x40)
bind$802154_raw(r1, &(0x7f0000000000)={0x24, @none={0x0, 0xffff}}, 0x14)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)
pread64(r2, &(0x7f0000000540)=""/176, 0xb0, 0x69)
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r3, &(0x7f0000000680)=""/172, 0xac, 0x9)
syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
fstat(0xffffffffffffffff, &(0x7f0000000600))
r4 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r4, 0x2401, 0x0)
perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x40000}, 0xffffffffffffffff, 0x0, r4, 0x0)

05:50:00 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x10000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[  833.282566] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  833.284475] CPU: 1 UID: 0 PID: 7265 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  833.284508] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  833.284521] Call Trace:
[  833.284529]  <TASK>
[  833.284539]  dump_stack_lvl+0xfa/0x120
[  833.284571]  dump_header+0x107/0x950
[  833.284608]  oom_kill_process+0x278/0xa00
[  833.284644]  out_of_memory+0x34b/0x1690
[  833.284681]  ? _raw_spin_unlock_irqrestore+0x22/0x50
[  833.284718]  ? __pfx_out_of_memory+0x10/0x10
[  833.284760]  mem_cgroup_out_of_memory+0x164/0x190
[  833.284795]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  833.284846]  ? mark_held_locks+0x49/0x80
[  833.284878]  try_charge_memcg+0x81f/0xf30
[  833.284918]  ? __pfx_try_charge_memcg+0x10/0x10
[  833.284959]  charge_memcg+0x7b/0x290
[  833.284988]  __mem_cgroup_charge+0x28/0x90
[  833.285021]  do_wp_page+0x58c/0x3240
[  833.285061]  ? __pfx_do_wp_page+0x10/0x10
[  833.285091]  ? do_raw_spin_lock+0x123/0x260
[  833.285132]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  833.285161]  ? ___pte_offset_map+0x176/0x370
[  833.285193]  __handle_mm_fault+0xde1/0x3030
[  833.285222]  ? reacquire_held_locks+0xd1/0x200
[  833.285246]  ? lock_vma_under_rcu+0x11e/0x530
[  833.285285]  ? __pfx___handle_mm_fault+0x10/0x10
[  833.285318]  ? lock_vma_under_rcu+0x17b/0x530
[  833.285370]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  833.285416]  handle_mm_fault+0x2c3/0x900
[  833.285446]  ? access_error+0x17d/0x380
[  833.285478]  do_user_addr_fault+0x4fa/0xeb0
[  833.285513]  exc_page_fault+0xb0/0x180
[  833.285538]  asm_exc_page_fault+0x26/0x30
[  833.285562] RIP: 0033:0x7ff98baf5d30
[  833.285581] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[  833.285604] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[  833.285623] RAX: 000000000da4c98d RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[  833.285640] RDX: 0000001b2cf2007c RSI: ffffffff812c80c8 RDI: 0000000000000000
[  833.285655] RBP: 0000000000000001 R08: 000000000da4c98d R09: 0000001b2cf2001c
[  833.285670] R10: 000000000000098d R11: 000000000da4c991 R12: 0000000000000017
[  833.285685] R13: 00007ff98bc4f000 R14: ffffffff812c80c8 R15: 00007ff98bc5aff0
[  833.285702]  ? x86_task_fpu+0x58/0xa0
[  833.285736]  ? x86_task_fpu+0x58/0xa0
[  833.285766]  </TASK>
[  833.320081] memory: usage 307200kB, limit 307200kB, failcnt 1679
[  833.321077] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  833.322120] Memory cgroup stats for /syz0:
[  833.342658] anon 135168
[  833.344144] file 312950784
[  833.344678] kernel 1486848
[  833.345202] kernel_stack 65536
[  833.345707] pagetables 147456
[  833.346238] sec_pagetables 0
[  833.346717] percpu 64
[  833.347138] sock 0
[  833.347562] vmalloc 0
[  833.347983] shmem 312950784
[  833.348449] file_mapped 0
[  833.348907] file_dirty 0
[  833.349437] file_writeback 0
[  833.349976] swapcached 0
[  833.350458] inactive_anon 306540544
[  833.351094] active_anon 6545408
[  833.351711] inactive_file 0
[  833.352224] active_file 0
[  833.352708] unevictable 0
[  833.353242] slab_reclaimable 948656
[  833.353908] slab_unreclaimable 339648
[  833.354570] slab 1288304
[  833.355029] workingset_refault_anon 0
[  833.355616] workingset_refault_file 1
[  833.356267] workingset_activate_anon 0
[  833.356913] workingset_activate_file 0
[  833.357523] workingset_restore_anon 0
[  833.358153] workingset_restore_file 0
[  833.358743] workingset_nodereclaim 0
[  833.359350] pgdemote_kswapd 0
[  833.359906] pgdemote_direct 0
[  833.360413] pgdemote_khugepaged 0
[  833.360984] pgdemote_proactive 0
[  833.361602] pgscan 801
[  833.362120] pgsteal 9
[  833.362512] pswpin 0
[  833.362983] pswpout 0
[  833.363372] pgscan_kswapd 0
[  833.363930] pgscan_direct 801
[  833.364432] pgscan_khugepaged 0
[  833.364987] pgscan_proactive 0
[  833.365500] pgsteal_kswapd 0
[  833.366015] pgsteal_direct 9
[  833.366491] pgsteal_khugepaged 0
[  833.367053] pgsteal_proactive 0
[  833.367566] pgfault 86119
[  833.368024] pgmajfault 0
[  833.368477] pgrefill 768
[  833.368956] pgactivate 3833
[  833.369424] pgdeactivate 768
[  833.369934] pglazyfree 0
[  833.370357] pglazyfreed 0
[  833.370790] swpin_zero 0
[  833.371238] swpout_zero 0
[  833.371682] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7265,uid=0
[  833.374136] Memory cgroup out of memory: Killed process 7265 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
05:50:00 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x12010000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:50:00 executing program 3:
keyctl$search(0xa, 0x0, 0x0, 0x0, 0xffffffffffffffff)
add_key(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x0}, &(0x7f0000000100)="a794ec6f6bcfe24174b61d8e88b6eda5ef0ee6bf949101f3a12efc0d95bb345e8c3421398c87c0d3d78a24ca1d13676a488b112ad9118a04c259e69f2450ba850890b9c2a0cf57703b81d7254bed356da88281d67dc9e1ab97c8b0ef1e1aca2d6ed3704ea71f3191396db5e80c9ff4535da3a82df7f12ec92bf351b9d0516a67aa49df7c1aa0c1911ba3ecb14ab58a9cdd0d17acf4d321612e52e2d813a5d49c7a567ce68f9321ac9100f3fc31c98889fcb8dbeb263c83105b653d62405043b7ba1b991a277702d6a63d0f4cd9be202790a9daa91ef6", 0xd6, 0xfffffffffffffffb)
add_key$keyring(&(0x7f0000000200), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffff8)

05:50:00 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='timers\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)
r1 = getpid()
kcmp$KCMP_EPOLL_TFD(0x0, r1, 0x7, 0xffffffffffffffff, &(0x7f0000000180)={r0, 0xffffffffffffffff, 0x1})
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xc1, 0x81, 0x0, 0x14, 0x0, 0x3f, 0x83826, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={&(0x7f0000000100), 0x1}, 0x47000, 0x80000000, 0x0, 0x2, 0x4000000000004, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2}, r1, 0xf, 0xffffffffffffffff, 0x6)
setsockopt$inet_MCAST_LEAVE_GROUP(0xffffffffffffffff, 0x0, 0x2d, 0x0, 0x0)
ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f0000000080))
r2 = syz_open_procfs(0x0, &(0x7f0000000200)='map_files\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)
sendfile(r2, 0xffffffffffffffff, &(0x7f0000000140)=0xa2, 0x0)
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000002200), 0x44004, 0x0)
r4 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r4)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000002200), 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r6)
r7 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r7)

[  833.469237] 9p: Unknown access argument 18446744073709551615: -34
[  833.850742] audit: type=1326 audit(1755409801.198:102): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7259 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:50:12 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x1b300000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:50:12 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 45)

05:50:12 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x4f01, 0x0)

05:50:12 executing program 0:
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB="00000000000000102e2f66696c653000"])
getsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000040), &(0x7f0000000080)=0x4)
mlockall(0x2)
r1 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r2 = shmat(r1, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
shmdt(r2)
mlockall(0x2)

05:50:12 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x30000, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:50:12 executing program 5:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='net/llc/core\x00')
sendmsg$802154_raw(r0, &(0x7f0000000300)={&(0x7f0000000100), 0x14, &(0x7f00000002c0)={&(0x7f00000001c0)="171041b84b0557677ba256b44c26594e76a78704ce7ee9c4d22848b305f35814b28b9a79c47f9c836e3c23980a66728d84d222b792c3448653aa62c2fa8e64acabbaba4228bb538b0dbe53893e40006c36820186fe884ac1f0f485b5ee191c1a5ae3776e713b90d337ba695d7891ee9c913f362c795cae57e21a2dcc1017846a40c27ee2e5d6404e1180b442acd1fcf1fdcada99a00462377899dd911710e8363f7763a6d9302d560c4241b3fd4507f927d15ab2585a16344e2e8e3014bb6772ae9f69e9074cf59d75d5e6f6e3bbc46e23b04c338a681c243b33891a27ca948bed567fe3", 0xe4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000046)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
sendfile(r1, r0, &(0x7f00000003c0)=0x4, 0x40)
bind$802154_raw(r1, &(0x7f0000000000)={0x24, @none={0x0, 0xffff}}, 0x14)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)
pread64(r2, &(0x7f0000000540)=""/176, 0xb0, 0x69)
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r3, &(0x7f0000000680)=""/172, 0xac, 0x9)
syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
fstat(0xffffffffffffffff, &(0x7f0000000600))
r4 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r4, 0x2401, 0x0)

05:50:12 executing program 3:
r0 = perf_event_open(&(0x7f0000000340)={0x3, 0x80, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe(0x0)
fcntl$dupfd(r0, 0x49f3d43f9f2e6f70, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x22a69a4}, 0x0, 0x2, 0xffffffffffffffff, 0x0)
r1 = fork()
syz_open_procfs(r1, &(0x7f0000000040)='pagemap\x00')
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000540)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001980)={[{@gid}]})

05:50:12 executing program 1:
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000bc0)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c0000000000000000fd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172edcf090a5f0", 0xb0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
write(r0, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba308cfc4161e562abde3ac4f3d7e0a3584d4928100197f102307c05c0b4b4898b0591bc1433af443478979f28e6136ffb21aaeac2be5490475a08e96bb94fd9d9d3aa2f8a1e147a80ba9bfd04dac3f476ff128476c693ea71f7be47a508c98eddc479eb703d6f17cc5be2182f7c39b0a47eb23e0808b5d87dd2a9ce88eb48a601781c53677b642fa92a7b767d76e208d17a13940ff013466264e16a26d7f004dfb575a75317d1eded2d32cbd9c6789c474435873ebc769bfbf0a064e61b363a4c45bc4b5fc77b81c120bbd2ecf508e7485bfcf1facea6f5763bb13023aed4cd7ff200554cb5d3307dfc43e8fc49878f7ac27e2226a48d87471708d036d5448c20207731438839301058c114dce8bd59355705c1d94d99aa6a2a394a94ddd456c3b66ea43e84253bab73e0699ea6778861b1cf71ce86ffe512040a7c274b4e07", 0x2bf)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = getpgid(0x0)
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0xa0803, 0x0)
write$binfmt_script(r3, &(0x7f0000000240)=ANY=[@ANYBLOB="2321202e2f66696c6530207b2c2023276f5e2c2c2e202120202040257b2d207d2d202d022428292c205e2927277d40b826202b2d0ab5a6be7b0135a99f08ac27e0f849c78cc9a945ca6ae8b827903edf965c0ca2bee5dce73b0efbe31613c0f1ebbdf92e37d33f216b46f123b2ead86bd1e08e7234fb62f694571b7813e3292421ecde438732eac1021dbb216a7a7b65b97ea12d0681ab45592e0580583b48ff5e98f527f25f0a67ecc0274f20ef06cb1beef41377caf8c3e3a1113512139d163a4815f041cba9592bfe75b6dcbe184d7aacbd5e0c2bc6aae3b1ca3cc53c2b516346c2fcbbab2aaa9ecda5d53bf5c30210d51572bec29e16c3dc448e84f45da14de8f6dbd67cc3997b035e767fe96b7d96d02294ea7d6b30f3e3cfbdf72f434fefde072aa7fcc3c667e830e22ef79f6505d465e7d3"], 0xfc)
r4 = getpgrp(0x0)
kcmp(r2, r4, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
getpgrp(0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
socket$inet6_udp(0xa, 0x2, 0x0)
sendfile(r0, r1, 0x0, 0xfdef)

[  845.389039] 9p: Unknown access argument 18446744073709551615: -34
[  845.440290] audit: type=1326 audit(1755409812.787:103): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7310 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:50:12 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 46)

05:50:12 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x1d0f36a5, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[  845.528307] FAULT_INJECTION: forcing a failure.
[  845.528307] name failslab, interval 1, probability 0, space 0, times 0
[  845.530237] CPU: 1 UID: 0 PID: 7325 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  845.530268] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  845.530282] Call Trace:
[  845.530290]  <TASK>
[  845.530299]  dump_stack_lvl+0xfa/0x120
[  845.530330]  should_fail_ex+0x4d7/0x5e0
[  845.530372]  should_failslab+0xc2/0x120
[  845.530410]  __kmalloc_node_track_caller_noprof+0xb8/0x490
[  845.530446]  ? kasprintf+0xbe/0x100
[  845.530468]  ? lock_acquire+0x15e/0x2f0
[  845.530497]  kvasprintf+0xbd/0x160
[  845.530519]  ? __pfx_kvasprintf+0x10/0x10
[  845.530558]  kasprintf+0xbe/0x100
[  845.530580]  ? __pfx_kasprintf+0x10/0x10
[  845.530605]  ? kmem_cache_free+0x158/0x460
[  845.530636]  ? p9_req_put+0x1cc/0x240
[  845.530671]  ? p9_client_create+0xd52/0x11b0
[  845.530705]  p9_client_create+0xd73/0x11b0
[  845.530745]  ? __pfx_p9_client_create+0x10/0x10
[  845.530781]  ? kasan_save_track+0x14/0x30
[  845.530802]  ? __kasan_kmalloc+0x7f/0x90
[  845.530832]  ? trace_kmalloc+0x1f/0xb0
[  845.530856]  ? legacy_get_tree+0x109/0x220
[  845.530883]  ? vfs_get_tree+0x93/0x340
[  845.530911]  ? lockdep_init_map_type+0x4b/0x240
[  845.530937]  ? __raw_spin_lock_init+0x3a/0x110
[  845.530971]  v9fs_session_init+0x1df/0x17a0
[  845.530999]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  845.531042]  ? find_held_lock+0x2b/0x80
[  845.531073]  ? __create_object+0x59/0x80
[  845.531100]  ? __pfx_v9fs_session_init+0x10/0x10
[  845.531126]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  845.531161]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  845.531197]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  845.531232]  ? __create_object+0x59/0x80
[  845.531259]  ? trace_kmalloc+0x1f/0xb0
[  845.531280]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[  845.531307]  ? cred_has_capability.isra.0+0x1be/0x2c0
[  845.531353]  v9fs_mount+0xbc/0x9e0
[  845.531396]  ? __pfx_v9fs_mount+0x10/0x10
[  845.531430]  ? cap_capable+0xdb/0x3b0
[  845.531457]  ? __pfx_v9fs_mount+0x10/0x10
[  845.531489]  legacy_get_tree+0x109/0x220
[  845.531521]  vfs_get_tree+0x93/0x340
[  845.531549]  path_mount+0x122f/0x1db0
[  845.531585]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  845.531623]  ? __pfx_path_mount+0x10/0x10
[  845.531658]  ? kmem_cache_free+0x2a1/0x460
[  845.531689]  ? putname.part.0+0x11b/0x160
[  845.531714]  ? getname_flags.part.0+0x1c6/0x540
[  845.531744]  ? putname.part.0+0x11b/0x160
[  845.531773]  __x64_sys_mount+0x27b/0x300
[  845.531809]  ? __pfx___x64_sys_mount+0x10/0x10
[  845.531856]  do_syscall_64+0xbf/0x360
[  845.531885]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  845.531908] RIP: 0033:0x7fdbea32eb19
[  845.531926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  845.531947] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  845.531970] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[  845.531986] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[  845.532000] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[  845.532015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  845.532029] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[  845.532064]  </TASK>
[  845.596252] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  845.597748] CPU: 1 UID: 0 PID: 7309 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  845.597777] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  845.597788] Call Trace:
[  845.597797]  <TASK>
[  845.597806]  dump_stack_lvl+0xfa/0x120
[  845.597839]  dump_header+0x107/0x950
[  845.597874]  oom_kill_process+0x278/0xa00
[  845.597906]  out_of_memory+0x34b/0x1690
[  845.597944]  ? __pfx_out_of_memory+0x10/0x10
[  845.597997]  mem_cgroup_out_of_memory+0x164/0x190
[  845.598028]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  845.598068]  ? mark_held_locks+0x49/0x80
[  845.598097]  try_charge_memcg+0x81f/0xf30
[  845.598133]  ? __pfx_try_charge_memcg+0x10/0x10
[  845.598172]  charge_memcg+0x7b/0x290
[  845.598198]  __mem_cgroup_charge+0x28/0x90
[  845.598227]  do_wp_page+0x58c/0x3240
[  845.598266]  ? __pfx_do_wp_page+0x10/0x10
[  845.598292]  ? do_raw_spin_lock+0x123/0x260
[  845.598318]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  845.598344]  ? ___pte_offset_map+0x176/0x370
[  845.598374]  __handle_mm_fault+0xde1/0x3030
[  845.598400]  ? reacquire_held_locks+0xd1/0x200
[  845.598420]  ? lock_vma_under_rcu+0x11e/0x530
[  845.598457]  ? __pfx___handle_mm_fault+0x10/0x10
[  845.598485]  ? lock_vma_under_rcu+0x17b/0x530
[  845.598533]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  845.598587]  handle_mm_fault+0x2c3/0x900
[  845.598618]  ? access_error+0x17d/0x380
[  845.598647]  do_user_addr_fault+0x4fa/0xeb0
[  845.598679]  exc_page_fault+0xb0/0x180
[  845.598703]  asm_exc_page_fault+0x26/0x30
[  845.598723] RIP: 0033:0x7ff98baf5d30
[  845.598739] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[  845.598759] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[  845.598776] RAX: 00000000938a26c2 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[  845.598790] RDX: 0000001b2cf2003c RSI: ffffffff81bd7b88 RDI: 0000000000000000
[  845.598803] RBP: 0000000000000001 R08: 00000000938a26c2 R09: 0000001b2cf2001c
[  845.598816] R10: 00000000000006c2 R11: 00000000938a26c6 R12: 0000000000000007
[  845.598829] R13: 00007ff98bc4f000 R14: ffffffff81bd7b88 R15: 00007ff98bc5aff0
[  845.598844]  ? __fget_files+0x1d8/0x3b0
[  845.598882]  ? __fget_files+0x1d8/0x3b0
[  845.598914]  </TASK>
[  845.630069] memory: usage 307200kB, limit 307200kB, failcnt 1698
[  845.631072] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
05:50:12 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x80000, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:50:12 executing program 5:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='net/llc/core\x00')
sendmsg$802154_raw(r0, &(0x7f0000000300)={&(0x7f0000000100), 0x14, &(0x7f00000002c0)={&(0x7f00000001c0)="171041b84b0557677ba256b44c26594e76a78704ce7ee9c4d22848b305f35814b28b9a79c47f9c836e3c23980a66728d84d222b792c3448653aa62c2fa8e64acabbaba4228bb538b0dbe53893e40006c36820186fe884ac1f0f485b5ee191c1a5ae3776e713b90d337ba695d7891ee9c913f362c795cae57e21a2dcc1017846a40c27ee2e5d6404e1180b442acd1fcf1fdcada99a00462377899dd911710e8363f7763a6d9302d560c4241b3fd4507f927d15ab2585a16344e2e8e3014bb6772ae9f69e9074cf59d75d5e6f6e3bbc46e23b04c338a681c243b33891a27ca948bed567fe3", 0xe4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000046)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
sendfile(r1, r0, &(0x7f00000003c0)=0x4, 0x40)
bind$802154_raw(r1, &(0x7f0000000000)={0x24, @none={0x0, 0xffff}}, 0x14)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)
pread64(r2, &(0x7f0000000540)=""/176, 0xb0, 0x69)
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r3, &(0x7f0000000680)=""/172, 0xac, 0x9)
syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
fstat(0xffffffffffffffff, &(0x7f0000000600))
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[  845.632231] Memory cgroup stats for /syz0:
[  845.654299] anon 126976
[  845.655488] file 312950784
[  845.655914] kernel 1495040
[  845.656311] kernel_stack 65536
[  845.656738] pagetables 155648
[  845.657191] sec_pagetables 0
[  845.657600] percpu 64
[  845.657971] sock 0
[  845.658274] vmalloc 0
[  845.658607] shmem 312950784
[  845.659023] file_mapped 0
[  845.659412] file_dirty 0
[  845.659938] file_writeback 0
[  845.660354] swapcached 0
[  845.660712] inactive_anon 306532352
[  845.661218] active_anon 6545408
[  845.661656] inactive_file 0
[  845.662091] active_file 0
[  845.662462] unevictable 0
[  845.662856] slab_reclaimable 948656
[  845.663338] slab_unreclaimable 340032
[  845.663863] slab 1288688
[  845.664222] workingset_refault_anon 0
[  845.664718] workingset_refault_file 1
[  845.665240] workingset_activate_anon 0
[  845.665926] workingset_activate_file 0
[  845.666448] workingset_restore_anon 0
[  845.666974] workingset_restore_file 0
05:50:13 executing program 3:
getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), r0)

[  845.667485] workingset_nodereclaim 0
[  845.668133] pgdemote_kswapd 0
[  845.668555] pgdemote_direct 0
[  845.668997] pgdemote_khugepaged 0
[  845.669455] pgdemote_proactive 0
[  845.669927] pgscan 801
[  845.670281] pgsteal 9
[  845.670607] pswpin 0
[  845.670952] pswpout 0
[  845.671284] pgscan_kswapd 0
[  845.671686] pgscan_direct 801
[  845.672126] pgscan_khugepaged 0
[  845.672564] pgscan_proactive 0
[  845.673018] pgsteal_kswapd 0
[  845.673426] pgsteal_direct 9
[  845.673868] pgsteal_khugepaged 0
[  845.674329] pgsteal_proactive 0
[  845.674768] pgfault 86168
[  845.675165] pgmajfault 0
[  845.675524] pgrefill 768
[  845.675909] pgactivate 3833
[  845.676300] pgdeactivate 768
[  845.676708] pglazyfree 0
[  845.677098] pglazyfreed 0
[  845.677470] swpin_zero 0
[  845.677855] swpout_zero 0
[  845.678240] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7309,uid=0
[  845.680268] Memory cgroup out of memory: Killed process 7309 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35644kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
05:50:13 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 47)

05:50:13 executing program 0:
mlockall(0x2)
shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r0 = shmget$private(0x0, 0x5000, 0x0, &(0x7f0000ffb000/0x5000)=nil)
shmat(r0, &(0x7f0000ffb000/0x4000)=nil, 0x4000)
shmat(r0, &(0x7f0000ffe000/0x1000)=nil, 0x4000)
r1 = shmat(r0, &(0x7f000064b000/0x3000)=nil, 0x0)
shmdt(0x0)
shmdt(r1)

05:50:13 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x1000000, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[  845.897277] 9p: Unknown access argument 18446744073709551615: -34
[  845.991599] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  845.993346] CPU: 0 UID: 0 PID: 7338 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  845.993380] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  845.993394] Call Trace:
[  845.993404]  <TASK>
[  845.993414]  dump_stack_lvl+0xfa/0x120
[  845.993449]  dump_header+0x107/0x950
[  845.993489]  oom_kill_process+0x278/0xa00
[  845.993526]  out_of_memory+0x34b/0x1690
[  845.993565]  ? _raw_spin_unlock_irqrestore+0x22/0x50
[  845.993604]  ? __pfx_out_of_memory+0x10/0x10
[  845.993648]  mem_cgroup_out_of_memory+0x164/0x190
[  845.993685]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  845.993730]  ? mark_held_locks+0x49/0x80
[  845.993764]  try_charge_memcg+0x81f/0xf30
[  845.993810]  ? __pfx_try_charge_memcg+0x10/0x10
[  845.993860]  charge_memcg+0x7b/0x290
[  845.993890]  __mem_cgroup_charge+0x28/0x90
[  845.993923]  do_wp_page+0x58c/0x3240
[  845.993965]  ? __pfx_do_wp_page+0x10/0x10
[  845.994008]  ? do_raw_spin_lock+0x123/0x260
[  845.994038]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  845.994068]  ? ___pte_offset_map+0x176/0x370
[  845.994101]  __handle_mm_fault+0xde1/0x3030
[  845.994132]  ? reacquire_held_locks+0xd1/0x200
[  845.994156]  ? lock_vma_under_rcu+0x11e/0x530
[  845.994198]  ? __pfx___handle_mm_fault+0x10/0x10
[  845.994231]  ? lock_vma_under_rcu+0x17b/0x530
[  845.994285]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  845.994333]  handle_mm_fault+0x2c3/0x900
[  845.994364]  ? access_error+0x17d/0x380
[  845.994397]  do_user_addr_fault+0x4fa/0xeb0
[  845.994434]  exc_page_fault+0xb0/0x180
[  845.994460]  asm_exc_page_fault+0x26/0x30
[  845.994484] RIP: 0033:0x7ff98baf5d30
[  845.994503] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[  845.994526] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[  845.994547] RAX: 00000000d44b4167 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[  845.994563] RDX: 0000001b2cf20024 RSI: ffffffff819e8236 RDI: 0000000000000000
[  845.994578] RBP: 0000000000000001 R08: 00000000d44b4167 R09: 0000001b2cf2001c
[  845.994594] R10: 0000000000000167 R11: 00000000d44b416b R12: 0000000000000001
[  845.994608] R13: 00007ff98bc4f000 R14: ffffffff819e8236 R15: 00007ff98bc5aff0
[  845.994626]  ? __do_sys_mlockall+0x16/0x5c0
[  845.994672]  ? __do_sys_mlockall+0x16/0x5c0
[  845.994713]  </TASK>
[  846.028771] memory: usage 307200kB, limit 307200kB, failcnt 1735
[  846.029747] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  846.030728] Memory cgroup stats for /syz0:
[  846.030935] anon 86016
[  846.031995] file 312950784
[  846.032441] kernel 1441792
[  846.032919] kernel_stack 32768
[  846.033432] pagetables 131072
[  846.033972] sec_pagetables 0
[  846.034474] percpu 128
[  846.034926] sock 0
[  846.035276] vmalloc 0
[  846.035662] shmem 312950784
[  846.036145] file_mapped 0
[  846.036580] file_dirty 0
[  846.037036] file_writeback 0
[  846.037510] swapcached 0
[  846.037966] inactive_anon 306458624
[  846.038534] active_anon 6545408
[  846.039084] inactive_file 0
[  846.039539] active_file 0
[  846.040000] unevictable 0
[  846.040428] slab_reclaimable 950832
[  846.041014] slab_unreclaimable 343040
[  846.041594] slab 1293872
[  846.042049] workingset_refault_anon 0
[  846.042628] workingset_refault_file 1
[  846.043244] workingset_activate_anon 0
[  846.043874] workingset_activate_file 0
[  846.044471] workingset_restore_anon 0
[  846.045093] workingset_restore_file 0
[  846.045685] workingset_nodereclaim 0
[  846.046291] pgdemote_kswapd 0
[  846.046777] pgdemote_direct 0
[  846.047299] pgdemote_khugepaged 0
[  846.047867] pgdemote_proactive 0
[  846.048397] pgscan 801
[  846.048791] pgsteal 9
[  846.049201] pswpin 0
[  846.049571] pswpout 0
[  846.049990] pgscan_kswapd 0
[  846.050441] pgscan_direct 801
[  846.050956] pgscan_khugepaged 0
[  846.051462] pgscan_proactive 0
[  846.051986] pgsteal_kswapd 0
[  846.052450] pgsteal_direct 9
[  846.052944] pgsteal_khugepaged 0
[  846.053464] pgsteal_proactive 0
[  846.054017] pgfault 86198
[  846.054448] pgmajfault 0
[  846.054901] pgrefill 768
[  846.055326] pgactivate 3833
[  846.055773] pgdeactivate 768
[  846.056276] pglazyfree 0
[  846.056686] pglazyfreed 0
[  846.057144] swpin_zero 0
[  846.057564] swpout_zero 0
[  846.058030] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7338,uid=0
[  846.060258] Memory cgroup out of memory: Killed process 7338 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35468kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  846.258777] audit: type=1326 audit(1755409813.606:104): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7310 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:50:22 executing program 3:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreqn(r0, 0x0, 0x4, &(0x7f0000000580)={@empty, @dev}, 0xc)
r1 = syz_io_uring_complete(0x0)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @broadcast}, 0x10)
r2 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/diskstats\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_QGROUP_ASSIGN(r3, 0x40189429, &(0x7f0000000100)={0x0, 0x0, 0x7})
munmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000)
pkey_mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff)
fdatasync(r2)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000080), 0x1000)
mq_open(&(0x7f00000007c0)='+,*\x8c]\x00', 0x40, 0x12, &(0x7f0000000800)={0x5, 0x4, 0xa64a, 0x8001})

05:50:22 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x20000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:50:22 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x6a02, 0x0)

05:50:22 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2a, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000ce0000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b000000800000000800000052470000620100000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e32383839333038373500"/192, 0xc0, 0x400}, {&(0x7f0000010100)="0000000000000000000000001d72581da2224158b58973c82eb77a3b010000000c00000000000000d7f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="0100000000000500110000000000000000000000040000003c00000000000000", 0x20, 0x560}, {&(0x7f0000010300)="030000000400"/32, 0x20, 0x640}, {&(0x7f0000010400)="030000001300000023000000ce000f0003000400"/32, 0x20, 0x800}, {&(0x7f0000010500)="fffffffffcff0700000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009403090166696c652e636f6c64000000", 0x480, 0xc00}, {&(0x7f0000010a00)="0b0000000c0001022e00000002000000f40302022e2e00"/32, 0x20, 0x1400}, {&(0x7f0000010b00)="00000000000400"/32, 0x20, 0x1800}, {&(0x7f0000010c00)="00000000000400"/32, 0x20, 0x1c00}, {&(0x7f0000010d00)="00000000000400"/32, 0x20, 0x2000}, {&(0x7f0000010e00)="00000000000400"/32, 0x20, 0x2400}, {&(0x7f0000010f00)="00000000000400"/32, 0x20, 0x2800}, {&(0x7f0000011000)="00000000000400"/32, 0x20, 0x2c00}, {&(0x7f0000011100)="00000000000400"/32, 0x20, 0x3000}, {&(0x7f0000011200)="00000000000400"/32, 0x20, 0x3400}, {&(0x7f0000011300)="00000000000400"/32, 0x20, 0x3800}, {&(0x7f0000011400)="00000000000400"/32, 0x20, 0x3c00}, {&(0x7f0000011500)="00000000000400"/32, 0x20, 0x4000}, {&(0x7f0000011600)="504d4d00504d4dffd7f4655f00000000647679756b6f762d676c6170746f70320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006c6f6f7033300075782f746573742f73797a5f6d6f756e745f696d6167655f650500"/128, 0x80, 0x4400}, {&(0x7f0000011700)="111fc0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x4800}, {&(0x7f0000011800)="ffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0300"/1056, 0x420, 0x4c00}, {&(0x7f0000011d00)="0400"/32, 0x20, 0x5400}, {&(0x7f0000011e00)="0500"/32, 0x20, 0x5800}, {&(0x7f0000011f00)="00000000000000000100000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000007000"/96, 0x60, 0x5c00}, {&(0x7f0000012000)="0200"/32, 0x20, 0x6000}, {&(0x7f0000012100)="2719c0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x6400}, {&(0x7f0000012200)="0300"/32, 0x20, 0x6800}, {&(0x7f0000012300)="0400"/32, 0x20, 0x6c00}, {&(0x7f0000012400)="0500"/32, 0x20, 0x7000}, {&(0x7f0000012500)="00000000000000000100000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000007000"/96, 0x60, 0x7400}, {&(0x7f0000012600)="0200"/32, 0x20, 0x7800}, {&(0x7f0000012700)="0c0000000c0001022e000000020000000c0002022e2e00000d0000001000050166696c65300000000e000000d803050766696c653100"/64, 0x40, 0x7c00}, {&(0x7f0000012800)="000002ea0100000001000000270f240c000000000000000000000000000000000601f8030000000006000000779b539778617474723100000601f00300000000060000007498539778617474723200"/96, 0x60, 0x8000}, {&(0x7f0000012900)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xattr2\x00\x00xattr1\x00\x00', 0x20, 0x83e0}, {&(0x7f0000012a00)="0000000000000000d7f4655fd7f4655fd7f4655f00"/32, 0x20, 0x8c00}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f00000000000004000200000000000800050000000af301000400000000000000000000000100000004000000", 0x40, 0x8c80}, {&(0x7f0000012c00)="8081000000180000d7f4655fd7f4655fd7f4655f00000000000001000c00000010000800000000000af303000400000000000000000000000100000012000000010000000100000018000000020000000400000014000000000000000000000000000000000000000000000000000000000000000000000000000000000000008081000000180000d7f4655fd7f4655fd7f4655f00000000000001000c00000010000800000000000af30300040000000000000000000000010000001900000001000000010000001e00000002000000040000001a00"/224, 0xe0, 0x8d00}, {&(0x7f0000012d00)="c041000000300000d7f4655fd7f4655fd7f4655f00000000000002001800000000000800000000000af301000400000000000000000000000c00000005000000", 0x40, 0x9100}, {&(0x7f0000012e00)="ed41000000040000d7f4655fd7f4655fd7f4655f00000000000002000200000000000800030000000af30100040000000000000000000000010000001f0000000000000000000000000000000000000000000000000000000000000000000000000000008ea357f5000000000000000000000000000000000000000000000000ed8100001a040000d7f4655fd7f4655fd7f4655f00000000000001000400000000000800010000000af30100040000000000000000000000020000002700000000000000000000000000000000000000000000000000000000000000000000000000000074e121ec000000000000000000000000000000000000000000000000ffa1000026000000d7f4655fd7f4655fd7f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3238383933303837352f66696c65302f66696c653000000000000000000000000000000000000000000000e3b62488000000000000000000000000000000000000000000000000ed8100000a000000d7f4655fd7f4655fd7f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000029000000000000000000000000000000000000000000000000000000000000000000000000000000be68560c200000000000000000000000000000000000000000000000ed81000028230000d7f4655fd7f4655fd7f4655f00000000000002001200000000000800010000000af30100040000000000000000000000090000002a000000000000000000000000000000000000000000000000000000000000000000000000000000aa7d8da5000000000000000000000000000000000000000000000000ed81000064000000d7f4655fd7f4655fd7f4655f00000000000001000200000000000800010000000af3010004000000000000000000000001000000330000000000000000000000000000000000000000000000000000000000000000000000000000002b3d7d3c00"/768, 0x300, 0x9180}, {&(0x7f0000013100)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x9c00}, {&(0x7f0000013600)='syzkallers\x00'/32, 0x20, 0xa400}, {&(0x7f0000013700)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0xcc00}], 0x0, &(0x7f0000013800))
getdents(r0, &(0x7f0000000040)=""/32, 0x20)

05:50:22 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 48)

05:50:22 executing program 0:
mlockall(0x2)
mlockall(0x5)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
mlockall(0x0)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
mlockall(0x2)
shmdt(0x0)
shmdt(r1)

05:50:22 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x2000000, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:50:22 executing program 5:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='net/llc/core\x00')
sendmsg$802154_raw(r0, &(0x7f0000000300)={&(0x7f0000000100), 0x14, &(0x7f00000002c0)={&(0x7f00000001c0)="171041b84b0557677ba256b44c26594e76a78704ce7ee9c4d22848b305f35814b28b9a79c47f9c836e3c23980a66728d84d222b792c3448653aa62c2fa8e64acabbaba4228bb538b0dbe53893e40006c36820186fe884ac1f0f485b5ee191c1a5ae3776e713b90d337ba695d7891ee9c913f362c795cae57e21a2dcc1017846a40c27ee2e5d6404e1180b442acd1fcf1fdcada99a00462377899dd911710e8363f7763a6d9302d560c4241b3fd4507f927d15ab2585a16344e2e8e3014bb6772ae9f69e9074cf59d75d5e6f6e3bbc46e23b04c338a681c243b33891a27ca948bed567fe3", 0xe4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000046)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
sendfile(r1, r0, &(0x7f00000003c0)=0x4, 0x40)
bind$802154_raw(r1, &(0x7f0000000000)={0x24, @none={0x0, 0xffff}}, 0x14)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)
pread64(r2, &(0x7f0000000540)=""/176, 0xb0, 0x69)
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r3, &(0x7f0000000680)=""/172, 0xac, 0x9)
syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
fstat(0xffffffffffffffff, &(0x7f0000000600))

[  855.383054] FAULT_INJECTION: forcing a failure.
[  855.383054] name failslab, interval 1, probability 0, space 0, times 0
[  855.384182] CPU: 0 UID: 0 PID: 7348 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  855.384199] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  855.384207] Call Trace:
[  855.384213]  <TASK>
[  855.384219]  dump_stack_lvl+0xfa/0x120
[  855.384243]  should_fail_ex+0x4d7/0x5e0
[  855.384272]  should_failslab+0xc2/0x120
[  855.384295]  __kmalloc_node_track_caller_noprof+0xb8/0x490
[  855.384317]  ? kasprintf+0xbe/0x100
[  855.384331]  ? kstrdup_const+0x57/0x80
[  855.384348]  ? __pfx_kasprintf+0x10/0x10
[  855.384369]  kstrdup+0x3e/0xc0
[  855.384388]  kstrdup_const+0x57/0x80
[  855.384406]  __kmem_cache_create_args+0x179/0x360
[  855.384419]  ? p9_client_create+0xd52/0x11b0
[  855.384443]  p9_client_create+0xdfc/0x11b0
[  855.384474]  ? __pfx_p9_client_create+0x10/0x10
[  855.384507]  ? trace_kmalloc+0x1f/0xb0
[  855.384521]  ? legacy_get_tree+0x109/0x220
[  855.384537]  ? vfs_get_tree+0x93/0x340
[  855.384553]  ? lockdep_init_map_type+0x4b/0x240
[  855.384571]  ? __raw_spin_lock_init+0x3a/0x110
[  855.384596]  v9fs_session_init+0x1df/0x17a0
[  855.384613]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  855.384643]  ? find_held_lock+0x2b/0x80
[  855.384661]  ? __create_object+0x59/0x80
[  855.384679]  ? __pfx_v9fs_session_init+0x10/0x10
[  855.384692]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  855.384712]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  855.384733]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  855.384753]  ? __create_object+0x59/0x80
[  855.384771]  ? trace_kmalloc+0x1f/0xb0
[  855.384782]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[  855.384796]  ? cred_has_capability.isra.0+0x1be/0x2c0
[  855.384830]  v9fs_mount+0xbc/0x9e0
[  855.384850]  ? __pfx_v9fs_mount+0x10/0x10
[  855.384872]  ? cap_capable+0xdb/0x3b0
[  855.384892]  ? __pfx_v9fs_mount+0x10/0x10
[  855.384910]  legacy_get_tree+0x109/0x220
[  855.384932]  vfs_get_tree+0x93/0x340
[  855.384950]  path_mount+0x122f/0x1db0
[  855.384973]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  855.384996]  ? __pfx_path_mount+0x10/0x10
[  855.385017]  ? kmem_cache_free+0x2a1/0x460
[  855.385035]  ? putname.part.0+0x11b/0x160
[  855.385051]  ? getname_flags.part.0+0x1c6/0x540
[  855.385071]  ? putname.part.0+0x11b/0x160
[  855.385094]  __x64_sys_mount+0x27b/0x300
[  855.385115]  ? __pfx___x64_sys_mount+0x10/0x10
[  855.385152]  do_syscall_64+0xbf/0x360
[  855.385171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  855.385185] RIP: 0033:0x7fdbea32eb19
[  855.385195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  855.385207] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  855.385220] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[  855.385229] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[  855.385237] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[  855.385245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  855.385252] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[  855.385288]  </TASK>
[  855.408998] __kmem_cache_create_args(9p-fcall-cache-75) failed with error -12
[  855.409598] CPU: 0 UID: 0 PID: 7348 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  855.409614] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  855.409620] Call Trace:
[  855.409625]  <TASK>
[  855.409630]  dump_stack_lvl+0xfa/0x120
[  855.409647]  __kmem_cache_create_args+0x156/0x360
[  855.409659]  ? p9_client_create+0xd52/0x11b0
[  855.409681]  p9_client_create+0xdfc/0x11b0
[  855.409712]  ? __pfx_p9_client_create+0x10/0x10
[  855.409745]  ? trace_kmalloc+0x1f/0xb0
[  855.409759]  ? legacy_get_tree+0x109/0x220
[  855.409772]  ? vfs_get_tree+0x93/0x340
[  855.409787]  ? lockdep_init_map_type+0x4b/0x240
[  855.409804]  ? __raw_spin_lock_init+0x3a/0x110
[  855.409833]  v9fs_session_init+0x1df/0x17a0
[  855.409848]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  855.409876]  ? find_held_lock+0x2b/0x80
[  855.409893]  ? __create_object+0x59/0x80
[  855.409911]  ? __pfx_v9fs_session_init+0x10/0x10
[  855.409925]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  855.409944]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  855.409966]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  855.409987]  ? __create_object+0x59/0x80
[  855.410006]  ? trace_kmalloc+0x1f/0xb0
[  855.410017]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[  855.410032]  ? cred_has_capability.isra.0+0x1be/0x2c0
[  855.410061]  v9fs_mount+0xbc/0x9e0
[  855.410081]  ? __pfx_v9fs_mount+0x10/0x10
[  855.410104]  ? cap_capable+0xdb/0x3b0
[  855.410123]  ? __pfx_v9fs_mount+0x10/0x10
[  855.410141]  legacy_get_tree+0x109/0x220
[  855.410164]  vfs_get_tree+0x93/0x340
[  855.410183]  path_mount+0x122f/0x1db0
[  855.410205]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  855.410230]  ? __pfx_path_mount+0x10/0x10
[  855.410250]  ? kmem_cache_free+0x2a1/0x460
[  855.410269]  ? putname.part.0+0x11b/0x160
[  855.410284]  ? getname_flags.part.0+0x1c6/0x540
[  855.410306]  ? putname.part.0+0x11b/0x160
[  855.410329]  __x64_sys_mount+0x27b/0x300
[  855.410351]  ? __pfx___x64_sys_mount+0x10/0x10
[  855.410389]  do_syscall_64+0xbf/0x360
[  855.410408]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  855.410421] RIP: 0033:0x7fdbea32eb19
[  855.410431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  855.410444] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  855.410456] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[  855.410464] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[  855.410472] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[  855.410481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  855.410488] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[  855.410525]  </TASK>
05:50:22 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x20100000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[  855.476980] audit: type=1326 audit(1755409822.822:105): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7357 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
[  855.489808] 9p: Unknown access argument 18446744073709551615: -34
05:50:22 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 49)

05:50:22 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f0000000040)=""/112)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x1a)

[  855.561274] 9p: Unknown access argument 18446744073709551615: -34
05:50:22 executing program 5:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='net/llc/core\x00')
sendmsg$802154_raw(r0, &(0x7f0000000300)={&(0x7f0000000100), 0x14, &(0x7f00000002c0)={&(0x7f00000001c0)="171041b84b0557677ba256b44c26594e76a78704ce7ee9c4d22848b305f35814b28b9a79c47f9c836e3c23980a66728d84d222b792c3448653aa62c2fa8e64acabbaba4228bb538b0dbe53893e40006c36820186fe884ac1f0f485b5ee191c1a5ae3776e713b90d337ba695d7891ee9c913f362c795cae57e21a2dcc1017846a40c27ee2e5d6404e1180b442acd1fcf1fdcada99a00462377899dd911710e8363f7763a6d9302d560c4241b3fd4507f927d15ab2585a16344e2e8e3014bb6772ae9f69e9074cf59d75d5e6f6e3bbc46e23b04c338a681c243b33891a27ca948bed567fe3", 0xe4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000046)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
sendfile(r1, r0, &(0x7f00000003c0)=0x4, 0x40)
bind$802154_raw(r1, &(0x7f0000000000)={0x24, @none={0x0, 0xffff}}, 0x14)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)
pread64(r2, &(0x7f0000000540)=""/176, 0xb0, 0x69)
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r3, &(0x7f0000000680)=""/172, 0xac, 0x9)
syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')

05:50:22 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x3000000, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:50:22 executing program 3:
r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20f716d5165f8ee6}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="24000001", @ANYRES16=r0, @ANYBLOB="000125bd7000fedbdf250b000000080001007063690011000200303030303a30303a31302e300000000008000b0007000000"], 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x4)
ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, &(0x7f0000000140)={<r1=>0x0, 0x7, 0x4})
ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000001540)={r1, "0a8113cc61e7e76feb18e23a49381b6d"})
r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r2, &(0x7f0000001500)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000001400)="a46d3e", 0x3}}, 0x0)

[  855.612233] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  855.613809] CPU: 1 UID: 0 PID: 7354 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  855.613847] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  855.613861] Call Trace:
[  855.613870]  <TASK>
[  855.613879]  dump_stack_lvl+0xfa/0x120
[  855.613911]  dump_header+0x107/0x950
[  855.613949]  oom_kill_process+0x278/0xa00
[  855.613984]  out_of_memory+0x34b/0x1690
[  855.614023]  ? __pfx_out_of_memory+0x10/0x10
[  855.614066]  mem_cgroup_out_of_memory+0x164/0x190
[  855.614102]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  855.614145]  ? mark_held_locks+0x49/0x80
[  855.614177]  try_charge_memcg+0x81f/0xf30
[  855.614216]  ? __pfx_try_charge_memcg+0x10/0x10
[  855.614257]  charge_memcg+0x7b/0x290
[  855.614286]  __mem_cgroup_charge+0x28/0x90
[  855.614318]  do_wp_page+0x58c/0x3240
[  855.614358]  ? __pfx_do_wp_page+0x10/0x10
[  855.614388]  ? do_raw_spin_lock+0x123/0x260
[  855.614417]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  855.614446]  ? ___pte_offset_map+0x176/0x370
[  855.614478]  __handle_mm_fault+0xde1/0x3030
[  855.614507]  ? reacquire_held_locks+0xd1/0x200
[  855.614530]  ? lock_vma_under_rcu+0x11e/0x530
[  855.614571]  ? __pfx___handle_mm_fault+0x10/0x10
[  855.614603]  ? lock_vma_under_rcu+0x17b/0x530
[  855.614666]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  855.614713]  handle_mm_fault+0x2c3/0x900
[  855.614743]  ? access_error+0x17d/0x380
[  855.614775]  do_user_addr_fault+0x4fa/0xeb0
[  855.614810]  exc_page_fault+0xb0/0x180
[  855.614837]  asm_exc_page_fault+0x26/0x30
[  855.614861] RIP: 0033:0x7ff98baf5d30
[  855.614879] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[  855.614902] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[  855.614922] RAX: 000000000da4c98d RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[  855.614938] RDX: 0000001b2cf2007c RSI: ffffffff812c80c8 RDI: 0000000000000000
[  855.614953] RBP: 0000000000000001 R08: 000000000da4c98d R09: 0000001b2cf2001c
[  855.614969] R10: 000000000000098d R11: 000000000da4c991 R12: 0000000000000017
[  855.614983] R13: 00007ff98bc4f000 R14: ffffffff812c80c8 R15: 00007ff98bc5aff0
[  855.615000]  ? x86_task_fpu+0x58/0xa0
[  855.615036]  ? x86_task_fpu+0x58/0xa0
[  855.615066]  </TASK>
[  855.647803] memory: usage 307200kB, limit 307200kB, failcnt 1760
[  855.649144] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  855.650144] Memory cgroup stats for /syz0:
[  855.651388] ieee802154 phy0 wpan0: encryption failed: -22
[  855.665479] anon 135168
[  855.666130] file 312950784
[  855.666613] kernel 1486848
[  855.667123] kernel_stack 65536
[  855.667626] pagetables 147456
[  855.668145] sec_pagetables 0
[  855.668649] percpu 64
[  855.669078] sock 0
[  855.669432] vmalloc 0
[  855.669816] shmem 312950784
[  855.670324] file_mapped 0
[  855.670776] file_dirty 0
[  855.671305] file_writeback 0
[  855.671791] swapcached 0
[  855.672252] inactive_anon 306540544
[  855.672812] active_anon 6545408
[  855.673369] inactive_file 0
[  855.673859] active_file 0
[  855.674294] unevictable 0
[  855.674735] slab_reclaimable 948656
[  855.675329] slab_unreclaimable 339648
[  855.675952] slab 1288304
[  855.676374] workingset_refault_anon 0
[  855.676992] workingset_refault_file 1
[  855.677584] workingset_activate_anon 0
[  855.678222] workingset_activate_file 0
[  855.678885] workingset_restore_anon 0
[  855.679470] workingset_restore_file 0
[  855.680088] workingset_nodereclaim 0
[  855.680661] pgdemote_kswapd 0
[  855.681177] pgdemote_direct 0
[  855.681666] pgdemote_khugepaged 0
[  855.682238] pgdemote_proactive 0
[  855.682772] pgscan 801
[  855.683205] pgsteal 9
[  855.683592] pswpin 0
[  855.684003] pswpout 0
[  855.684396] pgscan_kswapd 0
[  855.684884] pgscan_direct 801
[  855.685379] pgscan_khugepaged 0
[  855.685930] pgscan_proactive 0
[  855.686435] pgsteal_kswapd 0
[  855.686966] pgsteal_direct 9
[  855.687443] pgsteal_khugepaged 0
[  855.688001] pgsteal_proactive 0
[  855.688511] pgfault 86262
[  855.688987] pgmajfault 0
[  855.689414] pgrefill 768
[  855.689870] pgactivate 3833
[  855.690326] pgdeactivate 768
[  855.690810] pglazyfree 0
[  855.691281] pglazyfreed 0
[  855.691711] swpin_zero 0
[  855.692170] swpout_zero 0
[  855.692610] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7354,uid=0
[  855.694902] Memory cgroup out of memory: Killed process 7354 (syz-executor.0) total-vm:93420kB, anon-rss:276kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  856.306731] audit: type=1326 audit(1755409823.654:106): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7357 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
[  857.619395] kworker/u10:4 (342) used greatest stack depth: 23360 bytes left
05:50:33 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x22070000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:50:33 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 50)

