16:43 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3903}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2838.879913][ T3804] device macvtap1320 entered promiscuous mode
[ 2838.886538][ T3816] memory: usage 307200kB, limit 307200kB, failcnt 13264
[ 2838.898286][ T3816] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
10:16:43 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x2e02}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2838.946275][ T3806] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2839.004290][ T3806] device bridge536 entered promiscuous mode
[ 2839.048824][ T3816] Memory cgroup stats for /syz1:
[ 2839.049029][ T3816] anon 135168
[ 2839.049029][ T3816] file 393216
[ 2839.049029][ T3816] kernel 314028032
[ 2839.049029][ T3816] kernel_stack 65536
[ 2839.049029][ T3816] pagetables 81920
[ 2839.049029][ T3816] sec_pagetables 0
[ 2839.049029][ T3816] percpu 5356416
[ 2839.049029][ T3816] sock 0
[ 2839.049029][ T3816] vmalloc 0
[ 2839.049029][ T3816] shmem 385024
[ 2839.049029][ T3816] zswap 0
[ 2839.049029][ T3816] zswapped 0
[ 2839.049029][ T3816] file_mapped 385024
[ 2839.049029][ T3816] file_dirty 4096
[ 2839.049029][ T3816] file_writeback 0
[ 2839.049029][ T3816] swapcached 0
[ 2839.049029][ T3816] anon_thp 0
[ 2839.049029][ T3816] file_thp 0
[ 2839.049029][ T3816] shmem_thp 0
[ 2839.049029][ T3816] inactive_anon 180224
[ 2839.049029][ T3816] active_anon 339968
[ 2839.049029][ T3816] inactive_file 4096
[ 2839.049029][ T3816] active_file 4096
[ 2839.049029][ T3816] unevictable 0
[ 2839.049029][ T3816] slab_reclaimable 16512
[ 2839.049029][ T3816] slab_unreclaimable 308469080
[ 2839.074190][ T3808] device macvtap565 entered promiscuous mode
[ 2839.192497][ T3809] device macvtap566 entered promiscuous mode
10:16:43 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x8d00, @local}]}, 0x48}}, 0x0)

10:16:43 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x3f00}, 0x0)

[ 2839.231830][ T3816] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3816,uid=0
[ 2839.248298][ T3816] Memory cgroup out of memory: Killed process 3816 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2839.267667][ T3824] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2839.287096][ T3815] device macvtap465 entered promiscuous mode
[ 2839.296813][ T3824] CPU: 0 PID: 3824 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2839.307190][ T3824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2839.317267][ T3824] Call Trace:
[ 2839.320566][ T3824]  <TASK>
[ 2839.323515][ T3824]  dump_stack_lvl+0xd1/0x138
[ 2839.328152][ T3824]  dump_header+0x10b/0x85f
[ 2839.332610][ T3824]  oom_kill_process.cold+0x10/0x15
[ 2839.337762][ T3824]  out_of_memory+0x35c/0x14a0
[ 2839.342492][ T3824]  ? oom_killer_disable+0x280/0x280
[ 2839.347733][ T3824]  ? find_held_lock+0x2d/0x110
[ 2839.352546][ T3824]  mem_cgroup_out_of_memory+0x206/0x270
[ 2839.358124][ T3824]  ? mem_cgroup_margin+0x130/0x130
[ 2839.363264][ T3824]  ? lock_downgrade+0x6e0/0x6e0
[ 2839.368176][ T3824]  try_charge_memcg+0xef8/0x12f0
[ 2839.373143][ T3824]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2839.379150][ T3824]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2839.384905][ T3824]  ? lock_downgrade+0x6e0/0x6e0
[ 2839.389809][ T3824]  ? lock_downgrade+0x6e0/0x6e0
[ 2839.394727][ T3824]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2839.400324][ T3824]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2839.406522][ T3824]  copy_process+0x15ed/0x7190
[ 2839.411239][ T3824]  ? __lock_acquire+0xbc3/0x56d0
[ 2839.416237][ T3824]  ? __cleanup_sighand+0xb0/0xb0
[ 2839.421204][ T3824]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2839.427236][ T3824]  ? psi_memstall_leave+0x174/0x250
[ 2839.432482][ T3824]  kernel_clone+0xeb/0x980
[ 2839.436935][ T3824]  ? create_io_thread+0xf0/0xf0
[ 2839.441824][ T3824]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2839.448135][ T3824]  ? lock_downgrade+0x6e0/0x6e0
[ 2839.453042][ T3824]  __do_sys_clone+0xba/0x100
[ 2839.457663][ T3824]  ? kernel_clone+0x980/0x980
[ 2839.462390][ T3824]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2839.468325][ T3824]  do_syscall_64+0x39/0xb0
[ 2839.472789][ T3824]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2839.478716][ T3824] RIP: 0033:0x7f8325a8d501
[ 2839.483158][ T3824] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2839.494248][ T3814] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2839.502776][ T3824] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2839.502808][ T3824] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2839.502829][ T3824] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2839.502850][ T3824] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2839.502867][ T3824] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2839.502886][ T3824] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2839.502925][ T3824]  </TASK>
[ 2839.592364][ T3814] device macvtap466 entered promiscuous mode
[ 2839.627171][ T3821] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2839.636508][ T3824] memory: usage 307200kB, limit 307200kB, failcnt 67062
[ 2839.636529][ T3824] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2839.636546][ T3824] Memory cgroup stats for /syz2:
[ 2839.636806][ T3824] anon 90112
[ 2839.636806][ T3824] file 417792
[ 2839.636806][ T3824] kernel 314064896
[ 2839.636806][ T3824] kernel_stack 32768
[ 2839.636806][ T3824] pagetables 69632
[ 2839.636806][ T3824] sec_pagetables 0
[ 2839.636806][ T3824] percpu 5358784
[ 2839.636806][ T3824] sock 0
[ 2839.636806][ T3824] vmalloc 0
[ 2839.636806][ T3824] shmem 417792
[ 2839.636806][ T3824] zswap 0
[ 2839.636806][ T3824] zswapped 0
[ 2839.636806][ T3824] file_mapped 417792
[ 2839.636806][ T3824] file_dirty 0
[ 2839.636806][ T3824] file_writeback 0
[ 2839.636806][ T3824] swapcached 0
[ 2839.636806][ T3824] anon_thp 0
[ 2839.636806][ T3824] file_thp 0
[ 2839.636806][ T3824] shmem_thp 0
[ 2839.636806][ T3824] inactive_anon 94208
[ 2839.636806][ T3824] active_anon 413696
[ 2839.636806][ T3824] inactive_file 0
[ 2839.636806][ T3824] active_file 0
[ 2839.636806][ T3824] unevictable 0
[ 2839.636806][ T3824] slab_reclaimable 10424
[ 2839.636806][ T3824] slab_unreclaimable 308529576
10:16:43 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0x601, 0x1, @local}]}, 0x48}}, 0x0)

[ 2839.770151][ T3821] device bridge1788 entered promiscuous mode
[ 2839.819728][ T3824] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3824,uid=0
[ 2839.836288][ T3824] Memory cgroup out of memory: Killed process 3824 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
10:16:44 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3a00}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2839.875113][ T3822] device macvtap2178 entered promiscuous mode
[ 2839.956084][ T3823] device macvtap2179 entered promiscuous mode
[ 2839.966701][ T3832] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000
[ 2839.986487][ T3832] CPU: 0 PID: 3832 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2839.996853][ T3832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2840.006927][ T3832] Call Trace:
[ 2840.010221][ T3832]  <TASK>
[ 2840.013172][ T3832]  dump_stack_lvl+0xd1/0x138
[ 2840.017805][ T3832]  dump_header+0x10b/0x85f
[ 2840.022258][ T3832]  oom_kill_process.cold+0x10/0x15
[ 2840.027406][ T3832]  out_of_memory+0x35c/0x14a0
[ 2840.032126][ T3832]  ? find_held_lock+0x2d/0x110
[ 2840.036920][ T3832]  ? oom_killer_disable+0x280/0x280
[ 2840.042136][ T3832]  ? find_held_lock+0x2d/0x110
[ 2840.046933][ T3832]  mem_cgroup_out_of_memory+0x206/0x270
[ 2840.052496][ T3832]  ? mem_cgroup_margin+0x130/0x130
[ 2840.057622][ T3832]  ? lock_downgrade+0x6e0/0x6e0
[ 2840.062516][ T3832]  try_charge_memcg+0xef8/0x12f0
[ 2840.067483][ T3832]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2840.073485][ T3832]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2840.079220][ T3832]  ? lock_downgrade+0x6e0/0x6e0
[ 2840.084105][ T3832]  ? lock_downgrade+0x6e0/0x6e0
[ 2840.088984][ T3832]  ? rcu_read_unlock+0x9/0x60
[ 2840.093685][ T3832]  obj_cgroup_charge+0x2af/0x5e0
[ 2840.098655][ T3832]  kmem_cache_alloc_node+0xa9/0x410
[ 2840.103872][ T3832]  ? copy_process+0x5c2/0x7190
[ 2840.108658][ T3832]  copy_process+0x5c2/0x7190
[ 2840.113270][ T3832]  ? find_held_lock+0x2d/0x110
[ 2840.118065][ T3832]  ? find_held_lock+0x2d/0x110
[ 2840.122855][ T3832]  ? __cleanup_sighand+0xb0/0xb0
[ 2840.127806][ T3832]  ? __handle_mm_fault+0x2d0f/0x3a40
[ 2840.133106][ T3832]  ? lock_downgrade+0x6e0/0x6e0
[ 2840.137982][ T3832]  ? folio_flags.constprop.0+0x53/0x150
[ 2840.143561][ T3832]  ? folio_add_lru+0x37b/0x680
[ 2840.148357][ T3832]  kernel_clone+0xeb/0x980
[ 2840.152792][ T3832]  ? create_io_thread+0xf0/0xf0
[ 2840.157664][ T3832]  ? find_held_lock+0x2d/0x110
[ 2840.162465][ T3832]  __do_sys_clone+0xba/0x100
[ 2840.167073][ T3832]  ? kernel_clone+0x980/0x980
[ 2840.171781][ T3832]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2840.177697][ T3832]  do_syscall_64+0x39/0xb0
[ 2840.182144][ T3832]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2840.188058][ T3832] RIP: 0033:0x7f69a668d501
[ 2840.192483][ T3832] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2840.212100][ T3832] RSP: 002b:00007ffea4dd3058 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2840.220525][ T3832] RAX: ffffffffffffffda RBX: 00007f69a746c700 RCX: 00007f69a668d501
[ 2840.228504][ T3832] RDX: 00007f69a746c9d0 RSI: 00007f69a746c2f0 RDI: 00000000003d0f00
[ 2840.236484][ T3832] RBP: 00007ffea4dd32a0 R08: 00007f69a746c700 R09: 00007f69a746c700
[ 2840.244465][ T3832] R10: 00007f69a746c9d0 R11: 0000000000000206 R12: 00007ffea4dd310e
[ 2840.252443][ T3832] R13: 00007ffea4dd310f R14: 00007f69a746c300 R15: 0000000000022000
[ 2840.260441][ T3832]  </TASK>
[ 2840.271500][ T3832] memory: usage 307196kB, limit 307200kB, failcnt 13393
[ 2840.286761][ T3832] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2840.294642][ T3826] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2840.294779][ T3832] Memory cgroup stats for /syz1:
[ 2840.304800][ T3832] anon 147456
[ 2840.304800][ T3832] file 393216
[ 2840.304800][ T3832] kernel 314028032
[ 2840.304800][ T3832] kernel_stack 65536
[ 2840.304800][ T3832] pagetables 81920
[ 2840.304800][ T3832] sec_pagetables 0
[ 2840.304800][ T3832] percpu 5356416
[ 2840.304800][ T3832] sock 0
[ 2840.304800][ T3832] vmalloc 0
[ 2840.304800][ T3832] shmem 385024
[ 2840.304800][ T3832] zswap 0
[ 2840.304800][ T3832] zswapped 0
[ 2840.304800][ T3832] file_mapped 385024
[ 2840.304800][ T3832] file_dirty 0
[ 2840.304800][ T3832] file_writeback 0
[ 2840.304800][ T3832] swapcached 0
[ 2840.304800][ T3832] anon_thp 0
[ 2840.304800][ T3832] file_thp 0
[ 2840.304800][ T3832] shmem_thp 0
[ 2840.304800][ T3832] inactive_anon 192512
[ 2840.304800][ T3832] active_anon 339968
[ 2840.304800][ T3832] inactive_file 4096
[ 2840.304800][ T3832] active_file 4096
[ 2840.304800][ T3832] unevictable 0
[ 2840.304800][ T3832] slab_reclaimable 16512
[ 2840.304800][ T3832] slab_unreclaimable 308470328
[ 2840.373716][ T3826] device bridge1329 entered promiscuous mode
10:16:44 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0xfeff}, 0x0)

[ 2840.413657][ T3832] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3832,uid=0
[ 2840.430846][ T3832] Memory cgroup out of memory: Killed process 3832 (syz-executor.1) total-vm:54672kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2840.453612][ T3841] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2840.500649][ T3841] CPU: 1 PID: 3841 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2840.511142][ T3841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2840.521218][ T3841] Call Trace:
[ 2840.524515][ T3841]  <TASK>
[ 2840.527471][ T3841]  dump_stack_lvl+0xd1/0x138
[ 2840.532103][ T3841]  dump_header+0x10b/0x85f
[ 2840.536561][ T3841]  oom_kill_process.cold+0x10/0x15
[ 2840.541713][ T3841]  out_of_memory+0x35c/0x14a0
[ 2840.546422][ T3841]  ? find_held_lock+0x2d/0x110
[ 2840.548485][ T3827] device macvtap1320 entered promiscuous mode
[ 2840.551209][ T3841]  ? oom_killer_disable+0x280/0x280
[ 2840.551253][ T3841]  ? find_held_lock+0x2d/0x110
[ 2840.567292][ T3841]  mem_cgroup_out_of_memory+0x206/0x270
[ 2840.572873][ T3841]  ? mem_cgroup_margin+0x130/0x130
[ 2840.578002][ T3841]  ? lock_downgrade+0x6e0/0x6e0
[ 2840.582900][ T3841]  try_charge_memcg+0xef8/0x12f0
[ 2840.587887][ T3841]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2840.593905][ T3841]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2840.599661][ T3841]  ? lock_downgrade+0x6e0/0x6e0
[ 2840.604563][ T3841]  ? lock_downgrade+0x6e0/0x6e0
[ 2840.609472][ T3841]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2840.615057][ T3841]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2840.621248][ T3841]  copy_process+0x73e/0x7190
[ 2840.625868][ T3841]  ? wp_page_copy+0x311/0x1ca0
[ 2840.630684][ T3841]  ? __cleanup_sighand+0xb0/0xb0
[ 2840.635669][ T3841]  ? do_wp_page+0x1d9/0x1930
[ 2840.640303][ T3841]  kernel_clone+0xeb/0x980
[ 2840.644760][ T3841]  ? create_io_thread+0xf0/0xf0
[ 2840.649653][ T3841]  ? find_held_lock+0x2d/0x110
[ 2840.654478][ T3841]  __do_sys_clone+0xba/0x100
[ 2840.655444][ T3829] device macvtap1321 entered promiscuous mode
[ 2840.659082][ T3841]  ? kernel_clone+0x980/0x980
[ 2840.659131][ T3841]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2840.659171][ T3841]  do_syscall_64+0x39/0xb0
[ 2840.659210][ T3841]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2840.659251][ T3841] RIP: 0033:0x7f8325a8d501
[ 2840.659273][ T3841] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2840.710217][ T3841] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2840.718664][ T3841] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2840.726664][ T3841] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2840.734663][ T3841] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2840.742666][ T3841] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2840.750752][ T3841] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2840.758759][ T3841]  </TASK>
[ 2840.774201][ T3841] memory: usage 307180kB, limit 307200kB, failcnt 67159
[ 2840.781740][ T3841] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2840.789254][ T3841] Memory cgroup stats for /syz2:
[ 2840.789475][ T3841] anon 90112
[ 2840.789475][ T3841] file 417792
[ 2840.789475][ T3841] kernel 314044416
[ 2840.789475][ T3841] kernel_stack 32768
[ 2840.789475][ T3841] pagetables 69632
[ 2840.789475][ T3841] sec_pagetables 0
[ 2840.789475][ T3841] percpu 5358784
[ 2840.789475][ T3841] sock 0
[ 2840.789475][ T3841] vmalloc 0
[ 2840.789475][ T3841] shmem 417792
[ 2840.789475][ T3841] zswap 0
[ 2840.789475][ T3841] zswapped 0
[ 2840.789475][ T3841] file_mapped 417792
[ 2840.789475][ T3841] file_dirty 0
[ 2840.789475][ T3841] file_writeback 0
[ 2840.789475][ T3841] swapcached 0
[ 2840.789475][ T3841] anon_thp 0
[ 2840.789475][ T3841] file_thp 0
[ 2840.789475][ T3841] shmem_thp 0
[ 2840.789475][ T3841] inactive_anon 94208
[ 2840.789475][ T3841] active_anon 413696
[ 2840.789475][ T3841] inactive_file 0
[ 2840.789475][ T3841] active_file 0
[ 2840.789475][ T3841] unevictable 0
[ 2840.789475][ T3841] slab_reclaimable 10424
[ 2840.789475][ T3841] slab_unreclaimable 308518480
10:16:45 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3a01}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2840.887801][ T3841] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3841,uid=0
[ 2840.904053][ T3841] Memory cgroup out of memory: Killed process 3841 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
10:16:45 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x2e02}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2840.962501][ T3831] device bridge537 entered promiscuous mode
[ 2841.233504][ T3847] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2841.235730][ T3833] device macvtap566 entered promiscuous mode
[ 2841.264372][ T3847] CPU: 0 PID: 3847 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2841.274745][ T3847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2841.284824][ T3847] Call Trace:
[ 2841.288119][ T3847]  <TASK>
[ 2841.291070][ T3847]  dump_stack_lvl+0xd1/0x138
[ 2841.295701][ T3847]  dump_header+0x10b/0x85f
[ 2841.300155][ T3847]  oom_kill_process.cold+0x10/0x15
[ 2841.305309][ T3847]  out_of_memory+0x35c/0x14a0
[ 2841.310017][ T3847]  ? find_held_lock+0x2d/0x110
[ 2841.314799][ T3847]  ? oom_killer_disable+0x280/0x280
[ 2841.320018][ T3847]  ? find_held_lock+0x2d/0x110
[ 2841.324832][ T3847]  mem_cgroup_out_of_memory+0x206/0x270
[ 2841.330416][ T3847]  ? mem_cgroup_margin+0x130/0x130
[ 2841.335558][ T3847]  ? lock_downgrade+0x6e0/0x6e0
[ 2841.340454][ T3847]  try_charge_memcg+0xef8/0x12f0
[ 2841.345396][ T3847]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2841.351381][ T3847]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2841.357096][ T3847]  ? lock_downgrade+0x6e0/0x6e0
[ 2841.361977][ T3847]  ? lock_downgrade+0x6e0/0x6e0
[ 2841.366855][ T3847]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2841.372417][ T3847]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2841.378609][ T3847]  copy_process+0x15ed/0x7190
[ 2841.383320][ T3847]  ? __lock_acquire+0xbc3/0x56d0
[ 2841.388298][ T3847]  ? __cleanup_sighand+0xb0/0xb0
[ 2841.393245][ T3847]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2841.399259][ T3847]  ? psi_memstall_leave+0x174/0x250
[ 2841.404459][ T3847]  kernel_clone+0xeb/0x980
[ 2841.408894][ T3847]  ? create_io_thread+0xf0/0xf0
[ 2841.413742][ T3847]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2841.419990][ T3847]  ? lock_downgrade+0x6e0/0x6e0
[ 2841.424900][ T3847]  __do_sys_clone+0xba/0x100
[ 2841.429523][ T3847]  ? kernel_clone+0x980/0x980
[ 2841.434248][ T3847]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2841.440186][ T3847]  do_syscall_64+0x39/0xb0
[ 2841.444608][ T3847]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2841.450509][ T3847] RIP: 0033:0x7f8325a8d501
[ 2841.454944][ T3847] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2841.474577][ T3847] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2841.483021][ T3847] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2841.491017][ T3847] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2841.499001][ T3847] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2841.506964][ T3847] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2841.514946][ T3847] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2841.522967][ T3847]  </TASK>
[ 2841.581899][ T3834] device macvtap566 entered promiscuous mode
[ 2841.617168][ T3837] __nla_validate_parse: 2 callbacks suppressed
10:16:45 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x2d01}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2841.617188][ T3837] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2841.677988][ T3837] device bridge449 entered promiscuous mode
[ 2841.704477][ T3838] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2841.847595][ T3847] memory: usage 307200kB, limit 307200kB, failcnt 67253
[ 2841.856063][ T3847] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2841.873242][ T3847] Memory cgroup stats for /syz2:
[ 2841.874416][ T3847] anon 90112
[ 2841.874416][ T3847] file 417792
[ 2841.874416][ T3847] kernel 314064896
[ 2841.874416][ T3847] kernel_stack 32768
[ 2841.874416][ T3847] pagetables 69632
[ 2841.874416][ T3847] sec_pagetables 0
[ 2841.874416][ T3847] percpu 5358784
[ 2841.874416][ T3847] sock 0
[ 2841.874416][ T3847] vmalloc 0
[ 2841.874416][ T3847] shmem 417792
[ 2841.874416][ T3847] zswap 0
[ 2841.874416][ T3847] zswapped 0
[ 2841.874416][ T3847] file_mapped 417792
[ 2841.874416][ T3847] file_dirty 0
[ 2841.874416][ T3847] file_writeback 0
[ 2841.874416][ T3847] swapcached 0
[ 2841.874416][ T3847] anon_thp 0
[ 2841.874416][ T3847] file_thp 0
[ 2841.874416][ T3847] shmem_thp 0
[ 2841.874416][ T3847] inactive_anon 94208
[ 2841.874416][ T3847] active_anon 413696
[ 2841.874416][ T3847] inactive_file 0
[ 2841.874416][ T3847] active_file 0
[ 2841.874416][ T3847] unevictable 0
[ 2841.874416][ T3847] slab_reclaimable 10424
[ 2841.874416][ T3847] slab_unreclaimable 308529576
10:16:46 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x8e00, @local}]}, 0x48}}, 0x0)

[ 2842.027339][ T3839] device macvtap466 entered promiscuous mode
[ 2842.069366][ T3840] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2842.089548][ T3847] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3847,uid=0
[ 2842.146578][ T3847] Memory cgroup out of memory: Killed process 3847 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2842.158863][ T3840] device macvtap467 entered promiscuous mode
10:16:46 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3a02}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2842.189454][ T3856] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2842.231786][ T3856] CPU: 1 PID: 3856 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2842.242159][ T3856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2842.252237][ T3856] Call Trace:
[ 2842.255532][ T3856]  <TASK>
[ 2842.258475][ T3856]  dump_stack_lvl+0xd1/0x138
[ 2842.263094][ T3856]  dump_header+0x10b/0x85f
[ 2842.267532][ T3856]  oom_kill_process.cold+0x10/0x15
[ 2842.272665][ T3856]  out_of_memory+0x35c/0x14a0
[ 2842.277373][ T3856]  ? oom_killer_disable+0x280/0x280
[ 2842.282612][ T3856]  ? find_held_lock+0x2d/0x110
[ 2842.287410][ T3856]  mem_cgroup_out_of_memory+0x206/0x270
[ 2842.292975][ T3856]  ? mem_cgroup_margin+0x130/0x130
[ 2842.298099][ T3856]  ? lock_downgrade+0x6e0/0x6e0
[ 2842.302997][ T3856]  try_charge_memcg+0xef8/0x12f0
[ 2842.307973][ T3856]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2842.313991][ T3856]  ? rcu_read_unlock+0x9/0x60
[ 2842.318683][ T3856]  ? lock_downgrade+0x6e0/0x6e0
[ 2842.323587][ T3856]  charge_memcg+0x99/0x3b0
[ 2842.328031][ T3856]  __mem_cgroup_charge+0x2b/0x90
[ 2842.332992][ T3856]  ? _compound_head+0x5d/0x150
[ 2842.337787][ T3856]  __handle_mm_fault+0x17e7/0x3a40
[ 2842.342920][ T3856]  ? vm_iomap_memory+0x190/0x190
[ 2842.347900][ T3856]  handle_mm_fault+0x1cc/0x780
[ 2842.352686][ T3856]  do_user_addr_fault+0x475/0x1210
[ 2842.357821][ T3856]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2842.363396][ T3856]  exc_page_fault+0x98/0x170
[ 2842.368005][ T3856]  asm_exc_page_fault+0x26/0x30
[ 2842.372880][ T3856] RIP: 0033:0x7f69a663b8df
[ 2842.377308][ T3856] Code: ff ff 4d 89 cd 48 85 c0 74 19 8b 95 44 ff ff ff 48 29 c6 48 01 c7 e8 10 09 05 00 85 c0 0f 85 0b 03 00 00 48 8b 85 48 ff ff ff <41> c7 45 18 01 00 00 00 4c 89 ef 49 89 85 90 06 00 00 48 8b 85 50
[ 2842.396928][ T3856] RSP: 002b:00007ffea4dd30b0 EFLAGS: 00010246
[ 2842.403006][ T3856] RAX: 00007f69a744c000 RBX: 0000000000021000 RCX: 00007f69a668c1e7
[ 2842.410985][ T3856] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f69a744d000
[ 2842.418965][ T3856] RBP: 00007ffea4dd3180 R08: 00000000ffffffff R09: 00007f69a746c700
10:16:46 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x2b03}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2842.426945][ T3856] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffea4dd32a0
[ 2842.434924][ T3856] R13: 00007f69a746c700 R14: 0000000000000000 R15: 0000000000022000
[ 2842.442924][ T3856]  </TASK>
[ 2842.465086][ T3843] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2842.550614][ T3843] device bridge1789 entered promiscuous mode
[ 2842.624690][ T3844] device macvtap2179 entered promiscuous mode
[ 2842.681026][ T3845] device macvtap2180 entered promiscuous mode
[ 2842.729806][ T3856] memory: usage 307184kB, limit 307200kB, failcnt 13480
[ 2842.737208][ T3856] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2842.744969][ T3856] Memory cgroup stats for /syz1:
[ 2842.745196][ T3856] anon 143360
[ 2842.745196][ T3856] file 393216
[ 2842.745196][ T3856] kernel 314019840
[ 2842.745196][ T3856] kernel_stack 65536
[ 2842.745196][ T3856] pagetables 81920
[ 2842.745196][ T3856] sec_pagetables 0
[ 2842.745196][ T3856] percpu 5356416
[ 2842.745196][ T3856] sock 0
[ 2842.745196][ T3856] vmalloc 0
[ 2842.745196][ T3856] shmem 385024
[ 2842.745196][ T3856] zswap 0
[ 2842.745196][ T3856] zswapped 0
[ 2842.745196][ T3856] file_mapped 385024
[ 2842.745196][ T3856] file_dirty 0
[ 2842.745196][ T3856] file_writeback 0
[ 2842.745196][ T3856] swapcached 0
[ 2842.745196][ T3856] anon_thp 0
[ 2842.745196][ T3856] file_thp 0
[ 2842.745196][ T3856] shmem_thp 0
[ 2842.745196][ T3856] inactive_anon 188416
[ 2842.745196][ T3856] active_anon 339968
[ 2842.745196][ T3856] inactive_file 4096
[ 2842.745196][ T3856] active_file 4096
[ 2842.745196][ T3856] unevictable 0
10:16:47 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0xff0f}, 0x0)

[ 2842.745196][ T3856] slab_reclaimable 16512
[ 2842.745196][ T3856] slab_unreclaimable 308465088
[ 2842.839950][ T3849] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2842.887808][ T3856] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3856,uid=0
[ 2842.904749][ T3849] device bridge1330 entered promiscuous mode
[ 2842.917704][ T3856] Memory cgroup out of memory: Killed process 3856 (syz-executor.1) total-vm:54672kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2842.986783][ T3850] device macvtap1321 entered promiscuous mode
[ 2842.998409][ T3861] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2843.021780][ T3851] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2843.032590][ T3861] CPU: 1 PID: 3861 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2843.042949][ T3861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2843.053017][ T3861] Call Trace:
[ 2843.056321][ T3861]  <TASK>
[ 2843.059279][ T3861]  dump_stack_lvl+0xd1/0x138
[ 2843.063909][ T3861]  dump_header+0x10b/0x85f
[ 2843.068367][ T3861]  oom_kill_process.cold+0x10/0x15
[ 2843.073515][ T3861]  out_of_memory+0x35c/0x14a0
[ 2843.078235][ T3861]  ? find_held_lock+0x2d/0x110
[ 2843.083044][ T3861]  ? oom_killer_disable+0x280/0x280
[ 2843.088281][ T3861]  ? find_held_lock+0x2d/0x110
[ 2843.093091][ T3861]  mem_cgroup_out_of_memory+0x206/0x270
[ 2843.098664][ T3861]  ? mem_cgroup_margin+0x130/0x130
[ 2843.103802][ T3861]  ? lock_downgrade+0x6e0/0x6e0
[ 2843.108699][ T3861]  try_charge_memcg+0xef8/0x12f0
[ 2843.113672][ T3861]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2843.119681][ T3861]  ? rcu_read_unlock+0x9/0x60
[ 2843.124371][ T3861]  ? lock_downgrade+0x6e0/0x6e0
[ 2843.129265][ T3861]  charge_memcg+0x99/0x3b0
[ 2843.133706][ T3861]  __mem_cgroup_charge+0x2b/0x90
[ 2843.138668][ T3861]  wp_page_copy+0x2bf/0x1ca0
[ 2843.143298][ T3861]  ? page_try_dup_anon_rmap.constprop.0+0xd10/0xd10
[ 2843.149915][ T3861]  ? lock_downgrade+0x6e0/0x6e0
[ 2843.154792][ T3861]  ? vm_normal_page+0x14a/0x2a0
[ 2843.159669][ T3861]  do_wp_page+0x538/0x1930
[ 2843.164103][ T3861]  __handle_mm_fault+0x181b/0x3a40
[ 2843.169237][ T3861]  ? vm_iomap_memory+0x190/0x190
[ 2843.174215][ T3861]  handle_mm_fault+0x1cc/0x780
[ 2843.179088][ T3861]  do_user_addr_fault+0x475/0x1210
[ 2843.184223][ T3861]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2843.189804][ T3861]  exc_page_fault+0x98/0x170
[ 2843.194412][ T3861]  asm_exc_page_fault+0x26/0x30
[ 2843.199283][ T3861] RIP: 0033:0x7f8325a36655
[ 2843.203709][ T3861] Code: 0f 1f 44 00 00 48 8b 57 18 48 83 fa ff 74 22 48 81 fa e7 03 00 00 0f 87 ee 00 00 00 48 c1 e2 04 48 8d 0d 6e 1a 17 00 48 01 ca <c6> 02 01 48 89 42 08 48 8b 0d 1d 73 17 00 48 8b 53 10 4c 8d 81 00
[ 2843.223335][ T3861] RSP: 002b:00007fff9cb6b2b0 EFLAGS: 00010206
[ 2843.229414][ T3861] RAX: 0000000000000003 RBX: 00007f8325babf80 RCX: 00007f8325ba80c0
[ 2843.237394][ T3861] RDX: 00007f8325ba80c0 RSI: 0000000000000080 RDI: 00007f8325babf80
[ 2843.245375][ T3861] RBP: 00007f8325babf80 R08: 00007fff9cb80080 R09: 0000000000000000
[ 2843.253354][ T3861] R10: 00007fff9cb6b3c0 R11: 0000000000000246 R12: 00000000002b6130
[ 2843.261332][ T3861] R13: 00007fff9cb6b3c0 R14: 00007f8325babf80 R15: 0000000000000032
[ 2843.269335][ T3861]  </TASK>
[ 2843.287165][ T3851] device macvtap1322 entered promiscuous mode
[ 2843.323505][ T3861] memory: usage 307200kB, limit 307200kB, failcnt 67361
[ 2843.330703][ T3861] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2843.331628][ T3853] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2843.337711][ T3861] Memory cgroup stats for /syz2:
[ 2843.338018][ T3861] anon 98304
[ 2843.338018][ T3861] file 417792
[ 2843.338018][ T3861] kernel 314056704
[ 2843.338018][ T3861] kernel_stack 65536
[ 2843.338018][ T3861] pagetables 69632
[ 2843.338018][ T3861] sec_pagetables 0
[ 2843.338018][ T3861] percpu 5358784
[ 2843.338018][ T3861] sock 0
[ 2843.338018][ T3861] vmalloc 0
[ 2843.338018][ T3861] shmem 417792
[ 2843.338018][ T3861] zswap 0
[ 2843.338018][ T3861] zswapped 0
[ 2843.338018][ T3861] file_mapped 417792
[ 2843.338018][ T3861] file_dirty 0
[ 2843.338018][ T3861] file_writeback 0
[ 2843.338018][ T3861] swapcached 0
[ 2843.338018][ T3861] anon_thp 0
[ 2843.338018][ T3861] file_thp 0
[ 2843.338018][ T3861] shmem_thp 0
[ 2843.338018][ T3861] inactive_anon 94208
[ 2843.338018][ T3861] active_anon 413696
10:16:47 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x3d5}, 0x0)

[ 2843.338018][ T3861] inactive_file 0
[ 2843.338018][ T3861] active_file 0
[ 2843.338018][ T3861] unevictable 0
[ 2843.338018][ T3861] slab_reclaimable 12352
[ 2843.338018][ T3861] slab_unreclaimable 308519288
[ 2843.387748][ T3853] device bridge538 entered promiscuous mode
[ 2843.469158][ T3861] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3861,uid=0
[ 2843.486668][ T3861] Memory cgroup out of memory: Killed process 3861 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
10:16:47 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3a03}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2843.521406][ T3854] device macvtap567 entered promiscuous mode
[ 2843.536070][ T3855] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2843.585899][ T3855] device macvtap568 entered promiscuous mode
[ 2843.663183][ T3872] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2843.678214][ T3857] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2843.697143][ T3872] CPU: 1 PID: 3872 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2843.707512][ T3872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2843.717591][ T3872] Call Trace:
[ 2843.720887][ T3872]  <TASK>
[ 2843.723878][ T3872]  dump_stack_lvl+0xd1/0x138
[ 2843.728512][ T3872]  dump_header+0x10b/0x85f
[ 2843.732972][ T3872]  oom_kill_process.cold+0x10/0x15
[ 2843.738123][ T3872]  out_of_memory+0x35c/0x14a0
[ 2843.742848][ T3872]  ? find_held_lock+0x2d/0x110
[ 2843.747652][ T3872]  ? oom_killer_disable+0x280/0x280
[ 2843.752890][ T3872]  ? find_held_lock+0x2d/0x110
[ 2843.757704][ T3872]  mem_cgroup_out_of_memory+0x206/0x270
[ 2843.763289][ T3872]  ? mem_cgroup_margin+0x130/0x130
[ 2843.768433][ T3872]  ? lock_downgrade+0x6e0/0x6e0
[ 2843.773356][ T3872]  try_charge_memcg+0xef8/0x12f0
[ 2843.778341][ T3872]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2843.784348][ T3872]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2843.790089][ T3872]  ? lock_downgrade+0x6e0/0x6e0
[ 2843.794975][ T3872]  ? lock_downgrade+0x6e0/0x6e0
[ 2843.799876][ T3872]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2843.805450][ T3872]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2843.811632][ T3872]  copy_process+0x73e/0x7190
[ 2843.816245][ T3872]  ? __lock_acquire+0xbc3/0x56d0
[ 2843.821224][ T3872]  ? __cleanup_sighand+0xb0/0xb0
[ 2843.826178][ T3872]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2843.832193][ T3872]  ? psi_memstall_leave+0x174/0x250
[ 2843.837424][ T3872]  kernel_clone+0xeb/0x980
[ 2843.841865][ T3872]  ? create_io_thread+0xf0/0xf0
[ 2843.846737][ T3872]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2843.852997][ T3872]  ? lock_downgrade+0x6e0/0x6e0
[ 2843.857889][ T3872]  __do_sys_clone+0xba/0x100
[ 2843.862499][ T3872]  ? kernel_clone+0x980/0x980
[ 2843.867207][ T3872]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2843.873125][ T3872]  do_syscall_64+0x39/0xb0
[ 2843.877567][ T3872]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2843.883486][ T3872] RIP: 0033:0x7f8325a8d501
[ 2843.887915][ T3872] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2843.907535][ T3872] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2843.915962][ T3872] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2843.923948][ T3872] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2843.931932][ T3872] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2843.939914][ T3872] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2843.947896][ T3872] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2843.955909][ T3872]  </TASK>
[ 2843.963765][ T3872] memory: usage 307200kB, limit 307200kB, failcnt 67463
[ 2843.970963][ T3872] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2843.978101][ T3872] Memory cgroup stats for /syz2:
[ 2843.978316][ T3872] anon 90112
[ 2843.978316][ T3872] file 417792
[ 2843.978316][ T3872] kernel 314064896
[ 2843.978316][ T3872] kernel_stack 32768
[ 2843.978316][ T3872] pagetables 69632
[ 2843.978316][ T3872] sec_pagetables 0
[ 2843.978316][ T3872] percpu 5358784
[ 2843.978316][ T3872] sock 0
[ 2843.978316][ T3872] vmalloc 0
[ 2843.978316][ T3872] shmem 417792
[ 2843.978316][ T3872] zswap 0
[ 2843.978316][ T3872] zswapped 0
[ 2843.978316][ T3872] file_mapped 417792
[ 2843.978316][ T3872] file_dirty 0
[ 2843.978316][ T3872] file_writeback 0
[ 2843.978316][ T3872] swapcached 0
[ 2843.978316][ T3872] anon_thp 0
[ 2843.978316][ T3872] file_thp 0
[ 2843.978316][ T3872] shmem_thp 0
[ 2843.978316][ T3872] inactive_anon 94208
[ 2843.978316][ T3872] active_anon 413696
[ 2843.978316][ T3872] inactive_file 0
[ 2843.978316][ T3872] active_file 0
[ 2843.978316][ T3872] unevictable 0
10:16:48 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xcd, 0x1, @local}]}, 0x48}}, 0x0)

[ 2843.978316][ T3872] slab_reclaimable 10424
[ 2843.978316][ T3872] slab_unreclaimable 308529576
[ 2844.079802][ T3872] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3872,uid=0
10:16:48 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3b00}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2844.116224][ T3872] Memory cgroup out of memory: Killed process 3872 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2844.182998][ T3860] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2844.192840][ T3878] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[ 2844.206095][ T3878] CPU: 0 PID: 3878 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2844.216460][ T3878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2844.226538][ T3878] Call Trace:
[ 2844.229838][ T3878]  <TASK>
[ 2844.232791][ T3878]  dump_stack_lvl+0xd1/0x138
[ 2844.237420][ T3878]  dump_header+0x10b/0x85f
[ 2844.241872][ T3878]  oom_kill_process.cold+0x10/0x15
[ 2844.247026][ T3878]  out_of_memory+0x35c/0x14a0
[ 2844.251748][ T3878]  ? find_held_lock+0x2d/0x110
[ 2844.255777][ T3860] device bridge450 entered promiscuous mode
[ 2844.256536][ T3878]  ? oom_killer_disable+0x280/0x280
[ 2844.256580][ T3878]  ? find_held_lock+0x2d/0x110
[ 2844.272473][ T3878]  mem_cgroup_out_of_memory+0x206/0x270
[ 2844.278055][ T3878]  ? mem_cgroup_margin+0x130/0x130
[ 2844.283197][ T3878]  ? lock_downgrade+0x6e0/0x6e0
[ 2844.288109][ T3878]  try_charge_memcg+0xef8/0x12f0
[ 2844.293084][ T3878]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2844.299102][ T3878]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2844.304860][ T3878]  ? lock_downgrade+0x6e0/0x6e0
[ 2844.309762][ T3878]  ? lock_downgrade+0x6e0/0x6e0
[ 2844.314679][ T3878]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2844.320270][ T3878]  __alloc_pages+0x1f3/0x5b0
[ 2844.324907][ T3878]  ? __alloc_pages_slowpath.constprop.0+0x23d0/0x23d0
10:16:48 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x8f00, @local}]}, 0x48}}, 0x0)

[ 2844.331716][ T3878]  ? find_held_lock+0x2d/0x110
[ 2844.336527][ T3878]  ? __pmd_alloc+0x307/0x5d0
[ 2844.341149][ T3878]  ? lock_downgrade+0x6e0/0x6e0
[ 2844.346047][ T3878]  ? do_raw_spin_lock+0x124/0x2b0
[ 2844.351108][ T3878]  alloc_pages+0x1aa/0x270
[ 2844.355569][ T3878]  pte_alloc_one+0x1a/0x230
[ 2844.360122][ T3878]  __do_fault+0x433/0x600
[ 2844.364493][ T3878]  ? __pud_alloc+0xe4/0x180
[ 2844.369031][ T3878]  __handle_mm_fault+0x2200/0x3a40
[ 2844.374176][ T3878]  ? vm_iomap_memory+0x190/0x190
[ 2844.379164][ T3878]  handle_mm_fault+0x1cc/0x780
[ 2844.383957][ T3878]  do_user_addr_fault+0x475/0x1210
[ 2844.389102][ T3878]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2844.391676][ T3862] device macvtap468 entered promiscuous mode
[ 2844.394670][ T3878]  exc_page_fault+0x98/0x170
[ 2844.394706][ T3878]  asm_exc_page_fault+0x26/0x30
[ 2844.394743][ T3878] RIP: 0033:0x7f8325a276c6
[ 2844.414575][ T3878] Code: ff ff 66 90 48 8b 0d 29 e0 ca 00 4c 63 05 12 e0 ca 00 48 8b 05 13 e0 ca 00 49 01 c8 48 39 c8 72 13 4c 39 c0 73 0e 48 8d 50 04 <89> 38 48 89 15 f9 df ca 00 c3 52 48 8d 35 ca f0 0b 00 48 89 c2 48
[ 2844.434209][ T3878] RSP: 002b:00007fff9cb6b2d8 EFLAGS: 00010287
[ 2844.440307][ T3878] RAX: 0000001b2d620000 RBX: 0000000000000003 RCX: 0000001b2d620000
[ 2844.448382][ T3878] RDX: 0000001b2d620004 RSI: 00000000003c0000 RDI: 0000000000000000
[ 2844.456375][ T3878] RBP: 0000000000000000 R08: 0000001b2da20000 R09: 0000000000040000
[ 2844.464368][ T3878] R10: 0000000000000011 R11: 0000000000000000 R12: 0000000000000001
[ 2844.472366][ T3878] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fff9cb6b580
[ 2844.478768][ T3863] device macvtap469 entered promiscuous mode
[ 2844.480366][ T3878]  </TASK>
[ 2844.562809][ T3878] memory: usage 307144kB, limit 307200kB, failcnt 67543
[ 2844.570123][ T3878] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2844.577270][ T3878] Memory cgroup stats for /syz2:
[ 2844.577766][ T3878] anon 77824
[ 2844.577766][ T3878] file 417792
[ 2844.577766][ T3878] kernel 314019840
[ 2844.577766][ T3878] kernel_stack 32768
[ 2844.577766][ T3878] pagetables 61440
[ 2844.577766][ T3878] sec_pagetables 0
[ 2844.577766][ T3878] percpu 5358784
[ 2844.577766][ T3878] sock 0
[ 2844.577766][ T3878] vmalloc 0
[ 2844.577766][ T3878] shmem 417792
[ 2844.577766][ T3878] zswap 0
[ 2844.577766][ T3878] zswapped 0
[ 2844.577766][ T3878] file_mapped 417792
[ 2844.577766][ T3878] file_dirty 0
[ 2844.577766][ T3878] file_writeback 0
[ 2844.577766][ T3878] swapcached 0
[ 2844.577766][ T3878] anon_thp 0
[ 2844.577766][ T3878] file_thp 0
[ 2844.577766][ T3878] shmem_thp 0
[ 2844.577766][ T3878] inactive_anon 81920
[ 2844.577766][ T3878] active_anon 413696
[ 2844.577766][ T3878] inactive_file 0
[ 2844.577766][ T3878] active_file 0
[ 2844.577766][ T3878] unevictable 0
[ 2844.577766][ T3878] slab_reclaimable 10424
[ 2844.577766][ T3878] slab_unreclaimable 308521232
[ 2844.612939][ T3865] device bridge1790 entered promiscuous mode
[ 2844.679042][ T3878] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3878,uid=0
[ 2844.697024][ T3878] Memory cgroup out of memory: Killed process 3878 (syz-executor.2) total-vm:54408kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:64kB oom_score_adj:1000
10:16:48 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xcd, 0x1, @local}]}, 0x48}}, 0x0)

[ 2844.738603][ T3879] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2844.754100][ T3879] CPU: 0 PID: 3879 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2844.764469][ T3879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2844.774549][ T3879] Call Trace:
[ 2844.777850][ T3879]  <TASK>
[ 2844.780801][ T3879]  dump_stack_lvl+0xd1/0x138
[ 2844.785442][ T3879]  dump_header+0x10b/0x85f
[ 2844.789913][ T3879]  oom_kill_process.cold+0x10/0x15
[ 2844.795064][ T3879]  out_of_memory+0x35c/0x14a0
[ 2844.799786][ T3879]  ? oom_killer_disable+0x280/0x280
[ 2844.805019][ T3879]  ? find_held_lock+0x2d/0x110
[ 2844.809824][ T3879]  mem_cgroup_out_of_memory+0x206/0x270
[ 2844.815406][ T3879]  ? mem_cgroup_margin+0x130/0x130
[ 2844.820549][ T3879]  ? lock_downgrade+0x6e0/0x6e0
[ 2844.825463][ T3879]  try_charge_memcg+0xef8/0x12f0
[ 2844.830457][ T3879]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2844.836487][ T3879]  ? rcu_read_unlock+0x9/0x60
[ 2844.839226][ T3867] device macvtap2180 entered promiscuous mode
[ 2844.841176][ T3879]  ? lock_downgrade+0x6e0/0x6e0
[ 2844.841240][ T3879]  charge_memcg+0x99/0x3b0
[ 2844.856592][ T3879]  __mem_cgroup_charge+0x2b/0x90
[ 2844.861566][ T3879]  ? _compound_head+0x5d/0x150
[ 2844.866369][ T3879]  __handle_mm_fault+0x17e7/0x3a40
[ 2844.871519][ T3879]  ? vm_iomap_memory+0x190/0x190
[ 2844.876519][ T3879]  handle_mm_fault+0x1cc/0x780
[ 2844.881326][ T3879]  do_user_addr_fault+0x475/0x1210
[ 2844.886478][ T3879]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2844.892060][ T3879]  exc_page_fault+0x98/0x170
[ 2844.896684][ T3879]  asm_exc_page_fault+0x26/0x30
[ 2844.901575][ T3879] RIP: 0033:0x7f69a662be6a
[ 2844.906015][ T3879] Code: 30 48 8b 34 24 48 85 f6 74 17 8b 44 24 18 0f c8 89 c0 48 89 44 24 18 48 83 fe 01 0f 85 a1 01 00 00 48 8b 44 24 10 8b 74 24 18 <89> 30 e9 d2 fc ff ff 48 8b 44 24 10 8b 10 48 8b 04 24 48 85 c0 0f
[ 2844.925652][ T3879] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2844.931751][ T3879] RAX: 0000000020000200 RBX: 0000000000000000 RCX: 0000000000000000
10:16:49 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3b01}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2844.939731][ T3879] RDX: 1b013dd590c50c23 RSI: 0000000000000014 RDI: 00005555574b22e8
[ 2844.947724][ T3879] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2844.955724][ T3879] R10: 00007f69a62002a8 R11: 0000000000000246 R12: 00000000002b675b
[ 2844.963721][ T3879] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2844.971755][ T3879]  </TASK>
[ 2844.981869][ T3868] device macvtap2181 entered promiscuous mode
[ 2844.997854][ T3879] memory: usage 307200kB, limit 307200kB, failcnt 13640
[ 2845.008737][ T3879] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2845.016182][ T3879] Memory cgroup stats for /syz1:
[ 2845.016385][ T3879] anon 139264
[ 2845.016385][ T3879] file 393216
[ 2845.016385][ T3879] kernel 314040320
[ 2845.016385][ T3879] kernel_stack 65536
[ 2845.016385][ T3879] pagetables 81920
[ 2845.016385][ T3879] sec_pagetables 0
[ 2845.016385][ T3879] percpu 5356416
[ 2845.016385][ T3879] sock 0
[ 2845.016385][ T3879] vmalloc 0
[ 2845.016385][ T3879] shmem 385024
[ 2845.016385][ T3879] zswap 0
[ 2845.016385][ T3879] zswapped 0
[ 2845.016385][ T3879] file_mapped 385024
[ 2845.016385][ T3879] file_dirty 0
[ 2845.016385][ T3879] file_writeback 0
[ 2845.016385][ T3879] swapcached 0
[ 2845.016385][ T3879] anon_thp 0
[ 2845.016385][ T3879] file_thp 0
[ 2845.016385][ T3879] shmem_thp 0
[ 2845.016385][ T3879] inactive_anon 184320
[ 2845.016385][ T3879] active_anon 339968
[ 2845.016385][ T3879] inactive_file 0
[ 2845.016385][ T3879] active_file 8192
[ 2845.016385][ T3879] unevictable 0
[ 2845.016385][ T3879] slab_reclaimable 16512
[ 2845.016385][ T3879] slab_unreclaimable 308481800
[ 2845.114493][ T3879] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3879,uid=0
[ 2845.130428][ T3879] Memory cgroup out of memory: Killed process 3879 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2845.175028][ T3886] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2845.185643][ T3886] CPU: 1 PID: 3886 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2845.195135][ T3871] device bridge1331 entered promiscuous mode
[ 2845.195981][ T3886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2845.212028][ T3886] Call Trace:
[ 2845.215322][ T3886]  <TASK>
[ 2845.218271][ T3886]  dump_stack_lvl+0xd1/0x138
[ 2845.222907][ T3886]  dump_header+0x10b/0x85f
[ 2845.227356][ T3886]  oom_kill_process.cold+0x10/0x15
[ 2845.232506][ T3886]  out_of_memory+0x35c/0x14a0
[ 2845.237215][ T3886]  ? find_held_lock+0x2d/0x110
[ 2845.242004][ T3886]  ? oom_killer_disable+0x280/0x280
[ 2845.247223][ T3886]  ? find_held_lock+0x2d/0x110
[ 2845.252026][ T3886]  mem_cgroup_out_of_memory+0x206/0x270
[ 2845.257605][ T3886]  ? mem_cgroup_margin+0x130/0x130
[ 2845.262737][ T3886]  ? lock_downgrade+0x6e0/0x6e0
[ 2845.267643][ T3886]  try_charge_memcg+0xef8/0x12f0
[ 2845.272618][ T3886]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2845.278621][ T3886]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2845.284356][ T3886]  ? lock_downgrade+0x6e0/0x6e0
[ 2845.289243][ T3886]  ? lock_downgrade+0x6e0/0x6e0
[ 2845.294135][ T3886]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2845.299707][ T3886]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2845.305881][ T3886]  copy_process+0x73e/0x7190
[ 2845.310494][ T3886]  ? __lock_acquire+0xbc3/0x56d0
[ 2845.315470][ T3886]  ? __cleanup_sighand+0xb0/0xb0
[ 2845.320422][ T3886]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2845.326431][ T3886]  ? psi_memstall_leave+0x174/0x250
[ 2845.331657][ T3886]  kernel_clone+0xeb/0x980
[ 2845.336091][ T3886]  ? create_io_thread+0xf0/0xf0
[ 2845.340963][ T3886]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2845.347221][ T3886]  ? lock_downgrade+0x6e0/0x6e0
[ 2845.352110][ T3886]  __do_sys_clone+0xba/0x100
[ 2845.356716][ T3886]  ? kernel_clone+0x980/0x980
[ 2845.361425][ T3886]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2845.367343][ T3886]  do_syscall_64+0x39/0xb0
[ 2845.371792][ T3886]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2845.377704][ T3886] RIP: 0033:0x7f8325a8d501
[ 2845.382126][ T3886] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2845.401745][ T3886] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2845.410168][ T3886] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2845.418150][ T3886] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
10:16:49 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x9000, @local}]}, 0x48}}, 0x0)