05:50:33 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x100000, 0x2a, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000800100000f000000000000000100000005000000000004000040000020000000d3f4655fd3f4655f0100ffff53ef010001000000d3f4655f000000000000000001000000000000000b0000000004000008000000d2c20100120300000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e32373131373433303500"/192, 0xc0, 0x400}, {&(0x7f0000010100)="00000000000000000000000079d64a30b19941939d5c6a24092e8c9a010040000c00000000000000d3f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000000000000000000000000000000040000004400000000000000", 0x40, 0x540}, {&(0x7f0000010300)="0300000004000000000000000000000000000000010400"/32, 0x20, 0x640}, {&(0x7f0000010400)="02000000030000000400000018000f000300040000000000000000000f00c2b4", 0x20, 0x800}, {&(0x7f0000010500)="ff000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000d3f4655fd3f4655fd3f4655f00"/4128, 0x1020, 0x1000}, {&(0x7f0000011600)="ed41000000080000d3f4655fd3f4655fd3f4655f00000000000004004000000000000800050000000af301000400000000000000000000000100000020000000", 0x40, 0x2400}, {&(0x7f0000011700)="200000004c7ddc8f4c7ddc8f00000000d3f4655f00"/32, 0x20, 0x2480}, {&(0x7f0000011800)="8081000000180000d3f4655fd3f4655fd3f4655f00000000000001004000000010000800000000000af301000400000000000000000000000300000040000000", 0x40, 0x2800}, {&(0x7f0000011900)="20000000000000000000000000000000d3f4655f00"/32, 0x20, 0x2880}, {&(0x7f0000011a00)="8081000000180000d3f4655fd3f4655fd3f4655f00000000000001004000000010000800000000000af301000400000000000000000000000300000050000000", 0x40, 0x2c00}, {&(0x7f0000011b00)="20000000000000000000000000000000d3f4655f00"/32, 0x20, 0x2c80}, {&(0x7f0000011c00)="c041000000380000d3f4655fd3f4655fd3f4655f00000000000002004000000000000800000000000af301000400000000000000000000000700000030000000", 0x40, 0x4800}, {&(0x7f0000011d00)="20000000000000000000000000000000d3f4655f000000000000000000000000000002ea00"/64, 0x40, 0x4880}, {&(0x7f0000011e00)="ed4100003c000000d3f4655fd3f4655fd3f4655f0000000000000200000000000000001003000000020000000d0000001000050166696c65300000000e0000002800050766696c6531000000000000000000000000000000000000000000000000000000b65c7bf3000000000000000000000000000000000000000000000000200000004c7ddc8f4c7ddc8f4c7ddc8fd3f4655f4c7ddc8f0000000000000000000002ea04070000000000000000000000000000646174610000000000000000", 0xc0, 0x4c00}, {&(0x7f0000011f00)="ed8100001a040000d3f4655fd3f4655fd3f4655f00000000000001004000000000000800010000000af3010004000000000000000000000001000000600000000000000000000000000000000000000000000000000000000000000000000000000000005a0e0125000000000000000000000000000000000000000000000000200000004c7ddc8f4c7ddc8f4c7ddc8fd3f4655f4c7ddc8f0000000000000000", 0xa0, 0x5000}, {&(0x7f0000012000)="ffa1000026000000d3f4655fd3f4655fd3f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3237313137343330352f66696c65302f66696c653000000000000000000000000000000000000000000000b8e8b49f000000000000000000000000000000000000000000000000200000004c7ddc8f4c7ddc8f4c7ddc8fd3f4655f4c7ddc8f0000000000000000", 0xa0, 0x5400}, {&(0x7f0000012100)="ed8100000a000000d3f4655fd3f4655fd3f4655f000000000000010000000000000000100100000073797a6b616c6c65727300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008b63b3ec000000000000000000000000000000000000000000000000200000004c7ddc8f4c7ddc8f4c7ddc8fd3f4655f4c7ddc8f0000000000000000000002ea040700000000000000000000000000006461746106015403000000000600000000000000786174747231000006014c0300000000060000000000000078617474723200"/256, 0x100, 0x5800}, {&(0x7f0000012200)="0000000000000000000000000000000078617474723200007861747472310000ed81000028230000d3f4655fd3f4655fd3f4655f00000000000002004000000000000800010000000af30100040000000000000000000000050000007000000000000000000000000000000000000000000000000000000000000000000000000000000044cd9848000000000000000000000000000000000000000000000000200000004c7ddc8f4c7ddc8f4c7ddc8fd3f4655f4c7ddc8f0000000000000000", 0xc0, 0x5be0}, {&(0x7f0000012300)="ed81000064000000d3f4655fd3f4655fd3f4655f000000000000010000000000000000100100000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c4794644c000000000000000000000000000000000000000000000000200000004c7ddc8f4c7ddc8f4c7ddc8fd3f4655f4c7ddc8f0000000000000000000002ea04073403000000002800000000000000646174610000000000000000", 0xc0, 0x6000}, {&(0x7f0000012400)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00lersyzkallersyzkallersyzkallersyzkallers', 0x40, 0x63c0}, {&(0x7f0000012500)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009407090166696c652e636f6c64000000", 0x80, 0x10000}, {&(0x7f0000012600)="0b0000000c0001022e000000020000000c0002022e2e000000000000e8070000", 0x20, 0x18000}, {&(0x7f0000012700)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x18800}, {&(0x7f0000012800)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x19000}, {&(0x7f0000012900)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x19800}, {&(0x7f0000012a00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x1a000}, {&(0x7f0000012b00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x1a800}, {&(0x7f0000012c00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x1b000}, {&(0x7f0000012d00)="111fc0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x20000}, {&(0x7f0000012e00)="0200"/32, 0x20, 0x20400}, {&(0x7f0000012f00)="0300"/32, 0x20, 0x20800}, {&(0x7f0000013000)="0400"/32, 0x20, 0x20c00}, {&(0x7f0000013100)="0500"/32, 0x20, 0x21000}, {&(0x7f0000013200)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000200"/96, 0x60, 0x21400}, {&(0x7f0000013300)="2719c0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x28000}, {&(0x7f0000013400)="0200"/32, 0x20, 0x28400}, {&(0x7f0000013500)="0300"/32, 0x20, 0x28800}, {&(0x7f0000013600)="0400"/32, 0x20, 0x28c00}, {&(0x7f0000013700)="0500"/32, 0x20, 0x29000}, {&(0x7f0000013800)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000200"/96, 0x60, 0x29400}, {&(0x7f0000013900)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x30000}], 0x0, &(0x7f0000013e00))
open$dir(&(0x7f0000000040)='./file0\x00', 0x101001, 0x44)

05:50:33 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = pidfd_open(0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
dup2(r0, r1)
r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x12, r2, 0x0)
syz_memcpy_off$IO_URING_METADATA_FLAGS(r3, 0x0, &(0x7f0000000100), 0x0, 0x4)
ptrace(0x10, 0x0)
ptrace(0x8, 0x0)
splice(0xffffffffffffffff, &(0x7f0000000080)=0x2296, 0xffffffffffffffff, &(0x7f0000000100)=0xcc1f, 0x0, 0x5)
fork()

05:50:33 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x4000000, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:50:33 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
mlockall(0x5)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
mlockall(0x1)
shmdt(r1)
mremap(&(0x7f0000f02000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f000068b000/0x2000)=nil)

05:50:33 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x7401, 0x0)

05:50:33 executing program 5:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='net/llc/core\x00')
sendmsg$802154_raw(r0, &(0x7f0000000300)={&(0x7f0000000100), 0x14, &(0x7f00000002c0)={&(0x7f00000001c0)="171041b84b0557677ba256b44c26594e76a78704ce7ee9c4d22848b305f35814b28b9a79c47f9c836e3c23980a66728d84d222b792c3448653aa62c2fa8e64acabbaba4228bb538b0dbe53893e40006c36820186fe884ac1f0f485b5ee191c1a5ae3776e713b90d337ba695d7891ee9c913f362c795cae57e21a2dcc1017846a40c27ee2e5d6404e1180b442acd1fcf1fdcada99a00462377899dd911710e8363f7763a6d9302d560c4241b3fd4507f927d15ab2585a16344e2e8e3014bb6772ae9f69e9074cf59d75d5e6f6e3bbc46e23b04c338a681c243b33891a27ca948bed567fe3", 0xe4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000046)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
sendfile(r1, r0, &(0x7f00000003c0)=0x4, 0x40)
bind$802154_raw(r1, &(0x7f0000000000)={0x24, @none={0x0, 0xffff}}, 0x14)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)
pread64(r2, &(0x7f0000000540)=""/176, 0xb0, 0x69)
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r3, &(0x7f0000000680)=""/172, 0xac, 0x9)

05:50:33 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x23070000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:50:33 executing program 5:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='net/llc/core\x00')
sendmsg$802154_raw(r0, &(0x7f0000000300)={&(0x7f0000000100), 0x14, &(0x7f00000002c0)={&(0x7f00000001c0)="171041b84b0557677ba256b44c26594e76a78704ce7ee9c4d22848b305f35814b28b9a79c47f9c836e3c23980a66728d84d222b792c3448653aa62c2fa8e64acabbaba4228bb538b0dbe53893e40006c36820186fe884ac1f0f485b5ee191c1a5ae3776e713b90d337ba695d7891ee9c913f362c795cae57e21a2dcc1017846a40c27ee2e5d6404e1180b442acd1fcf1fdcada99a00462377899dd911710e8363f7763a6d9302d560c4241b3fd4507f927d15ab2585a16344e2e8e3014bb6772ae9f69e9074cf59d75d5e6f6e3bbc46e23b04c338a681c243b33891a27ca948bed567fe3", 0xe4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000046)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
sendfile(r1, r0, &(0x7f00000003c0)=0x4, 0x40)
bind$802154_raw(r1, &(0x7f0000000000)={0x24, @none={0x0, 0xffff}}, 0x14)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)
pread64(r2, &(0x7f0000000540)=""/176, 0xb0, 0x69)
syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')

[  865.907230] audit: type=1326 audit(1755409833.245:107): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7385 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:50:33 executing program 3:
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)
r1 = openat(r0, &(0x7f0000000100)='./file1\x00', 0x402080, 0x1bf)
write$binfmt_script(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="2321201473446509"], 0xc)
close(r1)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0)

05:50:33 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x5000000, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[  865.980072] 9p: Unknown access argument 18446744073709551615: -34
05:50:33 executing program 5:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='net/llc/core\x00')
sendmsg$802154_raw(r0, &(0x7f0000000300)={&(0x7f0000000100), 0x14, &(0x7f00000002c0)={&(0x7f00000001c0)="171041b84b0557677ba256b44c26594e76a78704ce7ee9c4d22848b305f35814b28b9a79c47f9c836e3c23980a66728d84d222b792c3448653aa62c2fa8e64acabbaba4228bb538b0dbe53893e40006c36820186fe884ac1f0f485b5ee191c1a5ae3776e713b90d337ba695d7891ee9c913f362c795cae57e21a2dcc1017846a40c27ee2e5d6404e1180b442acd1fcf1fdcada99a00462377899dd911710e8363f7763a6d9302d560c4241b3fd4507f927d15ab2585a16344e2e8e3014bb6772ae9f69e9074cf59d75d5e6f6e3bbc46e23b04c338a681c243b33891a27ca948bed567fe3", 0xe4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000046)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
sendfile(r1, r0, &(0x7f00000003c0)=0x4, 0x40)
bind$802154_raw(r1, &(0x7f0000000000)={0x24, @none={0x0, 0xffff}}, 0x14)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)
pread64(r2, &(0x7f0000000540)=""/176, 0xb0, 0x69)

[  865.998819] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.000374] blk_print_req_error: 14 callbacks suppressed
[  866.000389] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  866.001519] buffer_io_error: 22 callbacks suppressed
[  866.001527] Buffer I/O error on dev sr0, logical block 0, async page read
[  866.016429] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.016928] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  866.017611] Buffer I/O error on dev sr0, logical block 1, async page read
[  866.027371] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.027858] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  866.028546] Buffer I/O error on dev sr0, logical block 2, async page read
[  866.032149] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.033202] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  866.035028] Buffer I/O error on dev sr0, logical block 3, async page read
05:50:33 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x24070000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[  866.046268] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.046763] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  866.047478] Buffer I/O error on dev sr0, logical block 4, async page read
[  866.049960] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.050414] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  866.051116] Buffer I/O error on dev sr0, logical block 5, async page read
[  866.060489] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  866.062038] CPU: 0 UID: 0 PID: 7393 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  866.062070] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  866.062085] Call Trace:
[  866.062094]  <TASK>
[  866.062105]  dump_stack_lvl+0xfa/0x120
[  866.062138]  dump_header+0x107/0x950
[  866.062164] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.062177]  oom_kill_process+0x278/0xa00
[  866.062214]  out_of_memory+0x34b/0x1690
[  866.062255]  ? __pfx_out_of_memory+0x10/0x10
[  866.062300]  mem_cgroup_out_of_memory+0x164/0x190
[  866.062336]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  866.062381]  ? mark_held_locks+0x49/0x80
[  866.062414]  try_charge_memcg+0x81f/0xf30
[  866.062454]  ? __pfx_try_charge_memcg+0x10/0x10
[  866.062497]  charge_memcg+0x7b/0x290
[  866.062527]  __mem_cgroup_charge+0x28/0x90
[  866.062560]  do_wp_page+0x58c/0x3240
[  866.062601]  ? __pfx_do_wp_page+0x10/0x10
[  866.062632]  ? do_raw_spin_lock+0x123/0x260
[  866.062662]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  866.062691]  ? ___pte_offset_map+0x176/0x370
[  866.062724]  __handle_mm_fault+0xde1/0x3030
[  866.062754]  ? reacquire_held_locks+0xd1/0x200
[  866.062778]  ? lock_vma_under_rcu+0x11e/0x530
[  866.062818]  ? __pfx___handle_mm_fault+0x10/0x10
[  866.062859]  ? lock_vma_under_rcu+0x17b/0x530
[  866.062912]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  866.062959]  handle_mm_fault+0x2c3/0x900
[  866.062990]  ? access_error+0x17d/0x380
[  866.063023]  do_user_addr_fault+0x4fa/0xeb0
[  866.063059]  exc_page_fault+0xb0/0x180
[  866.063085]  asm_exc_page_fault+0x26/0x30
[  866.063109] RIP: 0033:0x7ff98baf5d30
05:50:33 executing program 3:
r0 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffa000/0x3000)=nil)
unshare(0x8000000)
r1 = shmget$private(0x0, 0x5000, 0x0, &(0x7f0000ffb000/0x5000)=nil)
shmat(r1, &(0x7f0000ffb000/0x4000)=nil, 0x4000)
unshare(0x8000800)
shmat(r1, &(0x7f0000ffe000/0x1000)=nil, 0x4000)
r2 = shmget$private(0x0, 0x5000, 0x0, &(0x7f0000ffb000/0x5000)=nil)
shmat(r0, &(0x7f0000ffc000/0x1000)=nil, 0x6000)
shmat(r2, &(0x7f0000ffe000/0x1000)=nil, 0x4000)
r3 = shmget$private(0x0, 0x5000, 0x0, &(0x7f0000ffb000/0x5000)=nil)
shmat(r3, &(0x7f0000ffb000/0x4000)=nil, 0x4000)
r4 = shmget$private(0x0, 0x1000, 0x200, &(0x7f0000c2f000/0x1000)=nil)
madvise(&(0x7f0000c2f000/0x3000)=nil, 0x3000, 0x1)
shmat(r4, &(0x7f0000ffe000/0x1000)=nil, 0x3000)
shmat(r3, &(0x7f0000c2e000/0x2000)=nil, 0x800)

[  866.063129] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[  866.063152] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[  866.063173] RAX: 000000000da4c98d RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[  866.063189] RDX: 0000001b2cf2007c RSI: ffffffff812c80c8 RDI: 0000000000000000
05:50:33 executing program 5:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='net/llc/core\x00')
sendmsg$802154_raw(r0, &(0x7f0000000300)={&(0x7f0000000100), 0x14, &(0x7f00000002c0)={&(0x7f00000001c0)="171041b84b0557677ba256b44c26594e76a78704ce7ee9c4d22848b305f35814b28b9a79c47f9c836e3c23980a66728d84d222b792c3448653aa62c2fa8e64acabbaba4228bb538b0dbe53893e40006c36820186fe884ac1f0f485b5ee191c1a5ae3776e713b90d337ba695d7891ee9c913f362c795cae57e21a2dcc1017846a40c27ee2e5d6404e1180b442acd1fcf1fdcada99a00462377899dd911710e8363f7763a6d9302d560c4241b3fd4507f927d15ab2585a16344e2e8e3014bb6772ae9f69e9074cf59d75d5e6f6e3bbc46e23b04c338a681c243b33891a27ca948bed567fe3", 0xe4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000046)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
sendfile(r1, r0, &(0x7f00000003c0)=0x4, 0x40)
bind$802154_raw(r1, &(0x7f0000000000)={0x24, @none={0x0, 0xffff}}, 0x14)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)

[  866.063205] RBP: 0000000000000001 R08: 000000000da4c98d R09: 0000001b2cf2001c
[  866.063220] R10: 000000000000098d R11: 000000000da4c991 R12: 0000000000000017
[  866.063236] R13: 00007ff98bc4f000 R14: ffffffff812c80c8 R15: 00007ff98bc5aff0
[  866.063253]  ? x86_task_fpu+0x58/0xa0
[  866.063289]  ? x86_task_fpu+0x58/0xa0
[  866.063331]  </TASK>
[  866.063608] memory: usage 307200kB, limit 307200kB, failcnt 1782
[  866.063988] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  866.064324] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  866.064513] Buffer I/O error on dev sr0, logical block 6, async page read
[  866.065163] Memory cgroup stats for 
[  866.091719] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.092783] /syz0
[  866.093401] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  866.093956] :
[  866.094249] Buffer I/O error on dev sr0, logical block 7, async page read
[  866.121631] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.122141] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  866.122809] Buffer I/O error on dev sr0, logical block 0, async page read
05:50:33 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 51)

[  866.133540] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.134042] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  866.134704] Buffer I/O error on dev sr0, logical block 1, async page read
[  866.147642] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.152814] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.156436] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
05:50:33 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x26300000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[  866.166884] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.171657] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.174525] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.180030] anon 135168
[  866.180470] file 312950784
[  866.181117] kernel 1486848
[  866.181540] kernel_stack 65536
[  866.182126] pagetables 147456
[  866.182587] sec_pagetables 0
[  866.183067] percpu 64
[  866.183439] sock 0
[  866.183762] vmalloc 0
[  866.184157] shmem 312950784
[  866.184588] file_mapped 0
[  866.185029] file_dirty 0
[  866.185424] file_writeback 0
[  866.185905] swapcached 0
[  866.186307] inactive_anon 306503680
[  866.186865] active_anon 6545408
[  866.187361] inactive_file 0
[  866.187786] active_file 0
[  866.188237] unevictable 0
[  866.188653] slab_reclaimable 948656
[  866.189235] slab_unreclaimable 339648
[  866.189789] slab 1288304
[  866.190232] workingset_refault_anon 0
[  866.190782] workingset_refault_file 1
[  866.191373] workingset_activate_anon 0
[  866.191967] workingset_activate_file 0
[  866.192524] workingset_restore_anon 0
[  866.193110] workingset_restore_file 0
[  866.193660] workingset_nodereclaim 0
[  866.194238] pgdemote_kswapd 0
[  866.194701] pgdemote_direct 0
[  866.195191] pgdemote_khugepaged 0
[  866.195712] pgdemote_proactive 0
[  866.196331] pgscan 801
[  866.196774] pgsteal 9
[  866.197240] pswpin 0
[  866.197665] pswpout 0
[  866.198140] pgscan_kswapd 0
[  866.198665] pgscan_direct 801
[  866.199262] pgscan_khugepaged 0
[  866.199873] pgscan_proactive 0
[  866.200435] pgsteal_kswapd 0
[  866.201004] pgsteal_direct 9
[  866.201545] pgsteal_khugepaged 0
[  866.202165] pgsteal_proactive 0
[  866.202742] pgfault 86315
[  866.203269] pgmajfault 0
[  866.203744] pgrefill 768
[  866.204258] pgactivate 3833
[  866.204784] pgdeactivate 768
[  866.205355] pglazyfree 0
[  866.205870] pglazyfreed 0
[  866.206354] swpin_zero 0
[  866.206870] swpout_zero 0
[  866.207371] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7393,uid=0
[  866.209916] Memory cgroup out of memory: Killed process 7393 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  866.223750] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.224594] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.225779] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.230232] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.230806] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.249974] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.250554] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.252777] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  866.275507] FAULT_INJECTION: forcing a failure.
[  866.275507] name failslab, interval 1, probability 0, space 0, times 0
[  866.276534] CPU: 1 UID: 0 PID: 7427 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  866.276551] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  866.276560] Call Trace:
[  866.276564]  <TASK>
[  866.276570]  dump_stack_lvl+0xfa/0x120
[  866.276591]  should_fail_ex+0x4d7/0x5e0
[  866.276615]  should_failslab+0xc2/0x120
[  866.276636]  kmem_cache_alloc_node_noprof+0x71/0x3e0
[  866.276654]  ? do_kmem_cache_create+0x290/0x5a0
[  866.276677]  do_kmem_cache_create+0x290/0x5a0
[  866.276698]  __kmem_cache_create_args+0x20f/0x360
[  866.276711]  ? p9_client_create+0xd52/0x11b0
[  866.276731]  p9_client_create+0xdfc/0x11b0
[  866.276753]  ? __pfx_p9_client_create+0x10/0x10
[  866.276776]  ? trace_kmalloc+0x1f/0xb0
[  866.276790]  ? legacy_get_tree+0x109/0x220
[  866.276805]  ? vfs_get_tree+0x93/0x340
[  866.276824]  ? lockdep_init_map_type+0x4b/0x240
[  866.276841]  ? __raw_spin_lock_init+0x3a/0x110
[  866.276861]  v9fs_session_init+0x1df/0x17a0
[  866.276877]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  866.276901]  ? find_held_lock+0x2b/0x80
[  866.276917]  ? __create_object+0x59/0x80
[  866.276932]  ? __pfx_v9fs_session_init+0x10/0x10
[  866.276946]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  866.276965]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  866.276984]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  866.277002]  ? __create_object+0x59/0x80
[  866.277017]  ? trace_kmalloc+0x1f/0xb0
[  866.277028]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[  866.277042]  ? cred_has_capability.isra.0+0x1be/0x2c0
[  866.277063]  v9fs_mount+0xbc/0x9e0
[  866.277081]  ? __pfx_v9fs_mount+0x10/0x10
[  866.277099]  ? cap_capable+0xdb/0x3b0
[  866.277115]  ? __pfx_v9fs_mount+0x10/0x10
[  866.277131]  legacy_get_tree+0x109/0x220
[  866.277148]  vfs_get_tree+0x93/0x340
[  866.277163]  path_mount+0x122f/0x1db0
[  866.277184]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  866.277205]  ? __pfx_path_mount+0x10/0x10
[  866.277223]  ? kmem_cache_free+0x2a1/0x460
[  866.277239]  ? putname.part.0+0x11b/0x160
[  866.277253]  ? getname_flags.part.0+0x1c6/0x540
[  866.277270]  ? putname.part.0+0x11b/0x160
[  866.277286]  __x64_sys_mount+0x27b/0x300
[  866.277305]  ? __pfx___x64_sys_mount+0x10/0x10
[  866.277330]  do_syscall_64+0xbf/0x360
[  866.277346]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  866.277360] RIP: 0033:0x7fdbea32eb19
[  866.277370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  866.277382] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  866.277394] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[  866.277403] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[  866.277411] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[  866.277419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  866.277426] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[  866.277447]  </TASK>
[  866.299940] __kmem_cache_create_args(9p-fcall-cache-78) failed with error -22
[  866.300522] CPU: 1 UID: 0 PID: 7427 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  866.300538] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  866.300545] Call Trace:
[  866.300549]  <TASK>
[  866.300554]  dump_stack_lvl+0xfa/0x120
[  866.300568]  __kmem_cache_create_args+0x156/0x360
[  866.300584]  p9_client_create+0xdfc/0x11b0
[  866.300605]  ? __pfx_p9_client_create+0x10/0x10
[  866.300628]  ? trace_kmalloc+0x1f/0xb0
[  866.300641]  ? legacy_get_tree+0x109/0x220
[  866.300654]  ? vfs_get_tree+0x93/0x340
[  866.300668]  ? lockdep_init_map_type+0x4b/0x240
[  866.300682]  ? __raw_spin_lock_init+0x3a/0x110
[  866.300700]  v9fs_session_init+0x1df/0x17a0
[  866.300714]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  866.300737]  ? find_held_lock+0x2b/0x80
[  866.300753]  ? __create_object+0x59/0x80
[  866.300767]  ? __pfx_v9fs_session_init+0x10/0x10
[  866.300780]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  866.300798]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  866.300817]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  866.300840]  ? __create_object+0x59/0x80
[  866.300855]  ? trace_kmalloc+0x1f/0xb0
[  866.300866]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[  866.300880]  ? cred_has_capability.isra.0+0x1be/0x2c0
[  866.300899]  v9fs_mount+0xbc/0x9e0
[  866.300916]  ? __pfx_v9fs_mount+0x10/0x10
[  866.300934]  ? cap_capable+0xdb/0x3b0
[  866.300948]  ? __pfx_v9fs_mount+0x10/0x10
[  866.300967]  legacy_get_tree+0x109/0x220
[  866.300987]  vfs_get_tree+0x93/0x340
[  866.301001]  path_mount+0x122f/0x1db0
[  866.301020]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  866.301040]  ? __pfx_path_mount+0x10/0x10
[  866.301058]  ? kmem_cache_free+0x2a1/0x460
[  866.301074]  ? putname.part.0+0x11b/0x160
[  866.301087]  ? getname_flags.part.0+0x1c6/0x540
[  866.301103]  ? putname.part.0+0x11b/0x160
[  866.301119]  __x64_sys_mount+0x27b/0x300
[  866.301137]  ? __pfx___x64_sys_mount+0x10/0x10
[  866.301163]  do_syscall_64+0xbf/0x360
[  866.301178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  866.301190] RIP: 0033:0x7fdbea32eb19
[  866.301199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  866.301211] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  866.301222] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[  866.301230] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[  866.301238] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[  866.301246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  866.301253] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[  866.301273]  </TASK>
[  866.321670] 9p: Unknown access argument 18446744073709551615: -34
[  866.339457] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  866.340240] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] 
[  866.340786] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[  866.341347] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 02 00
[  866.724236] audit: type=1326 audit(1755409834.071:108): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7385 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:50:43 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x8f03, 0x0)

05:50:43 executing program 1:
write(0xffffffffffffffff, &(0x7f0000000040)="d65171ce39cdd37da20483eb0fb6805098623cf1e5d829a46b8796e213fe07784d679305ec00d4cbb26715294948ccd24219ba8b3ecea1061b7549631ee42103896009bfe0e38913a8d949e212a1073a7637b0f5b5d706abd6a049ac5083de617ca2301279b1389a1f23ee5f4d1e2db2d8aae619a359705ecef2e44c58ecaf2604d4bceb52c6faf37339027a0aa794a757ff1f628d900bf98b082fd8bdcffeff0f56d0687a089eaaa3c228a454e006bc0d38e3874834", 0xb6)
prctl$PR_SET_SECCOMP(0x41, 0x3, 0x0)
io_setup(0x6, &(0x7f0000000000))

05:50:43 executing program 5:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='net/llc/core\x00')
sendmsg$802154_raw(r0, &(0x7f0000000300)={&(0x7f0000000100), 0x14, &(0x7f00000002c0)={&(0x7f00000001c0)="171041b84b0557677ba256b44c26594e76a78704ce7ee9c4d22848b305f35814b28b9a79c47f9c836e3c23980a66728d84d222b792c3448653aa62c2fa8e64acabbaba4228bb538b0dbe53893e40006c36820186fe884ac1f0f485b5ee191c1a5ae3776e713b90d337ba695d7891ee9c913f362c795cae57e21a2dcc1017846a40c27ee2e5d6404e1180b442acd1fcf1fdcada99a00462377899dd911710e8363f7763a6d9302d560c4241b3fd4507f927d15ab2585a16344e2e8e3014bb6772ae9f69e9074cf59d75d5e6f6e3bbc46e23b04c338a681c243b33891a27ca948bed567fe3", 0xe4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000046)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
sendfile(r1, r0, &(0x7f00000003c0)=0x4, 0x40)
bind$802154_raw(r1, &(0x7f0000000000)={0x24, @none={0x0, 0xffff}}, 0x14)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000000040)=""/156, 0x9c, 0x2)

05:50:43 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x6000000, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:50:43 executing program 3:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000140)={0x3, &(0x7f0000000100)=[{0x6, 0x0, 0x2, 0x2}, {}, {0x6, 0x0, 0x8, 0xfff}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x2, 0x0, 0x4, 0x1}]})
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000600)=""/185, 0x1d, 0x2)
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000180), &(0x7f00000001c0)=0x14)
close(r0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000200)={<r3=>r1, 0xe45, 0x100000000, 0x100})
sendmsg$NL80211_CMD_REGISTER_FRAME(r3, &(0x7f0000000480)={&(0x7f0000000240), 0xc, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB="e32b1c14c7a88bea21fd6aea60911c5db68e60922c", @ANYRES16=0x0, @ANYBLOB="040326bd7000fcdbdf253a00000006006500040000000600650011d00000dd005b0000eda658dcaf7d6edb325c7bc2a31631b0f44d34102f76bcd99eeb7bf4f207772eb3b0013942cb92974e31ede4946cbe8273f23330feeeed2887ee6f7c388e526bad02b0863447e71f4c56485f9f110238ebd005c08314b30f6c9e9c700326269594fa66aaeb633a4326060dbc1cb8d6f8efa322ba9a4cffa3b06f9a310e73a69d1f499761371284e2d8ef9ba03be707b6391b56ebbc51110b788806cc78698be0e08c33c8bdda08c8c774a39eacb6960ba47fcbcb96c36446edaa5bde403ac207344ae7ecd0d7f4e6c0df353da41bb0276cf761275ffdaacf000000"], 0x104}, 0x1, 0x0, 0x0, 0x400c0}, 0x40408c0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000280))
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={0x0, 0x2, r0, 0x7fffffff})

05:50:43 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x27000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:50:43 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 52)

05:50:43 executing program 0:
clock_gettime(0x0, &(0x7f0000000040)={<r0=>0x0, <r1=>0x0})
utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={{0x0, 0xea60}, {r0, r1/1000+10000}})
mlockall(0x2)
r2 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r3 = shmget$private(0x0, 0x5000, 0x0, &(0x7f0000ffb000/0x5000)=nil)
futex(&(0x7f00000000c0)=0x1, 0x2, 0x2, &(0x7f0000000100)={0x0, 0x3938700}, &(0x7f0000000140), 0x2)
shmat(r3, &(0x7f0000ffb000/0x4000)=nil, 0x4000)
shmat(r3, &(0x7f0000ffe000/0x1000)=nil, 0x4000)
shmctl$IPC_RMID(r3, 0x0)
r4 = shmat(r2, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
shmdt(r4)

[  876.295688] 9p: Unknown access argument 18446744073709551615: -34
[  876.300165] audit: type=1326 audit(1755409843.647:109): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7435 comm="syz-executor.3" exe="/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4d2dc91b19 code=0x0
05:50:43 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$BLKROSET(r0, 0x125d, &(0x7f0000000000))
r1 = syz_open_dev$loop(&(0x7f00000004c0), 0x0, 0x0)
r2 = creat(&(0x7f0000000400)='./file0\x00', 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r3, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$LOOP_SET_FD(r3, 0x4c00, r0)
write$binfmt_elf32(r2, &(0x7f00000005c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x15d, 0x38, 0x271, 0x0, 0x8000, 0x20, 0x2, 0xf53c, 0x0, 0x5}, [{0x4, 0x63278b94, 0xe728a2d, 0x2, 0x6, 0x0, 0x3f, 0xc0000}, {0x60000000, 0x5, 0x163, 0x8e8, 0x8000, 0x9, 0x0, 0x93}], "367817e1e7f651e36a3c0953920bf4232cb838e9b5c3a880a45abce17f7c3e56d7803dd2de0489018540d5db8367792ec82eb9f794f7017182af0cbcb6a2f213b2b22690ade3686825a068f0361eb7057bc9f7af1cd2f6f523bdca7ec2f3320ae7a60c9f6e67b8f863209fbc9d79cd414e8f549467218c293783fb7dfeb927600ca7d115428e49a9bd648936492287b440397417d256a8d8f8d8b42869bef41db6b7df7f9f321d8b003507e7e3c9d08231a29b515b73fff23aafca45b0ffde2f4abcde0a", ['\x00', '\x00', '\x00', '\x00', '\x00']}, 0x63c)
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x2, 0x2, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x4, 0x2}, 0x10243, 0x1, 0x4, 0x5, 0x0, 0x452, 0x80, 0x0, 0x4, 0x0, 0x3}, 0xffffffffffffffff, 0x0, r0, 0xb)
r4 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r4, &(0x7f0000000040)=""/156, 0x9c, 0x2)
sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r4, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x38, 0x0, 0x800, 0x70bd2c, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x1, 0x42}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0xb}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x80}, 0xdce5deb15458e342)
ioctl$LOOP_SET_FD(r1, 0x4c00, r2)

[  876.333213] audit: type=1326 audit(1755409843.679:110): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7442 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:50:43 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 53)

05:50:43 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x27300000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:50:43 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x7000000, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[  876.376753] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  876.377622] CPU: 0 UID: 0 PID: 7447 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  876.377640] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  876.377648] Call Trace:
[  876.377654]  <TASK>
[  876.377659]  dump_stack_lvl+0xfa/0x120
[  876.377680]  dump_header+0x107/0x950
[  876.377702]  oom_kill_process+0x278/0xa00
[  876.377720]  out_of_memory+0x34b/0x1690
[  876.377741]  ? __pfx_out_of_memory+0x10/0x10
[  876.377763]  mem_cgroup_out_of_memory+0x164/0x190
[  876.377783]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  876.377804]  ? mark_held_locks+0x49/0x80
[  876.377828]  try_charge_memcg+0x81f/0xf30
[  876.377853]  ? __pfx_try_charge_memcg+0x10/0x10
[  876.377874]  charge_memcg+0x7b/0x290
[  876.377889]  __mem_cgroup_charge+0x28/0x90
[  876.377905]  do_wp_page+0x58c/0x3240
[  876.377927]  ? __pfx_do_wp_page+0x10/0x10
[  876.377941]  ? do_raw_spin_lock+0x123/0x260
[  876.377957]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  876.377971]  ? ___pte_offset_map+0x176/0x370
[  876.377988]  __handle_mm_fault+0xde1/0x3030
[  876.378003]  ? reacquire_held_locks+0xd1/0x200
[  876.378015]  ? lock_vma_under_rcu+0x11e/0x530
[  876.378036]  ? __pfx___handle_mm_fault+0x10/0x10
[  876.378053]  ? lock_vma_under_rcu+0x17b/0x530
[  876.378078]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  876.378103]  handle_mm_fault+0x2c3/0x900
[  876.378118]  ? access_error+0x17d/0x380
[  876.378136]  do_user_addr_fault+0x4fa/0xeb0
[  876.378153]  exc_page_fault+0xb0/0x180
[  876.378167]  asm_exc_page_fault+0x26/0x30
[  876.378181] RIP: 0033:0x7ff98baf5d30
[  876.378191] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[  876.378203] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[  876.378213] RAX: 0000000071330280 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[  876.378222] RDX: 0000001b2cf2002c RSI: ffffffff8163e491 RDI: 0000000000000000
[  876.378230] RBP: 0000000000000001 R08: 0000000071330280 R09: 0000001b2cf2001c
[  876.378238] R10: 0000000000000280 R11: 0000000071330284 R12: 0000000000000003
[  876.378246] R13: 00007ff98bc4f000 R14: ffffffff8163e491 R15: 00007ff98bc5aff0
[  876.378254]  ? __x64_sys_clock_gettime+0x111/0x240
[  876.378279]  ? __x64_sys_clock_gettime+0x111/0x240
[  876.378297]  </TASK>
[  876.395428] memory: usage 307200kB, limit 307200kB, failcnt 1801
[  876.395935] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
05:50:43 executing program 5:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='net/llc/core\x00')
sendmsg$802154_raw(r0, &(0x7f0000000300)={&(0x7f0000000100), 0x14, &(0x7f00000002c0)={&(0x7f00000001c0)="171041b84b0557677ba256b44c26594e76a78704ce7ee9c4d22848b305f35814b28b9a79c47f9c836e3c23980a66728d84d222b792c3448653aa62c2fa8e64acabbaba4228bb538b0dbe53893e40006c36820186fe884ac1f0f485b5ee191c1a5ae3776e713b90d337ba695d7891ee9c913f362c795cae57e21a2dcc1017846a40c27ee2e5d6404e1180b442acd1fcf1fdcada99a00462377899dd911710e8363f7763a6d9302d560c4241b3fd4507f927d15ab2585a16344e2e8e3014bb6772ae9f69e9074cf59d75d5e6f6e3bbc46e23b04c338a681c243b33891a27ca948bed567fe3", 0xe4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000046)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
sendfile(r1, r0, &(0x7f00000003c0)=0x4, 0x40)
bind$802154_raw(r1, &(0x7f0000000000)={0x24, @none={0x0, 0xffff}}, 0x14)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000000040)=""/156, 0x9c, 0x2)

05:50:43 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x27ea0100, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[  876.396425] Memory cgroup stats for /syz0:
[  876.424459] anon 126976
[  876.425979] file 312950784
[  876.426209] kernel 1495040
[  876.426450] kernel_stack 65536
[  876.426708] pagetables 155648
[  876.426995] sec_pagetables 0
[  876.427243] percpu 64
[  876.427444] sock 0
[  876.427622] vmalloc 0
[  876.427841] shmem 312950784
[  876.428081] file_mapped 0
[  876.428310] file_dirty 0
[  876.428523] file_writeback 0
[  876.428765] swapcached 0
[  876.429007] inactive_anon 306532352
[  876.429293] active_anon 6545408
[  876.429559] inactive_file 0
[  876.429791] active_file 0
[  876.430034] unevictable 0
[  876.430255] slab_reclaimable 948656
[  876.430545] slab_unreclaimable 340032
[  876.430864] slab 1288688
[  876.431090] workingset_refault_anon 0
[  876.431388] workingset_refault_file 1
[  876.431684] workingset_activate_anon 0
[  876.432024] workingset_activate_file 0
[  876.432335] workingset_restore_anon 0
[  876.432638] workingset_restore_file 0
[  876.432965] workingset_nodereclaim 0
[  876.433263] pgdemote_kswapd 0
[  876.433515] pgdemote_direct 0
[  876.433770] pgdemote_khugepaged 0
[  876.434077] pgdemote_proactive 0
[  876.434349] pgscan 801
[  876.434550] pgsteal 9
[  876.434747] pswpin 0
[  876.434959] pswpout 0
[  876.435160] pgscan_kswapd 0
[  876.435390] pgscan_direct 801
[  876.435640] pgscan_khugepaged 0
[  876.435921] pgscan_proactive 0
[  876.436188] pgsteal_kswapd 0
[  876.436428] pgsteal_direct 9
[  876.436673] pgsteal_khugepaged 0
[  876.436967] pgsteal_proactive 0
[  876.437233] pgfault 86362
[  876.437453] pgmajfault 0
[  876.437670] pgrefill 768
[  876.437909] pgactivate 3833
[  876.438146] pgdeactivate 768
[  876.438388] pglazyfree 0
[  876.438442] 9p: Unknown access argument 18446744073709551615: -34
[  876.438602] pglazyfreed 0
[  876.439359] swpin_zero 0
[  876.439581] swpout_zero 0
[  876.439801] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7447,uid=0
[  876.441034] Memory cgroup out of memory: Killed process 7447 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
05:50:43 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x9000000, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:50:43 executing program 1:
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000380)=[{&(0x7f0000000140)="b8", 0x1, 0xa064}, {&(0x7f0000000240)='x', 0x1}, {0x0, 0x0, 0x7fffffff}], 0x0, &(0x7f0000000400))
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000200), 0x430400, 0x0)
clone3(&(0x7f0000000500)={0x1000000, &(0x7f0000000280)=<r3=>0xffffffffffffffff, &(0x7f00000002c0), &(0x7f0000000300), {0x3c}, &(0x7f0000000440)=""/67, 0x43, &(0x7f0000000340)=""/36, &(0x7f00000004c0)=[0x0, 0xffffffffffffffff], 0x2}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x14, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@loose}, {@nodevmap}, {@posixacl}, {@version_u}, {@posixacl}], [{@context={'context', 0x3d, 'staff_u'}}, {@fsuuid={'fsuuid', 0x3d, {[0x62, 0x35, 0x31, 0x65, 0x39, 0x33, 0x39, 0x39], 0x2d, [0x64, 0x33, 0x38, 0x34], 0x2d, [0x64, 0x0, 0x65, 0x65], 0x2d, [0x32, 0x30, 0x38, 0x34], 0x2d, [0x62, 0x32, 0x38, 0x66, 0x31, 0x65, 0x37, 0x34]}}}]}})
sendfile(r0, r1, &(0x7f0000000000)=0x9ed, 0xfffffffffffffff8)

[  877.134592] audit: type=1326 audit(1755409844.482:111): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7435 comm="syz-executor.3" exe="/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4d2dc91b19 code=0x0
[  877.158663] audit: type=1326 audit(1755409844.506:112): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7442 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:50:54 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0xa302, 0x0)

05:50:54 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
shmat(r0, &(0x7f000079a000/0x2000)=nil, 0x2000)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
shmdt(r1)

05:50:54 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 54)

05:50:54 executing program 3:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000640), r1)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, r2, 0x21, 0x0, 0x0, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @loopback}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x24}}, 0x0)
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x491fc37a1be93f72}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x28, r2, 0x200, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_MGMT_A_DOMAIN={0x9, 0x1, '-@&@\x00'}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x850}, 0x40000)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x80, 0x0)
mount(&(0x7f0000000280)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='hfsplus\x00', 0x2000040, &(0x7f0000000340)='msize')
r3 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x44840, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@msize={'msize', 0x3d, 0x480000}}]}})

05:50:54 executing program 5:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='net/llc/core\x00')
sendmsg$802154_raw(r0, &(0x7f0000000300)={&(0x7f0000000100), 0x14, &(0x7f00000002c0)={&(0x7f00000001c0)="171041b84b0557677ba256b44c26594e76a78704ce7ee9c4d22848b305f35814b28b9a79c47f9c836e3c23980a66728d84d222b792c3448653aa62c2fa8e64acabbaba4228bb538b0dbe53893e40006c36820186fe884ac1f0f485b5ee191c1a5ae3776e713b90d337ba695d7891ee9c913f362c795cae57e21a2dcc1017846a40c27ee2e5d6404e1180b442acd1fcf1fdcada99a00462377899dd911710e8363f7763a6d9302d560c4241b3fd4507f927d15ab2585a16344e2e8e3014bb6772ae9f69e9074cf59d75d5e6f6e3bbc46e23b04c338a681c243b33891a27ca948bed567fe3", 0xe4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000046)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
sendfile(r1, r0, &(0x7f00000003c0)=0x4, 0x40)
bind$802154_raw(r1, &(0x7f0000000000)={0x24, @none={0x0, 0xffff}}, 0x14)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000000040)=""/156, 0x9c, 0x2)

05:50:54 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x30010000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:50:54 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0xf000000, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:50:54 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'wlan0\x00', &(0x7f0000000000)=@ethtool_rx_ntuple={0x23, {0x0, @tcp_ip4_spec={@rand_addr, @private}, @esp_ip4_spec={@multicast1, @local}}}})
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x26, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000d5f4655fd5f4655f0100ffff53ef010001000000d4f4655f000000000000000001000000000000000b0000000004000008000000d2c20000120300000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e38323232353731363100"/192, 0xc0, 0x400}, {&(0x7f0000010100)="00000000000000000000000091b73ef4b8d944c4be6aeaa0d6c47e6c010040000c00000000000000d4f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000000000000000000000000000000040000005500000000000000", 0x40, 0x540}, {&(0x7f0000010300)="030000000400"/32, 0x20, 0x640}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500)="7f000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000d4f4655fd4f4655fd4f4655f00"/8224, 0x2020, 0x2000}, {&(0x7f0000012600)="ed41000000100000d4f4655fd5f4655fd5f4655f00000000000004008000000000000800050000000af301000400000000000000000000000100000010000000", 0x40, 0x4400}, {&(0x7f0000012700)="20000000c4caafbcc4caafbc00000000d4f4655f00"/32, 0x20, 0x4480}, {&(0x7f0000012800)="8081000000180000d4f4655fd4f4655fd4f4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030000000", 0x40, 0x4800}, {&(0x7f0000012900)="20000000000000000000000000000000d4f4655f00"/32, 0x20, 0x4880}, {&(0x7f0000012a00)="8081000000180000d4f4655fd4f4655fd4f4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000040000000", 0x40, 0x4c00}, {&(0x7f0000012b00)="20000000000000000000000000000000d4f4655f00"/32, 0x20, 0x4c80}, {&(0x7f0000012c00)="c041000000300000d4f4655fd4f4655fd4f4655f00000000000002008000000000000800000000000af301000400000000000000000000000300000020000000", 0x40, 0x6800}, {&(0x7f0000012d00)="20000000000000000000000000000000d4f4655f000000000000000000000000000002ea00"/64, 0x40, 0x6880}, {&(0x7f0000012e00)="ed4100003c000000d5f4655fd5f4655fd5f4655f0000000000000200000000000000001003000000020000000d0000001000050166696c65300000000e0000002800050766696c65310000000000000000000000000000000000000000000000000000005aec127300000000000000000000000000000000000000000000000020000000c4caafbcc4caafbcc4caafbcd5f4655fc4caafbc0000000000000000000002ea04070000000000000000000000000000646174610000000000000000", 0xc0, 0x6c00}, {&(0x7f0000012f00)="ed8100001a040000d5f4655fd5f4655fd5f4655f00000000000001008000000000000800010000000af301000400000000000000000000000100000050000000000000000000000000000000000000000000000000000000000000000000000000000000392c7b8c00000000000000000000000000000000000000000000000020000000c4caafbcc4caafbcc4caafbcd5f4655fc4caafbc0000000000000000", 0xa0, 0x7000}, {&(0x7f0000013000)="ffa1000026000000d5f4655fd5f4655fd5f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3832323235373136312f66696c65302f66696c653000000000000000000000000000000000000000000000d8199c5e00000000000000000000000000000000000000000000000020000000c4caafbcc4caafbcc4caafbcd5f4655fc4caafbc0000000000000000", 0xa0, 0x7400}, {&(0x7f0000013100)="ed8100000a000000d5f4655fd5f4655fd5f4655f000000000000010000000000000000100100000073797a6b616c6c65727300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ba95a2c00000000000000000000000000000000000000000000000020000000c4caafbcc4caafbcc4caafbcd5f4655fc4caafbc0000000000000000000002ea040700000000000000000000000000006461746106015403000000000600000000000000786174747231000006014c0300000000060000000000000078617474723200"/256, 0x100, 0x7800}, {&(0x7f0000013200)="0000000000000000000000000000000078617474723200007861747472310000ed81000028230000d5f4655fd5f4655fd5f4655f00000000000002008000000000000800010000000af301000400000000000000000000000300000060000000020000000100000062000000020000000180000062000000000000000000000000000000df980a7e00000000000000000000000000000000000000000000000020000000c4caafbcc4caafbcc4caafbcd5f4655fc4caafbc0000000000000000", 0xc0, 0x7be0}, {&(0x7f0000013300)="ed81000064000000d5f4655fd5f4655fd5f4655f000000000000010000000000000000100100000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c852ae89800000000000000000000000000000000000000000000000020000000c4caafbcc4caafbcc4caafbcd5f4655fc4caafbc0000000000000000000002ea04073403000000002800000000000000646174610000000000000000", 0xc0, 0x8000}, {&(0x7f0000013400)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00lersyzkallersyzkallersyzkallersyzkallers', 0x40, 0x83c0}, {&(0x7f0000013500)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c653300000011000000940f090166696c652e636f6c64000000", 0x80, 0x10000}, {&(0x7f0000013600)="0b0000000c0001022e000000020000000c0002022e2e000000000000e80f0000", 0x20, 0x20000}, {&(0x7f0000013700)="00000000001000"/32, 0x20, 0x21000}, {&(0x7f0000013800)="00000000001000"/32, 0x20, 0x22000}, {&(0x7f0000013900)="111fc0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x30000}, {&(0x7f0000013a00)="0200"/32, 0x20, 0x30400}, {&(0x7f0000013b00)="0300"/32, 0x20, 0x30800}, {&(0x7f0000013c00)="0400"/32, 0x20, 0x30c00}, {&(0x7f0000013d00)="0500"/32, 0x20, 0x31000}, {&(0x7f0000013e00)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000400"/96, 0x60, 0x31400}, {&(0x7f0000013f00)="2719c0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x40000}, {&(0x7f0000014000)="0200"/32, 0x20, 0x40400}, {&(0x7f0000014100)="0300"/32, 0x20, 0x40800}, {&(0x7f0000014200)="0400"/32, 0x20, 0x40c00}, {&(0x7f0000014300)="0500"/32, 0x20, 0x41000}, {&(0x7f0000014400)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000400"/96, 0x60, 0x41400}, {&(0x7f0000014500)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x50000}], 0x0, &(0x7f0000014a00))

[  886.986568] audit: type=1326 audit(1755409854.332:113): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7480 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
[  887.035033] FAULT_INJECTION: forcing a failure.
[  887.035033] name failslab, interval 1, probability 0, space 0, times 0
[  887.037423] CPU: 0 UID: 0 PID: 7492 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  887.037457] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  887.037471] Call Trace:
[  887.037480]  <TASK>
[  887.037492]  dump_stack_lvl+0xfa/0x120
[  887.037530]  should_fail_ex+0x4d7/0x5e0
[  887.037584]  should_failslab+0xc2/0x120
[  887.037627]  __kmalloc_node_track_caller_noprof+0xb8/0x490
[  887.037674]  ? kstrdup_const+0x57/0x80
[  887.037729]  kstrdup+0x3e/0xc0
[  887.037767]  kstrdup_const+0x57/0x80
[  887.037803]  kvasprintf_const+0x110/0x1a0
[  887.037846]  kobject_set_name_vargs+0x5a/0x150
[  887.037887]  kobject_init_and_add+0xcc/0x170
[  887.037929]  ? __pfx_kobject_init_and_add+0x10/0x10
[  887.037990]  ? up_write+0x195/0x520
[  887.038050]  sysfs_slab_add+0x172/0x210
[  887.038098]  do_kmem_cache_create+0x235/0x5a0
[  887.038148]  __kmem_cache_create_args+0x20f/0x360
[  887.038171]  ? p9_client_create+0xd52/0x11b0
[  887.038217]  p9_client_create+0xdfc/0x11b0
[  887.038278]  ? __pfx_p9_client_create+0x10/0x10
[  887.038343]  ? trace_kmalloc+0x1f/0xb0
[  887.038371]  ? legacy_get_tree+0x109/0x220
[  887.038399]  ? vfs_get_tree+0x93/0x340
[  887.038430]  ? lockdep_init_map_type+0x4b/0x240
[  887.038463]  ? __raw_spin_lock_init+0x3a/0x110
[  887.038513]  v9fs_session_init+0x1df/0x17a0
[  887.038544]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  887.038601]  ? find_held_lock+0x2b/0x80
[  887.038636]  ? __create_object+0x59/0x80
[  887.038670]  ? __pfx_v9fs_session_init+0x10/0x10
[  887.038697]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  887.038736]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  887.038778]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  887.038818]  ? __create_object+0x59/0x80
[  887.038855]  ? trace_kmalloc+0x1f/0xb0
[  887.038877]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[  887.038905]  ? cred_has_capability.isra.0+0x1be/0x2c0
[  887.038963]  v9fs_mount+0xbc/0x9e0
[  887.039002]  ? __pfx_v9fs_mount+0x10/0x10
[  887.039046]  ? cap_capable+0xdb/0x3b0
[  887.039083]  ? __pfx_v9fs_mount+0x10/0x10
[  887.039119]  legacy_get_tree+0x109/0x220
[  887.039162]  vfs_get_tree+0x93/0x340
[  887.039198]  path_mount+0x122f/0x1db0
[  887.039242]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  887.039289]  ? __pfx_path_mount+0x10/0x10
[  887.039330]  ? kmem_cache_free+0x2a1/0x460
[  887.039365]  ? putname.part.0+0x11b/0x160
[  887.039396]  ? getname_flags.part.0+0x1c6/0x540
[  887.039436]  ? putname.part.0+0x11b/0x160
[  887.039481]  __x64_sys_mount+0x27b/0x300
[  887.039524]  ? __pfx___x64_sys_mount+0x10/0x10
[  887.039596]  do_syscall_64+0xbf/0x360
[  887.039633]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  887.039657] RIP: 0033:0x7fdbea32eb19
[  887.039678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  887.039701] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  887.039724] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[  887.039740] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[  887.039756] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[  887.039771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  887.039785] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[  887.039855]  </TASK>
[  887.086326] kobject: can not set name properly!
[  887.090407] SLUB: Unable to add cache 9p-fcall-cache-81 to sysfs
[  887.110544] 9pnet_fd: Insufficient options for proto=fd
05:50:54 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0xffffff7f, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:50:54 executing program 5:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='net/llc/core\x00')
sendmsg$802154_raw(r0, &(0x7f0000000300)={&(0x7f0000000100), 0x14, &(0x7f00000002c0)={&(0x7f00000001c0)="171041b84b0557677ba256b44c26594e76a78704ce7ee9c4d22848b305f35814b28b9a79c47f9c836e3c23980a66728d84d222b792c3448653aa62c2fa8e64acabbaba4228bb538b0dbe53893e40006c36820186fe884ac1f0f485b5ee191c1a5ae3776e713b90d337ba695d7891ee9c913f362c795cae57e21a2dcc1017846a40c27ee2e5d6404e1180b442acd1fcf1fdcada99a00462377899dd911710e8363f7763a6d9302d560c4241b3fd4507f927d15ab2585a16344e2e8e3014bb6772ae9f69e9074cf59d75d5e6f6e3bbc46e23b04c338a681c243b33891a27ca948bed567fe3", 0xe4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000046)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
sendfile(r1, r0, &(0x7f00000003c0)=0x4, 0x40)
bind$802154_raw(r1, &(0x7f0000000000)={0x24, @none={0x0, 0xffff}}, 0x14)
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)

[  887.118123] 9p: Unknown access argument 18446744073709551615: -34
05:50:54 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x3f000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:50:54 executing program 1:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
write(r0, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e", 0x27)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r2 = signalfd(r1, &(0x7f0000000080)={[0x6]}, 0x8)
ioctl$HIDIOCGFLAG(r2, 0x8004480e, &(0x7f0000000140))
ioctl$sock_inet6_tcp_SIOCOUTQ(r2, 0x5411, &(0x7f0000000040))
r3 = syz_open_dev$ttys(0xc, 0x2, 0x0)
r4 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x1a460f0c, 0x8000)
sendfile(r0, r0, &(0x7f0000000100)=0x2, 0xffffffffffff0000)
sendfile(r3, r4, 0x0, 0xfdef)

[  887.154536] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  887.156152] CPU: 0 UID: 0 PID: 7478 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  887.156181] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  887.156194] Call Trace:
[  887.156202]  <TASK>
[  887.156211]  dump_stack_lvl+0xfa/0x120
[  887.156242]  dump_header+0x107/0x950
[  887.156278]  oom_kill_process+0x278/0xa00
[  887.156311]  out_of_memory+0x34b/0x1690
[  887.156346]  ? _raw_spin_unlock_irqrestore+0x22/0x50
[  887.156380]  ? __pfx_out_of_memory+0x10/0x10
[  887.156421]  mem_cgroup_out_of_memory+0x164/0x190
[  887.156454]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  887.156494]  ? mark_held_locks+0x49/0x80
[  887.156525]  try_charge_memcg+0x81f/0xf30
[  887.156561]  ? __pfx_try_charge_memcg+0x10/0x10
[  887.156600]  charge_memcg+0x7b/0x290
[  887.156627]  __mem_cgroup_charge+0x28/0x90
[  887.156669]  do_wp_page+0x58c/0x3240
[  887.156707]  ? __pfx_do_wp_page+0x10/0x10
[  887.156735]  ? do_raw_spin_lock+0x123/0x260
[  887.156762]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  887.156789]  ? ___pte_offset_map+0x176/0x370
[  887.156819]  __handle_mm_fault+0xde1/0x3030
[  887.156852]  ? reacquire_held_locks+0xd1/0x200
[  887.156874]  ? lock_vma_under_rcu+0x11e/0x530
[  887.156912]  ? __pfx___handle_mm_fault+0x10/0x10
[  887.156942]  ? lock_vma_under_rcu+0x17b/0x530
[  887.156990]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  887.157034]  handle_mm_fault+0x2c3/0x900
[  887.157063]  ? access_error+0x17d/0x380
[  887.157093]  do_user_addr_fault+0x4fa/0xeb0
[  887.157126]  exc_page_fault+0xb0/0x180
[  887.157150]  asm_exc_page_fault+0x26/0x30
[  887.157173] RIP: 0033:0x7ff98baf5d30
[  887.157191] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[  887.157213] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[  887.157231] RAX: 000000000da4c98d RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[  887.157246] RDX: 0000001b2cf2007c RSI: ffffffff812c80c8 RDI: 0000000000000000
[  887.157261] RBP: 0000000000000001 R08: 000000000da4c98d R09: 0000001b2cf2001c
[  887.157275] R10: 000000000000098d R11: 000000000da4c991 R12: 0000000000000017
[  887.157289] R13: 00007ff98bc4f000 R14: ffffffff812c80c8 R15: 00007ff98bc5aff0
[  887.157305]  ? x86_task_fpu+0x58/0xa0
[  887.157341]  ? x86_task_fpu+0x58/0xa0
[  887.157368]  </TASK>
[  887.190418] memory: usage 307200kB, limit 307200kB, failcnt 1839
[  887.191644] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
05:50:54 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x40000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[  887.192763] Memory cgroup stats for /syz0:
[  887.345005] anon 135168
[  887.346223] file 312950784
[  887.346666] kernel 1486848
[  887.347140] kernel_stack 65536
[  887.347640] pagetables 147456
[  887.348139] sec_pagetables 0
[  887.348604] percpu 64
[  887.349011] sock 0
[  887.349349] vmalloc 0
[  887.349723] shmem 312950784
[  887.350188] file_mapped 0
[  887.350609] file_dirty 0
[  887.351052] file_writeback 0
[  887.351511] swapcached 0
[  887.351958] inactive_anon 306540544
[  887.352506] active_anon 6545408
[  887.353036] inactive_file 0
[  887.353479] active_file 0
[  887.353925] unevictable 0
[  887.354336] slab_reclaimable 948656
[  887.354901] slab_unreclaimable 339648
[  887.355462] slab 1288304
[  887.355904] workingset_refault_anon 0
[  887.356470] workingset_refault_file 1
[  887.357078] workingset_activate_anon 0
[  887.357652] workingset_activate_file 0
[  887.358256] workingset_restore_anon 0
[  887.358858] workingset_restore_file 0
[  887.359433] workingset_nodereclaim 0
[  887.360025] pgdemote_kswapd 0
[  887.360505] pgdemote_direct 0
[  887.361018] pgdemote_khugepaged 0
[  887.361552] pgdemote_proactive 0
[  887.362092] pgscan 801
[  887.362475] pgsteal 9
[  887.362880] pswpin 0
[  887.363247] pswpout 0
[  887.363626] pgscan_kswapd 0
[  887.364092] pgscan_direct 801
[  887.364581] pgscan_khugepaged 0
[  887.365116] pgscan_proactive 0
[  887.365598] pgsteal_kswapd 0
[  887.366094] pgsteal_direct 9
[  887.366552] pgsteal_khugepaged 0
[  887.367085] pgsteal_proactive 0
[  887.367573] pgfault 86415
[  887.368019] pgmajfault 0
[  887.368439] pgrefill 768
[  887.368900] pgactivate 3833
[  887.369342] pgdeactivate 768
[  887.369798] pglazyfree 0
[  887.370233] pglazyfreed 0
[  887.370654] swpin_zero 0
[  887.371091] swpout_zero 0
[  887.371519] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7478,uid=0
[  887.373707] Memory cgroup out of memory: Killed process 7478 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  887.808574] audit: type=1326 audit(1755409855.156:114): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7480 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:51:05 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:51:05 executing program 5:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='net/llc/core\x00')
sendmsg$802154_raw(r0, &(0x7f0000000300)={&(0x7f0000000100), 0x14, &(0x7f00000002c0)={&(0x7f00000001c0)="171041b84b0557677ba256b44c26594e76a78704ce7ee9c4d22848b305f35814b28b9a79c47f9c836e3c23980a66728d84d222b792c3448653aa62c2fa8e64acabbaba4228bb538b0dbe53893e40006c36820186fe884ac1f0f485b5ee191c1a5ae3776e713b90d337ba695d7891ee9c913f362c795cae57e21a2dcc1017846a40c27ee2e5d6404e1180b442acd1fcf1fdcada99a00462377899dd911710e8363f7763a6d9302d560c4241b3fd4507f927d15ab2585a16344e2e8e3014bb6772ae9f69e9074cf59d75d5e6f6e3bbc46e23b04c338a681c243b33891a27ca948bed567fe3", 0xe4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000046)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
sendfile(r1, r0, &(0x7f00000003c0)=0x4, 0x40)
bind$802154_raw(r1, &(0x7f0000000000)={0x24, @none={0x0, 0xffff}}, 0x14)
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)

05:51:05 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0xc07f, 0x0)

05:51:05 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x246f80, 0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$EXT4_IOC_GET_ES_CACHE(r2, 0xc020662a, &(0x7f0000000080)=ANY=[@ANYBLOB="40950000000000000700000000000000"])
sendfile(r0, r1, 0x0, 0xaa80)
ioctl$TCXONC(r0, 0x540a, 0x3)
r3 = dup3(r1, r2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELPRL(r1, 0x89f6, &(0x7f00000001c0)={'syztnl1\x00', &(0x7f0000000140)={'ip6tnl0\x00', <r4=>0x0, 0x4, 0xfd, 0x1, 0x3, 0xa, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private2, 0x700, 0x40, 0x4000cef, 0x273a5a0c}})
r5 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r5, &(0x7f0000000040)=""/156, 0x9c, 0x2)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0, <r6=>0x0}, &(0x7f0000000040)=0x5)
setuid(r6)
statx(r3, &(0x7f00000004c0)='./file0\x00', 0x0, 0x8, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0})
stat(&(0x7f0000000600)='./file0\x00', &(0x7f0000000640))
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000340)='system.posix_acl_default\x00', &(0x7f00000006c0)={{}, {0x1, 0x4}, [{}, {0x2, 0x4}, {0x2, 0x4, 0xee00}, {0x2, 0x2, r6}, {0x2, 0x7, 0xffffffffffffffff}], {0x4, 0x2}, [{0x8, 0x6, r7}, {0x8, 0x5}], {0x10, 0x7}, {0x20, 0x4}}, 0x5c, 0x2)
ioctl$AUTOFS_IOC_SETTIMEOUT(r5, 0x80049367, &(0x7f0000000300)=0x3)
sendmsg$BATADV_CMD_GET_GATEWAYS(r3, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x3c, 0x0, 0x4, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r4}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x7}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x8}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x8)
ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000)=0x1)
ioctl$TCSETSF2(r1, 0x5437, 0x0)

05:51:05 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_features={{0xb, 0xb}, {0x0, 0x0, "5c2387b3abf58f4f"}}}, 0xe)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x4, 0x0, 0x411}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x13}, @hci_ev_le_conn_complete={{}, {0x8, 0xc9, 0x40, 0x1, @any, 0x8, 0x7ff, 0x5, 0x9}}}}, 0x16)
syz_emit_vhci(&(0x7f00000002c0)=ANY=[], 0x7)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000005c0)=@HCI_SCODATA_PKT={0x3, {0x0, 0x50}, "2bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566b3336d7090da483b85a7eff476ae95f6fe07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c24"}, 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="02c91014001000050017000ce4bd85cf500772f10001800400ccc3cf49b6000300"], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_blocks={{0x48, 0xf}, {0x8, 0x2, [{0xc8, 0x8001, 0x2}, {0xc8, 0x3, 0x3f}]}}}, 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f00000001c0), 0x1fb, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYRES16=r1], 0xf)
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="03c9008cb85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6be884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf219734e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3000000000000"], 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

05:51:05 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x8cffffff, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:51:05 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
r1 = shmget$private(0x0, 0x1000, 0x80, &(0x7f00007cd000/0x1000)=nil)
r2 = shmat(r1, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(r2)
remap_file_pages(&(0x7f000098e000/0x3000)=nil, 0x3000, 0x3, 0x401, 0x100)
shmdt(r2)

05:51:05 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 55)

[  898.163117] audit: type=1326 audit(1755409865.510:115): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7517 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
[  898.183693] 9p: Unknown access argument 18446744073709551615: -34
05:51:05 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x97ffffff, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:51:05 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 56)

[  898.234427] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  898.235319] CPU: 1 UID: 0 PID: 7515 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  898.235336] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  898.235343] Call Trace:
[  898.235347]  <TASK>
[  898.235352]  dump_stack_lvl+0xfa/0x120
[  898.235375]  dump_header+0x107/0x950
[  898.235395]  oom_kill_process+0x278/0xa00
[  898.235412]  out_of_memory+0x34b/0x1690
[  898.235433]  ? __pfx_out_of_memory+0x10/0x10
[  898.235454]  mem_cgroup_out_of_memory+0x164/0x190
[  898.235472]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  898.235494]  ? mark_held_locks+0x49/0x80
[  898.235511]  try_charge_memcg+0x81f/0xf30
[  898.235532]  ? __pfx_try_charge_memcg+0x10/0x10
[  898.235553]  charge_memcg+0x7b/0x290
[  898.235568]  __mem_cgroup_charge+0x28/0x90
[  898.235585]  do_wp_page+0x58c/0x3240
[  898.235605]  ? __pfx_do_wp_page+0x10/0x10
[  898.235620]  ? do_raw_spin_lock+0x123/0x260
[  898.235635]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  898.235650]  ? ___pte_offset_map+0x176/0x370
[  898.235667]  __handle_mm_fault+0xde1/0x3030
[  898.235681]  ? reacquire_held_locks+0xd1/0x200
[  898.235694]  ? lock_vma_under_rcu+0x11e/0x530
[  898.235714]  ? __pfx___handle_mm_fault+0x10/0x10
[  898.235731]  ? lock_vma_under_rcu+0x17b/0x530
[  898.235757]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  898.235781]  handle_mm_fault+0x2c3/0x900
[  898.235796]  ? access_error+0x17d/0x380
[  898.235813]  do_user_addr_fault+0x4fa/0xeb0
[  898.235831]  exc_page_fault+0xb0/0x180
[  898.235844]  asm_exc_page_fault+0x26/0x30
[  898.235857] RIP: 0033:0x7ff98baf5d30
[  898.235867] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[  898.235879] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[  898.235889] RAX: 000000000da4c98d RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[  898.235897] RDX: 0000001b2cf2007c RSI: ffffffff812c80c8 RDI: 0000000000000000
[  898.235905] RBP: 0000000000000001 R08: 000000000da4c98d R09: 0000001b2cf2001c
[  898.235912] R10: 000000000000098d R11: 000000000da4c991 R12: 0000000000000017
[  898.235919] R13: 00007ff98bc4f000 R14: ffffffff812c80c8 R15: 00007ff98bc5aff0
[  898.235928]  ? x86_task_fpu+0x58/0xa0
[  898.235947]  ? x86_task_fpu+0x58/0xa0
[  898.235962]  </TASK>
[  898.252510] memory: usage 307200kB, limit 307200kB, failcnt 1862
[  898.253081] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  898.253544] Memory cgroup stats for /syz0:
[  898.277979] anon 135168
[  898.278536] file 312950784
[  898.278750] kernel 1486848
[  898.279090] kernel_stack 65536
[  898.279480] pagetables 147456
[  898.279732] sec_pagetables 0
[  898.280103] percpu 64
[  898.280303] sock 0
[  898.280598] vmalloc 0
[  898.280800] shmem 312950784
[  898.281170] file_mapped 0
[  898.281406] file_dirty 0
[  898.281609] file_writeback 0
[  898.282563] swapcached 0
[  898.282786] inactive_anon 306536448
[  898.283104] active_anon 6545408
[  898.283369] inactive_file 0
[  898.283606] active_file 0
[  898.283848] unevictable 0
[  898.284074] slab_reclaimable 948656
[  898.284371] slab_unreclaimable 339648
[  898.284682] slab 1288304
[  898.284918] workingset_refault_anon 0
[  898.285223] workingset_refault_file 1
[  898.285531] workingset_activate_anon 0
[  898.285856] workingset_activate_file 0
[  898.286166] workingset_restore_anon 0
[  898.286466] workingset_restore_file 0
[  898.286776] workingset_nodereclaim 0
[  898.287091] pgdemote_kswapd 0
[  898.287343] pgdemote_direct 0
[  898.287593] pgdemote_khugepaged 0
[  898.287888] pgdemote_proactive 0
[  898.288161] pgscan 801
[  898.288361] pgsteal 9
[  898.288556] pswpin 0
[  898.288749] pswpout 0
[  898.288965] pgscan_kswapd 0
[  898.289203] pgscan_direct 801
[  898.289460] pgscan_khugepaged 0
[  898.289724] pgscan_proactive 0
[  898.290000] pgsteal_kswapd 0
[  898.290245] pgsteal_direct 9
[  898.290484] pgsteal_khugepaged 0
[  898.290754] pgsteal_proactive 0
[  898.291037] pgfault 86468
[  898.291260] pgmajfault 0
[  898.291474] pgrefill 768
[  898.291689] pgactivate 3833
[  898.291939] pgdeactivate 768
[  898.292189] pglazyfree 0
[  898.292408] pglazyfreed 0
[  898.292629] swpin_zero 0
[  898.292858] swpout_zero 0
[  898.293091] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7515,uid=0
[  898.294255] Memory cgroup out of memory: Killed process 7515 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
05:51:05 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x2, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:51:05 executing program 5:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='net/llc/core\x00')
sendmsg$802154_raw(r0, &(0x7f0000000300)={&(0x7f0000000100), 0x14, &(0x7f00000002c0)={&(0x7f00000001c0)="171041b84b0557677ba256b44c26594e76a78704ce7ee9c4d22848b305f35814b28b9a79c47f9c836e3c23980a66728d84d222b792c3448653aa62c2fa8e64acabbaba4228bb538b0dbe53893e40006c36820186fe884ac1f0f485b5ee191c1a5ae3776e713b90d337ba695d7891ee9c913f362c795cae57e21a2dcc1017846a40c27ee2e5d6404e1180b442acd1fcf1fdcada99a00462377899dd911710e8363f7763a6d9302d560c4241b3fd4507f927d15ab2585a16344e2e8e3014bb6772ae9f69e9074cf59d75d5e6f6e3bbc46e23b04c338a681c243b33891a27ca948bed567fe3", 0xe4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000046)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
sendfile(r1, r0, &(0x7f00000003c0)=0x4, 0x40)
bind$802154_raw(r1, &(0x7f0000000000)={0x24, @none={0x0, 0xffff}}, 0x14)
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)

05:51:05 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xa5360f1d, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:51:05 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0x3000, 0x40, &(0x7f0000aad000/0x3000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
shmdt(r1)

05:51:05 executing program 3:
msgsnd(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="030066d2fd06e6554ea7b5fb0000"], 0x8, 0x0)
msgrcv(0x0, &(0x7f0000000100)={0x0, ""/156}, 0xa4, 0x1, 0x1800)
r0 = syz_open_dev$sg(&(0x7f0000002ac0), 0x0, 0x0)
ioctl$SG_GET_PACK_ID(r0, 0x2284, &(0x7f0000000000))
msgget$private(0x0, 0x110)

[  898.348370] FAULT_INJECTION: forcing a failure.
[  898.348370] name failslab, interval 1, probability 0, space 0, times 0
[  898.349759] CPU: 1 UID: 0 PID: 7535 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  898.349802] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  898.349830] Call Trace:
[  898.349841]  <TASK>
[  898.349851]  dump_stack_lvl+0xfa/0x120
[  898.349896]  should_fail_ex+0x4d7/0x5e0
[  898.349944]  should_failslab+0xc2/0x120
[  898.349986]  __kmalloc_node_track_caller_noprof+0xb8/0x490
[  898.350030]  ? kstrdup_const+0x57/0x80
[  898.350065]  ? kasan_save_stack+0x24/0x50
[  898.350089]  ? __kasan_kmalloc+0x7f/0x90
[  898.350118]  kstrdup+0x3e/0xc0
[  898.350155]  kstrdup_const+0x57/0x80
[  898.350192]  __kernfs_new_node+0x9c/0x870
[  898.350226]  ? __pfx___kernfs_new_node+0x10/0x10
[  898.350259]  ? lock_acquire+0x15e/0x2f0
[  898.350287]  ? kernfs_root+0x23/0x2a0
[  898.350311]  ? find_held_lock+0x2b/0x80
[  898.350346]  ? kernfs_root+0xee/0x2a0
[  898.350370]  ? lock_release+0xc8/0x290
[  898.350393]  ? lock_is_held_type+0x9e/0x120
[  898.350431]  kernfs_new_node+0x13c/0x1e0
[  898.350469]  kernfs_create_dir_ns+0x4d/0x1a0
[  898.350505]  sysfs_create_dir_ns+0x12a/0x2a0
[  898.350548]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  898.350586]  ? find_held_lock+0x2b/0x80
[  898.350625]  ? lock_release+0xc8/0x290
[  898.350653]  ? do_raw_spin_unlock+0x53/0x220
[  898.350689]  kobject_add_internal+0x24c/0x9a0
[  898.350733]  kobject_init_and_add+0x100/0x170
[  898.350773]  ? __pfx_kobject_init_and_add+0x10/0x10
[  898.350823]  ? up_write+0x195/0x520
[  898.350866]  sysfs_slab_add+0x172/0x210
[  898.350906]  do_kmem_cache_create+0x235/0x5a0
[  898.350951]  __kmem_cache_create_args+0x20f/0x360
[  898.350976]  ? p9_client_create+0xd52/0x11b0
[  898.351017]  p9_client_create+0xdfc/0x11b0
[  898.351064]  ? __pfx_p9_client_create+0x10/0x10
[  898.351113]  ? trace_kmalloc+0x1f/0xb0
[  898.351141]  ? legacy_get_tree+0x109/0x220
[  898.351171]  ? vfs_get_tree+0x93/0x340
[  898.351202]  ? lockdep_init_map_type+0x4b/0x240
[  898.351231]  ? __raw_spin_lock_init+0x3a/0x110
[  898.351272]  v9fs_session_init+0x1df/0x17a0
[  898.351303]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  898.351353]  ? find_held_lock+0x2b/0x80
[  898.351388]  ? __create_object+0x59/0x80
[  898.351419]  ? __pfx_v9fs_session_init+0x10/0x10
[  898.351448]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  898.351489]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  898.351530]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  898.351571]  ? __create_object+0x59/0x80
[  898.351603]  ? trace_kmalloc+0x1f/0xb0
[  898.351627]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[  898.351658]  ? cred_has_capability.isra.0+0x1be/0x2c0
[  898.351701]  v9fs_mount+0xbc/0x9e0
[  898.351738]  ? __pfx_v9fs_mount+0x10/0x10
[  898.351778]  ? cap_capable+0xdb/0x3b0
[  898.351810]  ? __pfx_v9fs_mount+0x10/0x10
[  898.351846]  legacy_get_tree+0x109/0x220
[  898.351883]  vfs_get_tree+0x93/0x340
[  898.351916]  path_mount+0x122f/0x1db0
[  898.351957]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  898.352001]  ? __pfx_path_mount+0x10/0x10
[  898.352041]  ? kmem_cache_free+0x2a1/0x460
[  898.352076]  ? putname.part.0+0x11b/0x160
[  898.352105]  ? getname_flags.part.0+0x1c6/0x540
[  898.352139]  ? putname.part.0+0x11b/0x160
[  898.352175]  __x64_sys_mount+0x27b/0x300
[  898.352215]  ? __pfx___x64_sys_mount+0x10/0x10
[  898.352271]  do_syscall_64+0xbf/0x360
[  898.352304]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  898.352332] RIP: 0033:0x7fdbea32eb19
[  898.352355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  898.352380] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  898.352407] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[  898.352425] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[  898.352441] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[  898.352457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  898.352473] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[  898.352517]  </TASK>
[  898.407496] kobject: kobject_add_internal failed for 9p-fcall-cache-83 (error: -12 parent: slab)
[  898.409104] SLUB: Unable to add cache 9p-fcall-cache-83 to sysfs
[  898.436536] 9p: Unknown access argument 18446744073709551615: -34
[  898.617081] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  898.618503] CPU: 0 UID: 0 PID: 7547 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  898.618534] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  898.618548] Call Trace:
[  898.618556]  <TASK>
[  898.618566]  dump_stack_lvl+0xfa/0x120
[  898.618597]  dump_header+0x107/0x950
[  898.618634]  oom_kill_process+0x278/0xa00
[  898.618667]  out_of_memory+0x34b/0x1690
[  898.618706]  ? __pfx_out_of_memory+0x10/0x10
[  898.618747]  mem_cgroup_out_of_memory+0x164/0x190
[  898.618781]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  898.618828]  ? mark_held_locks+0x49/0x80
[  898.618860]  try_charge_memcg+0x81f/0xf30
[  898.618901]  ? __pfx_try_charge_memcg+0x10/0x10
[  898.618940]  charge_memcg+0x7b/0x290
[  898.618967]  __mem_cgroup_charge+0x28/0x90
[  898.618998]  do_wp_page+0x58c/0x3240
[  898.619036]  ? __pfx_do_wp_page+0x10/0x10
[  898.619064]  ? do_raw_spin_lock+0x123/0x260
[  898.619091]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  898.619118]  ? ___pte_offset_map+0x176/0x370
[  898.619148]  __handle_mm_fault+0xde1/0x3030
[  898.619175]  ? reacquire_held_locks+0xd1/0x200
[  898.619197]  ? lock_vma_under_rcu+0x11e/0x530
[  898.619235]  ? __pfx___handle_mm_fault+0x10/0x10
[  898.619265]  ? lock_vma_under_rcu+0x17b/0x530
[  898.619314]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  898.619357]  handle_mm_fault+0x2c3/0x900
[  898.619385]  ? access_error+0x17d/0x380
[  898.619416]  do_user_addr_fault+0x4fa/0xeb0
[  898.619449]  exc_page_fault+0xb0/0x180
[  898.619474]  asm_exc_page_fault+0x26/0x30
[  898.619496] RIP: 0033:0x7ff98baf5d30
[  898.619514] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[  898.619536] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[  898.619554] RAX: 00000000d44b4167 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[  898.619570] RDX: 0000001b2cf20024 RSI: ffffffff819e8236 RDI: 0000000000000000
[  898.619584] RBP: 0000000000000001 R08: 00000000d44b4167 R09: 0000001b2cf2001c
[  898.619599] R10: 0000000000000167 R11: 00000000d44b416b R12: 0000000000000001
[  898.619613] R13: 00007ff98bc4f000 R14: ffffffff819e8236 R15: 00007ff98bc5aff0
[  898.619629]  ? __do_sys_mlockall+0x16/0x5c0
[  898.619672]  ? __do_sys_mlockall+0x16/0x5c0
[  898.619709]  </TASK>
[  898.649803] memory: usage 307200kB, limit 307200kB, failcnt 1897
[  898.650740] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  898.651650] Memory cgroup stats for /syz0:
[  898.652456] anon 110592
[  898.653513] file 312950784
[  898.653969] kernel 1511424
[  898.654384] kernel_stack 65536
[  898.654891] pagetables 151552
[  898.655357] sec_pagetables 0
[  898.655794] percpu 128
[  898.656180] sock 0
[  898.656497] vmalloc 0
[  898.656874] shmem 312950784
[  898.657291] file_mapped 0
[  898.657696] file_dirty 0
[  898.658124] file_writeback 0
[  898.658555] swapcached 0
[  898.658988] inactive_anon 306458624
[  898.659515] active_anon 6545408
[  898.660024] inactive_file 0
[  898.660448] active_file 0
[  898.660882] unevictable 0
[  898.661294] slab_reclaimable 948656
[  898.661813] slab_unreclaimable 359856
[  898.662389] slab 1308512
[  898.662768] workingset_refault_anon 0
[  898.663326] workingset_refault_file 1
[  898.663899] workingset_activate_anon 0
[  898.664441] workingset_activate_file 0
[  898.665009] workingset_restore_anon 0
[  898.665561] workingset_restore_file 0
[  898.666131] workingset_nodereclaim 0
[  898.666648] pgdemote_kswapd 0
[  898.667119] pgdemote_direct 0
[  898.667558] pgdemote_khugepaged 0
[  898.668079] pgdemote_proactive 0
[  898.668553] pgscan 801
[  898.668942] pgsteal 9
[  898.669288] pswpin 0
[  898.669632] pswpout 0
[  898.670013] pgscan_kswapd 0
[  898.670427] pgscan_direct 801
[  898.670902] pgscan_khugepaged 0
[  898.671367] pgscan_proactive 0
[  898.671813] pgsteal_kswapd 0
[  898.672309] pgsteal_direct 9
[  898.672751] pgsteal_khugepaged 0
[  898.673284] pgsteal_proactive 0
[  898.673759] pgfault 86509
[  898.674189] pgmajfault 0
[  898.674568] pgrefill 768
[  898.674980] pgactivate 3833
[  898.675396] pgdeactivate 768
[  898.675853] pglazyfree 0
[  898.676238] pglazyfreed 0
[  898.676624] swpin_zero 0
[  898.677055] swpout_zero 0
[  898.677459] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7547,uid=0
[  898.679509] Memory cgroup out of memory: Killed process 7547 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  898.994931] audit: type=1326 audit(1755409866.342:116): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7517 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:51:15 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0xcd03, 0x0)

05:51:15 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0x4000, 0x100, &(0x7f00005bd000/0x4000)=nil)
r1 = shmget$private(0x0, 0x5000, 0x0, &(0x7f0000ffb000/0x5000)=nil)
shmat(r1, &(0x7f0000ffb000/0x4000)=nil, 0x4000)
shmat(r1, &(0x7f0000ffe000/0x1000)=nil, 0x4000)
remap_file_pages(&(0x7f0000f60000/0x3000)=nil, 0x3000, 0x0, 0x1, 0x1000)
shmat(r1, &(0x7f0000ffd000/0x2000)=nil, 0x7000)
r2 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
mbind(&(0x7f0000e26000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000000000)=0xf4a, 0xffffffffffffff00, 0x1)
shmdt(r2)
msync(&(0x7f0000f5e000/0x4000)=nil, 0x4000, 0x7)

05:51:15 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xc0ed0000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:51:15 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x3, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:51:15 executing program 1:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000001580)={0x20, 0x10, 0x1, 0x0, 0x0, "", [@nested={0x10, 0x0, 0x0, 0x1, [@typed={0x4}, @typed={0x5, 0x0, 0x0, 0x0, @binary="e6"}]}]}, 0x20}], 0x1}, 0x0)
r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x80080, 0x0)
sendmsg$NFQNL_MSG_VERDICT_BATCH(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20010200}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x3, 0x3, 0x401, 0x0, 0x0, {0x5, 0x0, 0x4}, [@NFQA_MARK={0x8, 0x3, 0x1, 0x0, 0x7}, @NFQA_MARK={0x8, 0x3, 0x1, 0x0, 0x4}, @NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffb, 0x7}}, @NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffd, 0x9}}, @NFQA_MARK={0x8, 0x3, 0x1, 0x0, 0x1}]}, 0x44}}, 0x20000840)

05:51:15 executing program 5:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='net/llc/core\x00')
sendmsg$802154_raw(r0, &(0x7f0000000300)={&(0x7f0000000100), 0x14, &(0x7f00000002c0)={&(0x7f00000001c0)="171041b84b0557677ba256b44c26594e76a78704ce7ee9c4d22848b305f35814b28b9a79c47f9c836e3c23980a66728d84d222b792c3448653aa62c2fa8e64acabbaba4228bb538b0dbe53893e40006c36820186fe884ac1f0f485b5ee191c1a5ae3776e713b90d337ba695d7891ee9c913f362c795cae57e21a2dcc1017846a40c27ee2e5d6404e1180b442acd1fcf1fdcada99a00462377899dd911710e8363f7763a6d9302d560c4241b3fd4507f927d15ab2585a16344e2e8e3014bb6772ae9f69e9074cf59d75d5e6f6e3bbc46e23b04c338a681c243b33891a27ca948bed567fe3", 0xe4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000046)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
sendfile(r1, r0, &(0x7f00000003c0)=0x4, 0x40)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)

05:51:15 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 57)

05:51:15 executing program 3:
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0)
syz_emit_ethernet(0x5e, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "7437b8", 0x28, 0x6, 0x0, @private2, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, {[@nop, @mptcp=@mp_join={0x1d, 0x3}, @fastopen={0x22, 0x3, '@'}, @timestamp={0x8, 0xa}]}}}}}}}}, 0x0)
syz_emit_ethernet(0x22, &(0x7f0000000080)={@broadcast, @local, @val={@void, {0x8100, 0x6, 0x1, 0x2}}, {@can={0xc, {{0x4, 0x1, 0x0, 0x1}, 0x3, 0x0, 0x0, 0x0, "cb032d0097088130"}}}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000140)={@random="84b5e56b2bf5", @broadcast, @val={@void, {0x8100, 0x1, 0x1, 0x3}}, {@generic={0xd, "8bf9cdea061d35f378922cfb555fec2afe0f7ed0648e50fb601630f7cf332552317def9d"}}}, &(0x7f0000000180)={0x0, 0x1, [0x163, 0xa10, 0xc0b, 0x22f]})
syz_emit_ethernet(0x26, &(0x7f00000000c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @random="c7cc519a7dee", @val={@val={0x9100, 0x2, 0x0, 0x4}, {0x8100, 0x7, 0x0, 0x4}}, {@can={0xc, {{}, 0x4, 0x2, 0x0, 0x0, "3561ca14489f6d7d"}}}}, 0x0)
ppoll(&(0x7f00000001c0), 0x0, &(0x7f0000000200)={0x77359400}, &(0x7f0000000240)={[0x1e6]}, 0x8)

05:51:15 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x4, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[  908.327704] 9p: Unknown access argument 18446744073709551615: -34
[  908.330935] audit: type=1326 audit(1755409875.674:117): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7560 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:51:15 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x5, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:51:15 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xc1180000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[  908.385450] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
05:51:15 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 58)

[  908.387204] CPU: 1 UID: 0 PID: 7559 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  908.387237] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  908.387257] Call Trace:
[  908.387266]  <TASK>
[  908.387276]  dump_stack_lvl+0xfa/0x120
[  908.387312]  dump_header+0x107/0x950
[  908.387350]  oom_kill_process+0x278/0xa00
[  908.387385]  out_of_memory+0x34b/0x1690
[  908.387422]  ? _raw_spin_unlock_irqrestore+0x22/0x50
[  908.387459]  ? __pfx_out_of_memory+0x10/0x10
[  908.387503]  mem_cgroup_out_of_memory+0x164/0x190
[  908.387538]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  908.387582]  ? mark_held_locks+0x49/0x80
[  908.387615]  try_charge_memcg+0x81f/0xf30
[  908.387655]  ? __pfx_try_charge_memcg+0x10/0x10
[  908.387696]  charge_memcg+0x7b/0x290
[  908.387725]  __mem_cgroup_charge+0x28/0x90
[  908.387757]  do_wp_page+0x58c/0x3240
[  908.387798]  ? __pfx_do_wp_page+0x10/0x10
[  908.387834]  ? do_raw_spin_lock+0x123/0x260
[  908.387863]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  908.387892]  ? ___pte_offset_map+0x176/0x370
[  908.387924]  __handle_mm_fault+0xde1/0x3030
[  908.387953]  ? reacquire_held_locks+0xd1/0x200
[  908.387977]  ? lock_vma_under_rcu+0x11e/0x530
[  908.388016]  ? __pfx___handle_mm_fault+0x10/0x10
[  908.388048]  ? lock_vma_under_rcu+0x17b/0x530
[  908.388101]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  908.388147]  handle_mm_fault+0x2c3/0x900
[  908.388178]  ? access_error+0x17d/0x380
[  908.388210]  do_user_addr_fault+0x4fa/0xeb0
[  908.388246]  exc_page_fault+0xb0/0x180
[  908.388271]  asm_exc_page_fault+0x26/0x30
[  908.388295] RIP: 0033:0x7ff98baf5d30
[  908.388314] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[  908.388337] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
05:51:15 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x6, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[  908.388357] RAX: 000000000da4c98d RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[  908.388373] RDX: 0000001b2cf2007c RSI: ffffffff812c80c8 RDI: 0000000000000000
[  908.388388] RBP: 0000000000000001 R08: 000000000da4c98d R09: 0000001b2cf2001c
[  908.388403] R10: 000000000000098d R11: 000000000da4c991 R12: 0000000000000017
[  908.388418] R13: 00007ff98bc4f000 R14: ffffffff812c80c8 R15: 00007ff98bc5aff0
[  908.388435]  ? x86_task_fpu+0x58/0xa0
[  908.388471]  ? x86_task_fpu+0x58/0xa0
[  908.388501]  </TASK>
[  908.422659] memory: usage 307200kB, limit 307200kB, failcnt 1934
[  908.423758] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  908.424758] Memory cgroup stats for /syz0:
[  908.436123] anon 135168
[  908.437394] file 312950784
[  908.437884] kernel 1486848
[  908.438361] kernel_stack 65536
[  908.438900] pagetables 147456
[  908.439392] sec_pagetables 0
[  908.439903] percpu 64
[  908.440296] sock 0
[  908.440661] vmalloc 0
[  908.441096] shmem 312950784
[  908.441575] file_mapped 0
[  908.442054] file_dirty 0
[  908.442506] file_writeback 0
[  908.443027] swapcached 0
[  908.443454] inactive_anon 306540544
[  908.444063] active_anon 6545408
[  908.444594] inactive_file 0
[  908.445083] active_file 0
[  908.445528] unevictable 0
[  908.446006] slab_reclaimable 948656
[  908.446578] slab_unreclaimable 339648
[  908.447202] slab 1288304
[  908.447636] workingset_refault_anon 0
05:51:15 executing program 5:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='net/llc/core\x00')
sendmsg$802154_raw(r0, &(0x7f0000000300)={&(0x7f0000000100), 0x14, &(0x7f00000002c0)={&(0x7f00000001c0)="171041b84b0557677ba256b44c26594e76a78704ce7ee9c4d22848b305f35814b28b9a79c47f9c836e3c23980a66728d84d222b792c3448653aa62c2fa8e64acabbaba4228bb538b0dbe53893e40006c36820186fe884ac1f0f485b5ee191c1a5ae3776e713b90d337ba695d7891ee9c913f362c795cae57e21a2dcc1017846a40c27ee2e5d6404e1180b442acd1fcf1fdcada99a00462377899dd911710e8363f7763a6d9302d560c4241b3fd4507f927d15ab2585a16344e2e8e3014bb6772ae9f69e9074cf59d75d5e6f6e3bbc46e23b04c338a681c243b33891a27ca948bed567fe3", 0xe4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000046)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)

[  908.448263] workingset_refault_file 1
[  908.448961] workingset_activate_anon 0
[  908.449581] workingset_activate_file 0
[  908.450256] workingset_restore_anon 0
[  908.450895] workingset_restore_file 0
[  908.451497] workingset_nodereclaim 0
[  908.452115] pgdemote_kswapd 0
[  908.452627] pgdemote_direct 0
[  908.453150] pgdemote_khugepaged 0
[  908.453704] pgdemote_proactive 0
[  908.454292] pgscan 801
[  908.454696] pgsteal 9
[  908.455124] pswpin 0
[  908.455510] pswpout 0
[  908.455938] pgscan_kswapd 0
[  908.456415] pgscan_direct 801
[  908.456951] pgscan_khugepaged 0
[  908.457480] pgscan_proactive 0
[  908.458031] pgsteal_kswapd 0
[  908.458512] pgsteal_direct 9
[  908.459018] pgsteal_khugepaged 0
[  908.459549] pgsteal_proactive 0
[  908.460088] pgfault 86562
[  908.460540] pgmajfault 0
[  908.461000] pgrefill 768
[  908.461427] pgactivate 3833
[  908.461916] pgdeactivate 768
[  908.462406] pglazyfree 0
[  908.462866] pglazyfreed 0
[  908.463304] swpin_zero 0
[  908.463724] swpout_zero 0
[  908.464200] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7559,uid=0
[  908.466512] Memory cgroup out of memory: Killed process 7559 (syz-executor.0) total-vm:93420kB, anon-rss:276kB, file-rss:35496kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  908.471086] 9p: Unknown access argument 18446744073709551615: -34
05:51:15 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xd00c0000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:51:15 executing program 1:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil)
shmat(r0, &(0x7f0000ffc000/0x1000)=nil, 0x4000)
r1 = shmget$private(0x0, 0x5000, 0x0, &(0x7f0000ffb000/0x5000)=nil)
shmat(r1, &(0x7f0000ffb000/0x4000)=nil, 0x4000)
shmat(r1, &(0x7f0000ffe000/0x1000)=nil, 0x4000)
shmat(r1, &(0x7f0000ffd000/0x2000)=nil, 0x3000)
r2 = shmat(r1, &(0x7f0000ffe000/0x2000)=nil, 0x2000)
shmdt(r2)
msync(&(0x7f0000fec000/0x14000)=nil, 0x14000, 0x6)

[  909.153751] audit: type=1326 audit(1755409876.501:118): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7560 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
[  917.679512] audit: type=1326 audit(1755409885.025:119): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7600 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:51:24 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0xd801, 0x0)

05:51:24 executing program 5:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
syz_open_procfs(0x0, &(0x7f0000000480)='net/llc/core\x00')
sendmsg$802154_raw(r0, &(0x7f0000000300)={&(0x7f0000000100), 0x14, &(0x7f00000002c0)={&(0x7f00000001c0)="171041b84b0557677ba256b44c26594e76a78704ce7ee9c4d22848b305f35814b28b9a79c47f9c836e3c23980a66728d84d222b792c3448653aa62c2fa8e64acabbaba4228bb538b0dbe53893e40006c36820186fe884ac1f0f485b5ee191c1a5ae3776e713b90d337ba695d7891ee9c913f362c795cae57e21a2dcc1017846a40c27ee2e5d6404e1180b442acd1fcf1fdcada99a00462377899dd911710e8363f7763a6d9302d560c4241b3fd4507f927d15ab2585a16344e2e8e3014bb6772ae9f69e9074cf59d75d5e6f6e3bbc46e23b04c338a681c243b33891a27ca948bed567fe3", 0xe4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000046)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)

05:51:24 executing program 3:
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000002200), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r3, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r4 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_ADD(r1, 0x4c80, r4)
dup3(0xffffffffffffffff, r0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000040)='net/softnet_stat\x00')
dup3(r5, 0xffffffffffffffff, 0x80000)
syz_open_procfs(0x0, &(0x7f0000000040)='net/softnet_stat\x00')
creat(&(0x7f0000000080)='./file0\x00', 0x0)

05:51:24 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xee060400, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:51:24 executing program 1:
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'batadv0\x00', <r0=>0x0})
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'wg1\x00', <r1=>0x0})
r2 = socket$packet(0x11, 0x2, 0x300)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r4=>0x0})
setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000100)={r4, 0x1, 0x6, @multicast}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000005c0)={'ip6tnl0\x00', &(0x7f0000000540)={'ip6_vti0\x00', <r5=>0x0, 0x2f, 0x1c, 0x80, 0x1, 0x34, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x700, 0x80, 0x1ff, 0x8}})
r6 = socket$packet(0x11, 0x2, 0x300)
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r8=>0x0})
setsockopt$packet_add_memb(r6, 0x107, 0x1, &(0x7f0000000100)={r8, 0x1, 0x6, @multicast}, 0x10)
r9 = socket$packet(0x11, 0x2, 0x300)
r10 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r11=>0x0})
setsockopt$packet_add_memb(r9, 0x107, 0x1, &(0x7f0000000100)={r11, 0x1, 0x6, @multicast}, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000880)={&(0x7f0000000600)={0x258, 0x0, 0x309, 0x70bd28, 0x25dfdbfb, {}, [@HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6erspan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}]}, 0x258}}, 0x20040884)
r12 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r13 = syz_open_dev$vcsu(&(0x7f0000000480), 0x100, 0x0)
bind$bt_sco(r13, &(0x7f00000004c0), 0x8)
getsockopt$inet_IP_IPSEC_POLICY(r12, 0x0, 0x10, &(0x7f0000000140)={{{@in6=@initdev, @in=@local}}, {{@in6=@mcast1}, 0x0, @in=@empty}}, &(0x7f0000000000)=0xb8)

05:51:24 executing program 0:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x404283, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000880)={<r2=>0x0, "68524d38cd6f227b73dca61addd86ab0"})
ioctl$BTRFS_IOC_SNAP_CREATE_V2(r1, 0x50009417, &(0x7f0000001880)={{r0}, 0x0, 0x6, @inherit={0x58, &(0x7f0000000800)={0x1, 0x2, 0x3, 0x10000, {0x22, 0xd8, 0x1, 0x9, 0x7}, [0x8, 0x5]}}, @devid=r2})
sendto(r0, &(0x7f0000000040)="f1d4ac4259e0872629652506679b2d168e69ec84afb8fd11b36a220d8eed59c695988bf5213cf6a70dab272c7b4aa9c4580414ab414ad5dab5bdf25a23df3d1abf91cf85f6d9ac4025c9880693bcb2783c4039ee8ccc88ef4c1745a418c646cdf7b0e535f74e60eba002e86b02543ca2d53c00625b35176bcbe7190f3607601263f14bfd11d6462085eec13b344095cc47627053739f89bc2c30846e605599d1f1c549ff62719862df7f390e4bc67bd2c541f9300dcb9994617c8baf078e68", 0xbf, 0x0, 0x0, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000002980)={'geneve1\x00'})
mlockall(0x2)
r3 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r4 = shmat(r3, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
move_pages(0xffffffffffffffff, 0x5, &(0x7f0000000740)=[&(0x7f0000ff9000/0x4000)=nil, &(0x7f0000fd4000/0x2000)=nil, &(0x7f000090c000/0x3000)=nil, &(0x7f00008c2000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil], &(0x7f0000000780)=[0x8, 0x101, 0x800, 0x80000000], &(0x7f00000007c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6)
mlockall(0x1)
shmdt(r4)
r5 = shmget$private(0x0, 0x5000, 0x0, &(0x7f0000ffb000/0x5000)=nil)
shmat(r5, &(0x7f0000ffb000/0x4000)=nil, 0x4000)
sendmsg$FOU_CMD_GET(r0, &(0x7f0000002940)={&(0x7f0000002880)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000002900)={&(0x7f00000028c0)={0x1c, 0x0, 0x100, 0x70bd2d, 0x25dfdbfb, {}, [@FOU_ATTR_LOCAL_V4={0x8, 0x6, @multicast1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4c014}, 0x24004000)
shmat(r5, &(0x7f0000ffe000/0x1000)=nil, 0x4000)
shmat(r5, &(0x7f0000797000/0x8000)=nil, 0x6000)
recvmsg(r0, &(0x7f0000000700)={&(0x7f0000000100), 0x80, &(0x7f0000000580)=[{&(0x7f0000000180)=""/167, 0xa7}, {&(0x7f0000000240)=""/56, 0x38}, {&(0x7f0000000280)=""/216, 0xd8}, {&(0x7f0000000380)=""/86, 0x56}, {&(0x7f0000000400)=""/39, 0x27}, {&(0x7f0000000440)=""/221, 0xdd}, {&(0x7f0000000540)=""/49, 0x31}], 0x7, &(0x7f0000000600)=""/217, 0xd9}, 0x40002043)

05:51:24 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 59)

05:51:24 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x7, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[  917.705484] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  917.706420] CPU: 1 UID: 0 PID: 7597 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  917.706437] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  917.706445] Call Trace:
[  917.706450]  <TASK>
[  917.706455]  dump_stack_lvl+0xfa/0x120
[  917.706477]  dump_header+0x107/0x950
[  917.706499]  oom_kill_process+0x278/0xa00
[  917.706517]  out_of_memory+0x34b/0x1690
[  917.706538]  ? __pfx_out_of_memory+0x10/0x10
[  917.706573]  mem_cgroup_out_of_memory+0x164/0x190
[  917.706592]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  917.706614]  ? mark_held_locks+0x49/0x80
[  917.706631]  try_charge_memcg+0x81f/0xf30
[  917.706652]  ? __pfx_try_charge_memcg+0x10/0x10
[  917.706673]  charge_memcg+0x7b/0x290
[  917.706688]  __mem_cgroup_charge+0x28/0x90
[  917.706705]  do_wp_page+0x58c/0x3240
[  917.706727]  ? __pfx_do_wp_page+0x10/0x10
[  917.706742]  ? do_raw_spin_lock+0x123/0x260
[  917.706757]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  917.706772]  ? ___pte_offset_map+0x176/0x370
[  917.706790]  __handle_mm_fault+0xde1/0x3030
[  917.706805]  ? reacquire_held_locks+0xd1/0x200
[  917.706821]  ? lock_vma_under_rcu+0x11e/0x530
[  917.706842]  ? __pfx___handle_mm_fault+0x10/0x10
[  917.706858]  ? lock_vma_under_rcu+0x17b/0x530
[  917.706884]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  917.706909]  handle_mm_fault+0x2c3/0x900
[  917.706925]  ? access_error+0x17d/0x380
[  917.706942]  do_user_addr_fault+0x4fa/0xeb0
[  917.706960]  exc_page_fault+0xb0/0x180
[  917.706974]  asm_exc_page_fault+0x26/0x30
[  917.706987] RIP: 0033:0x7ff98baf5d30
[  917.706997] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[  917.707010] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[  917.707021] RAX: 000000005c0944e4 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[  917.707029] RDX: 0000001b2cf20034 RSI: ffffffff81b3abfd RDI: 0000000000000000
[  917.707038] RBP: 0000000000000001 R08: 000000005c0944e4 R09: 0000001b2cf2001c
[  917.707046] R10: 00000000000004e4 R11: 000000005c0944e8 R12: 0000000000000005
[  917.707053] R13: 00007ff98bc4f000 R14: ffffffff81b3abfd R15: 00007ff98bc5aff0
[  917.707062]  ? build_open_flags+0x1d/0x760
[  917.707083]  ? build_open_flags+0x1d/0x760
[  917.707098]  </TASK>
[  917.723390] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  917.723885] memory: usage 307200kB, limit 307200kB, failcnt 1954
[  917.725685] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  917.726274] Memory cgroup stats for /syz0:
[  917.762796] anon 126976
[  917.763430] file 312950784
[  917.763666] kernel 1495040
[  917.763930] kernel_stack 65536
[  917.764195] pagetables 155648
[  917.764453] sec_pagetables 0
[  917.764701] percpu 64
[  917.764923] sock 0
[  917.765105] vmalloc 0
[  917.765306] shmem 312950784
[  917.765545] file_mapped 0
[  917.765770] file_dirty 0
[  917.766065] file_writeback 0
[  917.766320] swapcached 0
[  917.766537] inactive_anon 306532352
[  917.766860] active_anon 6545408
[  917.767135] inactive_file 0
[  917.767374] active_file 0
[  917.767602] unevictable 0
[  917.767863] slab_reclaimable 948656
[  917.768164] slab_unreclaimable 340032
[  917.768470] slab 1288688
[  917.768690] workingset_refault_anon 0
[  917.769020] workingset_refault_file 1
[  917.769330] workingset_activate_anon 0
[  917.769642] workingset_activate_file 0
[  917.769976] workingset_restore_anon 0
[  917.770280] workingset_restore_file 0
[  917.770591] workingset_nodereclaim 0
[  917.770911] pgdemote_kswapd 0
[  917.771163] pgdemote_direct 0
[  917.771415] pgdemote_khugepaged 0
[  917.771692] pgdemote_proactive 0
[  917.771985] pgscan 801
[  917.772196] pgsteal 9
[  917.772396] pswpin 0
[  917.772589] pswpout 0
[  917.772790] pgscan_kswapd 0
[  917.773055] pgscan_direct 801
[  917.773311] pgscan_khugepaged 0
[  917.773577] pgscan_proactive 0
[  917.773861] pgsteal_kswapd 0
[  917.774111] pgsteal_direct 9
[  917.774360] pgsteal_khugepaged 0
[  917.774641] pgsteal_proactive 0
[  917.774926] pgfault 86610
[  917.775153] pgmajfault 0
[  917.775371] pgrefill 768
[  917.775592] pgactivate 3833
[  917.775850] pgdeactivate 768
[  917.776099] pglazyfree 0
[  917.776315] pglazyfreed 0
[  917.776541] swpin_zero 0
[  917.776755] swpout_zero 0
[  917.777003] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7597,uid=0
[  917.778202] Memory cgroup out of memory: Killed process 7597 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
[  917.779905] 9p: Unknown access argument 18446744073709551615: -34
[  917.796794] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
05:51:25 executing program 5:
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
syz_open_procfs(0x0, &(0x7f0000000480)='net/llc/core\x00')
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