[ 2845.426129][ T3886] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2845.434108][ T3886] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2845.442089][ T3886] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2845.450090][ T3886]  </TASK>
[ 2845.464017][ T3886] memory: usage 307200kB, limit 307200kB, failcnt 67625
10:16:49 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0xff7f}, 0x0)

[ 2845.491459][ T3886] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2845.499537][ T3873] device macvtap1322 entered promiscuous mode
[ 2845.504365][ T3886] Memory cgroup stats for /syz2:
[ 2845.505806][ T3886] anon 90112
[ 2845.505806][ T3886] file 417792
[ 2845.505806][ T3886] kernel 314064896
[ 2845.505806][ T3886] kernel_stack 32768
[ 2845.505806][ T3886] pagetables 69632
[ 2845.505806][ T3886] sec_pagetables 0
[ 2845.505806][ T3886] percpu 5358784
[ 2845.505806][ T3886] sock 0
[ 2845.505806][ T3886] vmalloc 0
[ 2845.505806][ T3886] shmem 417792
[ 2845.505806][ T3886] zswap 0
[ 2845.505806][ T3886] zswapped 0
[ 2845.505806][ T3886] file_mapped 417792
[ 2845.505806][ T3886] file_dirty 0
[ 2845.505806][ T3886] file_writeback 0
[ 2845.505806][ T3886] swapcached 0
[ 2845.505806][ T3886] anon_thp 0
[ 2845.505806][ T3886] file_thp 0
[ 2845.505806][ T3886] shmem_thp 0
[ 2845.505806][ T3886] inactive_anon 94208
[ 2845.505806][ T3886] active_anon 413696
[ 2845.505806][ T3886] inactive_file 0
[ 2845.505806][ T3886] active_file 0
[ 2845.505806][ T3886] unevictable 0
[ 2845.505806][ T3886] slab_reclaimable 10424
[ 2845.505806][ T3886] slab_unreclaimable 308540976
[ 2845.619704][ T3886] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3886,uid=0
[ 2845.624815][ T3874] device macvtap1323 entered promiscuous mode
[ 2845.652327][ T3886] Memory cgroup out of memory: Killed process 3886 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2845.680815][ T3887] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2845.698949][ T3887] CPU: 0 PID: 3887 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2845.709313][ T3887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2845.719389][ T3887] Call Trace:
[ 2845.722686][ T3887]  <TASK>
[ 2845.725638][ T3887]  dump_stack_lvl+0xd1/0x138
[ 2845.730277][ T3887]  dump_header+0x10b/0x85f
[ 2845.734728][ T3887]  oom_kill_process.cold+0x10/0x15
[ 2845.739882][ T3887]  out_of_memory+0x35c/0x14a0
[ 2845.744609][ T3887]  ? oom_killer_disable+0x280/0x280
[ 2845.749845][ T3887]  ? find_held_lock+0x2d/0x110
[ 2845.754641][ T3887]  mem_cgroup_out_of_memory+0x206/0x270
[ 2845.760205][ T3887]  ? mem_cgroup_margin+0x130/0x130
[ 2845.765333][ T3887]  ? lock_downgrade+0x6e0/0x6e0
[ 2845.770227][ T3887]  try_charge_memcg+0xef8/0x12f0
[ 2845.775192][ T3887]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2845.781199][ T3887]  ? rcu_read_unlock+0x9/0x60
[ 2845.785889][ T3887]  ? lock_downgrade+0x6e0/0x6e0
[ 2845.790782][ T3887]  charge_memcg+0x99/0x3b0
[ 2845.795224][ T3887]  __mem_cgroup_charge+0x2b/0x90
[ 2845.800185][ T3887]  ? _compound_head+0x5d/0x150
[ 2845.804983][ T3887]  __handle_mm_fault+0x17e7/0x3a40
[ 2845.810119][ T3887]  ? vm_iomap_memory+0x190/0x190
[ 2845.815101][ T3887]  handle_mm_fault+0x1cc/0x780
[ 2845.819885][ T3887]  do_user_addr_fault+0x475/0x1210
[ 2845.825027][ T3887]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2845.830606][ T3887]  exc_page_fault+0x98/0x170
[ 2845.835215][ T3887]  asm_exc_page_fault+0x26/0x30
[ 2845.840086][ T3887] RIP: 0033:0x7f69a662be6a
[ 2845.844510][ T3887] Code: 30 48 8b 34 24 48 85 f6 74 17 8b 44 24 18 0f c8 89 c0 48 89 44 24 18 48 83 fe 01 0f 85 a1 01 00 00 48 8b 44 24 10 8b 74 24 18 <89> 30 e9 d2 fc ff ff 48 8b 44 24 10 8b 10 48 8b 04 24 48 85 c0 0f
[ 2845.864129][ T3887] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2845.870205][ T3887] RAX: 0000000020000200 RBX: 0000000000000000 RCX: 0000000000000000
[ 2845.878183][ T3887] RDX: 1b013dd590c50c23 RSI: 0000000000000014 RDI: 00005555574b22e8
[ 2845.886161][ T3887] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2845.894142][ T3887] R10: 00007f69a62002a8 R11: 0000000000000246 R12: 00000000002b6bb0
[ 2845.902120][ T3887] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2845.910120][ T3887]  </TASK>
10:16:50 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3b02}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

10:16:50 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x3d5}, 0x0)

[ 2845.956511][ T3876] device bridge539 entered promiscuous mode
[ 2845.995239][ T3877] device macvtap568 entered promiscuous mode
[ 2846.009391][ T3887] memory: usage 307200kB, limit 307200kB, failcnt 13732
[ 2846.016423][ T3887] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2846.023802][ T3887] Memory cgroup stats for /syz1:
[ 2846.024032][ T3887] anon 139264
[ 2846.024032][ T3887] file 393216
[ 2846.024032][ T3887] kernel 314040320
[ 2846.024032][ T3887] kernel_stack 65536
[ 2846.024032][ T3887] pagetables 81920
[ 2846.024032][ T3887] sec_pagetables 0
[ 2846.024032][ T3887] percpu 5356416
[ 2846.024032][ T3887] sock 0
[ 2846.024032][ T3887] vmalloc 0
[ 2846.024032][ T3887] shmem 385024
[ 2846.024032][ T3887] zswap 0
[ 2846.024032][ T3887] zswapped 0
[ 2846.024032][ T3887] file_mapped 385024
[ 2846.024032][ T3887] file_dirty 0
[ 2846.024032][ T3887] file_writeback 0
[ 2846.024032][ T3887] swapcached 0
[ 2846.024032][ T3887] anon_thp 0
[ 2846.024032][ T3887] file_thp 0
[ 2846.024032][ T3887] shmem_thp 0
[ 2846.024032][ T3887] inactive_anon 184320
[ 2846.024032][ T3887] active_anon 339968
[ 2846.024032][ T3887] inactive_file 4096
[ 2846.024032][ T3887] active_file 4096
[ 2846.024032][ T3887] unevictable 0
[ 2846.024032][ T3887] slab_reclaimable 16512
[ 2846.024032][ T3887] slab_unreclaimable 308481800
[ 2846.085730][ T3880] device macvtap569 entered promiscuous mode
[ 2846.125102][ T3887] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3887,uid=0
[ 2846.155580][ T3887] Memory cgroup out of memory: Killed process 3887 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
10:16:50 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xcd, 0x1, @local}]}, 0x48}}, 0x0)

[ 2846.200749][ T3883] device bridge451 entered promiscuous mode
[ 2846.245045][ T3895] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2846.266553][ T3895] CPU: 0 PID: 3895 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2846.276919][ T3895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2846.280724][ T3885] device macvtap469 entered promiscuous mode
[ 2846.286971][ T3895] Call Trace:
[ 2846.286982][ T3895]  <TASK>
[ 2846.286993][ T3895]  dump_stack_lvl+0xd1/0x138
[ 2846.287035][ T3895]  dump_header+0x10b/0x85f
[ 2846.308221][ T3895]  oom_kill_process.cold+0x10/0x15
[ 2846.313372][ T3895]  out_of_memory+0x35c/0x14a0
[ 2846.318093][ T3895]  ? find_held_lock+0x2d/0x110
[ 2846.322896][ T3895]  ? oom_killer_disable+0x280/0x280
[ 2846.328124][ T3895]  ? find_held_lock+0x2d/0x110
[ 2846.332920][ T3895]  mem_cgroup_out_of_memory+0x206/0x270
[ 2846.338489][ T3895]  ? mem_cgroup_margin+0x130/0x130
[ 2846.343629][ T3895]  ? lock_downgrade+0x6e0/0x6e0
[ 2846.348544][ T3895]  try_charge_memcg+0xef8/0x12f0
[ 2846.353534][ T3895]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2846.359551][ T3895]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2846.365299][ T3895]  ? lock_downgrade+0x6e0/0x6e0
[ 2846.370193][ T3895]  ? lock_downgrade+0x6e0/0x6e0
[ 2846.375105][ T3895]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2846.380695][ T3895]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2846.386889][ T3895]  copy_process+0x73e/0x7190
[ 2846.391523][ T3895]  ? __lock_acquire+0xbc3/0x56d0
[ 2846.396520][ T3895]  ? __cleanup_sighand+0xb0/0xb0
[ 2846.401491][ T3895]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2846.407522][ T3895]  ? psi_memstall_leave+0x174/0x250
[ 2846.412768][ T3895]  kernel_clone+0xeb/0x980
[ 2846.417219][ T3895]  ? create_io_thread+0xf0/0xf0
[ 2846.422108][ T3895]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2846.428384][ T3895]  ? lock_downgrade+0x6e0/0x6e0
[ 2846.433297][ T3895]  __do_sys_clone+0xba/0x100
[ 2846.437927][ T3895]  ? kernel_clone+0x980/0x980
10:16:50 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x2901}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

10:16:50 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x9100, @local}]}, 0x48}}, 0x0)

[ 2846.442656][ T3895]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2846.448594][ T3895]  do_syscall_64+0x39/0xb0
[ 2846.453053][ T3895]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2846.458982][ T3895] RIP: 0033:0x7f8325a8d501
[ 2846.463427][ T3895] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2846.483060][ T3895] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2846.491504][ T3895] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2846.499499][ T3895] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2846.507491][ T3895] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2846.515493][ T3895] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2846.523491][ T3895] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2846.531526][ T3895]  </TASK>
[ 2846.552686][ T3895] memory: usage 307188kB, limit 307200kB, failcnt 67774
[ 2846.560246][ T3895] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2846.567133][ T3895] Memory cgroup stats for /syz2:
[ 2846.567339][ T3895] anon 90112
[ 2846.567339][ T3895] file 417792
[ 2846.567339][ T3895] kernel 314052608
[ 2846.567339][ T3895] kernel_stack 32768
[ 2846.567339][ T3895] pagetables 69632
[ 2846.567339][ T3895] sec_pagetables 0
[ 2846.567339][ T3895] percpu 5358784
[ 2846.567339][ T3895] sock 0
[ 2846.567339][ T3895] vmalloc 0
[ 2846.567339][ T3895] shmem 417792
[ 2846.567339][ T3895] zswap 0
[ 2846.567339][ T3895] zswapped 0
[ 2846.567339][ T3895] file_mapped 417792
[ 2846.567339][ T3895] file_dirty 0
[ 2846.567339][ T3895] file_writeback 0
[ 2846.567339][ T3895] swapcached 0
[ 2846.567339][ T3895] anon_thp 0
[ 2846.567339][ T3895] file_thp 0
[ 2846.567339][ T3895] shmem_thp 0
[ 2846.567339][ T3895] inactive_anon 94208
[ 2846.567339][ T3895] active_anon 413696
[ 2846.567339][ T3895] inactive_file 0
[ 2846.567339][ T3895] active_file 0
[ 2846.567339][ T3895] unevictable 0
[ 2846.567339][ T3895] slab_reclaimable 10424
[ 2846.567339][ T3895] slab_unreclaimable 308529576
[ 2846.615140][ T3890] device bridge1791 entered promiscuous mode
[ 2846.671382][ T3895] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3895,uid=0
[ 2846.687339][ T3895] Memory cgroup out of memory: Killed process 3895 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
10:16:50 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3b03}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2846.790891][ T3901] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2846.811493][ T3901] CPU: 1 PID: 3901 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2846.821865][ T3901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2846.831944][ T3901] Call Trace:
[ 2846.835244][ T3901]  <TASK>
[ 2846.838195][ T3901]  dump_stack_lvl+0xd1/0x138
[ 2846.842827][ T3901]  dump_header+0x10b/0x85f
[ 2846.847279][ T3901]  oom_kill_process.cold+0x10/0x15
[ 2846.852427][ T3901]  out_of_memory+0x35c/0x14a0
[ 2846.857142][ T3901]  ? find_held_lock+0x2d/0x110
[ 2846.861945][ T3901]  ? oom_killer_disable+0x280/0x280
[ 2846.867187][ T3901]  ? find_held_lock+0x2d/0x110
[ 2846.871989][ T3901]  mem_cgroup_out_of_memory+0x206/0x270
[ 2846.877560][ T3901]  ? mem_cgroup_margin+0x130/0x130
[ 2846.882701][ T3901]  ? lock_downgrade+0x6e0/0x6e0
[ 2846.887617][ T3901]  try_charge_memcg+0xef8/0x12f0
[ 2846.892607][ T3901]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2846.892781][ T3891] device macvtap2181 entered promiscuous mode
[ 2846.898604][ T3901]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2846.898641][ T3901]  ? lock_downgrade+0x6e0/0x6e0
[ 2846.898710][ T3901]  obj_cgroup_charge+0x2af/0x5e0
[ 2846.898753][ T3901]  ? __anon_vma_prepare+0x64/0x580
[ 2846.898782][ T3901]  kmem_cache_alloc+0xa3/0x3d0
[ 2846.898828][ T3901]  __anon_vma_prepare+0x64/0x580
[ 2846.935195][ T3901]  ? __pmd_alloc+0x30c/0x5d0
[ 2846.939824][ T3901]  __handle_mm_fault+0x35bc/0x3a40
[ 2846.944976][ T3901]  ? vm_iomap_memory+0x190/0x190
[ 2846.949976][ T3901]  handle_mm_fault+0x1cc/0x780
[ 2846.954775][ T3901]  do_user_addr_fault+0x475/0x1210
[ 2846.959944][ T3901]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2846.965536][ T3901]  exc_page_fault+0x98/0x170
[ 2846.970161][ T3901]  asm_exc_page_fault+0x26/0x30
[ 2846.975047][ T3901] RIP: 0033:0x7f69a662bd79
[ 2846.979485][ T3901] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2846.999118][ T3901] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2847.005211][ T3901] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2847.013203][ T3901] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2847.021192][ T3901] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2847.023706][ T3892] device macvtap2182 entered promiscuous mode
[ 2847.029157][ T3901] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b6ff1
[ 2847.029178][ T3901] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2847.029222][ T3901]  </TASK>
[ 2847.054835][ T3901] memory: usage 307200kB, limit 307200kB, failcnt 13875
[ 2847.062251][ T3901] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2847.072396][ T3901] Memory cgroup stats for /syz1:
[ 2847.072643][ T3901] anon 135168
[ 2847.072643][ T3901] file 393216
[ 2847.072643][ T3901] kernel 314044416
[ 2847.072643][ T3901] kernel_stack 65536
[ 2847.072643][ T3901] pagetables 81920
[ 2847.072643][ T3901] sec_pagetables 0
[ 2847.072643][ T3901] percpu 5356416
[ 2847.072643][ T3901] sock 0
[ 2847.072643][ T3901] vmalloc 0
[ 2847.072643][ T3901] shmem 385024
[ 2847.072643][ T3901] zswap 0
[ 2847.072643][ T3901] zswapped 0
[ 2847.072643][ T3901] file_mapped 385024
[ 2847.072643][ T3901] file_dirty 0
[ 2847.072643][ T3901] file_writeback 0
[ 2847.072643][ T3901] swapcached 0
[ 2847.072643][ T3901] anon_thp 0
[ 2847.072643][ T3901] file_thp 0
[ 2847.072643][ T3901] shmem_thp 0
[ 2847.072643][ T3901] inactive_anon 180224
[ 2847.072643][ T3901] active_anon 339968
[ 2847.072643][ T3901] inactive_file 4096
[ 2847.072643][ T3901] active_file 4096
[ 2847.072643][ T3901] unevictable 0
[ 2847.072643][ T3901] slab_reclaimable 16512
[ 2847.072643][ T3901] slab_unreclaimable 308480480
[ 2847.172709][ T3901] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3901,uid=0
10:16:51 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x9200, @local}]}, 0x48}}, 0x0)

[ 2847.226611][ T3901] Memory cgroup out of memory: Killed process 3901 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2847.245115][ T3894] __nla_validate_parse: 8 callbacks suppressed
[ 2847.245150][ T3894] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2847.272444][ T3907] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2847.282960][ T3907] CPU: 0 PID: 3907 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2847.293324][ T3907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2847.303399][ T3907] Call Trace:
[ 2847.306694][ T3907]  <TASK>
[ 2847.309644][ T3907]  dump_stack_lvl+0xd1/0x138
[ 2847.314275][ T3907]  dump_header+0x10b/0x85f
[ 2847.318740][ T3907]  oom_kill_process.cold+0x10/0x15
[ 2847.323891][ T3907]  out_of_memory+0x35c/0x14a0
[ 2847.328615][ T3907]  ? find_held_lock+0x2d/0x110
[ 2847.333418][ T3907]  ? oom_killer_disable+0x280/0x280
[ 2847.338646][ T3907]  ? find_held_lock+0x2d/0x110
[ 2847.343460][ T3907]  mem_cgroup_out_of_memory+0x206/0x270
[ 2847.349058][ T3907]  ? mem_cgroup_margin+0x130/0x130
[ 2847.354201][ T3907]  ? lock_downgrade+0x6e0/0x6e0
[ 2847.359120][ T3907]  try_charge_memcg+0xef8/0x12f0
[ 2847.364099][ T3907]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2847.370113][ T3907]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2847.375873][ T3907]  ? lock_downgrade+0x6e0/0x6e0
[ 2847.380773][ T3907]  ? lock_downgrade+0x6e0/0x6e0
[ 2847.385684][ T3907]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2847.391276][ T3907]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2847.397473][ T3907]  copy_process+0x73e/0x7190
[ 2847.402102][ T3907]  ? __lock_acquire+0xbc3/0x56d0
[ 2847.407087][ T3907]  ? __cleanup_sighand+0xb0/0xb0
[ 2847.412044][ T3907]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2847.418071][ T3907]  ? psi_memstall_leave+0x174/0x250
[ 2847.423316][ T3907]  kernel_clone+0xeb/0x980
[ 2847.427766][ T3907]  ? create_io_thread+0xf0/0xf0
[ 2847.432650][ T3907]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2847.438923][ T3907]  ? lock_downgrade+0x6e0/0x6e0
[ 2847.443834][ T3907]  __do_sys_clone+0xba/0x100
[ 2847.448457][ T3907]  ? kernel_clone+0x980/0x980
[ 2847.453185][ T3907]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2847.459118][ T3907]  do_syscall_64+0x39/0xb0
[ 2847.463574][ T3907]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2847.469508][ T3907] RIP: 0033:0x7f8325a8d501
[ 2847.469551][ T3894] device bridge1332 entered promiscuous mode
[ 2847.473930][ T3907] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2847.473960][ T3907] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2847.473991][ T3907] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2847.474010][ T3907] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
10:16:51 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0xfffe}, 0x0)

[ 2847.474031][ T3907] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2847.531940][ T3907] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2847.533635][ T3898] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2847.539918][ T3907] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2847.539964][ T3907]  </TASK>
[ 2847.547205][ T3907] memory: usage 307200kB, limit 307200kB, failcnt 67911
[ 2847.594022][ T3907] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2847.604250][ T3907] Memory cgroup stats for /syz2:
[ 2847.605415][ T3907] anon 90112
[ 2847.605415][ T3907] file 417792
[ 2847.605415][ T3907] kernel 314064896
[ 2847.605415][ T3907] kernel_stack 32768
[ 2847.605415][ T3907] pagetables 69632
[ 2847.605415][ T3907] sec_pagetables 0
[ 2847.605415][ T3907] percpu 5358784
[ 2847.605415][ T3907] sock 0
[ 2847.605415][ T3907] vmalloc 0
[ 2847.605415][ T3907] shmem 417792
[ 2847.605415][ T3907] zswap 0
[ 2847.605415][ T3907] zswapped 0
[ 2847.605415][ T3907] file_mapped 417792
[ 2847.605415][ T3907] file_dirty 0
[ 2847.605415][ T3907] file_writeback 0
[ 2847.605415][ T3907] swapcached 0
[ 2847.605415][ T3907] anon_thp 0
[ 2847.605415][ T3907] file_thp 0
[ 2847.605415][ T3907] shmem_thp 0
[ 2847.605415][ T3907] inactive_anon 94208
[ 2847.605415][ T3907] active_anon 413696
[ 2847.605415][ T3907] inactive_file 0
[ 2847.605415][ T3907] active_file 0
[ 2847.605415][ T3907] unevictable 0
[ 2847.605415][ T3907] slab_reclaimable 10424
[ 2847.605415][ T3907] slab_unreclaimable 308529576
[ 2847.621583][ T3898] device bridge540 entered promiscuous mode
[ 2847.718172][ T3907] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3907,uid=0
10:16:51 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3c00}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2847.734697][ T3907] Memory cgroup out of memory: Killed process 3907 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2847.777743][ T3899] device macvtap1323 entered promiscuous mode
10:16:52 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x3d5}, 0x0)

[ 2847.809935][ T3908] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2847.842627][ T3904] device macvtap570 entered promiscuous mode
[ 2847.847469][ T3908] CPU: 1 PID: 3908 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2847.858964][ T3908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2847.869036][ T3908] Call Trace:
[ 2847.872327][ T3908]  <TASK>
[ 2847.875282][ T3908]  dump_stack_lvl+0xd1/0x138
[ 2847.879905][ T3908]  dump_header+0x10b/0x85f
[ 2847.884362][ T3908]  oom_kill_process.cold+0x10/0x15
[ 2847.889515][ T3908]  out_of_memory+0x35c/0x14a0
[ 2847.892204][ T3917] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2847.894217][ T3908]  ? find_held_lock+0x2d/0x110
[ 2847.894264][ T3908]  ? oom_killer_disable+0x280/0x280
[ 2847.894303][ T3908]  ? find_held_lock+0x2d/0x110
[ 2847.918210][ T3908]  mem_cgroup_out_of_memory+0x206/0x270
[ 2847.923791][ T3908]  ? mem_cgroup_margin+0x130/0x130
[ 2847.928930][ T3908]  ? lock_downgrade+0x6e0/0x6e0
[ 2847.933837][ T3908]  try_charge_memcg+0xef8/0x12f0
[ 2847.933879][ T3917] device bridge1333 entered promiscuous mode
[ 2847.938797][ T3908]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2847.938846][ T3908]  ? rcu_read_unlock+0x9/0x60
[ 2847.938873][ T3908]  ? lock_downgrade+0x6e0/0x6e0
[ 2847.938930][ T3908]  charge_memcg+0x99/0x3b0
[ 2847.964786][ T3908]  __mem_cgroup_charge+0x2b/0x90
[ 2847.969785][ T3908]  ? _compound_head+0x5d/0x150
[ 2847.974596][ T3908]  __handle_mm_fault+0x17e7/0x3a40
[ 2847.979756][ T3908]  ? vm_iomap_memory+0x190/0x190
[ 2847.984765][ T3908]  handle_mm_fault+0x1cc/0x780
[ 2847.989567][ T3908]  do_user_addr_fault+0x475/0x1210
[ 2847.994720][ T3908]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2848.000313][ T3908]  exc_page_fault+0x98/0x170
[ 2848.004939][ T3908]  asm_exc_page_fault+0x26/0x30
[ 2848.009841][ T3908] RIP: 0033:0x7f69a662bd79
[ 2848.014285][ T3908] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2848.033924][ T3908] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2848.040018][ T3908] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2848.048018][ T3908] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2848.056012][ T3908] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2848.064007][ T3908] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b73fe
[ 2848.072004][ T3908] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2848.080023][ T3908]  </TASK>
[ 2848.086904][ T3908] memory: usage 307200kB, limit 307200kB, failcnt 13969
[ 2848.094451][ T3908] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2848.101498][ T3908] Memory cgroup stats for /syz1:
[ 2848.101732][ T3908] anon 135168
[ 2848.101732][ T3908] file 393216
[ 2848.101732][ T3908] kernel 314044416
[ 2848.101732][ T3908] kernel_stack 65536
[ 2848.101732][ T3908] pagetables 81920
[ 2848.101732][ T3908] sec_pagetables 0
[ 2848.101732][ T3908] percpu 5356416
[ 2848.101732][ T3908] sock 0
[ 2848.101732][ T3908] vmalloc 0
[ 2848.101732][ T3908] shmem 385024
[ 2848.101732][ T3908] zswap 0
[ 2848.101732][ T3908] zswapped 0
[ 2848.101732][ T3908] file_mapped 385024
[ 2848.101732][ T3908] file_dirty 0
[ 2848.101732][ T3908] file_writeback 0
[ 2848.101732][ T3908] swapcached 0
[ 2848.101732][ T3908] anon_thp 0
[ 2848.101732][ T3908] file_thp 0
[ 2848.101732][ T3908] shmem_thp 0
[ 2848.101732][ T3908] inactive_anon 180224
[ 2848.101732][ T3908] active_anon 339968
[ 2848.101732][ T3908] inactive_file 0
[ 2848.101732][ T3908] active_file 8192
[ 2848.101732][ T3908] unevictable 0
[ 2848.101732][ T3908] slab_reclaimable 16512
[ 2848.101732][ T3908] slab_unreclaimable 308480880
[ 2848.112776][ T3917] device macvtap1324 entered promiscuous mode
[ 2848.197966][ T3908] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3908,uid=0
[ 2848.218000][ T3908] Memory cgroup out of memory: Killed process 3908 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2848.242158][ T3915] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2848.272286][ T3905] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2848.273932][ T3915] CPU: 1 PID: 3915 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2848.291909][ T3915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2848.301977][ T3915] Call Trace:
[ 2848.305275][ T3915]  <TASK>
[ 2848.308227][ T3915]  dump_stack_lvl+0xd1/0x138
[ 2848.312856][ T3915]  dump_header+0x10b/0x85f
[ 2848.317310][ T3915]  oom_kill_process.cold+0x10/0x15
[ 2848.322457][ T3915]  out_of_memory+0x35c/0x14a0
[ 2848.327176][ T3915]  ? find_held_lock+0x2d/0x110
[ 2848.331986][ T3915]  ? oom_killer_disable+0x280/0x280
[ 2848.337224][ T3915]  ? find_held_lock+0x2d/0x110
[ 2848.342026][ T3915]  mem_cgroup_out_of_memory+0x206/0x270
[ 2848.347592][ T3915]  ? mem_cgroup_margin+0x130/0x130
[ 2848.352719][ T3915]  ? lock_downgrade+0x6e0/0x6e0
[ 2848.357616][ T3915]  try_charge_memcg+0xef8/0x12f0
[ 2848.362584][ T3915]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2848.368587][ T3915]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2848.374323][ T3915]  ? lock_downgrade+0x6e0/0x6e0
[ 2848.379206][ T3915]  ? lock_downgrade+0x6e0/0x6e0
[ 2848.384102][ T3915]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2848.389673][ T3915]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2848.395853][ T3915]  copy_process+0x73e/0x7190
[ 2848.400465][ T3915]  ? __lock_acquire+0xbc3/0x56d0
[ 2848.405442][ T3915]  ? __cleanup_sighand+0xb0/0xb0
[ 2848.410394][ T3915]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2848.416407][ T3915]  ? psi_memstall_leave+0x174/0x250
[ 2848.421638][ T3915]  kernel_clone+0xeb/0x980
[ 2848.426076][ T3915]  ? create_io_thread+0xf0/0xf0
[ 2848.430947][ T3915]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2848.437294][ T3915]  ? lock_downgrade+0x6e0/0x6e0
[ 2848.442186][ T3915]  __do_sys_clone+0xba/0x100
[ 2848.446797][ T3915]  ? kernel_clone+0x980/0x980
[ 2848.451506][ T3915]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2848.457425][ T3915]  do_syscall_64+0x39/0xb0
[ 2848.461867][ T3915]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2848.467780][ T3915] RIP: 0033:0x7f8325a8d501
[ 2848.472204][ T3915] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2848.491840][ T3915] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2848.500278][ T3915] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2848.508263][ T3915] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
10:16:52 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x9300, @local}]}, 0x48}}, 0x0)

[ 2848.516245][ T3915] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2848.524227][ T3915] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2848.532207][ T3915] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2848.540207][ T3915]  </TASK>
[ 2848.547747][ T3915] memory: usage 307200kB, limit 307200kB, failcnt 68012
[ 2848.569862][ T3915] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2848.580006][ T3905] macvtap571: default qdisc (pfifo_fast) fail, fallback to noqueue
[ 2848.591579][ T3915] Memory cgroup stats for /syz2:
[ 2848.591809][ T3915] anon 90112
[ 2848.591809][ T3915] file 417792
[ 2848.591809][ T3915] kernel 314064896
[ 2848.591809][ T3915] kernel_stack 32768
[ 2848.591809][ T3915] pagetables 69632
[ 2848.591809][ T3915] sec_pagetables 0
[ 2848.591809][ T3915] percpu 5358784
[ 2848.591809][ T3915] sock 0
[ 2848.591809][ T3915] vmalloc 0
[ 2848.591809][ T3915] shmem 417792
[ 2848.591809][ T3915] zswap 0
[ 2848.591809][ T3915] zswapped 0
[ 2848.591809][ T3915] file_mapped 417792
[ 2848.591809][ T3915] file_dirty 0
[ 2848.591809][ T3915] file_writeback 0
[ 2848.591809][ T3915] swapcached 0
[ 2848.591809][ T3915] anon_thp 0
[ 2848.591809][ T3915] file_thp 0
[ 2848.591809][ T3915] shmem_thp 0
[ 2848.591809][ T3915] inactive_anon 94208
[ 2848.591809][ T3915] active_anon 413696
[ 2848.591809][ T3915] inactive_file 0
[ 2848.591809][ T3915] active_file 0
[ 2848.591809][ T3915] unevictable 0
[ 2848.591809][ T3915] slab_reclaimable 10424
[ 2848.591809][ T3915] slab_unreclaimable 308529576
[ 2848.648101][ T3905] device macvtap571 entered promiscuous mode
[ 2848.689892][ T3915] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3915,uid=0
10:16:52 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xcd, 0x1, @local}]}, 0x48}}, 0x0)

10:16:52 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xc7, 0x1, @local}]}, 0x48}}, 0x0)

[ 2848.720830][ T3902] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2848.735481][ T3911] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2848.751461][ T3915] Memory cgroup out of memory: Killed process 3915 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
10:16:53 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3c01}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2848.807086][ T3911] device bridge1792 entered promiscuous mode
[ 2848.815263][ T3919] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2848.857171][ T3919] CPU: 1 PID: 3919 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2848.867545][ T3919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2848.877621][ T3919] Call Trace:
[ 2848.880918][ T3919]  <TASK>
[ 2848.883867][ T3919]  dump_stack_lvl+0xd1/0x138
[ 2848.888501][ T3919]  dump_header+0x10b/0x85f
[ 2848.892952][ T3919]  oom_kill_process.cold+0x10/0x15
[ 2848.898091][ T3919]  out_of_memory+0x35c/0x14a0
[ 2848.902820][ T3919]  ? oom_killer_disable+0x280/0x280
[ 2848.908056][ T3919]  ? find_held_lock+0x2d/0x110
[ 2848.912865][ T3919]  mem_cgroup_out_of_memory+0x206/0x270
[ 2848.918449][ T3919]  ? mem_cgroup_margin+0x130/0x130
[ 2848.923594][ T3919]  ? lock_downgrade+0x6e0/0x6e0
[ 2848.928508][ T3919]  try_charge_memcg+0xef8/0x12f0
[ 2848.933499][ T3919]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2848.939527][ T3919]  ? rcu_read_unlock+0x9/0x60
[ 2848.944219][ T3919]  ? lock_downgrade+0x6e0/0x6e0
[ 2848.949125][ T3919]  charge_memcg+0x99/0x3b0
[ 2848.953576][ T3919]  __mem_cgroup_charge+0x2b/0x90
[ 2848.958534][ T3919]  ? _compound_head+0x5d/0x150
[ 2848.963324][ T3919]  __handle_mm_fault+0x17e7/0x3a40
[ 2848.968459][ T3919]  ? vm_iomap_memory+0x190/0x190
[ 2848.973435][ T3919]  handle_mm_fault+0x1cc/0x780
[ 2848.978218][ T3919]  do_user_addr_fault+0x475/0x1210
[ 2848.983353][ T3919]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2848.988945][ T3919]  exc_page_fault+0x98/0x170
[ 2848.993642][ T3919]  asm_exc_page_fault+0x26/0x30
[ 2848.998513][ T3919] RIP: 0033:0x7f69a662bd79
[ 2849.002936][ T3919] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2849.022559][ T3919] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2849.028639][ T3919] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2849.036618][ T3919] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2849.044624][ T3919] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2849.052609][ T3919] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b77b7
[ 2849.060593][ T3919] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2849.068599][ T3919]  </TASK>
[ 2849.099251][ T3913] device macvtap2182 entered promiscuous mode
[ 2849.127298][ T3919] memory: usage 307200kB, limit 307200kB, failcnt 14026
[ 2849.134510][ T3919] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2849.142168][ T3919] Memory cgroup stats for /syz1:
[ 2849.142412][ T3919] anon 135168
[ 2849.142412][ T3919] file 393216
[ 2849.142412][ T3919] kernel 314044416
[ 2849.142412][ T3919] kernel_stack 65536
[ 2849.142412][ T3919] pagetables 81920
[ 2849.142412][ T3919] sec_pagetables 0
[ 2849.142412][ T3919] percpu 5356416
[ 2849.142412][ T3919] sock 0
[ 2849.142412][ T3919] vmalloc 0
[ 2849.142412][ T3919] shmem 385024
[ 2849.142412][ T3919] zswap 0
[ 2849.142412][ T3919] zswapped 0
[ 2849.142412][ T3919] file_mapped 385024
[ 2849.142412][ T3919] file_dirty 0
[ 2849.142412][ T3919] file_writeback 0
[ 2849.142412][ T3919] swapcached 0
[ 2849.142412][ T3919] anon_thp 0
[ 2849.142412][ T3919] file_thp 0
[ 2849.142412][ T3919] shmem_thp 0
[ 2849.142412][ T3919] inactive_anon 180224
[ 2849.142412][ T3919] active_anon 339968
[ 2849.142412][ T3919] inactive_file 4096
[ 2849.142412][ T3919] active_file 4096
[ 2849.142412][ T3919] unevictable 0
[ 2849.142412][ T3919] slab_reclaimable 16512
[ 2849.142412][ T3919] slab_unreclaimable 308480880
[ 2849.183505][ T3914] device macvtap2183 entered promiscuous mode
[ 2849.243734][ T3919] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3919,uid=0
[ 2849.262047][ T3919] Memory cgroup out of memory: Killed process 3919 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2849.293948][ T3926] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2849.304987][ T3926] CPU: 0 PID: 3926 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2849.315347][ T3926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2849.325423][ T3926] Call Trace:
[ 2849.328719][ T3926]  <TASK>
[ 2849.331661][ T3926]  dump_stack_lvl+0xd1/0x138
[ 2849.336262][ T3926]  dump_header+0x10b/0x85f
[ 2849.340702][ T3926]  oom_kill_process.cold+0x10/0x15
[ 2849.345828][ T3926]  out_of_memory+0x35c/0x14a0
[ 2849.350505][ T3926]  ? find_held_lock+0x2d/0x110
[ 2849.355271][ T3926]  ? oom_killer_disable+0x280/0x280
[ 2849.360484][ T3926]  ? find_held_lock+0x2d/0x110
[ 2849.365293][ T3926]  mem_cgroup_out_of_memory+0x206/0x270
[ 2849.370874][ T3926]  ? mem_cgroup_margin+0x130/0x130
[ 2849.376014][ T3926]  ? lock_downgrade+0x6e0/0x6e0
[ 2849.380926][ T3926]  try_charge_memcg+0xef8/0x12f0
[ 2849.385908][ T3926]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2849.391916][ T3926]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2849.397668][ T3926]  ? lock_downgrade+0x6e0/0x6e0
[ 2849.402553][ T3926]  ? lock_downgrade+0x6e0/0x6e0
[ 2849.407429][ T3926]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2849.413024][ T3926]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2849.419215][ T3926]  copy_process+0x73e/0x7190
[ 2849.423845][ T3926]  ? __lock_acquire+0xbc3/0x56d0
[ 2849.428840][ T3926]  ? __cleanup_sighand+0xb0/0xb0
[ 2849.433809][ T3926]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2849.439839][ T3926]  ? psi_memstall_leave+0x174/0x250
[ 2849.445064][ T3926]  kernel_clone+0xeb/0x980
[ 2849.449564][ T3926]  ? create_io_thread+0xf0/0xf0
[ 2849.454433][ T3926]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2849.460714][ T3926]  ? lock_downgrade+0x6e0/0x6e0
[ 2849.465623][ T3926]  __do_sys_clone+0xba/0x100
[ 2849.470427][ T3926]  ? kernel_clone+0x980/0x980
[ 2849.475150][ T3926]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2849.481084][ T3926]  do_syscall_64+0x39/0xb0
[ 2849.485541][ T3926]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2849.491466][ T3926] RIP: 0033:0x7f8325a8d501
[ 2849.495891][ T3926] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2849.515506][ T3926] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2849.523955][ T3926] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2849.531951][ T3926] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2849.539944][ T3926] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
10:16:53 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x9400, @local}]}, 0x48}}, 0x0)

[ 2849.547939][ T3926] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2849.555922][ T3926] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2849.563920][ T3926]  </TASK>
[ 2849.581163][ T3926] memory: usage 307200kB, limit 307200kB, failcnt 68101
[ 2849.600160][ T3926] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2849.616833][ T3926] Memory cgroup stats for /syz2:
[ 2849.617023][ T3926] anon 90112
[ 2849.617023][ T3926] file 417792
[ 2849.617023][ T3926] kernel 314064896
[ 2849.617023][ T3926] kernel_stack 32768
[ 2849.617023][ T3926] pagetables 69632
[ 2849.617023][ T3926] sec_pagetables 0
[ 2849.617023][ T3926] percpu 5358784
[ 2849.617023][ T3926] sock 0
[ 2849.617023][ T3926] vmalloc 0
[ 2849.617023][ T3926] shmem 417792
[ 2849.617023][ T3926] zswap 0
[ 2849.617023][ T3926] zswapped 0
[ 2849.617023][ T3926] file_mapped 417792
[ 2849.617023][ T3926] file_dirty 0
[ 2849.617023][ T3926] file_writeback 0
[ 2849.617023][ T3926] swapcached 0
[ 2849.617023][ T3926] anon_thp 0
[ 2849.617023][ T3926] file_thp 0
[ 2849.617023][ T3926] shmem_thp 0
[ 2849.617023][ T3926] inactive_anon 94208
[ 2849.617023][ T3926] active_anon 413696
[ 2849.617023][ T3926] inactive_file 0
[ 2849.617023][ T3926] active_file 0
[ 2849.617023][ T3926] unevictable 0
[ 2849.617023][ T3926] slab_reclaimable 10424
[ 2849.617023][ T3926] slab_unreclaimable 308529576
10:16:53 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x3ffff}, 0x0)

[ 2849.747305][ T3918] device macvtap1325 entered promiscuous mode
[ 2849.835140][ T3926] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3926,uid=0
[ 2849.852965][ T3926] Memory cgroup out of memory: Killed process 3926 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2849.870912][ T3924] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
10:16:54 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x9300, @local}]}, 0x48}}, 0x0)

[ 2849.881211][ T3932] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2849.907536][ T3932] CPU: 1 PID: 3932 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2849.917905][ T3932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2849.927977][ T3932] Call Trace:
[ 2849.931273][ T3932]  <TASK>
[ 2849.934219][ T3932]  dump_stack_lvl+0xd1/0x138
[ 2849.938852][ T3932]  dump_header+0x10b/0x85f
[ 2849.943302][ T3932]  oom_kill_process.cold+0x10/0x15
[ 2849.948463][ T3932]  out_of_memory+0x35c/0x14a0
[ 2849.953185][ T3932]  ? oom_killer_disable+0x280/0x280
[ 2849.958430][ T3932]  ? find_held_lock+0x2d/0x110
[ 2849.963246][ T3932]  mem_cgroup_out_of_memory+0x206/0x270
[ 2849.968827][ T3932]  ? mem_cgroup_margin+0x130/0x130
[ 2849.973967][ T3932]  ? lock_downgrade+0x6e0/0x6e0
[ 2849.978880][ T3932]  try_charge_memcg+0xef8/0x12f0
[ 2849.983865][ T3932]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2849.989892][ T3932]  ? rcu_read_unlock+0x9/0x60
[ 2849.994599][ T3932]  ? lock_downgrade+0x6e0/0x6e0
[ 2849.999516][ T3932]  charge_memcg+0x99/0x3b0
[ 2850.003979][ T3932]  __mem_cgroup_charge+0x2b/0x90
[ 2850.008956][ T3932]  ? _compound_head+0x5d/0x150
[ 2850.013766][ T3932]  __handle_mm_fault+0x17e7/0x3a40
[ 2850.018918][ T3932]  ? vm_iomap_memory+0x190/0x190
[ 2850.023916][ T3932]  handle_mm_fault+0x1cc/0x780
[ 2850.028717][ T3932]  do_user_addr_fault+0x475/0x1210
[ 2850.033867][ T3932]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2850.039460][ T3932]  exc_page_fault+0x98/0x170
[ 2850.044084][ T3932]  asm_exc_page_fault+0x26/0x30
[ 2850.048969][ T3932] RIP: 0033:0x7f69a662bd79
[ 2850.053493][ T3932] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2850.073130][ T3932] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
10:16:54 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3c02}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2850.079226][ T3932] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2850.087223][ T3932] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2850.095220][ T3932] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2850.103216][ T3932] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b7bc7
[ 2850.111214][ T3932] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2850.119232][ T3932]  </TASK>
[ 2850.144150][ T3924] device bridge541 entered promiscuous mode
[ 2850.159784][ T3925] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2850.185702][ T3925] device bridge452 entered promiscuous mode
[ 2850.217288][ T3927] device macvtap572 entered promiscuous mode
[ 2850.256421][ T3929] device macvtap470 entered promiscuous mode
[ 2850.271006][ T3928] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
10:16:54 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x2702}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2850.301735][ T3928] device macvtap573 entered promiscuous mode
[ 2850.316970][ T3931] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2850.340441][ T3932] memory: usage 307184kB, limit 307200kB, failcnt 14106
[ 2850.361228][ T3932] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2850.374155][ T3931] device macvtap471 entered promiscuous mode
[ 2850.379452][ T3932] Memory cgroup stats for /syz1:
[ 2850.381793][ T3932] anon 135168
[ 2850.381793][ T3932] file 393216
[ 2850.381793][ T3932] kernel 314028032
[ 2850.381793][ T3932] kernel_stack 65536
[ 2850.381793][ T3932] pagetables 81920
[ 2850.381793][ T3932] sec_pagetables 0
[ 2850.381793][ T3932] percpu 5356416
10:16:54 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xbf, 0x1, @local}]}, 0x48}}, 0x0)

[ 2850.381793][ T3932] sock 0
[ 2850.381793][ T3932] vmalloc 0
[ 2850.381793][ T3932] shmem 385024
[ 2850.381793][ T3932] zswap 0
[ 2850.381793][ T3932] zswapped 0
[ 2850.381793][ T3932] file_mapped 385024
[ 2850.381793][ T3932] file_dirty 0
[ 2850.381793][ T3932] file_writeback 0
[ 2850.381793][ T3932] swapcached 0
[ 2850.381793][ T3932] anon_thp 0
[ 2850.381793][ T3932] file_thp 0
[ 2850.381793][ T3932] shmem_thp 0
[ 2850.381793][ T3932] inactive_anon 180224
[ 2850.381793][ T3932] active_anon 339968
[ 2850.381793][ T3932] inactive_file 0
[ 2850.381793][ T3932] active_file 8192
[ 2850.381793][ T3932] unevictable 0
[ 2850.381793][ T3932] slab_reclaimable 16512
[ 2850.381793][ T3932] slab_unreclaimable 308469480
[ 2850.500039][ T3935] device bridge1793 entered promiscuous mode
[ 2850.528566][ T3932] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3932,uid=0
[ 2850.555426][ T3932] Memory cgroup out of memory: Killed process 3932 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
10:16:54 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x9500, @local}]}, 0x48}}, 0x0)

[ 2850.601673][ T3943] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2850.615288][ T3943] CPU: 1 PID: 3943 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2850.625650][ T3943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2850.635728][ T3943] Call Trace:
[ 2850.639024][ T3943]  <TASK>
[ 2850.641981][ T3943]  dump_stack_lvl+0xd1/0x138
[ 2850.646621][ T3943]  dump_header+0x10b/0x85f
[ 2850.651076][ T3943]  oom_kill_process.cold+0x10/0x15
[ 2850.653396][ T3936] device macvtap2183 entered promiscuous mode
[ 2850.656206][ T3943]  out_of_memory+0x35c/0x14a0
[ 2850.656250][ T3943]  ? find_held_lock+0x2d/0x110
[ 2850.671843][ T3943]  ? oom_killer_disable+0x280/0x280
[ 2850.677088][ T3943]  ? find_held_lock+0x2d/0x110
[ 2850.681891][ T3943]  mem_cgroup_out_of_memory+0x206/0x270
[ 2850.687458][ T3943]  ? mem_cgroup_margin+0x130/0x130
[ 2850.692593][ T3943]  ? lock_downgrade+0x6e0/0x6e0
[ 2850.697502][ T3943]  try_charge_memcg+0xef8/0x12f0
[ 2850.702492][ T3943]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2850.708518][ T3943]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2850.714278][ T3943]  ? lock_downgrade+0x6e0/0x6e0
[ 2850.719165][ T3943]  ? lock_downgrade+0x6e0/0x6e0
[ 2850.724082][ T3943]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2850.729676][ T3943]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2850.735870][ T3943]  copy_process+0x15ed/0x7190
[ 2850.740590][ T3943]  ? __lock_acquire+0xbc3/0x56d0
[ 2850.745590][ T3943]  ? __cleanup_sighand+0xb0/0xb0
[ 2850.750568][ T3943]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2850.756638][ T3943]  ? psi_memstall_leave+0x174/0x250
[ 2850.761884][ T3943]  kernel_clone+0xeb/0x980
[ 2850.766336][ T3943]  ? create_io_thread+0xf0/0xf0
[ 2850.771217][ T3943]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2850.777481][ T3943]  ? lock_downgrade+0x6e0/0x6e0
[ 2850.778429][ T3939] device macvtap2184 entered promiscuous mode
[ 2850.782366][ T3943]  __do_sys_clone+0xba/0x100
[ 2850.782401][ T3943]  ? kernel_clone+0x980/0x980
[ 2850.782449][ T3943]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2850.803639][ T3943]  do_syscall_64+0x39/0xb0
[ 2850.808069][ T3943]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2850.813987][ T3943] RIP: 0033:0x7f8325a8d501
[ 2850.818395][ T3943] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2850.837998][ T3943] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2850.846425][ T3943] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2850.854388][ T3943] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2850.862358][ T3943] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2850.870321][ T3943] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2850.878287][ T3943] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2850.886300][ T3943]  </TASK>
[ 2850.897934][ T3943] memory: usage 307200kB, limit 307200kB, failcnt 68204
[ 2850.908119][ T3943] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2850.924395][ T3943] Memory cgroup stats for /syz2:
[ 2850.924714][ T3943] anon 90112
[ 2850.924714][ T3943] file 417792
[ 2850.924714][ T3943] kernel 314048512
[ 2850.924714][ T3943] kernel_stack 32768
[ 2850.924714][ T3943] pagetables 69632
[ 2850.924714][ T3943] sec_pagetables 0
[ 2850.924714][ T3943] percpu 5358784
[ 2850.924714][ T3943] sock 0
[ 2850.924714][ T3943] vmalloc 0
[ 2850.924714][ T3943] shmem 417792
[ 2850.924714][ T3943] zswap 0
[ 2850.924714][ T3943] zswapped 0
[ 2850.924714][ T3943] file_mapped 417792
[ 2850.924714][ T3943] file_dirty 0
[ 2850.924714][ T3943] file_writeback 0
[ 2850.924714][ T3943] swapcached 0
[ 2850.924714][ T3943] anon_thp 0
[ 2850.924714][ T3943] file_thp 0
[ 2850.924714][ T3943] shmem_thp 0
[ 2850.924714][ T3943] inactive_anon 94208
[ 2850.924714][ T3943] active_anon 413696
[ 2850.924714][ T3943] inactive_file 0
[ 2850.924714][ T3943] active_file 0
[ 2850.924714][ T3943] unevictable 0
[ 2850.924714][ T3943] slab_reclaimable 10424
[ 2850.924714][ T3943] slab_unreclaimable 308518480
[ 2851.024345][ T3943] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3943,uid=0
10:16:55 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3c03}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