05:51:25 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xef060400, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[  917.826945] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  917.849481] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
05:51:25 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x8, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:51:25 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 60)

05:51:25 executing program 5:
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

05:51:25 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
shmdt(r1)
shmget$private(0x0, 0x2000, 0x200, &(0x7f0000783000/0x2000)=nil)

05:51:25 executing program 1:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/raw\x00')
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f00000001c0))
pread64(r0, &(0x7f0000000300)=""/206, 0xffffffffffffff5b, 0x40000000000000)

[  917.961498] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  917.962341] CPU: 1 UID: 0 PID: 7627 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  917.962360] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  917.962370] Call Trace:
[  917.962376]  <TASK>
[  917.962381]  dump_stack_lvl+0xfa/0x120
[  917.962403]  dump_header+0x107/0x950
[  917.962425]  oom_kill_process+0x278/0xa00
[  917.962444]  out_of_memory+0x34b/0x1690
[  917.962467]  ? __pfx_out_of_memory+0x10/0x10
[  917.962490]  mem_cgroup_out_of_memory+0x164/0x190
[  917.962510]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  917.962533]  ? mark_held_locks+0x49/0x80
[  917.962552]  try_charge_memcg+0x81f/0xf30
[  917.962582]  ? __pfx_try_charge_memcg+0x10/0x10
[  917.962604]  charge_memcg+0x7b/0x290
[  917.962620]  __mem_cgroup_charge+0x28/0x90
[  917.962637]  do_wp_page+0x58c/0x3240
[  917.962660]  ? __pfx_do_wp_page+0x10/0x10
[  917.962675]  ? do_raw_spin_lock+0x123/0x260
[  917.962691]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  917.962706]  ? ___pte_offset_map+0x176/0x370
[  917.962725]  __handle_mm_fault+0xde1/0x3030
[  917.962740]  ? reacquire_held_locks+0xd1/0x200
[  917.962753]  ? lock_vma_under_rcu+0x11e/0x530
[  917.962775]  ? __pfx___handle_mm_fault+0x10/0x10
[  917.962791]  ? lock_vma_under_rcu+0x17b/0x530
[  917.962822]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  917.962849]  handle_mm_fault+0x2c3/0x900
[  917.962865]  ? access_error+0x17d/0x380
[  917.962883]  do_user_addr_fault+0x4fa/0xeb0
[  917.962901]  exc_page_fault+0xb0/0x180
[  917.962916]  asm_exc_page_fault+0x26/0x30
[  917.962929] RIP: 0033:0x7ff98baf5d30
[  917.962939] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[  917.962952] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[  917.962963] RAX: 00000000d44b4167 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[  917.962971] RDX: 0000001b2cf20024 RSI: ffffffff819e8236 RDI: 0000000000000000
[  917.962979] RBP: 0000000000000001 R08: 00000000d44b4167 R09: 0000001b2cf2001c
[  917.962987] R10: 0000000000000167 R11: 00000000d44b416b R12: 0000000000000001
[  917.962995] R13: 00007ff98bc4f000 R14: ffffffff819e8236 R15: 00007ff98bc5aff0
[  917.963004]  ? __do_sys_mlockall+0x16/0x5c0
[  917.963028]  ? __do_sys_mlockall+0x16/0x5c0
[  917.963049]  </TASK>
[  917.980506] memory: usage 307200kB, limit 307200kB, failcnt 1989
[  917.981035] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
05:51:25 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xf5000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[  917.981526] Memory cgroup stats for /syz0:
[  918.012550] anon 110592
[  918.013409] file 312950784
[  918.013669] kernel 1511424
[  918.013925] kernel_stack 65536
[  918.014188] pagetables 151552
[  918.014447] sec_pagetables 0
[  918.014703] percpu 128
[  918.014932] sock 0
[  918.015116] vmalloc 0
[  918.015318] shmem 312950784
[  918.015556] file_mapped 0
[  918.015786] file_dirty 0
[  918.016026] file_writeback 0
[  918.016276] swapcached 0
[  918.016494] inactive_anon 306515968
[  918.016786] active_anon 6545408
[  918.017074] inactive_file 0
[  918.017315] active_file 0
[  918.017550] unevictable 0
[  918.017777] slab_reclaimable 948656
[  918.018094] slab_unreclaimable 359856
[  918.018397] slab 1308512
[  918.018621] workingset_refault_anon 0
[  918.018945] workingset_refault_file 1
[  918.019254] workingset_activate_anon 0
[  918.019577] workingset_activate_file 0
[  918.019914] workingset_restore_anon 0
[  918.020221] workingset_restore_file 0
[  918.020522] workingset_nodereclaim 0
[  918.020842] pgdemote_kswapd 0
[  918.021096] pgdemote_direct 0
[  918.021363] pgdemote_khugepaged 0
[  918.021648] pgdemote_proactive 0
[  918.021942] pgscan 801
[  918.022157] pgsteal 9
[  918.022353] pswpin 0
[  918.022545] pswpout 0
[  918.022756] pgscan_kswapd 0
[  918.023017] pgscan_direct 801
[  918.023279] pgscan_khugepaged 0
[  918.023546] pgscan_proactive 0
[  918.023808] pgsteal_kswapd 0
[  918.024076] pgsteal_direct 9
[  918.024327] pgsteal_khugepaged 0
[  918.024602] pgsteal_proactive 0
[  918.024893] pgfault 86651
[  918.025127] pgmajfault 0
[  918.025350] pgrefill 768
[  918.025574] pgactivate 3833
[  918.025811] pgdeactivate 768
[  918.026086] pglazyfree 0
[  918.026306] pglazyfreed 0
[  918.026533] swpin_zero 0
[  918.026761] swpout_zero 0
[  918.027013] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7627,uid=0
[  918.028204] Memory cgroup out of memory: Killed process 7627 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  918.066322] 9p: Unknown access argument 18446744073709551615: -34
[  918.511962] audit: type=1326 audit(1755409885.859:120): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7600 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:51:35 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

05:51:35 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
shmdt(r1)
r2 = shmget$private(0x0, 0x4000, 0x100, &(0x7f000085e000/0x4000)=nil)
shmat(r2, &(0x7f00006ef000/0x3000)=nil, 0x2000)

05:51:35 executing program 3:
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000002200), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r3, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r4 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_ADD(r1, 0x4c80, r4)
dup3(0xffffffffffffffff, r0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000040)='net/softnet_stat\x00')
dup3(r5, 0xffffffffffffffff, 0x80000)
syz_open_procfs(0x0, &(0x7f0000000040)='net/softnet_stat\x00')
creat(&(0x7f0000000080)='./file0\x00', 0x0)

05:51:35 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xf6ffffff, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:51:35 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x9, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:51:35 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 61)

05:51:35 executing program 1:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r3=>0x0})
r4 = socket$packet(0x11, 0x2, 0x300)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r6=>0x0})
setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f0000000100)={r6, 0x1, 0x6, @multicast}, 0x10)
setsockopt$packet_add_memb(r4, 0x107, 0x2, &(0x7f0000000180)={r3, 0x1, 0x6, @multicast}, 0x10)
setsockopt$inet6_mreq(r1, 0x29, 0x15, &(0x7f0000000000)={@remote, r3}, 0x14)
sendmmsg$inet6(r0, &(0x7f0000001ec0)=[{{&(0x7f0000000040)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c, 0x0}}, {{&(0x7f00000005c0)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c, 0x0, 0x0, &(0x7f00000006c0)=[@pktinfo={{0x24, 0x29, 0x32, {@mcast2}}}], 0x28}}], 0x2, 0x0)

05:51:35 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0xe100, 0x0)

[  928.641168] audit: type=1326 audit(1755409895.986:121): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7648 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
[  928.682416] 9p: Unknown access argument 18446744073709551615: -34
[  928.687773] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  928.690068] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
05:51:36 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0xf, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[  928.712599] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  928.713509] CPU: 0 UID: 0 PID: 7645 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  928.713527] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  928.713535] Call Trace:
[  928.713540]  <TASK>
[  928.713545]  dump_stack_lvl+0xfa/0x120
[  928.713567]  dump_header+0x107/0x950
05:51:36 executing program 5:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

[  928.713587]  oom_kill_process+0x278/0xa00
[  928.713606]  out_of_memory+0x34b/0x1690
[  928.713630]  ? __pfx_out_of_memory+0x10/0x10
[  928.713653]  mem_cgroup_out_of_memory+0x164/0x190
[  928.713672]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  928.713694]  ? mark_held_locks+0x49/0x80
[  928.713711]  try_charge_memcg+0x81f/0xf30
[  928.713732]  ? __pfx_try_charge_memcg+0x10/0x10
[  928.713753]  charge_memcg+0x7b/0x290
[  928.713768]  __mem_cgroup_charge+0x28/0x90
[  928.713784]  do_wp_page+0x58c/0x3240
[  928.713805]  ? __pfx_do_wp_page+0x10/0x10
[  928.713824]  ? do_raw_spin_lock+0x123/0x260
[  928.713839]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  928.713853]  ? ___pte_offset_map+0x176/0x370
[  928.713870]  __handle_mm_fault+0xde1/0x3030
[  928.713885]  ? reacquire_held_locks+0xd1/0x200
[  928.713897]  ? lock_vma_under_rcu+0x11e/0x530
[  928.713918]  ? __pfx___handle_mm_fault+0x10/0x10
[  928.713935]  ? lock_vma_under_rcu+0x17b/0x530
[  928.713964]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  928.713988]  handle_mm_fault+0x2c3/0x900
[  928.714004]  ? access_error+0x17d/0x380
[  928.714021]  do_user_addr_fault+0x4fa/0xeb0
[  928.714039]  exc_page_fault+0xb0/0x180
[  928.714052]  asm_exc_page_fault+0x26/0x30
[  928.714066] RIP: 0033:0x7ff98baf5d30
[  928.714076] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[  928.714088] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[  928.714098] RAX: 000000000da4c98d RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[  928.714107] RDX: 0000001b2cf2007c RSI: ffffffff812c80c8 RDI: 0000000000000000
[  928.714115] RBP: 0000000000000001 R08: 000000000da4c98d R09: 0000001b2cf2001c
[  928.714122] R10: 000000000000098d R11: 000000000da4c991 R12: 0000000000000017
[  928.714130] R13: 00007ff98bc4f000 R14: ffffffff812c80c8 R15: 00007ff98bc5aff0
[  928.714139]  ? x86_task_fpu+0x58/0xa0
[  928.714159]  ? x86_task_fpu+0x58/0xa0
[  928.714174]  </TASK>
[  928.730985] memory: usage 307200kB, limit 307200kB, failcnt 2015
[  928.731467] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  928.732322] Memory cgroup stats for /syz0:
[  928.739548] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  928.741447] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
05:51:36 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xf9fdffff, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[  928.752123] anon 135168
[  928.752350] file 312950784
[  928.752577] kernel 1486848
[  928.752799] kernel_stack 65536
[  928.753244] pagetables 147456
[  928.753497] sec_pagetables 0
[  928.753737] percpu 64
[  928.754095] sock 0
[  928.754275] vmalloc 0
[  928.754471] shmem 312950784
[  928.754704] file_mapped 0
[  928.755038] file_dirty 0
[  928.755262] file_writeback 0
[  928.755500] swapcached 0
[  928.755713] inactive_anon 306540544
[  928.756057] active_anon 6545408
[  928.756318] inactive_file 0
[  928.756546] active_file 0
[  928.756764] unevictable 0
[  928.757017] slab_reclaimable 948656
[  928.757299] slab_unreclaimable 339648
[  928.757599] slab 1288304
[  928.757810] workingset_refault_anon 0
[  928.758131] workingset_refault_file 1
[  928.758440] workingset_activate_anon 0
[  928.758738] workingset_activate_file 0
[  928.759069] workingset_restore_anon 0
[  928.759373] workingset_restore_file 0
[  928.759673] workingset_nodereclaim 0
[  928.759986] pgdemote_kswapd 0
[  928.760233] pgdemote_direct 0
[  928.760483] pgdemote_khugepaged 0
[  928.760763] pgdemote_proactive 0
[  928.761056] pgscan 801
[  928.761265] pgsteal 9
[  928.761460] pswpin 0
[  928.761650] pswpout 0
[  928.761866] pgscan_kswapd 0
[  928.762097] pgscan_direct 801
[  928.762351] pgscan_khugepaged 0
[  928.762612] pgscan_proactive 0
[  928.762892] pgsteal_kswapd 0
[  928.763131] pgsteal_direct 9
[  928.763389] pgsteal_khugepaged 0
[  928.763659] pgsteal_proactive 0
[  928.763944] pgfault 86704
[  928.764161] pgmajfault 0
[  928.764381] pgrefill 768
[  928.764593] pgactivate 3833
[  928.764846] pgdeactivate 768
[  928.765087] pglazyfree 0
[  928.765302] pglazyfreed 0
[  928.765520] swpin_zero 0
[  928.765737] swpout_zero 0
[  928.765980] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7645,uid=0
[  928.767124] Memory cgroup out of memory: Killed process 7645 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
05:51:36 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 62)

05:51:36 executing program 5:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

05:51:36 executing program 1:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000380)={'fscrypt:', @desc4}, &(0x7f00000003c0)={0x0, "b1c79a2b430f7376ac8d7d5ed035f48ba8bad75589a8e51e72b360ef5456fd741eff998769f8b9c9b55adfd3f08b8955435d75520c03d8ab42b60d107b9ba479"}, 0x48, 0xffffffffffffffff)
keyctl$get_security(0x4, r0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2)

05:51:36 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
shmdt(r1)
shmat(r0, &(0x7f0000ffc000/0x2000)=nil, 0x2000)

05:51:36 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x300, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[  928.885599] FAULT_INJECTION: forcing a failure.
[  928.885599] name failslab, interval 1, probability 0, space 0, times 0
[  928.887231] CPU: 0 UID: 0 PID: 7672 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  928.887257] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  928.887266] Call Trace:
[  928.887271]  <TASK>
[  928.887277]  dump_stack_lvl+0xfa/0x120
[  928.887301]  should_fail_ex+0x4d7/0x5e0
[  928.887329]  ? __kernfs_new_node+0xd3/0x870
[  928.887342]  should_failslab+0xc2/0x120
[  928.887365]  kmem_cache_alloc_noprof+0x5f/0x3d0
[  928.887382]  ? perf_trace_run_bpf_submit+0xef/0x180
[  928.887413]  __kernfs_new_node+0xd3/0x870
[  928.887434]  ? __pfx___kernfs_new_node+0x10/0x10
[  928.887455]  ? lock_acquire+0x15e/0x2f0
[  928.887470]  ? kernfs_root+0x23/0x2a0
[  928.887483]  ? find_held_lock+0x2b/0x80
[  928.887503]  ? kernfs_root+0xee/0x2a0
[  928.887515]  ? lock_release+0xc8/0x290
[  928.887526]  ? lock_is_held_type+0x9e/0x120
[  928.887552]  kernfs_new_node+0x13c/0x1e0
[  928.887577]  __kernfs_create_file+0x55/0x360
[  928.887604]  sysfs_add_file_mode_ns+0x21c/0x440
[  928.887630]  ? __pfx_slab_attr_store+0x10/0x10
[  928.887656]  internal_create_group+0x571/0xeb0
[  928.887686]  ? __pfx_internal_create_group+0x10/0x10
[  928.887722]  sysfs_slab_add+0x188/0x210
[  928.887744]  do_kmem_cache_create+0x235/0x5a0
[  928.887769]  __kmem_cache_create_args+0x20f/0x360
[  928.887782]  ? p9_client_create+0xd52/0x11b0
[  928.887806]  p9_client_create+0xdfc/0x11b0
[  928.887846]  ? __pfx_p9_client_create+0x10/0x10
[  928.887882]  ? trace_kmalloc+0x1f/0xb0
[  928.887897]  ? legacy_get_tree+0x109/0x220
[  928.887912]  ? vfs_get_tree+0x93/0x340
[  928.887928]  ? lockdep_init_map_type+0x4b/0x240
[  928.887944]  ? __raw_spin_lock_init+0x3a/0x110
[  928.887970]  v9fs_session_init+0x1df/0x17a0
[  928.887987]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  928.888016]  ? find_held_lock+0x2b/0x80
[  928.888034]  ? __create_object+0x59/0x80
[  928.888052]  ? __pfx_v9fs_session_init+0x10/0x10
[  928.888065]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  928.888085]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  928.888106]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  928.888126]  ? __create_object+0x59/0x80
[  928.888144]  ? trace_kmalloc+0x1f/0xb0
[  928.888156]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[  928.888170]  ? cred_has_capability.isra.0+0x1be/0x2c0
[  928.888200]  v9fs_mount+0xbc/0x9e0
[  928.888220]  ? __pfx_v9fs_mount+0x10/0x10
[  928.888242]  ? cap_capable+0xdb/0x3b0
[  928.888261]  ? __pfx_v9fs_mount+0x10/0x10
[  928.888279]  legacy_get_tree+0x109/0x220
[  928.888301]  vfs_get_tree+0x93/0x340
[  928.888320]  path_mount+0x122f/0x1db0
[  928.888343]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  928.888366]  ? __pfx_path_mount+0x10/0x10
[  928.888386]  ? kmem_cache_free+0x2a1/0x460
[  928.888404]  ? putname.part.0+0x11b/0x160
[  928.888421]  ? getname_flags.part.0+0x1c6/0x540
[  928.888441]  ? putname.part.0+0x11b/0x160
[  928.888464]  __x64_sys_mount+0x27b/0x300
[  928.888485]  ? __pfx___x64_sys_mount+0x10/0x10
[  928.888522]  do_syscall_64+0xbf/0x360
[  928.888543]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  928.888558] RIP: 0033:0x7fdbea32eb19
[  928.888569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  928.888581] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  928.888594] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[  928.888603] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[  928.888611] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[  928.888619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  928.888627] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[  928.888663]  </TASK>
05:51:36 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xfbffffff, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:51:36 executing program 3:
timer_create(0x3, 0x0, &(0x7f0000000100)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000400)={{}, {0x0, 0x989680}}, 0x0)
timer_getoverrun(r0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)=ANY=[@ANYBLOB="010000400100000018000083", @ANYRES32=<r1=>0xffffffffffffffff, @ANYBLOB="05000000000000002e2f66696c653000"])
recvmsg$unix(r1, &(0x7f0000001700)={&(0x7f0000000040), 0x6e, &(0x7f00000015c0)=[{&(0x7f00000000c0)=""/65, 0x41}, {&(0x7f0000000140)=""/14, 0xe}, {&(0x7f0000000200)=""/125, 0x7d}, {&(0x7f0000000280)=""/27, 0x1b}, {&(0x7f00000002c0)=""/154, 0x9a}, {&(0x7f0000000380)=""/169, 0xa9}, {&(0x7f0000000440)=""/105, 0x69}, {&(0x7f00000004c0)=""/122, 0x7a}, {&(0x7f0000000540)=""/119, 0x77}, {&(0x7f00000005c0)=""/4096, 0x1000}], 0xa, &(0x7f0000001680)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0x78}, 0x40000021)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffff812093c0}, 0x0, 0x0, 0x0, 0x0, 0x100000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[  928.981698] SLUB: Unable to add cache 9p-fcall-cache-89 to sysfs
[  928.982412] 9p: Unknown access argument 18446744073709551615: -34
05:51:36 executing program 5:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

05:51:36 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 63)

[  929.106966] 9p: Unknown access argument 18446744073709551615: -34
[  929.136442] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  929.137247] CPU: 1 UID: 0 PID: 7680 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  929.137264] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  929.137272] Call Trace:
[  929.137277]  <TASK>
[  929.137282]  dump_stack_lvl+0xfa/0x120
[  929.137303]  dump_header+0x107/0x950
[  929.137323]  oom_kill_process+0x278/0xa00
[  929.137341]  out_of_memory+0x34b/0x1690
[  929.137361]  ? __pfx_out_of_memory+0x10/0x10
[  929.137384]  mem_cgroup_out_of_memory+0x164/0x190
[  929.137402]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  929.137424]  ? mark_held_locks+0x49/0x80
[  929.137441]  try_charge_memcg+0x81f/0xf30
[  929.137462]  ? __pfx_try_charge_memcg+0x10/0x10
[  929.137483]  charge_memcg+0x7b/0x290
[  929.137497]  __mem_cgroup_charge+0x28/0x90
[  929.137514]  do_wp_page+0x58c/0x3240
[  929.137535]  ? __pfx_do_wp_page+0x10/0x10
[  929.137550]  ? do_raw_spin_lock+0x123/0x260
[  929.137564]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  929.137579]  ? ___pte_offset_map+0x176/0x370
[  929.137596]  __handle_mm_fault+0xde1/0x3030
[  929.137610]  ? reacquire_held_locks+0xd1/0x200
[  929.137622]  ? lock_vma_under_rcu+0x11e/0x530
[  929.137643]  ? __pfx___handle_mm_fault+0x10/0x10
[  929.137659]  ? lock_vma_under_rcu+0x17b/0x530
[  929.137685]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  929.137709]  handle_mm_fault+0x2c3/0x900
[  929.137725]  ? access_error+0x17d/0x380
[  929.137742]  do_user_addr_fault+0x4fa/0xeb0
[  929.137760]  exc_page_fault+0xb0/0x180
[  929.137773]  asm_exc_page_fault+0x26/0x30
[  929.137786] RIP: 0033:0x7ff98baf5d30
[  929.137796] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[  929.137807] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[  929.137822] RAX: 00000000d44b4167 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[  929.137830] RDX: 0000001b2cf20024 RSI: ffffffff819e8236 RDI: 0000000000000000
[  929.137838] RBP: 0000000000000001 R08: 00000000d44b4167 R09: 0000001b2cf2001c
[  929.137845] R10: 0000000000000167 R11: 00000000d44b416b R12: 0000000000000001
[  929.137852] R13: 00007ff98bc4f000 R14: ffffffff819e8236 R15: 00007ff98bc5aff0
[  929.137861]  ? __do_sys_mlockall+0x16/0x5c0
[  929.137883]  ? __do_sys_mlockall+0x16/0x5c0
[  929.137903]  </TASK>
[  929.155365] memory: usage 307200kB, limit 307200kB, failcnt 2038
[  929.155964] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  929.156445] Memory cgroup stats for /syz0:
[  929.158548] anon 110592
[  929.159139] file 312950784
[  929.159410] kernel 1511424
[  929.159643] kernel_stack 65536
[  929.160072] pagetables 151552
[  929.160328] sec_pagetables 0
[  929.160571] percpu 128
[  929.160782] sock 0
[  929.160994] vmalloc 0
[  929.161205] shmem 312950784
[  929.161450] file_mapped 0
[  929.161679] file_dirty 0
[  929.161915] file_writeback 0
[  929.162191] swapcached 0
[  929.162417] inactive_anon 306515968
[  929.162718] active_anon 6545408
[  929.163022] inactive_file 0
[  929.163280] active_file 0
[  929.163517] unevictable 0
[  929.163747] slab_reclaimable 948656
[  929.164075] slab_unreclaimable 359856
[  929.164395] slab 1308512
[  929.164622] workingset_refault_anon 0
[  929.164950] workingset_refault_file 1
[  929.165271] workingset_activate_anon 0
[  929.165595] workingset_activate_file 0
[  929.165936] workingset_restore_anon 0
[  929.166268] workingset_restore_file 0
[  929.166585] workingset_nodereclaim 0
[  929.166931] pgdemote_kswapd 0
[  929.167195] pgdemote_direct 0
[  929.167472] pgdemote_khugepaged 0
[  929.167760] pgdemote_proactive 0
[  929.168077] pgscan 801
[  929.168294] pgsteal 9
[  929.168504] pswpin 0
[  929.168698] pswpout 0
[  929.168926] pgscan_kswapd 0
[  929.169185] pgscan_direct 801
[  929.169440] pgscan_khugepaged 0
[  929.169715] pgscan_proactive 0
[  929.170016] pgsteal_kswapd 0
[  929.170280] pgsteal_direct 9
[  929.170534] pgsteal_khugepaged 0
[  929.170811] pgsteal_proactive 0
[  929.171116] pgfault 86745
[  929.171360] pgmajfault 0
[  929.171590] pgrefill 768
[  929.171812] pgactivate 3833
[  929.172207] pgdeactivate 768
[  929.172463] pglazyfree 0
[  929.172691] pglazyfreed 0
[  929.172947] swpin_zero 0
[  929.173186] swpout_zero 0
[  929.173408] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7680,uid=0
[  929.174661] Memory cgroup out of memory: Killed process 7680 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  929.469099] audit: type=1326 audit(1755409896.816:122): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7648 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:51:45 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xfdfdffff, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:51:45 executing program 1:
r0 = syz_open_dev$rtc(&(0x7f0000000800), 0x0, 0x0)
ioctl$RTC_SET_TIME(r0, 0x40187014, &(0x7f0000000000)={0x0, 0x12})
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={<r1=>r0, 0x7, 0x100000000})
ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000080)={0x21, 0x4, 0xb, 0x1f, 0x5, 0x0, 0x3, 0x7d, 0xffffffffffffffff})

05:51:45 executing program 3:
ioctl$HIDIOCGCOLLECTIONINDEX(0xffffffffffffffff, 0x40184810, 0x0)
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200), 0x2000, 0x0)
pipe2(&(0x7f00000000c0), 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000040))
syz_open_pts(r1, 0x0)
ioctl$HIDIOCGDEVINFO(0xffffffffffffffff, 0x801c4803, &(0x7f0000000240)=""/243)
syz_open_pts(r1, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)

05:51:45 executing program 5:
perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

05:51:45 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x500, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:51:45 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 64)

05:51:45 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0xf07f, 0x0)

05:51:45 executing program 0:
ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201)
mlockall(0x2)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
shmdt(r1)

[  937.920026] FAULT_INJECTION: forcing a failure.
[  937.920026] name failslab, interval 1, probability 0, space 0, times 0
[  937.921016] CPU: 0 UID: 0 PID: 7703 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  937.921033] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  937.921040] Call Trace:
[  937.921046]  <TASK>
[  937.921051]  dump_stack_lvl+0xfa/0x120
[  937.921076]  should_fail_ex+0x4d7/0x5e0
[  937.921104]  ? __kernfs_new_node+0xd3/0x870
[  937.921116]  should_failslab+0xc2/0x120
[  937.921140]  kmem_cache_alloc_noprof+0x5f/0x3d0
[  937.921156]  ? perf_trace_run_bpf_submit+0xef/0x180
[  937.921188]  __kernfs_new_node+0xd3/0x870
[  937.921209]  ? __pfx___kernfs_new_node+0x10/0x10
[  937.921230]  ? lock_acquire+0x15e/0x2f0
[  937.921246]  ? kernfs_root+0x23/0x2a0
[  937.921259]  ? find_held_lock+0x2b/0x80
[  937.921278]  ? kernfs_root+0xee/0x2a0
[  937.921291]  ? lock_release+0xc8/0x290
[  937.921302]  ? lock_is_held_type+0x9e/0x120
[  937.921328]  kernfs_new_node+0x13c/0x1e0
[  937.921354]  __kernfs_create_file+0x55/0x360
[  937.921380]  sysfs_add_file_mode_ns+0x21c/0x440
[  937.921407]  ? __pfx_slab_attr_store+0x10/0x10
[  937.921433]  internal_create_group+0x571/0xeb0
[  937.921463]  ? __pfx_internal_create_group+0x10/0x10
[  937.921499]  sysfs_slab_add+0x188/0x210
[  937.921521]  do_kmem_cache_create+0x235/0x5a0
[  937.921547]  __kmem_cache_create_args+0x20f/0x360
[  937.921560]  ? p9_client_create+0xd52/0x11b0
[  937.921584]  p9_client_create+0xdfc/0x11b0
[  937.921615]  ? __pfx_p9_client_create+0x10/0x10
[  937.921648]  ? trace_kmalloc+0x1f/0xb0
[  937.921663]  ? legacy_get_tree+0x109/0x220
[  937.921678]  ? vfs_get_tree+0x93/0x340
[  937.921695]  ? lockdep_init_map_type+0x4b/0x240
[  937.921710]  ? __raw_spin_lock_init+0x3a/0x110
[  937.921737]  v9fs_session_init+0x1df/0x17a0
[  937.921753]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  937.921783]  ? find_held_lock+0x2b/0x80
[  937.921800]  ? __create_object+0x59/0x80
[  937.921822]  ? __pfx_v9fs_session_init+0x10/0x10
[  937.921836]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  937.921856]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  937.921877]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  937.921896]  ? __create_object+0x59/0x80
[  937.921915]  ? trace_kmalloc+0x1f/0xb0
[  937.921926]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[  937.921940]  ? cred_has_capability.isra.0+0x1be/0x2c0
[  937.921970]  v9fs_mount+0xbc/0x9e0
[  937.921990]  ? __pfx_v9fs_mount+0x10/0x10
[  937.922012]  ? cap_capable+0xdb/0x3b0
[  937.922032]  ? __pfx_v9fs_mount+0x10/0x10
[  937.922050]  legacy_get_tree+0x109/0x220
[  937.922072]  vfs_get_tree+0x93/0x340
[  937.922090]  path_mount+0x122f/0x1db0
[  937.922113]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  937.922137]  ? __pfx_path_mount+0x10/0x10
[  937.922157]  ? kmem_cache_free+0x2a1/0x460
[  937.922175]  ? putname.part.0+0x11b/0x160
[  937.922191]  ? getname_flags.part.0+0x1c6/0x540
[  937.922212]  ? putname.part.0+0x11b/0x160
[  937.922235]  __x64_sys_mount+0x27b/0x300
[  937.922256]  ? __pfx___x64_sys_mount+0x10/0x10
[  937.922294]  do_syscall_64+0xbf/0x360
[  937.922314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  937.922329] RIP: 0033:0x7fdbea32eb19
[  937.922340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  937.922353] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  937.922366] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[  937.922375] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[  937.922383] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[  937.922391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  937.922399] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[  937.922436]  </TASK>
[  937.966201] audit: type=1326 audit(1755409905.307:123): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7702 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:51:45 executing program 5:
perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

05:51:45 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xfdffffff, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:51:45 executing program 1:
move_pages(0x0, 0x0, &(0x7f0000000040), &(0x7f0000000000)=[0xffff369a, 0xc6], 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB="05000001000000002e2f66696c653000"])
syz_io_uring_setup(0x3c13, &(0x7f0000000080)={0x0, 0x8920, 0x20, 0x1, 0x8000, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140))

05:51:45 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x600, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[  938.037750] SLUB: Unable to add cache 9p-fcall-cache-91 to sysfs
05:51:45 executing program 5:
perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

[  938.045386] 9p: Unknown access argument 18446744073709551615: -34
05:51:45 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = syz_io_uring_complete(0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r3, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$TCXONC(r3, 0x540a, 0x1)
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000100), 0x88840, 0x0)
setsockopt$inet_tcp_buf(r4, 0x6, 0xb, &(0x7f0000000140)="5bbb39de836db45b17694656d0d1911ac3526c998b1a96e5483f5758377564a972d855ef371b30913ffaab7c42f06ab98838366e6d1f80a68f51d0fad6ae3bfb114cb08ff272aa0066e5c423412f9fa1080f81e531563f0232efc278e38011a8d89180a3e23a9d12480ee9500fc019", 0x6f)
ioctl$KDSETLED(r2, 0x4b32, 0x9)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000000)={0x1, 0x0, 0x1a, 0x0, 0x15f, &(0x7f00000003c0)})

05:51:45 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

[  938.135252] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  938.136729] CPU: 1 UID: 0 PID: 7700 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  938.136759] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  938.136772] Call Trace:
[  938.136780]  <TASK>
[  938.136788]  dump_stack_lvl+0xfa/0x120
[  938.136826]  dump_header+0x107/0x950
[  938.136867]  oom_kill_process+0x278/0xa00
[  938.136900]  out_of_memory+0x34b/0x1690
[  938.136938]  ? __pfx_out_of_memory+0x10/0x10
[  938.136978]  mem_cgroup_out_of_memory+0x164/0x190
[  938.137011]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  938.137052]  ? mark_held_locks+0x49/0x80
[  938.137082]  try_charge_memcg+0x81f/0xf30
[  938.137119]  ? __pfx_try_charge_memcg+0x10/0x10
[  938.137158]  charge_memcg+0x7b/0x290
[  938.137185]  __mem_cgroup_charge+0x28/0x90
[  938.137215]  do_wp_page+0x58c/0x3240
[  938.137253]  ? __pfx_do_wp_page+0x10/0x10
[  938.137280]  ? do_raw_spin_lock+0x123/0x260
[  938.137308]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  938.137334]  ? ___pte_offset_map+0x176/0x370
[  938.137365]  __handle_mm_fault+0xde1/0x3030
[  938.137391]  ? reacquire_held_locks+0xd1/0x200
[  938.137413]  ? lock_vma_under_rcu+0x11e/0x530
[  938.137451]  ? __pfx___handle_mm_fault+0x10/0x10
[  938.137481]  ? lock_vma_under_rcu+0x17b/0x530
[  938.137529]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  938.137573]  handle_mm_fault+0x2c3/0x900
[  938.137601]  ? access_error+0x17d/0x380
[  938.137631]  do_user_addr_fault+0x4fa/0xeb0
[  938.137663]  exc_page_fault+0xb0/0x180
[  938.137687]  asm_exc_page_fault+0x26/0x30
[  938.137709] RIP: 0033:0x7ff98baf5d30
[  938.137727] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[  938.137748] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[  938.137766] RAX: 000000005fdf9c67 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[  938.137781] RDX: 0000001b2cf20064 RSI: ffffffff812c81a7 RDI: 0000000000000000
[  938.137795] RBP: 0000000000000001 R08: 000000005fdf9c67 R09: 0000001b2cf2001c
[  938.137809] R10: 0000000000001c67 R11: 000000005fdf9c6b R12: 0000000000000011
[  938.137822] R13: 00007ff98bc4f000 R14: ffffffff812c81a7 R15: 00007ff98bc5aff0
[  938.137838]  ? fpregs_assert_state_consistent+0x87/0xd0
[  938.137875]  ? fpregs_assert_state_consistent+0x87/0xd0
[  938.137906]  </TASK>
[  938.168897] memory: usage 307200kB, limit 307200kB, failcnt 2063
[  938.169793] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  938.170702] Memory cgroup stats for /syz0:
[  938.180723] anon 135168
[  938.181977] file 312950784
[  938.182396] kernel 1486848
[  938.182809] kernel_stack 65536
[  938.183317] pagetables 147456
[  938.183777] sec_pagetables 0
[  938.184266] percpu 64
[  938.184634] sock 0
[  938.184995] vmalloc 0
[  938.185372] shmem 312950784
[  938.185802] file_mapped 0
[  938.186245] file_dirty 0
[  938.186641] file_writeback 0
[  938.187111] swapcached 0
[  938.187507] inactive_anon 306540544
[  938.188079] active_anon 6545408
[  938.188563] inactive_file 0
[  938.189026] active_file 0
[  938.189435] unevictable 0
[  938.189877] slab_reclaimable 948656
[  938.190404] slab_unreclaimable 339648
[  938.190995] slab 1288304
[  938.191392] workingset_refault_anon 0
[  938.191982] workingset_refault_file 1
[  938.192532] workingset_activate_anon 0
[  938.193131] workingset_activate_file 0
[  938.193714] workingset_restore_anon 0
[  938.194302] workingset_restore_file 0
[  938.194895] workingset_nodereclaim 0
[  938.195434] pgdemote_kswapd 0
[  938.195940] pgdemote_direct 0
[  938.196400] pgdemote_khugepaged 0
[  938.196943] pgdemote_proactive 0
[  938.197439] pgscan 801
[  938.197809] pgsteal 9
[  938.198207] pswpin 0
[  938.198556] pswpout 0
[  938.198955] pgscan_kswapd 0
[  938.199386] pgscan_direct 801
[  938.199888] pgscan_khugepaged 0
[  938.200372] pgscan_proactive 0
[  938.200886] pgsteal_kswapd 0
[  938.201334] pgsteal_direct 9
[  938.201778] pgsteal_khugepaged 0
[  938.202317] pgsteal_proactive 0
[  938.202804] pgfault 86798
[  938.203245] pgmajfault 0
[  938.203641] pgrefill 768
[  938.204077] pgactivate 3833
[  938.204512] pgdeactivate 768
[  938.204990] pglazyfree 0
[  938.205386] pglazyfreed 0
[  938.205790] swpin_zero 0
[  938.206220] swpout_zero 0
[  938.206631] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7700,uid=0
[  938.208753] Memory cgroup out of memory: Killed process 7700 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  938.758726] audit: type=1326 audit(1755409906.106:124): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7702 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:51:57 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xfeffffff, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:51:57 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

05:51:57 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 65)

05:51:57 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000040)={0xfe, 0x800, 0x1c, 0x6, 0x81, "848770da47e32a4b706dcffb520e15e3a09487", 0x7, 0x5})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0x1)
openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSF2(0xffffffffffffffff, 0x5423, &(0x7f0000000480)={0x550, 0x0, 0x0, 0x0, 0x4d, "158b41ff0214004b0300000000000000000002", 0xffffffff})
sync_file_range(r0, 0x3, 0x6, 0x0)

05:51:57 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0xfc7f, 0x0)

05:51:57 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x700, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:51:57 executing program 0:
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x408001}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x44, 0x0, 0x2, 0x70bd29, 0x25dfdbfe, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xffffffffffff0183}}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa1}, @IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0102}}]}, 0x44}}, 0x8000)
mlockall(0x2)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
shmdt(r1)

05:51:57 executing program 3:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
fsetxattr(r0, &(0x7f0000000000)=@random={'system.', '\x00'}, &(0x7f0000000040)='#\xa8-/+\\]\x9d\x00', 0x9, 0x1)
ioctl$TCGETS(r1, 0x5401, &(0x7f0000000180))

[  949.763114] audit: type=1326 audit(1755409917.110:125): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7737 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
[  949.792310] 9p: Unknown access argument 18446744073709551615: -34
05:51:57 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x900, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:51:57 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 66)

05:51:57 executing program 1:
syz_emit_ethernet(0x6e, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x38, 0x3a, 0x0, @remote, @mcast2, {[], @time_exceed={0x3, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "0cd222", 0x0, 0x88, 0x0, @rand_addr=' \x01\x00', @dev, [], "991d8f3d6e373680"}}}}}}}, 0x0)

05:51:57 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xfffdffff, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:51:57 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

[  949.875753] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  949.877435] CPU: 1 UID: 0 PID: 7744 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  949.877470] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  949.877485] Call Trace:
[  949.877494]  <TASK>
[  949.877505]  dump_stack_lvl+0xfa/0x120
[  949.877540]  dump_header+0x107/0x950
[  949.877581]  oom_kill_process+0x278/0xa00
[  949.877619]  out_of_memory+0x34b/0x1690
[  949.877662]  ? __pfx_out_of_memory+0x10/0x10
[  949.877709]  mem_cgroup_out_of_memory+0x164/0x190
[  949.877747]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  949.877794]  ? mark_held_locks+0x49/0x80
[  949.877836]  try_charge_memcg+0x81f/0xf30
[  949.877878]  ? __pfx_try_charge_memcg+0x10/0x10
[  949.877923]  charge_memcg+0x7b/0x290
[  949.877954]  __mem_cgroup_charge+0x28/0x90
[  949.877989]  do_wp_page+0x58c/0x3240
[  949.878032]  ? __pfx_do_wp_page+0x10/0x10
[  949.878064]  ? do_raw_spin_lock+0x123/0x260
[  949.878096]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  949.878127]  ? ___pte_offset_map+0x176/0x370
[  949.878161]  __handle_mm_fault+0xde1/0x3030
[  949.878193]  ? reacquire_held_locks+0xd1/0x200
[  949.878218]  ? lock_vma_under_rcu+0x11e/0x530
[  949.878261]  ? __pfx___handle_mm_fault+0x10/0x10
[  949.878296]  ? lock_vma_under_rcu+0x17b/0x530
[  949.878351]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  949.878401]  handle_mm_fault+0x2c3/0x900
[  949.878433]  ? access_error+0x17d/0x380
[  949.878467]  do_user_addr_fault+0x4fa/0xeb0
[  949.878505]  exc_page_fault+0xb0/0x180
[  949.878533]  asm_exc_page_fault+0x26/0x30
[  949.878558] RIP: 0033:0x7ff98baf5d30
[  949.878579] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[  949.878604] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[  949.878625] RAX: 00000000f4831754 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[  949.878643] RDX: 0000001b2cf20030 RSI: ffffffff81bd7e49 RDI: 0000000000000000
[  949.878660] RBP: 0000000000000001 R08: 00000000f4831754 R09: 0000001b2cf2001c
[  949.878676] R10: 0000000000001754 R11: 00000000f4831758 R12: 0000000000000004
[  949.878691] R13: 00007ff98bc4f000 R14: ffffffff81bd7e49 R15: 00007ff98bc5aff0
[  949.878709]  ? fdget+0x19/0x220
[  949.878752]  ? fdget+0x19/0x220
[  949.878789]  </TASK>
[  949.913896] memory: usage 307200kB, limit 307200kB, failcnt 2087
[  949.914932] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  949.915954] Memory cgroup stats for /syz0:
[  949.916133] anon 53248
[  949.917272] file 312950784
[  949.917742] kernel 1228800
[  949.918261] kernel_stack 0
[  949.918741] pagetables 12288
[  949.919288] sec_pagetables 0
[  949.919796] percpu 0
[  949.920217] sock 0
[  949.920592] vmalloc 0
[  949.921023] shmem 312950784
[  949.921505] file_mapped 0
[  949.921998] file_dirty 0
[  949.922440] file_writeback 0
[  949.922971] swapcached 0
[  949.923417] inactive_anon 306458624
[  949.924046] active_anon 6545408
[  949.924599] inactive_file 0
[  949.925112] active_file 0
[  949.925564] unevictable 0
[  949.926042] slab_reclaimable 944816
[  949.926629] slab_unreclaimable 286600
[  949.927266] slab 1231416
[  949.927712] workingset_refault_anon 0
[  949.928358] workingset_refault_file 1
[  949.929009] workingset_activate_anon 0
[  949.929633] workingset_activate_file 0
[  949.930289] workingset_restore_anon 0
[  949.930943] workingset_restore_file 0
[  949.931564] workingset_nodereclaim 0
[  949.932191] pgdemote_kswapd 0
[  949.932715] pgdemote_direct 0
[  949.933272] pgdemote_khugepaged 0
[  949.933868] pgdemote_proactive 0
[  949.934417] pgscan 801
[  949.934864] pgsteal 9
[  949.935264] pswpin 0
[  949.935650] pswpout 0
[  949.936080] pgscan_kswapd 0
[  949.936563] pgscan_direct 801
[  949.937096] pgscan_khugepaged 0
[  949.937640] pgscan_proactive 0
[  949.938201] pgsteal_kswapd 0
[  949.938702] pgsteal_direct 9
[  949.939222] pgsteal_khugepaged 0
[  949.939772] pgsteal_proactive 0
[  949.940347] pgfault 86803
[  949.940851] pgmajfault 0
[  949.941304] pgrefill 768
[  949.941755] pgactivate 3833
[  949.942272] pgdeactivate 768
[  949.942785] pglazyfree 0
[  949.943264] pglazyfreed 0
[  949.943732] swpin_zero 0
[  949.944225] swpout_zero 0
[  949.944700] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7744,uid=0
[  949.947353] Memory cgroup out of memory: Killed process 7744 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35644kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
[  950.015121] FAULT_INJECTION: forcing a failure.
[  950.015121] name failslab, interval 1, probability 0, space 0, times 0
[  950.017148] CPU: 1 UID: 0 PID: 7766 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  950.017180] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  950.017194] Call Trace:
[  950.017203]  <TASK>
[  950.017212]  dump_stack_lvl+0xfa/0x120
[  950.017246]  should_fail_ex+0x4d7/0x5e0
[  950.017288]  ? __kernfs_new_node+0xd3/0x870
[  950.017310]  should_failslab+0xc2/0x120
[  950.017348]  kmem_cache_alloc_noprof+0x5f/0x3d0
[  950.017381]  ? perf_trace_lock_acquire+0xc9/0x700
[  950.017418]  __kernfs_new_node+0xd3/0x870
[  950.017447]  ? __pfx___kernfs_new_node+0x10/0x10
[  950.017476]  ? lock_acquire+0x15e/0x2f0
[  950.017500]  ? kernfs_root+0x23/0x2a0
[  950.017522]  ? find_held_lock+0x2b/0x80
[  950.017554]  ? kernfs_root+0xee/0x2a0
[  950.017575]  ? lock_release+0xc8/0x290
[  950.017596]  ? lock_is_held_type+0x9e/0x120
[  950.017630]  kernfs_new_node+0x13c/0x1e0
[  950.017664]  __kernfs_create_file+0x55/0x360
[  950.017702]  sysfs_add_file_mode_ns+0x21c/0x440
[  950.017743]  ? __pfx_slab_attr_store+0x10/0x10
[  950.017783]  internal_create_group+0x571/0xeb0
[  950.017828]  ? __pfx_internal_create_group+0x10/0x10
[  950.017871]  sysfs_slab_add+0x188/0x210
[  950.017906]  do_kmem_cache_create+0x235/0x5a0
[  950.017946]  __kmem_cache_create_args+0x20f/0x360
[  950.017970]  ? p9_client_create+0xd52/0x11b0
[  950.018006]  p9_client_create+0xdfc/0x11b0
[  950.018048]  ? __pfx_p9_client_create+0x10/0x10
[  950.018093]  ? trace_kmalloc+0x1f/0xb0
[  950.018118]  ? legacy_get_tree+0x109/0x220
[  950.018145]  ? vfs_get_tree+0x93/0x340
[  950.018173]  ? lockdep_init_map_type+0x4b/0x240
[  950.018200]  ? __raw_spin_lock_init+0x3a/0x110
[  950.018237]  v9fs_session_init+0x1df/0x17a0
[  950.018265]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  950.018310]  ? find_held_lock+0x2b/0x80
[  950.018341]  ? __create_object+0x59/0x80
[  950.018370]  ? __pfx_v9fs_session_init+0x10/0x10
[  950.018396]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  950.018432]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  950.018469]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  950.018506]  ? __create_object+0x59/0x80
[  950.018534]  ? trace_kmalloc+0x1f/0xb0
[  950.018556]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[  950.018584]  ? cred_has_capability.isra.0+0x1be/0x2c0
[  950.018623]  v9fs_mount+0xbc/0x9e0
[  950.018656]  ? __pfx_v9fs_mount+0x10/0x10
[  950.018691]  ? cap_capable+0xdb/0x3b0
[  950.018719]  ? __pfx_v9fs_mount+0x10/0x10
[  950.018751]  legacy_get_tree+0x109/0x220
[  950.018784]  vfs_get_tree+0x93/0x340
[  950.018815]  path_mount+0x122f/0x1db0
[  950.018854]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  950.018894]  ? __pfx_path_mount+0x10/0x10
[  950.018929]  ? kmem_cache_free+0x2a1/0x460
[  950.018961]  ? putname.part.0+0x11b/0x160
[  950.018986]  ? getname_flags.part.0+0x1c6/0x540
[  950.019017]  ? putname.part.0+0x11b/0x160
[  950.019049]  __x64_sys_mount+0x27b/0x300
[  950.019085]  ? __pfx___x64_sys_mount+0x10/0x10
[  950.019135]  do_syscall_64+0xbf/0x360
[  950.019165]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  950.019189] RIP: 0033:0x7fdbea32eb19
[  950.019207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  950.019230] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  950.019253] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[  950.019269] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[  950.019284] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[  950.019299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  950.019314] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[  950.019353]  </TASK>
[  950.074354] SLUB: Unable to add cache 9p-fcall-cache-93 to sysfs
[  950.075474] 9p: Unknown access argument 18446744073709551615: -34
[  950.587163] audit: type=1326 audit(1755409917.934:126): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7737 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:52:08 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

05:52:08 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000800100000f000000000000000100000005000000000004000040000020000000d3f4655fd3f4655f0100ffff53ef010001000000d3f4655f000000000000000001000000000000000b0000000004000008000000d2", 0x61, 0x400}], 0x1080403, &(0x7f0000013e00)=ANY=[])
lsetxattr$trusted_overlay_upper(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000100)={0x0, 0xfb, 0xc7, 0x3, 0x1c, "d9d94c029f226fa4d0f560b1bfc2a4d4", "16497b73cb4c9efa97060f722594efcee6abb78a9e0a9bd116e20726ed5edd0694df3640052a1a36d08d538e0a848fd5f23680a7941a20391a59f18997c31148cecd36fac8aa918647c05e11a2952b46c600fbf7a2c5d3ed30947d648bfa65629d54b6045bda9cae29e72d9a04e902c3b4fb6e900ee5b9c583bf52034a0ce60acd35f1936b04988ffb426f7a3c4fe240e6e173c29aee8b51f4d69b242e3c4f6e8c5566f8bd4a382e9fc0c6092b918276ce78"}, 0xc7, 0x2)
newfstatat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x4000)
r1 = openat(r0, &(0x7f0000000240)='./file0\x00', 0x80, 0x1d)
openat(r1, &(0x7f0000000280)='./file1\x00', 0x408000, 0x109)

05:52:08 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0xff7f, 0x0)

05:52:08 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 67)

05:52:08 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0xf00, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:52:08 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xffffe000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:52:08 executing program 0:
sync_file_range(0xffffffffffffffff, 0x7, 0x5, 0x0)
mlockall(0x2)
r0 = shmget$private(0x0, 0x3000, 0x800, &(0x7f0000a27000/0x3000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
r2 = shmget(0x1, 0x3000, 0x800, &(0x7f0000f51000/0x3000)=nil)
shmat(r2, &(0x7f0000e5e000/0x1000)=nil, 0x2000)
shmdt(0x0)
shmdt(r1)
shmat(r2, &(0x7f0000ffa000/0x4000)=nil, 0x0)
shmget$private(0x0, 0x2000, 0x20, &(0x7f0000ffb000/0x2000)=nil)

05:52:08 executing program 3:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
pwritev2(r2, &(0x7f0000000040)=[{&(0x7f00000008c0)='!', 0x1}], 0x1, 0x0, 0x0, 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x40608, 0x7f, 0x0, 0x0, 0x0, 0x4, 0x6}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r1, 0x0, 0x5)

[  961.544465] audit: type=1326 audit(1755409928.891:127): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7770 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:52:08 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xfffff000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:52:08 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x30000, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:52:08 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

[  961.591751] 9p: Unknown access argument 18446744073709551615: -34
05:52:08 executing program 1:
ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, &(0x7f0000000000)="d6ab6dc887e5de0b2607cf7a82b4d379ad1959d92b234c884403013e19ba8b9ebb11aa54ac4660c7d944b6700a96e07a03c35ad6d5c4d45ca03b7571a2892563637e093877fa837f7e12a01bd15fdfeed25bf6b870b2234755ba1b8bf0674b986b7c130300caa1c1cffdcae157799e5c5f59a4f07c99bf0ff322e593c096ac5ebf6bd9b2ef78fbc6ddab54a5b00f6308ebfac6e48d6f0b346f7ce203642167cf1e26bbf7b9de31b1f58e1eb62de34ae8910a096ffe36f4f8454a162e55c4944d4bb5703bcd6a4bf87728473f1be675a665115f4d5284abf7b662fa899acf7204970abe8d079d1f1c9b8c9226a098d6c44cb5be4e51c12b76a7cbdf6de47b3847")
r0 = io_uring_setup(0x5053, &(0x7f0000000140))
io_uring_register$IORING_REGISTER_FILES(r0, 0x1c, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r1=>r0, {0x1}}, './file0\x00'})
ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f00000001c0)=""/12)

[  961.630765] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  961.631657] CPU: 0 UID: 0 PID: 7775 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  961.631674] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  961.631681] Call Trace:
[  961.631689]  <TASK>
[  961.631694]  dump_stack_lvl+0xfa/0x120
[  961.631714]  dump_header+0x107/0x950
[  961.631735]  oom_kill_process+0x278/0xa00
[  961.631752]  out_of_memory+0x34b/0x1690
[  961.631772]  ? __pfx_out_of_memory+0x10/0x10
[  961.631794]  mem_cgroup_out_of_memory+0x164/0x190
[  961.631813]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  961.631835]  ? mark_held_locks+0x49/0x80
[  961.631852]  try_charge_memcg+0x81f/0xf30
[  961.631872]  ? __pfx_try_charge_memcg+0x10/0x10
[  961.631893]  charge_memcg+0x7b/0x290
[  961.631908]  __mem_cgroup_charge+0x28/0x90
[  961.631924]  do_wp_page+0x58c/0x3240
[  961.631945]  ? __pfx_do_wp_page+0x10/0x10
[  961.631960]  ? do_raw_spin_lock+0x123/0x260
[  961.631975]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  961.631989]  ? ___pte_offset_map+0x176/0x370
[  961.632006]  __handle_mm_fault+0xde1/0x3030
[  961.632021]  ? reacquire_held_locks+0xd1/0x200
[  961.632032]  ? lock_vma_under_rcu+0x11e/0x530
[  961.632053]  ? __pfx___handle_mm_fault+0x10/0x10
[  961.632070]  ? lock_vma_under_rcu+0x17b/0x530
[  961.632096]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  961.632120]  handle_mm_fault+0x2c3/0x900
[  961.632135]  ? access_error+0x17d/0x380
[  961.632152]  do_user_addr_fault+0x4fa/0xeb0
[  961.632170]  exc_page_fault+0xb0/0x180
[  961.632184]  asm_exc_page_fault+0x26/0x30
[  961.632196] RIP: 0033:0x7ff98baf5d30
[  961.632206] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[  961.632218] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[  961.632228] RAX: 000000005fdf9c67 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[  961.632237] RDX: 0000001b2cf20064 RSI: ffffffff812c81a7 RDI: 0000000000000000
[  961.632245] RBP: 0000000000000001 R08: 000000005fdf9c67 R09: 0000001b2cf2001c
[  961.632252] R10: 0000000000001c67 R11: 000000005fdf9c6b R12: 0000000000000011
[  961.632260] R13: 00007ff98bc4f000 R14: ffffffff812c81a7 R15: 00007ff98bc5aff0
[  961.632269]  ? fpregs_assert_state_consistent+0x87/0xd0
[  961.632289]  ? fpregs_assert_state_consistent+0x87/0xd0
[  961.632306]  </TASK>
[  961.649412] memory: usage 307200kB, limit 307200kB, failcnt 2106
[  961.650003] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  961.650486] Memory cgroup stats for /syz0:
[  961.662775] anon 135168
[  961.664382] file 312950784
[  961.664809] kernel 1486848
[  961.665490] kernel_stack 65536
[  961.666242] pagetables 147456
[  961.666705] sec_pagetables 0
[  961.667408] percpu 64
[  961.667772] sock 0
[  961.668293] vmalloc 0
[  961.668662] shmem 312950784
[  961.669285] file_mapped 0
[  961.669696] file_dirty 0
[  961.670189] file_writeback 0
[  961.670645] swapcached 0
[  961.671066] inactive_anon 306540544
[  961.671592] active_anon 6545408
[  961.672103] inactive_file 0
[  961.672529] active_file 0
[  961.672967] unevictable 0
[  961.673390] slab_reclaimable 948656
[  961.673946] slab_unreclaimable 339648
[  961.674492] slab 1288304
[  961.674924] workingset_refault_anon 0
[  961.675480] workingset_refault_file 1
[  961.676102] workingset_activate_anon 0
[  961.676706] workingset_activate_file 0
[  961.677317] workingset_restore_anon 0
[  961.677901] workingset_restore_file 0
[  961.678449] workingset_nodereclaim 0
[  961.679032] pgdemote_kswapd 0
[  961.679509] pgdemote_direct 0
[  961.680007] pgdemote_khugepaged 0
[  961.680515] pgdemote_proactive 0
[  961.681045] pgscan 801
[  961.681448] pgsteal 9
[  961.681885] pswpin 0
[  961.682245] pswpout 0
[  961.682604] pgscan_kswapd 0
[  961.683062] pgscan_direct 801
[  961.683531] pgscan_khugepaged 0
[  961.684038] pgscan_proactive 0
[  961.684514] pgsteal_kswapd 0
[  961.684995] pgsteal_direct 9
[  961.685457] pgsteal_khugepaged 0
[  961.686004] pgsteal_proactive 0
[  961.686503] pgfault 86900
[  961.686944] pgmajfault 0
[  961.687341] pgrefill 768
[  961.687735] pgactivate 3833
[  961.688206] pgdeactivate 768
[  961.688655] pglazyfree 0
[  961.689082] pglazyfreed 0
[  961.689501] swpin_zero 0
[  961.689948] swpout_zero 0
[  961.690358] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7775,uid=0
[  961.692497] Memory cgroup out of memory: Killed process 7775 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
05:52:09 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 68)

05:52:09 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{&(0x7f0000000000)={0xa, 0x4e24, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x4008850)
sendmmsg$inet6(r0, &(0x7f0000002a00)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="d4d14525894315c6b548cda02822d1d61a0eccc5dc", 0x15}], 0x1, &(0x7f0000000100)=[@rthdrdstopts={{0x10f8, 0x29, 0x37, {0x3c, 0x21b, '\x00', [@generic={0x6, 0x1000, "aec8426df03fed9fc4af3c3f04f41a5ffe83d24b6159a2872f0f1807a9b250b6326ccc84210af9896b1e3e0d041618c4ec4dab40a4d853f494f8c7b3061e8c9d85b7ab11bde7e85141183f8a861b57c7acc495a7a74897b6167b2027b5e30dbe8ef17165f39ce62514f695d21ad38c9c3ec71c777ceb41c1fc00bd45a51ed943425f65a3b0ae7a81df8c198ca50ca4a9b3fa40fba49877b89f772f1e7c4c34dac8300fa20043bf5bfcbccb56d3c3362d450595179c6310403711c2681eee1fb26bba9631c45fd38d6fb456446823285a561df6b5245022eb8421fe6bbfa7d0416ba51e75ce9e7ee89f178f0a6b090655f269aff85c460fb3339c81fa70af9ab6eb5ac3cdd06b74801b5659f16ebbad84f4294cd9f9152de07b5652ed92a321c63fbf6ba4a02ac12cf6d9e017985522ab716b4b4ff2d56510f3b2750fde9531db1658e7365a3abd9b34ec50ff286bc7ff76dba6e32dee79274cec94827bf0d4e000e33203c627ef2708e675f6d6f0de1f0b3e8163d89e9d4d0bd919d702b97595acc0ad4dcebbed74b1bf79a1c6b7c7b2d4c20248de4dc1c390c8dd294dbef32749bb7a6a3ae1a61e234970166a609039c7d5769b49a9cae34beef9e3221066203a3060d67f7104ae8c98ee9d3629448e9435f97cb5e5b81cfeaae2cff0db49dd7c4596c734032f98ca192c323dceca8d3707e1c49707da5d35234c8d300730fb9460f1c08c85728d1725206e4bc0dda6c7e038063bee0f7396caa6f3212e321ddfdcce2ff4e932a3f8c6460f44bde6092b96273ddef834fa42caaa263d2198377126b419f01af836e70dc041d4bbbdefd517b9b3a8abf9964ceb12f34a5e4c76c7b84997221a8e3dd7882c98769650d363d22f945c68af1e3721ed1fa926a6108cd7c2a26dd127096b4ae61dee1b7e61e25700512521b0826c79737fbf53554c6980d4bf30c69f02dbd0536345a586a0ebdf6221b3d198bc9a437025f9781e1e2b383b693830cedfd9e0c113b7afaca5e856a8dcc2c03301ae49de94bc106c86edfad9aa2a306797a9183787db9584fcd8bd413b5fabbcce10f938a97e71a993be47aae2075762d61a007a2050673575012a778e249cc6a99eda8d3f5c6b7248615d12fd650f7b7e27ec0e0e164988893ad592f38017d4b6c4f63105b715ff51ae490bf6db5de1d312d2d5162f44778ba1201f105fffcd2bd2680831f16f72a94998e5891e1c2c15eca6dc81aff8e240a0149242ad50fa0a942975bf3c985c9092ce76cfbe1d95a5f818388574cbd1177cd727b578d2e21bbbe059c5b31ff795b9c98e5b8ce3bde46ebd789cea8652cb28106301aea9eeebef6f53ce53198586841ee22849a2f9a0a3103a4616d897295cac9b1308d67dd9b8f3b8c3cd2c44586595a47697b035e5c028eaa54b83c24149f042b7f7ecf3f86086418446cfbcceb853287b1c06cadf17800fa2090fab706834e3f48bd23badc514e39c30b68770a66101f6ff294a53428c77c468a1f9077e5ad9c7e21e2c792809bbfeea602705cfd19cc6f6afaf9fd0f1286ed482a237598f0da3fdb5bb16f75e5f061e603f0beb93e0ab96d28ce450f3d654f1cf163989829f21782d8fc2e09299fdafe215c11c6e44862cdff3f2d0db39b97d22a18726b90b55c8f217d770a23e76a70d03433e30f117cf7009ca287c222e80710eccac737c360786790acf81b1c2fa36fd1a8371a8861c3ce7c5731c08ca64a4ede858b3b23e91f8c131c1902fe36dbce923001f4f09e52fe0e9239f10a6df4b8d26b066e6c9984732a25e33a7a9f8a1d02cc21db0737e97efcec9b3e9872acc6fa8ad1a74db4db5c3642388a6091a282dd6a8a49e1b2459b1158e86279a4cdd5b6fc74f3ec3b7332bf99c212134d4d528e701570404f74ab5d591609197946e5c00c3100cfc72b27dc098099aa7e07d16617f037115fb608cd517717eaf6d53d54035632105485d7b2abfde3233bf641777979b7f0530f3abb7afeea1b047386c4f97af61c49d0196b8e802e1f0ce7d7450d132afe7b2aac629a946b86ebb1e99a5635d4150169c9bdc3231ad149df21a586592fd9a53349b65b0ac0261badc779d2e15b456d616467ceee8db4463c1347fb7cf83715c279eb949fa16a4af3ed465fb28d4c7dcc84a9bca7d64c4c5d6e147f03fc173ad562ca15fd7cf92304b6cf83d251f5e1d6c82de3e1c823da1af53f4c78f43be7e475666755ecebce2b2528a8344b8a6f2a2336a08464af4c69136c1056bc5d573ec18eb2186c66cb7971671d7440ffcf1eb42155bd3e5d767513c1553eb8c29033d929441a8aba4b68cee7f9562f7fce7360d51e9fa0eaf66f5c47ca23759212e92b0beb736a29bd4b86b95d2716362235c6dd4c16bed8b106f3e3b21337658734da067a91171b67371b4cddfded6ac9c6dc0be88094cd7cefa2a84384408d822a381eccf09859fe3b32ca3da04b375c7e3f77bf74aa9b144d09e940b729ce136ca09175727a2596605495a39c3254c6473fe0e5c8771bdb2b3821296ec3fa437e5927318edabe535d4a38eba6c76c9f92660fb221199cac92d65f06ae6ac3b9a0431f5fb46e6e6e18e98aca879ced4b73f7817f7a4423c79cbd552aad24d9dd6d28c570a18ed2a4054b8e727ec355e1da68f771fc92fbf0d87c3d88e88b78e93e0b90bc9455a0fa4d7fae92fc8c7d9dec6a2b61ce7b1c6cce4639723347e1c56994c9cd811955a8dc2658bcbe0fa1154598c4ddfd86a7770fc9f6dedd6755aacd832fe34520381f96d70014b2d30e90af00d387044b8513489d334d050f4d20d2843d82f07b9b92aa43b60e85a4950359ece40cb023d4403fb2ac33e5909e369739aa66a99faf1eab02035436d363ae2cd82f219391871d6da551a8de9aad7f62b9da85415f62cdc4b58e66fd73d5640d3c2c5a5c50148d74f2c0820b807c9fd948b11a7247254a741cb94061f3c8252e18120ded78a49a8150e4f7c2beb2afb55f9c1120d48f17b4d31d17a7f992a66216e56d46fddb300219ba826e95fe2b44947ee4eef5c600a7a8000feaee6d5fa16bff7274b82fbbef8cbc17973874520342d1714eba493781e6fe6dcdbda71bf890454e322055cebc4846af691b56efe6d45add3a645220e876e77b1fcd36646eeee8dd2192a6ad23682c4edd85633269d854ee01be86fde22086996c84ddb081b7a2dd23eb71faeef20dd97417b78e3e65c86776d9e12fd6f90fc34a1bb2d40d6475c1257240b6128eb4169b9c5aa8783342b038aef8ce38aa834f963964645b7e926b1a0ecc52706d0902b78b05ff9c1c091cf2a64e5fc03f2060dd32ecfadf410835b51d6b62545d5d706a200734c5bf8d9488130f14ef1704712a1784f9efa64554984cbfba4fd5fc7beba23d10ff89486437f541287a4af56149cb3580814456a00e7ba268d706aebe7abe981d92c0bba3e0e32648a56a4733b47473e85994c24bb57281d5f4e7119b92979b0434be00f6dd14c45b0a4acab562befd3148de46576036553aad25ffdff698a674700fab7d32c28cf41cd20b28cb5b135fac854a23592e2b55341b92c9d15e4a37554b7523e689944e2147aecbd9153d0d16f333b5fe2e40e0f9ddc7ed3aafc670572d57cae15d91e78d12a376e9aa3d09a94bca46fbcdc2316b6bf7885ed35a36f888f192d6b5a17696267b8ea74c9e5fdc8028b940c6f68e027c7316016b79742479b7a1c5643c067457b18443ddce340cf4d121260f306cca30cfe30bc786f7a3ca3b86a3fb0a746fde3cf9ffb1064a4d1bd394b45c82b61b3accf0f1c66b0ed9426ed8f733c61675804700a232d3b635b4cea91c957da7a98a6209f267143947e5a5f310448a36a9120ec995354dfd1b1a1b57e4a844d664c4cd295b50da31c5c7c3255d36370cd2bd25eabe63e857e06f721035628e7c70c8e9a2514fbd26a27df698eda265ad4c22795077886a32d79a99b7544c48509667e717d7300513d161d07e2a404f2957d148e7aa7114356f400a796d97fac55fb95180fc5cdc96e20e39dc0582bba461e205540d3c93ebeeab66257e48b09068a3ffef966ecaccc5a4e79f8321f6cd77124fbd31b43f76d8aa4add24161a5e95286e4d20ae7646674fa519c02ecd79174d80561c703be27646255595604d7ad168e0e474f5a0a2664638d64b02bc52f54bab9a33deb13a5fd17813f652a62a63c2f0b130b977a965b34946cc1baa6ccebdfb8c11876103ef8d4a4e3fdffeda0ca58dea7bd2463d76638e534d25c0bf116a3616f480e16b861c67c1a0ff9f1e13816b909946818b289c0362f35bab23d6c80c9e16d52816cb64c9bc0b6f786a946dce1bf8129c9ef0e88166cc2897529b512d59c6c4615de217b940a48f8afc5f57a14f8050f584350abd3d4bea9c07975ae22cdc1fac892c2c2192fa20e7ffb004bbd6b25773e93753df4caf0296d1d8077fc904c36be1c0096ad5bdd412e09b4eff8a6d083496a420653c2ac5fda761389f47f75da82f822196a0d7926028d50ed5ef2976a7347b67d8fc0b36d6e3914ce7983103558d328eff89ad3180cecf6861ad05ad42d5b407834d8822691a722547448efeed74ae46d47f55fc7874ad8e910753a87f04ce1b13ee394a445eb8499f8d9b821c93595a0832afdfebebf9ee5b27dd6f9fbaade4e55ef56706049e5a820dd37d0cb73ff7451ff8710354be38c20f053b1e600c6167ea009596217c93376341360fb7b90c30760f00ff0c27588a88baa1062715a53d0676eb9c6da975326fa368b8d5e3b72af29fda570cd080fd336c99464ef712b50f356fde34223965235f1c9a4b83c11b2388f7532d49bf1f46f909e73d43907785260d0d7ac1e426aa0b713da3e6aea9c2c4259b4d60c2b98b94d3f48a3dbbfd9c339346c21aea62e31bbd6285dfd19d5744bbc73f97913c8df70bd02b222a1e82bb940f07d11f25a36145242b8ffee4b7539270fe32d07277e3054544c44360a49e23658fc22dd4bd778f8ae54ae360a94e86b525c7992e14834c3472e9923053455c32e12795889ef68e99ef9c2608dbb19b9179d79f0bb2b74b26727a894e013b92ddc202a9c4e386663efdfd46bf97b9ff6fa2c70a8da3359773861b375f8d9bdfc010665d6f7f099c1c8c437d76ddf605f9afef0515dba634f3d171e71a2e4e4afe3dd4ed1f141894a001b3b0dec06ebdca7291f0556d35ebbb8b241537d74c2049ee8e7708e60b6a57c9450cd12c04b0f95cd27323a70af0f562aea3dbe5bd603d22a842ef959b415d10b65f4ef7cd2b8306d6c6b1154a8fa6a9e9af1e3c69eb9daf47076a315162ed90249cffdc56ce849a46d09982ab95ebc85be52b0f7d5149e236d22869d59b34c7765af43846fe5c4a9e980d0e341ec4065d23ef7be0257a5662af216f17d8d966f1d91bdd84d61af24999328e3c49645df72f63810e1aa6039f1ee39ab1a4cfc4b95ef893fda4178b4093b1188bf57b0d090124e8e1fe5e27ec66881925522adce0237a0f5d87bbba0ec1754cdea956ba6138dc6c450c1a97fa7112f948a2ec33d8c70702af419fac7696ec145f26f4ac731baadf5604df3705c95396a345937497548b46e84b3c614708ffb39711817d7e82035807911e92d214d2d71fc3d6e929d9967bb0146d0da3a5865c2ed19054337b6e84579b5fb5303bfa1031d4cb2a7af4d2a733bd18d75e664e634b389031209c1225d96449467e7d8a9503e939c276f5b7ff3508aeaaa4e05dbd3dca25628373e727db8dc07724f17b28cb96a493d7ea7b3427b75501f7af2d2"}, @hao={0xc9, 0x10, @mcast1}, @generic={0xa2, 0x17, "f3ca3d36064e44cdbd6c7238f18e8d40196d6aff6f9840"}, @pad1, @generic={0x6, 0x9a, "9155138a816eac5e079aa737fa71415b11a7b0b6559c5046f1076bf5b8068e34f87607bcb7888f2d07a148e07d675e2370633da446f1566bd16c832a58d0392563b8a628a9e14e1e322b354dec5a7a631837c993e26dbbebbe6e22716a86b92beb688095fa39dd4fae550095df130fda7f7e0790c139558d03407d4b6be4241eac2c99ee0ded34415023bdd32220df1a595a9300bfd6fff4fa2d"}, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @enc_lim, @jumbo={0xc2, 0x4, 0xf78b}]}}}, @pktinfo={{0x24, 0x29, 0x32, {@dev={0xfe, 0x80, '\x00', 0x1b}}}}, @dstopts={{0x20, 0x29, 0x37, {0x32, 0x0, '\x00', [@enc_lim]}}}, @dstopts_2292={{0x100, 0x29, 0x4, {0x1d, 0x1c, '\x00', [@generic={0x2, 0x5a, "862308e42f626e51fb5569c1951d07e8b5888289880ecc295f62e24ccab01e839bf38c0d977eb54286d614fbafc7b6c61d4ce6fdf0c524a8513add261b62385576c1d37e9dff59a98f9fd86c4d27992e43ec0c6ed7afe0b95768"}, @ra={0x5, 0x2, 0x1}, @jumbo={0xc2, 0x4, 0x99}, @pad1, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @calipso={0x7, 0x40, {0x1, 0xe, 0x6, 0x3f, [0xfff, 0x0, 0x400, 0x3, 0x1, 0x0, 0x401]}}, @hao={0xc9, 0x10, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @hao={0xc9, 0x10, @local}, @hao={0xc9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}}}], 0x1240}}, {{&(0x7f0000001340)={0xa, 0x4e23, 0x8, @private2={0xfc, 0x2, '\x00', 0x1}}, 0x1c, &(0x7f0000001480)=[{&(0x7f0000001380)="1f753cae9b469f3eef2a04e2ae36b5f1070673159cfb7f57583308c7934596ce275c1fcce9b89cc7fdefc73e0a4da9edf0e573056d34fa313c4e337f6489a739cbb83159d5aa2289cb4f267c52bb72b89b8c4aab6c626df4c9c92573005c17371afb68167105cc718162018b9a926974751e3c6343dd8559ad2c3ecdeef1bfc0ff51265041d41ee0bf525e20ae48ae84a41e749326f9f63629431b925e90d3a14135bf91b1ea1b196be2697f140ec68983bf8b93c72292a96b169974ffc2d42bb8ba79d7b8b3c67529e9e97c511fbb06d52cc58e541d017b5a1e1c4bfcedf3ba94e791255597b8b5ac031a2953598415f0484e819ec2", 0xf6}], 0x1, &(0x7f00000014c0)=[@dstopts_2292={{0x30, 0x29, 0x4, {0x2b, 0x2, '\x00', [@hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0x21}}]}}}, @rthdrdstopts={{0x40, 0x29, 0x37, {0x16, 0x4, '\x00', [@pad1, @hao={0xc9, 0x10, @private2={0xfc, 0x2, '\x00', 0x1}}, @padn={0x1, 0x2, [0x0, 0x0]}, @enc_lim={0x4, 0x1, 0xfc}, @jumbo={0xc2, 0x4, 0x7fff}, @enc_lim={0x4, 0x1, 0xff}]}}}, @tclass={{0x14, 0x29, 0x43, 0x3}}, @dstopts_2292={{0x190, 0x29, 0x4, {0x1, 0x2e, '\x00', [@enc_lim={0x4, 0x1, 0xa0}, @pad1, @enc_lim={0x4, 0x1, 0x3}, @generic={0xff, 0xe5, "f3464d84dcfdb1c4eb182ceb900c7ba8cc19d98d7faf63eb6ecc60f1d6be80281f6b672881e05aaa601c834017319245f7a879c6cfcd8b8eaa287515c8a42eb494a13d2988a15570660864d1300d2d2c40bc855bd883f4f33916fa835faed8b374d337c02f151ba92046315bad867485b03c195d6fd08679d1c97584a7aa55b9d28147539ee1771182ab940bc775acdca547ab852ca3234076174fea5bbcb826434fe0755906bead2981439cc2014ba3fadf0a92c7e2ed8486991674208ca7684b857fd450dd45453c98dc3570d3043d47590d2bf300ae19c8eea20f50831c2a76c50205a2"}, @hao={0xc9, 0x10, @private0}, @generic={0x8, 0x72, "188dec8b6ff044293f214efaa4e615fc286d8fd9197f1c6a74803ae68c730601937322cd1df297809144c89831e6b3b82b7eb3632e1933de4c12d8082f2671a798b5adc57131fca498b32ca2ab031e010af234d0afe080d5878a3ec4c6f5d7c7d1c3227a1c6dbc58d899a32a7925a1a868f4"}]}}}, @hopopts={{0x110, 0x29, 0x36, {0x21, 0x1e, '\x00', [@jumbo={0xc2, 0x4, 0x10}, @jumbo={0xc2, 0x4, 0xffff}, @enc_lim={0x4, 0x1, 0x5}, @padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @hao={0xc9, 0x10, @private0}, @hao={0xc9, 0x10, @private2={0xfc, 0x2, '\x00', 0x1}}, @pad1, @generic={0x0, 0xaf, "6fbeb69e07eaf12c907b4ad72d6afae03c703dc13747cc20818dde6a1d71b3fdde7b6283496e412cdb057f21ff4bf4fe39c6c1965b53e20a9d989291645a8886121df915b6e25da3381542800e7db8b1a66047d91f282dc93e1bd93dc8521a475994a6afa85a38e5d7d65a8c27c5961d9188764f13c4eefb5e00c895860740f64e98860b1c92605ea8f4f43cc1d72863bd65c983d3324f8944cf7b646675c814d18d08c5cce8a3a07204d57142817b"}, @enc_lim={0x4, 0x1, 0x81}]}}}, @dstopts={{0x18, 0x29, 0x37, {0x5e}}}, @rthdr_2292={{0x28, 0x29, 0x39, {0x87, 0x2, 0x2, 0x8, 0x0, [@private0={0xfc, 0x0, '\x00', 0x1}]}}}, @rthdr_2292={{0x38, 0x29, 0x39, {0x84, 0x4, 0x0, 0x4, 0x0, [@loopback, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}]}}}, @rthdrdstopts={{0x1050, 0x29, 0x37, {0x84, 0x206, '\x00', [@calipso={0x7, 0x30, {0x2, 0xa, 0x0, 0x1, [0x44, 0x2400000, 0xfffffffffffffff8, 0x100000000, 0x7b2d]}}, @generic={0x1, 0x1000, "063e1a837be18384584c2cf9ce15eb8294d8006953e9d6754a496d2b671b57b7793eda3cea862caa52941065a13e195c5e59916083d7bf705389c81dbbea2e14e115b9485b1afd34dd1a40c51d7bc48c3f22df0bfb157462d6c40e2b4934c2ff9b4821a2b1fb40a5676175ae2be3e37bd36bb93fc67a6e81442a6c9bac281ce2e3d68ae122bf1687e91bf5503cd8e8cab226236ce66890f4c2335863301493471ae603b46437a6c63a0fd5b70d00a3a97aa9ee8aa4165de1b40bc99883a138ce6b950f63bbc9933135f224893924c27cfcc5e721ed57af41a01dee4d8db9d3b03937a40cfec6ff903925c91b400a467fb5accd27011fb80e0c578efccb29a3b7f36869beb8302d25a32a44339964c1176ccfccdcf5857d92d9c00fb52f520fbc288f7f9f9066db160d0a15c644170141f77bdd181e9af6ea60f19bfa56cdce95a63687fc5a64132fae15c110eadc6bbcf34b332bfb59f978966164ae074a56ca0b61222a00f94f3a246c20610d54d25b922cad7b2b380e5e9e7d18570bcf1bf9bd537936f77820cfc81e4994c8766637bc209fddfc6918aa2e98c4508921b0bf243e4de80204f9186b11471c522b729410af6d0bf55b853e4c462b68186ba8979db66ac5b207d4c2ab37defce70de5074acffc852bd09a213afabf0d2cd997c7516d07699de5f0760a2a3383c46a60397a080f67acc26c9c442315d72669f3aaa5a71ffed12aa8452541ac1601bb4726ee4ef50be042cc6a9c66f337f971c7d3d2eb11206e351ba84c569de8080a04bc2270c850c75acf3dbeae2db2506bf4146cf403d72f843e59e32e8a2543f6d21284c44675976960f9c0310855063e7172fa0ecfae0c7fde51c4c35b33c4f3cdeaa30cca7514d66f9a849197887d650c4b996c69970257e260f2aee2b995252b7a524eb3fc0eb7e87458913c057ff78a474d7668faf7f99df6c56e5ee1cb4eaef0e1034948fe7767cfdd793c9151152b0edc31521e063500eda0c1f4574cfce77c0257f6303f208918ec17d38b2403f0c8ddd4b11e444258833c2f4bfbe615a349ed74daeed12edab3aa628e649758b17b207dbd739f5289a7ab1adb23d7c9136d549331c4152f0c5d51eeda2fb8398ab3bbfdb1b0d57474015dc1ef2c5cbcedc399ba0dff781e77bbc53aa42aa2dbba3ef4c67cc616c7eb086387c96ebd96ebaac03a1b04f6e8924ab0712a554ee7adc57bee83ffa6c48f03240465a2b9c856dd42c6ebc4348a12b711d4788b85d3aff67a23ab5bdcf0ed7da49958dc9f7ea603c776858832f84243528da9388764bad1b1d94b0e6122e696891aa226e1eab37e9380a16454f07134572a1d652c2119ba51042e4a414db28c3bfedb4ae52470bd3a89ad7d5614949e6ab819002767f5a4cf7c8eeea960ef513736ac9b018a3bace97cb2ad875ced861c007fd51d96d4c8873a5dddf2ca4745c4f17fe1900aecc12a8d89b2ce2591d5edd782f48e8061b024be59e3cce9f1b79530ebc13c9e41d482b782dd816f95aefc1dce1c06f3833e31a023aae4699481e6f9bd689502143446042e298983632f2c785fefd8b0419051e038ed2f9f2eb78b5c882b11960d9b1470fa6341722f2b6a173b5f13819b29c854e759fa4f325e0eafbd81958990d266427373b5ab2eab2bd24ca847949213f7cb4db50c70522571ddb3ed2e59773f96f74fe278c11ba6c8916fa865535dad8c622faee4324236f7b35de158f90cbcc61b794220b0e8361ed38659aff270092aa321b0d53975864d4c72af2652e247f283799ca592d448e3733b2b938cd288235277a9a62552b3f57be24b23cb86b6cbd1825b54599925bf0083d1f6bb19c8f37dab90e7cf123297e22fcff075fc64081aef99045502decf68bb0fc52d671fa933d5c71fd9f3d2dd4819b432aa3c70b20b8ef4d8bf1c3ee4745d55c0467d34b20378ce7b122b0f49089b36b9eb1e952483a54d1c3cfc7fa6658c41659b49c999c521cfd8b5748cec5a44971b004535e3d5535f77720bf898b2da5f5c50c78598e3098a3ba0b49133f440093f333f524d13cf449d9fbb02979b3302d4db1ff22d19f6f5a607c540ab2e342971bb30a07477276339f6ea530b703ee2b408ef87df717655320d2d8cd076af26d756f53780af2c53a8177cc814f684fa13e12493213d91dabe8b295d63869a1d16470a6509c4b7cb9a175aaadd12e00e6c3c85d8bafa1bc4a906e6d5239b4b69f566795352a1fb02a57c6d7ceab0e35636e61acce0970998f9f4a739147c04bd9a00d9509c5be05d230d6010d35d1d364b0672c4ab0fe881be2004e0306356ed60ad08a8c13cb547f30de818e7ccfc2ab71b9b43547d6771370df391b09127c9dfa770cc801ca2a23e6e6371aabb774a8a9f3f76d5078038c80bf3f1f1561b6f6270850e89c70d930e9fd0e00a92e418ba80c390338600ffe4cc56465f1fc74499e1773363277d3868d5322f58e78d47aa0ce5f9f45bd122b36b55f802c8f1d46c45da56c953e52b0161b9595e1c1ff7ba6969ed02cd6438c4fa3deda6c7e3b3538b20ba8b70200a9bda32f1efd22fff7174f596c838739cfedc4e515d3af4390879f94bf3343d3c75913c04a8a9f4fa5b6570a3f77351d03c1a02bac95d6009a9192d0d4f5933ae2bce3d8bac50a797496d89fca31305878276c0568bb6a84102d2bc3e962e6b3ddb5845c4e1b3344ca97975fc256dcc9d16063f7ffb179beda0b47fa45e43176cc739ecc3f96ba1edf646c6190056e4c27c324141b9c36fa9f4c710f28264fc59f7e44ad7654fabdcb6dfa53711029589a639af19e9a6c99e03d816e814d8d31d3be04bfdacec602de0e2ab11f885f655eedd621f899c7fa948ef42c8cf47ba4894be64edabdc284e2433ca733ad3de20ccb5f2ec4e9f265e2afabcb701d21202d87ffdd489d9c9b78f727d4dd38165c611611bde2023fba0bba114690eef9cac93e83059c29c1da841f700d9bd698a704aa31d0d7a58d0cb51509cf05323c7fae8b8e316b14e5773eacdac4e4be133f23a542ba011466dbede53d292c15adf9f9edc219d686cc4157e88aa7738b2f31443c12d685f2c1c2ab322cdc79e2170711983832a30de6ed2d3ba805f3b67dc11606e72003ffe293beed0976274e1b307cfdd42149fd7f9bbaf668bbc026be5ba79fcc57a3bbc3d0c89be886774c74989968e5296e6e6d180b99f1b6a667b4a0b2b2f72fc8fd4b540d451af2b2e9b2735c4524e0cda01e70a49886617d0507f835487af5644c64c8bbea942543a4766ecc09c96fc7f32b8e1deee8bef3d02d2f6ce2ec65df3511e629906a5e17551bace9c449073c5ad6ba6ada09b08c4df114f18e8e03321b47089ee1b4dca2ca3958bd103fc7c2999508b35bb3e9fbeb85c8bf525a689de9501abff0a8837bf6bebcfcd6d461b734146de32d3ea9aca34f6dd7cec2e7ed85ca5cc8f77d49dab75ee68a680c5d6125327778f23c5c43beff1ac8c1b3e4c8890e717eb01c7d0b96f1507df9ef91f51e69572a877cd3a757a68367e8f33cdca4818fc8d6ca422ea6da9c013bec0a72e7008e685ffbbaed440645f8fd60e4dae82d47134384479ad7de7114417f26c6730c1ac869a6ab082125da467059408cf4aaadbd1597ae97bcca977689e5f15a5efa2026b64e15356d0d00c266fb67fa348d1bcb9f4d69fc8111f0dd71a2c7349547efe4544189e666ca6a8abff641a104457b495ef696b507f28a50d7cd58b104a0294bdb98f889d0ac46240c3f04a1c50f87a85f1723f72d0ba340af3f92f62a84d911e7c585cb92431fd30e94b663f6fe10280473df98a67e189c5ac45f11af505e6c49050920735e5380cc48d402fe21f78c82c1318e802eada646f32f09bdf04d1e5985012b1ec62505c0b3f0b66bfa574c67b0a8f94551907129f2c9c398f5e968437e4ddd4dd82ec81402720d34a9abb0853c759cf45b17ee312003f2b1c55a82cb4987fe18a8e487fb718326a906cb07c1efcdf91361a2c82a91933dfc9065a425d157c55608723742e199bd1e3fc2cc1f3cb551ba05a679a79069c6674c88a5cd55e3d1a121c4a3d4916bb47ff955250f57046398ea16bfbf90b3e1bf74ea03cfc073abbd0037c2dbcd21a515cd5c13eff0dcacf03f784fed6c06f7dd531d66910e1af4244c78963d151ed80800be698c45ecead73f3ce42c15c1114aa158fa21c5002d99bb6f971a5df67a58a7ef402125a7c359dc0b63c0841b7da7f6d543407ccd2d1458ddfff0af910859d8a03dc6dd00f7d9dbc2fbda226b24cac9ed748b116d5c38b3296f4411e05f9df5ced0d59d58f52c346286d46173974fbc229dfce180249c1f13e9a225f88d0133441a9f48451eff7926ee679d66918ff03152849587259fa6c98bcb577e47bf8c693c7e77f00eafe219ae135d5470bdac9812b7ca1a0967fffe93ea9c6b41f3ae5fdc3a04f0cba022361622fb57eec09ab1cedbaa5f359973309708f02db89c6d320fab6e5830665476b1b8dd27809f45e40251f53649aa0101ef3b55563b74e91ebcb40afaac161519ea390449a42ff7f502bb062c43a541c9ecda6dc6d556b5eab7f0c88a0820140c3764731efb2a81f3cad929af887faff007a2c535d07d2faf246a6473ea28b7a98d3f93a5cb8d32ea88035c98934af9bed19090966222eae1f1f85aaa03ca515f7423a3239fafec6217d5eebddc438fb52ecfa87461c93748b56f3e70104339b56aecc13fa68d4e519d9fa06363e5147ee7926853d28be74c99132d8ecc773027f38e951b174da8e4bcbabc554de6deba2db0855a992a596d2d5f2d671e548fde3fc3fe8f2d174e212b25b203197494ba3187a621f0f59b9273aea9a372973c4b5b38ac2e1a58f20167d0f333ae48d88bb993428a35c05201f34f1756e05f508aa97fa52bbd880d8eec1297dcabcddac8fe7ba4b8c9ad752cf459cf79c53dcbf1798d9e5f865a40b9aa786474470857e6e804961834c886a5d3bbb5c6afc7f7ffed73b9bd13339a86303285689826915dd6924e6bbddc3bac66cdf0377fd277eddaf761a1d1037be513b6f88833cf29e869d22a2d8c379f2c833d8db217a85ef385b2db161c589e8a89222c5b84692139b61a7dd9997f3d8c186a90a84d4fa810591a0d9d2e9c696bc7ba8079c78fa09f6c056ee4a90d1c79ca4a13a1817249658e9f242caa454cf75a1edf51f32d78698065bc8b80505b58c0637ac102829b8321cefe47a1f136ee171925df331960c806b2a6f3ed96b23e7fdfd101e3905286af16e7c337d26874c9cd5910bee05de46545eae71f6bd7e9b8f113638cde03e0ebf9c39389545f33f8aeb8f503386e52fa69ab56ebe38c405518c094da9b8f099fb53c16b77aac8907d8e20f70a0c9e73b32d9f531fc52573a4b2d317ead407b86daebf28bb5d14e577cfa33dcb1ac64c838be370886fe33d5ec40f0a857db614cece115480e3b5a05acdd0631c7a866a64af8bb933c07c2f4ed9606844c02be6949c03966cc69c59f750333f346fe89a0e9a06fb0098e5b541254843418df14c30f38fe84956f245fa907eff501376835270385e5e18df256989eefa52ce2e34641956308dea1f8f860d6dea616f183158a12c0c3993dc00144a7f246734154469bcdbe31868b6ef93c351ee8b24a7037346180ed814f95c3f72477753ece8db853c5180e6d8d030f7af42cd821883578921bc48914f6d2e292422b9c4f73b98ba697c5bfede4f421585c7eddb32748ace23f61e7198cafd81f2fd25ec13b7366d06e977d4f8b3e69d217d8f"}]}}}, @rthdrdstopts={{0x120, 0x29, 0x37, {0x33, 0x21, '\x00', [@pad1, @generic={0xf8, 0xf7, "198b315e2568834814930a8ac3a5087f8f03eb365d30525ddceb40f05bb738cde29b785da50080bef3dc237f58a562e2d2599e940a7a57e05a268c0938fac73167b34c971029b71733bfea2124c9a98535e0138f6ed3cb53613c1f251dd6b1f985404bd1b104d1fee846c172472e42348d65698fdb42b2ee2465aca539919242e5e374a9d1317416d3cf4f58a81be7f71f702ad59b57076cb4e0055b91cedb6812227c90f5b510bc62a8899a493491794ed984ef364df557859b64d667a3bf6af73a4aa0476d9cdb5b0031dfc08618544fd077a6c329a756c722c64d3f25a400f2039c65f94a567444f9e467d312fdeb2aca590b941b77"}, @enc_lim, @enc_lim={0x4, 0x1, 0x1}, @jumbo={0xc2, 0x4, 0x4}]}}}], 0x1510}}], 0x2, 0x24000010)

05:52:09 executing program 1:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000cc0)='./file0\x00', 0x0, 0x2, &(0x7f0000002200)=[{0x0, 0x0, 0x3e5f941b}, {&(0x7f0000001e40)}], 0x18000, &(0x7f0000000040)=ANY=[@ANYBLOB="6e7771756ff4612c73623d307830303030303030303053cd303030309fa9352c00"])
mkdirat(r0, &(0x7f0000000000)='./file0\x00', 0x100)
openat(r0, &(0x7f0000000080)='./file0\x00', 0xca80, 0x90)

[  961.738740] FAULT_INJECTION: forcing a failure.
[  961.738740] name failslab, interval 1, probability 0, space 0, times 0
[  961.739996] CPU: 0 UID: 0 PID: 7800 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  961.740014] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  961.740021] Call Trace:
[  961.740027]  <TASK>
[  961.740033]  dump_stack_lvl+0xfa/0x120
[  961.740056]  should_fail_ex+0x4d7/0x5e0
[  961.740084]  ? __kernfs_new_node+0xd3/0x870
[  961.740096]  should_failslab+0xc2/0x120
[  961.740117]  kmem_cache_alloc_noprof+0x5f/0x3d0
[  961.740134]  ? perf_trace_run_bpf_submit+0xef/0x180
[  961.740165]  __kernfs_new_node+0xd3/0x870
[  961.740186]  ? __pfx___kernfs_new_node+0x10/0x10
[  961.740207]  ? lock_acquire+0x15e/0x2f0
[  961.740221]  ? kernfs_root+0x23/0x2a0
[  961.740234]  ? find_held_lock+0x2b/0x80
[  961.740252]  ? kernfs_root+0xee/0x2a0
[  961.740264]  ? lock_release+0xc8/0x290
[  961.740275]  ? lock_is_held_type+0x9e/0x120
[  961.740300]  kernfs_new_node+0x13c/0x1e0
[  961.740325]  __kernfs_create_file+0x55/0x360
[  961.740349]  sysfs_add_file_mode_ns+0x21c/0x440
[  961.740376]  ? __pfx_slab_attr_store+0x10/0x10
[  961.740401]  internal_create_group+0x571/0xeb0
[  961.740431]  ? __pfx_internal_create_group+0x10/0x10
[  961.740467]  sysfs_slab_add+0x188/0x210
[  961.740489]  do_kmem_cache_create+0x235/0x5a0
[  961.740514]  __kmem_cache_create_args+0x20f/0x360
[  961.740526]  ? p9_client_create+0xd52/0x11b0
[  961.740550]  p9_client_create+0xdfc/0x11b0
[  961.740581]  ? __pfx_p9_client_create+0x10/0x10
[  961.740614]  ? trace_kmalloc+0x1f/0xb0
[  961.740628]  ? legacy_get_tree+0x109/0x220
[  961.740642]  ? vfs_get_tree+0x93/0x340
[  961.740659]  ? lockdep_init_map_type+0x4b/0x240
[  961.740675]  ? __raw_spin_lock_init+0x3a/0x110
[  961.740700]  v9fs_session_init+0x1df/0x17a0
[  961.740716]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  961.740746]  ? find_held_lock+0x2b/0x80
[  961.740763]  ? __create_object+0x59/0x80
[  961.740781]  ? __pfx_v9fs_session_init+0x10/0x10
[  961.740794]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  961.740814]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  961.740839]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  961.740859]  ? __create_object+0x59/0x80
[  961.740878]  ? trace_kmalloc+0x1f/0xb0
[  961.740889]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[  961.740903]  ? cred_has_capability.isra.0+0x1be/0x2c0
[  961.740933]  v9fs_mount+0xbc/0x9e0
[  961.740952]  ? __pfx_v9fs_mount+0x10/0x10
[  961.740974]  ? cap_capable+0xdb/0x3b0
[  961.740994]  ? __pfx_v9fs_mount+0x10/0x10
[  961.741012]  legacy_get_tree+0x109/0x220
[  961.741034]  vfs_get_tree+0x93/0x340
[  961.741052]  path_mount+0x122f/0x1db0
[  961.741075]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  961.741098]  ? __pfx_path_mount+0x10/0x10
[  961.741119]  ? kmem_cache_free+0x2a1/0x460
[  961.741136]  ? putname.part.0+0x11b/0x160
[  961.741153]  ? getname_flags.part.0+0x1c6/0x540
[  961.741183]  ? putname.part.0+0x11b/0x160
[  961.741208]  __x64_sys_mount+0x27b/0x300
[  961.741230]  ? __pfx___x64_sys_mount+0x10/0x10
[  961.741267]  do_syscall_64+0xbf/0x360
[  961.741287]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  961.741301] RIP: 0033:0x7fdbea32eb19
[  961.741312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  961.741324] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  961.741336] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[  961.741345] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[  961.741353] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[  961.741361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  961.741368] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[  961.741404]  </TASK>
[  961.796633] SLUB: Unable to add cache 9p-fcall-cache-95 to sysfs
[  961.803981] 9p: Unknown access argument 18446744073709551615: -34
[  962.370693] audit: type=1326 audit(1755409929.718:128): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7770 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:52:18 executing program 1:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
syncfs(r0)

05:52:18 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x1a1bd, 0x0)

05:52:18 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 69)

05:52:18 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xfffffdf9, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:52:18 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
shmdt(r1)
mprotect(&(0x7f0000e21000/0x3000)=nil, 0x3000, 0x1000000)

05:52:18 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x80000, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:52:18 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

[  971.021311] 9p: Unknown access argument 18446744073709551615: -34
[  971.022067] audit: type=1326 audit(1755409938.362:129): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7811 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:52:18 executing program 3:
lsetxattr$security_ima(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500), &(0x7f0000000540)=@ng={0x4, 0x3, "21b91b0842b9"}, 0x8, 0x3)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x44000)
io_setup(0xfff, &(0x7f0000000040)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
r2 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f00000002c0))
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r3, &(0x7f0000000040)=""/156, 0x9c, 0x2)
io_submit(r0, 0x3, &(0x7f0000000440)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x6, 0x2, r1, &(0x7f0000000140)="bcaab47878e921e5a4e0d46ebb68736dbae4eeb2df158b4984beb133fc023f7f2cfd4433c7264d5d6b838f961703a15c8af5e95301c8", 0x36, 0x78, 0x0, 0x2}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x8, 0x443, 0xffffffffffffffff, &(0x7f00000001c0)="fbc31c9521cc65d65161eddeea46c127a80e3f7c8435d7964e1772ddf04e6b5aa09741cbb1110a30e0d0158d474a648f5b61507d74b5f8a6d773d07eab9fada886d99d404bc7c10e6e73c7e5243f9db3bfd3eb2063fb65a3e4764e2feebd29a3b6eebba28fb8570a857688ecefeb8e87eea759513eeac28533c36834b89c7e386323e0fadd4c1acfcb20c3ed7b696e433d1c4bcfb5ae88926090f97f1cc7434179ab914b13e7a072685cbdb299476600", 0xb0, 0x401}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2, 0x40, r2, &(0x7f0000000300)="743a4eda17f8a2997b7f377d0de7bd14713c6856227a34361e6544515efb99b6299b28370be5cf22d4e68531ac2290fe6758cd409c5e51ee3c968a76faaa6b07f4c28f4da316be215ae625002fda59e78ae8a8c230f48c2fc4c8a81e97dd7423726f4c40f223962bf22e5712f6f0111ddd6c84bbb375836f600a2b9779ca37a85f", 0x81, 0xfffffffffffffffe, 0x0, 0x5, r3}])
io_submit(r0, 0x1, &(0x7f0000000880)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x101}])
ioctl$SG_GET_TIMEOUT(r1, 0x2202, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
ioctl$FS_IOC_GETFLAGS(r4, 0x80086601, &(0x7f0000000000))
syz_open_dev$tty20(0xc, 0x4, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r5, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$NS_GET_OWNER_UID(r5, 0xb704, &(0x7f0000000480))

05:52:18 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 70)

[  971.102256] FAULT_INJECTION: forcing a failure.
[  971.102256] name failslab, interval 1, probability 0, space 0, times 0
[  971.103205] CPU: 1 UID: 0 PID: 7824 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  971.103222] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  971.103230] Call Trace:
[  971.103235]  <TASK>
[  971.103240]  dump_stack_lvl+0xfa/0x120
[  971.103260]  should_fail_ex+0x4d7/0x5e0
[  971.103283]  ? __kernfs_new_node+0xd3/0x870
[  971.103295]  should_failslab+0xc2/0x120
[  971.103315]  kmem_cache_alloc_noprof+0x5f/0x3d0
[  971.103333]  ? perf_trace_lock_acquire+0xc9/0x700
[  971.103353]  __kernfs_new_node+0xd3/0x870
[  971.103367]  ? __pfx___kernfs_new_node+0x10/0x10
[  971.103382]  ? lock_acquire+0x15e/0x2f0
[  971.103395]  ? kernfs_root+0x23/0x2a0
[  971.103406]  ? find_held_lock+0x2b/0x80
[  971.103422]  ? kernfs_root+0xee/0x2a0
[  971.103433]  ? lock_release+0xc8/0x290
[  971.103443]  ? lock_is_held_type+0x9e/0x120
[  971.103461]  kernfs_new_node+0x13c/0x1e0
[  971.103478]  __kernfs_create_file+0x55/0x360
[  971.103498]  sysfs_add_file_mode_ns+0x21c/0x440
[  971.103523]  ? __pfx_slab_attr_store+0x10/0x10
[  971.103545]  internal_create_group+0x571/0xeb0
[  971.103564]  ? __pfx_internal_create_group+0x10/0x10
[  971.103586]  sysfs_slab_add+0x188/0x210
[  971.103604]  do_kmem_cache_create+0x235/0x5a0
[  971.103625]  __kmem_cache_create_args+0x20f/0x360
[  971.103637]  ? p9_client_create+0xd52/0x11b0
[  971.103656]  p9_client_create+0xdfc/0x11b0
[  971.103678]  ? __pfx_p9_client_create+0x10/0x10
[  971.103700]  ? trace_kmalloc+0x1f/0xb0
[  971.103713]  ? legacy_get_tree+0x109/0x220
[  971.103727]  ? vfs_get_tree+0x93/0x340
[  971.103742]  ? lockdep_init_map_type+0x4b/0x240
[  971.103756]  ? __raw_spin_lock_init+0x3a/0x110
[  971.103774]  v9fs_session_init+0x1df/0x17a0
[  971.103789]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  971.103813]  ? find_held_lock+0x2b/0x80
[  971.103832]  ? __create_object+0x59/0x80
[  971.103847]  ? __pfx_v9fs_session_init+0x10/0x10
[  971.103860]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  971.103879]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  971.103897]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  971.103915]  ? __create_object+0x59/0x80
[  971.103930]  ? trace_kmalloc+0x1f/0xb0
[  971.103941]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[  971.103954]  ? cred_has_capability.isra.0+0x1be/0x2c0
[  971.103975]  v9fs_mount+0xbc/0x9e0
[  971.103992]  ? __pfx_v9fs_mount+0x10/0x10
[  971.104010]  ? cap_capable+0xdb/0x3b0
[  971.104024]  ? __pfx_v9fs_mount+0x10/0x10
[  971.104041]  legacy_get_tree+0x109/0x220
[  971.104057]  vfs_get_tree+0x93/0x340
[  971.104073]  path_mount+0x122f/0x1db0
[  971.104092]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  971.104112]  ? __pfx_path_mount+0x10/0x10
[  971.104130]  ? kmem_cache_free+0x2a1/0x460
[  971.104146]  ? putname.part.0+0x11b/0x160
[  971.104160]  ? getname_flags.part.0+0x1c6/0x540
[  971.104175]  ? putname.part.0+0x11b/0x160
[  971.104192]  __x64_sys_mount+0x27b/0x300
[  971.104210]  ? __pfx___x64_sys_mount+0x10/0x10
[  971.104235]  do_syscall_64+0xbf/0x360
[  971.104252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  971.104265] RIP: 0033:0x7fdbea32eb19
[  971.104275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  971.104287] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  971.104299] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[  971.104307] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[  971.104315] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[  971.104323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  971.104330] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[  971.104350]  </TASK>
[  971.128982] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  971.136952] CPU: 0 UID: 0 PID: 7814 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  971.136985] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  971.136998] Call Trace:
[  971.137008]  <TASK>
[  971.137018]  dump_stack_lvl+0xfa/0x120
[  971.137046]  dump_header+0x107/0x950
[  971.137084]  oom_kill_process+0x278/0xa00
[  971.137125]  out_of_memory+0x34b/0x1690
[  971.137167]  ? __pfx_out_of_memory+0x10/0x10
[  971.137213]  mem_cgroup_out_of_memory+0x164/0x190
[  971.137248]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
05:52:18 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x1000000, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[  971.137293]  ? mark_held_locks+0x49/0x80
[  971.137325]  try_charge_memcg+0x81f/0xf30
[  971.137366]  ? __pfx_try_charge_memcg+0x10/0x10
[  971.137409]  charge_memcg+0x7b/0x290
[  971.137439]  __mem_cgroup_charge+0x28/0x90
[  971.137472]  do_wp_page+0x58c/0x3240
[  971.137514]  ? __pfx_do_wp_page+0x10/0x10
[  971.137544]  ? do_raw_spin_lock+0x123/0x260
[  971.137573]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  971.137602]  ? ___pte_offset_map+0x176/0x370
[  971.137636]  __handle_mm_fault+0xde1/0x3030
[  971.137665]  ? reacquire_held_locks+0xd1/0x200
[  971.137689]  ? lock_vma_under_rcu+0x11e/0x530
[  971.137739]  ? __pfx___handle_mm_fault+0x10/0x10
[  971.137772]  ? lock_vma_under_rcu+0x17b/0x530
[  971.137833]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  971.137880]  handle_mm_fault+0x2c3/0x900
[  971.137911]  ? access_error+0x17d/0x380
[  971.137944]  do_user_addr_fault+0x4fa/0xeb0
[  971.137981]  exc_page_fault+0xb0/0x180
[  971.138007]  asm_exc_page_fault+0x26/0x30
[  971.138030] RIP: 0033:0x7ff98baf5d30
[  971.138048] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[  971.138071] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[  971.138090] RAX: 000000000da4c98d RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[  971.138106] RDX: 0000001b2cf2007c RSI: ffffffff812c80c8 RDI: 0000000000000000
[  971.138122] RBP: 0000000000000001 R08: 000000000da4c98d R09: 0000001b2cf2001c
[  971.138137] R10: 000000000000098d R11: 000000000da4c991 R12: 0000000000000017
[  971.138151] R13: 00007ff98bc4f000 R14: ffffffff812c80c8 R15: 00007ff98bc5aff0
[  971.138169]  ? x86_task_fpu+0x58/0xa0
[  971.138206]  ? x86_task_fpu+0x58/0xa0
[  971.138237]  </TASK>
[  971.151413] SLUB: Unable to add cache 9p-fcall-cache-97 to sysfs
[  971.151811] memory: usage 307200kB, limit 307200kB, failcnt 2142
[  971.158266] 9p: Unknown access argument 18446744073709551615: -34
[  971.158782] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
05:52:18 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xfffffdfd, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[  971.178016] Memory cgroup stats for /syz0:
[  971.196257] anon 135168
[  971.197682] file 312950784
[  971.198321] kernel 1486848
[  971.198976] kernel_stack 65536
[  971.199620] pagetables 147456
[  971.200309] sec_pagetables 0
[  971.200977] percpu 64
[  971.201500] sock 0
[  971.202039] vmalloc 0
[  971.202564] shmem 312950784
[  971.203204] file_mapped 0
[  971.203791] file_dirty 0
[  971.204397] file_writeback 0
[  971.205052] swapcached 0
[  971.205618] inactive_anon 306524160
[  971.206386] active_anon 6545408
[  971.207095] inactive_file 0
[  971.207694] active_file 0
[  971.208309] unevictable 0
[  971.208914] slab_reclaimable 948656
[  971.209616] slab_unreclaimable 339648
[  971.210407] slab 1288304
[  971.211007] workingset_refault_anon 0
[  971.211731] workingset_refault_file 1
[  971.212493] workingset_activate_anon 0
[  971.213284] workingset_activate_file 0
[  971.214087] workingset_restore_anon 0
[  971.214865] workingset_restore_file 0
[  971.215597] workingset_nodereclaim 0
[  971.216343] pgdemote_kswapd 0
[  971.217023] pgdemote_direct 0
[  971.217668] pgdemote_khugepaged 0
[  971.218411] pgdemote_proactive 0
[  971.219116] pgscan 801
[  971.219652] pgsteal 9
[  971.220221] pswpin 0
[  971.220731] pswpout 0
[  971.221296] pgscan_kswapd 0
[  971.221956] pgscan_direct 801
[  971.222581] pgscan_khugepaged 0
[  971.223278] pgscan_proactive 0
[  971.223980] pgsteal_kswapd 0
[  971.224599] pgsteal_direct 9
[  971.225245] pgsteal_khugepaged 0
[  971.225957] pgsteal_proactive 0
[  971.226628] pgfault 86953
[  971.227239] pgmajfault 0
[  971.227700] pgrefill 768
[  971.228262] pgactivate 3833
[  971.229122] pgdeactivate 768
[  971.229710] pglazyfree 0
[  971.230309] pglazyfreed 0
[  971.230921] swpin_zero 0
[  971.231482] swpout_zero 0
[  971.232112] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7814,uid=0
[  971.234527] Memory cgroup out of memory: Killed process 7814 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
05:52:18 executing program 0:
mlockall(0x2)
shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r0 = shmget$private(0x0, 0x5000, 0x0, &(0x7f0000ffb000/0x5000)=nil)
shmat(r0, &(0x7f0000ffb000/0x4000)=nil, 0x4000)
shmat(r0, &(0x7f0000ffe000/0x1000)=nil, 0x4000)
r1 = shmget(0x2, 0x2000, 0x400, &(0x7f0000ffe000/0x2000)=nil)
r2 = shmat(r1, &(0x7f0000c22000/0x2000)=nil, 0x6000)
shmdt(0x0)
shmdt(r2)