10:16:55 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x40000}, 0x0)

[ 2851.044860][ T3943] Memory cgroup out of memory: Killed process 3943 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2851.078453][ T3940] device bridge1334 entered promiscuous mode
[ 2851.157932][ T3951] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2851.183154][ T3951] CPU: 0 PID: 3951 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2851.193544][ T3951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2851.203626][ T3951] Call Trace:
[ 2851.206921][ T3951]  <TASK>
[ 2851.209869][ T3951]  dump_stack_lvl+0xd1/0x138
[ 2851.214499][ T3951]  dump_header+0x10b/0x85f
[ 2851.215571][ T3941] device macvtap1325 entered promiscuous mode
[ 2851.218926][ T3951]  oom_kill_process.cold+0x10/0x15
[ 2851.218964][ T3951]  out_of_memory+0x35c/0x14a0
[ 2851.234820][ T3951]  ? find_held_lock+0x2d/0x110
[ 2851.239629][ T3951]  ? oom_killer_disable+0x280/0x280
[ 2851.244871][ T3951]  ? find_held_lock+0x2d/0x110
[ 2851.249687][ T3951]  mem_cgroup_out_of_memory+0x206/0x270
[ 2851.255269][ T3951]  ? mem_cgroup_margin+0x130/0x130
[ 2851.260410][ T3951]  ? lock_downgrade+0x6e0/0x6e0
[ 2851.265325][ T3951]  try_charge_memcg+0xef8/0x12f0
[ 2851.270312][ T3951]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2851.276329][ T3951]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2851.282084][ T3951]  ? lock_downgrade+0x6e0/0x6e0
[ 2851.287011][ T3951]  obj_cgroup_charge+0x2af/0x5e0
[ 2851.291999][ T3951]  ? __anon_vma_prepare+0x64/0x580
[ 2851.297144][ T3951]  kmem_cache_alloc+0xa3/0x3d0
[ 2851.302041][ T3951]  __anon_vma_prepare+0x64/0x580
[ 2851.307014][ T3951]  ? __pmd_alloc+0x30c/0x5d0
[ 2851.311632][ T3951]  __handle_mm_fault+0x35bc/0x3a40
[ 2851.316771][ T3951]  ? vm_iomap_memory+0x190/0x190
[ 2851.321754][ T3951]  handle_mm_fault+0x1cc/0x780
[ 2851.326539][ T3951]  do_user_addr_fault+0x475/0x1210
[ 2851.331677][ T3951]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2851.337252][ T3951]  exc_page_fault+0x98/0x170
[ 2851.341869][ T3951]  asm_exc_page_fault+0x26/0x30
[ 2851.343513][ T3942] device macvtap1326 entered promiscuous mode
[ 2851.346751][ T3951] RIP: 0033:0x7f69a662bd79
[ 2851.346777][ T3951] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2851.346804][ T3951] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2851.346830][ T3951] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2851.390957][ T3951] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2851.398955][ T3951] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
10:16:55 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x2502}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2851.406953][ T3951] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b80fc
[ 2851.414949][ T3951] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2851.422974][ T3951]  </TASK>
[ 2851.457790][ T3951] memory: usage 307184kB, limit 307200kB, failcnt 14218
[ 2851.465081][ T3951] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2851.474028][ T3951] Memory cgroup stats for /syz1:
[ 2851.474269][ T3951] anon 135168
[ 2851.474269][ T3951] file 393216
[ 2851.474269][ T3951] kernel 314028032
[ 2851.474269][ T3951] kernel_stack 65536
[ 2851.474269][ T3951] pagetables 81920
[ 2851.474269][ T3951] sec_pagetables 0
[ 2851.474269][ T3951] percpu 5356416
[ 2851.474269][ T3951] sock 0
[ 2851.474269][ T3951] vmalloc 0
[ 2851.474269][ T3951] shmem 385024
[ 2851.474269][ T3951] zswap 0
[ 2851.474269][ T3951] zswapped 0
[ 2851.474269][ T3951] file_mapped 385024
[ 2851.474269][ T3951] file_dirty 0
[ 2851.474269][ T3951] file_writeback 0
[ 2851.474269][ T3951] swapcached 0
[ 2851.474269][ T3951] anon_thp 0
[ 2851.474269][ T3951] file_thp 0
[ 2851.474269][ T3951] shmem_thp 0
[ 2851.474269][ T3951] inactive_anon 180224
[ 2851.474269][ T3951] active_anon 339968
[ 2851.474269][ T3951] inactive_file 4096
[ 2851.474269][ T3951] active_file 4096
[ 2851.474269][ T3951] unevictable 0
[ 2851.474269][ T3951] slab_reclaimable 16512
[ 2851.474269][ T3951] slab_unreclaimable 308469080
[ 2851.495181][ T3945] device bridge542 entered promiscuous mode
[ 2851.572520][ T3951] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3951,uid=0
[ 2851.593074][ T3951] Memory cgroup out of memory: Killed process 3951 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2851.611687][ T3955] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2851.637527][ T3955] CPU: 0 PID: 3955 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2851.647893][ T3955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
10:16:55 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x9600, @local}]}, 0x48}}, 0x0)

[ 2851.657970][ T3955] Call Trace:
[ 2851.661279][ T3955]  <TASK>
[ 2851.664228][ T3955]  dump_stack_lvl+0xd1/0x138
[ 2851.668858][ T3955]  dump_header+0x10b/0x85f
[ 2851.673314][ T3955]  oom_kill_process.cold+0x10/0x15
[ 2851.678464][ T3955]  out_of_memory+0x35c/0x14a0
[ 2851.683188][ T3955]  ? oom_killer_disable+0x280/0x280
[ 2851.688441][ T3955]  ? find_held_lock+0x2d/0x110
[ 2851.693256][ T3955]  mem_cgroup_out_of_memory+0x206/0x270
[ 2851.698836][ T3955]  ? mem_cgroup_margin+0x130/0x130
[ 2851.703977][ T3955]  ? lock_downgrade+0x6e0/0x6e0
[ 2851.708900][ T3955]  try_charge_memcg+0xef8/0x12f0
[ 2851.713884][ T3955]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2851.719901][ T3955]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2851.725655][ T3955]  ? lock_downgrade+0x6e0/0x6e0
[ 2851.730554][ T3955]  ? lock_downgrade+0x6e0/0x6e0
[ 2851.735467][ T3955]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2851.741055][ T3955]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2851.747251][ T3955]  copy_process+0x73e/0x7190
[ 2851.751873][ T3955]  ? __lock_acquire+0xbc3/0x56d0
[ 2851.756852][ T3955]  ? __cleanup_sighand+0xb0/0xb0
[ 2851.761804][ T3955]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2851.767814][ T3955]  ? psi_memstall_leave+0x174/0x250
[ 2851.773047][ T3955]  kernel_clone+0xeb/0x980
[ 2851.777481][ T3955]  ? create_io_thread+0xf0/0xf0
[ 2851.782352][ T3955]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2851.788609][ T3955]  ? lock_downgrade+0x6e0/0x6e0
[ 2851.793498][ T3955]  __do_sys_clone+0xba/0x100
[ 2851.798105][ T3955]  ? kernel_clone+0x980/0x980
[ 2851.802810][ T3955]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2851.808726][ T3955]  do_syscall_64+0x39/0xb0
[ 2851.813163][ T3955]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2851.819076][ T3955] RIP: 0033:0x7f8325a8d501
[ 2851.823499][ T3955] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2851.843118][ T3955] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2851.851545][ T3955] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2851.859522][ T3955] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2851.867501][ T3955] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2851.875481][ T3955] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2851.883459][ T3955] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2851.891456][ T3955]  </TASK>
[ 2851.903643][ T3955] memory: usage 307200kB, limit 307200kB, failcnt 68265
[ 2851.912812][ T3955] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2851.921365][ T3955] Memory cgroup stats for /syz2:
[ 2851.921587][ T3955] anon 90112
[ 2851.921587][ T3955] file 417792
[ 2851.921587][ T3955] kernel 314048512
[ 2851.921587][ T3955] kernel_stack 32768
[ 2851.921587][ T3955] pagetables 69632
[ 2851.921587][ T3955] sec_pagetables 0
[ 2851.921587][ T3955] percpu 5358784
[ 2851.921587][ T3955] sock 0
[ 2851.921587][ T3955] vmalloc 0
[ 2851.921587][ T3955] shmem 417792
[ 2851.921587][ T3955] zswap 0
[ 2851.921587][ T3955] zswapped 0
[ 2851.921587][ T3955] file_mapped 417792
[ 2851.921587][ T3955] file_dirty 0
[ 2851.921587][ T3955] file_writeback 0
[ 2851.921587][ T3955] swapcached 0
[ 2851.921587][ T3955] anon_thp 0
[ 2851.921587][ T3955] file_thp 0
[ 2851.921587][ T3955] shmem_thp 0
[ 2851.921587][ T3955] inactive_anon 94208
[ 2851.921587][ T3955] active_anon 413696
[ 2851.921587][ T3955] inactive_file 0
[ 2851.921587][ T3955] active_file 0
[ 2851.921587][ T3955] unevictable 0
[ 2851.921587][ T3955] slab_reclaimable 10424
[ 2851.921587][ T3955] slab_unreclaimable 308518480
[ 2851.978198][ T3947] device macvtap574 entered promiscuous mode
[ 2852.028040][ T3955] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3955,uid=0
10:16:56 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3d00}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2852.055938][ T3955] Memory cgroup out of memory: Killed process 3955 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2852.110362][ T3963] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2852.121109][ T3948] device bridge453 entered promiscuous mode
[ 2852.139591][ T3963] CPU: 1 PID: 3963 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2852.149957][ T3963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2852.160038][ T3963] Call Trace:
[ 2852.163331][ T3963]  <TASK>
[ 2852.166276][ T3963]  dump_stack_lvl+0xd1/0x138
[ 2852.170906][ T3963]  dump_header+0x10b/0x85f
[ 2852.175358][ T3963]  oom_kill_process.cold+0x10/0x15
[ 2852.180502][ T3963]  out_of_memory+0x35c/0x14a0
[ 2852.185217][ T3963]  ? find_held_lock+0x2d/0x110
[ 2852.190024][ T3963]  ? oom_killer_disable+0x280/0x280
[ 2852.195260][ T3963]  ? find_held_lock+0x2d/0x110
[ 2852.200068][ T3963]  mem_cgroup_out_of_memory+0x206/0x270
[ 2852.205647][ T3963]  ? mem_cgroup_margin+0x130/0x130
[ 2852.210784][ T3963]  ? lock_downgrade+0x6e0/0x6e0
[ 2852.215697][ T3963]  try_charge_memcg+0xef8/0x12f0
[ 2852.220681][ T3963]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2852.226697][ T3963]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2852.232452][ T3963]  ? lock_downgrade+0x6e0/0x6e0
[ 2852.237370][ T3963]  obj_cgroup_charge+0x2af/0x5e0
[ 2852.242342][ T3963]  ? __anon_vma_prepare+0x64/0x580
[ 2852.247474][ T3963]  kmem_cache_alloc+0xa3/0x3d0
[ 2852.252268][ T3963]  __anon_vma_prepare+0x64/0x580
[ 2852.257217][ T3963]  ? __pmd_alloc+0x30c/0x5d0
[ 2852.261821][ T3963]  __handle_mm_fault+0x35bc/0x3a40
[ 2852.266956][ T3963]  ? vm_iomap_memory+0x190/0x190
[ 2852.271933][ T3963]  handle_mm_fault+0x1cc/0x780
[ 2852.276717][ T3963]  do_user_addr_fault+0x475/0x1210
[ 2852.281850][ T3963]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2852.287423][ T3963]  exc_page_fault+0x98/0x170
[ 2852.292032][ T3963]  asm_exc_page_fault+0x26/0x30
[ 2852.296901][ T3963] RIP: 0033:0x7f69a662bd79
[ 2852.301326][ T3963] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2852.320943][ T3963] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2852.327021][ T3963] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2852.334997][ T3963] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2852.342975][ T3963] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2852.350952][ T3963] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b84b7
[ 2852.358930][ T3963] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2852.366929][ T3963]  </TASK>
[ 2852.378730][ T3949] __nla_validate_parse: 4 callbacks suppressed
[ 2852.378749][ T3949] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2852.395025][ T3963] memory: usage 307200kB, limit 307200kB, failcnt 14327
[ 2852.395049][ T3963] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2852.395065][ T3963] Memory cgroup stats for /syz1:
[ 2852.395322][ T3963] anon 135168
[ 2852.395322][ T3963] file 393216
[ 2852.395322][ T3963] kernel 314044416
[ 2852.395322][ T3963] kernel_stack 65536
[ 2852.395322][ T3963] pagetables 81920
[ 2852.395322][ T3963] sec_pagetables 0
[ 2852.395322][ T3963] percpu 5356416
[ 2852.395322][ T3963] sock 0
[ 2852.395322][ T3963] vmalloc 0
[ 2852.395322][ T3963] shmem 385024
[ 2852.395322][ T3963] zswap 0
[ 2852.395322][ T3963] zswapped 0
[ 2852.395322][ T3963] file_mapped 385024
[ 2852.395322][ T3963] file_dirty 0
[ 2852.395322][ T3963] file_writeback 0
[ 2852.395322][ T3963] swapcached 0
[ 2852.395322][ T3963] anon_thp 0
[ 2852.395322][ T3963] file_thp 0
[ 2852.395322][ T3963] shmem_thp 0
[ 2852.395322][ T3963] inactive_anon 180224
[ 2852.395322][ T3963] active_anon 339968
[ 2852.395322][ T3963] inactive_file 0
[ 2852.395322][ T3963] active_file 8192
[ 2852.395322][ T3963] unevictable 0
[ 2852.395322][ T3963] slab_reclaimable 16512
[ 2852.395322][ T3963] slab_unreclaimable 308480480
[ 2852.487862][ T3949] device macvtap575 entered promiscuous mode
[ 2852.514230][ T3963] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3963,uid=0
[ 2852.534371][ T3963] Memory cgroup out of memory: Killed process 3963 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
10:16:56 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x9700, @local}]}, 0x48}}, 0x0)

[ 2852.563975][ T3967] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2852.585916][ T3967] CPU: 1 PID: 3967 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2852.596286][ T3967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2852.606349][ T3967] Call Trace:
[ 2852.609629][ T3967]  <TASK>
[ 2852.612565][ T3967]  dump_stack_lvl+0xd1/0x138
[ 2852.617177][ T3967]  dump_header+0x10b/0x85f
[ 2852.621610][ T3967]  oom_kill_process.cold+0x10/0x15
[ 2852.626739][ T3967]  out_of_memory+0x35c/0x14a0
[ 2852.631437][ T3967]  ? find_held_lock+0x2d/0x110
[ 2852.636224][ T3967]  ? oom_killer_disable+0x280/0x280
[ 2852.641440][ T3967]  ? find_held_lock+0x2d/0x110
[ 2852.646226][ T3967]  mem_cgroup_out_of_memory+0x206/0x270
[ 2852.651798][ T3967]  ? mem_cgroup_margin+0x130/0x130
[ 2852.656919][ T3967]  ? lock_downgrade+0x6e0/0x6e0
[ 2852.661808][ T3967]  try_charge_memcg+0xef8/0x12f0
[ 2852.666771][ T3967]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2852.672772][ T3967]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2852.678507][ T3967]  ? lock_downgrade+0x6e0/0x6e0
[ 2852.683393][ T3967]  ? lock_downgrade+0x6e0/0x6e0
[ 2852.688284][ T3967]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2852.693853][ T3967]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2852.700029][ T3967]  copy_process+0x73e/0x7190
[ 2852.704639][ T3967]  ? __lock_acquire+0xbc3/0x56d0
[ 2852.709632][ T3967]  ? __cleanup_sighand+0xb0/0xb0
[ 2852.714589][ T3967]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2852.720609][ T3967]  ? psi_memstall_leave+0x174/0x250
[ 2852.725840][ T3967]  kernel_clone+0xeb/0x980
[ 2852.730272][ T3967]  ? create_io_thread+0xf0/0xf0
[ 2852.735154][ T3967]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2852.741413][ T3967]  ? lock_downgrade+0x6e0/0x6e0
[ 2852.746305][ T3967]  __do_sys_clone+0xba/0x100
[ 2852.750908][ T3967]  ? kernel_clone+0x980/0x980
[ 2852.755614][ T3967]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2852.761528][ T3967]  do_syscall_64+0x39/0xb0
[ 2852.765965][ T3967]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2852.771875][ T3967] RIP: 0033:0x7f8325a8d501
[ 2852.776299][ T3967] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2852.795916][ T3967] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2852.804355][ T3967] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2852.812343][ T3967] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2852.820325][ T3967] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2852.828311][ T3967] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2852.836296][ T3967] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2852.844291][ T3967]  </TASK>
[ 2852.882770][ T3950] device macvtap472 entered promiscuous mode
[ 2852.889183][ T3967] memory: usage 307200kB, limit 307200kB, failcnt 68336
[ 2852.896270][ T3967] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2852.913589][ T3967] Memory cgroup stats for /syz2:
[ 2852.913815][ T3967] anon 90112
[ 2852.913815][ T3967] file 417792
[ 2852.913815][ T3967] kernel 314064896
[ 2852.913815][ T3967] kernel_stack 32768
10:16:57 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x2500}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2852.913815][ T3967] pagetables 69632
[ 2852.913815][ T3967] sec_pagetables 0
[ 2852.913815][ T3967] percpu 5358784
[ 2852.913815][ T3967] sock 0
[ 2852.913815][ T3967] vmalloc 0
[ 2852.913815][ T3967] shmem 417792
[ 2852.913815][ T3967] zswap 0
[ 2852.913815][ T3967] zswapped 0
[ 2852.913815][ T3967] file_mapped 417792
[ 2852.913815][ T3967] file_dirty 0
[ 2852.913815][ T3967] file_writeback 0
[ 2852.913815][ T3967] swapcached 0
[ 2852.913815][ T3967] anon_thp 0
[ 2852.913815][ T3967] file_thp 0
[ 2852.913815][ T3967] shmem_thp 0
[ 2852.913815][ T3967] inactive_anon 94208
[ 2852.913815][ T3967] active_anon 413696
[ 2852.913815][ T3967] inactive_file 0
[ 2852.913815][ T3967] active_file 0
[ 2852.913815][ T3967] unevictable 0
[ 2852.913815][ T3967] slab_reclaimable 10424
[ 2852.913815][ T3967] slab_unreclaimable 308529576
[ 2853.038910][ T3952] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2853.063429][ T3967] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3967,uid=0
10:16:57 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x2403}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2853.090364][ T3952] device macvtap473 entered promiscuous mode
[ 2853.103740][ T3957] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2853.113008][ T3967] Memory cgroup out of memory: Killed process 3967 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2853.122323][ T3968] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2853.157843][ T3968] CPU: 0 PID: 3968 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2853.168207][ T3968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2853.178268][ T3968] Call Trace:
[ 2853.181550][ T3968]  <TASK>
[ 2853.184487][ T3968]  dump_stack_lvl+0xd1/0x138
[ 2853.189101][ T3968]  dump_header+0x10b/0x85f
[ 2853.193539][ T3968]  oom_kill_process.cold+0x10/0x15
[ 2853.198668][ T3968]  out_of_memory+0x35c/0x14a0
[ 2853.203380][ T3968]  ? oom_killer_disable+0x280/0x280
[ 2853.208600][ T3968]  ? find_held_lock+0x2d/0x110
[ 2853.213395][ T3968]  mem_cgroup_out_of_memory+0x206/0x270
[ 2853.218959][ T3968]  ? mem_cgroup_margin+0x130/0x130
[ 2853.224082][ T3968]  ? lock_downgrade+0x6e0/0x6e0
[ 2853.228979][ T3968]  try_charge_memcg+0xef8/0x12f0
[ 2853.234034][ T3968]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2853.240043][ T3968]  ? rcu_read_unlock+0x9/0x60
[ 2853.244733][ T3968]  ? lock_downgrade+0x6e0/0x6e0
[ 2853.249629][ T3968]  charge_memcg+0x99/0x3b0
[ 2853.254070][ T3968]  __mem_cgroup_charge+0x2b/0x90
[ 2853.259029][ T3968]  ? _compound_head+0x5d/0x150
[ 2853.263824][ T3968]  __handle_mm_fault+0x17e7/0x3a40
[ 2853.268963][ T3968]  ? vm_iomap_memory+0x190/0x190
[ 2853.273940][ T3968]  handle_mm_fault+0x1cc/0x780
[ 2853.278723][ T3968]  do_user_addr_fault+0x475/0x1210
[ 2853.283855][ T3968]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2853.289435][ T3968]  exc_page_fault+0x98/0x170
[ 2853.294041][ T3968]  asm_exc_page_fault+0x26/0x30
[ 2853.298915][ T3968] RIP: 0033:0x7f69a662bd79
[ 2853.303338][ T3968] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2853.322959][ T3968] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2853.329039][ T3968] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
10:16:57 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3d01}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2853.337017][ T3968] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2853.344995][ T3968] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2853.352977][ T3968] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b8821
[ 2853.360955][ T3968] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2853.368955][ T3968]  </TASK>
[ 2853.420157][ T3957] device bridge1794 entered promiscuous mode
[ 2853.434360][ T3968] memory: usage 307200kB, limit 307200kB, failcnt 14370
[ 2853.470323][ T3968] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2853.505004][ T3968] Memory cgroup stats for /syz1:
[ 2853.505233][ T3968] anon 135168
[ 2853.505233][ T3968] file 393216
[ 2853.505233][ T3968] kernel 314044416
[ 2853.505233][ T3968] kernel_stack 65536
[ 2853.505233][ T3968] pagetables 81920
[ 2853.505233][ T3968] sec_pagetables 0
[ 2853.505233][ T3968] percpu 5356416
[ 2853.505233][ T3968] sock 0
[ 2853.505233][ T3968] vmalloc 0
[ 2853.505233][ T3968] shmem 385024
[ 2853.505233][ T3968] zswap 0
[ 2853.505233][ T3968] zswapped 0
[ 2853.505233][ T3968] file_mapped 385024
[ 2853.505233][ T3968] file_dirty 0
[ 2853.505233][ T3968] file_writeback 0
[ 2853.505233][ T3968] swapcached 0
[ 2853.505233][ T3968] anon_thp 0
[ 2853.505233][ T3968] file_thp 0
[ 2853.505233][ T3968] shmem_thp 0
[ 2853.505233][ T3968] inactive_anon 180224
[ 2853.505233][ T3968] active_anon 339968
[ 2853.505233][ T3968] inactive_file 4096
[ 2853.505233][ T3968] active_file 4096
[ 2853.505233][ T3968] unevictable 0
[ 2853.505233][ T3968] slab_reclaimable 16512
[ 2853.505233][ T3968] slab_unreclaimable 308480880
[ 2853.512389][ T3958] device macvtap2184 entered promiscuous mode
[ 2853.606146][ T3968] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3968,uid=0
[ 2853.627315][ T3968] Memory cgroup out of memory: Killed process 3968 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2853.652800][ T3976] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2853.654100][ T3960] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2853.674661][ T3976] CPU: 1 PID: 3976 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2853.685026][ T3976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2853.695104][ T3976] Call Trace:
[ 2853.698402][ T3976]  <TASK>
[ 2853.701356][ T3976]  dump_stack_lvl+0xd1/0x138
[ 2853.705989][ T3976]  dump_header+0x10b/0x85f
[ 2853.710443][ T3976]  oom_kill_process.cold+0x10/0x15
[ 2853.715592][ T3976]  out_of_memory+0x35c/0x14a0
[ 2853.720315][ T3976]  ? find_held_lock+0x2d/0x110
[ 2853.725131][ T3976]  ? oom_killer_disable+0x280/0x280
[ 2853.730368][ T3976]  ? find_held_lock+0x2d/0x110
[ 2853.735164][ T3976]  mem_cgroup_out_of_memory+0x206/0x270
[ 2853.740727][ T3976]  ? mem_cgroup_margin+0x130/0x130
[ 2853.745852][ T3976]  ? lock_downgrade+0x6e0/0x6e0
[ 2853.750745][ T3976]  try_charge_memcg+0xef8/0x12f0
[ 2853.755711][ T3976]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2853.761712][ T3976]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2853.767449][ T3976]  ? lock_downgrade+0x6e0/0x6e0
[ 2853.772339][ T3976]  ? lock_downgrade+0x6e0/0x6e0
[ 2853.777231][ T3976]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2853.782804][ T3976]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2853.788978][ T3976]  copy_process+0x15ed/0x7190
[ 2853.793674][ T3976]  ? wp_page_copy+0x311/0x1ca0
[ 2853.798483][ T3976]  ? __cleanup_sighand+0xb0/0xb0
[ 2853.803445][ T3976]  ? do_wp_page+0x1d9/0x1930
[ 2853.808051][ T3976]  kernel_clone+0xeb/0x980
[ 2853.812486][ T3976]  ? create_io_thread+0xf0/0xf0
[ 2853.817364][ T3976]  ? find_held_lock+0x2d/0x110
[ 2853.822163][ T3976]  __do_sys_clone+0xba/0x100
[ 2853.826770][ T3976]  ? kernel_clone+0x980/0x980
[ 2853.831478][ T3976]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2853.837394][ T3976]  do_syscall_64+0x39/0xb0
[ 2853.841833][ T3976]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2853.847747][ T3976] RIP: 0033:0x7f8325a8d501
[ 2853.852172][ T3976] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2853.871790][ T3976] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2853.880216][ T3976] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2853.888196][ T3976] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2853.896174][ T3976] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2853.904160][ T3976] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2853.912143][ T3976] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
10:16:58 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x9800, @local}]}, 0x48}}, 0x0)

[ 2853.920140][ T3976]  </TASK>
[ 2853.931200][ T3976] memory: usage 307200kB, limit 307200kB, failcnt 68432
[ 2853.938372][ T3976] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2853.941655][ T3960] device bridge1335 entered promiscuous mode
[ 2853.945341][ T3976] Memory cgroup stats for /syz2:
[ 2853.976523][ T3976] anon 90112
[ 2853.976523][ T3976] file 417792
[ 2853.976523][ T3976] kernel 314064896
[ 2853.976523][ T3976] kernel_stack 32768
[ 2853.976523][ T3976] pagetables 69632
[ 2853.976523][ T3976] sec_pagetables 0
[ 2853.976523][ T3976] percpu 5358784
[ 2853.976523][ T3976] sock 0
[ 2853.976523][ T3976] vmalloc 0
[ 2853.976523][ T3976] shmem 417792
[ 2853.976523][ T3976] zswap 0
[ 2853.976523][ T3976] zswapped 0
[ 2853.976523][ T3976] file_mapped 417792
[ 2853.976523][ T3976] file_dirty 0
[ 2853.976523][ T3976] file_writeback 0
[ 2853.976523][ T3976] swapcached 0
[ 2853.976523][ T3976] anon_thp 0
[ 2853.976523][ T3976] file_thp 0
[ 2853.976523][ T3976] shmem_thp 0
[ 2853.976523][ T3976] inactive_anon 94208
[ 2853.976523][ T3976] active_anon 413696
[ 2853.976523][ T3976] inactive_file 0
[ 2853.976523][ T3976] active_file 0
[ 2853.976523][ T3976] unevictable 0
[ 2853.976523][ T3976] slab_reclaimable 10424
[ 2853.976523][ T3976] slab_unreclaimable 308529576
[ 2854.084153][ T3962] device macvtap2185 entered promiscuous mode
[ 2854.161154][ T3976] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3976,uid=0
[ 2854.176998][ T3976] Memory cgroup out of memory: Killed process 3976 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2854.196363][ T3980] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2854.211440][ T3980] CPU: 1 PID: 3980 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2854.221808][ T3980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2854.231879][ T3980] Call Trace:
[ 2854.235167][ T3980]  <TASK>
[ 2854.238107][ T3980]  dump_stack_lvl+0xd1/0x138
[ 2854.242722][ T3980]  dump_header+0x10b/0x85f
[ 2854.247431][ T3980]  oom_kill_process.cold+0x10/0x15
[ 2854.252561][ T3980]  out_of_memory+0x35c/0x14a0
[ 2854.257266][ T3980]  ? oom_killer_disable+0x280/0x280
[ 2854.262494][ T3980]  ? find_held_lock+0x2d/0x110
[ 2854.267288][ T3980]  mem_cgroup_out_of_memory+0x206/0x270
[ 2854.272858][ T3980]  ? mem_cgroup_margin+0x130/0x130
[ 2854.277980][ T3980]  ? lock_downgrade+0x6e0/0x6e0
[ 2854.282874][ T3980]  try_charge_memcg+0xef8/0x12f0
[ 2854.287839][ T3980]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2854.293846][ T3980]  ? rcu_read_unlock+0x9/0x60
[ 2854.298533][ T3980]  ? lock_downgrade+0x6e0/0x6e0
[ 2854.303428][ T3980]  charge_memcg+0x99/0x3b0
[ 2854.307868][ T3980]  __mem_cgroup_charge+0x2b/0x90
[ 2854.312829][ T3980]  ? _compound_head+0x5d/0x150
[ 2854.317619][ T3980]  __handle_mm_fault+0x17e7/0x3a40
[ 2854.322751][ T3980]  ? vm_iomap_memory+0x190/0x190
[ 2854.327729][ T3980]  handle_mm_fault+0x1cc/0x780
[ 2854.332512][ T3980]  do_user_addr_fault+0x475/0x1210
[ 2854.337645][ T3980]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2854.343222][ T3980]  exc_page_fault+0x98/0x170
[ 2854.347825][ T3980]  asm_exc_page_fault+0x26/0x30
[ 2854.352695][ T3980] RIP: 0033:0x7f69a662bd79
[ 2854.357120][ T3980] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2854.376737][ T3980] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2854.382814][ T3980] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2854.390795][ T3980] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2854.398777][ T3980] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
10:16:58 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3d02}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

10:16:58 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x12a65d}, 0x0)

[ 2854.406754][ T3980] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b8ccf
[ 2854.414738][ T3980] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2854.422737][ T3980]  </TASK>
[ 2854.445006][ T3961] device macvtap1327 entered promiscuous mode
[ 2854.483018][ T3964] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2854.536101][ T3980] memory: usage 307200kB, limit 307200kB, failcnt 14475
[ 2854.561056][ T3980] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2854.577335][ T3980] Memory cgroup stats for /syz1:
[ 2854.577575][ T3980] anon 135168
[ 2854.577575][ T3980] file 393216
[ 2854.577575][ T3980] kernel 314044416
[ 2854.577575][ T3980] kernel_stack 65536
[ 2854.577575][ T3980] pagetables 81920
[ 2854.577575][ T3980] sec_pagetables 0
[ 2854.577575][ T3980] percpu 5356416
[ 2854.577575][ T3980] sock 0
[ 2854.577575][ T3980] vmalloc 0
[ 2854.577575][ T3980] shmem 385024
[ 2854.577575][ T3980] zswap 0
[ 2854.577575][ T3980] zswapped 0
[ 2854.577575][ T3980] file_mapped 385024
[ 2854.577575][ T3980] file_dirty 0
[ 2854.577575][ T3980] file_writeback 0
[ 2854.577575][ T3980] swapcached 0
[ 2854.577575][ T3980] anon_thp 0
[ 2854.577575][ T3980] file_thp 0
[ 2854.577575][ T3980] shmem_thp 0
[ 2854.577575][ T3980] inactive_anon 180224
[ 2854.577575][ T3980] active_anon 339968
[ 2854.577575][ T3980] inactive_file 0
[ 2854.577575][ T3980] active_file 8192
[ 2854.577575][ T3980] unevictable 0
[ 2854.577575][ T3980] slab_reclaimable 16512
[ 2854.577575][ T3980] slab_unreclaimable 308480880
[ 2854.590771][ T3964] device macvtap1328 entered promiscuous mode
[ 2854.673981][ T3980] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3980,uid=0
[ 2854.713901][ T3980] Memory cgroup out of memory: Killed process 3980 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2854.740790][ T3983] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2854.758724][ T3983] CPU: 0 PID: 3983 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2854.769096][ T3983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2854.779174][ T3983] Call Trace:
[ 2854.782471][ T3983]  <TASK>
[ 2854.785423][ T3983]  dump_stack_lvl+0xd1/0x138
10:16:58 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x9900, @local}]}, 0x48}}, 0x0)

[ 2854.790059][ T3983]  dump_header+0x10b/0x85f
[ 2854.794518][ T3983]  oom_kill_process.cold+0x10/0x15
[ 2854.799671][ T3983]  out_of_memory+0x35c/0x14a0
[ 2854.804399][ T3983]  ? oom_killer_disable+0x280/0x280
[ 2854.809643][ T3983]  ? find_held_lock+0x2d/0x110
[ 2854.814455][ T3983]  mem_cgroup_out_of_memory+0x206/0x270
[ 2854.820035][ T3983]  ? mem_cgroup_margin+0x130/0x130
[ 2854.825174][ T3983]  ? lock_downgrade+0x6e0/0x6e0
[ 2854.830089][ T3983]  try_charge_memcg+0xef8/0x12f0
[ 2854.835074][ T3983]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2854.841095][ T3983]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2854.846851][ T3983]  ? lock_downgrade+0x6e0/0x6e0
[ 2854.851749][ T3983]  ? lock_downgrade+0x6e0/0x6e0
[ 2854.856671][ T3983]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2854.862260][ T3983]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2854.868453][ T3983]  copy_process+0x15ed/0x7190
[ 2854.873171][ T3983]  ? __lock_acquire+0xbc3/0x56d0
[ 2854.878166][ T3983]  ? __cleanup_sighand+0xb0/0xb0
[ 2854.883132][ T3983]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2854.889150][ T3983]  ? psi_memstall_leave+0x174/0x250
[ 2854.894371][ T3983]  kernel_clone+0xeb/0x980
[ 2854.898818][ T3983]  ? create_io_thread+0xf0/0xf0
[ 2854.903689][ T3983]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2854.909925][ T3983]  ? lock_downgrade+0x6e0/0x6e0
[ 2854.914788][ T3983]  __do_sys_clone+0xba/0x100
[ 2854.919386][ T3983]  ? kernel_clone+0x980/0x980
[ 2854.924113][ T3983]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2854.930048][ T3983]  do_syscall_64+0x39/0xb0
[ 2854.934503][ T3983]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2854.940433][ T3983] RIP: 0033:0x7f8325a8d501
[ 2854.944869][ T3983] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2854.964495][ T3983] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2854.972915][ T3983] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2854.980911][ T3983] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2854.988906][ T3983] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2854.996890][ T3983] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2855.004856][ T3983] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2855.012831][ T3983]  </TASK>
[ 2855.020241][ T3983] memory: usage 307200kB, limit 307200kB, failcnt 68538
[ 2855.027500][ T3983] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2855.034507][ T3983] Memory cgroup stats for /syz2:
[ 2855.034754][ T3983] anon 90112
[ 2855.034754][ T3983] file 417792
[ 2855.034754][ T3983] kernel 314064896
[ 2855.034754][ T3983] kernel_stack 32768
[ 2855.034754][ T3983] pagetables 69632
[ 2855.034754][ T3983] sec_pagetables 0
[ 2855.034754][ T3983] percpu 5358784
[ 2855.034754][ T3983] sock 0
[ 2855.034754][ T3983] vmalloc 0
[ 2855.034754][ T3983] shmem 417792
[ 2855.034754][ T3983] zswap 0
[ 2855.034754][ T3983] zswapped 0
[ 2855.034754][ T3983] file_mapped 417792
[ 2855.034754][ T3983] file_dirty 0
[ 2855.034754][ T3983] file_writeback 0
[ 2855.034754][ T3983] swapcached 0
[ 2855.034754][ T3983] anon_thp 0
[ 2855.034754][ T3983] file_thp 0
[ 2855.034754][ T3983] shmem_thp 0
[ 2855.034754][ T3983] inactive_anon 94208
[ 2855.034754][ T3983] active_anon 413696
[ 2855.034754][ T3983] inactive_file 0
[ 2855.034754][ T3983] active_file 0
[ 2855.034754][ T3983] unevictable 0
[ 2855.034754][ T3983] slab_reclaimable 10424
[ 2855.034754][ T3983] slab_unreclaimable 308529576
10:16:59 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xb8, 0x1, @local}]}, 0x48}}, 0x0)

[ 2855.144521][ T3975] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2855.156620][ T3983] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3983,uid=0
[ 2855.194381][ T3983] Memory cgroup out of memory: Killed process 3983 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2855.219666][ T3975] device bridge454 entered promiscuous mode
[ 2855.233910][ T3971] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
10:16:59 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3d03}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2855.295936][ T3988] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2855.309278][ T3988] CPU: 1 PID: 3988 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2855.317869][ T3977] device macvtap474 entered promiscuous mode
[ 2855.319617][ T3988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2855.319637][ T3988] Call Trace:
[ 2855.319646][ T3988]  <TASK>
[ 2855.319657][ T3988]  dump_stack_lvl+0xd1/0x138
[ 2855.346513][ T3988]  dump_header+0x10b/0x85f
[ 2855.350970][ T3988]  oom_kill_process.cold+0x10/0x15
[ 2855.356122][ T3988]  out_of_memory+0x35c/0x14a0
[ 2855.360840][ T3988]  ? find_held_lock+0x2d/0x110
[ 2855.365644][ T3988]  ? oom_killer_disable+0x280/0x280
[ 2855.370865][ T3988]  ? find_held_lock+0x2d/0x110
[ 2855.375655][ T3988]  mem_cgroup_out_of_memory+0x206/0x270
[ 2855.381224][ T3988]  ? mem_cgroup_margin+0x130/0x130
[ 2855.386351][ T3988]  ? lock_downgrade+0x6e0/0x6e0
[ 2855.391249][ T3988]  try_charge_memcg+0xef8/0x12f0
[ 2855.396215][ T3988]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2855.402229][ T3988]  ? rcu_read_unlock+0x9/0x60
[ 2855.406917][ T3988]  ? lock_downgrade+0x6e0/0x6e0
[ 2855.411808][ T3988]  charge_memcg+0x99/0x3b0
[ 2855.416253][ T3988]  __mem_cgroup_charge+0x2b/0x90
[ 2855.421216][ T3988]  ? _compound_head+0x5d/0x150
[ 2855.426011][ T3988]  __handle_mm_fault+0x17e7/0x3a40
[ 2855.431142][ T3988]  ? vm_iomap_memory+0x190/0x190
[ 2855.436119][ T3988]  handle_mm_fault+0x1cc/0x780
[ 2855.440903][ T3988]  do_user_addr_fault+0x475/0x1210
[ 2855.446057][ T3988]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2855.451635][ T3988]  exc_page_fault+0x98/0x170
[ 2855.456245][ T3988]  asm_exc_page_fault+0x26/0x30
[ 2855.461116][ T3988] RIP: 0033:0x7f69a662bd79
[ 2855.465542][ T3988] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2855.485162][ T3988] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2855.491249][ T3988] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2855.499233][ T3988] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2855.507217][ T3988] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2855.515198][ T3988] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b9148
[ 2855.523183][ T3988] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2855.531188][ T3988]  </TASK>
[ 2855.542030][ T3988] memory: usage 307200kB, limit 307200kB, failcnt 14580
[ 2855.549204][ T3988] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2855.556149][ T3978] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2855.566388][ T3988] Memory cgroup stats for /syz1:
[ 2855.566620][ T3988] anon 135168
[ 2855.566620][ T3988] file 393216
[ 2855.566620][ T3988] kernel 314044416
[ 2855.566620][ T3988] kernel_stack 65536
[ 2855.566620][ T3988] pagetables 81920
[ 2855.566620][ T3988] sec_pagetables 0
[ 2855.566620][ T3988] percpu 5356416
[ 2855.566620][ T3988] sock 0
[ 2855.566620][ T3988] vmalloc 0
[ 2855.566620][ T3988] shmem 385024
[ 2855.566620][ T3988] zswap 0
[ 2855.566620][ T3988] zswapped 0
[ 2855.566620][ T3988] file_mapped 385024
[ 2855.566620][ T3988] file_dirty 8192
[ 2855.566620][ T3988] file_writeback 0
[ 2855.566620][ T3988] swapcached 0
[ 2855.566620][ T3988] anon_thp 0
[ 2855.566620][ T3988] file_thp 0
[ 2855.566620][ T3988] shmem_thp 0
[ 2855.566620][ T3988] inactive_anon 180224
[ 2855.566620][ T3988] active_anon 339968
[ 2855.566620][ T3988] inactive_file 4096
[ 2855.566620][ T3988] active_file 4096
[ 2855.566620][ T3988] unevictable 0
[ 2855.566620][ T3988] slab_reclaimable 16512
[ 2855.566620][ T3988] slab_unreclaimable 308480880
[ 2855.664744][ T3988] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3988,uid=0
10:16:59 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x9a00, @local}]}, 0x48}}, 0x0)

[ 2855.681630][ T3988] Memory cgroup out of memory: Killed process 3988 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2855.690996][ T3978] device macvtap475 entered promiscuous mode
[ 2855.719396][ T3995] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2855.731197][ T3995] CPU: 1 PID: 3995 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2855.741559][ T3995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2855.751636][ T3995] Call Trace:
[ 2855.754954][ T3995]  <TASK>
[ 2855.757906][ T3995]  dump_stack_lvl+0xd1/0x138
[ 2855.762539][ T3995]  dump_header+0x10b/0x85f
[ 2855.766996][ T3995]  oom_kill_process.cold+0x10/0x15
[ 2855.772146][ T3995]  out_of_memory+0x35c/0x14a0
[ 2855.776870][ T3995]  ? find_held_lock+0x2d/0x110
[ 2855.781678][ T3995]  ? oom_killer_disable+0x280/0x280
[ 2855.786933][ T3995]  ? find_held_lock+0x2d/0x110
[ 2855.791743][ T3995]  mem_cgroup_out_of_memory+0x206/0x270
[ 2855.797329][ T3995]  ? mem_cgroup_margin+0x130/0x130
[ 2855.802573][ T3995]  ? lock_downgrade+0x6e0/0x6e0
[ 2855.807490][ T3995]  try_charge_memcg+0xef8/0x12f0
[ 2855.812479][ T3995]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2855.818681][ T3995]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2855.824442][ T3995]  ? lock_downgrade+0x6e0/0x6e0
[ 2855.829342][ T3995]  ? lock_downgrade+0x6e0/0x6e0
[ 2855.834242][ T3995]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2855.839813][ T3995]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2855.845988][ T3995]  copy_process+0x73e/0x7190
[ 2855.850594][ T3995]  ? wp_page_copy+0x311/0x1ca0
[ 2855.855406][ T3995]  ? __cleanup_sighand+0xb0/0xb0
[ 2855.860370][ T3995]  ? do_wp_page+0x1d9/0x1930
[ 2855.864977][ T3995]  kernel_clone+0xeb/0x980
[ 2855.869412][ T3995]  ? create_io_thread+0xf0/0xf0
[ 2855.874288][ T3995]  ? find_held_lock+0x2d/0x110
[ 2855.879086][ T3995]  __do_sys_clone+0xba/0x100
[ 2855.883691][ T3995]  ? kernel_clone+0x980/0x980
[ 2855.888399][ T3995]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2855.894314][ T3995]  do_syscall_64+0x39/0xb0
[ 2855.898755][ T3995]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2855.904669][ T3995] RIP: 0033:0x7f8325a8d501
[ 2855.909096][ T3995] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2855.928715][ T3995] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2855.937142][ T3995] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2855.945125][ T3995] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2855.953112][ T3995] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2855.961092][ T3995] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2855.969074][ T3995] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2855.977075][ T3995]  </TASK>
[ 2855.994071][ T3995] memory: usage 307200kB, limit 307200kB, failcnt 68639
[ 2855.994278][ T3979] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2856.001295][ T3995] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2856.019439][ T3995] Memory cgroup stats for /syz2:
[ 2856.019675][ T3995] anon 90112
[ 2856.019675][ T3995] file 417792
[ 2856.019675][ T3995] kernel 314064896
[ 2856.019675][ T3995] kernel_stack 32768
[ 2856.019675][ T3995] pagetables 69632
[ 2856.019675][ T3995] sec_pagetables 0
[ 2856.019675][ T3995] percpu 5358784
[ 2856.019675][ T3995] sock 0
[ 2856.019675][ T3995] vmalloc 0
[ 2856.019675][ T3995] shmem 417792
[ 2856.019675][ T3995] zswap 0
[ 2856.019675][ T3995] zswapped 0
[ 2856.019675][ T3995] file_mapped 417792
[ 2856.019675][ T3995] file_dirty 0
[ 2856.019675][ T3995] file_writeback 0
[ 2856.019675][ T3995] swapcached 0
[ 2856.019675][ T3995] anon_thp 0
[ 2856.019675][ T3995] file_thp 0
[ 2856.019675][ T3995] shmem_thp 0
[ 2856.019675][ T3995] inactive_anon 49152
[ 2856.019675][ T3995] active_anon 413696
[ 2856.019675][ T3995] inactive_file 0
10:17:00 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xb8, 0x1, @local}]}, 0x48}}, 0x0)

10:17:00 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xb4, 0x1, @local}]}, 0x48}}, 0x0)

[ 2856.019675][ T3995] active_file 0
[ 2856.019675][ T3995] unevictable 0
[ 2856.019675][ T3995] slab_reclaimable 10424
[ 2856.019675][ T3995] slab_unreclaimable 308529576
[ 2856.124668][ T3985] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2856.134186][ T3995] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=3995,uid=0
[ 2856.170959][ T3995] Memory cgroup out of memory: Killed process 3995 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2856.192279][ T3985] device bridge1795 entered promiscuous mode
10:17:00 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3e00}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2856.290681][ T3996] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2856.303219][ T3986] device macvtap2185 entered promiscuous mode
[ 2856.317055][ T3996] CPU: 0 PID: 3996 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2856.327421][ T3996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2856.337497][ T3996] Call Trace:
[ 2856.340794][ T3996]  <TASK>
[ 2856.343746][ T3996]  dump_stack_lvl+0xd1/0x138
[ 2856.348366][ T3996]  dump_header+0x10b/0x85f
[ 2856.352809][ T3996]  oom_kill_process.cold+0x10/0x15
[ 2856.357959][ T3996]  out_of_memory+0x35c/0x14a0
[ 2856.362674][ T3996]  ? find_held_lock+0x2d/0x110
[ 2856.367466][ T3996]  ? oom_killer_disable+0x280/0x280
[ 2856.372692][ T3996]  ? find_held_lock+0x2d/0x110
[ 2856.377484][ T3996]  mem_cgroup_out_of_memory+0x206/0x270
[ 2856.383046][ T3996]  ? mem_cgroup_margin+0x130/0x130
[ 2856.388171][ T3996]  ? lock_downgrade+0x6e0/0x6e0
[ 2856.393065][ T3996]  try_charge_memcg+0xef8/0x12f0
[ 2856.398032][ T3996]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2856.404038][ T3996]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2856.409776][ T3996]  ? lock_downgrade+0x6e0/0x6e0
[ 2856.414679][ T3996]  obj_cgroup_charge+0x2af/0x5e0
[ 2856.419647][ T3996]  ? __anon_vma_prepare+0x64/0x580
[ 2856.424776][ T3996]  kmem_cache_alloc+0xa3/0x3d0
[ 2856.429563][ T3996]  __anon_vma_prepare+0x64/0x580
[ 2856.434512][ T3996]  ? __pmd_alloc+0x30c/0x5d0
[ 2856.439122][ T3996]  __handle_mm_fault+0x35bc/0x3a40
[ 2856.444259][ T3996]  ? vm_iomap_memory+0x190/0x190
[ 2856.449236][ T3996]  handle_mm_fault+0x1cc/0x780
[ 2856.454022][ T3996]  do_user_addr_fault+0x475/0x1210
[ 2856.459155][ T3996]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2856.464730][ T3996]  exc_page_fault+0x98/0x170
[ 2856.469335][ T3996]  asm_exc_page_fault+0x26/0x30
[ 2856.474207][ T3996] RIP: 0033:0x7f69a662bd79
[ 2856.478632][ T3996] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2856.498282][ T3996] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2856.504382][ T3996] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2856.512381][ T3996] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2856.520375][ T3996] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2856.528359][ T3996] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b9512
[ 2856.536346][ T3996] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2856.544352][ T3996]  </TASK>
[ 2856.587488][ T3996] memory: usage 307200kB, limit 307200kB, failcnt 14653
[ 2856.596505][ T3996] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2856.604189][ T3996] Memory cgroup stats for /syz1:
[ 2856.604409][ T3996] anon 135168
[ 2856.604409][ T3996] file 393216
[ 2856.604409][ T3996] kernel 314044416
[ 2856.604409][ T3996] kernel_stack 65536
[ 2856.604409][ T3996] pagetables 81920
[ 2856.604409][ T3996] sec_pagetables 0
[ 2856.604409][ T3996] percpu 5356416
[ 2856.604409][ T3996] sock 0
[ 2856.604409][ T3996] vmalloc 0
[ 2856.604409][ T3996] shmem 385024
[ 2856.604409][ T3996] zswap 0
[ 2856.604409][ T3996] zswapped 0
[ 2856.604409][ T3996] file_mapped 385024
[ 2856.604409][ T3996] file_dirty 8192
[ 2856.604409][ T3996] file_writeback 0
[ 2856.604409][ T3996] swapcached 0
[ 2856.604409][ T3996] anon_thp 0
[ 2856.604409][ T3996] file_thp 0
[ 2856.604409][ T3996] shmem_thp 0
[ 2856.604409][ T3996] inactive_anon 180224
[ 2856.604409][ T3996] active_anon 339968
[ 2856.604409][ T3996] inactive_file 4096
[ 2856.604409][ T3996] active_file 4096
[ 2856.604409][ T3996] unevictable 0
[ 2856.604409][ T3996] slab_reclaimable 16512
[ 2856.604409][ T3996] slab_unreclaimable 308480480
[ 2856.613547][ T3987] device macvtap2186 entered promiscuous mode
[ 2856.743120][ T3996] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=3996,uid=0
[ 2856.763474][ T3996] Memory cgroup out of memory: Killed process 3996 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
10:17:00 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x9b00, @local}]}, 0x48}}, 0x0)