05:52:18 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

05:52:18 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x2000000, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:52:18 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 71)

[  971.352907] syz-executor.0 invoked oom-killer: gfp_mask=0x402dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO|__GFP_NOWARN), order=2, oom_score_adj=1000
[  971.354023] CPU: 1 UID: 0 PID: 7834 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  971.354039] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  971.354047] Call Trace:
[  971.354052]  <TASK>
[  971.354057]  dump_stack_lvl+0xfa/0x120
[  971.354076]  dump_header+0x107/0x950
[  971.354096]  oom_kill_process+0x278/0xa00
[  971.354114]  out_of_memory+0x34b/0x1690
[  971.354135]  ? __pfx_out_of_memory+0x10/0x10
[  971.354156]  mem_cgroup_out_of_memory+0x164/0x190
[  971.354175]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  971.354197]  ? mark_held_locks+0x49/0x80
[  971.354214]  try_charge_memcg+0x81f/0xf30
[  971.354234]  ? __pfx_try_charge_memcg+0x10/0x10
[  971.354251]  ? get_mem_cgroup_from_objcg+0xf8/0x430
[  971.354266]  obj_cgroup_charge_account+0xa8/0x6e0
[  971.354285]  __memcg_slab_post_alloc_hook+0x33c/0x9d0
[  971.354303]  ? __create_object+0x59/0x80
[  971.354319]  __kvmalloc_node_noprof+0x4eb/0x590
[  971.354335]  ? futex_hash_allocate+0x108/0x10a0
[  971.354354]  ? find_held_lock+0x2b/0x80
[  971.354370]  ? futex_hash_allocate+0x2d4/0x10a0
[  971.354391]  ? futex_hash_allocate+0x2d4/0x10a0
[  971.354408]  futex_hash_allocate+0x2d4/0x10a0
[  971.354427]  ? do_raw_spin_lock+0x123/0x260
[  971.354442]  ? __pfx_futex_hash_allocate+0x10/0x10
[  971.354460]  ? lock_acquire+0x15e/0x2f0
[  971.354471]  ? futex_hash_allocate_default+0x63/0x5b0
[  971.354485]  ? find_held_lock+0x2b/0x80
[  971.354500]  ? futex_hash_allocate_default+0x2a1/0x5b0
[  971.354513]  ? lock_release+0xc8/0x290
[  971.354523]  ? lock_is_held_type+0x9e/0x120
[  971.354538]  futex_hash_allocate_default+0x319/0x5b0
[  971.354552]  copy_process+0x41f2/0x73e0
[  971.354574]  ? __pfx_copy_process+0x10/0x10
[  971.354588]  ? __pfx_do_wp_page+0x10/0x10
[  971.354609]  kernel_clone+0xea/0x7f0
[  971.354622]  ? __pfx_kernel_clone+0x10/0x10
[  971.354635]  ? __lock_acquire+0x694/0x1b70
[  971.354648]  ? css_rstat_updated+0x1b8/0x4d0
[  971.354664]  ? __pfx_css_rstat_updated+0x10/0x10
[  971.354683]  __do_sys_clone+0xce/0x120
[  971.354694]  ? __pfx___do_sys_clone+0x10/0x10
[  971.354705]  ? rcu_read_unlock+0x2d/0xb0
[  971.354733]  do_syscall_64+0xbf/0x360
[  971.354748]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  971.354761] RIP: 0033:0x7ff98bb48f41
[  971.354771] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[  971.354782] RSP: 002b:00007ffc54e38fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  971.354794] RAX: ffffffffffffffda RBX: 00007ff9890bd700 RCX: 00007ff98bb48f41
[  971.354802] RDX: 00007ff9890bd9d0 RSI: 00007ff9890bd2f0 RDI: 00000000003d0f00
[  971.354810] RBP: 00007ffc54e39220 R08: 00007ff9890bd700 R09: 00007ff9890bd700
[  971.354822] R10: 00007ff9890bd9d0 R11: 0000000000000206 R12: 00007ffc54e3909e
[  971.354830] R13: 00007ffc54e3909f R14: 00007ff9890bd300 R15: 0000000000022000
[  971.354848]  </TASK>
[  971.376251] memory: usage 307192kB, limit 307200kB, failcnt 2177
[  971.376735] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  971.377229] Memory cgroup stats for /syz0:
[  971.377952] anon 98304
[  971.378492] file 312950784
[  971.378720] kernel 1499136
[  971.378978] kernel_stack 65536
[  971.379239] pagetables 147456
[  971.379487] sec_pagetables 0
[  971.379729] percpu 128
[  971.379950] sock 0
[  971.380132] vmalloc 0
[  971.380330] shmem 312950784
[  971.380566] file_mapped 0
[  971.380788] file_dirty 0
[  971.381023] file_writeback 0
[  971.381267] swapcached 0
[  971.381480] inactive_anon 306458624
[  971.381775] active_anon 6545408
[  971.382059] inactive_file 0
[  971.382296] active_file 0
[  971.382518] unevictable 0
[  971.382738] slab_reclaimable 948656
[  971.383045] slab_unreclaimable 351656
[  971.383347] slab 1300312
[  971.383560] workingset_refault_anon 0
[  971.383878] workingset_refault_file 1
[  971.384183] workingset_activate_anon 0
[  971.384490] workingset_activate_file 0
[  971.384791] workingset_restore_anon 0
[  971.385107] workingset_restore_file 0
[  971.385411] workingset_nodereclaim 0
[  971.385709] pgdemote_kswapd 0
[  971.385987] pgdemote_direct 0
[  971.386240] pgdemote_khugepaged 0
[  971.386510] pgdemote_proactive 0
[  971.386778] pgscan 801
[  971.386999] pgsteal 9
[  971.387199] pswpin 0
[  971.387389] pswpout 0
[  971.387586] pgscan_kswapd 0
[  971.387838] pgscan_direct 801
[  971.388091] pgscan_khugepaged 0
[  971.388353] pgscan_proactive 0
[  971.388611] pgsteal_kswapd 0
[  971.388873] pgsteal_direct 9
[  971.389118] pgsteal_khugepaged 0
[  971.389384] pgsteal_proactive 0
[  971.389645] pgfault 86989
[  971.389892] pgmajfault 0
[  971.390110] pgrefill 768
[  971.390323] pgactivate 3833
[  971.390557] pgdeactivate 768
[  971.390805] pglazyfree 0
[  971.391041] pglazyfreed 0
[  971.391273] swpin_zero 0
[  971.391490] swpout_zero 0
[  971.391713] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7834,uid=0
[  971.393293] Memory cgroup out of memory: Killed process 7834 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
05:52:18 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xfffffdff, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:52:18 executing program 1:
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/cgroup\x00')
setns(r0, 0x0)
setns(r0, 0x0)

[  971.553368] 9p: Unknown access argument 18446744073709551615: -34
[  971.847621] audit: type=1326 audit(1755409939.195:130): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7811 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:52:31 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x3000000, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:52:31 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 72)

05:52:31 executing program 1:
creat(&(0x7f0000000080)='./file0\x00', 0x0)
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x31006, 0x0)
mount$bind(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x80000, 0x0)
lsetxattr$security_evm(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000140)=@ng={0x4, 0x0, "4096af53a27580e694f57814d6a5efc960"}, 0x13, 0x2)

05:52:31 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000478000/0x4000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
r2 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r3 = shmat(r2, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
r4 = shmget$private(0x0, 0x5000, 0x1000, &(0x7f0000ffb000/0x5000)=nil)
shmat(r4, &(0x7f0000ffb000/0x4000)=nil, 0x4000)
shmat(r4, &(0x7f0000ffe000/0x1000)=nil, 0x4000)
shmat(r4, &(0x7f0000cc0000/0x4000)=nil, 0x1000)
shmdt(r3)
shmdt(r3)
munlock(&(0x7f0000958000/0x2000)=nil, 0x2000)
shmdt(0x0)
shmdt(r1)

05:52:31 executing program 3:
r0 = syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)={[{@journal_dev}]})
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000000)={0x0, <r3=>0x0}, &(0x7f0000000040)=0x5)
setuid(r3)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x4000, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfNno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0, @ANYBLOB=',noextend,uname=journal_dev,msize=0x0000000000008001,fsname=journal_dev,smackfsdef=journal_dev,hash,fowner>', @ANYRESDEC=r3, @ANYBLOB=',appraise,fscontext=user_u,rootcontext=system_u,\x00'])
close(r2)

05:52:31 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xffffff7f, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:52:31 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x30000, 0x0)

05:52:31 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

[  983.913165] No source specified
[  983.920899] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
05:52:31 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xffffff8c, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[  983.940759] audit: type=1326 audit(1755409951.286:131): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7855 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
[  983.965287] FAULT_INJECTION: forcing a failure.
05:52:31 executing program 3:
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
clone3(&(0x7f0000005880)={0x10a001080, 0x0, 0x0, 0x0, {0x30}, 0x0, 0x0, 0x0, 0x0}, 0x58)

[  983.965287] name failslab, interval 1, probability 0, space 0, times 0
[  983.967319] CPU: 1 UID: 0 PID: 7871 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  983.967354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  983.967369] Call Trace:
[  983.967379]  <TASK>
[  983.967390]  dump_stack_lvl+0xfa/0x120
[  983.967427]  should_fail_ex+0x4d7/0x5e0
[  983.967472]  ? __kernfs_new_node+0xd3/0x870
[  983.967495]  should_failslab+0xc2/0x120
[  983.967536]  kmem_cache_alloc_noprof+0x5f/0x3d0
[  983.967572]  ? perf_trace_lock_acquire+0xc9/0x700
[  983.967612]  __kernfs_new_node+0xd3/0x870
[  983.967643]  ? __pfx___kernfs_new_node+0x10/0x10
[  983.967675]  ? lock_acquire+0x15e/0x2f0
[  983.967700]  ? kernfs_root+0x23/0x2a0
[  983.967724]  ? find_held_lock+0x2b/0x80
[  983.967759]  ? kernfs_root+0xee/0x2a0
[  983.967784]  ? lock_release+0xc8/0x290
[  983.967807]  ? lock_is_held_type+0x9e/0x120
[  983.967851]  kernfs_new_node+0x13c/0x1e0
[  983.967887]  __kernfs_create_file+0x55/0x360
[  983.967928]  sysfs_add_file_mode_ns+0x21c/0x440
[  983.967973]  ? __pfx_slab_attr_store+0x10/0x10
[  983.968016]  internal_create_group+0x571/0xeb0
[  983.968055]  ? __pfx_internal_create_group+0x10/0x10
[  983.968101]  sysfs_slab_add+0x188/0x210
[  983.968139]  do_kmem_cache_create+0x235/0x5a0
[  983.968182]  __kmem_cache_create_args+0x20f/0x360
[  983.968207]  ? p9_client_create+0xd52/0x11b0
[  983.968246]  p9_client_create+0xdfc/0x11b0
[  983.968291]  ? __pfx_p9_client_create+0x10/0x10
[  983.968339]  ? trace_kmalloc+0x1f/0xb0
[  983.968365]  ? legacy_get_tree+0x109/0x220
[  983.968394]  ? vfs_get_tree+0x93/0x340
[  983.968424]  ? lockdep_init_map_type+0x4b/0x240
[  983.968453]  ? __raw_spin_lock_init+0x3a/0x110
[  983.968492]  v9fs_session_init+0x1df/0x17a0
[  983.968523]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  983.968570]  ? find_held_lock+0x2b/0x80
[  983.968604]  ? __create_object+0x59/0x80
[  983.968634]  ? __pfx_v9fs_session_init+0x10/0x10
[  983.968662]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  983.968701]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  983.968741]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  983.968781]  ? __create_object+0x59/0x80
[  983.968811]  ? trace_kmalloc+0x1f/0xb0
[  983.968835]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[  983.968865]  ? cred_has_capability.isra.0+0x1be/0x2c0
[  983.968906]  v9fs_mount+0xbc/0x9e0
[  983.968942]  ? __pfx_v9fs_mount+0x10/0x10
[  983.968981]  ? cap_capable+0xdb/0x3b0
[  983.969011]  ? __pfx_v9fs_mount+0x10/0x10
[  983.969046]  legacy_get_tree+0x109/0x220
[  983.969082]  vfs_get_tree+0x93/0x340
[  983.969114]  path_mount+0x122f/0x1db0
[  983.969154]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  983.969197]  ? __pfx_path_mount+0x10/0x10
[  983.969235]  ? kmem_cache_free+0x2a1/0x460
[  983.969270]  ? putname.part.0+0x11b/0x160
[  983.969298]  ? getname_flags.part.0+0x1c6/0x540
[  983.969331]  ? putname.part.0+0x11b/0x160
[  983.969366]  __x64_sys_mount+0x27b/0x300
[  983.969406]  ? __pfx___x64_sys_mount+0x10/0x10
[  983.969459]  do_syscall_64+0xbf/0x360
[  983.969492]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  983.969518] RIP: 0033:0x7fdbea32eb19
[  983.969537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  983.969563] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  983.969587] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[  983.969605] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[  983.969621] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[  983.969638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  983.969653] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[  983.969694]  </TASK>
05:52:31 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

[  984.044560] SLUB: Unable to add cache 9p-fcall-cache-99 to sysfs
[  984.051125] 9p: Unknown access argument 18446744073709551615: -34
05:52:31 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xffffff97, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:52:31 executing program 1:
syz_mount_image$tmpfs(&(0x7f0000000400), &(0x7f0000000440)='./file0\x00', 0x0, 0x3, &(0x7f0000000800)=[{&(0x7f0000000480)="e0", 0x1}, {&(0x7f0000000540)="9f", 0x12}, {&(0x7f0000000680)='\"', 0x1, 0x101}], 0x0, &(0x7f00000008c0))
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000080)={'dummy0\x00', &(0x7f0000000000)=@ethtool_coalesce={0x0, 0x7, 0x1, 0x6, 0x100, 0x0, 0x2, 0x8, 0x6, 0x5, 0x24a, 0x5, 0x7e5, 0x50, 0xa7b2, 0x4, 0x100, 0x200, 0x7, 0x6, 0x7, 0x810, 0x95ab}})
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.throttle.io_serviced\x00', 0x0, 0x0)
faccessat(r0, &(0x7f0000000100)='./file0/file0\x00', 0x150)
utime(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000180)={0x9e, 0x7})

05:52:31 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x4000000, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:52:31 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xfffffff6, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[  984.121490] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  984.123002] CPU: 1 UID: 0 PID: 7864 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  984.123032] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  984.123045] Call Trace:
[  984.123054]  <TASK>
[  984.123063]  dump_stack_lvl+0xfa/0x120
[  984.123096]  dump_header+0x107/0x950
[  984.123132]  oom_kill_process+0x278/0xa00
[  984.123165]  out_of_memory+0x34b/0x1690
[  984.123209]  ? __pfx_out_of_memory+0x10/0x10
[  984.123250]  mem_cgroup_out_of_memory+0x164/0x190
[  984.123283]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  984.123324]  ? mark_held_locks+0x49/0x80
[  984.123355]  try_charge_memcg+0x81f/0xf30
[  984.123393]  ? __pfx_try_charge_memcg+0x10/0x10
[  984.123432]  charge_memcg+0x7b/0x290
[  984.123459]  __mem_cgroup_charge+0x28/0x90
[  984.123490]  do_wp_page+0x58c/0x3240
[  984.123527]  ? __pfx_do_wp_page+0x10/0x10
[  984.123554]  ? do_raw_spin_lock+0x123/0x260
[  984.123582]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  984.123609]  ? ___pte_offset_map+0x176/0x370
[  984.123638]  __handle_mm_fault+0xde1/0x3030
[  984.123666]  ? reacquire_held_locks+0xd1/0x200
[  984.123687]  ? lock_vma_under_rcu+0x11e/0x530
[  984.123725]  ? __pfx___handle_mm_fault+0x10/0x10
[  984.123755]  ? lock_vma_under_rcu+0x17b/0x530
[  984.123803]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  984.123852]  handle_mm_fault+0x2c3/0x900
[  984.123881]  ? access_error+0x17d/0x380
[  984.123910]  do_user_addr_fault+0x4fa/0xeb0
[  984.123943]  exc_page_fault+0xb0/0x180
[  984.123968]  asm_exc_page_fault+0x26/0x30
[  984.123991] RIP: 0033:0x7ff98baf5d30
[  984.124009] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[  984.124030] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[  984.124049] RAX: 000000000da4c98d RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[  984.124064] RDX: 0000001b2cf2007c RSI: ffffffff812c80c8 RDI: 0000000000000000
[  984.124079] RBP: 0000000000000001 R08: 000000000da4c98d R09: 0000001b2cf2001c
[  984.124093] R10: 000000000000098d R11: 000000000da4c991 R12: 0000000000000017
[  984.124107] R13: 00007ff98bc4f000 R14: ffffffff812c80c8 R15: 00007ff98bc5aff0
[  984.124122]  ? x86_task_fpu+0x58/0xa0
[  984.124155]  ? x86_task_fpu+0x58/0xa0
[  984.124183]  </TASK>
[  984.155204] memory: usage 307200kB, limit 307200kB, failcnt 2195
[  984.156128] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  984.157032] Memory cgroup stats for /syz0:
[  984.183670] anon 135168
[  984.185322] file 312950784
[  984.185747] kernel 1486848
[  984.186429] kernel_stack 65536
05:52:31 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xfffffffb, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[  984.187168] pagetables 147456
[  984.187753] sec_pagetables 0
[  984.189740] percpu 64
[  984.190341] sock 0
[  984.190687] vmalloc 0
[  984.191081] shmem 312950784
[  984.191518] file_mapped 0
[  984.191956] file_dirty 0
[  984.192353] file_writeback 0
[  984.192803] swapcached 0
[  984.193230] inactive_anon 306540544
[  984.193764] active_anon 6545408
[  984.194283] inactive_file 0
[  984.194722] active_file 0
[  984.195166] unevictable 0
[  984.195578] slab_reclaimable 948656
[  984.196137] slab_unreclaimable 339648
[  984.196695] slab 1288304
[  984.197117] workingset_refault_anon 0
[  984.197674] workingset_refault_file 1
[  984.198247] workingset_activate_anon 0
[  984.198853] workingset_activate_file 0
[  984.199427] workingset_restore_anon 0
[  984.199997] workingset_restore_file 0
[  984.200553] workingset_nodereclaim 0
[  984.201130] pgdemote_kswapd 0
[  984.201597] pgdemote_direct 0
[  984.202080] pgdemote_khugepaged 0
[  984.202598] pgdemote_proactive 0
[  984.203125] pgscan 801
[  984.203512] pgsteal 9
[  984.203908] pswpin 0
[  984.204261] pswpout 0
[  984.204630] pgscan_kswapd 0
[  984.205092] pgscan_direct 801
[  984.205548] pgscan_khugepaged 0
[  984.206068] pgscan_proactive 0
[  984.206543] pgsteal_kswapd 0
[  984.207015] pgsteal_direct 9
[  984.207465] pgsteal_khugepaged 0
[  984.207997] pgsteal_proactive 0
[  984.208484] pgfault 87041
[  984.208926] pgmajfault 0
[  984.209321] pgrefill 768
[  984.209725] pgactivate 3833
[  984.210200] pgdeactivate 768
[  984.210682] pglazyfree 0
[  984.211132] pglazyfreed 0
[  984.211547] swpin_zero 0
[  984.211974] swpout_zero 0
[  984.212383] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7864,uid=0
[  984.214526] Memory cgroup out of memory: Killed process 7864 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
05:52:31 executing program 3:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x1e9e, &(0x7f0000000840)={&(0x7f0000000800)=ANY=[@ANYBLOB="60cb1724", @ANYRES16=r2, @ANYBLOB="070000000000000000002100000005002000000000000c000500000000000000000009001f007068793000000000"], 0x34}}, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r0)
sendmsg$NL802154_CMD_SET_CHANNEL(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r4, 0x300, 0x70bd29, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1f}]}, 0x2c}}, 0x20000000)

05:52:31 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 73)

05:52:31 executing program 1:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
acct(&(0x7f0000000040)='./file0\x00')
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/power/pm_print_times', 0x200400, 0x112)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f00000002c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r2, @ANYBLOB="0400000000000000000580006c65309c69c247fb0dd24fcf15fdf81030dd86771de918adc00463d977b18f8016c1cf51f24ef8a54dc260905c901486f4a968aac0e9ec96aa55ee971e492a17011553bc8b4c6e857b739d5846f9ef66ad96fd219038695defedacec153c6f"])
acct(0x0)
quotactl(0x2, &(0x7f0000000080)='./file0\x00', 0xee00, &(0x7f00000000c0)="cb24e93994ea3e3d6190aa1b13dd46ee9968907064ffbd82e17099a81d23fd3c76e0e5cf180809913aa82b4b7abff69ea9990c5baeeeece524f2f5bbb130f7c451113a6a371adf2c744b4e6a5d598090761d70c6fc9437ade238a36cef4dbda05438ac6a3963279cc5ff9db1e769b8068fd1e4dbddb701d5134b9b48f2a24edd63e7430376e6d9254e9ba627f308c664562f198d87ff11d95898a03b621f2989fd61d795eb0514e7c627d28293215d9bc3247ec6b44683e2356644fa45a7b28c9e5562ab4b02a7bafa42976d7d5ba04752bfa74bb46ab4f5b5a9820ad49f12866eec68c86f31b973")
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6002, 0x0)
sendto$unix(r1, &(0x7f0000000240)="2801f2a0ae4d042668fe4f42455f84d368919895d58851e12d1b", 0x1a, 0x40000, &(0x7f0000000340)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendfile(r3, r3, 0x0, 0x1000)

05:52:31 executing program 0:
mlockall(0x2)
mlockall(0x6)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(r1)

05:52:31 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

[  984.298560] Process accounting resumed
05:52:31 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xfffffffd, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[  984.322534] Process accounting resumed
[  984.323176] 9p: Unknown access argument 18446744073709551615: -34
[  984.423164] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  984.424699] CPU: 1 UID: 0 PID: 7905 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  984.424730] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  984.424744] Call Trace:
[  984.424752]  <TASK>
[  984.424760]  dump_stack_lvl+0xfa/0x120
[  984.424793]  dump_header+0x107/0x950
[  984.424835]  oom_kill_process+0x278/0xa00
[  984.424868]  out_of_memory+0x34b/0x1690
[  984.424906]  ? __pfx_out_of_memory+0x10/0x10
[  984.424947]  mem_cgroup_out_of_memory+0x164/0x190
[  984.424981]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  984.425022]  ? mark_held_locks+0x49/0x80
[  984.425053]  try_charge_memcg+0x81f/0xf30
[  984.425090]  ? __pfx_try_charge_memcg+0x10/0x10
[  984.425129]  charge_memcg+0x7b/0x290
[  984.425156]  __mem_cgroup_charge+0x28/0x90
[  984.425187]  do_wp_page+0x58c/0x3240
[  984.425225]  ? __pfx_do_wp_page+0x10/0x10
[  984.425253]  ? do_raw_spin_lock+0x123/0x260
[  984.425281]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  984.425308]  ? ___pte_offset_map+0x176/0x370
[  984.425338]  __handle_mm_fault+0xde1/0x3030
[  984.425365]  ? reacquire_held_locks+0xd1/0x200
[  984.425387]  ? lock_vma_under_rcu+0x11e/0x530
[  984.425424]  ? __pfx___handle_mm_fault+0x10/0x10
[  984.425454]  ? lock_vma_under_rcu+0x17b/0x530
[  984.425502]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  984.425545]  handle_mm_fault+0x2c3/0x900
[  984.425574]  ? access_error+0x17d/0x380
[  984.425604]  do_user_addr_fault+0x4fa/0xeb0
[  984.425637]  exc_page_fault+0xb0/0x180
[  984.425661]  asm_exc_page_fault+0x26/0x30
[  984.425683] RIP: 0033:0x7ff98baf5d30
[  984.425700] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[  984.425721] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[  984.425739] RAX: 00000000d44b4167 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[  984.425754] RDX: 0000001b2cf20024 RSI: ffffffff819e8236 RDI: 0000000000000000
[  984.425768] RBP: 0000000000000001 R08: 00000000d44b4167 R09: 0000001b2cf2001c
[  984.425782] R10: 0000000000000167 R11: 00000000d44b416b R12: 0000000000000001
[  984.425795] R13: 00007ff98bc4f000 R14: ffffffff819e8236 R15: 00007ff98bc5aff0
[  984.425811]  ? __do_sys_mlockall+0x16/0x5c0
[  984.425853]  ? __do_sys_mlockall+0x16/0x5c0
[  984.425890]  </TASK>
[  984.456883] memory: usage 307200kB, limit 307200kB, failcnt 2218
[  984.457757] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  984.458678] Memory cgroup stats for /syz0:
[  984.461969] anon 110592
[  984.463011] file 312950784
[  984.463433] kernel 1511424
[  984.463957] kernel_stack 65536
[  984.464436] pagetables 151552
[  984.465135] sec_pagetables 0
[  984.465586] percpu 128
[  984.465997] sock 0
[  984.466335] vmalloc 0
[  984.466724] shmem 312950784
[  984.467203] file_mapped 0
[  984.467615] file_dirty 0
[  984.468050] file_writeback 0
[  984.468503] swapcached 0
[  984.468942] inactive_anon 306515968
[  984.469480] active_anon 6545408
[  984.470007] inactive_file 0
[  984.470437] active_file 0
[  984.470896] unevictable 0
[  984.471313] slab_reclaimable 948656
[  984.471877] slab_unreclaimable 359856
[  984.472434] slab 1308512
[  984.472877] workingset_refault_anon 0
[  984.473429] workingset_refault_file 1
[  984.474025] workingset_activate_anon 0
[  984.474602] workingset_activate_file 0
[  984.475204] workingset_restore_anon 0
[  984.475763] workingset_restore_file 0
[  984.476360] workingset_nodereclaim 0
[  984.476937] pgdemote_kswapd 0
[  984.477402] pgdemote_direct 0
[  984.477906] pgdemote_khugepaged 0
[  984.478414] pgdemote_proactive 0
[  984.478968] pgscan 801
[  984.479356] pgsteal 9
[  984.479725] pswpin 0
[  984.480114] pswpout 0
[  984.480482] pgscan_kswapd 0
[  984.480951] pgscan_direct 801
[  984.481423] pgscan_khugepaged 0
[  984.481950] pgscan_proactive 0
[  984.482422] pgsteal_kswapd 0
[  984.482919] pgsteal_direct 9
[  984.483373] pgsteal_khugepaged 0
[  984.483900] pgsteal_proactive 0
[  984.484386] pgfault 87082
[  984.484794] pgmajfault 0
[  984.485225] pgrefill 768
[  984.485625] pgactivate 3833
[  984.486090] pgdeactivate 768
[  984.486566] pglazyfree 0
[  984.487003] pglazyfreed 0
[  984.487412] swpin_zero 0
[  984.487811] swpout_zero 0
[  984.488277] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7905,uid=0
[  984.490596] Memory cgroup out of memory: Killed process 7905 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  984.765158] audit: type=1326 audit(1755409952.112:132): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7855 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:52:43 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x50000, 0x0)

05:52:43 executing program 0:
mlockall(0x2)
r0 = shmat(0x0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(r0)
shmdt(0x0)
mlockall(0x5)
shmat(0x0, &(0x7f00007bd000/0x5000)=nil, 0x5000)
r1 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r2 = shmat(r1, &(0x7f0000ffa000/0x4000)=nil, 0x1000)
r3 = shmget$private(0x0, 0x5000, 0x0, &(0x7f0000ffb000/0x5000)=nil)
shmat(r3, &(0x7f0000ffb000/0x4000)=nil, 0x4000)
shmat(r3, &(0x7f0000ffe000/0x1000)=nil, 0x4000)
shmat(r3, &(0x7f0000cc8000/0x4000)=nil, 0x4000)
shmdt(r2)
shmat(r1, &(0x7f0000937000/0x1000)=nil, 0x3000)
r4 = shmat(r1, &(0x7f000053e000/0x4000)=nil, 0x0)
munlock(&(0x7f0000fff000/0x1000)=nil, 0x1000)
shmdt(r4)

05:52:43 executing program 3:
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000bc0)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c0000000000000000fd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172edcf090a5f0", 0xb0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
write(r0, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba308cfc4161e562abde3ac4f3d7e0a3584d4928100197f102307c05c0b4b4898b0591bc1433af443478979f28e6136ffb21aaeac2be5490475a08e96bb94fd9d9d3aa2f8a1e147a80ba9bfd04dac3f476ff128476c693ea71f7be47a508c98eddc479eb703d6f17cc5be2182f7c39b0a47eb23e0808b5d87dd2a9ce88eb48a601781c53677b642fa92a7b767d76e208d17a13940ff013466264e16a26d7f004dfb575a75317d1eded2d32cbd9c6789c474435873ebc769bfbf0a064e61b363a4c45bc4b5fc77b81c120bbd2ecf508e7485bfcf1facea6f5763bb13023aed4cd7ff200554cb5d3307dfc43e8fc49878f7ac27e2226a48d87471708d036d5448c20207731438839301058c114dce8bd59355705c1d94d99aa6a2a394a94ddd456c3b66ea43e84253bab73e0699ea6778861b1cf71ce86ffe512040a7c274b4e07", 0x2bf)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>r0}, './file0\x00'})
read$hidraw(r2, &(0x7f0000000100)=""/182, 0xb6)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfaf}, 0x0, 0x0, 0xffffffffffffffff, 0x9)
getpgid(0x0)
r3 = getpgrp(0x0)
kcmp(r3, r3, 0x5, 0xffffffffffffffff, 0xffffffffffffffff)
getpgrp(0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
sendfile(r0, r1, 0x0, 0xfdef)

05:52:43 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, 0x0)
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

05:52:43 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x5000000, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:52:43 executing program 1:
setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000000)={@empty, @remote}, 0x8)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TCSETSF2(r0, 0x5423, &(0x7f0000000080)={0x2, 0x0, 0x7, 0x0, 0x0, "f2286b000000000000f900"})
ioctl$TIOCSERGETLSR(r0, 0x5459, &(0x7f0000000040))

05:52:43 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xfffffffe, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:52:43 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 74)

[  996.216106] audit: type=1326 audit(1755409963.559:133): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7914 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
[  996.273953] FAULT_INJECTION: forcing a failure.
[  996.273953] name failslab, interval 1, probability 0, space 0, times 0
[  996.276364] CPU: 0 UID: 0 PID: 7924 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  996.276396] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  996.276409] Call Trace:
[  996.276419]  <TASK>
[  996.276429]  dump_stack_lvl+0xfa/0x120
[  996.276467]  should_fail_ex+0x4d7/0x5e0
[  996.276516]  ? __kernfs_new_node+0xd3/0x870
[  996.276536]  should_failslab+0xc2/0x120
[  996.276576]  kmem_cache_alloc_noprof+0x5f/0x3d0
[  996.276606]  ? perf_trace_run_bpf_submit+0xef/0x180
[  996.276662]  __kernfs_new_node+0xd3/0x870
[  996.276701]  ? __pfx___kernfs_new_node+0x10/0x10
[  996.276740]  ? lock_acquire+0x15e/0x2f0
[  996.276764]  ? kernfs_root+0x23/0x2a0
[  996.276788]  ? find_held_lock+0x2b/0x80
[  996.276827]  ? kernfs_root+0xee/0x2a0
[  996.276850]  ? lock_release+0xc8/0x290
[  996.276870]  ? lock_is_held_type+0x9e/0x120
[  996.276916]  kernfs_new_node+0x13c/0x1e0
[  996.276960]  __kernfs_create_file+0x55/0x360
[  996.277006]  sysfs_add_file_mode_ns+0x21c/0x440
[  996.277053]  ? __pfx_slab_attr_store+0x10/0x10
[  996.277100]  internal_create_group+0x571/0xeb0
[  996.277159]  ? __pfx_internal_create_group+0x10/0x10
[  996.277226]  sysfs_slab_add+0x188/0x210
[  996.277266]  do_kmem_cache_create+0x235/0x5a0
[  996.277313]  __kmem_cache_create_args+0x20f/0x360
[  996.277336]  ? p9_client_create+0xd52/0x11b0
[  996.277379]  p9_client_create+0xdfc/0x11b0
[  996.277435]  ? __pfx_p9_client_create+0x10/0x10
[  996.277497]  ? trace_kmalloc+0x1f/0xb0
[  996.277523]  ? legacy_get_tree+0x109/0x220
[  996.277549]  ? vfs_get_tree+0x93/0x340
[  996.277578]  ? lockdep_init_map_type+0x4b/0x240
[  996.277608]  ? __raw_spin_lock_init+0x3a/0x110
[  996.277654]  v9fs_session_init+0x1df/0x17a0
[  996.277683]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  996.277736]  ? find_held_lock+0x2b/0x80
[  996.277768]  ? __create_object+0x59/0x80
[  996.277800]  ? __pfx_v9fs_session_init+0x10/0x10
[  996.277825]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  996.277860]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  996.277898]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  996.277935]  ? __create_object+0x59/0x80
[  996.277969]  ? trace_kmalloc+0x1f/0xb0
[  996.277990]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[  996.278015]  ? cred_has_capability.isra.0+0x1be/0x2c0
[  996.278070]  v9fs_mount+0xbc/0x9e0
[  996.278106]  ? __pfx_v9fs_mount+0x10/0x10
[  996.278147]  ? cap_capable+0xdb/0x3b0
[  996.278183]  ? __pfx_v9fs_mount+0x10/0x10
[  996.278216]  legacy_get_tree+0x109/0x220
[  996.278256]  vfs_get_tree+0x93/0x340
[  996.278290]  path_mount+0x122f/0x1db0
[  996.278332]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  996.278380]  ? __pfx_path_mount+0x10/0x10
[  996.278420]  ? kmem_cache_free+0x2a1/0x460
[  996.278455]  ? putname.part.0+0x11b/0x160
[  996.278485]  ? getname_flags.part.0+0x1c6/0x540
[  996.278525]  ? putname.part.0+0x11b/0x160
[  996.278569]  __x64_sys_mount+0x27b/0x300
[  996.278610]  ? __pfx___x64_sys_mount+0x10/0x10
[  996.278680]  do_syscall_64+0xbf/0x360
05:52:43 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, 0x0)
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

[  996.278717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  996.278742] RIP: 0033:0x7fdbea32eb19
[  996.278761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  996.278784] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  996.278808] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[  996.278824] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[  996.278838] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
05:52:43 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x40000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[  996.278853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  996.278867] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[  996.278934]  </TASK>
[  996.286014] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  996.333913] CPU: 1 UID: 0 PID: 7913 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  996.333957] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  996.333975] Call Trace:
[  996.333985]  <TASK>
[  996.333995]  dump_stack_lvl+0xfa/0x120
[  996.334027]  dump_header+0x107/0x950
[  996.334064]  oom_kill_process+0x278/0xa00
[  996.334098]  out_of_memory+0x34b/0x1690
[  996.334138]  ? __pfx_out_of_memory+0x10/0x10
[  996.334186]  mem_cgroup_out_of_memory+0x164/0x190
[  996.334219]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  996.334262]  ? mark_held_locks+0x49/0x80
[  996.334293]  try_charge_memcg+0x81f/0xf30
[  996.334332]  ? __pfx_try_charge_memcg+0x10/0x10
[  996.334373]  charge_memcg+0x7b/0x290
[  996.334400]  __mem_cgroup_charge+0x28/0x90
[  996.334431]  do_wp_page+0x58c/0x3240
[  996.334471]  ? __pfx_do_wp_page+0x10/0x10
[  996.334499]  ? do_raw_spin_lock+0x123/0x260
[  996.334526]  ? __pfx_do_raw_spin_lock+0x10/0x10
05:52:43 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x6000000, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[  996.334553]  ? ___pte_offset_map+0x176/0x370
[  996.334585]  __handle_mm_fault+0xde1/0x3030
[  996.334612]  ? reacquire_held_locks+0xd1/0x200
[  996.334634]  ? lock_vma_under_rcu+0x11e/0x530
[  996.334672]  ? __pfx___handle_mm_fault+0x10/0x10
[  996.334703]  ? lock_vma_under_rcu+0x17b/0x530
[  996.334755]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  996.334800]  handle_mm_fault+0x2c3/0x900
[  996.334837]  ? access_error+0x17d/0x380
[  996.334868]  do_user_addr_fault+0x4fa/0xeb0
[  996.334903]  exc_page_fault+0xb0/0x180
[  996.334933]  asm_exc_page_fault+0x26/0x30
[  996.334965] RIP: 0033:0x7ff98baf5d30
[  996.334985] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[  996.335006] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[  996.335025] RAX: 000000000da4c98d RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[  996.335040] RDX: 0000001b2cf2007c RSI: ffffffff812c80c8 RDI: 0000000000000000
[  996.335054] RBP: 0000000000000001 R08: 000000000da4c98d R09: 0000001b2cf2001c
[  996.335068] R10: 000000000000098d R11: 000000000da4c991 R12: 0000000000000017
[  996.335081] R13: 00007ff98bc4f000 R14: ffffffff812c80c8 R15: 00007ff98bc5aff0
[  996.335097]  ? x86_task_fpu+0x58/0xa0
[  996.335133]  ? x86_task_fpu+0x58/0xa0
[  996.335177]  </TASK>
[  996.356531] SLUB: Unable to add cache 9p-fcall-cache-101 to sysfs
[  996.359170] memory: usage 307200kB, limit 307200kB, failcnt 2241
[  996.359194] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  996.359209] Memory cgroup stats for /syz0:
[  996.375089] anon 135168
[  996.376449] file 312950784
[  996.377002] kernel 1486848
[  996.377432] kernel_stack 65536
[  996.377938] pagetables 147456
[  996.378421] sec_pagetables 0
[  996.378908] percpu 64
[  996.379316] sock 0
[  996.379647] vmalloc 0
[  996.380058] shmem 312950784
[  996.380494] file_mapped 0
[  996.380931] file_dirty 0
[  996.381346] file_writeback 0
[  996.381800] swapcached 0
[  996.382247] inactive_anon 306540544
[  996.382778] active_anon 6545408
[  996.383332] inactive_file 0
[  996.383768] active_file 0
[  996.384223] unevictable 0
[  996.384637] slab_reclaimable 948656
[  996.385211] slab_unreclaimable 339648
[  996.385761] slab 1288304
[  996.386203] workingset_refault_anon 0
[  996.386758] workingset_refault_file 1
[  996.387384] workingset_activate_anon 0
[  996.388015] workingset_activate_file 0
[  996.388584] workingset_restore_anon 0
[  996.389180] workingset_restore_file 0
[  996.389732] workingset_nodereclaim 0
[  996.390330] pgdemote_kswapd 0
[  996.390795] pgdemote_direct 0
[  996.391329] pgdemote_khugepaged 0
[  996.391868] pgdemote_proactive 0
[  996.392377] pgscan 801
[  996.392751] pgsteal 9
[  996.393166] pswpin 0
[  996.393522] pswpout 0
[  996.393911] pgscan_kswapd 0
[  996.394401] pgscan_direct 801
[  996.394903] pgscan_khugepaged 0
[  996.395480] pgscan_proactive 0
[  996.396116] pgsteal_kswapd 0
[  996.396683] pgsteal_direct 9
[  996.397287] pgsteal_khugepaged 0
[  996.397935] pgsteal_proactive 0
[  996.398442] pgfault 87135
[  996.398891] pgmajfault 0
[  996.399345] pgrefill 768
[  996.399742] pgactivate 3833
[  996.400220] pgdeactivate 768
[  996.400678] pglazyfree 0
[  996.401126] pglazyfreed 0
[  996.401536] swpin_zero 0
[  996.401980] swpout_zero 0
[  996.402392] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7913,uid=0
[  996.404571] Memory cgroup out of memory: Killed process 7913 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
05:52:43 executing program 1:
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r1 = dup(r0)
sendmsg$TIPC_CMD_GET_NODES(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x3}, 0xc, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x4001)

[  996.448000] 9p: Unknown access argument 18446744073709551615: -34
05:52:43 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0x1000, 0x200, &(0x7f0000fff000/0x1000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
shmdt(r1)

05:52:43 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x400000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:52:43 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, 0x0)
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

[  996.655669] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  996.656448] CPU: 0 UID: 0 PID: 7940 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[  996.656465] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  996.656473] Call Trace:
[  996.656477]  <TASK>
[  996.656483]  dump_stack_lvl+0xfa/0x120
[  996.656502]  dump_header+0x107/0x950
[  996.656526]  oom_kill_process+0x278/0xa00
[  996.656544]  out_of_memory+0x34b/0x1690
[  996.656566]  ? __pfx_out_of_memory+0x10/0x10
[  996.656588]  mem_cgroup_out_of_memory+0x164/0x190
[  996.656606]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  996.656628]  ? mark_held_locks+0x49/0x80
[  996.656646]  try_charge_memcg+0x81f/0xf30
[  996.656667]  ? __pfx_try_charge_memcg+0x10/0x10
[  996.656689]  charge_memcg+0x7b/0x290
[  996.656706]  __mem_cgroup_charge+0x28/0x90
[  996.656724]  do_wp_page+0x58c/0x3240
[  996.656745]  ? __pfx_do_wp_page+0x10/0x10
[  996.656760]  ? do_raw_spin_lock+0x123/0x260
[  996.656774]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  996.656789]  ? ___pte_offset_map+0x176/0x370
[  996.656806]  __handle_mm_fault+0xde1/0x3030
[  996.656820]  ? reacquire_held_locks+0xd1/0x200
[  996.656832]  ? lock_vma_under_rcu+0x11e/0x530
[  996.656852]  ? __pfx___handle_mm_fault+0x10/0x10
[  996.656868]  ? lock_vma_under_rcu+0x17b/0x530
[  996.656894]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  996.656919]  handle_mm_fault+0x2c3/0x900
[  996.656934]  ? access_error+0x17d/0x380
[  996.656951]  do_user_addr_fault+0x4fa/0xeb0
[  996.656969]  exc_page_fault+0xb0/0x180
[  996.656982]  asm_exc_page_fault+0x26/0x30
[  996.656995] RIP: 0033:0x7ff98baf5d30
[  996.657005] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[  996.657017] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[  996.657027] RAX: 00000000d44b4167 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[  996.657035] RDX: 0000001b2cf20024 RSI: ffffffff819e8236 RDI: 0000000000000000
[  996.657043] RBP: 0000000000000001 R08: 00000000d44b4167 R09: 0000001b2cf2001c
[  996.657051] R10: 0000000000000167 R11: 00000000d44b416b R12: 0000000000000001
[  996.657058] R13: 00007ff98bc4f000 R14: ffffffff819e8236 R15: 00007ff98bc5aff0
[  996.657067]  ? __do_sys_mlockall+0x16/0x5c0
[  996.657089]  ? __do_sys_mlockall+0x16/0x5c0
[  996.657109]  </TASK>
[  996.674037] memory: usage 307200kB, limit 307200kB, failcnt 2261
[  996.674527] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  996.675032] Memory cgroup stats for /syz0:
[  996.676913] anon 110592
[  996.677453] file 312950784
[  996.677667] kernel 1511424
[  996.678060] kernel_stack 65536
[  996.678306] pagetables 151552
[  996.678539] sec_pagetables 0
[  996.678772] percpu 128
[  996.679108] sock 0
[  996.679304] vmalloc 0
[  996.679490] shmem 312950784
[  996.679790] file_mapped 0
[  996.680239] file_dirty 0
[  996.680464] file_writeback 0
[  996.680694] swapcached 0
[  996.680952] inactive_anon 306503680
[  996.681227] active_anon 6545408
[  996.681496] inactive_file 0
[  996.681717] active_file 0
[  996.681962] unevictable 0
[  996.682174] slab_reclaimable 948656
[  996.682464] slab_unreclaimable 359856
[  996.682906] slab 1308512
[  996.683128] workingset_refault_anon 0
[  996.683440] workingset_refault_file 1
[  996.683887] workingset_activate_anon 0
[  996.684182] workingset_activate_file 0
[  996.684491] workingset_restore_anon 0
[  996.684773] workingset_restore_file 0
[  996.685102] workingset_nodereclaim 0
[  996.685379] pgdemote_kswapd 0
[  996.685630] pgdemote_direct 0
[  996.685887] pgdemote_khugepaged 0
[  996.686190] pgdemote_proactive 0
[  996.686564] pgscan 801
[  996.686757] pgsteal 9
[  996.686969] pswpin 0
[  996.687151] pswpout 0
[  996.687344] pgscan_kswapd 0
[  996.687563] pgscan_direct 801
[  996.687798] pgscan_khugepaged 0
[  996.688067] pgscan_proactive 0
[  996.688309] pgsteal_kswapd 0
[  996.688536] pgsteal_direct 9
[  996.688840] pgsteal_khugepaged 0
[  996.689160] pgsteal_proactive 0
[  996.689409] pgfault 87176
[  996.689615] pgmajfault 0
[  996.689839] pgrefill 768
[  996.690047] pgactivate 3833
[  996.690283] pgdeactivate 768
[  996.690512] pglazyfree 0
[  996.690730] pglazyfreed 0
[  996.690960] swpin_zero 0
[  996.691186] swpout_zero 0
[  996.691398] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7940,uid=0
[  996.692574] Memory cgroup out of memory: Killed process 7940 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  997.040793] audit: type=1326 audit(1755409964.388:134): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7914 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:52:54 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xedc000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:52:54 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 75)

05:52:54 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x7000000, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:52:54 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xe)
shmdt(0x0)
shmdt(r1)

05:52:54 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(0xffffffffffffffff, &(0x7f0000000040)=""/156, 0x9c, 0x2)

05:52:54 executing program 1:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f0000000080), 0x0)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r1 = dup(r0)
perf_event_open(&(0x7f00000000c0)={0x4, 0x80, 0x0, 0x0, 0x1, 0x3, 0x0, 0xfffffffffffffffd, 0x820, 0x6, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1000, 0x4, @perf_config_ext={0x3f, 0x9}, 0x8, 0x7ff, 0x2, 0x1, 0xff, 0x140, 0x3ff, 0x0, 0x6, 0x0, 0x405}, 0x0, 0xd, 0xffffffffffffffff, 0x2)
bind$unix(r1, &(0x7f0000000000)=@abs, 0x6e)

05:52:54 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x80000, 0x0)

05:52:54 executing program 3:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x80400, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f0000000080)={{0x1, 0x1, 0x18}, './file0\x00'})

[ 1007.260368] 9p: Unknown access argument 18446744073709551615: -34
[ 1007.282387] audit: type=1326 audit(1755409974.627:135): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7962 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:52:54 executing program 1:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x7f, 0x9, 0x0, 0xfa, 0x0, 0x7ffffffd, 0x48281, 0x2, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xa55, 0x9}, 0x8, 0x559, 0x0, 0x1, 0x1ff, 0xf3d, 0x40, 0x0, 0x8, 0x0, 0x8}, 0x0, 0x10, r0, 0xa)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000280), 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="820e27bd700000000000550000100800010080000000"], 0x1c}}, 0x4884)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000440)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000001a00)={0x0, 0x0, &(0x7f00000019c0)={&(0x7f0000000700)={0x28, r3, 0xcea008a6e34dc1cb, 0x0, 0x0, {{0x65}, {@void, @val={0x8, 0x3, r4}, @val={0xc}}}}, 0x28}}, 0x0)
pwritev2(0xffffffffffffffff, &(0x7f0000000500), 0x0, 0x1, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r5, &(0x7f0000000040)=""/156, 0x9c, 0x2)
write$binfmt_script(r5, &(0x7f0000000480)={'#! ', './file0', [{0x20, ',$.,)}'}], 0xa, "79ba062e6e6556326fab7202e1885596f4bba0eaf6e004e99a084643a59c1d224a89f5d2f0cc1c932ae3c3b52bb14ddb54a1a14762b48a068c10f6b8efe6d853d9a215c185762f39a35123ae0252c193aaf89104b66a9f6e755994bc3eadac6c5f5ce1403f80fe9cc3935b147c530aa7648af7c6aa3a67c1884044c651bd7c773ab31ee5e1224b9998f6d032a4fc48744d4c1f89019d4ed85da31eeff6ff147b6eae9d4f87ce6c1de85365d1ae5c50213d399ab89c3219d9b5ebcd73a287632f15be8d151600e96ae313ddf81ab65f2fb722f556"}, 0xe6)
r6 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r6, &(0x7f0000000040)=""/156, 0x9c, 0x2)
sendfile(r0, r6, &(0x7f0000000100)=0x101, 0xc435)

05:52:54 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x1000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:52:54 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 76)

05:52:54 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x9000000, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:52:54 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(0xffffffffffffffff, &(0x7f0000000040)=""/156, 0x9c, 0x2)

05:52:54 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x2000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:52:54 executing program 3:
r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)={0x0, "08bac43417214462c8a613438f727832650d8a1518228667e303a7b0f02be31ec862337f6688bbd019ffe5374c7d222d845020a8de085992526c12fe41dd6c6b"}, 0x48, 0xffffffffffffffff)
r1 = request_key(&(0x7f0000000200)='cifs.spnego\x00', &(0x7f0000000240)={'syz', 0x1}, &(0x7f0000000280)='fscrypt:', r0)
add_key(&(0x7f0000000100)='logon\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="dc8a0b1c87b5d09e0d5a9c0490193c56eba4e3bbdbc72af288c48d3fb708eb92f8c2348be60472a8d5d3521a24d79538f2f35b5a2fff19a9762d7023260f3292c24acd67d94c26f97bb2c3d4e9fbc09589e849db158f0854455091028ade43acca844d9e8f2365f06d7fef8ae3d53a0ec7308f8c", 0x74, r1)
keyctl$KEYCTL_MOVE(0x1e, r0, r0, 0x0, 0x0)

[ 1007.411405] FAULT_INJECTION: forcing a failure.
[ 1007.411405] name failslab, interval 1, probability 0, space 0, times 0
[ 1007.413429] CPU: 1 UID: 0 PID: 7974 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1007.413464] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1007.413479] Call Trace:
[ 1007.413488]  <TASK>
[ 1007.413498]  dump_stack_lvl+0xfa/0x120
[ 1007.413532]  should_fail_ex+0x4d7/0x5e0
[ 1007.413577]  ? __kernfs_new_node+0xd3/0x870
[ 1007.413599]  should_failslab+0xc2/0x120
[ 1007.413640]  kmem_cache_alloc_noprof+0x5f/0x3d0
[ 1007.413675]  ? perf_trace_lock_acquire+0xc9/0x700
[ 1007.413714]  __kernfs_new_node+0xd3/0x870
[ 1007.413745]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1007.413777]  ? lock_acquire+0x15e/0x2f0
[ 1007.413802]  ? kernfs_root+0x23/0x2a0
[ 1007.413833]  ? find_held_lock+0x2b/0x80
[ 1007.413867]  ? kernfs_root+0xee/0x2a0
[ 1007.413889]  ? lock_release+0xc8/0x290
[ 1007.413912]  ? lock_is_held_type+0x9e/0x120
05:52:54 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x4000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[ 1007.413947]  kernfs_new_node+0x13c/0x1e0
[ 1007.413984]  __kernfs_create_file+0x55/0x360
[ 1007.414024]  sysfs_add_file_mode_ns+0x21c/0x440
[ 1007.414069]  ? __pfx_slab_attr_store+0x10/0x10
[ 1007.414111]  internal_create_group+0x571/0xeb0
[ 1007.414151]  ? __pfx_internal_create_group+0x10/0x10
[ 1007.414197]  sysfs_slab_add+0x188/0x210
[ 1007.414235]  do_kmem_cache_create+0x235/0x5a0
[ 1007.414279]  __kmem_cache_create_args+0x20f/0x360
[ 1007.414304]  ? p9_client_create+0xd52/0x11b0
[ 1007.414343]  p9_client_create+0xdfc/0x11b0
[ 1007.414389]  ? __pfx_p9_client_create+0x10/0x10
[ 1007.414437]  ? trace_kmalloc+0x1f/0xb0
[ 1007.414463]  ? legacy_get_tree+0x109/0x220
[ 1007.414492]  ? vfs_get_tree+0x93/0x340
[ 1007.414523]  ? lockdep_init_map_type+0x4b/0x240
[ 1007.414552]  ? __raw_spin_lock_init+0x3a/0x110
[ 1007.414592]  v9fs_session_init+0x1df/0x17a0
[ 1007.414622]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1007.414670]  ? find_held_lock+0x2b/0x80
[ 1007.414703]  ? __create_object+0x59/0x80
[ 1007.414733]  ? __pfx_v9fs_session_init+0x10/0x10
[ 1007.414762]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1007.414800]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1007.414841]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1007.414881]  ? __create_object+0x59/0x80
[ 1007.414911]  ? trace_kmalloc+0x1f/0xb0
[ 1007.414935]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[ 1007.414965]  ? cred_has_capability.isra.0+0x1be/0x2c0
[ 1007.415006]  v9fs_mount+0xbc/0x9e0
[ 1007.415043]  ? __pfx_v9fs_mount+0x10/0x10
[ 1007.415082]  ? cap_capable+0xdb/0x3b0
[ 1007.415112]  ? __pfx_v9fs_mount+0x10/0x10
[ 1007.415147]  legacy_get_tree+0x109/0x220
[ 1007.415183]  vfs_get_tree+0x93/0x340
[ 1007.415215]  path_mount+0x122f/0x1db0
[ 1007.415255]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1007.415298]  ? __pfx_path_mount+0x10/0x10
[ 1007.415337]  ? kmem_cache_free+0x2a1/0x460
[ 1007.415371]  ? putname.part.0+0x11b/0x160
[ 1007.415399]  ? getname_flags.part.0+0x1c6/0x540
[ 1007.415433]  ? putname.part.0+0x11b/0x160
[ 1007.415467]  __x64_sys_mount+0x27b/0x300
[ 1007.415506]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1007.415560]  do_syscall_64+0xbf/0x360
[ 1007.415593]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1007.415618] RIP: 0033:0x7fdbea32eb19
[ 1007.415638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1007.415663] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1007.415688] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[ 1007.415706] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[ 1007.415722] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[ 1007.415739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1007.415766] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[ 1007.415807]  </TASK>
[ 1007.437203] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1007.455497] CPU: 0 UID: 0 PID: 7953 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1007.455514] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1007.455521] Call Trace:
[ 1007.455525]  <TASK>
[ 1007.455530]  dump_stack_lvl+0xfa/0x120
[ 1007.455548]  dump_header+0x107/0x950
[ 1007.455568]  oom_kill_process+0x278/0xa00
[ 1007.455587]  out_of_memory+0x34b/0x1690
[ 1007.455608]  ? __pfx_out_of_memory+0x10/0x10
[ 1007.455632]  mem_cgroup_out_of_memory+0x164/0x190
[ 1007.455649]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1007.455673]  ? mark_held_locks+0x49/0x80
[ 1007.455690]  try_charge_memcg+0x81f/0xf30
[ 1007.455710]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1007.455732]  charge_memcg+0x7b/0x290
[ 1007.455757]  __mem_cgroup_charge+0x28/0x90
[ 1007.455774]  do_wp_page+0x58c/0x3240
[ 1007.455797]  ? __pfx_do_wp_page+0x10/0x10
[ 1007.455812]  ? do_raw_spin_lock+0x123/0x260
[ 1007.455830]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1007.455844]  ? ___pte_offset_map+0x176/0x370
[ 1007.455862]  __handle_mm_fault+0xde1/0x3030
[ 1007.455877]  ? reacquire_held_locks+0xd1/0x200
[ 1007.455889]  ? lock_vma_under_rcu+0x11e/0x530
[ 1007.455910]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1007.455927]  ? lock_vma_under_rcu+0x17b/0x530
[ 1007.455954]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1007.455978]  handle_mm_fault+0x2c3/0x900
[ 1007.455994]  ? access_error+0x17d/0x380
[ 1007.456012]  do_user_addr_fault+0x4fa/0xeb0
[ 1007.456030]  exc_page_fault+0xb0/0x180
[ 1007.456044]  asm_exc_page_fault+0x26/0x30
[ 1007.456056] RIP: 0033:0x7ff98baf5d30
[ 1007.456066] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1007.456078] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1007.456087] RAX: 000000000da4c98d RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1007.456096] RDX: 0000001b2cf2007c RSI: ffffffff812c80c8 RDI: 0000000000000000
[ 1007.456103] RBP: 0000000000000001 R08: 000000000da4c98d R09: 0000001b2cf2001c
[ 1007.456111] R10: 000000000000098d R11: 000000000da4c991 R12: 0000000000000017
[ 1007.456119] R13: 00007ff98bc4f000 R14: ffffffff812c80c8 R15: 00007ff98bc5aff0
[ 1007.456128]  ? x86_task_fpu+0x58/0xa0
[ 1007.456151]  ? x86_task_fpu+0x58/0xa0
[ 1007.456166]  </TASK>
[ 1007.457927] SLUB: Unable to add cache 9p-fcall-cache-103 to sysfs
[ 1007.458048] memory: usage 307200kB, limit 307200kB, failcnt 2282
[ 1007.462664] 9p: Unknown access argument 18446744073709551615: -34
[ 1007.462692] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1007.476063] Memory cgroup stats for /syz0:
[ 1007.507209] anon 135168
[ 1007.507805] file 312950784
[ 1007.508079] kernel 1486848
[ 1007.508348] kernel_stack 65536
[ 1007.508616] pagetables 147456
[ 1007.509045] sec_pagetables 0
[ 1007.509340] percpu 64
[ 1007.509565] sock 0
[ 1007.509748] vmalloc 0
[ 1007.510056] shmem 312950784
[ 1007.510315] file_mapped 0
[ 1007.510542] file_dirty 0
[ 1007.510756] file_writeback 0
[ 1007.511025] swapcached 0
[ 1007.511282] inactive_anon 306540544
[ 1007.511589] active_anon 6545408
[ 1007.511884] inactive_file 0
[ 1007.512124] active_file 0
[ 1007.512354] unevictable 0
[ 1007.512578] slab_reclaimable 948656
[ 1007.512883] slab_unreclaimable 339648
[ 1007.513196] slab 1288304
[ 1007.513411] workingset_refault_anon 0
[ 1007.513717] workingset_refault_file 1
[ 1007.514041] workingset_activate_anon 0
[ 1007.514355] workingset_activate_file 0
[ 1007.514658] workingset_restore_anon 0
[ 1007.514978] workingset_restore_file 0
[ 1007.515292] workingset_nodereclaim 0
[ 1007.515590] pgdemote_kswapd 0
[ 1007.515871] pgdemote_direct 0
[ 1007.516129] pgdemote_khugepaged 0
[ 1007.516401] pgdemote_proactive 0
[ 1007.516671] pgscan 801
[ 1007.516896] pgsteal 9
[ 1007.517097] pswpin 0
[ 1007.517287] pswpout 0
[ 1007.517486] pgscan_kswapd 0
[ 1007.517718] pgscan_direct 801
[ 1007.517990] pgscan_khugepaged 0
[ 1007.518253] pgscan_proactive 0
[ 1007.518513] pgsteal_kswapd 0
[ 1007.518755] pgsteal_direct 9
[ 1007.519017] pgsteal_khugepaged 0
[ 1007.519286] pgsteal_proactive 0
[ 1007.519550] pgfault 87229
[ 1007.519779] pgmajfault 0
[ 1007.520012] pgrefill 768
[ 1007.520230] pgactivate 3833
[ 1007.520467] pgdeactivate 768
[ 1007.520709] pglazyfree 0
[ 1007.520945] pglazyfreed 0
[ 1007.521167] swpin_zero 0
[ 1007.521385] swpout_zero 0
[ 1007.521605] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7953,uid=0
[ 1007.522790] Memory cgroup out of memory: Killed process 7953 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
05:52:54 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0xf000000, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:52:54 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(0xffffffffffffffff, &(0x7f0000000040)=""/156, 0x9c, 0x2)

[ 1008.109336] audit: type=1326 audit(1755409975.456:136): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7962 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:53:04 executing program 3:
r0 = syz_mount_image$nfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x2b, 0x0, 0x0, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000940)='./file0\x00', 0x0, 0x0, 0x0)
fstat(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
lchown(&(0x7f0000000300)='./file0\x00', 0xffffffffffffffff, r1)
getresuid(&(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180))
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000000)={0x0, <r3=>0x0}, &(0x7f0000000040)=0x5)
setuid(r3)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000001c0)={{{@in6=@private1, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@multicast1}, 0x0, @in=@loopback}}, &(0x7f00000002c0)=0xe8)
setreuid(r4, r3)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)={[], [{@fowner_gt={'fowner>', r3}}, {@smackfsdef={'smackfsdef', 0x3d, '/'}}]})

05:53:04 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x6000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:53:04 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x7000)
mlockall(0x4)
mlockall(0x2)
shmdt(0x0)
shmdt(r1)

05:53:04 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 77)

05:53:04 executing program 1:
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2a, &(0x7f0000000040)=0xc5f9, 0xfffffffffffffea6)

05:53:04 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0xffffff7f, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:53:04 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x100000, 0x0)

05:53:04 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, 0x0, 0x0, 0x2)

[ 1017.607962] 9p: Unknown access argument 18446744073709551615: -34
05:53:04 executing program 1:
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='mpol=pr\x00\x00\x00\x00\x00\x00\x00\x00ative:2-9:N,\x00'])
mount$cgroup(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x8a0008, &(0x7f0000000100)={[{@none}], [{@func={'func', 0x3d, 'PATH_CHECK'}}, {@permit_directio}, {@mask={'mask', 0x3d, 'MAY_WRITE'}}, {@obj_type={'obj_type', 0x3d, 'tmpfs\x00'}}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@subj_user={'subj_user', 0x3d, '-!&'}}]})

[ 1017.644572] tmpfs: Unknown parameter 'fowner>00000000000003171839'
[ 1017.650488] audit: type=1326 audit(1755409984.990:137): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8009 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:53:05 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, 0x0, 0x0, 0x2)

05:53:05 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x2}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:53:05 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 78)

05:53:05 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x7ffffffffffff, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[ 1017.708255] tmpfs: Bad value for 'mpol'
[ 1017.717522] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1017.717894] tmpfs: Bad value for 'mpol'
[ 1017.718262] CPU: 1 UID: 0 PID: 8006 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1017.718279] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1017.718286] Call Trace:
[ 1017.718291]  <TASK>
[ 1017.718296]  dump_stack_lvl+0xfa/0x120
[ 1017.718316]  dump_header+0x107/0x950
[ 1017.718336]  oom_kill_process+0x278/0xa00
[ 1017.718354]  out_of_memory+0x34b/0x1690
[ 1017.718375]  ? __pfx_out_of_memory+0x10/0x10
[ 1017.718396]  mem_cgroup_out_of_memory+0x164/0x190
[ 1017.718415]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1017.718437]  ? mark_held_locks+0x49/0x80
[ 1017.718454]  try_charge_memcg+0x81f/0xf30
[ 1017.718475]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1017.718496]  charge_memcg+0x7b/0x290
[ 1017.718510]  __mem_cgroup_charge+0x28/0x90
[ 1017.718527]  do_wp_page+0x58c/0x3240
[ 1017.718547]  ? __pfx_do_wp_page+0x10/0x10
[ 1017.718562]  ? do_raw_spin_lock+0x123/0x260
[ 1017.718577]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1017.718592]  ? ___pte_offset_map+0x176/0x370
[ 1017.718609]  __handle_mm_fault+0xde1/0x3030
[ 1017.718624]  ? reacquire_held_locks+0xd1/0x200
[ 1017.718636]  ? lock_vma_under_rcu+0x11e/0x530
[ 1017.718657]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1017.718673]  ? lock_vma_under_rcu+0x17b/0x530
[ 1017.718699]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1017.718723]  handle_mm_fault+0x2c3/0x900
[ 1017.718739]  ? access_error+0x17d/0x380
[ 1017.718755]  do_user_addr_fault+0x4fa/0xeb0
[ 1017.718773]  exc_page_fault+0xb0/0x180
[ 1017.718786]  asm_exc_page_fault+0x26/0x30
[ 1017.718799] RIP: 0033:0x7ff98baf5d30
[ 1017.718809] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1017.718824] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1017.718835] RAX: 000000000da4c98d RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1017.718843] RDX: 0000001b2cf2007c RSI: ffffffff812c80c8 RDI: 0000000000000000
[ 1017.718851] RBP: 0000000000000001 R08: 000000000da4c98d R09: 0000001b2cf2001c
[ 1017.718858] R10: 000000000000098d R11: 000000000da4c991 R12: 0000000000000017
[ 1017.718866] R13: 00007ff98bc4f000 R14: ffffffff812c80c8 R15: 00007ff98bc5aff0
[ 1017.718874]  ? x86_task_fpu+0x58/0xa0
[ 1017.718893]  ? x86_task_fpu+0x58/0xa0
[ 1017.718908]  </TASK>
[ 1017.718937] memory: usage 307200kB, limit 307200kB, failcnt 2303
[ 1017.736596] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1017.737064] Memory cgroup stats for /syz0:
[ 1017.748272] anon 135168
[ 1017.749001] file 312950784
[ 1017.749343] kernel 1486848
[ 1017.749574] kernel_stack 65536
[ 1017.749857] pagetables 147456
[ 1017.750115] sec_pagetables 0
[ 1017.750360] percpu 64
[ 1017.750560] sock 0
[ 1017.750747] vmalloc 0
[ 1017.750966] shmem 312950784
[ 1017.751203] file_mapped 0
[ 1017.751431] file_dirty 0
[ 1017.751653] file_writeback 0
[ 1017.751925] swapcached 0
[ 1017.752144] inactive_anon 306540544
[ 1017.752446] active_anon 6545408
[ 1017.752710] inactive_file 0
[ 1017.752969] active_file 0
[ 1017.753195] unevictable 0
[ 1017.753421] slab_reclaimable 948656
[ 1017.753718] slab_unreclaimable 339648
[ 1017.754041] slab 1288304
[ 1017.754258] workingset_refault_anon 0
[ 1017.754565] workingset_refault_file 1
[ 1017.754891] workingset_activate_anon 0
[ 1017.755204] workingset_activate_file 0
[ 1017.755508] workingset_restore_anon 0
[ 1017.755809] workingset_restore_file 0
[ 1017.756135] workingset_nodereclaim 0
[ 1017.756442] pgdemote_kswapd 0
[ 1017.756691] pgdemote_direct 0
[ 1017.756960] pgdemote_khugepaged 0
[ 1017.757239] pgdemote_proactive 0
[ 1017.757516] pgscan 801
[ 1017.757719] pgsteal 9
[ 1017.757935] pswpin 0
[ 1017.758129] pswpout 0
[ 1017.758330] pgscan_kswapd 0
[ 1017.758564] pgscan_direct 801
[ 1017.758837] pgscan_khugepaged 0
[ 1017.759102] pgscan_proactive 0
[ 1017.759361] pgsteal_kswapd 0
[ 1017.759609] pgsteal_direct 9
[ 1017.759872] pgsteal_khugepaged 0
[ 1017.760144] pgsteal_proactive 0
[ 1017.760416] pgfault 87282
[ 1017.760642] pgmajfault 0
[ 1017.760875] pgrefill 768
[ 1017.761093] pgactivate 3833
[ 1017.761331] pgdeactivate 768
[ 1017.761581] pglazyfree 0
[ 1017.761796] pglazyfreed 0
[ 1017.762043] swpin_zero 0
[ 1017.762259] swpout_zero 0
[ 1017.762483] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8006,uid=0
[ 1017.763661] Memory cgroup out of memory: Killed process 8006 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
05:53:05 executing program 3:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
clock_gettime(0x0, &(0x7f0000004200)={<r1=>0x0, <r2=>0x0})
recvmmsg(r0, &(0x7f0000004040)=[{{0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000000)=""/148, 0x94}, {&(0x7f00000000c0)=""/148, 0x94}, {&(0x7f0000000180)=""/130, 0x82}, {&(0x7f0000000240)=""/53, 0x35}, {&(0x7f00000002c0)=""/178, 0xb2}, {&(0x7f0000000380)=""/75, 0x4b}, {&(0x7f0000000400)=""/164, 0xa4}, {&(0x7f00000004c0)=""/204, 0xcc}, {&(0x7f00000005c0)=""/4096, 0x1000}], 0x9, &(0x7f0000001680)=""/34, 0x22}, 0x7}, {{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f00000016c0)=""/151, 0x97}], 0x1}, 0xe2af}, {{&(0x7f00000017c0)=@pppol2tp, 0x80, &(0x7f00000018c0)=[{&(0x7f0000001840)=""/125, 0x7d}], 0x1}, 0x3}, {{0x0, 0x0, &(0x7f0000001980)=[{&(0x7f0000001900)=""/97, 0x61}], 0x1, &(0x7f00000019c0)=""/7, 0x7}, 0x8}, {{&(0x7f0000001a00)=@l2tp={0x2, 0x0, @broadcast}, 0x80, &(0x7f0000001c40)=[{&(0x7f0000001a80)=""/219, 0xdb}, {&(0x7f0000001b80)=""/151, 0x97}], 0x2, &(0x7f0000001c80)=""/4096, 0x1000}, 0x4}, {{0x0, 0x0, &(0x7f0000003d80)=[{&(0x7f0000002c80)=""/4096, 0x1000}, {&(0x7f0000003c80)=""/64, 0x40}, {&(0x7f0000003cc0)=""/42, 0x2a}, {&(0x7f0000003d00)=""/77, 0x4d}], 0x4, &(0x7f0000003dc0)=""/195, 0xc3}, 0x80000001}, {{&(0x7f0000003ec0)=@isdn, 0x80, &(0x7f0000004000)=[{&(0x7f0000003f40)=""/158, 0x9e}], 0x1}, 0x6}], 0x7, 0x0, &(0x7f0000004240)={r1, r2+10000000})
socket$inet(0x2, 0x82e6d8872c6347c5, 0x2)
r3 = socket$nl_sock_diag(0x10, 0x3, 0x4)
getsockopt$sock_timeval(r3, 0x1, 0x42, 0x0, &(0x7f0000000280))
r4 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r4, &(0x7f0000000040)=""/156, 0x9c, 0x2)
recvmmsg(r4, &(0x7f0000004800)=[{{&(0x7f0000004280)=@in6={0xa, 0x0, 0x0, @local}, 0x80, &(0x7f0000004700)=[{&(0x7f0000004300)=""/28, 0x1c}, {&(0x7f0000004340)=""/85, 0x55}, {&(0x7f00000043c0)=""/147, 0x93}, {&(0x7f0000004480)=""/219, 0xdb}, {&(0x7f0000004580)=""/48, 0x30}, {&(0x7f00000045c0)=""/16, 0x10}, {&(0x7f0000004600)=""/239, 0xef}], 0x7, &(0x7f0000004780)=""/76, 0x4c}}], 0x1, 0x0, &(0x7f0000004840)={0x77359400})

05:53:05 executing program 3:
unshare(0x20000)
unshare(0x66060080)
unshare(0x20000100)

[ 1017.813491] FAULT_INJECTION: forcing a failure.
[ 1017.813491] name failslab, interval 1, probability 0, space 0, times 0
[ 1017.814583] CPU: 1 UID: 0 PID: 8023 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1017.814602] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1017.814610] Call Trace:
[ 1017.814615]  <TASK>
[ 1017.814620]  dump_stack_lvl+0xfa/0x120
[ 1017.814641]  should_fail_ex+0x4d7/0x5e0
[ 1017.814663]  ? __kernfs_new_node+0xd3/0x870
[ 1017.814675]  should_failslab+0xc2/0x120
[ 1017.814695]  kmem_cache_alloc_noprof+0x5f/0x3d0
[ 1017.814713]  ? perf_trace_lock_acquire+0xc9/0x700
[ 1017.814732]  __kernfs_new_node+0xd3/0x870
[ 1017.814747]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1017.814762]  ? lock_acquire+0x15e/0x2f0
[ 1017.814774]  ? kernfs_root+0x23/0x2a0
[ 1017.814786]  ? find_held_lock+0x2b/0x80
[ 1017.814802]  ? kernfs_root+0xee/0x2a0
[ 1017.814816]  ? lock_release+0xc8/0x290
[ 1017.814827]  ? lock_is_held_type+0x9e/0x120
[ 1017.814845]  kernfs_new_node+0x13c/0x1e0
[ 1017.814862]  __kernfs_create_file+0x55/0x360
[ 1017.814881]  sysfs_add_file_mode_ns+0x21c/0x440
[ 1017.814903]  ? __pfx_slab_attr_store+0x10/0x10
[ 1017.814924]  internal_create_group+0x571/0xeb0
[ 1017.814943]  ? __pfx_internal_create_group+0x10/0x10
[ 1017.814964]  sysfs_slab_add+0x188/0x210
[ 1017.814983]  do_kmem_cache_create+0x235/0x5a0
[ 1017.815003]  __kmem_cache_create_args+0x20f/0x360
[ 1017.815016]  ? p9_client_create+0xd52/0x11b0
[ 1017.815035]  p9_client_create+0xdfc/0x11b0
[ 1017.815056]  ? __pfx_p9_client_create+0x10/0x10
[ 1017.815079]  ? trace_kmalloc+0x1f/0xb0
[ 1017.815091]  ? legacy_get_tree+0x109/0x220
[ 1017.815105]  ? vfs_get_tree+0x93/0x340
[ 1017.815120]  ? lockdep_init_map_type+0x4b/0x240
[ 1017.815134]  ? __raw_spin_lock_init+0x3a/0x110
[ 1017.815153]  v9fs_session_init+0x1df/0x17a0
[ 1017.815169]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1017.815192]  ? find_held_lock+0x2b/0x80
[ 1017.815208]  ? __create_object+0x59/0x80
[ 1017.815223]  ? __pfx_v9fs_session_init+0x10/0x10
[ 1017.815236]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1017.815255]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1017.815273]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1017.815292]  ? __create_object+0x59/0x80
[ 1017.815307]  ? trace_kmalloc+0x1f/0xb0
[ 1017.815318]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[ 1017.815332]  ? cred_has_capability.isra.0+0x1be/0x2c0
[ 1017.815352]  v9fs_mount+0xbc/0x9e0
[ 1017.815370]  ? __pfx_v9fs_mount+0x10/0x10
[ 1017.815388]  ? cap_capable+0xdb/0x3b0
[ 1017.815403]  ? __pfx_v9fs_mount+0x10/0x10
[ 1017.815420]  legacy_get_tree+0x109/0x220
[ 1017.815436]  vfs_get_tree+0x93/0x340
[ 1017.815451]  path_mount+0x122f/0x1db0
[ 1017.815471]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1017.815491]  ? __pfx_path_mount+0x10/0x10
[ 1017.815508]  ? kmem_cache_free+0x2a1/0x460
[ 1017.815525]  ? putname.part.0+0x11b/0x160
[ 1017.815539]  ? getname_flags.part.0+0x1c6/0x540
[ 1017.815554]  ? putname.part.0+0x11b/0x160
[ 1017.815570]  __x64_sys_mount+0x27b/0x300
[ 1017.815589]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1017.815614]  do_syscall_64+0xbf/0x360
[ 1017.815630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1017.815643] RIP: 0033:0x7fdbea32eb19
[ 1017.815654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1017.815666] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1017.815678] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[ 1017.815686] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[ 1017.815694] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[ 1017.815702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1017.815709] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[ 1017.815728]  </TASK>
05:53:05 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0x2000, 0x80, &(0x7f0000f86000/0x2000)=nil)
r1 = shmat(r0, &(0x7f0000e1e000/0x4000)=nil, 0x6000)
shmdt(0x0)
shmdt(r1)
shmat(r0, &(0x7f0000e20000/0x3000)=nil, 0x2000)

05:53:05 executing program 1:
syz_emit_vhci(&(0x7f0000000640)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x108}, @l2cap_cid_signaling={{0x104}, [@l2cap_conn_rsp={{0x3, 0xb1, 0x8}, {0x22, 0x1, 0x1ff, 0x200}}, @l2cap_conn_rsp={{0x3, 0x6, 0x8}, {0x80, 0x2df8, 0x8004, 0x1f}}, @l2cap_info_rsp={{0xb, 0x9, 0xe8}, {0x3, 0x3ff, "b62addbda0370751057e6b2d4bbd9819787d4fe538853d42041b15cb8bd00c8177c38c5b265bd228a1ce6c6b9092e0ad9816c843ae7812336a52a2ef9b905f73e0c407952ffaf149bcd3178ea9e834c3f335078da3945c33eeb506f55c58a8d6265a317841eab6153c475d6a8faf9e046226d315a5e91793d0926916933f2fd2b27041907645ac540460405225c76334e13dcb79218e236ee73540e173d5c623de26e60c2dfc68971ce8572d6a52024e56f3236472f0d070432754167cf666135a5508b89cf78c96c9ead69f63f9dc8cda2f2d4fbb23f5dc217b8f3794397dd3855805d2"}}]}}, 0x10d)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_signaling={{0xc}, [@l2cap_conn_rsp={{0x3, 0x6, 0x8}, {0x8, 0x4, 0x7, 0xffff}}]}}, 0x15)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="040f040400ff07000000d2a73e7636057d5db9"], 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="03c800a23b9d1731161d50823db5e2e49ba1f7c2a596412882a4a358c2aadd49ebbc0ac1086a7fd8d8a2ce0e22630aca0a5a00a708b5785800dc05cbf3c3f3b11c73725022b037b3f53c82bee4a2c5a30c7afbe4259ace371f82e3a651cf064f90a3b1d64cee29c1e1c666def7bc6ee3c62ffbbfa31f6b97f5ea0a3dd6597d746301e598031b2cceddb4adc829a1ee1c1119d4eb41939be2f9c119b1c38aef5742e35b2b5de861e4da"], 0xa6)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000005c0)=@HCI_SCODATA_PKT={0x3, {0x0, 0x50}, "2bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566b3336d7090da483b85a7eff476ae95f6fe07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c24"}, 0x54)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_si_device={{0x1, 0x4}, {0x8, 0x101}}}, 0x7)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_blocks={{0x48, 0xf}, {0x8, 0x2, [{0xc8, 0x8001, 0x2}, {0xc8, 0x3, 0x3f}]}}}, 0x12)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="0202008000"/15], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[ 1017.881628] SLUB: Unable to add cache 9p-fcall-cache-105 to sysfs
[ 1017.885522] 9p: Unknown access argument 18446744073709551615: -34
05:53:05 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x8000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:53:05 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x3}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:53:05 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, 0x0, 0x0, 0x2)

05:53:05 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 79)

05:53:05 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xa000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[ 1018.096380] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1018.097882] CPU: 0 UID: 0 PID: 8035 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1018.097914] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1018.097928] Call Trace:
[ 1018.097938]  <TASK>
[ 1018.097947]  dump_stack_lvl+0xfa/0x120
[ 1018.097980]  dump_header+0x107/0x950
[ 1018.098019]  oom_kill_process+0x278/0xa00
[ 1018.098054]  out_of_memory+0x34b/0x1690
[ 1018.098096]  ? __pfx_out_of_memory+0x10/0x10
[ 1018.098133]  ? do_raw_spin_lock+0x123/0x260
[ 1018.098171]  mem_cgroup_out_of_memory+0x164/0x190
[ 1018.098206]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1018.098250]  ? mark_held_locks+0x49/0x80
[ 1018.098281]  try_charge_memcg+0x81f/0xf30
[ 1018.098322]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1018.098364]  charge_memcg+0x7b/0x290
[ 1018.098393]  __mem_cgroup_charge+0x28/0x90
[ 1018.098426]  do_wp_page+0x58c/0x3240
[ 1018.098467]  ? __pfx_do_wp_page+0x10/0x10
[ 1018.098497]  ? do_raw_spin_lock+0x123/0x260
[ 1018.098527]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1018.098556]  ? ___pte_offset_map+0x176/0x370
[ 1018.098589]  __handle_mm_fault+0xde1/0x3030
[ 1018.098618]  ? reacquire_held_locks+0xd1/0x200
[ 1018.098642]  ? lock_vma_under_rcu+0x11e/0x530
[ 1018.098683]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1018.098715]  ? lock_vma_under_rcu+0x17b/0x530
[ 1018.098768]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1018.098822]  handle_mm_fault+0x2c3/0x900
[ 1018.098853]  ? access_error+0x17d/0x380
[ 1018.098886]  do_user_addr_fault+0x4fa/0xeb0
[ 1018.098921]  exc_page_fault+0xb0/0x180
[ 1018.098948]  asm_exc_page_fault+0x26/0x30
[ 1018.098971] RIP: 0033:0x7ff98baf5d30
[ 1018.098990] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1018.099013] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1018.099033] RAX: 00000000d44b4167 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1018.099049] RDX: 0000001b2cf20024 RSI: ffffffff819e8236 RDI: 0000000000000000
[ 1018.099064] RBP: 0000000000000001 R08: 00000000d44b4167 R09: 0000001b2cf2001c
[ 1018.099080] R10: 0000000000000167 R11: 00000000d44b416b R12: 0000000000000001
[ 1018.099094] R13: 00007ff98bc4f000 R14: ffffffff819e8236 R15: 00007ff98bc5aff0
[ 1018.099112]  ? __do_sys_mlockall+0x16/0x5c0
[ 1018.099162]  ? __do_sys_mlockall+0x16/0x5c0
[ 1018.099202]  </TASK>
[ 1018.131031] memory: usage 307200kB, limit 307200kB, failcnt 2327
[ 1018.131907] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1018.132753] Memory cgroup stats for /syz0:
[ 1018.192620] anon 110592
[ 1018.194034] file 312950784
[ 1018.194507] kernel 1511424
[ 1018.195022] kernel_stack 65536
[ 1018.195551] pagetables 151552
[ 1018.196100] sec_pagetables 0
[ 1018.196615] percpu 128
[ 1018.197063] sock 0
[ 1018.197435] vmalloc 0
[ 1018.197880] shmem 312950784
[ 1018.198376] file_mapped 0
[ 1018.198878] file_dirty 0
[ 1018.199316] file_writeback 0
[ 1018.199810] swapcached 0
[ 1018.200291] inactive_anon 306499584
[ 1018.200934] active_anon 6545408
[ 1018.201488] inactive_file 0
[ 1018.202012] active_file 0
[ 1018.202465] unevictable 0
[ 1018.202960] slab_reclaimable 948656
[ 1018.203555] slab_unreclaimable 359856
[ 1018.204207] slab 1308512
[ 1018.204679] workingset_refault_anon 0
[ 1018.205361] workingset_refault_file 1
[ 1018.206008] workingset_activate_anon 0
[ 1018.206647] workingset_activate_file 0
[ 1018.207317] workingset_restore_anon 0
[ 1018.207962] workingset_restore_file 0
[ 1018.208599] workingset_nodereclaim 0
[ 1018.209257] pgdemote_kswapd 0
[ 1018.209783] pgdemote_direct 0
[ 1018.210338] pgdemote_khugepaged 0
[ 1018.210939] pgdemote_proactive 0
[ 1018.211496] pgscan 801
[ 1018.211954] pgsteal 9
[ 1018.212371] pswpin 0
[ 1018.212760] pswpout 0
[ 1018.213195] pgscan_kswapd 0
[ 1018.213673] pgscan_direct 801
[ 1018.214215] pgscan_khugepaged 0
[ 1018.214754] pgscan_proactive 0
[ 1018.215309] pgsteal_kswapd 0
[ 1018.215809] pgsteal_direct 9
[ 1018.216399] pgsteal_khugepaged 0
[ 1018.216990] pgsteal_proactive 0
[ 1018.217535] pgfault 87323
[ 1018.218020] pgmajfault 0
[ 1018.218468] pgrefill 768
[ 1018.218963] pgactivate 3833
[ 1018.219460] pgdeactivate 768
[ 1018.219995] pglazyfree 0
[ 1018.220467] pglazyfreed 0
[ 1018.221066] swpin_zero 0
[ 1018.221511] swpout_zero 0
[ 1018.222013] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8035,uid=0
[ 1018.224385] Memory cgroup out of memory: Killed process 8035 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[ 1018.253628] 9p: Unknown access argument 18446744073709551615: -34
[ 1018.473988] audit: type=1326 audit(1755409985.821:138): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8009 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:53:14 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/devices.allow\x00', 0x121802, 0x0)
write$cgroup_devices(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="023f8c77682a2adbf631c0244c874d272be837c72ffa38d52d7be019c241ee55a113a01267ece869702e34bc2ce22d29ec951e023f7cc6bd54cea7970cb874c451bd5da93acf4df53026062720f705f330dc097df3cc023bf0db380bb77a"], 0x9)

05:53:14 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x9}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:53:14 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xc000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:53:14 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 80)

05:53:14 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x0)

05:53:14 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x1000000, 0x0)

05:53:14 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = accept(r0, &(0x7f0000000080)=@pptp={0x18, 0x2, {0x0, @initdev}}, &(0x7f0000000200)=0x80)
setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000100)={@in={{0x2, 0x0, @rand_addr=0x64010101}}, 0x0, 0x0, 0x42, 0x0, "96b93cdc36ba8ce6c179fb7fcda8352b0b8f6cf3271d2789fed02119f41c0443da75e0f77dc4c555a507e8a2267a5a7ca075eaea5bb27f6fd2725cd671bb4c1ed3b47d50229a1769f712e0a6b0b16c95"}, 0xd8)
openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r2 = getpid()
kcmp$KCMP_EPOLL_TFD(r2, r2, 0x7, 0xffffffffffffffff, &(0x7f00000000c0))
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r3, &(0x7f0000000040)=""/156, 0x9c, 0x2)
perf_event_open(&(0x7f0000000280)={0x4, 0x80, 0x6, 0x6, 0x8, 0x1, 0x0, 0xfffffffffffeffff, 0x48802, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0xffffffff, 0x2, @perf_bp={&(0x7f0000000240), 0x3}, 0xaa20, 0x3, 0x1ed, 0x5, 0x80000001, 0x6, 0x1, 0x0, 0xffffffff, 0x0, 0x5b64}, r2, 0xc, r3, 0x3)

05:53:14 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
close(r0)
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)
sendmsg$NL80211_CMD_GET_MESH_CONFIG(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x9842008}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x0, 0x1, 0x70bd29, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x3, 0x42}}}}, ["", "", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x40040}, 0x8881)
mlockall(0x2)
shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r1 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r2 = shmat(r1, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(r2)
shmat(r1, &(0x7f00005d8000/0x2000)=nil, 0x6000)
shmdt(0x0)
shmdt(0x0)

05:53:14 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xe000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:53:14 executing program 1:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0)
io_setup(0xfff, &(0x7f0000000040)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000)="fa", 0x3ffffe00}])
r2 = socket$nl_audit(0x10, 0x3, 0x9)
dup3(r2, r0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r3, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r4=>r0, {0x1}}, './file0\x00'})
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x57, 0x0, 0x20, 0x0, 0x0, 0x0, 0x40000, 0x5, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x6, 0x4, @perf_config_ext={0x50000, 0x1000}, 0x120c, 0xffffffffffffff00, 0xffff, 0x6, 0x0, 0x7, 0x7, 0x0, 0x86, 0x0, 0x2}, 0xffffffffffffffff, 0xb, r4, 0x8)

[ 1027.034090] audit: type=1326 audit(1755409994.381:139): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8068 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
[ 1027.071569] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
05:53:14 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[ 1027.072548] blk_print_req_error: 15 callbacks suppressed
[ 1027.072559] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1027.074361] buffer_io_error: 22 callbacks suppressed
[ 1027.074370] Buffer I/O error on dev sr0, logical block 0, async page read
[ 1027.077402] FAULT_INJECTION: forcing a failure.
[ 1027.077402] name failslab, interval 1, probability 0, space 0, times 0
[ 1027.079240] CPU: 1 UID: 0 PID: 8072 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1027.079272] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1027.079286] Call Trace:
[ 1027.079296]  <TASK>
[ 1027.079306]  dump_stack_lvl+0xfa/0x120
[ 1027.079341]  should_fail_ex+0x4d7/0x5e0
[ 1027.079384]  ? __kernfs_new_node+0xd3/0x870
[ 1027.079405]  should_failslab+0xc2/0x120
[ 1027.079444]  kmem_cache_alloc_noprof+0x5f/0x3d0
[ 1027.079477]  ? perf_trace_lock_acquire+0xc9/0x700
[ 1027.079515]  __kernfs_new_node+0xd3/0x870
[ 1027.079544]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1027.079574]  ? lock_acquire+0x15e/0x2f0
[ 1027.079598]  ? kernfs_root+0x23/0x2a0
[ 1027.079619]  ? find_held_lock+0x2b/0x80
[ 1027.079651]  ? kernfs_root+0xee/0x2a0
[ 1027.079672]  ? lock_release+0xc8/0x290
[ 1027.079694]  ? lock_is_held_type+0x9e/0x120
[ 1027.079728]  kernfs_new_node+0x13c/0x1e0
[ 1027.079762]  __kernfs_create_file+0x55/0x360
[ 1027.079800]  sysfs_add_file_mode_ns+0x21c/0x440
[ 1027.079849]  ? __pfx_slab_attr_store+0x10/0x10
[ 1027.079890]  internal_create_group+0x571/0xeb0
[ 1027.079928]  ? __pfx_internal_create_group+0x10/0x10
[ 1027.079972]  sysfs_slab_add+0x188/0x210
[ 1027.080007]  do_kmem_cache_create+0x235/0x5a0
[ 1027.080048]  __kmem_cache_create_args+0x20f/0x360
[ 1027.080071]  ? p9_client_create+0xd52/0x11b0
[ 1027.080108]  p9_client_create+0xdfc/0x11b0
[ 1027.080151]  ? __pfx_p9_client_create+0x10/0x10
[ 1027.080197]  ? trace_kmalloc+0x1f/0xb0
[ 1027.080221]  ? legacy_get_tree+0x109/0x220
[ 1027.080249]  ? vfs_get_tree+0x93/0x340
[ 1027.080277]  ? lockdep_init_map_type+0x4b/0x240
[ 1027.080305]  ? __raw_spin_lock_init+0x3a/0x110
[ 1027.080342]  v9fs_session_init+0x1df/0x17a0
[ 1027.080371]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1027.080417]  ? find_held_lock+0x2b/0x80
[ 1027.080448]  ? __create_object+0x59/0x80
[ 1027.080477]  ? __pfx_v9fs_session_init+0x10/0x10
[ 1027.080503]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1027.080540]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1027.080577]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1027.080614]  ? __create_object+0x59/0x80
[ 1027.080643]  ? trace_kmalloc+0x1f/0xb0
[ 1027.080665]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[ 1027.080693]  ? cred_has_capability.isra.0+0x1be/0x2c0
[ 1027.080732]  v9fs_mount+0xbc/0x9e0
[ 1027.080766]  ? __pfx_v9fs_mount+0x10/0x10
[ 1027.080802]  ? cap_capable+0xdb/0x3b0
[ 1027.080844]  ? __pfx_v9fs_mount+0x10/0x10
[ 1027.080877]  legacy_get_tree+0x109/0x220
[ 1027.080910]  vfs_get_tree+0x93/0x340
[ 1027.080940]  path_mount+0x122f/0x1db0
[ 1027.080978]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1027.081018]  ? __pfx_path_mount+0x10/0x10
[ 1027.081054]  ? kmem_cache_free+0x2a1/0x460
[ 1027.081086]  ? putname.part.0+0x11b/0x160
[ 1027.081112]  ? getname_flags.part.0+0x1c6/0x540
[ 1027.081144]  ? putname.part.0+0x11b/0x160
[ 1027.081176]  __x64_sys_mount+0x27b/0x300
[ 1027.081213]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1027.081264]  do_syscall_64+0xbf/0x360
[ 1027.081294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1027.081319] RIP: 0033:0x7fdbea32eb19
[ 1027.081339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1027.081362] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1027.081384] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[ 1027.081401] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[ 1027.081416] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[ 1027.081430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1027.081444] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[ 1027.081484]  </TASK>
[ 1027.136040] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1027.136543] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1027.137441] Buffer I/O error on dev sr0, logical block 1, async page read
[ 1027.150131] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1027.150646] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1027.151623] Buffer I/O error on dev sr0, logical block 2, async page read
[ 1027.162047] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1027.163149] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1027.163909] Buffer I/O error on dev sr0, logical block 3, async page read
[ 1027.176243] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1027.177231] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1027.178597] Buffer I/O error on dev sr0, logical block 4, async page read
[ 1027.195179] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1027.196163] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1027.197504] Buffer I/O error on dev sr0, logical block 5, async page read
[ 1027.209632] SLUB: Unable to add cache 9p-fcall-cache-107 to sysfs
[ 1027.216294] 9p: Unknown access argument 18446744073709551615: -34
[ 1027.223553] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1027.224553] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1027.225933] Buffer I/O error on dev sr0, logical block 6, async page read
[ 1027.234939] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1027.235903] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1027.237255] Buffer I/O error on dev sr0, logical block 7, async page read
[ 1027.248567] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1027.250244] CPU: 1 UID: 0 PID: 8069 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1027.250276] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1027.250290] Call Trace:
[ 1027.250298]  <TASK>
[ 1027.250308]  dump_stack_lvl+0xfa/0x120
[ 1027.250341]  dump_header+0x107/0x950
[ 1027.250379]  oom_kill_process+0x278/0xa00
[ 1027.250413]  out_of_memory+0x34b/0x1690
[ 1027.250454]  ? __pfx_out_of_memory+0x10/0x10
[ 1027.250497]  mem_cgroup_out_of_memory+0x164/0x190
[ 1027.250532]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1027.250576]  ? mark_held_locks+0x49/0x80
[ 1027.250608]  try_charge_memcg+0x81f/0xf30
[ 1027.250647]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1027.250689]  charge_memcg+0x7b/0x290
[ 1027.250718]  __mem_cgroup_charge+0x28/0x90
[ 1027.250750]  do_wp_page+0x58c/0x3240
[ 1027.250790]  ? __pfx_do_wp_page+0x10/0x10
[ 1027.250827]  ? do_raw_spin_lock+0x123/0x260
[ 1027.250857]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1027.250886]  ? ___pte_offset_map+0x176/0x370
[ 1027.250918]  __handle_mm_fault+0xde1/0x3030
[ 1027.250947]  ? reacquire_held_locks+0xd1/0x200
[ 1027.250971]  ? lock_vma_under_rcu+0x11e/0x530
[ 1027.251011]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1027.251043]  ? lock_vma_under_rcu+0x17b/0x530
[ 1027.251093]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1027.251140]  handle_mm_fault+0x2c3/0x900
[ 1027.251171]  ? access_error+0x17d/0x380
[ 1027.251202]  do_user_addr_fault+0x4fa/0xeb0
[ 1027.251237]  exc_page_fault+0xb0/0x180
[ 1027.251263]  asm_exc_page_fault+0x26/0x30
[ 1027.251287] RIP: 0033:0x7ff98baf5d30
[ 1027.251306] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1027.251330] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1027.251350] RAX: 0000000005efd28f RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1027.251366] RDX: 0000001b2cf20040 RSI: ffffffff81361ce8 RDI: 0000000000000000
[ 1027.251382] RBP: 0000000000000001 R08: 0000000005efd28f R09: 0000001b2cf2001c
[ 1027.251397] R10: 000000000000128f R11: 0000000005efd293 R12: 0000000000000008
[ 1027.251412] R13: 00007ff98bc4f000 R14: ffffffff81361ce8 R15: 00007ff98bc5aff0
[ 1027.251429]  ? fault_in_kernel_space+0x58/0x80
[ 1027.251466]  ? fault_in_kernel_space+0x58/0x80
[ 1027.251499]  </TASK>
[ 1027.285544] memory: usage 307200kB, limit 307200kB, failcnt 2349
[ 1027.286582] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1027.287604] Memory cgroup stats for /syz0:
[ 1027.288124] anon 131072
[ 1027.289257] file 312950784
[ 1027.289727] kernel 1490944
[ 1027.290232] kernel_stack 65536
[ 1027.290771] pagetables 155648
[ 1027.291309] sec_pagetables 0
[ 1027.291804] percpu 64
[ 1027.292229] sock 0
[ 1027.292591] vmalloc 0
[ 1027.293039] shmem 312950784
[ 1027.293517] file_mapped 0
[ 1027.294004] file_dirty 0
[ 1027.294441] file_writeback 0
[ 1027.294966] swapcached 0
[ 1027.295410] inactive_anon 306536448
[ 1027.296032] active_anon 6545408
[ 1027.296566] inactive_file 0
[ 1027.297086] active_file 0
[ 1027.297541] unevictable 0
[ 1027.298032] slab_reclaimable 945200
[ 1027.298618] slab_unreclaimable 340032
[ 1027.299256] slab 1285232
[ 1027.299703] workingset_refault_anon 0
[ 1027.300348] workingset_refault_file 1
[ 1027.301014] workingset_activate_anon 0
[ 1027.301636] workingset_activate_file 0
[ 1027.302285] workingset_restore_anon 0
[ 1027.302939] workingset_restore_file 0
[ 1027.303556] workingset_nodereclaim 0
[ 1027.304189] pgdemote_kswapd 0
[ 1027.304701] pgdemote_direct 0
[ 1027.305494] pgdemote_khugepaged 0
[ 1027.306190] pgdemote_proactive 0
[ 1027.306804] pgscan 801
[ 1027.307301] pgsteal 9
[ 1027.307739] pswpin 0
[ 1027.308214] pswpout 0
[ 1027.308660] pgscan_kswapd 0
[ 1027.309243] pgscan_direct 801
[ 1027.309757] pgscan_khugepaged 0
[ 1027.310285] pgscan_proactive 0
[ 1027.310786] pgsteal_kswapd 0
[ 1027.311272] pgsteal_direct 9
[ 1027.311738] pgsteal_khugepaged 0
[ 1027.312272] pgsteal_proactive 0
[ 1027.312768] pgfault 87372
[ 1027.313233] pgmajfault 0
[ 1027.313639] pgrefill 768
[ 1027.314094] pgactivate 3833
[ 1027.314539] pgdeactivate 768
[ 1027.315033] pglazyfree 0
[ 1027.315443] pglazyfreed 0
[ 1027.315898] swpin_zero 0
[ 1027.316320] swpout_zero 0
[ 1027.316738] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8069,uid=0
[ 1027.319015] Memory cgroup out of memory: Killed process 8069 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
[ 1027.859083] audit: type=1326 audit(1755409995.206:140): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8068 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:53:24 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x2000000, 0x0)