[ 2856.793057][ T4005] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2856.816140][ T4005] CPU: 1 PID: 4005 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2856.826506][ T4005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2856.836569][ T4005] Call Trace:
[ 2856.839853][ T4005]  <TASK>
[ 2856.842798][ T4005]  dump_stack_lvl+0xd1/0x138
[ 2856.847416][ T4005]  dump_header+0x10b/0x85f
[ 2856.851857][ T4005]  oom_kill_process.cold+0x10/0x15
[ 2856.856994][ T4005]  out_of_memory+0x35c/0x14a0
[ 2856.861698][ T4005]  ? find_held_lock+0x2d/0x110
[ 2856.866491][ T4005]  ? oom_killer_disable+0x280/0x280
[ 2856.871714][ T4005]  ? find_held_lock+0x2d/0x110
[ 2856.876506][ T4005]  mem_cgroup_out_of_memory+0x206/0x270
[ 2856.882072][ T4005]  ? mem_cgroup_margin+0x130/0x130
[ 2856.887203][ T4005]  ? lock_downgrade+0x6e0/0x6e0
[ 2856.892111][ T4005]  try_charge_memcg+0xef8/0x12f0
[ 2856.897092][ T4005]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2856.903104][ T4005]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2856.908849][ T4005]  ? lock_downgrade+0x6e0/0x6e0
[ 2856.913738][ T4005]  ? lock_downgrade+0x6e0/0x6e0
[ 2856.918640][ T4005]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2856.924219][ T4005]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2856.930396][ T4005]  copy_process+0x15ed/0x7190
[ 2856.935099][ T4005]  ? __lock_acquire+0xbc3/0x56d0
[ 2856.940082][ T4005]  ? __cleanup_sighand+0xb0/0xb0
[ 2856.945044][ T4005]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2856.951063][ T4005]  ? psi_memstall_leave+0x174/0x250
[ 2856.956298][ T4005]  kernel_clone+0xeb/0x980
[ 2856.960739][ T4005]  ? create_io_thread+0xf0/0xf0
[ 2856.965614][ T4005]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2856.971887][ T4005]  ? lock_downgrade+0x6e0/0x6e0
[ 2856.976788][ T4005]  __do_sys_clone+0xba/0x100
[ 2856.981398][ T4005]  ? kernel_clone+0x980/0x980
[ 2856.986106][ T4005]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2856.992027][ T4005]  do_syscall_64+0x39/0xb0
[ 2856.996467][ T4005]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2857.002382][ T4005] RIP: 0033:0x7f8325a8d501
[ 2857.006805][ T4005] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2857.026429][ T4005] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2857.034855][ T4005] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
10:17:01 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x12a65e}, 0x0)

[ 2857.042836][ T4005] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2857.050827][ T4005] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2857.058808][ T4005] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2857.066820][ T4005] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2857.074821][ T4005]  </TASK>
[ 2857.085678][ T4005] memory: usage 307200kB, limit 307200kB, failcnt 68774
[ 2857.101314][ T3990] device bridge1336 entered promiscuous mode
[ 2857.124651][ T4005] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2857.138598][ T4005] Memory cgroup stats for /syz2:
[ 2857.138838][ T4005] anon 90112
[ 2857.138838][ T4005] file 417792
[ 2857.138838][ T4005] kernel 314064896
[ 2857.138838][ T4005] kernel_stack 32768
[ 2857.138838][ T4005] pagetables 69632
[ 2857.138838][ T4005] sec_pagetables 0
[ 2857.138838][ T4005] percpu 5358784
[ 2857.138838][ T4005] sock 0
[ 2857.138838][ T4005] vmalloc 0
[ 2857.138838][ T4005] shmem 417792
[ 2857.138838][ T4005] zswap 0
[ 2857.138838][ T4005] zswapped 0
[ 2857.138838][ T4005] file_mapped 417792
[ 2857.138838][ T4005] file_dirty 0
[ 2857.138838][ T4005] file_writeback 0
[ 2857.138838][ T4005] swapcached 0
[ 2857.138838][ T4005] anon_thp 0
[ 2857.138838][ T4005] file_thp 0
[ 2857.138838][ T4005] shmem_thp 0
[ 2857.138838][ T4005] inactive_anon 94208
[ 2857.138838][ T4005] active_anon 413696
[ 2857.138838][ T4005] inactive_file 0
[ 2857.138838][ T4005] active_file 0
[ 2857.138838][ T4005] unevictable 0
[ 2857.138838][ T4005] slab_reclaimable 10424
[ 2857.138838][ T4005] slab_unreclaimable 308529576
[ 2857.260170][ T4005] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4005,uid=0
[ 2857.289015][ T4005] Memory cgroup out of memory: Killed process 4005 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
10:17:01 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3e01}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2857.310778][ T3991] device macvtap1328 entered promiscuous mode
[ 2857.375913][ T4010] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2857.390695][ T4010] CPU: 0 PID: 4010 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2857.401152][ T4010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2857.411228][ T4010] Call Trace:
[ 2857.414527][ T4010]  <TASK>
[ 2857.417477][ T4010]  dump_stack_lvl+0xd1/0x138
[ 2857.422108][ T4010]  dump_header+0x10b/0x85f
[ 2857.426556][ T4010]  oom_kill_process.cold+0x10/0x15
[ 2857.431703][ T4010]  out_of_memory+0x35c/0x14a0
[ 2857.433639][ T3994] device macvtap1329 entered promiscuous mode
[ 2857.436413][ T4010]  ? find_held_lock+0x2d/0x110
[ 2857.436459][ T4010]  ? oom_killer_disable+0x280/0x280
[ 2857.452503][ T4010]  ? find_held_lock+0x2d/0x110
[ 2857.457314][ T4010]  mem_cgroup_out_of_memory+0x206/0x270
[ 2857.462893][ T4010]  ? mem_cgroup_margin+0x130/0x130
[ 2857.468031][ T4010]  ? lock_downgrade+0x6e0/0x6e0
10:17:01 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x9a00, @local}]}, 0x48}}, 0x0)

[ 2857.472947][ T4010]  try_charge_memcg+0xef8/0x12f0
[ 2857.477933][ T4010]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2857.483978][ T4010]  ? rcu_read_unlock+0x9/0x60
[ 2857.488683][ T4010]  ? lock_downgrade+0x6e0/0x6e0
[ 2857.493607][ T4010]  charge_memcg+0x99/0x3b0
[ 2857.498069][ T4010]  __mem_cgroup_charge+0x2b/0x90
[ 2857.503050][ T4010]  ? _compound_head+0x5d/0x150
[ 2857.507863][ T4010]  __handle_mm_fault+0x17e7/0x3a40
[ 2857.513018][ T4010]  ? vm_iomap_memory+0x190/0x190
[ 2857.518025][ T4010]  handle_mm_fault+0x1cc/0x780
[ 2857.522843][ T4010]  do_user_addr_fault+0x475/0x1210
[ 2857.527999][ T4010]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2857.533602][ T4010]  exc_page_fault+0x98/0x170
[ 2857.537143][ T4017] __nla_validate_parse: 2 callbacks suppressed
[ 2857.537161][ T4017] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2857.538207][ T4010]  asm_exc_page_fault+0x26/0x30
[ 2857.538246][ T4010] RIP: 0033:0x7f69a662bd79
[ 2857.538270][ T4010] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2857.538298][ T4010] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2857.588556][ T4010] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2857.595975][ T4017] device bridge1337 entered promiscuous mode
[ 2857.596573][ T4010] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2857.596599][ T4010] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2857.596619][ T4010] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b9952
[ 2857.596639][ T4010] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2857.634534][ T4010]  </TASK>
[ 2857.639765][ T4000] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2857.644108][ T4010] memory: usage 307200kB, limit 307200kB, failcnt 14701
[ 2857.656135][ T4010] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2857.663132][ T4010] Memory cgroup stats for /syz1:
[ 2857.663325][ T4010] anon 135168
[ 2857.663325][ T4010] file 393216
[ 2857.663325][ T4010] kernel 314044416
[ 2857.663325][ T4010] kernel_stack 65536
[ 2857.663325][ T4010] pagetables 81920
[ 2857.663325][ T4010] sec_pagetables 0
[ 2857.663325][ T4010] percpu 5356416
[ 2857.663325][ T4010] sock 0
[ 2857.663325][ T4010] vmalloc 0
[ 2857.663325][ T4010] shmem 385024
[ 2857.663325][ T4010] zswap 0
[ 2857.663325][ T4010] zswapped 0
[ 2857.663325][ T4010] file_mapped 385024
[ 2857.663325][ T4010] file_dirty 8192
[ 2857.663325][ T4010] file_writeback 0
[ 2857.663325][ T4010] swapcached 0
[ 2857.663325][ T4010] anon_thp 0
[ 2857.663325][ T4010] file_thp 0
[ 2857.663325][ T4010] shmem_thp 0
[ 2857.663325][ T4010] inactive_anon 180224
[ 2857.663325][ T4010] active_anon 339968
[ 2857.663325][ T4010] inactive_file 4096
[ 2857.663325][ T4010] active_file 4096
[ 2857.663325][ T4010] unevictable 0
[ 2857.663325][ T4010] slab_reclaimable 16512
[ 2857.663325][ T4010] slab_unreclaimable 308480880
[ 2857.723481][ T4000] device bridge455 entered promiscuous mode
10:17:02 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x9c00, @local}]}, 0x48}}, 0x0)

[ 2857.765283][ T4010] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=4010,uid=0
[ 2857.781548][ T4010] Memory cgroup out of memory: Killed process 4010 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2857.804188][ T4015] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2857.822957][ T4015] CPU: 0 PID: 4015 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2857.833323][ T4015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2857.843399][ T4015] Call Trace:
[ 2857.844748][ T4001] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2857.846674][ T4015]  <TASK>
[ 2857.846687][ T4015]  dump_stack_lvl+0xd1/0x138
[ 2857.846729][ T4015]  dump_header+0x10b/0x85f
[ 2857.846764][ T4015]  oom_kill_process.cold+0x10/0x15
[ 2857.873027][ T4015]  out_of_memory+0x35c/0x14a0
[ 2857.877750][ T4015]  ? find_held_lock+0x2d/0x110
[ 2857.882563][ T4015]  ? oom_killer_disable+0x280/0x280
[ 2857.887806][ T4015]  ? find_held_lock+0x2d/0x110
[ 2857.892621][ T4015]  mem_cgroup_out_of_memory+0x206/0x270
[ 2857.898203][ T4015]  ? mem_cgroup_margin+0x130/0x130
[ 2857.903342][ T4015]  ? lock_downgrade+0x6e0/0x6e0
[ 2857.908255][ T4015]  try_charge_memcg+0xef8/0x12f0
[ 2857.913243][ T4015]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2857.916907][ T4001] device bridge543 entered promiscuous mode
[ 2857.919243][ T4015]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2857.919282][ T4015]  ? lock_downgrade+0x6e0/0x6e0
[ 2857.919328][ T4015]  ? lock_downgrade+0x6e0/0x6e0
[ 2857.940674][ T4015]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2857.946265][ T4015]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2857.952460][ T4015]  copy_process+0x73e/0x7190
[ 2857.957085][ T4015]  ? wp_page_copy+0x311/0x1ca0
[ 2857.961917][ T4015]  ? __cleanup_sighand+0xb0/0xb0
[ 2857.966892][ T4015]  ? do_wp_page+0x1d9/0x1930
[ 2857.971517][ T4015]  kernel_clone+0xeb/0x980
[ 2857.975980][ T4015]  ? create_io_thread+0xf0/0xf0
[ 2857.980877][ T4015]  ? find_held_lock+0x2d/0x110
[ 2857.985698][ T4015]  __do_sys_clone+0xba/0x100
[ 2857.990317][ T4015]  ? kernel_clone+0x980/0x980
[ 2857.995032][ T4015]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2858.000964][ T4015]  do_syscall_64+0x39/0xb0
[ 2858.005430][ T4015]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2858.008927][ T4004] device macvtap475 entered promiscuous mode
[ 2858.011343][ T4015] RIP: 0033:0x7f8325a8d501
[ 2858.011368][ T4015] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2858.011397][ T4015] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2858.011427][ T4015] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2858.057812][ T4015] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2858.065807][ T4015] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2858.073801][ T4015] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2858.081792][ T4015] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2858.089799][ T4015]  </TASK>
[ 2858.120525][ T4003] device macvtap575 entered promiscuous mode
[ 2858.154243][ T4006] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2858.181848][ T4015] memory: usage 307200kB, limit 307200kB, failcnt 68867
[ 2858.189127][ T4015] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2858.196175][ T4015] Memory cgroup stats for /syz2:
[ 2858.196355][ T4015] anon 90112
[ 2858.196355][ T4015] file 417792
[ 2858.196355][ T4015] kernel 314064896
[ 2858.196355][ T4015] kernel_stack 32768
[ 2858.196355][ T4015] pagetables 69632
[ 2858.196355][ T4015] sec_pagetables 0
[ 2858.196355][ T4015] percpu 5358784
[ 2858.196355][ T4015] sock 0
[ 2858.196355][ T4015] vmalloc 0
[ 2858.196355][ T4015] shmem 417792
[ 2858.196355][ T4015] zswap 0
[ 2858.196355][ T4015] zswapped 0
[ 2858.196355][ T4015] file_mapped 417792
[ 2858.196355][ T4015] file_dirty 0
[ 2858.196355][ T4015] file_writeback 0
[ 2858.196355][ T4015] swapcached 0
[ 2858.196355][ T4015] anon_thp 0
[ 2858.196355][ T4015] file_thp 0
[ 2858.196355][ T4015] shmem_thp 0
[ 2858.196355][ T4015] inactive_anon 94208
[ 2858.196355][ T4015] active_anon 413696
[ 2858.196355][ T4015] inactive_file 0
[ 2858.196355][ T4015] active_file 0
[ 2858.196355][ T4015] unevictable 0
10:17:02 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xaf, 0x1, @local}]}, 0x48}}, 0x0)

[ 2858.196355][ T4015] slab_reclaimable 10424
[ 2858.196355][ T4015] slab_unreclaimable 308529576
[ 2858.299154][ T4006] device macvtap476 entered promiscuous mode
[ 2858.314640][ T4007] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
10:17:02 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x2202}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2858.358321][ T4007] device macvtap576 entered promiscuous mode
[ 2858.375944][ T4009] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2858.428344][ T4015] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4015,uid=0
[ 2858.439368][ T4009] device bridge1796 entered promiscuous mode
[ 2858.444896][ T4015] Memory cgroup out of memory: Killed process 4015 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
10:17:02 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3e02}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2858.471933][ T4019] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2858.492630][ T4019] CPU: 0 PID: 4019 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2858.503001][ T4019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2858.513076][ T4019] Call Trace:
[ 2858.516368][ T4019]  <TASK>
[ 2858.519319][ T4019]  dump_stack_lvl+0xd1/0x138
[ 2858.523953][ T4019]  dump_header+0x10b/0x85f
[ 2858.528411][ T4019]  oom_kill_process.cold+0x10/0x15
[ 2858.533563][ T4019]  out_of_memory+0x35c/0x14a0
[ 2858.538293][ T4019]  ? oom_killer_disable+0x280/0x280
[ 2858.543547][ T4019]  ? find_held_lock+0x2d/0x110
[ 2858.548361][ T4019]  mem_cgroup_out_of_memory+0x206/0x270
[ 2858.553938][ T4019]  ? mem_cgroup_margin+0x130/0x130
[ 2858.559065][ T4019]  ? lock_downgrade+0x6e0/0x6e0
[ 2858.563963][ T4019]  try_charge_memcg+0xef8/0x12f0
[ 2858.568932][ T4019]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2858.574942][ T4019]  ? rcu_read_unlock+0x9/0x60
[ 2858.579635][ T4019]  ? lock_downgrade+0x6e0/0x6e0
[ 2858.584532][ T4019]  charge_memcg+0x99/0x3b0
[ 2858.588976][ T4019]  __mem_cgroup_charge+0x2b/0x90
[ 2858.593938][ T4019]  ? _compound_head+0x5d/0x150
[ 2858.598732][ T4019]  __handle_mm_fault+0x17e7/0x3a40
[ 2858.603870][ T4019]  ? vm_iomap_memory+0x190/0x190
[ 2858.608844][ T4019]  ? __rcu_read_unlock+0x2a0/0x5b0
[ 2858.613981][ T4019]  handle_mm_fault+0x1cc/0x780
[ 2858.618767][ T4019]  do_user_addr_fault+0x475/0x1210
[ 2858.623904][ T4019]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2858.629480][ T4019]  exc_page_fault+0x98/0x170
[ 2858.634095][ T4019]  asm_exc_page_fault+0x26/0x30
[ 2858.638968][ T4019] RIP: 0033:0x7f69a662bd79
[ 2858.643397][ T4019] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2858.663020][ T4019] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2858.669108][ T4019] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2858.677095][ T4019] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2858.685083][ T4019] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2858.693072][ T4019] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002b9c8c
[ 2858.701052][ T4019] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2858.709055][ T4019]  </TASK>
[ 2858.717052][ T4019] memory: usage 307200kB, limit 307200kB, failcnt 14829
[ 2858.745483][ T4019] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2858.770459][ T4012] device macvtap2186 entered promiscuous mode
[ 2858.776749][ T4019] Memory cgroup stats for /syz1:
[ 2858.776952][ T4019] anon 135168
[ 2858.776952][ T4019] file 393216
[ 2858.776952][ T4019] kernel 314044416
[ 2858.776952][ T4019] kernel_stack 65536
[ 2858.776952][ T4019] pagetables 81920
[ 2858.776952][ T4019] sec_pagetables 0
[ 2858.776952][ T4019] percpu 5356416
[ 2858.776952][ T4019] sock 0
[ 2858.776952][ T4019] vmalloc 0
[ 2858.776952][ T4019] shmem 385024
[ 2858.776952][ T4019] zswap 0
[ 2858.776952][ T4019] zswapped 0
[ 2858.776952][ T4019] file_mapped 385024
[ 2858.776952][ T4019] file_dirty 8192
[ 2858.776952][ T4019] file_writeback 0
[ 2858.776952][ T4019] swapcached 0
[ 2858.776952][ T4019] anon_thp 0
[ 2858.776952][ T4019] file_thp 0
[ 2858.776952][ T4019] shmem_thp 0
[ 2858.776952][ T4019] inactive_anon 180224
[ 2858.776952][ T4019] active_anon 339968
[ 2858.776952][ T4019] inactive_file 0
[ 2858.776952][ T4019] active_file 8192
[ 2858.776952][ T4019] unevictable 0
[ 2858.776952][ T4019] slab_reclaimable 16512
[ 2858.776952][ T4019] slab_unreclaimable 308480880
[ 2858.879169][ T4019] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=4019,uid=0
10:17:03 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x9d00, @local}]}, 0x48}}, 0x0)

[ 2858.895167][ T4019] Memory cgroup out of memory: Killed process 4019 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2858.913059][ T4030] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2858.935537][ T4030] CPU: 0 PID: 4030 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2858.945897][ T4030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2858.955967][ T4030] Call Trace:
[ 2858.959265][ T4030]  <TASK>
[ 2858.962216][ T4030]  dump_stack_lvl+0xd1/0x138
[ 2858.964768][ T4013] device macvtap2187 entered promiscuous mode
[ 2858.966819][ T4030]  dump_header+0x10b/0x85f
[ 2858.966858][ T4030]  oom_kill_process.cold+0x10/0x15
[ 2858.966894][ T4030]  out_of_memory+0x35c/0x14a0
[ 2858.987188][ T4030]  ? oom_killer_disable+0x280/0x280
[ 2858.992425][ T4030]  ? find_held_lock+0x2d/0x110
[ 2858.997223][ T4030]  mem_cgroup_out_of_memory+0x206/0x270
[ 2859.002789][ T4030]  ? mem_cgroup_margin+0x130/0x130
[ 2859.007914][ T4030]  ? lock_downgrade+0x6e0/0x6e0
[ 2859.012809][ T4030]  try_charge_memcg+0xef8/0x12f0
[ 2859.017774][ T4030]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2859.023786][ T4030]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2859.029526][ T4030]  ? lock_downgrade+0x6e0/0x6e0
[ 2859.034406][ T4030]  ? lock_downgrade+0x6e0/0x6e0
[ 2859.039298][ T4030]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2859.044868][ T4030]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2859.051044][ T4030]  copy_process+0x15ed/0x7190
[ 2859.055745][ T4030]  ? __lock_acquire+0xbc3/0x56d0
[ 2859.060723][ T4030]  ? __cleanup_sighand+0xb0/0xb0
[ 2859.065677][ T4030]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2859.071691][ T4030]  ? psi_memstall_leave+0x174/0x250
[ 2859.076917][ T4030]  kernel_clone+0xeb/0x980
[ 2859.081354][ T4030]  ? create_io_thread+0xf0/0xf0
[ 2859.086223][ T4030]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2859.092489][ T4030]  ? lock_downgrade+0x6e0/0x6e0
[ 2859.097383][ T4030]  __do_sys_clone+0xba/0x100
[ 2859.101990][ T4030]  ? kernel_clone+0x980/0x980
[ 2859.106700][ T4030]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2859.112616][ T4030]  do_syscall_64+0x39/0xb0
[ 2859.117058][ T4030]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2859.122972][ T4030] RIP: 0033:0x7f8325a8d501
[ 2859.127401][ T4030] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2859.147020][ T4030] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2859.155447][ T4030] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2859.163430][ T4030] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2859.171414][ T4030] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2859.179395][ T4030] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2859.187377][ T4030] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2859.195375][ T4030]  </TASK>
[ 2859.245105][ T4030] memory: usage 307200kB, limit 307200kB, failcnt 68946
[ 2859.256329][ T4030] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2859.277124][ T4030] Memory cgroup stats for /syz2:
[ 2859.277639][ T4030] anon 90112
[ 2859.277639][ T4030] file 417792
[ 2859.277639][ T4030] kernel 314064896
[ 2859.277639][ T4030] kernel_stack 32768
[ 2859.277639][ T4030] pagetables 69632
[ 2859.277639][ T4030] sec_pagetables 0
[ 2859.277639][ T4030] percpu 5358784
[ 2859.277639][ T4030] sock 0
[ 2859.277639][ T4030] vmalloc 0
[ 2859.277639][ T4030] shmem 417792
[ 2859.277639][ T4030] zswap 0
[ 2859.277639][ T4030] zswapped 0
[ 2859.277639][ T4030] file_mapped 417792
[ 2859.277639][ T4030] file_dirty 0
[ 2859.277639][ T4030] file_writeback 0
[ 2859.277639][ T4030] swapcached 0
[ 2859.277639][ T4030] anon_thp 0
[ 2859.277639][ T4030] file_thp 0
[ 2859.277639][ T4030] shmem_thp 0
[ 2859.277639][ T4030] inactive_anon 81920
[ 2859.277639][ T4030] active_anon 413696
[ 2859.277639][ T4030] inactive_file 0
[ 2859.277639][ T4030] active_file 0
[ 2859.277639][ T4030] unevictable 0
[ 2859.277639][ T4030] slab_reclaimable 10424
[ 2859.277639][ T4030] slab_unreclaimable 308529576
[ 2859.374718][ T4030] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4030,uid=0
10:17:03 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x12a65f}, 0x0)

10:17:03 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3e03}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2859.388440][ T4018] device macvtap1330 entered promiscuous mode
[ 2859.393547][ T4030] Memory cgroup out of memory: Killed process 4030 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2859.501764][ T4017] device macvtap1331 entered promiscuous mode
[ 2859.542058][ T4032] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2859.563761][ T4032] CPU: 0 PID: 4032 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2859.574136][ T4032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2859.584214][ T4032] Call Trace:
[ 2859.587509][ T4032]  <TASK>
[ 2859.590457][ T4032]  dump_stack_lvl+0xd1/0x138
[ 2859.595089][ T4032]  dump_header+0x10b/0x85f
[ 2859.599541][ T4032]  oom_kill_process.cold+0x10/0x15
[ 2859.604688][ T4032]  out_of_memory+0x35c/0x14a0
[ 2859.609408][ T4032]  ? find_held_lock+0x2d/0x110
[ 2859.614212][ T4032]  ? oom_killer_disable+0x280/0x280
[ 2859.619440][ T4032]  ? find_held_lock+0x2d/0x110
[ 2859.624235][ T4032]  mem_cgroup_out_of_memory+0x206/0x270
[ 2859.629809][ T4032]  ? mem_cgroup_margin+0x130/0x130
[ 2859.634946][ T4032]  ? lock_downgrade+0x6e0/0x6e0
[ 2859.639842][ T4032]  try_charge_memcg+0xef8/0x12f0
[ 2859.644813][ T4032]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2859.650823][ T4032]  ? rcu_read_unlock+0x9/0x60
[ 2859.655513][ T4032]  ? lock_downgrade+0x6e0/0x6e0
[ 2859.660407][ T4032]  charge_memcg+0x99/0x3b0
[ 2859.664854][ T4032]  __mem_cgroup_charge+0x2b/0x90
[ 2859.669818][ T4032]  ? _compound_head+0x5d/0x150
[ 2859.674610][ T4032]  __handle_mm_fault+0x17e7/0x3a40
[ 2859.679744][ T4032]  ? vm_iomap_memory+0x190/0x190
[ 2859.684722][ T4032]  handle_mm_fault+0x1cc/0x780
[ 2859.689507][ T4032]  do_user_addr_fault+0x475/0x1210
[ 2859.694640][ T4032]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2859.700216][ T4032]  exc_page_fault+0x98/0x170
[ 2859.704828][ T4032]  asm_exc_page_fault+0x26/0x30
[ 2859.709703][ T4032] RIP: 0033:0x7f69a662bd79
[ 2859.714129][ T4032] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2859.733753][ T4032] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2859.739832][ T4032] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2859.747815][ T4032] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2859.755808][ T4032] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2859.763798][ T4032] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002ba1c9
[ 2859.771782][ T4032] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2859.779787][ T4032]  </TASK>
10:17:03 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x9c00, @local}]}, 0x48}}, 0x0)

[ 2859.784890][ T4022] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2859.801311][ T4032] memory: usage 307200kB, limit 307200kB, failcnt 14918
[ 2859.809428][ T4032] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2859.816497][ T4032] Memory cgroup stats for /syz1:
[ 2859.816734][ T4032] anon 135168
[ 2859.816734][ T4032] file 393216
[ 2859.816734][ T4032] kernel 314044416
[ 2859.816734][ T4032] kernel_stack 65536
[ 2859.816734][ T4032] pagetables 81920
[ 2859.816734][ T4032] sec_pagetables 0
[ 2859.816734][ T4032] percpu 5356416
[ 2859.816734][ T4032] sock 0
[ 2859.816734][ T4032] vmalloc 0
[ 2859.816734][ T4032] shmem 385024
[ 2859.816734][ T4032] zswap 0
[ 2859.816734][ T4032] zswapped 0
[ 2859.816734][ T4032] file_mapped 385024
[ 2859.816734][ T4032] file_dirty 8192
[ 2859.816734][ T4032] file_writeback 0
[ 2859.816734][ T4032] swapcached 0
[ 2859.816734][ T4032] anon_thp 0
[ 2859.816734][ T4032] file_thp 0
[ 2859.816734][ T4032] shmem_thp 0
[ 2859.816734][ T4032] inactive_anon 180224
[ 2859.816734][ T4032] active_anon 339968
[ 2859.816734][ T4032] inactive_file 4096
[ 2859.816734][ T4032] active_file 4096
[ 2859.816734][ T4032] unevictable 0
[ 2859.816734][ T4032] slab_reclaimable 16512
[ 2859.816734][ T4032] slab_unreclaimable 308480880
[ 2859.868321][ T4022] device bridge456 entered promiscuous mode
[ 2859.915295][ T4032] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=4032,uid=0
[ 2859.936187][ T4032] Memory cgroup out of memory: Killed process 4032 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2859.954444][ T4037] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2859.965201][ T4037] CPU: 1 PID: 4037 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2859.975563][ T4037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2859.985654][ T4037] Call Trace:
[ 2859.988953][ T4037]  <TASK>
[ 2859.991909][ T4037]  dump_stack_lvl+0xd1/0x138
[ 2859.996545][ T4037]  dump_header+0x10b/0x85f
[ 2860.001001][ T4037]  oom_kill_process.cold+0x10/0x15
[ 2860.006151][ T4037]  out_of_memory+0x35c/0x14a0
[ 2860.010863][ T4037]  ? oom_killer_disable+0x280/0x280
[ 2860.016094][ T4037]  ? find_held_lock+0x2d/0x110
[ 2860.020906][ T4037]  mem_cgroup_out_of_memory+0x206/0x270
[ 2860.026492][ T4037]  ? mem_cgroup_margin+0x130/0x130
[ 2860.031645][ T4037]  ? lock_downgrade+0x6e0/0x6e0
[ 2860.036561][ T4037]  try_charge_memcg+0xef8/0x12f0
[ 2860.041546][ T4037]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2860.047565][ T4037]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2860.053317][ T4037]  ? lock_downgrade+0x6e0/0x6e0
[ 2860.058218][ T4037]  ? lock_downgrade+0x6e0/0x6e0
[ 2860.063129][ T4037]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2860.068717][ T4037]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2860.074915][ T4037]  copy_process+0x15ed/0x7190
[ 2860.079630][ T4037]  ? __lock_acquire+0xbc3/0x56d0
[ 2860.084632][ T4037]  ? __cleanup_sighand+0xb0/0xb0
[ 2860.089604][ T4037]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2860.095635][ T4037]  ? psi_memstall_leave+0x174/0x250
[ 2860.100879][ T4037]  kernel_clone+0xeb/0x980
[ 2860.105323][ T4037]  ? create_io_thread+0xf0/0xf0
[ 2860.110195][ T4037]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2860.116455][ T4037]  ? lock_downgrade+0x6e0/0x6e0
[ 2860.121347][ T4037]  __do_sys_clone+0xba/0x100
[ 2860.125957][ T4037]  ? kernel_clone+0x980/0x980
[ 2860.130677][ T4037]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2860.136593][ T4037]  do_syscall_64+0x39/0xb0
[ 2860.141037][ T4037]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2860.146953][ T4037] RIP: 0033:0x7f8325a8d501
[ 2860.151378][ T4037] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2860.171002][ T4037] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2860.179429][ T4037] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2860.187413][ T4037] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2860.195393][ T4037] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2860.203375][ T4037] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2860.211357][ T4037] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2860.219356][ T4037]  </TASK>
[ 2860.225425][ T4024] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2860.226227][ T4037] memory: usage 307200kB, limit 307200kB, failcnt 69034
10:17:04 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x9e00, @local}]}, 0x48}}, 0x0)

[ 2860.253001][ T4037] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2860.261701][ T4037] Memory cgroup stats for /syz2:
[ 2860.262187][ T4037] anon 90112
[ 2860.262187][ T4037] file 417792
[ 2860.262187][ T4037] kernel 314064896
[ 2860.262187][ T4037] kernel_stack 32768
[ 2860.262187][ T4037] pagetables 69632
[ 2860.262187][ T4037] sec_pagetables 0
[ 2860.262187][ T4037] percpu 5358784
[ 2860.262187][ T4037] sock 0
[ 2860.262187][ T4037] vmalloc 0
[ 2860.262187][ T4037] shmem 417792
[ 2860.262187][ T4037] zswap 0
[ 2860.262187][ T4037] zswapped 0
[ 2860.262187][ T4037] file_mapped 417792
[ 2860.262187][ T4037] file_dirty 0
[ 2860.262187][ T4037] file_writeback 0
[ 2860.262187][ T4037] swapcached 0
[ 2860.262187][ T4037] anon_thp 0
[ 2860.262187][ T4037] file_thp 0
[ 2860.262187][ T4037] shmem_thp 0
[ 2860.262187][ T4037] inactive_anon 94208
[ 2860.262187][ T4037] active_anon 413696
[ 2860.262187][ T4037] inactive_file 0
[ 2860.262187][ T4037] active_file 0
[ 2860.262187][ T4037] unevictable 0
[ 2860.262187][ T4037] slab_reclaimable 10424
10:17:04 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3f00}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2860.262187][ T4037] slab_unreclaimable 308529576
[ 2860.325852][ T4024] device bridge544 entered promiscuous mode
[ 2860.360801][ T4037] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4037,uid=0
[ 2860.378204][ T4037] Memory cgroup out of memory: Killed process 4037 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2860.473894][ T4046] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000
[ 2860.485421][ T4046] CPU: 0 PID: 4046 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2860.493367][ T4025] device macvtap477 entered promiscuous mode
[ 2860.495762][ T4046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2860.495782][ T4046] Call Trace:
[ 2860.495791][ T4046]  <TASK>
[ 2860.495802][ T4046]  dump_stack_lvl+0xd1/0x138
[ 2860.495844][ T4046]  dump_header+0x10b/0x85f
[ 2860.527110][ T4046]  oom_kill_process.cold+0x10/0x15
[ 2860.532254][ T4046]  out_of_memory+0x35c/0x14a0
[ 2860.537142][ T4046]  ? find_held_lock+0x2d/0x110
[ 2860.541951][ T4046]  ? oom_killer_disable+0x280/0x280
[ 2860.547193][ T4046]  ? find_held_lock+0x2d/0x110
[ 2860.552086][ T4046]  mem_cgroup_out_of_memory+0x206/0x270
[ 2860.557662][ T4046]  ? mem_cgroup_margin+0x130/0x130
[ 2860.562806][ T4046]  ? lock_downgrade+0x6e0/0x6e0
[ 2860.567724][ T4046]  try_charge_memcg+0xef8/0x12f0
[ 2860.569413][ T4027] device macvtap577 entered promiscuous mode
[ 2860.572692][ T4046]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2860.572736][ T4046]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2860.590427][ T4046]  ? lock_downgrade+0x6e0/0x6e0
[ 2860.595334][ T4046]  ? lock_downgrade+0x6e0/0x6e0
[ 2860.600237][ T4046]  ? rcu_read_unlock+0x9/0x60
[ 2860.604956][ T4046]  obj_cgroup_charge+0x2af/0x5e0
[ 2860.609943][ T4046]  kmem_cache_alloc_node+0xa9/0x410
[ 2860.610823][ T4029] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2860.615157][ T4046]  ? copy_process+0x5c2/0x7190
[ 2860.615199][ T4046]  copy_process+0x5c2/0x7190
[ 2860.615230][ T4046]  ? wp_page_copy+0x311/0x1ca0
[ 2860.638550][ T4046]  ? __cleanup_sighand+0xb0/0xb0
[ 2860.643540][ T4046]  ? do_wp_page+0x1d9/0x1930
[ 2860.648167][ T4046]  kernel_clone+0xeb/0x980
[ 2860.652622][ T4046]  ? create_io_thread+0xf0/0xf0
[ 2860.657521][ T4046]  ? find_held_lock+0x2d/0x110
[ 2860.662340][ T4046]  __do_sys_clone+0xba/0x100
[ 2860.666954][ T4046]  ? kernel_clone+0x980/0x980
[ 2860.671684][ T4046]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2860.677620][ T4046]  do_syscall_64+0x39/0xb0
[ 2860.682081][ T4046]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2860.688020][ T4046] RIP: 0033:0x7f8325a8d501
[ 2860.692382][ T4029] device macvtap578 entered promiscuous mode
[ 2860.692434][ T4046] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2860.718038][ T4046] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2860.726478][ T4046] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2860.734463][ T4046] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2860.742442][ T4046] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2860.750440][ T4046] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2860.758432][ T4046] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2860.766449][ T4046]  </TASK>
[ 2860.773716][ T4046] memory: usage 307188kB, limit 307200kB, failcnt 69117
[ 2860.781248][ T4046] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2860.789096][ T4046] Memory cgroup stats for /syz2:
[ 2860.789342][ T4046] anon 90112
[ 2860.789342][ T4046] file 417792
[ 2860.789342][ T4046] kernel 314032128
[ 2860.789342][ T4046] kernel_stack 32768
[ 2860.789342][ T4046] pagetables 69632
[ 2860.789342][ T4046] sec_pagetables 0
[ 2860.789342][ T4046] percpu 5358784
[ 2860.789342][ T4046] sock 0
[ 2860.789342][ T4046] vmalloc 0
[ 2860.789342][ T4046] shmem 417792
[ 2860.789342][ T4046] zswap 0
[ 2860.789342][ T4046] zswapped 0
[ 2860.789342][ T4046] file_mapped 417792
[ 2860.789342][ T4046] file_dirty 0
[ 2860.789342][ T4046] file_writeback 0
[ 2860.789342][ T4046] swapcached 0
[ 2860.789342][ T4046] anon_thp 0
[ 2860.789342][ T4046] file_thp 0
[ 2860.789342][ T4046] shmem_thp 0
[ 2860.789342][ T4046] inactive_anon 49152
[ 2860.789342][ T4046] active_anon 413696
[ 2860.789342][ T4046] inactive_file 0
[ 2860.789342][ T4046] active_file 0
[ 2860.789342][ T4046] unevictable 0
[ 2860.789342][ T4046] slab_reclaimable 13000
[ 2860.789342][ T4046] slab_unreclaimable 308522080
[ 2860.891848][ T4028] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2860.905981][ T4046] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4046,uid=0
[ 2860.924133][ T4028] device macvtap478 entered promiscuous mode
10:17:05 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xad, 0x1, @local}]}, 0x48}}, 0x0)

10:17:05 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x1f01}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2860.959850][ T4046] Memory cgroup out of memory: Killed process 4046 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2861.009053][ T4036] device bridge1797 entered promiscuous mode
10:17:05 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3f01}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2861.099403][ T4044] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000
[ 2861.121967][ T4038] device macvtap2187 entered promiscuous mode
[ 2861.128263][ T4044] CPU: 1 PID: 4044 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2861.138622][ T4044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2861.148697][ T4044] Call Trace:
[ 2861.151992][ T4044]  <TASK>
[ 2861.154938][ T4044]  dump_stack_lvl+0xd1/0x138
[ 2861.159570][ T4044]  dump_header+0x10b/0x85f
[ 2861.164027][ T4044]  oom_kill_process.cold+0x10/0x15
[ 2861.169177][ T4044]  out_of_memory+0x35c/0x14a0
[ 2861.173894][ T4044]  ? find_held_lock+0x2d/0x110
[ 2861.178699][ T4044]  ? oom_killer_disable+0x280/0x280
[ 2861.183934][ T4044]  ? find_held_lock+0x2d/0x110
[ 2861.188747][ T4044]  mem_cgroup_out_of_memory+0x206/0x270
[ 2861.194327][ T4044]  ? mem_cgroup_margin+0x130/0x130
[ 2861.199474][ T4044]  ? lock_downgrade+0x6e0/0x6e0
[ 2861.204394][ T4044]  try_charge_memcg+0xef8/0x12f0
[ 2861.209382][ T4044]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2861.215400][ T4044]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2861.221159][ T4044]  ? lock_downgrade+0x6e0/0x6e0
[ 2861.226059][ T4044]  ? lock_downgrade+0x6e0/0x6e0
[ 2861.230956][ T4044]  ? rcu_read_unlock+0x9/0x60
[ 2861.235673][ T4044]  obj_cgroup_charge+0x2af/0x5e0
[ 2861.240656][ T4044]  kmem_cache_alloc_node+0xa9/0x410
[ 2861.245889][ T4044]  ? copy_process+0x5c2/0x7190
[ 2861.250693][ T4044]  copy_process+0x5c2/0x7190
[ 2861.255320][ T4044]  ? find_held_lock+0x2d/0x110
[ 2861.260136][ T4044]  ? find_held_lock+0x2d/0x110
[ 2861.264944][ T4044]  ? __cleanup_sighand+0xb0/0xb0
[ 2861.269931][ T4044]  ? __handle_mm_fault+0x2d0f/0x3a40
[ 2861.275247][ T4044]  ? lock_downgrade+0x6e0/0x6e0
[ 2861.280138][ T4044]  ? folio_flags.constprop.0+0x53/0x150
[ 2861.285734][ T4044]  ? folio_add_lru+0x37b/0x680
[ 2861.290546][ T4044]  kernel_clone+0xeb/0x980
[ 2861.295001][ T4044]  ? create_io_thread+0xf0/0xf0
[ 2861.299890][ T4044]  ? find_held_lock+0x2d/0x110
[ 2861.304701][ T4044]  __do_sys_clone+0xba/0x100
[ 2861.309324][ T4044]  ? kernel_clone+0x980/0x980
[ 2861.314060][ T4044]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2861.319994][ T4044]  do_syscall_64+0x39/0xb0
[ 2861.324451][ T4044]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2861.330380][ T4044] RIP: 0033:0x7f69a668d501
[ 2861.334817][ T4044] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2861.354450][ T4044] RSP: 002b:00007ffea4dd3058 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2861.362890][ T4044] RAX: ffffffffffffffda RBX: 00007f69a746c700 RCX: 00007f69a668d501
[ 2861.370883][ T4044] RDX: 00007f69a746c9d0 RSI: 00007f69a746c2f0 RDI: 00000000003d0f00
[ 2861.378870][ T4044] RBP: 00007ffea4dd32a0 R08: 00007f69a746c700 R09: 00007f69a746c700
[ 2861.386870][ T4044] R10: 00007f69a746c9d0 R11: 0000000000000206 R12: 00007ffea4dd310e
[ 2861.394860][ T4044] R13: 00007ffea4dd310f R14: 00007f69a746c300 R15: 0000000000022000
[ 2861.402871][ T4044]  </TASK>
[ 2861.425925][ T4044] memory: usage 307196kB, limit 307200kB, failcnt 15020
[ 2861.442918][ T4044] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2861.453901][ T4044] Memory cgroup stats for /syz1:
[ 2861.454146][ T4044] anon 147456
[ 2861.454146][ T4044] file 393216
[ 2861.454146][ T4044] kernel 314028032
[ 2861.454146][ T4044] kernel_stack 65536
[ 2861.454146][ T4044] pagetables 81920
[ 2861.454146][ T4044] sec_pagetables 0
[ 2861.454146][ T4044] percpu 5356416
[ 2861.454146][ T4044] sock 0
[ 2861.454146][ T4044] vmalloc 0
[ 2861.454146][ T4044] shmem 385024
[ 2861.454146][ T4044] zswap 0
[ 2861.454146][ T4044] zswapped 0
[ 2861.454146][ T4044] file_mapped 385024
[ 2861.454146][ T4044] file_dirty 0
[ 2861.454146][ T4044] file_writeback 0
[ 2861.454146][ T4044] swapcached 0
[ 2861.454146][ T4044] anon_thp 0
[ 2861.454146][ T4044] file_thp 0
[ 2861.454146][ T4044] shmem_thp 0
[ 2861.454146][ T4044] inactive_anon 192512
[ 2861.454146][ T4044] active_anon 339968
[ 2861.454146][ T4044] inactive_file 4096
[ 2861.454146][ T4044] active_file 4096
[ 2861.454146][ T4044] unevictable 0
[ 2861.454146][ T4044] slab_reclaimable 16512
[ 2861.454146][ T4044] slab_unreclaimable 308470328
[ 2861.468533][ T4039] device macvtap2188 entered promiscuous mode
[ 2861.566373][ T4044] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=4044,uid=0
[ 2861.566548][ T4044] Memory cgroup out of memory: Killed process 4044 (syz-executor.1) total-vm:54672kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2861.589573][ T4052] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2861.671786][ T4052] CPU: 0 PID: 4052 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2861.682159][ T4052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2861.692233][ T4052] Call Trace:
[ 2861.695525][ T4052]  <TASK>
[ 2861.698474][ T4052]  dump_stack_lvl+0xd1/0x138
[ 2861.703105][ T4052]  dump_header+0x10b/0x85f
[ 2861.707540][ T4052]  oom_kill_process.cold+0x10/0x15
[ 2861.712657][ T4052]  out_of_memory+0x35c/0x14a0
[ 2861.717335][ T4052]  ? find_held_lock+0x2d/0x110
[ 2861.722119][ T4052]  ? oom_killer_disable+0x280/0x280
[ 2861.727321][ T4052]  ? find_held_lock+0x2d/0x110
[ 2861.732120][ T4052]  mem_cgroup_out_of_memory+0x206/0x270
[ 2861.737701][ T4052]  ? mem_cgroup_margin+0x130/0x130
[ 2861.742844][ T4052]  ? lock_downgrade+0x6e0/0x6e0
[ 2861.747756][ T4052]  try_charge_memcg+0xef8/0x12f0
[ 2861.752747][ T4052]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2861.758758][ T4052]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2861.764494][ T4052]  ? lock_downgrade+0x6e0/0x6e0
[ 2861.769349][ T4052]  ? lock_downgrade+0x6e0/0x6e0
[ 2861.774226][ T4052]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2861.779813][ T4052]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2861.785992][ T4052]  copy_process+0x73e/0x7190
[ 2861.790604][ T4052]  ? __lock_acquire+0xbc3/0x56d0
[ 2861.795582][ T4052]  ? __cleanup_sighand+0xb0/0xb0
[ 2861.800541][ T4052]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2861.806553][ T4052]  ? psi_memstall_leave+0x174/0x250
[ 2861.811784][ T4052]  kernel_clone+0xeb/0x980
[ 2861.816223][ T4052]  ? create_io_thread+0xf0/0xf0
[ 2861.821093][ T4052]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2861.827352][ T4052]  ? lock_downgrade+0x6e0/0x6e0
[ 2861.832245][ T4052]  __do_sys_clone+0xba/0x100
[ 2861.836863][ T4052]  ? kernel_clone+0x980/0x980
[ 2861.841571][ T4052]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2861.847488][ T4052]  do_syscall_64+0x39/0xb0
[ 2861.851928][ T4052]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2861.857842][ T4052] RIP: 0033:0x7f8325a8d501
[ 2861.862267][ T4052] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2861.881886][ T4052] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2861.890311][ T4052] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2861.898291][ T4052] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2861.906271][ T4052] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2861.914253][ T4052] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2861.922232][ T4052] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2861.930239][ T4052]  </TASK>
[ 2861.940669][ T4052] memory: usage 307196kB, limit 307200kB, failcnt 69260
[ 2861.957689][ T4052] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2861.964847][ T4052] Memory cgroup stats for /syz2:
[ 2861.965086][ T4052] anon 90112
[ 2861.965086][ T4052] file 417792
[ 2861.965086][ T4052] kernel 314060800
[ 2861.965086][ T4052] kernel_stack 32768
[ 2861.965086][ T4052] pagetables 69632
[ 2861.965086][ T4052] sec_pagetables 0
[ 2861.965086][ T4052] percpu 5358784
[ 2861.965086][ T4052] sock 0
[ 2861.965086][ T4052] vmalloc 0
[ 2861.965086][ T4052] shmem 417792
[ 2861.965086][ T4052] zswap 0
[ 2861.965086][ T4052] zswapped 0
[ 2861.965086][ T4052] file_mapped 417792
[ 2861.965086][ T4052] file_dirty 0
[ 2861.965086][ T4052] file_writeback 0
[ 2861.965086][ T4052] swapcached 0
[ 2861.965086][ T4052] anon_thp 0
[ 2861.965086][ T4052] file_thp 0
[ 2861.965086][ T4052] shmem_thp 0
[ 2861.965086][ T4052] inactive_anon 94208
[ 2861.965086][ T4052] active_anon 413696
[ 2861.965086][ T4052] inactive_file 0
[ 2861.965086][ T4052] active_file 0
[ 2861.965086][ T4052] unevictable 0
[ 2861.965086][ T4052] slab_reclaimable 10424
[ 2861.965086][ T4052] slab_unreclaimable 308529576
[ 2861.981752][ T4041] device bridge1338 entered promiscuous mode
10:17:06 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x12a660}, 0x0)

[ 2862.059653][ T4052] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4052,uid=0
[ 2862.085596][ T4052] Memory cgroup out of memory: Killed process 4052 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
10:17:06 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3f02}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2862.248199][ T4042] device macvtap1332 entered promiscuous mode
[ 2862.279349][ T4059] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2862.291744][ T4059] CPU: 0 PID: 4059 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2862.302207][ T4059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2862.312279][ T4059] Call Trace:
[ 2862.315568][ T4059]  <TASK>
[ 2862.318516][ T4059]  dump_stack_lvl+0xd1/0x138
[ 2862.319304][ T4043] device macvtap1333 entered promiscuous mode
[ 2862.323124][ T4059]  dump_header+0x10b/0x85f
[ 2862.323162][ T4059]  oom_kill_process.cold+0x10/0x15
[ 2862.323197][ T4059]  out_of_memory+0x35c/0x14a0
[ 2862.343460][ T4059]  ? find_held_lock+0x2d/0x110
10:17:06 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa1, 0x1, @local}]}, 0x48}}, 0x0)

[ 2862.348256][ T4059]  ? oom_killer_disable+0x280/0x280
[ 2862.353494][ T4059]  ? find_held_lock+0x2d/0x110
[ 2862.358301][ T4059]  mem_cgroup_out_of_memory+0x206/0x270
[ 2862.363885][ T4059]  ? mem_cgroup_margin+0x130/0x130
[ 2862.369019][ T4059]  ? lock_downgrade+0x6e0/0x6e0
[ 2862.373934][ T4059]  try_charge_memcg+0xef8/0x12f0
[ 2862.378919][ T4059]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2862.384938][ T4059]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2862.390685][ T4059]  ? lock_downgrade+0x6e0/0x6e0
[ 2862.395585][ T4059]  ? lock_downgrade+0x6e0/0x6e0
[ 2862.400491][ T4059]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2862.406067][ T4059]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2862.412417][ T4059]  copy_process+0x15ed/0x7190
[ 2862.417113][ T4059]  ? __lock_acquire+0xbc3/0x56d0
[ 2862.422094][ T4059]  ? __cleanup_sighand+0xb0/0xb0
[ 2862.427046][ T4059]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2862.433059][ T4059]  ? psi_memstall_leave+0x174/0x250
[ 2862.438284][ T4059]  kernel_clone+0xeb/0x980
[ 2862.442719][ T4059]  ? create_io_thread+0xf0/0xf0
[ 2862.447593][ T4059]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2862.453851][ T4059]  ? lock_downgrade+0x6e0/0x6e0
[ 2862.458741][ T4059]  __do_sys_clone+0xba/0x100
[ 2862.463355][ T4059]  ? kernel_clone+0x980/0x980
[ 2862.468062][ T4059]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2862.473977][ T4059]  do_syscall_64+0x39/0xb0
[ 2862.478417][ T4059]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2862.484330][ T4059] RIP: 0033:0x7f8325a8d501
[ 2862.488754][ T4059] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2862.508387][ T4059] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2862.516829][ T4059] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2862.524834][ T4059] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2862.532818][ T4059] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2862.540812][ T4059] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2862.548798][ T4059] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2862.556805][ T4059]  </TASK>
[ 2862.566942][ T4045] __nla_validate_parse: 2 callbacks suppressed
[ 2862.566960][ T4045] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2862.658113][ T4059] memory: usage 307172kB, limit 307200kB, failcnt 69391
[ 2862.665347][ T4059] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2862.674420][ T4059] Memory cgroup stats for /syz2:
[ 2862.674842][ T4059] anon 90112
[ 2862.674842][ T4059] file 417792
[ 2862.674842][ T4059] kernel 314036224
[ 2862.674842][ T4059] kernel_stack 32768
[ 2862.674842][ T4059] pagetables 69632
[ 2862.674842][ T4059] sec_pagetables 0
[ 2862.674842][ T4059] percpu 5358784
[ 2862.674842][ T4059] sock 0
[ 2862.674842][ T4059] vmalloc 0
[ 2862.674842][ T4059] shmem 417792
[ 2862.674842][ T4059] zswap 0
[ 2862.674842][ T4059] zswapped 0
[ 2862.674842][ T4059] file_mapped 417792
[ 2862.674842][ T4059] file_dirty 0
[ 2862.674842][ T4059] file_writeback 0
[ 2862.674842][ T4059] swapcached 0
[ 2862.674842][ T4059] anon_thp 0
[ 2862.674842][ T4059] file_thp 0
[ 2862.674842][ T4059] shmem_thp 0
[ 2862.674842][ T4059] inactive_anon 94208
[ 2862.674842][ T4059] active_anon 413696
[ 2862.674842][ T4059] inactive_file 0
[ 2862.674842][ T4059] active_file 0
[ 2862.674842][ T4059] unevictable 0
[ 2862.674842][ T4059] slab_reclaimable 10424
[ 2862.674842][ T4059] slab_unreclaimable 308529576
[ 2862.777886][ T4059] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4059,uid=0
[ 2862.795280][ T4048] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
10:17:07 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x9f00, @local}]}, 0x48}}, 0x0)

[ 2862.820783][ T4048] device bridge545 entered promiscuous mode
[ 2862.826849][ T4059] Memory cgroup out of memory: Killed process 4059 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2862.893278][ T4050] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2862.947650][ T4050] device bridge457 entered promiscuous mode
10:17:07 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x3f03}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2863.053510][ T4051] device macvtap578 entered promiscuous mode
[ 2863.107893][ T4067] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2863.146997][ T4067] CPU: 1 PID: 4067 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2863.157377][ T4067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2863.167545][ T4067] Call Trace:
[ 2863.170843][ T4067]  <TASK>
[ 2863.173796][ T4067]  dump_stack_lvl+0xd1/0x138
[ 2863.178429][ T4067]  dump_header+0x10b/0x85f
[ 2863.182886][ T4067]  oom_kill_process.cold+0x10/0x15
[ 2863.188038][ T4067]  out_of_memory+0x35c/0x14a0
[ 2863.192765][ T4067]  ? find_held_lock+0x2d/0x110
[ 2863.197575][ T4067]  ? oom_killer_disable+0x280/0x280
[ 2863.202808][ T4067]  ? find_held_lock+0x2d/0x110
[ 2863.207618][ T4067]  mem_cgroup_out_of_memory+0x206/0x270
[ 2863.213185][ T4067]  ? mem_cgroup_margin+0x130/0x130
[ 2863.218312][ T4067]  ? lock_downgrade+0x6e0/0x6e0
[ 2863.223208][ T4067]  try_charge_memcg+0xef8/0x12f0
[ 2863.228177][ T4067]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2863.234180][ T4067]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2863.239917][ T4067]  ? lock_downgrade+0x6e0/0x6e0
[ 2863.244799][ T4067]  ? lock_downgrade+0x6e0/0x6e0
[ 2863.249691][ T4067]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2863.255268][ T4067]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2863.261443][ T4067]  copy_process+0x73e/0x7190
[ 2863.266053][ T4067]  ? __lock_acquire+0xbc3/0x56d0
[ 2863.271034][ T4067]  ? __cleanup_sighand+0xb0/0xb0
[ 2863.275988][ T4067]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2863.281999][ T4067]  ? psi_memstall_leave+0x174/0x250
[ 2863.287227][ T4067]  kernel_clone+0xeb/0x980
[ 2863.291662][ T4067]  ? create_io_thread+0xf0/0xf0
[ 2863.296534][ T4067]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2863.302793][ T4067]  ? lock_downgrade+0x6e0/0x6e0
[ 2863.307682][ T4067]  __do_sys_clone+0xba/0x100
[ 2863.312295][ T4067]  ? kernel_clone+0x980/0x980
[ 2863.317001][ T4067]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2863.322918][ T4067]  do_syscall_64+0x39/0xb0
[ 2863.327359][ T4067]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2863.333277][ T4067] RIP: 0033:0x7f8325a8d501
[ 2863.337702][ T4067] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2863.357326][ T4067] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2863.365757][ T4067] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2863.373740][ T4067] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2863.381725][ T4067] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2863.389710][ T4067] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2863.397688][ T4067] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2863.405691][ T4067]  </TASK>
[ 2863.457793][ T4053] device macvtap479 entered promiscuous mode
[ 2863.497808][ T4067] memory: usage 307184kB, limit 307200kB, failcnt 69491
[ 2863.507212][ T4067] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2863.522672][ T4054] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2863.536709][ T4067] Memory cgroup stats for /syz2:
[ 2863.536960][ T4067] anon 90112
[ 2863.536960][ T4067] file 417792
[ 2863.536960][ T4067] kernel 314048512
[ 2863.536960][ T4067] kernel_stack 32768
[ 2863.536960][ T4067] pagetables 69632
[ 2863.536960][ T4067] sec_pagetables 0
[ 2863.536960][ T4067] percpu 5358784
[ 2863.536960][ T4067] sock 0
[ 2863.536960][ T4067] vmalloc 0
[ 2863.536960][ T4067] shmem 417792
[ 2863.536960][ T4067] zswap 0
[ 2863.536960][ T4067] zswapped 0
[ 2863.536960][ T4067] file_mapped 417792
[ 2863.536960][ T4067] file_dirty 0
[ 2863.536960][ T4067] file_writeback 0
[ 2863.536960][ T4067] swapcached 0
[ 2863.536960][ T4067] anon_thp 0
[ 2863.536960][ T4067] file_thp 0
[ 2863.536960][ T4067] shmem_thp 0
[ 2863.536960][ T4067] inactive_anon 69632
[ 2863.536960][ T4067] active_anon 413696
[ 2863.536960][ T4067] inactive_file 0
[ 2863.536960][ T4067] active_file 0
[ 2863.536960][ T4067] unevictable 0
[ 2863.536960][ T4067] slab_reclaimable 10424
[ 2863.536960][ T4067] slab_unreclaimable 308529576
[ 2863.671996][ T4054] device macvtap579 entered promiscuous mode
10:17:07 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x1e02}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2863.721169][ T4055] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2863.779045][ T4067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4067,uid=0
[ 2863.795627][ T4067] Memory cgroup out of memory: Killed process 4067 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
10:17:08 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4000}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2863.838055][ T4055] device macvtap480 entered promiscuous mode
[ 2863.851612][ T4065] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2863.877565][ T4065] CPU: 0 PID: 4065 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2863.887933][ T4065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2863.898011][ T4065] Call Trace:
[ 2863.901309][ T4065]  <TASK>
[ 2863.904263][ T4065]  dump_stack_lvl+0xd1/0x138
[ 2863.908897][ T4065]  dump_header+0x10b/0x85f
[ 2863.913351][ T4065]  oom_kill_process.cold+0x10/0x15
[ 2863.918504][ T4065]  out_of_memory+0x35c/0x14a0
[ 2863.923221][ T4065]  ? find_held_lock+0x2d/0x110
[ 2863.928016][ T4065]  ? oom_killer_disable+0x280/0x280
[ 2863.933241][ T4065]  ? find_held_lock+0x2d/0x110
[ 2863.938055][ T4065]  mem_cgroup_out_of_memory+0x206/0x270
[ 2863.943633][ T4065]  ? mem_cgroup_margin+0x130/0x130
[ 2863.948778][ T4065]  ? lock_downgrade+0x6e0/0x6e0
[ 2863.953694][ T4065]  try_charge_memcg+0xef8/0x12f0
[ 2863.958676][ T4065]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2863.964706][ T4065]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2863.970450][ T4065]  ? lock_downgrade+0x6e0/0x6e0
[ 2863.975321][ T4065]  ? lock_downgrade+0x6e0/0x6e0
[ 2863.980191][ T4065]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2863.985738][ T4065]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2863.991905][ T4065]  copy_process+0x15ed/0x7190
[ 2863.996618][ T4065]  ? find_held_lock+0x2d/0x110
[ 2864.001438][ T4065]  ? __cleanup_sighand+0xb0/0xb0
[ 2864.006403][ T4065]  ? __handle_mm_fault+0x2d0f/0x3a40
[ 2864.011707][ T4065]  ? lock_downgrade+0x6e0/0x6e0
[ 2864.016585][ T4065]  ? folio_flags.constprop.0+0x53/0x150
[ 2864.022163][ T4065]  ? folio_add_lru+0x37b/0x680
[ 2864.026958][ T4065]  kernel_clone+0xeb/0x980
[ 2864.031370][ T4065]  ? create_io_thread+0xf0/0xf0
[ 2864.036220][ T4065]  ? find_held_lock+0x2d/0x110
[ 2864.041010][ T4065]  __do_sys_clone+0xba/0x100
[ 2864.045632][ T4065]  ? kernel_clone+0x980/0x980
[ 2864.050368][ T4065]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2864.056302][ T4065]  do_syscall_64+0x39/0xb0
[ 2864.060747][ T4065]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2864.066644][ T4065] RIP: 0033:0x7f69a668d501
[ 2864.071059][ T4065] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2864.090680][ T4065] RSP: 002b:00007ffea4dd3058 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2864.099124][ T4065] RAX: ffffffffffffffda RBX: 00007f69a746c700 RCX: 00007f69a668d501
[ 2864.107125][ T4065] RDX: 00007f69a746c9d0 RSI: 00007f69a746c2f0 RDI: 00000000003d0f00
[ 2864.115119][ T4065] RBP: 00007ffea4dd32a0 R08: 00007f69a746c700 R09: 00007f69a746c700
[ 2864.123110][ T4065] R10: 00007f69a746c9d0 R11: 0000000000000206 R12: 00007ffea4dd310e
[ 2864.131074][ T4065] R13: 00007ffea4dd310f R14: 00007f69a746c300 R15: 0000000000022000
[ 2864.139073][ T4065]  </TASK>
[ 2864.164415][ T4065] memory: usage 307200kB, limit 307200kB, failcnt 15157
[ 2864.179961][ T4065] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2864.186924][ T4065] Memory cgroup stats for /syz1:
[ 2864.187146][ T4065] anon 147456
[ 2864.187146][ T4065] file 393216
[ 2864.187146][ T4065] kernel 314032128
[ 2864.187146][ T4065] kernel_stack 65536
[ 2864.187146][ T4065] pagetables 81920
[ 2864.187146][ T4065] sec_pagetables 0
[ 2864.187146][ T4065] percpu 5356416
[ 2864.187146][ T4065] sock 0
[ 2864.187146][ T4065] vmalloc 0
[ 2864.187146][ T4065] shmem 385024
[ 2864.187146][ T4065] zswap 0
[ 2864.187146][ T4065] zswapped 0
[ 2864.187146][ T4065] file_mapped 385024
[ 2864.187146][ T4065] file_dirty 0
[ 2864.187146][ T4065] file_writeback 0
[ 2864.187146][ T4065] swapcached 0
[ 2864.187146][ T4065] anon_thp 0
[ 2864.187146][ T4065] file_thp 0
[ 2864.187146][ T4065] shmem_thp 0
[ 2864.187146][ T4065] inactive_anon 192512
[ 2864.187146][ T4065] active_anon 339968
[ 2864.187146][ T4065] inactive_file 4096
[ 2864.187146][ T4065] active_file 4096
[ 2864.187146][ T4065] unevictable 0
[ 2864.187146][ T4065] slab_reclaimable 16512
[ 2864.187146][ T4065] slab_unreclaimable 308472584
[ 2864.194081][ T4057] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2864.291504][ T4065] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=4065,uid=0
[ 2864.291681][ T4065] Memory cgroup out of memory: Killed process 4065 (syz-executor.1) total-vm:54672kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2864.344068][ T4057] device bridge1798 entered promiscuous mode
[ 2864.357673][ T4071] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[ 2864.375944][ T4071] CPU: 1 PID: 4071 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2864.386299][ T4071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2864.396370][ T4071] Call Trace:
[ 2864.399661][ T4071]  <TASK>
[ 2864.402614][ T4071]  dump_stack_lvl+0xd1/0x138
[ 2864.407245][ T4071]  dump_header+0x10b/0x85f
[ 2864.411695][ T4071]  oom_kill_process.cold+0x10/0x15
[ 2864.416853][ T4071]  out_of_memory+0x35c/0x14a0
[ 2864.421576][ T4071]  ? oom_killer_disable+0x280/0x280
[ 2864.426821][ T4071]  ? find_held_lock+0x2d/0x110
[ 2864.431630][ T4071]  mem_cgroup_out_of_memory+0x206/0x270
[ 2864.437209][ T4071]  ? mem_cgroup_margin+0x130/0x130
[ 2864.442349][ T4071]  ? lock_downgrade+0x6e0/0x6e0
[ 2864.447283][ T4071]  try_charge_memcg+0xef8/0x12f0
[ 2864.452272][ T4071]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2864.458290][ T4071]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2864.464042][ T4071]  ? lock_downgrade+0x6e0/0x6e0
[ 2864.468964][ T4071]  ? lock_downgrade+0x6e0/0x6e0
[ 2864.473901][ T4071]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2864.479503][ T4071]  __alloc_pages+0x1f3/0x5b0
[ 2864.480633][ T4058] device macvtap2188 entered promiscuous mode
[ 2864.484119][ T4071]  ? __alloc_pages_slowpath.constprop.0+0x23d0/0x23d0
[ 2864.497000][ T4071]  ? __lock_acquire+0xbc3/0x56d0
[ 2864.502002][ T4071]  ? mark_lock.part.0+0xee/0x1910
[ 2864.507078][ T4071]  alloc_pages+0x1aa/0x270
[ 2864.511538][ T4071]  pte_alloc_one+0x1a/0x230
[ 2864.516079][ T4071]  __handle_mm_fault+0x3151/0x3a40
[ 2864.521226][ T4071]  ? vm_iomap_memory+0x190/0x190
[ 2864.526209][ T4071]  handle_mm_fault+0x1cc/0x780
[ 2864.531001][ T4071]  do_user_addr_fault+0x475/0x1210
[ 2864.536150][ T4071]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2864.541751][ T4071]  exc_page_fault+0x98/0x170
[ 2864.546377][ T4071]  asm_exc_page_fault+0x26/0x30
[ 2864.551268][ T4071] RIP: 0033:0x7f8325a368cf
10:17:08 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0x9e, 0x1, @local}]}, 0x48}}, 0x0)

[ 2864.555711][ T4071] Code: 24 2c 00 00 00 00 4c 8b 0d ce 70 17 00 48 8b 94 24 b8 00 00 00 4d 8d 81 00 00 40 00 4c 39 c2 0f 83 64 0f 00 00 48 8b 44 24 58 <48> 8b 32 4c 8d 52 08 4c 89 94 24 b8 00 00 00 48 89 74 24 10 48 83
[ 2864.575346][ T4071] RSP: 002b:00007fff9cb6b2e0 EFLAGS: 00010287
[ 2864.581449][ T4071] RAX: 00000000002bb2fe RBX: 0000000000000000 RCX: 00000000002baf98
[ 2864.589439][ T4071] RDX: 00007f8325600000 RSI: 00007fff9cb6b2c0 RDI: 0000000000000001
[ 2864.590915][ T4060] device macvtap2189 entered promiscuous mode
[ 2864.597405][ T4071] RBP: 0000000000000000 R08: 00007f8325a00000 R09: 00007f8325600000
[ 2864.597426][ T4071] R10: 00007fff9cb80090 R11: 0000000000080fcc R12: 0000000000000001
[ 2864.597443][ T4071] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fff9cb6b580
[ 2864.597482][ T4071]  </TASK>
[ 2864.620550][ T4071] memory: usage 307148kB, limit 307200kB, failcnt 69578
[ 2864.645472][ T4071] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2864.653933][ T4071] Memory cgroup stats for /syz2:
[ 2864.662305][ T4071] anon 77824
[ 2864.662305][ T4071] file 417792
[ 2864.662305][ T4071] kernel 314023936
[ 2864.662305][ T4071] kernel_stack 32768
[ 2864.662305][ T4071] pagetables 65536
[ 2864.662305][ T4071] sec_pagetables 0
[ 2864.662305][ T4071] percpu 5358784
[ 2864.662305][ T4071] sock 0
[ 2864.662305][ T4071] vmalloc 0
[ 2864.662305][ T4071] shmem 417792
[ 2864.662305][ T4071] zswap 0
[ 2864.662305][ T4071] zswapped 0
[ 2864.662305][ T4071] file_mapped 417792
[ 2864.662305][ T4071] file_dirty 0
[ 2864.662305][ T4071] file_writeback 0
[ 2864.662305][ T4071] swapcached 0
[ 2864.662305][ T4071] anon_thp 0
[ 2864.662305][ T4071] file_thp 0
[ 2864.662305][ T4071] shmem_thp 0
[ 2864.662305][ T4071] inactive_anon 81920
[ 2864.662305][ T4071] active_anon 413696
[ 2864.662305][ T4071] inactive_file 0
[ 2864.662305][ T4071] active_file 0
[ 2864.662305][ T4071] unevictable 0
[ 2864.662305][ T4071] slab_reclaimable 10424
[ 2864.662305][ T4071] slab_unreclaimable 308521232
[ 2864.761868][ T4071] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4071,uid=0
[ 2864.780673][ T4071] Memory cgroup out of memory: Killed process 4071 (syz-executor.2) total-vm:54408kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:1000
10:17:09 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4001}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2864.810804][ T4062] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
10:17:09 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x12a661}, 0x0)

[ 2864.896740][ T4062] device bridge1339 entered promiscuous mode
[ 2864.925964][ T4077] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2864.939149][ T4077] CPU: 0 PID: 4077 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2864.949517][ T4077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2864.959594][ T4077] Call Trace:
[ 2864.962891][ T4077]  <TASK>
[ 2864.965840][ T4077]  dump_stack_lvl+0xd1/0x138
[ 2864.970475][ T4077]  dump_header+0x10b/0x85f
[ 2864.974928][ T4077]  oom_kill_process.cold+0x10/0x15
[ 2864.980069][ T4077]  out_of_memory+0x35c/0x14a0
[ 2864.984781][ T4077]  ? find_held_lock+0x2d/0x110
[ 2864.989576][ T4077]  ? oom_killer_disable+0x280/0x280
[ 2864.993813][ T4063] device macvtap1334 entered promiscuous mode
[ 2864.994783][ T4077]  ? find_held_lock+0x2d/0x110
[ 2864.994837][ T4077]  mem_cgroup_out_of_memory+0x206/0x270
[ 2865.011205][ T4077]  ? mem_cgroup_margin+0x130/0x130
[ 2865.016345][ T4077]  ? lock_downgrade+0x6e0/0x6e0
[ 2865.021261][ T4077]  try_charge_memcg+0xef8/0x12f0
[ 2865.026247][ T4077]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2865.032264][ T4077]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2865.038021][ T4077]  ? lock_downgrade+0x6e0/0x6e0
[ 2865.042922][ T4077]  ? lock_downgrade+0x6e0/0x6e0
[ 2865.047833][ T4077]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2865.051002][ T4064] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2865.053405][ T4077]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2865.053447][ T4077]  copy_process+0x15ed/0x7190
[ 2865.073550][ T4077]  ? __lock_acquire+0xbc3/0x56d0
[ 2865.078547][ T4077]  ? __cleanup_sighand+0xb0/0xb0
[ 2865.083518][ T4077]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2865.089550][ T4077]  ? psi_memstall_leave+0x174/0x250
[ 2865.094802][ T4077]  kernel_clone+0xeb/0x980
[ 2865.099256][ T4077]  ? create_io_thread+0xf0/0xf0
[ 2865.104136][ T4077]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2865.110400][ T4077]  ? lock_downgrade+0x6e0/0x6e0
[ 2865.115309][ T4077]  __do_sys_clone+0xba/0x100
[ 2865.119922][ T4077]  ? kernel_clone+0x980/0x980
[ 2865.124650][ T4077]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2865.130584][ T4077]  do_syscall_64+0x39/0xb0
[ 2865.134435][ T4064] device macvtap1335 entered promiscuous mode
[ 2865.135022][ T4077]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2865.135063][ T4077] RIP: 0033:0x7f8325a8d501
[ 2865.151434][ T4077] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2865.171071][ T4077] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2865.179518][ T4077] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2865.187522][ T4077] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
10:17:09 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0x9b, 0x1, @local}]}, 0x48}}, 0x0)

[ 2865.195515][ T4077] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2865.198440][ T4066] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2865.203489][ T4077] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2865.203511][ T4077] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2865.203552][ T4077]  </TASK>
[ 2865.219395][ T4077] memory: usage 307172kB, limit 307200kB, failcnt 69652
[ 2865.252229][ T4077] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2865.260402][ T4077] Memory cgroup stats for /syz2:
[ 2865.260906][ T4077] anon 90112
[ 2865.260906][ T4077] file 417792
[ 2865.260906][ T4077] kernel 314036224
[ 2865.260906][ T4077] kernel_stack 32768
[ 2865.260906][ T4077] pagetables 69632
[ 2865.260906][ T4077] sec_pagetables 0
[ 2865.260906][ T4077] percpu 5358784
[ 2865.260906][ T4077] sock 0
[ 2865.260906][ T4077] vmalloc 0
[ 2865.260906][ T4077] shmem 417792
[ 2865.260906][ T4077] zswap 0
[ 2865.260906][ T4077] zswapped 0
[ 2865.260906][ T4077] file_mapped 417792
[ 2865.260906][ T4077] file_dirty 0
[ 2865.260906][ T4077] file_writeback 0
[ 2865.260906][ T4077] swapcached 0
[ 2865.260906][ T4077] anon_thp 0
[ 2865.260906][ T4077] file_thp 0
[ 2865.260906][ T4077] shmem_thp 0
[ 2865.260906][ T4077] inactive_anon 94208
[ 2865.260906][ T4077] active_anon 413696
[ 2865.260906][ T4077] inactive_file 0
[ 2865.260906][ T4077] active_file 0
[ 2865.260906][ T4077] unevictable 0
[ 2865.260906][ T4077] slab_reclaimable 10424
10:17:09 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4002}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2865.260906][ T4077] slab_unreclaimable 308529576
[ 2865.361669][ T4077] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4077,uid=0
[ 2865.377534][ T4077] Memory cgroup out of memory: Killed process 4077 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
10:17:09 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0xa000, @local}]}, 0x48}}, 0x0)

[ 2865.458703][ T4069] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2865.514466][ T4069] device bridge546 entered promiscuous mode
[ 2865.544457][ T4087] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2865.566774][ T4087] CPU: 1 PID: 4087 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2865.577142][ T4087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2865.587218][ T4087] Call Trace:
[ 2865.590508][ T4087]  <TASK>
[ 2865.593447][ T4087]  dump_stack_lvl+0xd1/0x138
[ 2865.598064][ T4087]  dump_header+0x10b/0x85f
[ 2865.602502][ T4087]  oom_kill_process.cold+0x10/0x15
[ 2865.607650][ T4087]  out_of_memory+0x35c/0x14a0
[ 2865.612351][ T4087]  ? find_held_lock+0x2d/0x110
[ 2865.617139][ T4087]  ? oom_killer_disable+0x280/0x280
[ 2865.622360][ T4087]  ? find_held_lock+0x2d/0x110
[ 2865.627151][ T4087]  mem_cgroup_out_of_memory+0x206/0x270
[ 2865.632716][ T4087]  ? mem_cgroup_margin+0x130/0x130
[ 2865.637852][ T4087]  ? lock_downgrade+0x6e0/0x6e0
[ 2865.642764][ T4087]  try_charge_memcg+0xef8/0x12f0
[ 2865.647751][ T4087]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2865.653756][ T4087]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2865.659493][ T4087]  ? lock_downgrade+0x6e0/0x6e0
[ 2865.664384][ T4087]  ? lock_downgrade+0x6e0/0x6e0
[ 2865.669277][ T4087]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2865.674854][ T4087]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2865.681063][ T4087]  copy_process+0x73e/0x7190
[ 2865.685687][ T4087]  ? __lock_acquire+0xbc3/0x56d0
[ 2865.690668][ T4087]  ? __cleanup_sighand+0xb0/0xb0
[ 2865.695621][ T4087]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2865.701634][ T4087]  ? psi_memstall_leave+0x174/0x250
[ 2865.706865][ T4087]  kernel_clone+0xeb/0x980
[ 2865.711300][ T4087]  ? create_io_thread+0xf0/0xf0
[ 2865.716173][ T4087]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2865.722434][ T4087]  ? lock_downgrade+0x6e0/0x6e0
[ 2865.727329][ T4087]  __do_sys_clone+0xba/0x100
[ 2865.731939][ T4087]  ? kernel_clone+0x980/0x980
[ 2865.736648][ T4087]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2865.742567][ T4087]  do_syscall_64+0x39/0xb0
[ 2865.747009][ T4087]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2865.752932][ T4087] RIP: 0033:0x7f8325a8d501
[ 2865.757360][ T4087] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2865.776986][ T4087] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2865.785421][ T4087] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2865.793404][ T4087] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2865.801387][ T4087] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2865.809368][ T4087] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2865.817351][ T4087] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2865.825357][ T4087]  </TASK>
[ 2865.843613][ T4087] memory: usage 307188kB, limit 307200kB, failcnt 69772
[ 2865.861192][ T4087] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2865.871256][ T4070] device macvtap580 entered promiscuous mode
[ 2865.877506][ T4087] Memory cgroup stats for /syz2:
[ 2865.877734][ T4087] anon 90112
[ 2865.877734][ T4087] file 417792
[ 2865.877734][ T4087] kernel 314036224
[ 2865.877734][ T4087] kernel_stack 32768
[ 2865.877734][ T4087] pagetables 69632
[ 2865.877734][ T4087] sec_pagetables 0
[ 2865.877734][ T4087] percpu 5358784
[ 2865.877734][ T4087] sock 0
[ 2865.877734][ T4087] vmalloc 0
[ 2865.877734][ T4087] shmem 417792
[ 2865.877734][ T4087] zswap 0
[ 2865.877734][ T4087] zswapped 0
[ 2865.877734][ T4087] file_mapped 417792
[ 2865.877734][ T4087] file_dirty 0
[ 2865.877734][ T4087] file_writeback 0
[ 2865.877734][ T4087] swapcached 0
[ 2865.877734][ T4087] anon_thp 0
[ 2865.877734][ T4087] file_thp 0
[ 2865.877734][ T4087] shmem_thp 0
[ 2865.877734][ T4087] inactive_anon 94208
[ 2865.877734][ T4087] active_anon 413696
[ 2865.877734][ T4087] inactive_file 0
[ 2865.877734][ T4087] active_file 0
[ 2865.877734][ T4087] unevictable 0
[ 2865.877734][ T4087] slab_reclaimable 10424
[ 2865.877734][ T4087] slab_unreclaimable 308529880
[ 2865.975003][ T4087] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4087,uid=0
[ 2865.992180][ T4087] Memory cgroup out of memory: Killed process 4087 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2866.009942][ T4086] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
10:17:10 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4003}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2866.030083][ T4086] CPU: 0 PID: 4086 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2866.040448][ T4086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2866.050532][ T4086] Call Trace:
[ 2866.053828][ T4086]  <TASK>
[ 2866.056778][ T4086]  dump_stack_lvl+0xd1/0x138
[ 2866.061409][ T4086]  dump_header+0x10b/0x85f
[ 2866.065865][ T4086]  oom_kill_process.cold+0x10/0x15
[ 2866.071015][ T4086]  out_of_memory+0x35c/0x14a0
[ 2866.075739][ T4086]  ? oom_killer_disable+0x280/0x280
[ 2866.080974][ T4086]  ? find_held_lock+0x2d/0x110
[ 2866.085778][ T4086]  mem_cgroup_out_of_memory+0x206/0x270
[ 2866.091357][ T4086]  ? mem_cgroup_margin+0x130/0x130
[ 2866.096488][ T4086]  ? lock_downgrade+0x6e0/0x6e0
[ 2866.101394][ T4086]  try_charge_memcg+0xef8/0x12f0
[ 2866.106362][ T4086]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2866.112374][ T4086]  ? rcu_read_unlock+0x9/0x60
[ 2866.117065][ T4086]  ? lock_downgrade+0x6e0/0x6e0
[ 2866.121960][ T4086]  charge_memcg+0x99/0x3b0
[ 2866.126404][ T4086]  __mem_cgroup_charge+0x2b/0x90
[ 2866.131366][ T4086]  ? _compound_head+0x5d/0x150
[ 2866.136157][ T4086]  __handle_mm_fault+0x17e7/0x3a40
[ 2866.141289][ T4086]  ? vm_iomap_memory+0x190/0x190
[ 2866.146267][ T4086]  handle_mm_fault+0x1cc/0x780
[ 2866.151053][ T4086]  do_user_addr_fault+0x475/0x1210
[ 2866.156186][ T4086]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2866.161760][ T4086]  exc_page_fault+0x98/0x170
[ 2866.166370][ T4086]  asm_exc_page_fault+0x26/0x30
[ 2866.171244][ T4086] RIP: 0033:0x7f69a662be6a
[ 2866.175670][ T4086] Code: 30 48 8b 34 24 48 85 f6 74 17 8b 44 24 18 0f c8 89 c0 48 89 44 24 18 48 83 fe 01 0f 85 a1 01 00 00 48 8b 44 24 10 8b 74 24 18 <89> 30 e9 d2 fc ff ff 48 8b 44 24 10 8b 10 48 8b 04 24 48 85 c0 0f
[ 2866.195290][ T4086] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2866.201369][ T4086] RAX: 0000000020000200 RBX: 0000000000000000 RCX: 0000000000000000
[ 2866.209349][ T4086] RDX: 1b013dd590c50c23 RSI: 0000000000000014 RDI: 00005555574b22e8
[ 2866.217328][ T4086] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2866.225315][ T4086] R10: 00007f69a62002a8 R11: 0000000000000246 R12: 00000000002bb98d
[ 2866.233298][ T4086] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2866.241299][ T4086]  </TASK>
[ 2866.247013][ T4086] memory: usage 307200kB, limit 307200kB, failcnt 15296
[ 2866.262380][ T4086] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2866.271874][ T4072] device macvtap581 entered promiscuous mode
[ 2866.278370][ T4086] Memory cgroup stats for /syz1:
[ 2866.278573][ T4086] anon 139264
[ 2866.278573][ T4086] file 393216
[ 2866.278573][ T4086] kernel 314040320
[ 2866.278573][ T4086] kernel_stack 65536
[ 2866.278573][ T4086] pagetables 81920
[ 2866.278573][ T4086] sec_pagetables 0
[ 2866.278573][ T4086] percpu 5356416
[ 2866.278573][ T4086] sock 0
[ 2866.278573][ T4086] vmalloc 0
[ 2866.278573][ T4086] shmem 385024
[ 2866.278573][ T4086] zswap 0
[ 2866.278573][ T4086] zswapped 0
[ 2866.278573][ T4086] file_mapped 385024
[ 2866.278573][ T4086] file_dirty 0
[ 2866.278573][ T4086] file_writeback 0
[ 2866.278573][ T4086] swapcached 0
[ 2866.278573][ T4086] anon_thp 0
[ 2866.278573][ T4086] file_thp 0
[ 2866.278573][ T4086] shmem_thp 0
[ 2866.278573][ T4086] inactive_anon 184320
[ 2866.278573][ T4086] active_anon 339968
[ 2866.278573][ T4086] inactive_file 0
[ 2866.278573][ T4086] active_file 8192
[ 2866.278573][ T4086] unevictable 0
[ 2866.278573][ T4086] slab_reclaimable 16512
[ 2866.278573][ T4086] slab_unreclaimable 308481800
10:17:10 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x12a6b7}, 0x0)

10:17:10 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0xa100, @local}]}, 0x48}}, 0x0)

[ 2866.417663][ T4086] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=4086,uid=0
[ 2866.434467][ T4086] Memory cgroup out of memory: Killed process 4086 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2866.439649][ T4074] device bridge458 entered promiscuous mode
[ 2866.493535][ T4089] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2866.518263][ T4089] CPU: 0 PID: 4089 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2866.528633][ T4089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2866.538711][ T4089] Call Trace:
[ 2866.542015][ T4089]  <TASK>
[ 2866.544966][ T4089]  dump_stack_lvl+0xd1/0x138
[ 2866.549609][ T4089]  dump_header+0x10b/0x85f
[ 2866.554071][ T4089]  oom_kill_process.cold+0x10/0x15
[ 2866.559222][ T4089]  out_of_memory+0x35c/0x14a0
[ 2866.563944][ T4089]  ? find_held_lock+0x2d/0x110
[ 2866.568757][ T4089]  ? oom_killer_disable+0x280/0x280
[ 2866.574002][ T4089]  ? find_held_lock+0x2d/0x110
[ 2866.578810][ T4089]  mem_cgroup_out_of_memory+0x206/0x270
[ 2866.584380][ T4089]  ? mem_cgroup_margin+0x130/0x130
[ 2866.589507][ T4089]  ? lock_downgrade+0x6e0/0x6e0
[ 2866.594403][ T4089]  try_charge_memcg+0xef8/0x12f0
[ 2866.599368][ T4089]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2866.605392][ T4089]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2866.611133][ T4089]  ? lock_downgrade+0x6e0/0x6e0
[ 2866.616017][ T4089]  ? lock_downgrade+0x6e0/0x6e0
[ 2866.620909][ T4089]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2866.626483][ T4089]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2866.632659][ T4089]  copy_process+0x15ed/0x7190
[ 2866.637362][ T4089]  ? __lock_acquire+0xbc3/0x56d0
[ 2866.642341][ T4089]  ? __cleanup_sighand+0xb0/0xb0
[ 2866.647298][ T4089]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2866.653318][ T4089]  ? psi_memstall_leave+0x174/0x250
[ 2866.658546][ T4089]  kernel_clone+0xeb/0x980
[ 2866.662986][ T4089]  ? create_io_thread+0xf0/0xf0
[ 2866.667877][ T4089]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2866.674151][ T4089]  ? lock_downgrade+0x6e0/0x6e0
[ 2866.679046][ T4089]  __do_sys_clone+0xba/0x100
[ 2866.683652][ T4089]  ? kernel_clone+0x980/0x980
[ 2866.688361][ T4089]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2866.694277][ T4089]  do_syscall_64+0x39/0xb0
[ 2866.698716][ T4089]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2866.704633][ T4089] RIP: 0033:0x7f8325a8d501
[ 2866.709059][ T4089] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2866.728681][ T4089] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2866.737111][ T4089] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2866.745184][ T4089] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2866.753167][ T4089] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2866.761148][ T4089] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2866.769129][ T4089] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2866.777128][ T4089]  </TASK>
[ 2866.817687][ T4089] memory: usage 307188kB, limit 307200kB, failcnt 69910
[ 2866.825794][ T4089] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2866.841871][ T4089] Memory cgroup stats for /syz2:
[ 2866.842074][ T4089] anon 90112
[ 2866.842074][ T4089] file 417792
[ 2866.842074][ T4089] kernel 314052608
[ 2866.842074][ T4089] kernel_stack 32768
[ 2866.842074][ T4089] pagetables 69632
[ 2866.842074][ T4089] sec_pagetables 0
[ 2866.842074][ T4089] percpu 5358784
[ 2866.842074][ T4089] sock 0
[ 2866.842074][ T4089] vmalloc 0
[ 2866.842074][ T4089] shmem 417792
[ 2866.842074][ T4089] zswap 0
[ 2866.842074][ T4089] zswapped 0
[ 2866.842074][ T4089] file_mapped 417792
[ 2866.842074][ T4089] file_dirty 0
[ 2866.842074][ T4089] file_writeback 0
[ 2866.842074][ T4089] swapcached 0
[ 2866.842074][ T4089] anon_thp 0
[ 2866.842074][ T4089] file_thp 0
[ 2866.842074][ T4089] shmem_thp 0
[ 2866.842074][ T4089] inactive_anon 94208
[ 2866.842074][ T4089] active_anon 413696
[ 2866.842074][ T4089] inactive_file 0
[ 2866.842074][ T4089] active_file 0
[ 2866.842074][ T4089] unevictable 0
[ 2866.842074][ T4089] slab_reclaimable 10424
[ 2866.842074][ T4089] slab_unreclaimable 308540976
[ 2866.858531][ T4075] device macvtap480 entered promiscuous mode
[ 2866.940212][ T4089] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4089,uid=0
10:17:11 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4100}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2866.964099][ T4089] Memory cgroup out of memory: Killed process 4089 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2867.083820][ T4096] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2867.094566][ T4096] CPU: 0 PID: 4096 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2867.104930][ T4096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2867.113825][ T4076] device macvtap481 entered promiscuous mode
[ 2867.114993][ T4096] Call Trace:
[ 2867.115005][ T4096]  <TASK>
[ 2867.115017][ T4096]  dump_stack_lvl+0xd1/0x138
[ 2867.131828][ T4096]  dump_header+0x10b/0x85f
[ 2867.136275][ T4096]  oom_kill_process.cold+0x10/0x15
[ 2867.141420][ T4096]  out_of_memory+0x35c/0x14a0
[ 2867.146139][ T4096]  ? find_held_lock+0x2d/0x110
[ 2867.150946][ T4096]  ? oom_killer_disable+0x280/0x280
[ 2867.156193][ T4096]  ? find_held_lock+0x2d/0x110
[ 2867.161003][ T4096]  mem_cgroup_out_of_memory+0x206/0x270
[ 2867.166582][ T4096]  ? mem_cgroup_margin+0x130/0x130
[ 2867.171724][ T4096]  ? lock_downgrade+0x6e0/0x6e0
[ 2867.176618][ T4096]  try_charge_memcg+0xef8/0x12f0
[ 2867.181578][ T4096]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2867.187568][ T4096]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2867.193292][ T4096]  ? lock_downgrade+0x6e0/0x6e0
[ 2867.198160][ T4096]  ? lock_downgrade+0x6e0/0x6e0
[ 2867.203074][ T4096]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2867.208663][ T4096]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2867.214854][ T4096]  copy_process+0x15ed/0x7190
[ 2867.219562][ T4096]  ? wp_page_copy+0x311/0x1ca0
[ 2867.224392][ T4096]  ? __cleanup_sighand+0xb0/0xb0
[ 2867.229351][ T4096]  ? do_wp_page+0x1d9/0x1930
[ 2867.233937][ T4096]  kernel_clone+0xeb/0x980
[ 2867.238365][ T4096]  ? create_io_thread+0xf0/0xf0
[ 2867.243222][ T4096]  ? find_held_lock+0x2d/0x110
[ 2867.248016][ T4096]  __do_sys_clone+0xba/0x100
[ 2867.252639][ T4096]  ? kernel_clone+0x980/0x980
[ 2867.257363][ T4096]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2867.263297][ T4096]  do_syscall_64+0x39/0xb0
[ 2867.267753][ T4096]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2867.273678][ T4096] RIP: 0033:0x7f8325a8d501
[ 2867.278089][ T4096] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2867.297701][ T4096] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2867.306140][ T4096] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2867.314135][ T4096] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2867.322129][ T4096] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
10:17:11 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0xa000, @local}]}, 0x48}}, 0x0)

[ 2867.330135][ T4096] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2867.338116][ T4096] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2867.346091][ T4096]  </TASK>
[ 2867.375751][ T4096] memory: usage 307188kB, limit 307200kB, failcnt 70020
[ 2867.383728][ T4096] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2867.391107][ T4096] Memory cgroup stats for /syz2:
[ 2867.391349][ T4096] anon 90112
[ 2867.391349][ T4096] file 417792
[ 2867.391349][ T4096] kernel 314052608
[ 2867.391349][ T4096] kernel_stack 32768
[ 2867.391349][ T4096] pagetables 69632
[ 2867.391349][ T4096] sec_pagetables 0
[ 2867.391349][ T4096] percpu 5358784
[ 2867.391349][ T4096] sock 0
[ 2867.391349][ T4096] vmalloc 0
[ 2867.391349][ T4096] shmem 417792
[ 2867.391349][ T4096] zswap 0
[ 2867.391349][ T4096] zswapped 0
[ 2867.391349][ T4096] file_mapped 417792
[ 2867.391349][ T4096] file_dirty 0
[ 2867.391349][ T4096] file_writeback 0
[ 2867.391349][ T4096] swapcached 0
[ 2867.391349][ T4096] anon_thp 0
[ 2867.391349][ T4096] file_thp 0
[ 2867.391349][ T4096] shmem_thp 0
[ 2867.391349][ T4096] inactive_anon 94208
[ 2867.391349][ T4096] active_anon 413696
[ 2867.391349][ T4096] inactive_file 0
[ 2867.391349][ T4096] active_file 0
[ 2867.391349][ T4096] unevictable 0
[ 2867.391349][ T4096] slab_reclaimable 10424
[ 2867.391349][ T4096] slab_unreclaimable 308540976
[ 2867.404225][ T4079] device bridge1799 entered promiscuous mode
[ 2867.489243][ T4096] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4096,uid=0
[ 2867.508979][ T4096] Memory cgroup out of memory: Killed process 4096 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2867.526612][ T4092] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000
[ 2867.569960][ T4092] CPU: 0 PID: 4092 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2867.580347][ T4092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2867.590423][ T4092] Call Trace:
[ 2867.593708][ T4092]  <TASK>
[ 2867.596646][ T4092]  dump_stack_lvl+0xd1/0x138
[ 2867.601262][ T4092]  dump_header+0x10b/0x85f
[ 2867.605698][ T4092]  oom_kill_process.cold+0x10/0x15
[ 2867.610828][ T4092]  out_of_memory+0x35c/0x14a0
[ 2867.615533][ T4092]  ? oom_killer_disable+0x280/0x280
[ 2867.620753][ T4092]  ? find_held_lock+0x2d/0x110
[ 2867.625546][ T4092]  mem_cgroup_out_of_memory+0x206/0x270
[ 2867.631112][ T4092]  ? mem_cgroup_margin+0x130/0x130
[ 2867.636239][ T4092]  ? lock_downgrade+0x6e0/0x6e0
[ 2867.641136][ T4092]  try_charge_memcg+0xef8/0x12f0
[ 2867.646103][ T4092]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2867.652105][ T4092]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2867.657843][ T4092]  ? lock_downgrade+0x6e0/0x6e0
[ 2867.662726][ T4092]  ? lock_downgrade+0x6e0/0x6e0
[ 2867.667605][ T4092]  ? rcu_read_unlock+0x9/0x60
[ 2867.672307][ T4092]  obj_cgroup_charge+0x2af/0x5e0
[ 2867.677271][ T4092]  kmem_cache_alloc_node+0xa9/0x410
[ 2867.682487][ T4092]  ? copy_process+0x5c2/0x7190
[ 2867.687274][ T4092]  copy_process+0x5c2/0x7190
[ 2867.691885][ T4092]  ? find_held_lock+0x2d/0x110
[ 2867.696683][ T4092]  ? find_held_lock+0x2d/0x110
[ 2867.701473][ T4092]  ? __cleanup_sighand+0xb0/0xb0
[ 2867.706428][ T4092]  ? __handle_mm_fault+0x2d0f/0x3a40
[ 2867.711731][ T4092]  ? lock_downgrade+0x6e0/0x6e0
[ 2867.716607][ T4092]  ? folio_flags.constprop.0+0x53/0x150
[ 2867.722192][ T4092]  ? folio_add_lru+0x37b/0x680
[ 2867.726987][ T4092]  kernel_clone+0xeb/0x980
[ 2867.731422][ T4092]  ? create_io_thread+0xf0/0xf0
[ 2867.736295][ T4092]  ? find_held_lock+0x2d/0x110
[ 2867.741094][ T4092]  __do_sys_clone+0xba/0x100
[ 2867.745701][ T4092]  ? kernel_clone+0x980/0x980
[ 2867.750409][ T4092]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2867.756328][ T4092]  do_syscall_64+0x39/0xb0
[ 2867.760769][ T4092]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2867.766684][ T4092] RIP: 0033:0x7f69a668d501
[ 2867.771110][ T4092] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2867.790730][ T4092] RSP: 002b:00007ffea4dd3058 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2867.799177][ T4092] RAX: ffffffffffffffda RBX: 00007f69a746c700 RCX: 00007f69a668d501
[ 2867.807157][ T4092] RDX: 00007f69a746c9d0 RSI: 00007f69a746c2f0 RDI: 00000000003d0f00
[ 2867.815137][ T4092] RBP: 00007ffea4dd32a0 R08: 00007f69a746c700 R09: 00007f69a746c700
[ 2867.823899][ T4092] R10: 00007f69a746c9d0 R11: 0000000000000206 R12: 00007ffea4dd310e
[ 2867.831881][ T4092] R13: 00007ffea4dd310f R14: 00007f69a746c300 R15: 0000000000022000
[ 2867.839882][ T4092]  </TASK>
10:17:12 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4101}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

10:17:12 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x12a662}, 0x0)

[ 2867.876907][ T4081] device macvtap2189 entered promiscuous mode
[ 2867.899654][ T4083] __nla_validate_parse: 4 callbacks suppressed
[ 2867.899672][ T4083] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2867.908272][ T4092] memory: usage 307196kB, limit 307200kB, failcnt 15390
[ 2867.940378][ T4092] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2867.953284][ T4083] device bridge1340 entered promiscuous mode
[ 2867.960997][ T4092] Memory cgroup stats for /syz1:
[ 2867.961231][ T4092] anon 147456
[ 2867.961231][ T4092] file 393216
[ 2867.961231][ T4092] kernel 314028032
[ 2867.961231][ T4092] kernel_stack 65536
[ 2867.961231][ T4092] pagetables 81920
[ 2867.961231][ T4092] sec_pagetables 0
[ 2867.961231][ T4092] percpu 5356416
[ 2867.961231][ T4092] sock 0
[ 2867.961231][ T4092] vmalloc 0
[ 2867.961231][ T4092] shmem 385024
[ 2867.961231][ T4092] zswap 0
[ 2867.961231][ T4092] zswapped 0
[ 2867.961231][ T4092] file_mapped 385024
[ 2867.961231][ T4092] file_dirty 0
[ 2867.961231][ T4092] file_writeback 0
[ 2867.961231][ T4092] swapcached 0
[ 2867.961231][ T4092] anon_thp 0
[ 2867.961231][ T4092] file_thp 0
[ 2867.961231][ T4092] shmem_thp 0
[ 2867.961231][ T4092] inactive_anon 192512
[ 2867.961231][ T4092] active_anon 339968
[ 2867.961231][ T4092] inactive_file 4096
[ 2867.961231][ T4092] active_file 4096
[ 2867.961231][ T4092] unevictable 0
[ 2867.961231][ T4092] slab_reclaimable 16512
[ 2867.961231][ T4092] slab_unreclaimable 308470328
[ 2868.105343][ T4084] device macvtap1336 entered promiscuous mode
[ 2868.124316][ T4085] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2868.124738][ T4092] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=4092,uid=0
[ 2868.150775][ T4092] Memory cgroup out of memory: Killed process 4092 (syz-executor.1) total-vm:54672kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2868.184707][ T4101] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2868.207671][ T4101] CPU: 0 PID: 4101 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2868.212511][ T4085] device macvtap1337 entered promiscuous mode
[ 2868.218007][ T4101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2868.218026][ T4101] Call Trace:
[ 2868.218035][ T4101]  <TASK>
[ 2868.218047][ T4101]  dump_stack_lvl+0xd1/0x138
[ 2868.218087][ T4101]  dump_header+0x10b/0x85f
[ 2868.249403][ T4101]  oom_kill_process.cold+0x10/0x15
[ 2868.254554][ T4101]  out_of_memory+0x35c/0x14a0
[ 2868.259270][ T4101]  ? find_held_lock+0x2d/0x110
[ 2868.264069][ T4101]  ? oom_killer_disable+0x280/0x280
[ 2868.269310][ T4101]  ? find_held_lock+0x2d/0x110
[ 2868.274124][ T4091] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2868.274120][ T4101]  mem_cgroup_out_of_memory+0x206/0x270
[ 2868.274158][ T4101]  ? mem_cgroup_margin+0x130/0x130
[ 2868.293990][ T4101]  ? lock_downgrade+0x6e0/0x6e0
[ 2868.298912][ T4101]  try_charge_memcg+0xef8/0x12f0
[ 2868.303896][ T4101]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2868.307587][ T4091] device bridge547 entered promiscuous mode
[ 2868.309886][ T4101]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2868.309925][ T4101]  ? lock_downgrade+0x6e0/0x6e0
[ 2868.326387][ T4101]  ? lock_downgrade+0x6e0/0x6e0
[ 2868.331281][ T4101]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2868.336852][ T4101]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2868.343028][ T4101]  copy_process+0x15ed/0x7190
[ 2868.347726][ T4101]  ? __lock_acquire+0xbc3/0x56d0
[ 2868.352700][ T4101]  ? __cleanup_sighand+0xb0/0xb0
[ 2868.357650][ T4101]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2868.363659][ T4101]  ? psi_memstall_leave+0x174/0x250
[ 2868.368889][ T4101]  kernel_clone+0xeb/0x980
[ 2868.373325][ T4101]  ? create_io_thread+0xf0/0xf0
[ 2868.378196][ T4101]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2868.384452][ T4101]  ? lock_downgrade+0x6e0/0x6e0
[ 2868.389342][ T4101]  __do_sys_clone+0xba/0x100
[ 2868.393949][ T4101]  ? kernel_clone+0x980/0x980
[ 2868.398654][ T4101]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2868.404568][ T4101]  do_syscall_64+0x39/0xb0
[ 2868.409008][ T4101]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2868.414923][ T4101] RIP: 0033:0x7f8325a8d501
[ 2868.419347][ T4101] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2868.438969][ T4101] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2868.447395][ T4101] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
10:17:12 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x1d00}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2868.455373][ T4101] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2868.463364][ T4101] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2868.471352][ T4101] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2868.479340][ T4101] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2868.487354][ T4101]  </TASK>
[ 2868.512629][ T4101] memory: usage 307200kB, limit 307200kB, failcnt 70149
[ 2868.520646][ T4101] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2868.527884][ T4101] Memory cgroup stats for /syz2:
[ 2868.528118][ T4101] anon 90112
[ 2868.528118][ T4101] file 417792
[ 2868.528118][ T4101] kernel 314064896
[ 2868.528118][ T4101] kernel_stack 32768
[ 2868.528118][ T4101] pagetables 69632
[ 2868.528118][ T4101] sec_pagetables 0
[ 2868.528118][ T4101] percpu 5358784
[ 2868.528118][ T4101] sock 0
[ 2868.528118][ T4101] vmalloc 0
[ 2868.528118][ T4101] shmem 417792
[ 2868.528118][ T4101] zswap 0
[ 2868.528118][ T4101] zswapped 0
[ 2868.528118][ T4101] file_mapped 417792
[ 2868.528118][ T4101] file_dirty 0
[ 2868.528118][ T4101] file_writeback 0
[ 2868.528118][ T4101] swapcached 0
[ 2868.528118][ T4101] anon_thp 0
[ 2868.528118][ T4101] file_thp 0
[ 2868.528118][ T4101] shmem_thp 0
[ 2868.528118][ T4101] inactive_anon 94208
[ 2868.528118][ T4101] active_anon 413696
[ 2868.528118][ T4101] inactive_file 0
[ 2868.528118][ T4101] active_file 0
[ 2868.528118][ T4101] unevictable 0
[ 2868.528118][ T4101] slab_reclaimable 10424
[ 2868.528118][ T4101] slab_unreclaimable 308529576
[ 2868.569214][ T4094] device macvtap581 entered promiscuous mode
[ 2868.626419][ T4101] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4101,uid=0
[ 2868.647002][ T4101] Memory cgroup out of memory: Killed process 4101 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
10:17:12 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4102}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

10:17:12 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x12a6b7}, 0x0)

[ 2868.685623][ T4093] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2868.823429][ T4112] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000
[ 2868.834945][ T4112] CPU: 0 PID: 4112 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2868.845319][ T4112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2868.855400][ T4112] Call Trace:
[ 2868.858696][ T4112]  <TASK>
[ 2868.861645][ T4112]  dump_stack_lvl+0xd1/0x138
[ 2868.866263][ T4112]  dump_header+0x10b/0x85f
[ 2868.870681][ T4112]  oom_kill_process.cold+0x10/0x15
[ 2868.875793][ T4112]  out_of_memory+0x35c/0x14a0
[ 2868.880491][ T4112]  ? find_held_lock+0x2d/0x110
[ 2868.885302][ T4112]  ? oom_killer_disable+0x280/0x280
[ 2868.890545][ T4112]  ? find_held_lock+0x2d/0x110
[ 2868.895360][ T4112]  mem_cgroup_out_of_memory+0x206/0x270
[ 2868.900944][ T4112]  ? mem_cgroup_margin+0x130/0x130
[ 2868.906087][ T4112]  ? lock_downgrade+0x6e0/0x6e0
[ 2868.910982][ T4112]  try_charge_memcg+0xef8/0x12f0
[ 2868.915939][ T4112]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2868.921934][ T4112]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2868.927688][ T4112]  ? lock_downgrade+0x6e0/0x6e0
[ 2868.932576][ T4112]  ? lock_downgrade+0x6e0/0x6e0
[ 2868.937457][ T4112]  ? rcu_read_unlock+0x9/0x60
[ 2868.942169][ T4112]  obj_cgroup_charge+0x2af/0x5e0
[ 2868.947141][ T4112]  kmem_cache_alloc_node+0xa9/0x410
[ 2868.952362][ T4112]  ? copy_process+0x5c2/0x7190
[ 2868.957148][ T4112]  copy_process+0x5c2/0x7190
[ 2868.961758][ T4112]  ? __lock_acquire+0xbc3/0x56d0
[ 2868.966737][ T4112]  ? __cleanup_sighand+0xb0/0xb0
[ 2868.971692][ T4112]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2868.977704][ T4112]  ? psi_memstall_leave+0x174/0x250
[ 2868.982932][ T4112]  kernel_clone+0xeb/0x980
[ 2868.987374][ T4112]  ? create_io_thread+0xf0/0xf0
[ 2868.992245][ T4112]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2868.998504][ T4112]  ? lock_downgrade+0x6e0/0x6e0
[ 2869.003397][ T4112]  __do_sys_clone+0xba/0x100
[ 2869.008004][ T4112]  ? kernel_clone+0x980/0x980
[ 2869.012711][ T4112]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2869.018626][ T4112]  do_syscall_64+0x39/0xb0
[ 2869.023065][ T4112]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2869.028978][ T4112] RIP: 0033:0x7f8325a8d501
[ 2869.033403][ T4112] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2869.053021][ T4112] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2869.061448][ T4112] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2869.069433][ T4112] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2869.077412][ T4112] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2869.085394][ T4112] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2869.093377][ T4112] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2869.101381][ T4112]  </TASK>
[ 2869.107139][ T4112] memory: usage 307188kB, limit 307200kB, failcnt 70234
[ 2869.121191][ T4112] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2869.128503][ T4112] Memory cgroup stats for /syz2:
[ 2869.128740][ T4112] anon 90112
[ 2869.128740][ T4112] file 417792
[ 2869.128740][ T4112] kernel 314028032
[ 2869.128740][ T4112] kernel_stack 32768
[ 2869.128740][ T4112] pagetables 69632
[ 2869.128740][ T4112] sec_pagetables 0
[ 2869.128740][ T4112] percpu 5358784
[ 2869.128740][ T4112] sock 0
[ 2869.128740][ T4112] vmalloc 0
[ 2869.128740][ T4112] shmem 417792
[ 2869.128740][ T4112] zswap 0
[ 2869.128740][ T4112] zswapped 0
[ 2869.128740][ T4112] file_mapped 417792
[ 2869.128740][ T4112] file_dirty 0
[ 2869.128740][ T4112] file_writeback 0
[ 2869.128740][ T4112] swapcached 0
[ 2869.128740][ T4112] anon_thp 0
[ 2869.128740][ T4112] file_thp 0
[ 2869.128740][ T4112] shmem_thp 0
[ 2869.128740][ T4112] inactive_anon 86016
[ 2869.128740][ T4112] active_anon 413696
[ 2869.128740][ T4112] inactive_file 0
[ 2869.128740][ T4112] active_file 0
[ 2869.128740][ T4112] unevictable 0
[ 2869.128740][ T4112] slab_reclaimable 13000
[ 2869.128740][ T4112] slab_unreclaimable 308522384
[ 2869.228224][ T4098] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2869.253175][ T4098] device bridge459 entered promiscuous mode
10:17:13 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0xa200, @local}]}, 0x48}}, 0x0)

[ 2869.266244][ T4112] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4112,uid=0
[ 2869.282420][ T4112] Memory cgroup out of memory: Killed process 4112 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2869.331547][ T4099] device macvtap482 entered promiscuous mode
10:17:13 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4103}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

10:17:13 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x1800}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2869.413012][ T4100] device macvtap483 entered promiscuous mode
[ 2869.436077][ T4103] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2869.531225][ T4103] device bridge1800 entered promiscuous mode
[ 2869.545204][ T4115] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2869.587761][ T4115] CPU: 1 PID: 4115 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2869.598142][ T4115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2869.608207][ T4115] Call Trace:
[ 2869.611491][ T4115]  <TASK>
[ 2869.614427][ T4115]  dump_stack_lvl+0xd1/0x138
[ 2869.619044][ T4115]  dump_header+0x10b/0x85f
[ 2869.623480][ T4115]  oom_kill_process.cold+0x10/0x15
[ 2869.628611][ T4115]  out_of_memory+0x35c/0x14a0
[ 2869.633313][ T4115]  ? find_held_lock+0x2d/0x110
[ 2869.638107][ T4115]  ? oom_killer_disable+0x280/0x280
[ 2869.643329][ T4115]  ? find_held_lock+0x2d/0x110
[ 2869.648122][ T4115]  mem_cgroup_out_of_memory+0x206/0x270
[ 2869.653685][ T4115]  ? mem_cgroup_margin+0x130/0x130
[ 2869.658815][ T4115]  ? lock_downgrade+0x6e0/0x6e0
[ 2869.663715][ T4115]  try_charge_memcg+0xef8/0x12f0
[ 2869.668682][ T4115]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2869.674709][ T4115]  ? rcu_read_unlock+0x9/0x60
[ 2869.679408][ T4115]  ? lock_downgrade+0x6e0/0x6e0
[ 2869.684317][ T4115]  charge_memcg+0x99/0x3b0
[ 2869.688763][ T4115]  __mem_cgroup_charge+0x2b/0x90
[ 2869.693742][ T4115]  ? _compound_head+0x5d/0x150
[ 2869.698561][ T4115]  __handle_mm_fault+0x17e7/0x3a40
[ 2869.703705][ T4115]  ? vm_iomap_memory+0x190/0x190
[ 2869.708685][ T4115]  handle_mm_fault+0x1cc/0x780
[ 2869.713473][ T4115]  do_user_addr_fault+0x475/0x1210
[ 2869.718610][ T4115]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2869.724189][ T4115]  exc_page_fault+0x98/0x170
[ 2869.728808][ T4115]  asm_exc_page_fault+0x26/0x30
[ 2869.733683][ T4115] RIP: 0033:0x7f69a662be6a
[ 2869.738123][ T4115] Code: 30 48 8b 34 24 48 85 f6 74 17 8b 44 24 18 0f c8 89 c0 48 89 44 24 18 48 83 fe 01 0f 85 a1 01 00 00 48 8b 44 24 10 8b 74 24 18 <89> 30 e9 d2 fc ff ff 48 8b 44 24 10 8b 10 48 8b 04 24 48 85 c0 0f
[ 2869.757746][ T4115] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2869.763831][ T4115] RAX: 0000000020000200 RBX: 0000000000000000 RCX: 0000000000000000
[ 2869.771814][ T4115] RDX: 1b013dd590c50c23 RSI: 0000000000000014 RDI: 00005555574b22e8
[ 2869.779800][ T4115] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2869.787784][ T4115] R10: 00007f69a62002a8 R11: 0000000000000246 R12: 00000000002bc8ba
[ 2869.795768][ T4115] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2869.803773][ T4115]  </TASK>
[ 2869.817447][ T4115] memory: usage 307200kB, limit 307200kB, failcnt 15514
[ 2869.832629][ T4115] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2869.844998][ T4115] Memory cgroup stats for /syz1:
[ 2869.849250][ T4115] anon 139264
[ 2869.849250][ T4115] file 393216
[ 2869.849250][ T4115] kernel 314040320
[ 2869.849250][ T4115] kernel_stack 65536
[ 2869.849250][ T4115] pagetables 81920
[ 2869.849250][ T4115] sec_pagetables 0
[ 2869.849250][ T4115] percpu 5356416
[ 2869.849250][ T4115] sock 0
[ 2869.849250][ T4115] vmalloc 0
[ 2869.849250][ T4115] shmem 385024
[ 2869.849250][ T4115] zswap 0
[ 2869.849250][ T4115] zswapped 0
[ 2869.849250][ T4115] file_mapped 385024
[ 2869.849250][ T4115] file_dirty 0
[ 2869.849250][ T4115] file_writeback 0
[ 2869.849250][ T4115] swapcached 0
[ 2869.849250][ T4115] anon_thp 0
[ 2869.849250][ T4115] file_thp 0
[ 2869.849250][ T4115] shmem_thp 0
[ 2869.849250][ T4115] inactive_anon 184320
[ 2869.849250][ T4115] active_anon 339968
[ 2869.849250][ T4115] inactive_file 4096
[ 2869.849250][ T4115] active_file 4096
[ 2869.849250][ T4115] unevictable 0
[ 2869.849250][ T4115] slab_reclaimable 16512
[ 2869.849250][ T4115] slab_unreclaimable 308475640
[ 2869.959813][ T4104] device macvtap2190 entered promiscuous mode
[ 2869.981644][ T4115] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=4115,uid=0
[ 2870.005251][ T4115] Memory cgroup out of memory: Killed process 4115 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2870.035258][ T4105] device macvtap2191 entered promiscuous mode
[ 2870.046715][ T4117] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2870.066453][ T4117] CPU: 1 PID: 4117 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2870.076822][ T4117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2870.086902][ T4117] Call Trace:
[ 2870.090197][ T4117]  <TASK>
[ 2870.093147][ T4117]  dump_stack_lvl+0xd1/0x138
[ 2870.097779][ T4117]  dump_header+0x10b/0x85f
[ 2870.102242][ T4117]  oom_kill_process.cold+0x10/0x15
[ 2870.107390][ T4117]  out_of_memory+0x35c/0x14a0
[ 2870.112109][ T4117]  ? find_held_lock+0x2d/0x110
[ 2870.116915][ T4117]  ? oom_killer_disable+0x280/0x280
[ 2870.122158][ T4117]  ? find_held_lock+0x2d/0x110
[ 2870.126971][ T4117]  mem_cgroup_out_of_memory+0x206/0x270
[ 2870.132550][ T4117]  ? mem_cgroup_margin+0x130/0x130
[ 2870.137696][ T4117]  ? lock_downgrade+0x6e0/0x6e0
[ 2870.142624][ T4117]  try_charge_memcg+0xef8/0x12f0
[ 2870.147617][ T4117]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2870.153636][ T4117]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2870.159390][ T4117]  ? lock_downgrade+0x6e0/0x6e0
10:17:14 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0xa300, @local}]}, 0x48}}, 0x0)

[ 2870.164289][ T4117]  ? lock_downgrade+0x6e0/0x6e0
[ 2870.169204][ T4117]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2870.174801][ T4117]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2870.180996][ T4117]  copy_process+0x73e/0x7190
[ 2870.185622][ T4117]  ? wp_page_copy+0x311/0x1ca0
[ 2870.190457][ T4117]  ? __cleanup_sighand+0xb0/0xb0
[ 2870.195439][ T4117]  ? do_wp_page+0x1d9/0x1930
[ 2870.200064][ T4117]  kernel_clone+0xeb/0x980
[ 2870.204516][ T4117]  ? create_io_thread+0xf0/0xf0
[ 2870.209412][ T4117]  ? find_held_lock+0x2d/0x110
[ 2870.214224][ T4117]  __do_sys_clone+0xba/0x100
[ 2870.218843][ T4117]  ? kernel_clone+0x980/0x980
[ 2870.223572][ T4117]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2870.229520][ T4117]  do_syscall_64+0x39/0xb0
[ 2870.233981][ T4117]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2870.239913][ T4117] RIP: 0033:0x7f8325a8d501
[ 2870.244356][ T4117] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2870.263991][ T4117] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2870.272435][ T4117] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2870.280424][ T4117] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2870.288410][ T4117] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2870.296408][ T4117] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2870.304402][ T4117] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2870.312420][ T4117]  </TASK>
10:17:14 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x12a663}, 0x0)

[ 2870.339114][ T4107] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2870.381470][ T4107] device bridge1341 entered promiscuous mode
[ 2870.406517][ T4117] memory: usage 307200kB, limit 307200kB, failcnt 70385
[ 2870.414910][ T4117] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2870.422643][ T4117] Memory cgroup stats for /syz2:
[ 2870.422899][ T4117] anon 90112
[ 2870.422899][ T4117] file 417792
[ 2870.422899][ T4117] kernel 314064896
[ 2870.422899][ T4117] kernel_stack 32768
[ 2870.422899][ T4117] pagetables 69632
[ 2870.422899][ T4117] sec_pagetables 0
[ 2870.422899][ T4117] percpu 5358784
[ 2870.422899][ T4117] sock 0
[ 2870.422899][ T4117] vmalloc 0
[ 2870.422899][ T4117] shmem 417792
[ 2870.422899][ T4117] zswap 0
[ 2870.422899][ T4117] zswapped 0
[ 2870.422899][ T4117] file_mapped 417792
[ 2870.422899][ T4117] file_dirty 0
[ 2870.422899][ T4117] file_writeback 0
[ 2870.422899][ T4117] swapcached 0
[ 2870.422899][ T4117] anon_thp 0
[ 2870.422899][ T4117] file_thp 0
[ 2870.422899][ T4117] shmem_thp 0
[ 2870.422899][ T4117] inactive_anon 94208
[ 2870.422899][ T4117] active_anon 413696
[ 2870.422899][ T4117] inactive_file 0
[ 2870.422899][ T4117] active_file 0
[ 2870.422899][ T4117] unevictable 0
[ 2870.422899][ T4117] slab_reclaimable 10424
[ 2870.422899][ T4117] slab_unreclaimable 308529576
[ 2870.471183][ T4108] device macvtap1338 entered promiscuous mode
[ 2870.541547][ T4109] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2870.542189][ T4117] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4117,uid=0
[ 2870.567710][ T4117] Memory cgroup out of memory: Killed process 4117 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
10:17:14 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4200}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2870.626600][ T4109] device macvtap1339 entered promiscuous mode
[ 2870.702040][ T4122] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2870.712836][ T4111] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2870.741256][ T4122] CPU: 0 PID: 4122 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2870.751624][ T4122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2870.761699][ T4122] Call Trace:
[ 2870.764993][ T4122]  <TASK>
[ 2870.765821][ T4111] device bridge548 entered promiscuous mode
[ 2870.767918][ T4122]  dump_stack_lvl+0xd1/0x138
[ 2870.767960][ T4122]  dump_header+0x10b/0x85f
[ 2870.782867][ T4122]  oom_kill_process.cold+0x10/0x15
[ 2870.788054][ T4122]  out_of_memory+0x35c/0x14a0
[ 2870.792775][ T4122]  ? find_held_lock+0x2d/0x110
[ 2870.797589][ T4122]  ? oom_killer_disable+0x280/0x280
[ 2870.802839][ T4122]  ? find_held_lock+0x2d/0x110
[ 2870.807653][ T4122]  mem_cgroup_out_of_memory+0x206/0x270
[ 2870.813243][ T4122]  ? mem_cgroup_margin+0x130/0x130
[ 2870.818381][ T4122]  ? lock_downgrade+0x6e0/0x6e0
[ 2870.823286][ T4122]  try_charge_memcg+0xef8/0x12f0
[ 2870.825191][ T4113] device macvtap582 entered promiscuous mode
[ 2870.828250][ T4122]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2870.828293][ T4122]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2870.828327][ T4122]  ? lock_downgrade+0x6e0/0x6e0
[ 2870.850870][ T4122]  obj_cgroup_charge+0x2af/0x5e0
[ 2870.855838][ T4122]  ? vm_area_dup+0x85/0x380
[ 2870.860363][ T4122]  kmem_cache_alloc+0xa3/0x3d0
[ 2870.865171][ T4122]  vm_area_dup+0x85/0x380
[ 2870.869527][ T4122]  ? mt_slot+0xa1/0x170
[ 2870.873725][ T4122]  ? mas_next_nentry+0x610/0xab0
[ 2870.878699][ T4122]  ? mas_next_node+0x547/0xa00
[ 2870.883521][ T4122]  ? mas_find+0x211/0xd10
[ 2870.887895][ T4122]  ? vm_area_alloc+0x100/0x100
[ 2870.892691][ T4122]  ? validate_mm_mt+0x149/0x1b0
[ 2870.897571][ T4122]  ? remove_vma+0x130/0x130
[ 2870.902118][ T4122]  ? can_vma_merge_before+0x390/0x390
[ 2870.907543][ T4122]  __split_vma+0xae/0x5e0
[ 2870.911907][ T4122]  ? vma_merge+0x2cf/0x870
[ 2870.916369][ T4122]  split_vma+0xa3/0xe0
[ 2870.920479][ T4122]  mprotect_fixup+0x6cb/0x960
[ 2870.925205][ T4122]  ? mas_find+0x211/0xd10
[ 2870.929569][ T4122]  ? change_protection+0x4290/0x4290
[ 2870.934919][ T4122]  do_mprotect_pkey+0x6fd/0xa70
[ 2870.939821][ T4122]  ? mprotect_fixup+0x960/0x960
[ 2870.944702][ T4122]  ? up_write+0x1b0/0x520
[ 2870.949102][ T4122]  __x64_sys_mprotect+0x78/0xb0
[ 2870.953999][ T4122]  do_syscall_64+0x39/0xb0
[ 2870.958458][ T4122]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2870.964388][ T4122] RIP: 0033:0x7f69a668c1e7
[ 2870.968825][ T4122] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2870.988548][ T4122] RSP: 002b:00007ffea4dd30a8 EFLAGS: 00000206 ORIG_RAX: 000000000000000a
10:17:15 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x12a6b7}, 0x0)

[ 2870.997004][ T4122] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f69a668c1e7
[ 2871.004984][ T4122] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f69a744d000
[ 2871.012978][ T4122] RBP: 00007ffea4dd3180 R08: 00000000ffffffff R09: 00007f69a746c700
[ 2871.020975][ T4122] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffea4dd32a0
[ 2871.028961][ T4122] R13: 00007f69a746c700 R14: 0000000000000000 R15: 0000000000022000
[ 2871.036940][ T4122]  </TASK>
[ 2871.044095][ T4119] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2871.064769][ T4122] memory: usage 307200kB, limit 307200kB, failcnt 15633
[ 2871.072014][ T4122] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2871.081559][ T4122] Memory cgroup stats for /syz1:
[ 2871.081795][ T4122] anon 143360
[ 2871.081795][ T4122] file 393216
[ 2871.081795][ T4122] kernel 314036224
[ 2871.081795][ T4122] kernel_stack 65536
[ 2871.081795][ T4122] pagetables 81920
[ 2871.081795][ T4122] sec_pagetables 0
[ 2871.081795][ T4122] percpu 5356416
[ 2871.081795][ T4122] sock 0
[ 2871.081795][ T4122] vmalloc 0
[ 2871.081795][ T4122] shmem 385024
[ 2871.081795][ T4122] zswap 0
[ 2871.081795][ T4122] zswapped 0
[ 2871.081795][ T4122] file_mapped 385024
[ 2871.081795][ T4122] file_dirty 0
[ 2871.081795][ T4122] file_writeback 0
[ 2871.081795][ T4122] swapcached 0
[ 2871.081795][ T4122] anon_thp 0
[ 2871.081795][ T4122] file_thp 0
[ 2871.081795][ T4122] shmem_thp 0
[ 2871.081795][ T4122] inactive_anon 188416
[ 2871.081795][ T4122] active_anon 339968
[ 2871.081795][ T4122] inactive_file 4096
[ 2871.081795][ T4122] active_file 4096
10:17:15 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x1703}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2871.081795][ T4122] unevictable 0
[ 2871.081795][ T4122] slab_reclaimable 16512
[ 2871.081795][ T4122] slab_unreclaimable 308475640
[ 2871.212746][ T4122] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=4122,uid=0
[ 2871.229097][ T4122] Memory cgroup out of memory: Killed process 4122 (syz-executor.1) total-vm:54672kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2871.236048][ T4119] device bridge460 entered promiscuous mode
[ 2871.248791][ T4128] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2871.275901][ T4128] CPU: 1 PID: 4128 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2871.286272][ T4128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2871.296349][ T4128] Call Trace:
[ 2871.299639][ T4128]  <TASK>
[ 2871.302585][ T4128]  dump_stack_lvl+0xd1/0x138
[ 2871.307217][ T4128]  dump_header+0x10b/0x85f
[ 2871.311658][ T4128]  oom_kill_process.cold+0x10/0x15
[ 2871.316809][ T4128]  out_of_memory+0x35c/0x14a0
[ 2871.321534][ T4128]  ? oom_killer_disable+0x280/0x280
[ 2871.326767][ T4128]  ? find_held_lock+0x2d/0x110
[ 2871.331567][ T4128]  mem_cgroup_out_of_memory+0x206/0x270
[ 2871.337149][ T4128]  ? mem_cgroup_margin+0x130/0x130
[ 2871.342294][ T4128]  ? lock_downgrade+0x6e0/0x6e0
[ 2871.347205][ T4128]  try_charge_memcg+0xef8/0x12f0
[ 2871.352174][ T4128]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2871.358179][ T4128]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2871.363922][ T4128]  ? lock_downgrade+0x6e0/0x6e0
[ 2871.368805][ T4128]  ? lock_downgrade+0x6e0/0x6e0
[ 2871.373695][ T4128]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2871.379270][ T4128]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2871.385445][ T4128]  copy_process+0x15ed/0x7190
[ 2871.390141][ T4128]  ? wp_page_copy+0x311/0x1ca0
[ 2871.394954][ T4128]  ? __cleanup_sighand+0xb0/0xb0
[ 2871.399917][ T4128]  ? do_wp_page+0x1d9/0x1930
[ 2871.404524][ T4128]  kernel_clone+0xeb/0x980
[ 2871.408960][ T4128]  ? create_io_thread+0xf0/0xf0
[ 2871.413834][ T4128]  ? find_held_lock+0x2d/0x110
[ 2871.418632][ T4128]  __do_sys_clone+0xba/0x100
[ 2871.423257][ T4128]  ? kernel_clone+0x980/0x980
[ 2871.427964][ T4128]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2871.433881][ T4128]  do_syscall_64+0x39/0xb0
[ 2871.438323][ T4128]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2871.444256][ T4128] RIP: 0033:0x7f8325a8d501
[ 2871.448713][ T4128] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2871.468337][ T4128] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2871.476766][ T4128] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2871.484747][ T4128] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2871.492729][ T4128] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2871.500709][ T4128] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2871.508691][ T4128] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2871.516698][ T4128]  </TASK>
[ 2871.543966][ T4120] device macvtap484 entered promiscuous mode
[ 2871.569799][ T4128] memory: usage 307184kB, limit 307200kB, failcnt 70476
[ 2871.579447][ T4128] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2871.596015][ T4128] Memory cgroup stats for /syz2:
[ 2871.596266][ T4128] anon 90112
[ 2871.596266][ T4128] file 417792
[ 2871.596266][ T4128] kernel 314048512
[ 2871.596266][ T4128] kernel_stack 32768
[ 2871.596266][ T4128] pagetables 69632
[ 2871.596266][ T4128] sec_pagetables 0
[ 2871.596266][ T4128] percpu 5358784
[ 2871.596266][ T4128] sock 0
[ 2871.596266][ T4128] vmalloc 0
[ 2871.596266][ T4128] shmem 417792
[ 2871.596266][ T4128] zswap 0
[ 2871.596266][ T4128] zswapped 0
[ 2871.596266][ T4128] file_mapped 417792
[ 2871.596266][ T4128] file_dirty 0
[ 2871.596266][ T4128] file_writeback 0
[ 2871.596266][ T4128] swapcached 0
[ 2871.596266][ T4128] anon_thp 0
[ 2871.596266][ T4128] file_thp 0
[ 2871.596266][ T4128] shmem_thp 0
[ 2871.596266][ T4128] inactive_anon 94208
[ 2871.596266][ T4128] active_anon 413696
[ 2871.596266][ T4128] inactive_file 0
[ 2871.596266][ T4128] active_file 0
[ 2871.596266][ T4128] unevictable 0
[ 2871.596266][ T4128] slab_reclaimable 10424
[ 2871.596266][ T4128] slab_unreclaimable 308518480
[ 2871.699990][ T4121] device macvtap485 entered promiscuous mode
[ 2871.715901][ T4128] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4128,uid=0
[ 2871.732388][ T4128] Memory cgroup out of memory: Killed process 4128 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
10:17:15 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4201}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

10:17:15 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x1602}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2871.825470][ T4124] device bridge1801 entered promiscuous mode
[ 2871.906240][ T4138] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2871.919794][ T4138] CPU: 1 PID: 4138 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2871.930172][ T4138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2871.940249][ T4138] Call Trace:
[ 2871.943549][ T4138]  <TASK>
[ 2871.946497][ T4138]  dump_stack_lvl+0xd1/0x138
[ 2871.951127][ T4138]  dump_header+0x10b/0x85f
[ 2871.955569][ T4138]  oom_kill_process.cold+0x10/0x15
[ 2871.960702][ T4138]  out_of_memory+0x35c/0x14a0
[ 2871.965403][ T4138]  ? find_held_lock+0x2d/0x110
[ 2871.970196][ T4138]  ? oom_killer_disable+0x280/0x280
[ 2871.975416][ T4138]  ? find_held_lock+0x2d/0x110
[ 2871.980214][ T4138]  mem_cgroup_out_of_memory+0x206/0x270
[ 2871.985780][ T4138]  ? mem_cgroup_margin+0x130/0x130
[ 2871.990908][ T4138]  ? lock_downgrade+0x6e0/0x6e0
[ 2871.995805][ T4138]  try_charge_memcg+0xef8/0x12f0
[ 2872.000775][ T4138]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2872.006777][ T4138]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2872.012515][ T4138]  ? lock_downgrade+0x6e0/0x6e0
[ 2872.017400][ T4138]  ? lock_downgrade+0x6e0/0x6e0
[ 2872.022296][ T4138]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2872.027868][ T4138]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2872.034048][ T4138]  copy_process+0x73e/0x7190
[ 2872.038660][ T4138]  ? __lock_acquire+0xbc3/0x56d0
[ 2872.043642][ T4138]  ? __cleanup_sighand+0xb0/0xb0
[ 2872.048597][ T4138]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2872.054613][ T4138]  ? psi_memstall_leave+0x174/0x250
[ 2872.059844][ T4138]  kernel_clone+0xeb/0x980
[ 2872.064281][ T4138]  ? create_io_thread+0xf0/0xf0
[ 2872.069150][ T4138]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2872.075411][ T4138]  ? lock_downgrade+0x6e0/0x6e0
[ 2872.080301][ T4138]  __do_sys_clone+0xba/0x100
[ 2872.084908][ T4138]  ? kernel_clone+0x980/0x980
[ 2872.089616][ T4138]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2872.095539][ T4138]  do_syscall_64+0x39/0xb0
[ 2872.099980][ T4138]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2872.105894][ T4138] RIP: 0033:0x7f8325a8d501
[ 2872.110323][ T4138] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2872.129940][ T4138] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2872.138366][ T4138] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2872.146344][ T4138] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2872.154323][ T4138] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2872.162303][ T4138] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2872.170283][ T4138] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2872.178282][ T4138]  </TASK>
[ 2872.189407][ T4138] memory: usage 307200kB, limit 307200kB, failcnt 70570
[ 2872.207576][ T4138] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2872.221046][ T4125] device macvtap2191 entered promiscuous mode
[ 2872.227238][ T4138] Memory cgroup stats for /syz2:
[ 2872.236883][ T4138] anon 90112
[ 2872.236883][ T4138] file 417792
[ 2872.236883][ T4138] kernel 314064896
[ 2872.236883][ T4138] kernel_stack 32768
[ 2872.236883][ T4138] pagetables 69632
[ 2872.236883][ T4138] sec_pagetables 0
[ 2872.236883][ T4138] percpu 5358784
[ 2872.236883][ T4138] sock 0
[ 2872.236883][ T4138] vmalloc 0
[ 2872.236883][ T4138] shmem 417792
[ 2872.236883][ T4138] zswap 0
[ 2872.236883][ T4138] zswapped 0
[ 2872.236883][ T4138] file_mapped 417792
[ 2872.236883][ T4138] file_dirty 0
[ 2872.236883][ T4138] file_writeback 0
[ 2872.236883][ T4138] swapcached 0
[ 2872.236883][ T4138] anon_thp 0
[ 2872.236883][ T4138] file_thp 0
[ 2872.236883][ T4138] shmem_thp 0
[ 2872.236883][ T4138] inactive_anon 49152
[ 2872.236883][ T4138] active_anon 413696
[ 2872.236883][ T4138] inactive_file 0
[ 2872.236883][ T4138] active_file 0
[ 2872.236883][ T4138] unevictable 0
[ 2872.236883][ T4138] slab_reclaimable 10424
[ 2872.236883][ T4138] slab_unreclaimable 308529576
10:17:16 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4202}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2872.360065][ T4138] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4138,uid=0
[ 2872.376017][ T4138] Memory cgroup out of memory: Killed process 4138 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2872.423915][ T4126] device macvtap2192 entered promiscuous mode
[ 2872.446333][ T4143] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[ 2872.462142][ T4143] CPU: 1 PID: 4143 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2872.472508][ T4143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2872.482584][ T4143] Call Trace:
[ 2872.485884][ T4143]  <TASK>
[ 2872.488836][ T4143]  dump_stack_lvl+0xd1/0x138
[ 2872.493470][ T4143]  dump_header+0x10b/0x85f
[ 2872.497923][ T4143]  oom_kill_process.cold+0x10/0x15
[ 2872.503072][ T4143]  out_of_memory+0x35c/0x14a0
[ 2872.507800][ T4143]  ? find_held_lock+0x2d/0x110
[ 2872.512599][ T4143]  ? oom_killer_disable+0x280/0x280
[ 2872.517831][ T4143]  ? find_held_lock+0x2d/0x110
[ 2872.522642][ T4143]  mem_cgroup_out_of_memory+0x206/0x270
[ 2872.528222][ T4143]  ? mem_cgroup_margin+0x130/0x130
[ 2872.533361][ T4143]  ? lock_downgrade+0x6e0/0x6e0
[ 2872.538277][ T4143]  try_charge_memcg+0xef8/0x12f0
[ 2872.543349][ T4143]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2872.549368][ T4143]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2872.555145][ T4143]  ? lock_downgrade+0x6e0/0x6e0
[ 2872.560044][ T4143]  ? lock_downgrade+0x6e0/0x6e0
[ 2872.564963][ T4143]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2872.570553][ T4143]  __alloc_pages+0x1f3/0x5b0
[ 2872.575185][ T4143]  ? __alloc_pages_slowpath.constprop.0+0x23d0/0x23d0
[ 2872.581995][ T4143]  ? find_held_lock+0x2d/0x110
[ 2872.586808][ T4143]  ? __pmd_alloc+0x307/0x5d0
[ 2872.591424][ T4143]  ? lock_downgrade+0x6e0/0x6e0
[ 2872.596320][ T4143]  ? do_raw_spin_lock+0x124/0x2b0
[ 2872.601375][ T4143]  alloc_pages+0x1aa/0x270
[ 2872.605833][ T4143]  pte_alloc_one+0x1a/0x230
[ 2872.610374][ T4143]  __do_fault+0x433/0x600
[ 2872.614743][ T4143]  ? __pud_alloc+0xe4/0x180
[ 2872.619276][ T4143]  __handle_mm_fault+0x2200/0x3a40
[ 2872.624423][ T4143]  ? vm_iomap_memory+0x190/0x190
[ 2872.629425][ T4143]  handle_mm_fault+0x1cc/0x780
[ 2872.634226][ T4143]  do_user_addr_fault+0x475/0x1210
[ 2872.639377][ T4143]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2872.644971][ T4143]  exc_page_fault+0x98/0x170
[ 2872.649595][ T4143]  asm_exc_page_fault+0x26/0x30
[ 2872.654484][ T4143] RIP: 0033:0x7f8325a276c6
[ 2872.658926][ T4143] Code: ff ff 66 90 48 8b 0d 29 e0 ca 00 4c 63 05 12 e0 ca 00 48 8b 05 13 e0 ca 00 49 01 c8 48 39 c8 72 13 4c 39 c0 73 0e 48 8d 50 04 <89> 38 48 89 15 f9 df ca 00 c3 52 48 8d 35 ca f0 0b 00 48 89 c2 48
[ 2872.678562][ T4143] RSP: 002b:00007fff9cb6b2d8 EFLAGS: 00010287
[ 2872.684705][ T4143] RAX: 0000001b2d620000 RBX: 0000000000000003 RCX: 0000001b2d620000
[ 2872.692700][ T4143] RDX: 0000001b2d620004 RSI: 00000000003c0000 RDI: 0000000000000000
[ 2872.700693][ T4143] RBP: 0000000000000000 R08: 0000001b2da20000 R09: 0000000000040000
[ 2872.708686][ T4143] R10: 0000000000000011 R11: 0000000000000000 R12: 0000000000000001
[ 2872.716679][ T4143] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fff9cb6b580
[ 2872.724696][ T4143]  </TASK>
[ 2872.736199][ T4143] memory: usage 307188kB, limit 307200kB, failcnt 70635
[ 2872.743952][ T4143] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2872.751353][ T4143] Memory cgroup stats for /syz2:
[ 2872.751598][ T4143] anon 77824
[ 2872.751598][ T4143] file 417792
[ 2872.751598][ T4143] kernel 314023936
[ 2872.751598][ T4143] kernel_stack 32768
[ 2872.751598][ T4143] pagetables 61440
[ 2872.751598][ T4143] sec_pagetables 0
[ 2872.751598][ T4143] percpu 5358784
[ 2872.751598][ T4143] sock 0
[ 2872.751598][ T4143] vmalloc 0
[ 2872.751598][ T4143] shmem 417792
[ 2872.751598][ T4143] zswap 0
[ 2872.751598][ T4143] zswapped 0
[ 2872.751598][ T4143] file_mapped 417792
[ 2872.751598][ T4143] file_dirty 0
[ 2872.751598][ T4143] file_writeback 0
[ 2872.751598][ T4143] swapcached 0
[ 2872.751598][ T4143] anon_thp 0
[ 2872.751598][ T4143] file_thp 0
[ 2872.751598][ T4143] shmem_thp 0
[ 2872.751598][ T4143] inactive_anon 49152
[ 2872.751598][ T4143] active_anon 413696
[ 2872.751598][ T4143] inactive_file 0
[ 2872.751598][ T4143] active_file 0
[ 2872.751598][ T4143] unevictable 0
[ 2872.751598][ T4143] slab_reclaimable 13384
[ 2872.751598][ T4143] slab_unreclaimable 308522184
10:17:17 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x12a664}, 0x0)

[ 2872.871487][ T4143] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4143,uid=0
10:17:17 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4203}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2872.912757][ T4143] Memory cgroup out of memory: Killed process 4143 (syz-executor.2) total-vm:54408kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:64kB oom_score_adj:1000
[ 2872.950341][ T4130] __nla_validate_parse: 3 callbacks suppressed
[ 2872.950360][ T4130] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
10:17:17 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0xa400, @local}]}, 0x48}}, 0x0)

[ 2873.011504][ T4146] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2873.023185][ T4130] device bridge549 entered promiscuous mode
[ 2873.034618][ T4146] CPU: 1 PID: 4146 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2873.044985][ T4146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2873.055064][ T4146] Call Trace:
[ 2873.058357][ T4146]  <TASK>
[ 2873.061296][ T4146]  dump_stack_lvl+0xd1/0x138
[ 2873.065911][ T4146]  dump_header+0x10b/0x85f
[ 2873.070346][ T4146]  oom_kill_process.cold+0x10/0x15
[ 2873.075476][ T4146]  out_of_memory+0x35c/0x14a0
[ 2873.080178][ T4146]  ? find_held_lock+0x2d/0x110
[ 2873.084969][ T4146]  ? oom_killer_disable+0x280/0x280
[ 2873.090190][ T4146]  ? find_held_lock+0x2d/0x110
[ 2873.094983][ T4146]  mem_cgroup_out_of_memory+0x206/0x270
[ 2873.100547][ T4146]  ? mem_cgroup_margin+0x130/0x130
[ 2873.105676][ T4146]  ? lock_downgrade+0x6e0/0x6e0
[ 2873.110573][ T4146]  try_charge_memcg+0xef8/0x12f0
[ 2873.115539][ T4146]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2873.121554][ T4146]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2873.127295][ T4146]  ? lock_downgrade+0x6e0/0x6e0
[ 2873.132178][ T4146]  ? lock_downgrade+0x6e0/0x6e0
[ 2873.137068][ T4146]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2873.142641][ T4146]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2873.148818][ T4146]  copy_process+0x73e/0x7190
[ 2873.153430][ T4146]  ? __lock_acquire+0xbc3/0x56d0
[ 2873.158408][ T4146]  ? __cleanup_sighand+0xb0/0xb0
[ 2873.163359][ T4146]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2873.169372][ T4146]  ? psi_memstall_leave+0x174/0x250
[ 2873.174607][ T4146]  kernel_clone+0xeb/0x980
[ 2873.179042][ T4146]  ? create_io_thread+0xf0/0xf0
[ 2873.183913][ T4146]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2873.190169][ T4146]  ? lock_downgrade+0x6e0/0x6e0
[ 2873.195059][ T4146]  __do_sys_clone+0xba/0x100
[ 2873.199670][ T4146]  ? kernel_clone+0x980/0x980
[ 2873.204374][ T4146]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2873.210288][ T4146]  do_syscall_64+0x39/0xb0
[ 2873.214727][ T4146]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2873.220640][ T4146] RIP: 0033:0x7f8325a8d501
[ 2873.225065][ T4146] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2873.244682][ T4146] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2873.253109][ T4146] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2873.261088][ T4146] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2873.269070][ T4146] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2873.277052][ T4146] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2873.285029][ T4146] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2873.293026][ T4146]  </TASK>
10:17:17 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x1601}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2873.382658][ T4131] device macvtap583 entered promiscuous mode
[ 2873.398514][ T4133] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2873.474788][ T4133] device bridge1342 entered promiscuous mode
[ 2873.510166][ T4146] memory: usage 307200kB, limit 307200kB, failcnt 70701
[ 2873.532287][ T4135] device macvtap1339 entered promiscuous mode
[ 2873.539245][ T4146] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2873.552577][ T4146] Memory cgroup stats for /syz2:
[ 2873.552813][ T4146] anon 90112
[ 2873.552813][ T4146] file 417792
[ 2873.552813][ T4146] kernel 314064896
[ 2873.552813][ T4146] kernel_stack 32768
[ 2873.552813][ T4146] pagetables 69632
[ 2873.552813][ T4146] sec_pagetables 0
[ 2873.552813][ T4146] percpu 5358784
[ 2873.552813][ T4146] sock 0
[ 2873.552813][ T4146] vmalloc 0
[ 2873.552813][ T4146] shmem 417792
[ 2873.552813][ T4146] zswap 0
[ 2873.552813][ T4146] zswapped 0
[ 2873.552813][ T4146] file_mapped 417792
[ 2873.552813][ T4146] file_dirty 0
[ 2873.552813][ T4146] file_writeback 0
[ 2873.552813][ T4146] swapcached 0
[ 2873.552813][ T4146] anon_thp 0
[ 2873.552813][ T4146] file_thp 0
[ 2873.552813][ T4146] shmem_thp 0
[ 2873.552813][ T4146] inactive_anon 94208
[ 2873.552813][ T4146] active_anon 413696
[ 2873.552813][ T4146] inactive_file 0
[ 2873.552813][ T4146] active_file 0
[ 2873.552813][ T4146] unevictable 0
[ 2873.552813][ T4146] slab_reclaimable 10424
[ 2873.552813][ T4146] slab_unreclaimable 308540976
[ 2873.659555][ T4136] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2873.684967][ T4146] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4146,uid=0
[ 2873.713393][ T4136] device macvtap1340 entered promiscuous mode
[ 2873.725902][ T4146] Memory cgroup out of memory: Killed process 4146 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2873.762932][ T4149] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2873.789337][ T4149] CPU: 1 PID: 4149 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2873.799703][ T4149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2873.809776][ T4149] Call Trace:
[ 2873.813069][ T4149]  <TASK>
[ 2873.816016][ T4149]  dump_stack_lvl+0xd1/0x138
[ 2873.820642][ T4149]  dump_header+0x10b/0x85f
[ 2873.825078][ T4149]  oom_kill_process.cold+0x10/0x15
[ 2873.830207][ T4149]  out_of_memory+0x35c/0x14a0
[ 2873.834917][ T4149]  ? oom_killer_disable+0x280/0x280
[ 2873.840133][ T4149]  ? find_held_lock+0x2d/0x110
[ 2873.844925][ T4149]  mem_cgroup_out_of_memory+0x206/0x270
[ 2873.850486][ T4149]  ? mem_cgroup_margin+0x130/0x130
[ 2873.855615][ T4149]  ? lock_downgrade+0x6e0/0x6e0
[ 2873.860510][ T4149]  try_charge_memcg+0xef8/0x12f0
[ 2873.865478][ T4149]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2873.871484][ T4149]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2873.877226][ T4149]  ? lock_downgrade+0x6e0/0x6e0
[ 2873.882107][ T4149]  ? lock_downgrade+0x6e0/0x6e0
[ 2873.886998][ T4149]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2873.892569][ T4149]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2873.898740][ T4149]  copy_process+0x73e/0x7190
[ 2873.903350][ T4149]  ? find_held_lock+0x2d/0x110
[ 2873.908149][ T4149]  ? __cleanup_sighand+0xb0/0xb0
[ 2873.913099][ T4149]  ? __handle_mm_fault+0x2d0f/0x3a40
[ 2873.918399][ T4149]  ? lock_downgrade+0x6e0/0x6e0
[ 2873.923271][ T4149]  ? folio_flags.constprop.0+0x53/0x150
[ 2873.928846][ T4149]  ? folio_add_lru+0x37b/0x680
[ 2873.933640][ T4149]  kernel_clone+0xeb/0x980
[ 2873.938076][ T4149]  ? create_io_thread+0xf0/0xf0
[ 2873.942946][ T4149]  ? find_held_lock+0x2d/0x110
[ 2873.947742][ T4149]  __do_sys_clone+0xba/0x100
[ 2873.952346][ T4149]  ? kernel_clone+0x980/0x980
[ 2873.957054][ T4149]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2873.962969][ T4149]  do_syscall_64+0x39/0xb0
[ 2873.967407][ T4149]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2873.973318][ T4149] RIP: 0033:0x7f69a668d501
[ 2873.977743][ T4149] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2873.997363][ T4149] RSP: 002b:00007ffea4dd3058 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2874.005790][ T4149] RAX: ffffffffffffffda RBX: 00007f69a746c700 RCX: 00007f69a668d501
[ 2874.013767][ T4149] RDX: 00007f69a746c9d0 RSI: 00007f69a746c2f0 RDI: 00000000003d0f00
[ 2874.021755][ T4149] RBP: 00007ffea4dd32a0 R08: 00007f69a746c700 R09: 00007f69a746c700
[ 2874.029731][ T4149] R10: 00007f69a746c9d0 R11: 0000000000000206 R12: 00007ffea4dd310e
[ 2874.037707][ T4149] R13: 00007ffea4dd310f R14: 00007f69a746c300 R15: 0000000000022000
[ 2874.045702][ T4149]  </TASK>
[ 2874.060007][ T4149] memory: usage 307200kB, limit 307200kB, failcnt 15794
[ 2874.067294][ T4149] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2874.075077][ T4149] Memory cgroup stats for /syz1:
[ 2874.075228][ T4149] anon 147456
[ 2874.075228][ T4149] file 393216
[ 2874.075228][ T4149] kernel 314032128
[ 2874.075228][ T4149] kernel_stack 65536
[ 2874.075228][ T4149] pagetables 81920
[ 2874.075228][ T4149] sec_pagetables 0
[ 2874.075228][ T4149] percpu 5356416
[ 2874.075228][ T4149] sock 0
[ 2874.075228][ T4149] vmalloc 0
[ 2874.075228][ T4149] shmem 385024
[ 2874.075228][ T4149] zswap 0
[ 2874.075228][ T4149] zswapped 0
[ 2874.075228][ T4149] file_mapped 385024
[ 2874.075228][ T4149] file_dirty 0
[ 2874.075228][ T4149] file_writeback 0
[ 2874.075228][ T4149] swapcached 0
[ 2874.075228][ T4149] anon_thp 0
[ 2874.075228][ T4149] file_thp 0
[ 2874.075228][ T4149] shmem_thp 0
[ 2874.075228][ T4149] inactive_anon 192512
[ 2874.075228][ T4149] active_anon 339968
[ 2874.075228][ T4149] inactive_file 4096
[ 2874.075228][ T4149] active_file 4096
[ 2874.075228][ T4149] unevictable 0
[ 2874.075228][ T4149] slab_reclaimable 16512
10:17:18 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4300}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2874.075228][ T4149] slab_unreclaimable 308472584
[ 2874.141565][ T4140] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2874.175709][ T4149] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=4149,uid=0
10:17:18 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0x71, 0x1, @local}]}, 0x48}}, 0x0)

[ 2874.210009][ T4149] Memory cgroup out of memory: Killed process 4149 (syz-executor.1) total-vm:54672kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2874.274410][ T4140] device bridge461 entered promiscuous mode
[ 2874.298425][ T4155] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2874.310410][ T4155] CPU: 0 PID: 4155 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2874.320772][ T4155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2874.330847][ T4155] Call Trace:
[ 2874.334146][ T4155]  <TASK>
[ 2874.337097][ T4155]  dump_stack_lvl+0xd1/0x138
[ 2874.341736][ T4155]  dump_header+0x10b/0x85f
[ 2874.346184][ T4155]  oom_kill_process.cold+0x10/0x15
[ 2874.351318][ T4155]  out_of_memory+0x35c/0x14a0
[ 2874.356018][ T4155]  ? find_held_lock+0x2d/0x110
[ 2874.360808][ T4155]  ? oom_killer_disable+0x280/0x280
[ 2874.366028][ T4155]  ? find_held_lock+0x2d/0x110
[ 2874.370824][ T4155]  mem_cgroup_out_of_memory+0x206/0x270
[ 2874.376391][ T4155]  ? mem_cgroup_margin+0x130/0x130
[ 2874.381515][ T4155]  ? lock_downgrade+0x6e0/0x6e0
[ 2874.386408][ T4155]  try_charge_memcg+0xef8/0x12f0
[ 2874.391374][ T4155]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2874.397374][ T4155]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2874.403110][ T4155]  ? lock_downgrade+0x6e0/0x6e0
[ 2874.407996][ T4155]  ? lock_downgrade+0x6e0/0x6e0
[ 2874.412889][ T4155]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2874.418462][ T4155]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2874.424636][ T4155]  copy_process+0x15ed/0x7190
[ 2874.429330][ T4155]  ? __lock_acquire+0xbc3/0x56d0
[ 2874.434308][ T4155]  ? __cleanup_sighand+0xb0/0xb0
[ 2874.439263][ T4155]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2874.445275][ T4155]  ? psi_memstall_leave+0x174/0x250
[ 2874.450499][ T4155]  kernel_clone+0xeb/0x980
[ 2874.454933][ T4155]  ? create_io_thread+0xf0/0xf0
[ 2874.459803][ T4155]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2874.466061][ T4155]  ? lock_downgrade+0x6e0/0x6e0
[ 2874.470948][ T4155]  __do_sys_clone+0xba/0x100
[ 2874.475573][ T4155]  ? kernel_clone+0x980/0x980
[ 2874.480288][ T4155]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2874.486214][ T4155]  do_syscall_64+0x39/0xb0
[ 2874.490661][ T4155]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2874.496579][ T4155] RIP: 0033:0x7f8325a8d501
[ 2874.501003][ T4155] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2874.520620][ T4155] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2874.529046][ T4155] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2874.537028][ T4155] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2874.545009][ T4155] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2874.552989][ T4155] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2874.560968][ T4155] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2874.568968][ T4155]  </TASK>
[ 2874.587494][ T4155] memory: usage 307188kB, limit 307200kB, failcnt 70830
[ 2874.603386][ T4141] device macvtap485 entered promiscuous mode
[ 2874.609682][ T4155] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2874.617319][ T4155] Memory cgroup stats for /syz2:
[ 2874.617622][ T4155] anon 90112
[ 2874.617622][ T4155] file 417792
[ 2874.617622][ T4155] kernel 314048512
[ 2874.617622][ T4155] kernel_stack 32768
[ 2874.617622][ T4155] pagetables 69632
[ 2874.617622][ T4155] sec_pagetables 0
[ 2874.617622][ T4155] percpu 5358784
[ 2874.617622][ T4155] sock 0
[ 2874.617622][ T4155] vmalloc 0
[ 2874.617622][ T4155] shmem 417792
[ 2874.617622][ T4155] zswap 0
[ 2874.617622][ T4155] zswapped 0
[ 2874.617622][ T4155] file_mapped 417792
[ 2874.617622][ T4155] file_dirty 0
[ 2874.617622][ T4155] file_writeback 0
[ 2874.617622][ T4155] swapcached 0
[ 2874.617622][ T4155] anon_thp 0
[ 2874.617622][ T4155] file_thp 0
[ 2874.617622][ T4155] shmem_thp 0
[ 2874.617622][ T4155] inactive_anon 94208
[ 2874.617622][ T4155] active_anon 413696
[ 2874.617622][ T4155] inactive_file 0
[ 2874.617622][ T4155] active_file 0
[ 2874.617622][ T4155] unevictable 0
[ 2874.617622][ T4155] slab_reclaimable 10424
[ 2874.617622][ T4155] slab_unreclaimable 308529880
[ 2874.725077][ T4142] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2874.725526][ T4155] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4155,uid=0
[ 2874.758839][ T4155] Memory cgroup out of memory: Killed process 4155 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2874.785781][ T4142] device macvtap486 entered promiscuous mode
10:17:19 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4301}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

10:17:19 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0x6b, 0x1, @local}]}, 0x48}}, 0x0)

[ 2874.862316][ T4145] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2874.930131][ T4145] device bridge1802 entered promiscuous mode
[ 2874.944933][ T4160] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2874.967301][ T4160] CPU: 1 PID: 4160 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2874.977676][ T4160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2874.987751][ T4160] Call Trace:
[ 2874.991046][ T4160]  <TASK>
[ 2874.993993][ T4160]  dump_stack_lvl+0xd1/0x138
[ 2874.998622][ T4160]  dump_header+0x10b/0x85f
[ 2875.003073][ T4160]  oom_kill_process.cold+0x10/0x15
[ 2875.008217][ T4160]  out_of_memory+0x35c/0x14a0
[ 2875.012932][ T4160]  ? find_held_lock+0x2d/0x110
[ 2875.017737][ T4160]  ? oom_killer_disable+0x280/0x280
[ 2875.022977][ T4160]  ? find_held_lock+0x2d/0x110
[ 2875.027787][ T4160]  mem_cgroup_out_of_memory+0x206/0x270
[ 2875.033370][ T4160]  ? mem_cgroup_margin+0x130/0x130
[ 2875.038513][ T4160]  ? lock_downgrade+0x6e0/0x6e0
[ 2875.043424][ T4160]  try_charge_memcg+0xef8/0x12f0
[ 2875.048413][ T4160]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2875.054442][ T4160]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2875.060188][ T4160]  ? lock_downgrade+0x6e0/0x6e0
[ 2875.065075][ T4160]  ? lock_downgrade+0x6e0/0x6e0
[ 2875.069967][ T4160]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2875.075538][ T4160]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2875.081722][ T4160]  copy_process+0x73e/0x7190
[ 2875.086334][ T4160]  ? __lock_acquire+0xbc3/0x56d0
[ 2875.091310][ T4160]  ? __cleanup_sighand+0xb0/0xb0
[ 2875.096262][ T4160]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2875.102274][ T4160]  ? psi_memstall_leave+0x174/0x250
[ 2875.107503][ T4160]  kernel_clone+0xeb/0x980
[ 2875.111941][ T4160]  ? create_io_thread+0xf0/0xf0
[ 2875.116812][ T4160]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2875.123070][ T4160]  ? lock_downgrade+0x6e0/0x6e0
[ 2875.127962][ T4160]  __do_sys_clone+0xba/0x100
[ 2875.132570][ T4160]  ? kernel_clone+0x980/0x980
[ 2875.137276][ T4160]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2875.143190][ T4160]  do_syscall_64+0x39/0xb0
[ 2875.147633][ T4160]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2875.153548][ T4160] RIP: 0033:0x7f8325a8d501
[ 2875.157970][ T4160] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2875.177589][ T4160] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2875.186016][ T4160] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2875.193996][ T4160] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2875.201973][ T4160] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2875.209951][ T4160] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2875.217935][ T4160] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2875.225932][ T4160]  </TASK>
[ 2875.304279][ T4147] device macvtap2192 entered promiscuous mode
[ 2875.326473][ T4160] memory: usage 307184kB, limit 307200kB, failcnt 70959
[ 2875.334773][ T4160] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2875.345616][ T4160] Memory cgroup stats for /syz2:
[ 2875.345860][ T4160] anon 90112
[ 2875.345860][ T4160] file 417792
[ 2875.345860][ T4160] kernel 314048512
[ 2875.345860][ T4160] kernel_stack 32768
[ 2875.345860][ T4160] pagetables 69632
[ 2875.345860][ T4160] sec_pagetables 0
[ 2875.345860][ T4160] percpu 5358784
[ 2875.345860][ T4160] sock 0
[ 2875.345860][ T4160] vmalloc 0
[ 2875.345860][ T4160] shmem 417792
[ 2875.345860][ T4160] zswap 0
[ 2875.345860][ T4160] zswapped 0
[ 2875.345860][ T4160] file_mapped 417792
[ 2875.345860][ T4160] file_dirty 0
[ 2875.345860][ T4160] file_writeback 0
[ 2875.345860][ T4160] swapcached 0
[ 2875.345860][ T4160] anon_thp 0
[ 2875.345860][ T4160] file_thp 0
[ 2875.345860][ T4160] shmem_thp 0
[ 2875.345860][ T4160] inactive_anon 94208
[ 2875.345860][ T4160] active_anon 413696
[ 2875.345860][ T4160] inactive_file 0
[ 2875.345860][ T4160] active_file 0
[ 2875.345860][ T4160] unevictable 0
[ 2875.345860][ T4160] slab_reclaimable 10424
[ 2875.345860][ T4160] slab_unreclaimable 308529576
10:17:19 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4302}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2875.440790][ T4160] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4160,uid=0
[ 2875.460456][ T4160] Memory cgroup out of memory: Killed process 4160 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2875.475479][ T4148] device macvtap2193 entered promiscuous mode
[ 2875.567443][ T4150] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2875.580756][ T4165] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000
[ 2875.592175][ T4165] CPU: 0 PID: 4165 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2875.602537][ T4165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2875.612612][ T4165] Call Trace:
[ 2875.615909][ T4165]  <TASK>
[ 2875.618860][ T4165]  dump_stack_lvl+0xd1/0x138
[ 2875.623489][ T4165]  dump_header+0x10b/0x85f
[ 2875.627952][ T4165]  oom_kill_process.cold+0x10/0x15
[ 2875.633102][ T4165]  out_of_memory+0x35c/0x14a0
[ 2875.637824][ T4165]  ? find_held_lock+0x2d/0x110
[ 2875.642630][ T4165]  ? oom_killer_disable+0x280/0x280
[ 2875.647869][ T4165]  ? find_held_lock+0x2d/0x110
[ 2875.652682][ T4165]  mem_cgroup_out_of_memory+0x206/0x270
[ 2875.658260][ T4165]  ? mem_cgroup_margin+0x130/0x130
[ 2875.663403][ T4165]  ? lock_downgrade+0x6e0/0x6e0
[ 2875.668317][ T4165]  try_charge_memcg+0xef8/0x12f0
[ 2875.673299][ T4165]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2875.679317][ T4165]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2875.685067][ T4165]  ? lock_downgrade+0x6e0/0x6e0
[ 2875.689969][ T4165]  ? lock_downgrade+0x6e0/0x6e0
[ 2875.694848][ T4165]  ? rcu_read_unlock+0x9/0x60
[ 2875.699543][ T4165]  obj_cgroup_charge+0x2af/0x5e0
[ 2875.704516][ T4165]  kmem_cache_alloc_node+0xa9/0x410
[ 2875.709735][ T4165]  ? copy_process+0x5c2/0x7190
[ 2875.714517][ T4165]  copy_process+0x5c2/0x7190
[ 2875.719124][ T4165]  ? __lock_acquire+0xbc3/0x56d0
[ 2875.724100][ T4165]  ? __cleanup_sighand+0xb0/0xb0
[ 2875.729053][ T4165]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2875.735065][ T4165]  ? psi_memstall_leave+0x174/0x250
[ 2875.740293][ T4165]  kernel_clone+0xeb/0x980
[ 2875.744730][ T4165]  ? create_io_thread+0xf0/0xf0
[ 2875.749598][ T4165]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2875.755858][ T4165]  ? lock_downgrade+0x6e0/0x6e0
[ 2875.760756][ T4165]  __do_sys_clone+0xba/0x100
[ 2875.765359][ T4165]  ? kernel_clone+0x980/0x980
[ 2875.770067][ T4165]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2875.775980][ T4165]  do_syscall_64+0x39/0xb0
[ 2875.780422][ T4165]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2875.786336][ T4165] RIP: 0033:0x7f8325a8d501
[ 2875.790761][ T4165] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2875.810380][ T4165] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2875.818808][ T4165] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2875.826793][ T4165] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2875.834780][ T4165] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2875.842764][ T4165] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2875.850746][ T4165] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2875.858743][ T4165]  </TASK>
10:17:20 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x12a665}, 0x0)

[ 2875.883174][ T4165] memory: usage 307164kB, limit 307200kB, failcnt 71046
[ 2875.899026][ T4165] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2875.906196][ T4165] Memory cgroup stats for /syz2:
[ 2875.906438][ T4165] anon 90112
[ 2875.906438][ T4165] file 417792
[ 2875.906438][ T4165] kernel 314028032
[ 2875.906438][ T4165] kernel_stack 32768
[ 2875.906438][ T4165] pagetables 69632
[ 2875.906438][ T4165] sec_pagetables 0
[ 2875.906438][ T4165] percpu 5358784
[ 2875.906438][ T4165] sock 0
[ 2875.906438][ T4165] vmalloc 0
[ 2875.906438][ T4165] shmem 417792
[ 2875.906438][ T4165] zswap 0
[ 2875.906438][ T4165] zswapped 0
[ 2875.906438][ T4165] file_mapped 417792
[ 2875.906438][ T4165] file_dirty 0
[ 2875.906438][ T4165] file_writeback 0
[ 2875.906438][ T4165] swapcached 0
[ 2875.906438][ T4165] anon_thp 0
[ 2875.906438][ T4165] file_thp 0
[ 2875.906438][ T4165] shmem_thp 0
[ 2875.906438][ T4165] inactive_anon 94208
[ 2875.906438][ T4165] active_anon 413696
[ 2875.906438][ T4165] inactive_file 0
[ 2875.906438][ T4165] active_file 0
[ 2875.906438][ T4165] unevictable 0
[ 2875.906438][ T4165] slab_reclaimable 10424
[ 2875.906438][ T4165] slab_unreclaimable 308522080
[ 2876.006665][ T4165] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4165,uid=0
10:17:20 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4303}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2876.022652][ T4165] Memory cgroup out of memory: Killed process 4165 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2876.042931][ T4152] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
10:17:20 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0xa500, @local}]}, 0x48}}, 0x0)

[ 2876.081856][ T4152] device bridge550 entered promiscuous mode
[ 2876.145995][ T4153] device macvtap584 entered promiscuous mode
[ 2876.164711][ T4154] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2876.210833][ T4154] device macvtap585 entered promiscuous mode
[ 2876.216482][ T4171] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2876.249160][ T4171] CPU: 1 PID: 4171 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2876.259526][ T4171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2876.269599][ T4171] Call Trace:
[ 2876.272893][ T4171]  <TASK>
[ 2876.275839][ T4171]  dump_stack_lvl+0xd1/0x138
[ 2876.280470][ T4171]  dump_header+0x10b/0x85f
[ 2876.284921][ T4171]  oom_kill_process.cold+0x10/0x15
[ 2876.290070][ T4171]  out_of_memory+0x35c/0x14a0
[ 2876.294777][ T4171]  ? find_held_lock+0x2d/0x110
[ 2876.299557][ T4171]  ? oom_killer_disable+0x280/0x280
[ 2876.304791][ T4171]  ? find_held_lock+0x2d/0x110
[ 2876.309603][ T4171]  mem_cgroup_out_of_memory+0x206/0x270
[ 2876.315184][ T4171]  ? mem_cgroup_margin+0x130/0x130
[ 2876.320328][ T4171]  ? lock_downgrade+0x6e0/0x6e0
[ 2876.325244][ T4171]  try_charge_memcg+0xef8/0x12f0
[ 2876.330230][ T4171]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2876.336245][ T4171]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2876.341996][ T4171]  ? lock_downgrade+0x6e0/0x6e0
[ 2876.346893][ T4171]  ? lock_downgrade+0x6e0/0x6e0
[ 2876.351808][ T4171]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2876.357402][ T4171]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2876.363593][ T4171]  copy_process+0x15ed/0x7190
[ 2876.368304][ T4171]  ? __lock_acquire+0xbc3/0x56d0
[ 2876.373298][ T4171]  ? __cleanup_sighand+0xb0/0xb0
[ 2876.378265][ T4171]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2876.384290][ T4171]  ? psi_memstall_leave+0x174/0x250
[ 2876.389534][ T4171]  kernel_clone+0xeb/0x980
[ 2876.393983][ T4171]  ? create_io_thread+0xf0/0xf0
[ 2876.398868][ T4171]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2876.405145][ T4171]  ? lock_downgrade+0x6e0/0x6e0
[ 2876.410055][ T4171]  __do_sys_clone+0xba/0x100
[ 2876.414676][ T4171]  ? kernel_clone+0x980/0x980
[ 2876.419407][ T4171]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2876.425342][ T4171]  do_syscall_64+0x39/0xb0
[ 2876.429801][ T4171]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2876.435729][ T4171] RIP: 0033:0x7f8325a8d501
[ 2876.440167][ T4171] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2876.459804][ T4171] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2876.468309][ T4171] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2876.476303][ T4171] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2876.484289][ T4171] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2876.492284][ T4171] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2876.500280][ T4171] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2876.508300][ T4171]  </TASK>
[ 2876.520829][ T4171] memory: usage 307200kB, limit 307200kB, failcnt 71177
[ 2876.528008][ T4171] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2876.531856][ T4157] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2876.548640][ T4171] Memory cgroup stats for /syz2:
[ 2876.548880][ T4171] anon 90112
[ 2876.548880][ T4171] file 417792
[ 2876.548880][ T4171] kernel 314064896
[ 2876.548880][ T4171] kernel_stack 32768
[ 2876.548880][ T4171] pagetables 69632
[ 2876.548880][ T4171] sec_pagetables 0
[ 2876.548880][ T4171] percpu 5358784
[ 2876.548880][ T4171] sock 0
[ 2876.548880][ T4171] vmalloc 0
[ 2876.548880][ T4171] shmem 417792
[ 2876.548880][ T4171] zswap 0
[ 2876.548880][ T4171] zswapped 0
[ 2876.548880][ T4171] file_mapped 417792
[ 2876.548880][ T4171] file_dirty 0
[ 2876.548880][ T4171] file_writeback 0
[ 2876.548880][ T4171] swapcached 0
[ 2876.548880][ T4171] anon_thp 0
[ 2876.548880][ T4171] file_thp 0
[ 2876.548880][ T4171] shmem_thp 0
[ 2876.548880][ T4171] inactive_anon 94208
[ 2876.548880][ T4171] active_anon 413696
[ 2876.548880][ T4171] inactive_file 0
[ 2876.548880][ T4171] active_file 0
[ 2876.548880][ T4171] unevictable 0
[ 2876.548880][ T4171] slab_reclaimable 13384
[ 2876.548880][ T4171] slab_unreclaimable 308540976
[ 2876.605962][ T4157] device bridge1343 entered promiscuous mode
[ 2876.648078][ T4171] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4171,uid=0
10:17:20 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0xa400, @local}]}, 0x48}}, 0x0)

[ 2876.665432][ T4171] Memory cgroup out of memory: Killed process 4171 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
10:17:20 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4400}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2876.761255][ T4158] device macvtap1340 entered promiscuous mode
[ 2876.792954][ T4170] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000
[ 2876.829155][ T4170] CPU: 1 PID: 4170 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2876.839530][ T4170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2876.845800][ T4159] device macvtap1341 entered promiscuous mode
[ 2876.849582][ T4170] Call Trace:
[ 2876.849594][ T4170]  <TASK>
[ 2876.849605][ T4170]  dump_stack_lvl+0xd1/0x138
[ 2876.849645][ T4170]  dump_header+0x10b/0x85f
[ 2876.849678][ T4170]  oom_kill_process.cold+0x10/0x15
[ 2876.849714][ T4170]  out_of_memory+0x35c/0x14a0
[ 2876.849753][ T4170]  ? find_held_lock+0x2d/0x110
[ 2876.885572][ T4170]  ? oom_killer_disable+0x280/0x280
[ 2876.890809][ T4170]  ? find_held_lock+0x2d/0x110
[ 2876.895623][ T4170]  mem_cgroup_out_of_memory+0x206/0x270
[ 2876.901197][ T4170]  ? mem_cgroup_margin+0x130/0x130
[ 2876.906325][ T4170]  ? lock_downgrade+0x6e0/0x6e0
[ 2876.911229][ T4170]  try_charge_memcg+0xef8/0x12f0
[ 2876.916197][ T4170]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2876.922197][ T4170]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2876.927931][ T4170]  ? lock_downgrade+0x6e0/0x6e0
[ 2876.932811][ T4170]  ? lock_downgrade+0x6e0/0x6e0
[ 2876.937695][ T4170]  ? rcu_read_unlock+0x9/0x60
[ 2876.942397][ T4170]  obj_cgroup_charge+0x2af/0x5e0
[ 2876.947365][ T4170]  kmem_cache_alloc_node+0xa9/0x410
[ 2876.952584][ T4170]  ? copy_process+0x5c2/0x7190
[ 2876.957368][ T4170]  copy_process+0x5c2/0x7190
[ 2876.961981][ T4170]  ? __lock_acquire+0xbc3/0x56d0
[ 2876.966960][ T4170]  ? __cleanup_sighand+0xb0/0xb0
[ 2876.971913][ T4170]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2876.977927][ T4170]  ? psi_memstall_leave+0x174/0x250
[ 2876.983152][ T4170]  kernel_clone+0xeb/0x980
[ 2876.987586][ T4170]  ? create_io_thread+0xf0/0xf0
[ 2876.992455][ T4170]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2876.998712][ T4170]  ? lock_downgrade+0x6e0/0x6e0
[ 2877.003603][ T4170]  __do_sys_clone+0xba/0x100
[ 2877.008208][ T4170]  ? kernel_clone+0x980/0x980
[ 2877.012917][ T4170]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2877.018834][ T4170]  do_syscall_64+0x39/0xb0
[ 2877.023278][ T4170]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2877.029193][ T4170] RIP: 0033:0x7f69a668d501
[ 2877.033618][ T4170] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2877.053233][ T4170] RSP: 002b:00007ffea4dd3058 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2877.061659][ T4170] RAX: ffffffffffffffda RBX: 00007f69a746c700 RCX: 00007f69a668d501
[ 2877.069640][ T4170] RDX: 00007f69a746c9d0 RSI: 00007f69a746c2f0 RDI: 00000000003d0f00
[ 2877.077617][ T4170] RBP: 00007ffea4dd32a0 R08: 00007f69a746c700 R09: 00007f69a746c700
[ 2877.085594][ T4170] R10: 00007f69a746c9d0 R11: 0000000000000206 R12: 00007ffea4dd310e
[ 2877.093577][ T4170] R13: 00007ffea4dd310f R14: 00007f69a746c300 R15: 0000000000022000
[ 2877.101582][ T4170]  </TASK>
10:17:21 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0x64, 0x1, @local}]}, 0x48}}, 0x0)

[ 2877.151276][ T4162] device bridge462 entered promiscuous mode
[ 2877.166773][ T4170] memory: usage 307196kB, limit 307200kB, failcnt 15969
[ 2877.183528][ T4170] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2877.210147][ T4170] Memory cgroup stats for /syz1:
[ 2877.210382][ T4170] anon 147456
[ 2877.210382][ T4170] file 393216
[ 2877.210382][ T4170] kernel 314028032
[ 2877.210382][ T4170] kernel_stack 65536
[ 2877.210382][ T4170] pagetables 81920
[ 2877.210382][ T4170] sec_pagetables 0
[ 2877.210382][ T4170] percpu 5356416
[ 2877.210382][ T4170] sock 0
[ 2877.210382][ T4170] vmalloc 0
[ 2877.210382][ T4170] shmem 385024
[ 2877.210382][ T4170] zswap 0
[ 2877.210382][ T4170] zswapped 0
[ 2877.210382][ T4170] file_mapped 385024
[ 2877.210382][ T4170] file_dirty 0
[ 2877.210382][ T4170] file_writeback 0
[ 2877.210382][ T4170] swapcached 0
[ 2877.210382][ T4170] anon_thp 0
[ 2877.210382][ T4170] file_thp 0
[ 2877.210382][ T4170] shmem_thp 0
[ 2877.210382][ T4170] inactive_anon 192512
[ 2877.210382][ T4170] active_anon 339968
[ 2877.210382][ T4170] inactive_file 4096
[ 2877.210382][ T4170] active_file 4096
[ 2877.210382][ T4170] unevictable 0
[ 2877.210382][ T4170] slab_reclaimable 16512
[ 2877.210382][ T4170] slab_unreclaimable 308471248
[ 2877.265913][ T4163] device macvtap486 entered promiscuous mode
[ 2877.308834][ T4170] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=4170,uid=0
[ 2877.329163][ T4170] Memory cgroup out of memory: Killed process 4170 (syz-executor.1) total-vm:54672kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2877.369513][ T4176] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2877.389512][ T4176] CPU: 1 PID: 4176 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2877.399871][ T4176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2877.409947][ T4176] Call Trace:
[ 2877.413239][ T4176]  <TASK>
[ 2877.416186][ T4176]  dump_stack_lvl+0xd1/0x138
[ 2877.420823][ T4176]  dump_header+0x10b/0x85f
[ 2877.425272][ T4176]  oom_kill_process.cold+0x10/0x15
[ 2877.430416][ T4176]  out_of_memory+0x35c/0x14a0
[ 2877.435132][ T4176]  ? find_held_lock+0x2d/0x110
[ 2877.439937][ T4176]  ? oom_killer_disable+0x280/0x280
[ 2877.445174][ T4176]  ? find_held_lock+0x2d/0x110
[ 2877.449985][ T4176]  mem_cgroup_out_of_memory+0x206/0x270
[ 2877.455553][ T4176]  ? mem_cgroup_margin+0x130/0x130
[ 2877.460680][ T4176]  ? lock_downgrade+0x6e0/0x6e0
[ 2877.465578][ T4176]  try_charge_memcg+0xef8/0x12f0
[ 2877.470545][ T4176]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2877.476546][ T4176]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2877.482281][ T4176]  ? lock_downgrade+0x6e0/0x6e0
[ 2877.487160][ T4176]  ? lock_downgrade+0x6e0/0x6e0
[ 2877.492051][ T4176]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2877.497622][ T4176]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2877.503795][ T4176]  copy_process+0x15ed/0x7190
[ 2877.508492][ T4176]  ? wp_page_copy+0x311/0x1ca0
[ 2877.513303][ T4176]  ? __cleanup_sighand+0xb0/0xb0
[ 2877.518265][ T4176]  ? do_wp_page+0x1d9/0x1930
[ 2877.522881][ T4176]  kernel_clone+0xeb/0x980
[ 2877.527315][ T4176]  ? create_io_thread+0xf0/0xf0
[ 2877.532190][ T4176]  ? find_held_lock+0x2d/0x110
[ 2877.536989][ T4176]  __do_sys_clone+0xba/0x100
[ 2877.541595][ T4176]  ? kernel_clone+0x980/0x980
[ 2877.546301][ T4176]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2877.552218][ T4176]  do_syscall_64+0x39/0xb0
[ 2877.556658][ T4176]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2877.562570][ T4176] RIP: 0033:0x7f8325a8d501
[ 2877.566993][ T4176] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2877.586609][ T4176] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2877.595032][ T4176] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2877.603012][ T4176] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2877.611002][ T4176] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2877.618984][ T4176] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2877.626962][ T4176] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2877.634960][ T4176]  </TASK>
[ 2877.644500][ T4176] memory: usage 307200kB, limit 307200kB, failcnt 71292
[ 2877.651753][ T4176] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2877.655094][ T4164] device macvtap487 entered promiscuous mode
[ 2877.658892][ T4176] Memory cgroup stats for /syz2:
10:17:21 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0x6b, 0x1, @local}]}, 0x48}}, 0x0)

[ 2877.665198][ T4176] anon 90112
[ 2877.665198][ T4176] file 417792
[ 2877.665198][ T4176] kernel 314048512
[ 2877.665198][ T4176] kernel_stack 32768
[ 2877.665198][ T4176] pagetables 69632
[ 2877.665198][ T4176] sec_pagetables 0
[ 2877.665198][ T4176] percpu 5358784
[ 2877.665198][ T4176] sock 0
[ 2877.665198][ T4176] vmalloc 0
[ 2877.665198][ T4176] shmem 417792
[ 2877.665198][ T4176] zswap 0
[ 2877.665198][ T4176] zswapped 0
[ 2877.665198][ T4176] file_mapped 417792
[ 2877.665198][ T4176] file_dirty 0
[ 2877.665198][ T4176] file_writeback 0
[ 2877.665198][ T4176] swapcached 0
[ 2877.665198][ T4176] anon_thp 0
[ 2877.665198][ T4176] file_thp 0
[ 2877.665198][ T4176] shmem_thp 0
[ 2877.665198][ T4176] inactive_anon 94208
[ 2877.665198][ T4176] active_anon 413696
[ 2877.665198][ T4176] inactive_file 0
[ 2877.665198][ T4176] active_file 0
[ 2877.665198][ T4176] unevictable 0
[ 2877.665198][ T4176] slab_reclaimable 10424
[ 2877.665198][ T4176] slab_unreclaimable 308531744
10:17:22 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4401}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2877.773575][ T4176] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4176,uid=0
[ 2877.790850][ T4176] Memory cgroup out of memory: Killed process 4176 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2877.810511][ T4167] device bridge1803 entered promiscuous mode
[ 2877.906155][ T4185] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000
[ 2877.916981][ T4185] CPU: 1 PID: 4185 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2877.927342][ T4185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2877.929654][ T4168] device macvtap2193 entered promiscuous mode
[ 2877.937396][ T4185] Call Trace:
[ 2877.937407][ T4185]  <TASK>
[ 2877.937418][ T4185]  dump_stack_lvl+0xd1/0x138
[ 2877.937458][ T4185]  dump_header+0x10b/0x85f
[ 2877.937493][ T4185]  oom_kill_process.cold+0x10/0x15
[ 2877.937529][ T4185]  out_of_memory+0x35c/0x14a0
[ 2877.937569][ T4185]  ? find_held_lock+0x2d/0x110
[ 2877.937608][ T4185]  ? oom_killer_disable+0x280/0x280
[ 2877.978521][ T4185]  ? find_held_lock+0x2d/0x110
[ 2877.983313][ T4185]  mem_cgroup_out_of_memory+0x206/0x270
[ 2877.988876][ T4185]  ? mem_cgroup_margin+0x130/0x130
[ 2877.994000][ T4185]  ? lock_downgrade+0x6e0/0x6e0
[ 2877.998891][ T4185]  try_charge_memcg+0xef8/0x12f0
[ 2878.003857][ T4185]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2878.009857][ T4185]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2878.015597][ T4185]  ? lock_downgrade+0x6e0/0x6e0
[ 2878.020475][ T4185]  ? lock_downgrade+0x6e0/0x6e0
[ 2878.025349][ T4185]  ? rcu_read_unlock+0x9/0x60
[ 2878.030046][ T4185]  obj_cgroup_charge+0x2af/0x5e0
[ 2878.035011][ T4185]  kmem_cache_alloc_node+0xa9/0x410
[ 2878.040221][ T4185]  ? copy_process+0x5c2/0x7190
[ 2878.045005][ T4185]  copy_process+0x5c2/0x7190
[ 2878.049616][ T4185]  ? __lock_acquire+0xbc3/0x56d0
[ 2878.054588][ T4185]  ? __cleanup_sighand+0xb0/0xb0
[ 2878.059562][ T4185]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2878.065571][ T4185]  ? psi_memstall_leave+0x174/0x250
[ 2878.070796][ T4185]  kernel_clone+0xeb/0x980
[ 2878.075228][ T4185]  ? create_io_thread+0xf0/0xf0
[ 2878.080094][ T4185]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2878.086350][ T4185]  ? lock_downgrade+0x6e0/0x6e0
[ 2878.091238][ T4185]  __do_sys_clone+0xba/0x100
[ 2878.095844][ T4185]  ? kernel_clone+0x980/0x980
[ 2878.100548][ T4185]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2878.106466][ T4185]  do_syscall_64+0x39/0xb0
[ 2878.110907][ T4185]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2878.116817][ T4185] RIP: 0033:0x7f8325a8d501
[ 2878.121237][ T4185] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2878.140854][ T4185] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2878.149280][ T4185] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2878.157258][ T4185] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2878.165236][ T4185] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2878.173212][ T4185] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2878.181187][ T4185] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2878.189183][ T4185]  </TASK>
[ 2878.206005][ T4185] memory: usage 307196kB, limit 307200kB, failcnt 71405
[ 2878.213431][ T4185] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2878.220539][ T4185] Memory cgroup stats for /syz2:
[ 2878.220770][ T4185] anon 90112
[ 2878.220770][ T4185] file 417792
[ 2878.220770][ T4185] kernel 314028032
[ 2878.220770][ T4185] kernel_stack 32768
[ 2878.220770][ T4185] pagetables 69632
[ 2878.220770][ T4185] sec_pagetables 0
[ 2878.220770][ T4185] percpu 5358784
[ 2878.220770][ T4185] sock 0
[ 2878.220770][ T4185] vmalloc 0
[ 2878.220770][ T4185] shmem 417792
[ 2878.220770][ T4185] zswap 0
[ 2878.220770][ T4185] zswapped 0
[ 2878.220770][ T4185] file_mapped 417792
[ 2878.220770][ T4185] file_dirty 0
[ 2878.220770][ T4185] file_writeback 0
[ 2878.220770][ T4185] swapcached 0
[ 2878.220770][ T4185] anon_thp 0
[ 2878.220770][ T4185] file_thp 0
[ 2878.220770][ T4185] shmem_thp 0
[ 2878.220770][ T4185] inactive_anon 94208
[ 2878.220770][ T4185] active_anon 413696
[ 2878.220770][ T4185] inactive_file 0
[ 2878.220770][ T4185] active_file 0
[ 2878.220770][ T4185] unevictable 0
[ 2878.220770][ T4185] slab_reclaimable 16344
[ 2878.220770][ T4185] slab_unreclaimable 308524896
[ 2878.337652][ T4185] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4185,uid=0
[ 2878.350105][ T4169] device macvtap2194 entered promiscuous mode
[ 2878.382195][ T4185] Memory cgroup out of memory: Killed process 4185 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2878.418245][ T4174] __nla_validate_parse: 4 callbacks suppressed
10:17:22 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x12a666}, 0x0)

[ 2878.418263][ T4174] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
10:17:22 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4402}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2878.488215][ T4174] device bridge551 entered promiscuous mode
[ 2878.502537][ T4172] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2878.602728][ T4189] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2878.630289][ T4189] CPU: 1 PID: 4189 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2878.640671][ T4189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2878.650747][ T4189] Call Trace:
[ 2878.654039][ T4189]  <TASK>
[ 2878.656988][ T4189]  dump_stack_lvl+0xd1/0x138
[ 2878.661620][ T4189]  dump_header+0x10b/0x85f
[ 2878.666079][ T4189]  oom_kill_process.cold+0x10/0x15
[ 2878.671232][ T4189]  out_of_memory+0x35c/0x14a0
[ 2878.675951][ T4189]  ? find_held_lock+0x2d/0x110
[ 2878.680754][ T4189]  ? oom_killer_disable+0x280/0x280
[ 2878.685993][ T4189]  ? find_held_lock+0x2d/0x110
[ 2878.690796][ T4189]  mem_cgroup_out_of_memory+0x206/0x270
[ 2878.696363][ T4189]  ? mem_cgroup_margin+0x130/0x130
[ 2878.701486][ T4189]  ? lock_downgrade+0x6e0/0x6e0
[ 2878.706384][ T4189]  try_charge_memcg+0xef8/0x12f0
[ 2878.711350][ T4189]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2878.717357][ T4189]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2878.723099][ T4189]  ? lock_downgrade+0x6e0/0x6e0
[ 2878.727978][ T4189]  ? lock_downgrade+0x6e0/0x6e0
[ 2878.732871][ T4189]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2878.738442][ T4189]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2878.744618][ T4189]  copy_process+0x73e/0x7190
[ 2878.749224][ T4189]  ? wp_page_copy+0x311/0x1ca0
[ 2878.754030][ T4189]  ? __cleanup_sighand+0xb0/0xb0
[ 2878.758990][ T4189]  ? do_wp_page+0x1d9/0x1930
[ 2878.763599][ T4189]  kernel_clone+0xeb/0x980
[ 2878.768033][ T4189]  ? create_io_thread+0xf0/0xf0
[ 2878.772908][ T4189]  ? find_held_lock+0x2d/0x110
[ 2878.777704][ T4189]  __do_sys_clone+0xba/0x100
[ 2878.782308][ T4189]  ? kernel_clone+0x980/0x980
[ 2878.787015][ T4189]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2878.792931][ T4189]  do_syscall_64+0x39/0xb0
[ 2878.797374][ T4189]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2878.803285][ T4189] RIP: 0033:0x7f8325a8d501
[ 2878.807707][ T4189] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2878.827326][ T4189] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2878.835753][ T4189] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2878.843733][ T4189] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2878.851711][ T4189] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2878.859688][ T4189] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2878.867668][ T4189] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2878.875665][ T4189]  </TASK>
[ 2878.883354][ T4189] memory: usage 307200kB, limit 307200kB, failcnt 71537
[ 2878.890674][ T4189] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2878.897911][ T4189] Memory cgroup stats for /syz2:
[ 2878.898132][ T4189] anon 90112
[ 2878.898132][ T4189] file 417792
[ 2878.898132][ T4189] kernel 314048512
[ 2878.898132][ T4189] kernel_stack 32768
[ 2878.898132][ T4189] pagetables 69632
[ 2878.898132][ T4189] sec_pagetables 0
[ 2878.898132][ T4189] percpu 5358784
[ 2878.898132][ T4189] sock 0
[ 2878.898132][ T4189] vmalloc 0
[ 2878.898132][ T4189] shmem 417792
[ 2878.898132][ T4189] zswap 0
[ 2878.898132][ T4189] zswapped 0
[ 2878.898132][ T4189] file_mapped 417792
[ 2878.898132][ T4189] file_dirty 0
[ 2878.898132][ T4189] file_writeback 0
[ 2878.898132][ T4189] swapcached 0
[ 2878.898132][ T4189] anon_thp 0
[ 2878.898132][ T4189] file_thp 0
[ 2878.898132][ T4189] shmem_thp 0
[ 2878.898132][ T4189] inactive_anon 86016
[ 2878.898132][ T4189] active_anon 413696
[ 2878.898132][ T4189] inactive_file 0
[ 2878.898132][ T4189] active_file 0
[ 2878.898132][ T4189] unevictable 0
[ 2878.898132][ T4189] slab_reclaimable 10424
[ 2878.898132][ T4189] slab_unreclaimable 308531744
[ 2878.995147][ T4189] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4189,uid=0
[ 2879.017162][ T4175] device macvtap585 entered promiscuous mode
[ 2879.036787][ T4189] Memory cgroup out of memory: Killed process 4189 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
10:17:23 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0xc01}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2879.050312][ T4177] device macvtap586 entered promiscuous mode
10:17:23 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0xa600, @local}]}, 0x48}}, 0x0)

[ 2879.088647][ T4179] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
10:17:23 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4403}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2879.155764][ T4179] device bridge1344 entered promiscuous mode
[ 2879.262297][ T4180] device macvtap1342 entered promiscuous mode
[ 2879.262829][ T4197] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000
[ 2879.289199][ T4197] CPU: 0 PID: 4197 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2879.299579][ T4197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2879.309662][ T4197] Call Trace:
[ 2879.309672][ T4181] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2879.312938][ T4197]  <TASK>
[ 2879.312952][ T4197]  dump_stack_lvl+0xd1/0x138
[ 2879.329792][ T4197]  dump_header+0x10b/0x85f
[ 2879.334244][ T4197]  oom_kill_process.cold+0x10/0x15
[ 2879.339392][ T4197]  out_of_memory+0x35c/0x14a0
[ 2879.344108][ T4197]  ? find_held_lock+0x2d/0x110
[ 2879.348904][ T4197]  ? oom_killer_disable+0x280/0x280
[ 2879.354134][ T4197]  ? find_held_lock+0x2d/0x110
[ 2879.358944][ T4197]  mem_cgroup_out_of_memory+0x206/0x270
[ 2879.364524][ T4197]  ? mem_cgroup_margin+0x130/0x130
[ 2879.369668][ T4197]  ? lock_downgrade+0x6e0/0x6e0
[ 2879.374570][ T4197]  try_charge_memcg+0xef8/0x12f0
[ 2879.379535][ T4197]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2879.382719][ T4181] device macvtap1343 entered promiscuous mode
[ 2879.385528][ T4197]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2879.385565][ T4197]  ? lock_downgrade+0x6e0/0x6e0
[ 2879.402197][ T4197]  ? lock_downgrade+0x6e0/0x6e0
[ 2879.407075][ T4197]  ? rcu_read_unlock+0x9/0x60
[ 2879.411775][ T4197]  obj_cgroup_charge+0x2af/0x5e0
[ 2879.416740][ T4197]  kmem_cache_alloc_node+0xa9/0x410
[ 2879.421953][ T4197]  ? copy_process+0x5c2/0x7190
[ 2879.426736][ T4197]  copy_process+0x5c2/0x7190
[ 2879.431342][ T4197]  ? __lock_acquire+0xbc3/0x56d0
[ 2879.436316][ T4197]  ? __cleanup_sighand+0xb0/0xb0
[ 2879.441265][ T4197]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2879.447272][ T4197]  ? psi_memstall_leave+0x174/0x250
[ 2879.452500][ T4197]  kernel_clone+0xeb/0x980
[ 2879.456933][ T4197]  ? create_io_thread+0xf0/0xf0
[ 2879.461892][ T4197]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2879.468153][ T4197]  ? lock_downgrade+0x6e0/0x6e0
[ 2879.473041][ T4197]  __do_sys_clone+0xba/0x100
[ 2879.477649][ T4197]  ? kernel_clone+0x980/0x980
[ 2879.482354][ T4197]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2879.488267][ T4197]  do_syscall_64+0x39/0xb0
[ 2879.492707][ T4197]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2879.498624][ T4197] RIP: 0033:0x7f8325a8d501
[ 2879.503053][ T4197] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2879.522672][ T4197] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2879.531098][ T4197] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2879.539076][ T4197] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2879.547054][ T4197] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2879.555032][ T4197] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2879.563009][ T4197] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2879.571003][ T4197]  </TASK>
10:17:23 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0x64, 0x1, @local}]}, 0x48}}, 0x0)

[ 2879.618443][ T4183] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2879.642158][ T4197] memory: usage 307180kB, limit 307200kB, failcnt 71654
[ 2879.651652][ T4197] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2879.666451][ T4197] Memory cgroup stats for /syz2:
[ 2879.666717][ T4197] anon 90112
[ 2879.666717][ T4197] file 417792
[ 2879.666717][ T4197] kernel 314044416
[ 2879.666717][ T4197] kernel_stack 32768
[ 2879.666717][ T4197] pagetables 69632
[ 2879.666717][ T4197] sec_pagetables 0
[ 2879.666717][ T4197] percpu 5358784
[ 2879.666717][ T4197] sock 0
[ 2879.666717][ T4197] vmalloc 0
[ 2879.666717][ T4197] shmem 417792
[ 2879.666717][ T4197] zswap 0
[ 2879.666717][ T4197] zswapped 0
[ 2879.666717][ T4197] file_mapped 417792
[ 2879.666717][ T4197] file_dirty 0
[ 2879.666717][ T4197] file_writeback 0
[ 2879.666717][ T4197] swapcached 0
[ 2879.666717][ T4197] anon_thp 0
[ 2879.666717][ T4197] file_thp 0
[ 2879.666717][ T4197] shmem_thp 0
[ 2879.666717][ T4197] inactive_anon 94208
[ 2879.666717][ T4197] active_anon 413696
[ 2879.666717][ T4197] inactive_file 0
[ 2879.666717][ T4197] active_file 0
[ 2879.666717][ T4197] unevictable 0
[ 2879.666717][ T4197] slab_reclaimable 10424
[ 2879.666717][ T4197] slab_unreclaimable 308533480
[ 2879.680063][ T4183] device bridge463 entered promiscuous mode
[ 2879.764149][ T4197] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4197,uid=0
[ 2879.794080][ T4197] Memory cgroup out of memory: Killed process 4197 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2879.812201][ T4194] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2879.829522][ T4194] CPU: 0 PID: 4194 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2879.839883][ T4194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2879.849946][ T4194] Call Trace:
[ 2879.853229][ T4194]  <TASK>
[ 2879.856168][ T4194]  dump_stack_lvl+0xd1/0x138
[ 2879.860781][ T4194]  dump_header+0x10b/0x85f
[ 2879.865220][ T4194]  oom_kill_process.cold+0x10/0x15
[ 2879.870352][ T4194]  out_of_memory+0x35c/0x14a0
[ 2879.875053][ T4194]  ? oom_killer_disable+0x280/0x280
[ 2879.880272][ T4194]  ? find_held_lock+0x2d/0x110
[ 2879.885062][ T4194]  mem_cgroup_out_of_memory+0x206/0x270
[ 2879.890631][ T4194]  ? mem_cgroup_margin+0x130/0x130
[ 2879.895758][ T4194]  ? lock_downgrade+0x6e0/0x6e0
[ 2879.900656][ T4194]  try_charge_memcg+0xef8/0x12f0
[ 2879.905626][ T4194]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2879.911629][ T4194]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2879.917368][ T4194]  ? lock_downgrade+0x6e0/0x6e0
[ 2879.922249][ T4194]  ? lock_downgrade+0x6e0/0x6e0
[ 2879.927141][ T4194]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2879.932715][ T4194]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2879.938888][ T4194]  copy_process+0x73e/0x7190
[ 2879.943501][ T4194]  ? find_held_lock+0x2d/0x110
[ 2879.948299][ T4194]  ? __cleanup_sighand+0xb0/0xb0
[ 2879.953246][ T4194]  ? __handle_mm_fault+0x2d0f/0x3a40
[ 2879.958547][ T4194]  ? lock_downgrade+0x6e0/0x6e0
[ 2879.963420][ T4194]  ? folio_flags.constprop.0+0x53/0x150
[ 2879.968999][ T4194]  ? folio_add_lru+0x37b/0x680
[ 2879.973792][ T4194]  kernel_clone+0xeb/0x980
[ 2879.978225][ T4194]  ? create_io_thread+0xf0/0xf0
[ 2879.983096][ T4194]  ? find_held_lock+0x2d/0x110
[ 2879.987892][ T4194]  __do_sys_clone+0xba/0x100
[ 2879.992497][ T4194]  ? kernel_clone+0x980/0x980
[ 2879.997203][ T4194]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2880.003115][ T4194]  do_syscall_64+0x39/0xb0
[ 2880.007551][ T4194]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2880.013467][ T4194] RIP: 0033:0x7f69a668d501
[ 2880.017888][ T4194] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2880.037507][ T4194] RSP: 002b:00007ffea4dd3058 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2880.045932][ T4194] RAX: ffffffffffffffda RBX: 00007f69a746c700 RCX: 00007f69a668d501
[ 2880.053910][ T4194] RDX: 00007f69a746c9d0 RSI: 00007f69a746c2f0 RDI: 00000000003d0f00
[ 2880.061890][ T4194] RBP: 00007ffea4dd32a0 R08: 00007f69a746c700 R09: 00007f69a746c700
10:17:24 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4500}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2880.069867][ T4194] R10: 00007f69a746c9d0 R11: 0000000000000206 R12: 00007ffea4dd310e
[ 2880.077842][ T4194] R13: 00007ffea4dd310f R14: 00007f69a746c300 R15: 0000000000022000
[ 2880.085838][ T4194]  </TASK>
[ 2880.150963][ T4194] memory: usage 307200kB, limit 307200kB, failcnt 16051
[ 2880.158308][ T4194] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2880.165438][ T4194] Memory cgroup stats for /syz1:
[ 2880.165670][ T4194] anon 147456
[ 2880.165670][ T4194] file 393216
[ 2880.165670][ T4194] kernel 314032128
[ 2880.165670][ T4194] kernel_stack 65536
[ 2880.165670][ T4194] pagetables 81920
[ 2880.165670][ T4194] sec_pagetables 0
[ 2880.165670][ T4194] percpu 5356416
[ 2880.165670][ T4194] sock 0
[ 2880.165670][ T4194] vmalloc 0
[ 2880.165670][ T4194] shmem 385024
[ 2880.165670][ T4194] zswap 0
[ 2880.165670][ T4194] zswapped 0
[ 2880.165670][ T4194] file_mapped 385024
[ 2880.165670][ T4194] file_dirty 0
[ 2880.165670][ T4194] file_writeback 0
[ 2880.165670][ T4194] swapcached 0
[ 2880.165670][ T4194] anon_thp 0
[ 2880.165670][ T4194] file_thp 0
[ 2880.165670][ T4194] shmem_thp 0
[ 2880.165670][ T4194] inactive_anon 192512
[ 2880.165670][ T4194] active_anon 339968
[ 2880.165670][ T4194] inactive_file 4096
[ 2880.165670][ T4194] active_file 4096
[ 2880.165670][ T4194] unevictable 0
[ 2880.165670][ T4194] slab_reclaimable 16512
[ 2880.165670][ T4194] slab_unreclaimable 308472584
[ 2880.226792][ T4184] device macvtap488 entered promiscuous mode
[ 2880.266810][ T4194] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=4194,uid=0
[ 2880.282950][ T4194] Memory cgroup out of memory: Killed process 4194 (syz-executor.1) total-vm:54672kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2880.334456][ T4202] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2880.336082][ T4186] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2880.349727][ T4202] CPU: 1 PID: 4202 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2880.364396][ T4202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2880.374471][ T4202] Call Trace:
[ 2880.377762][ T4202]  <TASK>
[ 2880.380712][ T4202]  dump_stack_lvl+0xd1/0x138
[ 2880.385340][ T4202]  dump_header+0x10b/0x85f
[ 2880.389801][ T4202]  oom_kill_process.cold+0x10/0x15
[ 2880.394952][ T4202]  out_of_memory+0x35c/0x14a0
[ 2880.399669][ T4202]  ? find_held_lock+0x2d/0x110
[ 2880.404469][ T4202]  ? oom_killer_disable+0x280/0x280
[ 2880.409687][ T4202]  ? find_held_lock+0x2d/0x110
[ 2880.414478][ T4202]  mem_cgroup_out_of_memory+0x206/0x270
[ 2880.420055][ T4202]  ? mem_cgroup_margin+0x130/0x130
[ 2880.425201][ T4202]  ? lock_downgrade+0x6e0/0x6e0
[ 2880.429222][ T4186] device macvtap489 entered promiscuous mode
[ 2880.430100][ T4202]  try_charge_memcg+0xef8/0x12f0
[ 2880.441047][ T4202]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2880.447065][ T4202]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2880.452817][ T4202]  ? lock_downgrade+0x6e0/0x6e0
[ 2880.457704][ T4202]  ? lock_downgrade+0x6e0/0x6e0
[ 2880.462613][ T4202]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2880.468202][ T4202]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2880.474392][ T4202]  copy_process+0x73e/0x7190
[ 2880.479017][ T4202]  ? __lock_acquire+0xbc3/0x56d0
[ 2880.484010][ T4202]  ? __cleanup_sighand+0xb0/0xb0
[ 2880.488976][ T4202]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2880.495008][ T4202]  ? psi_memstall_leave+0x174/0x250
[ 2880.500260][ T4202]  kernel_clone+0xeb/0x980
[ 2880.504714][ T4202]  ? create_io_thread+0xf0/0xf0
[ 2880.509600][ T4202]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2880.515880][ T4202]  ? lock_downgrade+0x6e0/0x6e0
[ 2880.520784][ T4202]  __do_sys_clone+0xba/0x100
[ 2880.525398][ T4202]  ? kernel_clone+0x980/0x980
[ 2880.530106][ T4202]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2880.536022][ T4202]  do_syscall_64+0x39/0xb0
[ 2880.540463][ T4202]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2880.546377][ T4202] RIP: 0033:0x7f8325a8d501
[ 2880.550800][ T4202] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2880.570422][ T4202] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
10:17:24 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0x6b, 0x1, @local}]}, 0x48}}, 0x0)

[ 2880.578848][ T4202] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2880.586831][ T4202] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2880.594810][ T4202] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2880.602787][ T4202] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2880.610767][ T4202] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2880.618779][ T4202]  </TASK>
[ 2880.625757][ T4202] memory: usage 307200kB, limit 307200kB, failcnt 71788
[ 2880.636291][ T4202] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2880.637324][ T4188] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2880.644309][ T4202] Memory cgroup stats for /syz2:
[ 2880.668822][ T4202] anon 90112
[ 2880.668822][ T4202] file 417792
[ 2880.668822][ T4202] kernel 314044416
[ 2880.668822][ T4202] kernel_stack 32768
[ 2880.668822][ T4202] pagetables 69632
[ 2880.668822][ T4202] sec_pagetables 0
[ 2880.668822][ T4202] percpu 5358784
[ 2880.668822][ T4202] sock 0
[ 2880.668822][ T4202] vmalloc 0
[ 2880.668822][ T4202] shmem 417792
[ 2880.668822][ T4202] zswap 0
[ 2880.668822][ T4202] zswapped 0
[ 2880.668822][ T4202] file_mapped 417792
[ 2880.668822][ T4202] file_dirty 0
[ 2880.668822][ T4202] file_writeback 0
[ 2880.668822][ T4202] swapcached 0
[ 2880.668822][ T4202] anon_thp 0
[ 2880.668822][ T4202] file_thp 0
[ 2880.668822][ T4202] shmem_thp 0
[ 2880.668822][ T4202] inactive_anon 94208
[ 2880.668822][ T4202] active_anon 413696
[ 2880.668822][ T4202] inactive_file 0
[ 2880.668822][ T4202] active_file 0
[ 2880.668822][ T4202] unevictable 0
[ 2880.668822][ T4202] slab_reclaimable 10424
[ 2880.668822][ T4202] slab_unreclaimable 308529576
[ 2880.725990][ T4188] device bridge1804 entered promiscuous mode
[ 2880.787755][ T4202] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4202,uid=0
10:17:25 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4501}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2880.821482][ T4202] Memory cgroup out of memory: Killed process 4202 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[ 2880.857155][ T4190] device macvtap2194 entered promiscuous mode
[ 2880.956633][ T4191] device macvtap2195 entered promiscuous mode
[ 2880.999893][ T4208] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2881.010508][ T4208] CPU: 1 PID: 4208 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2881.020867][ T4208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2881.030923][ T4208] Call Trace:
[ 2881.034202][ T4208]  <TASK>
[ 2881.037137][ T4208]  dump_stack_lvl+0xd1/0x138
[ 2881.041747][ T4208]  dump_header+0x10b/0x85f
[ 2881.046178][ T4208]  oom_kill_process.cold+0x10/0x15
[ 2881.051307][ T4208]  out_of_memory+0x35c/0x14a0
[ 2881.056001][ T4208]  ? find_held_lock+0x2d/0x110
[ 2881.060786][ T4208]  ? oom_killer_disable+0x280/0x280
[ 2881.066004][ T4208]  ? find_held_lock+0x2d/0x110
[ 2881.070796][ T4208]  mem_cgroup_out_of_memory+0x206/0x270
[ 2881.076357][ T4208]  ? mem_cgroup_margin+0x130/0x130
[ 2881.081477][ T4208]  ? lock_downgrade+0x6e0/0x6e0
[ 2881.086364][ T4208]  try_charge_memcg+0xef8/0x12f0
[ 2881.091324][ T4208]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2881.097326][ T4208]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2881.103063][ T4208]  ? lock_downgrade+0x6e0/0x6e0
[ 2881.107940][ T4208]  ? lock_downgrade+0x6e0/0x6e0
[ 2881.112823][ T4208]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2881.118392][ T4208]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2881.124567][ T4208]  copy_process+0x73e/0x7190
[ 2881.129171][ T4208]  ? __lock_acquire+0xbc3/0x56d0
[ 2881.134141][ T4208]  ? __cleanup_sighand+0xb0/0xb0
[ 2881.139089][ T4208]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 2881.145093][ T4208]  ? psi_memstall_leave+0x174/0x250
[ 2881.150313][ T4208]  kernel_clone+0xeb/0x980
[ 2881.154742][ T4208]  ? create_io_thread+0xf0/0xf0
[ 2881.159603][ T4208]  ? percpu_ref_put_many.constprop.0+0x6a/0x1a0
[ 2881.165855][ T4208]  ? lock_downgrade+0x6e0/0x6e0
[ 2881.170741][ T4208]  __do_sys_clone+0xba/0x100
[ 2881.175342][ T4208]  ? kernel_clone+0x980/0x980
[ 2881.180046][ T4208]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2881.185955][ T4208]  do_syscall_64+0x39/0xb0
[ 2881.190393][ T4208]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2881.196308][ T4208] RIP: 0033:0x7f8325a8d501
[ 2881.200727][ T4208] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2881.220341][ T4208] RSP: 002b:00007fff9cb6b1a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2881.228762][ T4208] RAX: ffffffffffffffda RBX: 00007f83267a9700 RCX: 00007f8325a8d501
[ 2881.236738][ T4208] RDX: 00007f83267a99d0 RSI: 00007f83267a92f0 RDI: 00000000003d0f00
[ 2881.244713][ T4208] RBP: 00007fff9cb6b3f0 R08: 00007f83267a9700 R09: 00007f83267a9700
[ 2881.252688][ T4208] R10: 00007f83267a99d0 R11: 0000000000000206 R12: 00007fff9cb6b25e
[ 2881.260661][ T4208] R13: 00007fff9cb6b25f R14: 00007f83267a9300 R15: 0000000000022000
[ 2881.268653][ T4208]  </TASK>
[ 2881.271760][ T4193] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2881.283511][ T4208] memory: usage 307200kB, limit 307200kB, failcnt 71912
[ 2881.300155][ T4208] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2881.307116][ T4208] Memory cgroup stats for /syz2:
[ 2881.314655][ T4208] anon 90112
[ 2881.314655][ T4208] file 417792
[ 2881.314655][ T4208] kernel 314040320
[ 2881.314655][ T4208] kernel_stack 32768
[ 2881.314655][ T4208] pagetables 69632
[ 2881.314655][ T4208] sec_pagetables 0
[ 2881.314655][ T4208] percpu 5358784
[ 2881.314655][ T4208] sock 0
[ 2881.314655][ T4208] vmalloc 0
10:17:25 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x12a667}, 0x0)

[ 2881.314655][ T4208] shmem 417792
[ 2881.314655][ T4208] zswap 0
[ 2881.314655][ T4208] zswapped 0
[ 2881.314655][ T4208] file_mapped 417792
[ 2881.314655][ T4208] file_dirty 0
[ 2881.314655][ T4208] file_writeback 0
[ 2881.314655][ T4208] swapcached 0
[ 2881.314655][ T4208] anon_thp 0
[ 2881.314655][ T4208] file_thp 0
[ 2881.314655][ T4208] shmem_thp 0
[ 2881.314655][ T4208] inactive_anon 81920
[ 2881.314655][ T4208] active_anon 413696
[ 2881.314655][ T4208] inactive_file 0
[ 2881.314655][ T4208] active_file 0
[ 2881.314655][ T4208] unevictable 0
[ 2881.314655][ T4208] slab_reclaimable 10424
[ 2881.314655][ T4208] slab_unreclaimable 308529880
[ 2881.433047][ T4193] device bridge552 entered promiscuous mode
[ 2881.446925][ T4208] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4208,uid=0
[ 2881.463036][ T4208] Memory cgroup out of memory: Killed process 4208 (syz-executor.2) total-vm:54540kB, anon-rss:468kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
10:17:25 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4502}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2881.501859][ T4196] device macvtap587 entered promiscuous mode
[ 2881.540910][ T4195] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2881.543132][ T4212] syz-executor.2 invoked oom-killer: gfp_mask=0xdc0(GFP_KERNEL|__GFP_ZERO), order=0, oom_score_adj=0
[ 2881.565039][ T4212] CPU: 0 PID: 4212 Comm: syz-executor.2 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2881.575404][ T4212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2881.585478][ T4212] Call Trace:
[ 2881.588776][ T4212]  <TASK>
[ 2881.591729][ T4212]  dump_stack_lvl+0xd1/0x138
[ 2881.596362][ T4212]  dump_header+0x10b/0x85f
[ 2881.600815][ T4212]  oom_kill_process.cold+0x10/0x15
[ 2881.605965][ T4212]  out_of_memory+0x35c/0x14a0
[ 2881.610686][ T4212]  ? find_held_lock+0x2d/0x110
[ 2881.615491][ T4212]  ? oom_killer_disable+0x280/0x280
[ 2881.620729][ T4212]  ? find_held_lock+0x2d/0x110
[ 2881.625541][ T4212]  mem_cgroup_out_of_memory+0x206/0x270
[ 2881.631119][ T4212]  ? mem_cgroup_margin+0x130/0x130
[ 2881.636259][ T4212]  ? lock_downgrade+0x6e0/0x6e0
[ 2881.641179][ T4212]  try_charge_memcg+0xef8/0x12f0
[ 2881.646175][ T4212]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2881.652195][ T4212]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2881.657949][ T4212]  ? lock_downgrade+0x6e0/0x6e0
[ 2881.662849][ T4212]  ? lock_downgrade+0x6e0/0x6e0
[ 2881.667745][ T4212]  ? rcu_read_unlock+0x9/0x60
[ 2881.672463][ T4212]  obj_cgroup_charge+0x2af/0x5e0
[ 2881.677452][ T4212]  ? __alloc_file+0x21/0x270
[ 2881.682080][ T4212]  kmem_cache_alloc+0xa3/0x3d0
[ 2881.686885][ T4212]  __alloc_file+0x21/0x270
[ 2881.691344][ T4212]  alloc_empty_file+0x71/0x170
[ 2881.696152][ T4212]  path_openat+0xe7/0x2860
[ 2881.700616][ T4212]  ? ____kasan_slab_free+0x160/0x1c0
[ 2881.705943][ T4212]  ? do_symlinkat+0x19c/0x2e0
[ 2881.710643][ T4212]  ? path_lookupat+0x840/0x840
[ 2881.715420][ T4212]  do_filp_open+0x1ba/0x410
[ 2881.719945][ T4212]  ? may_open_dev+0xf0/0xf0
[ 2881.724474][ T4212]  ? find_held_lock+0x2d/0x110
[ 2881.729290][ T4212]  ? do_raw_spin_lock+0x124/0x2b0
[ 2881.734346][ T4212]  ? rwlock_bug.part.0+0x90/0x90
[ 2881.739317][ T4212]  ? _raw_spin_unlock+0x28/0x40
[ 2881.744196][ T4212]  ? alloc_fd+0x2d8/0x6d0
[ 2881.748555][ T4212]  do_sys_openat2+0x16d/0x4c0
[ 2881.753227][ T4212]  ? kmem_cache_free+0xee/0x5c0
[ 2881.758076][ T4212]  ? build_open_flags+0x6f0/0x6f0
[ 2881.763099][ T4212]  ? xfd_validate_state+0x5d/0x180
[ 2881.768326][ T4212]  __x64_sys_openat+0x143/0x1f0
[ 2881.773216][ T4212]  ? __ia32_sys_open+0x1c0/0x1c0
[ 2881.778196][ T4212]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2881.784133][ T4212]  do_syscall_64+0x39/0xb0
[ 2881.788594][ T4212]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2881.794525][ T4212] RIP: 0033:0x7f8325a3e264
[ 2881.798960][ T4212] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 2881.818597][ T4212] RSP: 002b:00007fff9cb6af40 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 2881.827040][ T4212] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f8325a3e264
[ 2881.835039][ T4212] RDX: 0000000000080001 RSI: 00007f8325ae7b71 RDI: 00000000ffffff9c
[ 2881.843032][ T4212] RBP: 00007f8325ae7b71 R08: 0000000000000000 R09: 00007fff9cb6af30
[ 2881.851016][ T4212] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000080001
[ 2881.858978][ T4212] R13: 00007fff9cb6afe0 R14: 0000000000000000 R15: 00007fff9cb6b580
[ 2881.866952][ T4212]  </TASK>
[ 2881.881220][ T4212] memory: usage 307144kB, limit 307200kB, failcnt 72021
[ 2881.888784][ T4212] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2881.895773][ T4212] Memory cgroup stats for /syz2:
[ 2881.896007][ T4212] anon 77824
[ 2881.896007][ T4212] file 417792
[ 2881.896007][ T4212] kernel 314007552
[ 2881.896007][ T4212] kernel_stack 32768
[ 2881.896007][ T4212] pagetables 57344
[ 2881.896007][ T4212] sec_pagetables 0
[ 2881.896007][ T4212] percpu 5358784
[ 2881.896007][ T4212] sock 0
[ 2881.896007][ T4212] vmalloc 0
[ 2881.896007][ T4212] shmem 417792
[ 2881.896007][ T4212] zswap 0
[ 2881.896007][ T4212] zswapped 0
[ 2881.896007][ T4212] file_mapped 417792
[ 2881.896007][ T4212] file_dirty 0
[ 2881.896007][ T4212] file_writeback 0
[ 2881.896007][ T4212] swapcached 0
[ 2881.896007][ T4212] anon_thp 0
[ 2881.896007][ T4212] file_thp 0
[ 2881.896007][ T4212] shmem_thp 0
[ 2881.896007][ T4212] inactive_anon 49152
[ 2881.896007][ T4212] active_anon 413696
[ 2881.896007][ T4212] inactive_file 0
[ 2881.896007][ T4212] active_file 0
[ 2881.896007][ T4212] unevictable 0
[ 2881.896007][ T4212] slab_reclaimable 9480
[ 2881.896007][ T4212] slab_unreclaimable 308521536
[ 2881.896007][ T4212] slab 308531016
[ 2882.134706][ T4212] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=5795,uid=0
[ 2882.135096][ T4198] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2882.150291][ T4212] Memory cgroup out of memory: Killed process 5795 (syz-executor.2) total-vm:50568kB, anon-rss:468kB, file-rss:8828kB, shmem-rss:64kB, UID:0 pgtables:68kB oom_score_adj:0
10:17:26 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0xa700, @local}]}, 0x48}}, 0x0)

[ 2882.258084][ T4198] device macvtap588 entered promiscuous mode
10:17:26 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0xa600, @local}]}, 0x48}}, 0x0)

[ 2882.375441][ T4200] device bridge1345 entered promiscuous mode
[ 2882.451819][ T4201] device macvtap1344 entered promiscuous mode
[ 2882.462093][ T4215] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2882.487943][ T4215] CPU: 0 PID: 4215 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2882.498309][ T4215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2882.508384][ T4215] Call Trace:
[ 2882.511678][ T4215]  <TASK>
[ 2882.514624][ T4215]  dump_stack_lvl+0xd1/0x138
[ 2882.519252][ T4215]  dump_header+0x10b/0x85f
[ 2882.523698][ T4215]  oom_kill_process.cold+0x10/0x15
[ 2882.528849][ T4215]  out_of_memory+0x35c/0x14a0
[ 2882.533555][ T4215]  ? find_held_lock+0x2d/0x110
[ 2882.538356][ T4215]  ? oom_killer_disable+0x280/0x280
[ 2882.543593][ T4215]  ? find_held_lock+0x2d/0x110
[ 2882.548400][ T4215]  mem_cgroup_out_of_memory+0x206/0x270
[ 2882.553975][ T4215]  ? mem_cgroup_margin+0x130/0x130
[ 2882.559099][ T4215]  ? lock_downgrade+0x6e0/0x6e0
[ 2882.563994][ T4215]  try_charge_memcg+0xef8/0x12f0
[ 2882.568957][ T4215]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2882.574957][ T4215]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2882.580694][ T4215]  ? lock_downgrade+0x6e0/0x6e0
[ 2882.585574][ T4215]  ? lock_downgrade+0x6e0/0x6e0
[ 2882.590472][ T4215]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2882.596042][ T4215]  memcg_charge_kernel_stack.part.0+0x6c/0x150
[ 2882.602217][ T4215]  copy_process+0x15ed/0x7190
[ 2882.606914][ T4215]  ? find_held_lock+0x2d/0x110
[ 2882.611713][ T4215]  ? __cleanup_sighand+0xb0/0xb0
[ 2882.616660][ T4215]  ? __handle_mm_fault+0x2d0f/0x3a40
[ 2882.621958][ T4215]  ? lock_downgrade+0x6e0/0x6e0
[ 2882.626831][ T4215]  ? folio_flags.constprop.0+0x53/0x150
[ 2882.632409][ T4215]  ? folio_add_lru+0x37b/0x680
[ 2882.637204][ T4215]  kernel_clone+0xeb/0x980
[ 2882.641636][ T4215]  ? create_io_thread+0xf0/0xf0
[ 2882.646512][ T4215]  ? find_held_lock+0x2d/0x110
[ 2882.651307][ T4215]  __do_sys_clone+0xba/0x100
[ 2882.655912][ T4215]  ? kernel_clone+0x980/0x980
[ 2882.660618][ T4215]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2882.666544][ T4215]  do_syscall_64+0x39/0xb0
[ 2882.670988][ T4215]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2882.676913][ T4215] RIP: 0033:0x7f69a668d501
[ 2882.681347][ T4215] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2882.700969][ T4215] RSP: 002b:00007ffea4dd3058 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2882.709397][ T4215] RAX: ffffffffffffffda RBX: 00007f69a746c700 RCX: 00007f69a668d501
[ 2882.717388][ T4215] RDX: 00007f69a746c9d0 RSI: 00007f69a746c2f0 RDI: 00000000003d0f00
[ 2882.725373][ T4215] RBP: 00007ffea4dd32a0 R08: 00007f69a746c700 R09: 00007f69a746c700
[ 2882.733360][ T4215] R10: 00007f69a746c9d0 R11: 0000000000000206 R12: 00007ffea4dd310e
[ 2882.741347][ T4215] R13: 00007ffea4dd310f R14: 00007f69a746c300 R15: 0000000000022000
[ 2882.749354][ T4215]  </TASK>
[ 2882.755952][ T4215] memory: usage 307200kB, limit 307200kB, failcnt 16175
[ 2882.768653][ T4215] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2882.796120][ T4215] Memory cgroup stats for /syz1:
[ 2882.796363][ T4215] anon 147456
[ 2882.796363][ T4215] file 393216
[ 2882.796363][ T4215] kernel 314032128
[ 2882.796363][ T4215] kernel_stack 65536
[ 2882.796363][ T4215] pagetables 81920
[ 2882.796363][ T4215] sec_pagetables 0
[ 2882.796363][ T4215] percpu 5356416
[ 2882.796363][ T4215] sock 0
[ 2882.796363][ T4215] vmalloc 0
[ 2882.796363][ T4215] shmem 385024
[ 2882.796363][ T4215] zswap 0
[ 2882.796363][ T4215] zswapped 0
[ 2882.796363][ T4215] file_mapped 385024
[ 2882.796363][ T4215] file_dirty 0
[ 2882.796363][ T4215] file_writeback 0
[ 2882.796363][ T4215] swapcached 0
[ 2882.796363][ T4215] anon_thp 0
[ 2882.796363][ T4215] file_thp 0
[ 2882.796363][ T4215] shmem_thp 0
[ 2882.796363][ T4215] inactive_anon 192512
[ 2882.796363][ T4215] active_anon 339968
[ 2882.796363][ T4215] inactive_file 4096
[ 2882.796363][ T4215] active_file 4096
[ 2882.796363][ T4215] unevictable 0
[ 2882.796363][ T4215] slab_reclaimable 16512
[ 2882.796363][ T4215] slab_unreclaimable 308466424
[ 2882.882092][ T4203] device macvtap1345 entered promiscuous mode
[ 2882.894665][ T4215] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=4215,uid=0
[ 2882.915525][ T4215] Memory cgroup out of memory: Killed process 4215 (syz-executor.1) total-vm:54672kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
10:17:27 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0xb01}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2882.953954][ T4205] device bridge464 entered promiscuous mode
10:17:27 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0xa03}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2883.001760][ T4206] device macvtap490 entered promiscuous mode
[ 2883.036266][ T4207] device macvtap491 entered promiscuous mode
[ 2883.082277][ T4210] device bridge1805 entered promiscuous mode
[ 2883.139352][ T4211] device macvtap2195 entered promiscuous mode
[ 2883.191439][ T4213] device macvtap2196 entered promiscuous mode
10:17:27 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x12a668}, 0x0)

10:17:27 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4503}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

10:17:27 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0xa800, @local}]}, 0x48}}, 0x0)

[ 2883.443231][ T4220] __nla_validate_parse: 6 callbacks suppressed
[ 2883.443251][ T4220] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2883.481154][ T4220] device bridge553 entered promiscuous mode
[ 2883.533783][ T4221] device macvtap588 entered promiscuous mode
[ 2883.614635][ T4222] device macvtap589 entered promiscuous mode
10:17:27 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x502}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2883.691141][ T4224] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2883.744951][ T4235] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000
[ 2883.782011][ T4235] CPU: 0 PID: 4235 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2883.785764][ T4224] device bridge1346 entered promiscuous mode
[ 2883.792372][ T4235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2883.792391][ T4235] Call Trace:
[ 2883.792401][ T4235]  <TASK>
[ 2883.792412][ T4235]  dump_stack_lvl+0xd1/0x138
[ 2883.792457][ T4235]  dump_header+0x10b/0x85f
[ 2883.792491][ T4235]  oom_kill_process.cold+0x10/0x15
[ 2883.828825][ T4235]  out_of_memory+0x35c/0x14a0
[ 2883.833544][ T4235]  ? find_held_lock+0x2d/0x110
[ 2883.838351][ T4235]  ? oom_killer_disable+0x280/0x280
[ 2883.843587][ T4235]  ? find_held_lock+0x2d/0x110
[ 2883.848400][ T4235]  mem_cgroup_out_of_memory+0x206/0x270
[ 2883.853985][ T4235]  ? mem_cgroup_margin+0x130/0x130
[ 2883.859127][ T4235]  ? lock_downgrade+0x6e0/0x6e0
[ 2883.864042][ T4235]  try_charge_memcg+0xef8/0x12f0
[ 2883.869018][ T4235]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2883.875024][ T4235]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2883.880778][ T4235]  ? lock_downgrade+0x6e0/0x6e0
[ 2883.885668][ T4235]  ? lock_downgrade+0x6e0/0x6e0
[ 2883.890549][ T4235]  ? rcu_read_unlock+0x9/0x60
[ 2883.895254][ T4235]  obj_cgroup_charge+0x2af/0x5e0
[ 2883.900219][ T4235]  kmem_cache_alloc_node+0xa9/0x410
[ 2883.905441][ T4235]  ? copy_process+0x5c2/0x7190
[ 2883.910227][ T4235]  copy_process+0x5c2/0x7190
[ 2883.914837][ T4235]  ? find_held_lock+0x2d/0x110
[ 2883.919628][ T4235]  ? find_held_lock+0x2d/0x110
[ 2883.924421][ T4235]  ? __cleanup_sighand+0xb0/0xb0
[ 2883.929376][ T4235]  ? __handle_mm_fault+0x2d0f/0x3a40
[ 2883.934676][ T4235]  ? lock_downgrade+0x6e0/0x6e0
[ 2883.939555][ T4235]  ? folio_flags.constprop.0+0x53/0x150
[ 2883.945140][ T4235]  ? folio_add_lru+0x37b/0x680
[ 2883.949940][ T4235]  kernel_clone+0xeb/0x980
[ 2883.954376][ T4235]  ? create_io_thread+0xf0/0xf0
[ 2883.959257][ T4235]  ? find_held_lock+0x2d/0x110
[ 2883.964058][ T4235]  __do_sys_clone+0xba/0x100
[ 2883.968665][ T4235]  ? kernel_clone+0x980/0x980
[ 2883.973372][ T4235]  ? syscall_enter_from_user_mode+0x26/0xb0
[ 2883.979292][ T4235]  do_syscall_64+0x39/0xb0
[ 2883.983733][ T4235]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2883.989646][ T4235] RIP: 0033:0x7f69a668d501
[ 2883.994068][ T4235] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 2884.013687][ T4235] RSP: 002b:00007ffea4dd3058 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2884.022111][ T4235] RAX: ffffffffffffffda RBX: 00007f69a746c700 RCX: 00007f69a668d501
[ 2884.030090][ T4235] RDX: 00007f69a746c9d0 RSI: 00007f69a746c2f0 RDI: 00000000003d0f00
[ 2884.038068][ T4235] RBP: 00007ffea4dd32a0 R08: 00007f69a746c700 R09: 00007f69a746c700
[ 2884.046046][ T4235] R10: 00007f69a746c9d0 R11: 0000000000000206 R12: 00007ffea4dd310e
[ 2884.054026][ T4235] R13: 00007ffea4dd310f R14: 00007f69a746c300 R15: 0000000000022000
[ 2884.062023][ T4235]  </TASK>
[ 2884.069539][ T4235] memory: usage 307196kB, limit 307200kB, failcnt 16272
[ 2884.097519][ T4235] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2884.113470][ T4235] Memory cgroup stats for /syz1:
[ 2884.113695][ T4235] anon 147456
[ 2884.113695][ T4235] file 393216
[ 2884.113695][ T4235] kernel 314028032
[ 2884.113695][ T4235] kernel_stack 65536
[ 2884.113695][ T4235] pagetables 81920
[ 2884.113695][ T4235] sec_pagetables 0
[ 2884.113695][ T4235] percpu 5356416
[ 2884.113695][ T4235] sock 0
[ 2884.113695][ T4235] vmalloc 0
[ 2884.113695][ T4235] shmem 385024
[ 2884.113695][ T4235] zswap 0
[ 2884.113695][ T4235] zswapped 0
[ 2884.113695][ T4235] file_mapped 385024
[ 2884.113695][ T4235] file_dirty 0
[ 2884.113695][ T4235] file_writeback 0
[ 2884.113695][ T4235] swapcached 0
[ 2884.113695][ T4235] anon_thp 0
[ 2884.113695][ T4235] file_thp 0
[ 2884.113695][ T4235] shmem_thp 0
[ 2884.113695][ T4235] inactive_anon 192512
[ 2884.113695][ T4235] active_anon 339968
[ 2884.113695][ T4235] inactive_file 4096
[ 2884.113695][ T4235] active_file 4096
10:17:28 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4600}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2884.113695][ T4235] unevictable 0
[ 2884.113695][ T4235] slab_reclaimable 16512
[ 2884.113695][ T4235] slab_unreclaimable 308470328
[ 2884.222103][ T4225] device macvtap1346 entered promiscuous mode
[ 2884.239746][ T4235] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=4235,uid=0
[ 2884.261584][ T4227] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2884.263577][ T4235] Memory cgroup out of memory: Killed process 4235 (syz-executor.1) total-vm:54672kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2884.374127][ T4227] device bridge465 entered promiscuous mode
[ 2884.412802][ T4228] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2884.494504][ T4228] device macvtap1347 entered promiscuous mode
10:17:28 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x500}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2884.639375][ T4229] device macvtap492 entered promiscuous mode
[ 2884.688349][ T4230] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2884.755566][ T4230] device macvtap493 entered promiscuous mode
10:17:29 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x8}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2884.841910][ T4232] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2884.915960][ T4232] device bridge1806 entered promiscuous mode
[ 2885.076909][ T4233] device macvtap2196 entered promiscuous mode
[ 2885.152321][ T4234] device macvtap2197 entered promiscuous mode
[ 2885.243471][ T4236] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
10:17:29 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x12a669}, 0x0)

10:17:29 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0xa900, @local}]}, 0x48}}, 0x0)

[ 2885.458603][ T4238] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2885.546490][ T4238] device bridge554 entered promiscuous mode
[ 2885.659279][ T4239] device macvtap590 entered promiscuous mode
[ 2885.704480][ T4253] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2885.728920][ T4253] CPU: 0 PID: 4253 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2885.739298][ T4253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2885.749371][ T4253] Call Trace:
[ 2885.752666][ T4253]  <TASK>
[ 2885.755602][ T4253]  dump_stack_lvl+0xd1/0x138
[ 2885.760194][ T4253]  dump_header+0x10b/0x85f
[ 2885.764613][ T4253]  oom_kill_process.cold+0x10/0x15
[ 2885.769723][ T4253]  out_of_memory+0x35c/0x14a0
[ 2885.774412][ T4253]  ? find_held_lock+0x2d/0x110
[ 2885.779183][ T4253]  ? oom_killer_disable+0x280/0x280
[ 2885.784380][ T4253]  ? find_held_lock+0x2d/0x110
[ 2885.789178][ T4253]  mem_cgroup_out_of_memory+0x206/0x270
[ 2885.794762][ T4253]  ? mem_cgroup_margin+0x130/0x130
[ 2885.799903][ T4253]  ? lock_downgrade+0x6e0/0x6e0
[ 2885.804820][ T4253]  try_charge_memcg+0xef8/0x12f0
[ 2885.809808][ T4253]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2885.815835][ T4253]  ? rcu_read_unlock+0x9/0x60
[ 2885.820536][ T4253]  ? lock_downgrade+0x6e0/0x6e0
[ 2885.825449][ T4253]  charge_memcg+0x99/0x3b0
[ 2885.829907][ T4253]  __mem_cgroup_charge+0x2b/0x90
[ 2885.834880][ T4253]  ? _compound_head+0x5d/0x150
[ 2885.839685][ T4253]  __handle_mm_fault+0x17e7/0x3a40
[ 2885.844840][ T4253]  ? vm_iomap_memory+0x190/0x190
[ 2885.849840][ T4253]  handle_mm_fault+0x1cc/0x780
[ 2885.854638][ T4253]  do_user_addr_fault+0x475/0x1210
[ 2885.859785][ T4253]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2885.865371][ T4253]  exc_page_fault+0x98/0x170
[ 2885.869984][ T4253]  asm_exc_page_fault+0x26/0x30
[ 2885.874845][ T4253] RIP: 0033:0x7f69a662be6a
[ 2885.879253][ T4253] Code: 30 48 8b 34 24 48 85 f6 74 17 8b 44 24 18 0f c8 89 c0 48 89 44 24 18 48 83 fe 01 0f 85 a1 01 00 00 48 8b 44 24 10 8b 74 24 18 <89> 30 e9 d2 fc ff ff 48 8b 44 24 10 8b 10 48 8b 04 24 48 85 c0 0f
[ 2885.898865][ T4253] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
10:17:30 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x6}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2885.904956][ T4253] RAX: 0000000020000200 RBX: 0000000000000000 RCX: 0000000000000000
[ 2885.912937][ T4253] RDX: 1b013dd590c50c23 RSI: 0000000000000014 RDI: 00005555574b22e8
[ 2885.920897][ T4253] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2885.928857][ T4253] R10: 00007f69a62002a8 R11: 0000000000000246 R12: 00000000002c07f9
[ 2885.936816][ T4253] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2885.944816][ T4253]  </TASK>
[ 2886.008669][ T4243] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2886.069746][ T4243] device bridge1347 entered promiscuous mode
[ 2886.145494][ T4253] memory: usage 307200kB, limit 307200kB, failcnt 16421
[ 2886.157594][ T4253] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2886.174580][ T4244] device macvtap1347 entered promiscuous mode
[ 2886.177510][ T4253] Memory cgroup stats for /syz1:
[ 2886.181018][ T4253] anon 139264
[ 2886.181018][ T4253] file 393216
[ 2886.181018][ T4253] kernel 314040320
[ 2886.181018][ T4253] kernel_stack 65536
[ 2886.181018][ T4253] pagetables 81920
[ 2886.181018][ T4253] sec_pagetables 0
[ 2886.181018][ T4253] percpu 5356416
[ 2886.181018][ T4253] sock 0
[ 2886.181018][ T4253] vmalloc 0
[ 2886.181018][ T4253] shmem 385024
[ 2886.181018][ T4253] zswap 0
[ 2886.181018][ T4253] zswapped 0
[ 2886.181018][ T4253] file_mapped 385024
[ 2886.181018][ T4253] file_dirty 8192
[ 2886.181018][ T4253] file_writeback 0
[ 2886.181018][ T4253] swapcached 0
[ 2886.181018][ T4253] anon_thp 0
[ 2886.181018][ T4253] file_thp 0
[ 2886.181018][ T4253] shmem_thp 0
[ 2886.181018][ T4253] inactive_anon 184320
[ 2886.181018][ T4253] active_anon 339968
[ 2886.181018][ T4253] inactive_file 4096
[ 2886.181018][ T4253] active_file 4096
[ 2886.181018][ T4253] unevictable 0
[ 2886.181018][ T4253] slab_reclaimable 16512
[ 2886.181018][ T4253] slab_unreclaimable 308475640
[ 2886.216694][ T4245] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2886.286819][ T4253] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=4253,uid=0
[ 2886.303643][ T4253] Memory cgroup out of memory: Killed process 4253 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
10:17:30 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0xaa00, @local}]}, 0x48}}, 0x0)

[ 2886.363243][ T4245] device macvtap1348 entered promiscuous mode
10:17:30 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0x15, 0x1, @local}]}, 0x48}}, 0x0)

[ 2886.486496][ T4247] device bridge466 entered promiscuous mode
[ 2886.585768][ T4260] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 2886.632822][ T4248] device macvtap493 entered promiscuous mode
[ 2886.657419][ T4260] CPU: 1 PID: 4260 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2886.667798][ T4260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2886.677869][ T4260] Call Trace:
[ 2886.681154][ T4260]  <TASK>
[ 2886.684104][ T4260]  dump_stack_lvl+0xd1/0x138
[ 2886.688724][ T4260]  dump_header+0x10b/0x85f
[ 2886.693176][ T4260]  oom_kill_process.cold+0x10/0x15
[ 2886.698326][ T4260]  out_of_memory+0x35c/0x14a0
[ 2886.703049][ T4260]  ? find_held_lock+0x2d/0x110
[ 2886.707857][ T4260]  ? oom_killer_disable+0x280/0x280
[ 2886.713097][ T4260]  ? find_held_lock+0x2d/0x110
[ 2886.717898][ T4260]  mem_cgroup_out_of_memory+0x206/0x270
[ 2886.723476][ T4260]  ? mem_cgroup_margin+0x130/0x130
[ 2886.728616][ T4260]  ? lock_downgrade+0x6e0/0x6e0
[ 2886.733522][ T4260]  try_charge_memcg+0xef8/0x12f0
[ 2886.738501][ T4260]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2886.744529][ T4260]  ? rcu_read_unlock+0x9/0x60
[ 2886.749235][ T4260]  ? lock_downgrade+0x6e0/0x6e0
[ 2886.754142][ T4260]  charge_memcg+0x99/0x3b0
[ 2886.758597][ T4260]  __mem_cgroup_charge+0x2b/0x90
[ 2886.761930][ T4249] device macvtap494 entered promiscuous mode
[ 2886.763540][ T4260]  ? _compound_head+0x5d/0x150
[ 2886.774314][ T4260]  __handle_mm_fault+0x17e7/0x3a40
[ 2886.779468][ T4260]  ? vm_iomap_memory+0x190/0x190
[ 2886.784464][ T4260]  handle_mm_fault+0x1cc/0x780
[ 2886.789263][ T4260]  do_user_addr_fault+0x475/0x1210
[ 2886.794412][ T4260]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2886.800006][ T4260]  exc_page_fault+0x98/0x170
[ 2886.804640][ T4260]  asm_exc_page_fault+0x26/0x30
[ 2886.809532][ T4260] RIP: 0033:0x7f69a663b8df
[ 2886.813971][ T4260] Code: ff ff 4d 89 cd 48 85 c0 74 19 8b 95 44 ff ff ff 48 29 c6 48 01 c7 e8 10 09 05 00 85 c0 0f 85 0b 03 00 00 48 8b 85 48 ff ff ff <41> c7 45 18 01 00 00 00 4c 89 ef 49 89 85 90 06 00 00 48 8b 85 50
[ 2886.833605][ T4260] RSP: 002b:00007ffea4dd30b0 EFLAGS: 00010246
[ 2886.839701][ T4260] RAX: 00007f69a744c000 RBX: 0000000000021000 RCX: 00007f69a668c1e7
[ 2886.847699][ T4260] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f69a744d000
[ 2886.855696][ T4260] RBP: 00007ffea4dd3180 R08: 00000000ffffffff R09: 00007f69a746c700
[ 2886.863695][ T4260] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffea4dd32a0
[ 2886.871690][ T4260] R13: 00007f69a746c700 R14: 0000000000000000 R15: 0000000000022000
[ 2886.879709][ T4260]  </TASK>
10:17:31 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc, 0xf700}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

[ 2887.050586][ T4260] memory: usage 307200kB, limit 307200kB, failcnt 16503
[ 2887.058111][ T4260] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2887.065228][ T4260] Memory cgroup stats for /syz1:
[ 2887.065471][ T4260] anon 143360
[ 2887.065471][ T4260] file 393216
[ 2887.065471][ T4260] kernel 314036224
[ 2887.065471][ T4260] kernel_stack 65536
[ 2887.065471][ T4260] pagetables 81920
[ 2887.065471][ T4260] sec_pagetables 0
[ 2887.065471][ T4260] percpu 5356416
[ 2887.065471][ T4260] sock 0
[ 2887.065471][ T4260] vmalloc 0
[ 2887.065471][ T4260] shmem 385024
[ 2887.065471][ T4260] zswap 0
[ 2887.065471][ T4260] zswapped 0
[ 2887.065471][ T4260] file_mapped 385024
[ 2887.065471][ T4260] file_dirty 8192
[ 2887.065471][ T4260] file_writeback 0
[ 2887.065471][ T4260] swapcached 0
[ 2887.065471][ T4260] anon_thp 0
[ 2887.065471][ T4260] file_thp 0
[ 2887.065471][ T4260] shmem_thp 0
[ 2887.065471][ T4260] inactive_anon 188416
[ 2887.065471][ T4260] active_anon 339968
[ 2887.065471][ T4260] inactive_file 4096
[ 2887.065471][ T4260] active_file 4096
[ 2887.065471][ T4260] unevictable 0
[ 2887.065471][ T4260] slab_reclaimable 16512
[ 2887.065471][ T4260] slab_unreclaimable 308476488
[ 2887.213177][ T1210] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2887.223927][ T4260] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=4260,uid=0
[ 2887.297494][ T4260] Memory cgroup out of memory: Killed process 4260 (syz-executor.1) total-vm:54672kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[ 2887.297887][ T4272] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2887.326762][ T4272] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2887.336280][ T4272] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2887.347547][ T4272] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2887.356113][ T4272] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 2887.365084][ T4272] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2887.389630][ T4251] device bridge1807 entered promiscuous mode
[ 2887.496773][ T4252] device macvtap2197 entered promiscuous mode
[ 2887.612632][ T4254] device macvtap2198 entered promiscuous mode
10:17:31 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0xf1, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}, 0x1, 0x12a66a}, 0x0)

[ 2887.725592][ T4257] device bridge555 entered promiscuous mode
[ 2887.788190][ T4258] device macvtap591 entered promiscuous mode
[ 2887.833900][ T4259] device macvtap592 entered promiscuous mode
10:17:32 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc, 0xed00}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)

10:17:32 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={0x0, 0x54}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000010000104539300"/20, @ANYRES32=r2, @ANYBLOB="ddffffffffffffff140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010000104000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="43e1010000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r5, @ANYBLOB="0a000100aaaaaaaaaaaa"], 0x48}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x899ea, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc743}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0xab00, @local}]}, 0x48}}, 0x0)

[ 2888.085049][ T4264] device bridge1348 entered promiscuous mode
[ 2888.190106][ T4284] syz-executor.1 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[ 2888.200672][ T4265] device macvtap1348 entered promiscuous mode
[ 2888.207508][ T4284] CPU: 0 PID: 4284 Comm: syz-executor.1 Not tainted 6.1.0-rc8-syzkaller-00165-ge095493091e8 #0
[ 2888.218951][ T4284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 2888.229029][ T4284] Call Trace:
[ 2888.232329][ T4284]  <TASK>
[ 2888.235281][ T4284]  dump_stack_lvl+0xd1/0x138
[ 2888.239910][ T4284]  dump_header+0x10b/0x85f
[ 2888.244358][ T4284]  oom_kill_process.cold+0x10/0x15
[ 2888.249511][ T4284]  out_of_memory+0x35c/0x14a0
[ 2888.254236][ T4284]  ? find_held_lock+0x2d/0x110
[ 2888.259041][ T4284]  ? oom_killer_disable+0x280/0x280
[ 2888.264278][ T4284]  ? find_held_lock+0x2d/0x110
[ 2888.269082][ T4284]  mem_cgroup_out_of_memory+0x206/0x270
[ 2888.274649][ T4284]  ? mem_cgroup_margin+0x130/0x130
[ 2888.279772][ T4284]  ? lock_downgrade+0x6e0/0x6e0
[ 2888.284677][ T4284]  try_charge_memcg+0xef8/0x12f0
[ 2888.289643][ T4284]  ? mem_cgroup_handle_over_high+0x520/0x520
[ 2888.295643][ T4284]  ? get_mem_cgroup_from_objcg+0xa1/0x260
[ 2888.301377][ T4284]  ? lock_downgrade+0x6e0/0x6e0
[ 2888.306258][ T4284]  ? lock_downgrade+0x6e0/0x6e0
[ 2888.311150][ T4284]  __memcg_kmem_charge_page+0x16e/0x3b0
[ 2888.316725][ T4284]  __alloc_pages+0x1f3/0x5b0
[ 2888.321343][ T4284]  ? __alloc_pages_slowpath.constprop.0+0x23d0/0x23d0
[ 2888.328158][ T4284]  alloc_pages+0x1aa/0x270
[ 2888.332603][ T4284]  __pmd_alloc+0x3f/0x5d0
[ 2888.336954][ T4284]  __handle_mm_fault+0x8c8/0x3a40
[ 2888.342004][ T4284]  ? vm_iomap_memory+0x190/0x190
[ 2888.346982][ T4284]  handle_mm_fault+0x1cc/0x780
[ 2888.351767][ T4284]  do_user_addr_fault+0x475/0x1210
[ 2888.356908][ T4284]  ? rcu_read_lock_sched_held+0x3e/0x70
[ 2888.362481][ T4284]  exc_page_fault+0x98/0x170
[ 2888.367086][ T4284]  asm_exc_page_fault+0x26/0x30
[ 2888.372044][ T4284] RIP: 0033:0x7f69a662bd79
[ 2888.376478][ T4284] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 2888.396095][ T4284] RSP: 002b:00007ffea4dd3150 EFLAGS: 00010246
[ 2888.402176][ T4284] RAX: 0000000020001c40 RBX: 0000000000000000 RCX: 0000000000000000
[ 2888.410152][ T4284] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555574b22e8
[ 2888.418128][ T4284] RBP: 00007ffea4dd3248 R08: 0000000000000000 R09: 0000000000000000
[ 2888.426104][ T4284] R10: 00007f69a62000c8 R11: 0000000000000246 R12: 00000000002c11c8
[ 2888.434084][ T4284] R13: 00007ffea4dd3270 R14: 00007f69a67abf80 R15: 0000000000000032
[ 2888.442083][ T4284]  </TASK>
[ 2888.449026][ T4284] memory: usage 307200kB, limit 307200kB, failcnt 16626
[ 2888.456284][ T4284] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2888.463777][ T4284] Memory cgroup stats for /syz1:
[ 2888.464016][ T4284] anon 135168
[ 2888.464016][ T4284] file 393216
[ 2888.464016][ T4284] kernel 314028032
[ 2888.464016][ T4284] kernel_stack 65536
[ 2888.464016][ T4284] pagetables 73728
[ 2888.464016][ T4284] sec_pagetables 0
[ 2888.464016][ T4284] percpu 5356416
[ 2888.464016][ T4284] sock 0
[ 2888.464016][ T4284] vmalloc 0
[ 2888.464016][ T4284] shmem 385024
[ 2888.464016][ T4284] zswap 0
[ 2888.464016][ T4284] zswapped 0
[ 2888.464016][ T4284] file_mapped 385024
[ 2888.464016][ T4284] file_dirty 8192
[ 2888.464016][ T4284] file_writeback 0
[ 2888.464016][ T4284] swapcached 0
[ 2888.464016][ T4284] anon_thp 0
[ 2888.464016][ T4284] file_thp 0
[ 2888.464016][ T4284] shmem_thp 0
[ 2888.464016][ T4284] inactive_anon 180224
[ 2888.464016][ T4284] active_anon 339968
[ 2888.464016][ T4284] inactive_file 4096
[ 2888.464016][ T4284] active_file 4096
[ 2888.464016][ T4284] unevictable 0
[ 2888.464016][ T4284] slab_reclaimable 16512
[ 2888.464016][ T4284] slab_unreclaimable 308475544
[ 2888.508890][ T4266] device macvtap1349 entered promiscuous mode
[ 2888.561630][ T4284] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=4284,uid=0
[ 2888.581735][ T4284] Memory cgroup out of memory: Killed process 4284 (syz-executor.1) total-vm:54540kB, anon-rss:464kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000
[ 2888.634433][ T4268] __nla_validate_parse: 8 callbacks suppressed
[ 2888.634454][ T4268] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2888.683186][ T4268] device bridge467 entered promiscuous mode
[ 2888.731204][ T4269] device macvtap494 entered promiscuous mode
[ 2888.827599][ T1210] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2888.884385][ T4277] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2888.940356][ T4277] device bridge1808 entered promiscuous mode
[ 2889.041075][ T4278] device macvtap2198 entered promiscuous mode
[ 2889.130445][ T4279] device macvtap2199 entered promiscuous mode
[ 2889.228846][ T4281] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2889.284757][ T4281] device bridge556 entered promiscuous mode
[ 2889.357120][ T4282] device macvtap592 entered promiscuous mode
[ 2889.427492][ T4272] Bluetooth: hci1: command 0x0409 tx timeout
[ 2889.497558][ T1210] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2889.643773][ T1210] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2890.066161][ T4270] chnl_net:caif_netlink_parms(): no params data found
[ 2890.294904][ T4270] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2890.304745][ T4270] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2890.334424][ T4270] device bridge_slave_0 entered promiscuous mode
[ 2890.418454][ T4270] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2890.425572][ T4270] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2890.454378][ T4270] device bridge_slave_1 entered promiscuous mode
[ 2890.700711][ T4270] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2890.742591][ T4270] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2890.920962][ T4270] team0: Port device team_slave_0 added
[ 2891.006828][ T4270] team0: Port device team_slave_1 added
[ 2891.243406][ T4270] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2891.257380][ T4270] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2891.301446][ T4270] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2891.322026][ T4270] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2891.330938][ T4270] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2891.360213][ T4270] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2891.510135][ T4272] Bluetooth: hci1: command 0x041b tx timeout
[ 2891.584894][ T4270] device hsr_slave_0 entered promiscuous mode
[ 2891.619176][ T4270] device hsr_slave_1 entered promiscuous mode
[ 2891.630144][ T4270] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2891.637871][ T4270] Cannot create hsr debugfs directory
[ 2893.587680][ T4272] Bluetooth: hci1: command 0x040f tx timeout
[ 2895.667542][ T4272] Bluetooth: hci1: command 0x0419 tx timeout
[ 2897.321429][ T1210] device hsr_slave_0 left promiscuous mode
[ 2897.328588][ T1210] device hsr_slave_1 left promiscuous mode
[ 2897.335184][ T1210] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2897.344891][ T1210] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2897.356010][ T1243] ieee802154 phy0 wpan0: encryption failed: -22
[ 2897.356068][ T1243] ieee802154 phy1 wpan1: encryption failed: -22
[ 2897.393075][ T1210] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2897.402791][ T1210] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2897.418083][ T1210] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2897.426879][ T1210] device bridge_slave_0 left promiscuous mode
[ 2897.434947][ T1210] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2900.343029][ T1210] device veth0_to_batadv left promiscuous mode
[ 2900.372015][ T1210] device veth1_to_bond left promiscuous mode
[ 2900.378850][ T1210] device bridge_slave_1 left promiscuous mode
[ 2900.397189][ T1210] device veth1_macvtap left promiscuous mode
[ 2900.418246][ T1210] device veth0_macvtap left promiscuous mode
[ 2900.425487][ T1210] device veth1_vlan left promiscuous mode
[ 2900.448755][ T1210] device veth0_vlan left promiscuous mode
[ 2953.144050][ T3669] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 2953.154916][ T3669] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 2953.164759][ T3669] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 2953.187552][ T3669] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 2953.195082][ T3669] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[ 2953.202808][ T3669] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 2955.267720][ T4272] Bluetooth: hci6: command 0x0409 tx timeout
[ 2957.347596][ T4272] Bluetooth: hci6: command 0x041b tx timeout
[ 2958.803280][ T1243] ieee802154 phy0 wpan0: encryption failed: -22
[ 2958.809670][ T1243] ieee802154 phy1 wpan1: encryption failed: -22
[ 2959.428118][ T4272] Bluetooth: hci6: command 0x040f tx timeout
[ 2961.507714][ T4272] Bluetooth: hci6: command 0x0419 tx timeout
[ 3012.070211][ T3669] Bluetooth: hci1: command 0x0406 tx timeout
[ 3019.390476][ T3669] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 3019.400066][ T3669] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 3019.410186][ T3669] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 3019.418155][ T3669] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 3019.425751][ T3669] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[ 3019.433604][ T3669] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 3020.235024][ T1243] ieee802154 phy0 wpan0: encryption failed: -22
[ 3020.241446][ T1243] ieee802154 phy1 wpan1: encryption failed: -22
[ 3021.509895][ T3669] Bluetooth: hci7: command 0x0409 tx timeout
[ 3023.587546][ T4272] Bluetooth: hci7: command 0x041b tx timeout
[ 3025.677615][ T4272] Bluetooth: hci7: command 0x040f tx timeout
[ 3027.747530][ T4272] Bluetooth: hci7: command 0x0419 tx timeout