05:53:24 executing program 1:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/raw6\x00')
pwritev(r0, &(0x7f0000000400)=[{&(0x7f0000000140)="5b8f2a3d5bf08ea07bb33667fc62b28844bf101e9ed9a1c4634506d3beec9a59f76b4f4ba775916f9f4b7b1a52d91418b8626d6ea82654e5eb3c18d7608b9994647414aa124c816427c495ab1c732299141fe77a63c19599432484496ea77f66c3a2b0785930a42b9a33b87a653652a4c1037edbdd0429a233c10172668a4c893d754f0c9f0970fc051aefd1e4fbb48e79d06042b5a545781ca62f7ce5813682e2dc117efe4a6100", 0xa8}, {&(0x7f00000000c0)="e583dd9f029deee6efdef3f316247af0c0ae2ea96f291816fc1ddee6", 0x1c}, {&(0x7f0000000200)="5125ebc6bb72a72e315c3b592d3b9466cec1679e", 0x14}, {&(0x7f0000000240)="86625ecb51f58ce7d7350f1a33e20577d84d214454476fec5a82009ac10b4a2c5942463010b6604a9b94d852d594e18440e89474d002708df24cb7fd95c362d4ae5622cf80a80ce5c4", 0x49}, {&(0x7f00000002c0)="9b66fe77cd88ff8e83d90e1812b60bde989d0ec60b33963cdfbfbb77ac41140463915e8f64e506f26bbcca3e1ef796ecdb8312db00b8dcfe38fe1ad51478f1e8dbd1d038abd0337a7048c95217aa4747c7aa70c54a90ff434dd741182cb9786eb71b61f7fb24d6e05fdf9910bd85a569d18940e86d0f722ae9128f1fb7f0e42a59effd21c50c6dc934f1e6d1", 0x8c}, {&(0x7f0000000380)="5172a273a2f61136768fcb7db8de2f3303b8b6ce64c281b3064837a00528d18a02f31815ef5c1bd9d5b85512694ddb9ebff3261967122fe3cc577be2116128eb450445d5939178a7959b7605bf3481344733895ca2b426b4", 0x58}], 0x6, 0x396, 0x800)
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x3000020, &(0x7f0000000800)=ANY=[])
rmdir(&(0x7f0000000480)='./file0\x00')
chdir(&(0x7f0000000040)='./file1\x00')

05:53:24 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x6, 0xc10602)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f00000000c0)={0x1, 0x0, 0x1b, "d4"})
r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @initdev}, &(0x7f0000000080)=0x1c)
flock(r1, 0xe)

05:53:24 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0x2}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:53:24 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x10000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:53:24 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x0) (fail_nth: 1)

05:53:24 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 81)

05:53:24 executing program 0:
mlockall(0x8)
mlockall(0x4)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
shmdt(r1)

[ 1036.935290] FAULT_INJECTION: forcing a failure.
[ 1036.935290] name failslab, interval 1, probability 0, space 0, times 0
[ 1036.936417] CPU: 1 UID: 0 PID: 8093 Comm: syz-executor.5 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1036.936434] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1036.936442] Call Trace:
[ 1036.936447]  <TASK>
[ 1036.936452]  dump_stack_lvl+0xfa/0x120
[ 1036.936472]  should_fail_ex+0x4d7/0x5e0
[ 1036.936495]  should_failslab+0xc2/0x120
[ 1036.936516]  __kvmalloc_node_noprof+0x111/0x590
[ 1036.936535]  ? seq_read_iter+0x82f/0x1320
[ 1036.936555]  ? seq_read_iter+0x82f/0x1320
[ 1036.936568]  seq_read_iter+0x82f/0x1320
[ 1036.936591]  seq_read+0x375/0x540
[ 1036.936605]  ? __pfx_seq_read+0x10/0x10
[ 1036.936621]  ? srso_alias_untrain_ret+0x1/0x10
[ 1036.936636]  ? perf_trace_lock_acquire+0xc9/0x700
[ 1036.936650]  ? avc_policy_seqno+0x9/0x20
[ 1036.936671]  ? security_file_permission+0x22/0x90
[ 1036.936688]  ? __pfx_seq_read+0x10/0x10
[ 1036.936703]  vfs_read+0x1eb/0xc70
[ 1036.936722]  ? lock_acquire+0x15e/0x2f0
[ 1036.936735]  ? __fget_files+0x34/0x3b0
[ 1036.936751]  ? __pfx_vfs_read+0x10/0x10
[ 1036.936768]  ? __fget_files+0x203/0x3b0
[ 1036.936783]  ? lock_release+0xc8/0x290
[ 1036.936798]  ? __fget_files+0x20d/0x3b0
[ 1036.936824]  __x64_sys_pread64+0x1f1/0x260
[ 1036.936843]  ? __pfx___x64_sys_pread64+0x10/0x10
[ 1036.936867]  do_syscall_64+0xbf/0x360
[ 1036.936883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1036.936895] RIP: 0033:0x7f30d5d9db19
[ 1036.936905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1036.936916] RSP: 002b:00007f30d3313188 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[ 1036.936929] RAX: ffffffffffffffda RBX: 00007f30d5eb0f60 RCX: 00007f30d5d9db19
[ 1036.936937] RDX: 000000000000009c RSI: 0000000020000040 RDI: 0000000000000004
[ 1036.936945] RBP: 00007f30d33131d0 R08: 0000000000000000 R09: 0000000000000000
[ 1036.936953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1036.936960] R13: 00007ffe18807d4f R14: 00007f30d3313300 R15: 0000000000022000
[ 1036.936978]  </TASK>
05:53:24 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x40000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[ 1036.988040] audit: type=1326 audit(1755410004.334:141): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8091 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
[ 1037.076478] 9p: Unknown access argument 18446744073709551615: -34
[ 1037.129868] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1037.131345] CPU: 1 UID: 0 PID: 8099 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1037.131375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1037.131388] Call Trace:
[ 1037.131397]  <TASK>
[ 1037.131406]  dump_stack_lvl+0xfa/0x120
[ 1037.131437]  dump_header+0x107/0x950
[ 1037.131472]  oom_kill_process+0x278/0xa00
[ 1037.131505]  out_of_memory+0x34b/0x1690
[ 1037.131543]  ? __pfx_out_of_memory+0x10/0x10
[ 1037.131583]  mem_cgroup_out_of_memory+0x164/0x190
[ 1037.131615]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1037.131656]  ? mark_held_locks+0x49/0x80
[ 1037.131686]  try_charge_memcg+0x81f/0xf30
[ 1037.131723]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1037.131761]  charge_memcg+0x7b/0x290
[ 1037.131788]  __mem_cgroup_charge+0x28/0x90
[ 1037.131825]  do_wp_page+0x58c/0x3240
[ 1037.131862]  ? __pfx_do_wp_page+0x10/0x10
[ 1037.131889]  ? do_raw_spin_lock+0x123/0x260
[ 1037.131917]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1037.131943]  ? ___pte_offset_map+0x176/0x370
[ 1037.131973]  __handle_mm_fault+0xde1/0x3030
[ 1037.132003]  ? reacquire_held_locks+0xd1/0x200
[ 1037.132026]  ? lock_vma_under_rcu+0x11e/0x530
[ 1037.132063]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1037.132093]  ? lock_vma_under_rcu+0x17b/0x530
[ 1037.132141]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1037.132183]  handle_mm_fault+0x2c3/0x900
[ 1037.132211]  ? access_error+0x17d/0x380
[ 1037.132240]  do_user_addr_fault+0x4fa/0xeb0
[ 1037.132273]  exc_page_fault+0xb0/0x180
[ 1037.132297]  asm_exc_page_fault+0x26/0x30
[ 1037.132319] RIP: 0033:0x7ff98baf2ecd
[ 1037.132336] Code: 0c 48 89 df 41 83 c6 01 e8 20 f6 ff ff 48 83 c3 20 49 39 df 75 df 4c 8b 2d f0 14 0a 01 44 89 75 08 8b 05 36 41 16 00 83 c0 01 <89> 05 2d 41 16 00 41 89 45 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e
[ 1037.132357] RSP: 002b:00007ffc54e39090 EFLAGS: 00010202
[ 1037.132375] RAX: 0000000000000001 RBX: 00007ff98bc5af60 RCX: 000000000000000b
[ 1037.132389] RDX: 0000001b2cf2004c RSI: ffffffff84b9a2ac RDI: 000000001e8058dd
[ 1037.132404] RBP: 0000001b2cf20014 R08: 0000001b2df20000 R09: 0000001b2cf2001c
[ 1037.132418] R10: 00000000000018dd R11: 000000001e8058e1 R12: 00007ff98bc5af60
[ 1037.132432] R13: 0000001b2cf20000 R14: 00007ff98bc5af60 R15: 00000000000fd23c
[ 1037.132458]  ? do_syscall_64+0x12c/0x360
[ 1037.132488]  </TASK>
[ 1037.162708] memory: usage 307200kB, limit 307200kB, failcnt 2375
[ 1037.163635] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1037.164545] Memory cgroup stats for /syz0:
[ 1037.164758] anon 139264
[ 1037.165863] file 312950784
[ 1037.166287] kernel 1482752
[ 1037.166705] kernel_stack 65536
[ 1037.167223] pagetables 147456
[ 1037.167687] sec_pagetables 0
[ 1037.168170] percpu 64
[ 1037.168542] sock 0
[ 1037.168936] vmalloc 0
[ 1037.169299] shmem 312950784
[ 1037.169738] file_mapped 0
[ 1037.170184] file_dirty 0
[ 1037.170580] file_writeback 0
[ 1037.171060] swapcached 0
[ 1037.171457] inactive_anon 306532352
[ 1037.172021] active_anon 6545408
[ 1037.172511] inactive_file 0
[ 1037.172972] active_file 0
[ 1037.173393] unevictable 0
[ 1037.173800] slab_reclaimable 945200
[ 1037.174361] slab_unreclaimable 339648
[ 1037.174942] slab 1284848
[ 1037.175339] workingset_refault_anon 0
[ 1037.175921] workingset_refault_file 1
[ 1037.176467] workingset_activate_anon 0
[ 1037.177075] workingset_activate_file 0
[ 1037.177656] workingset_restore_anon 0
[ 1037.178249] workingset_restore_file 0
[ 1037.178796] workingset_nodereclaim 0
[ 1037.179374] pgdemote_kswapd 0
[ 1037.179869] pgdemote_direct 0
[ 1037.180331] pgdemote_khugepaged 0
[ 1037.180877] pgdemote_proactive 0
[ 1037.181380] pgscan 801
[ 1037.181754] pgsteal 9
[ 1037.182162] pswpin 0
[ 1037.182517] pswpout 0
[ 1037.182917] pgscan_kswapd 0
[ 1037.183353] pgscan_direct 801
[ 1037.183811] pgscan_khugepaged 0
[ 1037.184354] pgscan_proactive 0
[ 1037.184869] pgsteal_kswapd 0
[ 1037.185324] pgsteal_direct 9
[ 1037.185780] pgsteal_khugepaged 0
[ 1037.186318] pgsteal_proactive 0
[ 1037.186804] pgfault 87426
[ 1037.187249] pgmajfault 0
[ 1037.187645] pgrefill 768
[ 1037.188077] pgactivate 3833
[ 1037.188509] pgdeactivate 768
[ 1037.188999] pglazyfree 0
[ 1037.189414] pglazyfreed 0
[ 1037.189858] swpin_zero 0
[ 1037.190260] swpout_zero 0
[ 1037.190663] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8099,uid=0
[ 1037.192800] Memory cgroup out of memory: Killed process 8099 (syz-executor.0) total-vm:93420kB, anon-rss:276kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[ 1037.802464] audit: type=1326 audit(1755410005.150:142): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8091 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:53:35 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x0) (fail_nth: 2)

05:53:35 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0x3}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:53:35 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x3000000, 0x0)

05:53:35 executing program 0:
mlockall(0x2)
mlockall(0x4)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
shmdt(0x0)
shmdt(0x0)
shmat(r0, &(0x7f0000de1000/0x2000)=nil, 0x0)

05:53:35 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'team0\x00', <r2=>0x0})
sendmsg$FOU_CMD_ADD(r1, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)={0x64, 0x0, 0x20, 0x70bd25, 0x25dfdbfc, {}, [@FOU_ATTR_PEER_V4={0x8, 0x8, @multicast1}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @dev={0xfe, 0x80, '\x00', 0x2d}}, @FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_TYPE={0x5, 0x4, 0x2}, @FOU_ATTR_IFINDEX={0x8, 0xb, r2}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @multicast2}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e21}, @FOU_ATTR_IPPROTO={0x5, 0x3, 0x11}]}, 0x64}, 0x1, 0x0, 0x0, 0x4004010}, 0x40000)
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(r0, 0x8983, &(0x7f0000000040)={0x7, 'veth0_vlan\x00', {}, 0x3d61})
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400026220000200000004f8", 0x16}, {0x0, 0x0, 0x4000}], 0x0, &(0x7f0000011100))

05:53:35 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xe0ffff00000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:53:35 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 82)

05:53:35 executing program 3:
ioctl$CDROMREADAUDIO(0xffffffffffffffff, 0x530e, &(0x7f0000000180)={@lba=0x7, 0x2, 0x5, &(0x7f0000000140)=""/5})
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
pwritev(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)='\\', 0x1}], 0x1, 0x0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f00000000c0)={<r1=>r0, 0xc0c, 0x9, 0x9})
ioctl$PERF_EVENT_IOC_QUERY_BPF(r1, 0xc008240a, &(0x7f0000000100)={0xa, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x100000000)

[ 1047.909574] FAULT_INJECTION: forcing a failure.
[ 1047.909574] name failslab, interval 1, probability 0, space 0, times 0
[ 1047.910575] CPU: 0 UID: 0 PID: 8120 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1047.910592] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1047.910601] Call Trace:
[ 1047.910606]  <TASK>
[ 1047.910612]  dump_stack_lvl+0xfa/0x120
[ 1047.910638]  should_fail_ex+0x4d7/0x5e0
[ 1047.910667]  ? __kernfs_new_node+0xd3/0x870
[ 1047.910679]  should_failslab+0xc2/0x120
[ 1047.910703]  kmem_cache_alloc_noprof+0x5f/0x3d0
[ 1047.910720]  ? perf_trace_run_bpf_submit+0xef/0x180
[ 1047.910751]  __kernfs_new_node+0xd3/0x870
[ 1047.910772]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1047.910793]  ? lock_acquire+0x15e/0x2f0
[ 1047.910809]  ? kernfs_root+0x23/0x2a0
[ 1047.910827]  ? find_held_lock+0x2b/0x80
[ 1047.910846]  ? kernfs_root+0xee/0x2a0
[ 1047.910859]  ? lock_release+0xc8/0x290
[ 1047.910870]  ? lock_is_held_type+0x9e/0x120
[ 1047.910896]  kernfs_new_node+0x13c/0x1e0
[ 1047.910922]  __kernfs_create_file+0x55/0x360
[ 1047.910949]  sysfs_add_file_mode_ns+0x21c/0x440
[ 1047.910976]  ? __pfx_slab_attr_store+0x10/0x10
[ 1047.911002]  internal_create_group+0x571/0xeb0
[ 1047.911032]  ? __pfx_internal_create_group+0x10/0x10
[ 1047.911068]  sysfs_slab_add+0x188/0x210
[ 1047.911091]  do_kmem_cache_create+0x235/0x5a0
[ 1047.911116]  __kmem_cache_create_args+0x20f/0x360
[ 1047.911130]  ? p9_client_create+0xd52/0x11b0
[ 1047.911154]  p9_client_create+0xdfc/0x11b0
[ 1047.911185]  ? __pfx_p9_client_create+0x10/0x10
[ 1047.911218]  ? trace_kmalloc+0x1f/0xb0
[ 1047.911232]  ? legacy_get_tree+0x109/0x220
[ 1047.911247]  ? vfs_get_tree+0x93/0x340
[ 1047.911264]  ? lockdep_init_map_type+0x4b/0x240
[ 1047.911280]  ? __raw_spin_lock_init+0x3a/0x110
[ 1047.911306]  v9fs_session_init+0x1df/0x17a0
[ 1047.911324]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1047.911354]  ? find_held_lock+0x2b/0x80
[ 1047.911371]  ? __create_object+0x59/0x80
[ 1047.911389]  ? __pfx_v9fs_session_init+0x10/0x10
[ 1047.911402]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1047.911422]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1047.911443]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1047.911463]  ? __create_object+0x59/0x80
[ 1047.911481]  ? trace_kmalloc+0x1f/0xb0
[ 1047.911493]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[ 1047.911507]  ? cred_has_capability.isra.0+0x1be/0x2c0
[ 1047.911537]  v9fs_mount+0xbc/0x9e0
[ 1047.911558]  ? __pfx_v9fs_mount+0x10/0x10
[ 1047.911581]  ? cap_capable+0xdb/0x3b0
[ 1047.911602]  ? __pfx_v9fs_mount+0x10/0x10
[ 1047.911621]  legacy_get_tree+0x109/0x220
[ 1047.911644]  vfs_get_tree+0x93/0x340
[ 1047.911663]  path_mount+0x122f/0x1db0
[ 1047.911687]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1047.911712]  ? __pfx_path_mount+0x10/0x10
[ 1047.911733]  ? kmem_cache_free+0x2a1/0x460
[ 1047.911751]  ? putname.part.0+0x11b/0x160
[ 1047.911768]  ? getname_flags.part.0+0x1c6/0x540
[ 1047.911790]  ? putname.part.0+0x11b/0x160
[ 1047.911813]  __x64_sys_mount+0x27b/0x300
[ 1047.911835]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1047.911873]  do_syscall_64+0xbf/0x360
[ 1047.911893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1047.911908] RIP: 0033:0x7fdbea32eb19
[ 1047.911919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1047.911931] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1047.911944] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[ 1047.911953] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[ 1047.911961] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[ 1047.911969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1047.911977] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[ 1047.912014]  </TASK>
05:53:35 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xf0ffffffffffff, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:53:35 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/handlers\x00', 0x0, 0x0)
pread64(r0, &(0x7f0000000040)=""/186, 0xba, 0xff)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
sendmsg$nl_netfilter(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x14, 0x2, 0x801, 0x70bd2d, 0x25dfdbfd, {0x5, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x4008000)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000000)={0x0, <r3=>0x0}, &(0x7f0000000040)=0x5)
setuid(r3)
ioctl$TUNSETOWNER(r1, 0x400454cc, r3)

[ 1047.999972] audit: type=1326 audit(1755410015.330:143): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8121 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:53:35 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x0) (fail_nth: 3)

[ 1048.023786] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1048.025360] CPU: 1 UID: 0 PID: 8114 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1048.025391] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1048.025404] Call Trace:
[ 1048.025413]  <TASK>
[ 1048.025422]  dump_stack_lvl+0xfa/0x120
[ 1048.025454]  dump_header+0x107/0x950
[ 1048.025492]  oom_kill_process+0x278/0xa00
[ 1048.025525]  out_of_memory+0x34b/0x1690
[ 1048.025565]  ? __pfx_out_of_memory+0x10/0x10
[ 1048.025609]  mem_cgroup_out_of_memory+0x164/0x190
[ 1048.025642]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1048.025685]  ? mark_held_locks+0x49/0x80
[ 1048.025717]  try_charge_memcg+0x81f/0xf30
[ 1048.025756]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1048.025798]  charge_memcg+0x7b/0x290
[ 1048.025832]  __mem_cgroup_charge+0x28/0x90
[ 1048.025863]  do_wp_page+0x58c/0x3240
[ 1048.025903]  ? __pfx_do_wp_page+0x10/0x10
[ 1048.025947]  ? do_raw_spin_lock+0x123/0x260
[ 1048.025975]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1048.026003]  ? ___pte_offset_map+0x176/0x370
[ 1048.026035]  __handle_mm_fault+0xde1/0x3030
[ 1048.026062]  ? reacquire_held_locks+0xd1/0x200
[ 1048.026084]  ? lock_vma_under_rcu+0x11e/0x530
[ 1048.026122]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1048.026153]  ? lock_vma_under_rcu+0x17b/0x530
[ 1048.026210]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1048.026255]  handle_mm_fault+0x2c3/0x900
[ 1048.026284]  ? access_error+0x17d/0x380
[ 1048.026315]  do_user_addr_fault+0x4fa/0xeb0
[ 1048.026350]  exc_page_fault+0xb0/0x180
[ 1048.026375]  asm_exc_page_fault+0x26/0x30
[ 1048.026397] RIP: 0033:0x7ff98baf5d30
[ 1048.026415] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1048.026436] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1048.026454] RAX: 000000000da4c98d RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1048.026469] RDX: 0000001b2cf2007c RSI: ffffffff812c80c8 RDI: 0000000000000000
[ 1048.026483] RBP: 0000000000000001 R08: 000000000da4c98d R09: 0000001b2cf2001c
[ 1048.026497] R10: 000000000000098d R11: 000000000da4c991 R12: 0000000000000017
[ 1048.026510] R13: 00007ff98bc4f000 R14: ffffffff812c80c8 R15: 00007ff98bc5aff0
[ 1048.026526]  ? x86_task_fpu+0x58/0xa0
[ 1048.026561]  ? x86_task_fpu+0x58/0xa0
[ 1048.026591]  </TASK>
[ 1048.057230] memory: usage 307200kB, limit 307200kB, failcnt 2403
[ 1048.058199] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1048.058976] SLUB: Unable to add cache 9p-fcall-cache-109 to sysfs
[ 1048.059100] Memory cgroup stats for /syz0:
[ 1048.059742] 9p: Unknown access argument 18446744073709551615: -34
05:53:35 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0x4}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[ 1048.084288] anon 135168
[ 1048.084732] file 312950784
[ 1048.085371] kernel 1486848
[ 1048.085801] kernel_stack 65536
[ 1048.086482] pagetables 147456
[ 1048.087003] sec_pagetables 0
[ 1048.087452] percpu 64
[ 1048.087812] sock 0
[ 1048.088187] vmalloc 0
[ 1048.088551] shmem 312950784
[ 1048.089026] file_mapped 0
[ 1048.089434] file_dirty 0
[ 1048.089885] file_writeback 0
[ 1048.090344] swapcached 0
[ 1048.090747] inactive_anon 306540544
[ 1048.091319] active_anon 6545408
[ 1048.091804] inactive_file 0
[ 1048.092277] active_file 0
[ 1048.092678] unevictable 0
[ 1048.093128] slab_reclaimable 948656
[ 1048.093659] slab_unreclaimable 339648
[ 1048.094264] slab 1288304
[ 1048.094673] workingset_refault_anon 0
[ 1048.095261] workingset_refault_file 1
[ 1048.095807] workingset_activate_anon 0
[ 1048.096413] workingset_activate_file 0
[ 1048.097002] workingset_restore_anon 0
[ 1048.097552] workingset_restore_file 0
[ 1048.098145] workingset_nodereclaim 0
[ 1048.098684] pgdemote_kswapd 0
[ 1048.099177] pgdemote_direct 0
[ 1048.099632] pgdemote_khugepaged 0
[ 1048.100163] pgdemote_proactive 0
[ 1048.100664] pgscan 801
[ 1048.101060] pgsteal 9
[ 1048.101421] pswpin 0
[ 1048.101768] pswpout 0
[ 1048.102169] pgscan_kswapd 0
[ 1048.102595] pgscan_direct 801
[ 1048.103080] pgscan_khugepaged 0
[ 1048.103562] pgscan_proactive 0
[ 1048.104075] pgsteal_kswapd 0
[ 1048.104520] pgsteal_direct 9
[ 1048.104993] pgsteal_khugepaged 0
[ 1048.105491] pgsteal_proactive 0
[ 1048.106017] pgfault 87479
[ 1048.106422] pgmajfault 0
[ 1048.106812] pgrefill 768
[ 1048.107243] pgactivate 3833
[ 1048.107665] pgdeactivate 768
[ 1048.108151] pglazyfree 0
[ 1048.108546] pglazyfreed 0
[ 1048.108982] swpin_zero 0
[ 1048.109387] swpout_zero 0
[ 1048.109792] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8114,uid=0
[ 1048.111994] Memory cgroup out of memory: Killed process 8114 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
05:53:35 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x4000000, 0x0)

[ 1048.173319] FAULT_INJECTION: forcing a failure.
[ 1048.173319] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1048.175089] CPU: 1 UID: 0 PID: 8143 Comm: syz-executor.5 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
05:53:35 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/bnep\x00')
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, <r2=>0x0}, &(0x7f0000000040)=0x1)
setuid(r2)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000000)={0x0, <r4=>0x0}, &(0x7f0000000040)=0x5)
setuid(r4)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r5=>r3, {0xffffffff}}, './file0\x00'})
connect(r5, &(0x7f00000001c0)=@nfc_llcp={0x27, 0x1, 0x0, 0x2, 0x3, 0x30, "83ea7986e44373c90e7dde371067fabbee3003aa828eed20a2d3a3f0b40952b083ff648a761d66a5619cee4c7b02e8d5f95995296d23254eb5000f18616adf", 0x31}, 0x80)
r6 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f00000085c0)={0x0, 0x0, <r8=>0x0}, &(0x7f0000008600)=0xc)
fsetxattr$system_posix_acl(r6, &(0x7f00000000c0)='system.posix_acl_default\x00', &(0x7f0000000380)={{}, {}, [], {}, [{0x8, 0x0, r8}]}, 0x2c, 0x0)
fchown(r1, r4, r8)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000080), &(0x7f0000000100)=0xc)
setsockopt$bt_hci_HCI_FILTER(r1, 0x0, 0x2, &(0x7f0000000140), 0x10)

05:53:35 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 83)

[ 1048.175120] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1048.175134] Call Trace:
[ 1048.175143]  <TASK>
[ 1048.175152]  dump_stack_lvl+0xfa/0x120
[ 1048.175186]  should_fail_ex+0x4d7/0x5e0
[ 1048.175227]  _copy_to_iter+0x578/0x1660
[ 1048.175273]  ? __pfx__copy_to_iter+0x10/0x10
[ 1048.175306]  ? lock_release+0xc8/0x290
[ 1048.175336]  ? __virt_addr_valid+0x100/0x5d0
[ 1048.175372]  ? __check_object_size+0x57b/0x880
[ 1048.175408]  seq_read_iter+0xdd2/0x1320
[ 1048.175453]  seq_read+0x375/0x540
[ 1048.175479]  ? __pfx_seq_read+0x10/0x10
[ 1048.175507]  ? srso_alias_untrain_ret+0x1/0x10
[ 1048.175533]  ? perf_trace_lock_acquire+0xc9/0x700
[ 1048.175558]  ? avc_policy_seqno+0x9/0x20
[ 1048.175595]  ? security_file_permission+0x22/0x90
[ 1048.175626]  ? __pfx_seq_read+0x10/0x10
[ 1048.175653]  vfs_read+0x1eb/0xc70
[ 1048.175686]  ? lock_acquire+0x15e/0x2f0
[ 1048.175708]  ? __fget_files+0x34/0x3b0
[ 1048.175738]  ? __pfx_vfs_read+0x10/0x10
[ 1048.175768]  ? __fget_files+0x203/0x3b0
[ 1048.175796]  ? lock_release+0xc8/0x290
[ 1048.175831]  ? __fget_files+0x20d/0x3b0
[ 1048.175873]  __x64_sys_pread64+0x1f1/0x260
[ 1048.175907]  ? __pfx___x64_sys_pread64+0x10/0x10
[ 1048.175951]  do_syscall_64+0xbf/0x360
[ 1048.175980]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1048.176002] RIP: 0033:0x7f30d5d9db19
05:53:35 executing program 1:
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000200)=@file={0x1, './file0\x00'}, 0x6e)
getsockname$unix(r0, 0x0, &(0x7f0000000300))
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r3, &(0x7f0000000040)=""/156, 0x9c, 0x2)
io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000180)=[r1, r2, r1, r3, r1], 0x5)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x1c, r5, 0x1, 0x0, 0x0, {}, [@NL80211_ATTR_WIPHY_RETRY_SHORT={0x5, 0x3d, 0x7f}]}, 0x1c}}, 0x0)
socketpair(0xa, 0xfbf685b0236cc12a, 0x1, &(0x7f00000001c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = syz_genetlink_get_family_id$devlink(&(0x7f00000002c0), r4)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r6, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000480)={0x1b8, r7, 0x2, 0x70bd26, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}]}, 0x1b8}, 0x1, 0x0, 0x0, 0x24000040}, 0x20000014)
sendmsg$NL80211_CMD_SET_QOS_MAP(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x8c, r5, 0x1, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x5, 0x40}}}}, [@NL80211_ATTR_QOS_MAP={0x14, 0xc7, {[{0x7f, 0x2}, {0x5, 0x3}, {0x2, 0x7}, {0x19, 0x2}], "04db7b8a7c29bd1a"}}, @NL80211_ATTR_QOS_MAP={0x12, 0xc7, {[{0x7f, 0x6}, {0x7, 0x5}, {0x6, 0x5}], "d097eaa3ce1656b9"}}, @NL80211_ATTR_QOS_MAP={0x1c, 0xc7, {[{0x8, 0x6}, {0x7, 0x6}, {0x28, 0x3}, {0x6, 0x5}, {0xcb, 0x5}, {0x2, 0x4}, {0x6, 0x6}, {0xf3, 0x2}], "4bfb04600dfdaf89"}}, @NL80211_ATTR_QOS_MAP={0x26, 0xc7, {[{0x5, 0x5}, {0x80}, {0x0, 0x1}, {0x6, 0x6}, {0x42, 0x1}, {0x8}, {0x6, 0x1}, {0xff, 0x3}, {0x5, 0x6}, {0x0, 0x4}, {0x16, 0x1}, {0x4, 0x2}, {0x40, 0x5}], "c77fa5339a710bc8"}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4060014}, 0xd0)

[ 1048.176020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1048.176043] RSP: 002b:00007f30d3313188 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[ 1048.176065] RAX: ffffffffffffffda RBX: 00007f30d5eb0f60 RCX: 00007f30d5d9db19
05:53:35 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x100000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[ 1048.176081] RDX: 000000000000009c RSI: 0000000020000040 RDI: 0000000000000004
[ 1048.176094] RBP: 00007f30d33131d0 R08: 0000000000000000 R09: 0000000000000000
[ 1048.176108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1048.176123] R13: 00007ffe18807d4f R14: 00007f30d3313300 R15: 0000000000022000
[ 1048.176157]  </TASK>
[ 1048.241430] audit: type=1326 audit(1755410015.586:144): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8148 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:53:35 executing program 0:
mlockall(0x2)
mlockall(0x7)
mlockall(0x2)
shmget$private(0x0, 0x4000, 0x40, &(0x7f00007af000/0x4000)=nil)
r0 = shmget(0x2, 0x1000, 0x400, &(0x7f0000b18000/0x1000)=nil)
r1 = shmat(r0, &(0x7f00008bb000/0x1000)=nil, 0x6000)
shmdt(0x0)
mlockall(0x4)
shmdt(r1)
mlockall(0x1)

05:53:35 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0x5}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[ 1048.320343] 9p: Unknown access argument 18446744073709551615: -34
05:53:35 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x101000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:53:35 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0x6}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:53:35 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x0) (fail_nth: 4)

05:53:35 executing program 3:
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000080)='./cgroup.net/devices.allow/file0\x00', 0x1, 0x3, &(0x7f0000000200)=[{&(0x7f00000000c0)="b140dd0f1602219b4d6df4b3fa3496124b737dc14c3aa1cf18d18e4087a1f4f53a8f3114c98d0a31d179e34ecb51b813d935279ef07ea9d0d7e5", 0x3a, 0x1000}, {&(0x7f0000000100)="11f28a5befc95cbfed010772c725d66b5d1ac80b7037b992bf6cf9fbd8080e62992f88181d7b0b1beda8dbacd4e2c83a43b0f85361b796d6d6a2020976798c971a2f321f19dfdeaaab2dbfc4847534218b59c2c710d7a77188dadf972d678b4fc0e6da3cf3edea", 0x67, 0x5}, {&(0x7f0000000180)="05359480eff690976dae851f63f22a93fe8578e62b37c8894e0c51a023585f7f53efe04bd254536615794f1b7c32fe144df3ec69b8b9a2e88510b7ffc7bcae5f5833fc0de7c2e38f45e7712beed19867dfce7862b5c9f8d0cfc27f596819e7819b4bd20af8c9c3", 0x67, 0x400}], 0x800410, &(0x7f00000005c0)=ANY=[@ANYBLOB="6d61703d6e6f726d616c2c6d61703d61636f726e2c61707072616973655f747970653d696d617369672c7375626a5f726f6c653d25b92c736d61636b66736861743d2a2c5e2d2c23292d052c61756469742c686173682c003253bbd043d0bb7c479481852df2b035ac2be22ec494eb3874febe997f7272d6005a23514d4af021afb8bdad7723b14f9dea0e44bc782cab2b6f06ab7ad8610000000000000000197bfef54b77b76732cdf84ee769c3ee1c71ade09a211103eb9a3ff96c2f7e24b307488a65c3c90233baa4893574040a7472ae73902b453a0b089e3503a95555a600000000000000"])
r0 = syz_mount_image$tmpfs(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x81, 0x2, &(0x7f0000000500)=[{&(0x7f0000000380)="291985e0931c03a669675adb4b236e15d96371e55c8b76de8661f24783e4761ff2fc23d89a5ec5bfbe00dc451b241242ddea582dd9f0bdab9bc98b9e5970f8fdaed7cdb398a90fceeb8a40f00a66780b3d0d5a7f891d9bf03c1afdb1c621d302e9acb68262c9b52f797db54e211b1c72a90b82fec77ad0ac2c82b0666347c766c1779c905cde7e9bd4e38662e8d8253541811b674459ef7f1b6e596cbd0efb5b50efe1db3074402e1e1778611a2ff9e41a76a0fecfbc451cb0f961bbd6399e75f1f416f414", 0xc5, 0x72b2}, {&(0x7f0000000480)="dcdca9b44976a60edbab16e26fdcedbe0c72947d0f833532ea6ca0cfb892279d5fa3905cbc6dc44d132da2f0a2898c856729949ca0dea01aedaf6a7cab388ddcd8024fac7f839bac77404d8146dcb23c8b45cdd8f74f16d1ce50beb23484ebe9e618d38e36b526d030f5ba6f05881e0d1ae6f9bac608", 0x76, 0x1}], 0x800011, &(0x7f0000000540)={[{@size={'size', 0x3d, [0x6b, 0x34, 0x33, 0xcc, 0x39, 0x32, 0x74]}}, {@huge_always}, {@mode={'mode', 0x3d, 0x4}}, {@gid}], [{@smackfsdef={'smackfsdef', 0x3d, '%\'[\'{{'}}]})
r1 = openat(r0, &(0x7f0000000000)='./cgroup.net/devices.allow\x00', 0x0, 0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendfile(r2, r1, 0x0, 0x7fffffff)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x40000, 0x0)
pread64(r3, &(0x7f00000002c0)=""/11, 0xb, 0xffffffffffffffff)

05:53:35 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 84)

05:53:35 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x200000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[ 1048.465524] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1048.467101] CPU: 1 UID: 0 PID: 8160 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1048.467133] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1048.467147] Call Trace:
[ 1048.467156]  <TASK>
[ 1048.467166]  dump_stack_lvl+0xfa/0x120
05:53:35 executing program 1:
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000200)=@file={0x1, './file0\x00'}, 0x6e)
getsockname$unix(r0, 0x0, &(0x7f0000000300))
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r3, &(0x7f0000000040)=""/156, 0x9c, 0x2)
io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000180)=[r1, r2, r1, r3, r1], 0x5)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x1c, r5, 0x1, 0x0, 0x0, {}, [@NL80211_ATTR_WIPHY_RETRY_SHORT={0x5, 0x3d, 0x7f}]}, 0x1c}}, 0x0)
socketpair(0xa, 0xfbf685b0236cc12a, 0x1, &(0x7f00000001c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = syz_genetlink_get_family_id$devlink(&(0x7f00000002c0), r4)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r6, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000480)={0x1b8, r7, 0x2, 0x70bd26, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}]}, 0x1b8}, 0x1, 0x0, 0x0, 0x24000040}, 0x20000014)
sendmsg$NL80211_CMD_SET_QOS_MAP(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x8c, r5, 0x1, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x5, 0x40}}}}, [@NL80211_ATTR_QOS_MAP={0x14, 0xc7, {[{0x7f, 0x2}, {0x5, 0x3}, {0x2, 0x7}, {0x19, 0x2}], "04db7b8a7c29bd1a"}}, @NL80211_ATTR_QOS_MAP={0x12, 0xc7, {[{0x7f, 0x6}, {0x7, 0x5}, {0x6, 0x5}], "d097eaa3ce1656b9"}}, @NL80211_ATTR_QOS_MAP={0x1c, 0xc7, {[{0x8, 0x6}, {0x7, 0x6}, {0x28, 0x3}, {0x6, 0x5}, {0xcb, 0x5}, {0x2, 0x4}, {0x6, 0x6}, {0xf3, 0x2}], "4bfb04600dfdaf89"}}, @NL80211_ATTR_QOS_MAP={0x26, 0xc7, {[{0x5, 0x5}, {0x80}, {0x0, 0x1}, {0x6, 0x6}, {0x42, 0x1}, {0x8}, {0x6, 0x1}, {0xff, 0x3}, {0x5, 0x6}, {0x0, 0x4}, {0x16, 0x1}, {0x4, 0x2}, {0x40, 0x5}], "c77fa5339a710bc8"}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4060014}, 0xd0)

[ 1048.467200]  dump_header+0x107/0x950
[ 1048.467240]  oom_kill_process+0x278/0xa00
[ 1048.467276]  out_of_memory+0x34b/0x1690
[ 1048.467314]  ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 1048.467351]  ? __pfx_out_of_memory+0x10/0x10
[ 1048.467395]  mem_cgroup_out_of_memory+0x164/0x190
[ 1048.467431]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1048.467476]  ? mark_held_locks+0x49/0x80
[ 1048.467509]  try_charge_memcg+0x81f/0xf30
[ 1048.467549]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1048.467592]  charge_memcg+0x7b/0x290
[ 1048.467621]  __mem_cgroup_charge+0x28/0x90
[ 1048.467654]  do_wp_page+0x58c/0x3240
[ 1048.467695]  ? __pfx_do_wp_page+0x10/0x10
[ 1048.467725]  ? do_raw_spin_lock+0x123/0x260
[ 1048.467754]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1048.467783]  ? ___pte_offset_map+0x176/0x370
[ 1048.467822]  __handle_mm_fault+0xde1/0x3030
[ 1048.467852]  ? reacquire_held_locks+0xd1/0x200
[ 1048.467875]  ? lock_vma_under_rcu+0x11e/0x530
[ 1048.467915]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1048.467947]  ? lock_vma_under_rcu+0x17b/0x530
[ 1048.468000]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1048.468047]  handle_mm_fault+0x2c3/0x900
[ 1048.468077]  ? access_error+0x17d/0x380
[ 1048.468109]  do_user_addr_fault+0x4fa/0xeb0
[ 1048.468145]  exc_page_fault+0xb0/0x180
[ 1048.468171]  asm_exc_page_fault+0x26/0x30
[ 1048.468194] RIP: 0033:0x7ff98baf5d30
[ 1048.468213] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1048.468236] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1048.468255] RAX: 00000000d44b4167 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1048.468271] RDX: 0000001b2cf20024 RSI: ffffffff819e8236 RDI: 0000000000000000
[ 1048.468286] RBP: 0000000000000001 R08: 00000000d44b4167 R09: 0000001b2cf2001c
[ 1048.468301] R10: 0000000000000167 R11: 00000000d44b416b R12: 0000000000000001
[ 1048.468316] R13: 00007ff98bc4f000 R14: ffffffff819e8236 R15: 00007ff98bc5aff0
[ 1048.468333]  ? __do_sys_mlockall+0x16/0x5c0
[ 1048.468378]  ? __do_sys_mlockall+0x16/0x5c0
[ 1048.468418]  </TASK>
[ 1048.471472] 9p: Unknown access argument 18446744073709551615: -34
[ 1048.471984] memory: usage 307200kB, limit 307200kB, failcnt 2423
05:53:35 executing program 3:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x5, 0xe7, 0xff, 0x2, 0x0, 0x6, 0x11004, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x4}, 0x40, 0xfffffffffffffffa, 0x2, 0x4, 0x3ff, 0x5, 0x80, 0x0, 0x7515e119, 0x0, 0x6}, 0xffffffffffffffff, 0xb, r0, 0x8)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/power/pm_test', 0x8242, 0x0)
pwritev2(r1, &(0x7f00000002c0)=[{&(0x7f0000000000)="b4", 0x4}], 0x1, 0x0, 0x0, 0x0)

[ 1048.505049] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1048.506356] Memory cgroup stats for /syz0:
[ 1048.509003] FAULT_INJECTION: forcing a failure.
[ 1048.509003] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1048.512179] CPU: 1 UID: 0 PID: 8178 Comm: syz-executor.5 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1048.512212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1048.512227] Call Trace:
[ 1048.512235]  <TASK>
[ 1048.512245]  dump_stack_lvl+0xfa/0x120
[ 1048.512274]  should_fail_ex+0x4d7/0x5e0
[ 1048.512317]  _copy_to_user+0x32/0xd0
[ 1048.512344]  simple_read_from_buffer+0xe0/0x180
[ 1048.512380]  proc_fail_nth_read+0x18a/0x240
[ 1048.512418]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1048.512455]  ? security_file_permission+0x22/0x90
[ 1048.512490]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1048.512526]  vfs_read+0x1eb/0xc70
[ 1048.512568]  ? __pfx_vfs_read+0x10/0x10
[ 1048.512604]  ? lock_release+0xc8/0x290
[ 1048.512635]  ? __fget_files+0x20d/0x3b0
[ 1048.512682]  ksys_read+0x121/0x240
[ 1048.512716]  ? __pfx_ksys_read+0x10/0x10
[ 1048.512764]  do_syscall_64+0xbf/0x360
[ 1048.512795]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1048.512828] RIP: 0033:0x7f30d5d5069c
[ 1048.512846] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 1048.512869] RSP: 002b:00007f30d3313170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1048.512893] RAX: ffffffffffffffda RBX: 0000000000000026 RCX: 00007f30d5d5069c
[ 1048.512910] RDX: 000000000000000f RSI: 00007f30d33131e0 RDI: 0000000000000005
[ 1048.512926] RBP: 00007f30d33131d0 R08: 0000000000000000 R09: 0000000000000000
[ 1048.512941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1048.512956] R13: 00007ffe18807d4f R14: 00007f30d3313300 R15: 0000000000022000
[ 1048.512996]  </TASK>
05:53:35 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0x7}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[ 1048.596503] anon 110592
[ 1048.596761] file 312950784
[ 1048.597061] kernel 1511424
[ 1048.597318] kernel_stack 65536
[ 1048.597577] pagetables 151552
[ 1048.597853] sec_pagetables 0
[ 1048.598107] percpu 128
[ 1048.598316] sock 0
[ 1048.598499] vmalloc 0
[ 1048.598697] shmem 312950784
[ 1048.598966] file_mapped 0
[ 1048.599191] file_dirty 0
[ 1048.599408] file_writeback 0
[ 1048.599654] swapcached 0
[ 1048.599893] inactive_anon 306515968
[ 1048.600186] active_anon 6545408
[ 1048.600464] inactive_file 0
[ 1048.600700] active_file 0
[ 1048.600947] unevictable 0
[ 1048.601171] slab_reclaimable 948656
[ 1048.601469] slab_unreclaimable 359856
[ 1048.601779] slab 1308512
[ 1048.602027] workingset_refault_anon 0
[ 1048.602334] workingset_refault_file 1
[ 1048.602632] workingset_activate_anon 0
[ 1048.602963] workingset_activate_file 0
[ 1048.603273] workingset_restore_anon 0
[ 1048.603575] workingset_restore_file 0
[ 1048.603934] workingset_nodereclaim 0
[ 1048.604245] pgdemote_kswapd 0
[ 1048.604507] pgdemote_direct 0
[ 1048.604763] pgdemote_khugepaged 0
[ 1048.605208] pgdemote_proactive 0
[ 1048.605486] pgscan 801
[ 1048.605693] pgsteal 9
[ 1048.606052] pswpin 0
[ 1048.606248] pswpout 0
[ 1048.606449] pgscan_kswapd 0
[ 1048.606687] pgscan_direct 801
[ 1048.607094] pgscan_khugepaged 0
[ 1048.607362] pgscan_proactive 0
[ 1048.607620] pgsteal_kswapd 0
[ 1048.608689] pgsteal_direct 9
[ 1048.609128] pgsteal_khugepaged 0
[ 1048.609404] pgsteal_proactive 0
[ 1048.609668] pgfault 87520
[ 1048.610097] pgmajfault 0
[ 1048.610324] pgrefill 768
[ 1048.610546] pgactivate 3833
[ 1048.610787] pgdeactivate 768
[ 1048.611064] pglazyfree 0
[ 1048.611282] pglazyfreed 0
[ 1048.611514] swpin_zero 0
[ 1048.611732] swpout_zero 0
[ 1048.611985] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8160,uid=0
[ 1048.613198] Memory cgroup out of memory: Killed process 8160 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[ 1049.065795] audit: type=1326 audit(1755410016.413:145): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8148 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:53:46 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x0)

05:53:46 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x300000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:53:46 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0x9}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:53:46 executing program 1:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/8250_core', 0x248cc0, 0x2d)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x20408, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0, @ANYBLOB="2c63616368657461673d2f6465762f6c6f6f702d636f6e74726f6c002c667363616368652c756e616d653d5e192c2c646f6e745f61707072616973652c726f6f74636f6e4df22ef91ec6dc5f6f6e66696e65645f752c646f6e745f6d6561737572652c66736e616d653d5e192c2c6673757569643d36003965626466312d330064342d653839352d373037362d33390063633964312c0043747877f12fc3fb30b3da46d3e03feb9b4249407a3f03c1"])
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40001)
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$AUTOFS_IOC_PROTOVER(r2, 0x80049363, &(0x7f0000000240))
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000002200), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0)
r4 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
ioctl$FITHAW(r4, 0xc0045878)

05:53:46 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x5000000, 0x0)

05:53:46 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)
fcntl$setsig(r0, 0xa, 0x8)
mlockall(0x2)
r1 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r2 = shmat(r1, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
shmdt(r2)

05:53:46 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 85)

05:53:46 executing program 3:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x5, 0xe7, 0xff, 0x2, 0x0, 0x6, 0x11004, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x4}, 0x40, 0xfffffffffffffffa, 0x2, 0x4, 0x3ff, 0x5, 0x80, 0x0, 0x7515e119, 0x0, 0x6}, 0xffffffffffffffff, 0xb, r0, 0x8)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/power/pm_test', 0x8242, 0x0)
pwritev2(r1, &(0x7f00000002c0)=[{&(0x7f0000000000)="b4", 0x4}], 0x1, 0x0, 0x0, 0x0)

[ 1059.412391] audit: type=1326 audit(1755410026.760:146): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8203 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
[ 1059.432847] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1059.433611] CPU: 1 UID: 0 PID: 8191 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1059.433627] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1059.433635] Call Trace:
[ 1059.433641]  <TASK>
[ 1059.433646]  dump_stack_lvl+0xfa/0x120
[ 1059.433666]  dump_header+0x107/0x950
[ 1059.433687]  oom_kill_process+0x278/0xa00
[ 1059.433706]  out_of_memory+0x34b/0x1690
[ 1059.433726]  ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 1059.433746]  ? __pfx_out_of_memory+0x10/0x10
[ 1059.433773]  mem_cgroup_out_of_memory+0x164/0x190
[ 1059.433792]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1059.433815]  ? mark_held_locks+0x49/0x80
[ 1059.433833]  try_charge_memcg+0x81f/0xf30
[ 1059.433855]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1059.433877]  charge_memcg+0x7b/0x290
[ 1059.433892]  __mem_cgroup_charge+0x28/0x90
[ 1059.433908]  do_wp_page+0x58c/0x3240
[ 1059.433931]  ? __pfx_do_wp_page+0x10/0x10
[ 1059.433946]  ? do_raw_spin_lock+0x123/0x260
[ 1059.433962]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1059.433977]  ? ___pte_offset_map+0x176/0x370
[ 1059.433994]  __handle_mm_fault+0xde1/0x3030
[ 1059.434010]  ? reacquire_held_locks+0xd1/0x200
[ 1059.434022]  ? lock_vma_under_rcu+0x11e/0x530
[ 1059.434042]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1059.434059]  ? lock_vma_under_rcu+0x17b/0x530
[ 1059.434086]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1059.434111]  handle_mm_fault+0x2c3/0x900
[ 1059.434127]  ? access_error+0x17d/0x380
[ 1059.434145]  do_user_addr_fault+0x4fa/0xeb0
[ 1059.434163]  exc_page_fault+0xb0/0x180
[ 1059.434177]  asm_exc_page_fault+0x26/0x30
[ 1059.434189] RIP: 0033:0x7ff98baf5d30
[ 1059.434200] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1059.434212] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1059.434222] RAX: 0000000005efd28f RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1059.434230] RDX: 0000001b2cf20040 RSI: ffffffff81361ce8 RDI: 0000000000000000
[ 1059.434238] RBP: 0000000000000001 R08: 0000000005efd28f R09: 0000001b2cf2001c
[ 1059.434246] R10: 000000000000128f R11: 0000000005efd293 R12: 0000000000000008
[ 1059.434254] R13: 00007ff98bc4f000 R14: ffffffff81361ce8 R15: 00007ff98bc5aff0
[ 1059.434263]  ? fault_in_kernel_space+0x58/0x80
[ 1059.434283]  ? fault_in_kernel_space+0x58/0x80
[ 1059.434300]  </TASK>
[ 1059.441400] 9p: Unknown access argument 18446744073709551615: -34
[ 1059.441544] memory: usage 307200kB, limit 307200kB, failcnt 2444
[ 1059.453242] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1059.453698] Memory cgroup stats for /syz0:
[ 1059.484571] anon 131072
[ 1059.485213] file 312950784
[ 1059.485442] kernel 1490944
[ 1059.485688] kernel_stack 65536
[ 1059.485973] pagetables 155648
[ 1059.486231] sec_pagetables 0
[ 1059.486482] percpu 64
[ 1059.486689] sock 0
[ 1059.486889] vmalloc 0
[ 1059.487092] shmem 312950784
[ 1059.487338] file_mapped 0
[ 1059.487558] file_dirty 0
[ 1059.487765] file_writeback 0
[ 1059.488029] swapcached 0
[ 1059.488235] inactive_anon 306532352
[ 1059.488523] active_anon 6545408
[ 1059.488783] inactive_file 0
[ 1059.489038] active_file 0
[ 1059.489260] unevictable 0
[ 1059.489476] slab_reclaimable 945200
[ 1059.489764] slab_unreclaimable 340032
[ 1059.490073] slab 1285232
[ 1059.490295] workingset_refault_anon 0
[ 1059.490593] workingset_refault_file 1
[ 1059.490913] workingset_activate_anon 0
[ 1059.491218] workingset_activate_file 0
[ 1059.491521] workingset_restore_anon 0
[ 1059.491839] workingset_restore_file 0
[ 1059.492144] workingset_nodereclaim 0
[ 1059.492435] pgdemote_kswapd 0
[ 1059.492688] pgdemote_direct 0
[ 1059.492956] pgdemote_khugepaged 0
[ 1059.493240] pgdemote_proactive 0
[ 1059.493505] pgscan 801
[ 1059.493711] pgsteal 9
[ 1059.493926] pswpin 0
[ 1059.494123] pswpout 0
[ 1059.494318] pgscan_kswapd 0
[ 1059.494560] pgscan_direct 801
[ 1059.494833] pgscan_khugepaged 0
[ 1059.495096] pgscan_proactive 0
[ 1059.495353] pgsteal_kswapd 0
[ 1059.495595] pgsteal_direct 9
[ 1059.495860] pgsteal_khugepaged 0
[ 1059.496130] pgsteal_proactive 0
[ 1059.496395] pgfault 87569
[ 1059.496616] pgmajfault 0
[ 1059.496848] pgrefill 768
[ 1059.497069] pgactivate 3833
[ 1059.497309] pgdeactivate 768
[ 1059.497545] pglazyfree 0
[ 1059.497762] pglazyfreed 0
[ 1059.498007] swpin_zero 0
[ 1059.498230] swpout_zero 0
[ 1059.498450] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8191,uid=0
[ 1059.499666] Memory cgroup out of memory: Killed process 8191 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
[ 1060.239965] audit: type=1326 audit(1755410027.587:147): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8203 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:53:56 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x26, 0x0)

05:53:56 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x6000000, 0x0)

05:53:56 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 86)

05:53:56 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCFLSH(r0, 0x5607, 0x1)
r1 = clone3(&(0x7f0000000480)={0x1000000, &(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000280), {0x33}, &(0x7f00000002c0)=""/210, 0xd2, &(0x7f00000003c0)=""/91, &(0x7f0000000440)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0], 0x3}, 0x58)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x8b, 0x20, 0x3f, 0x1, 0x0, 0xffffffff, 0x14108, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000140), 0x7}, 0x40604, 0x8, 0x38bd, 0x2, 0x1, 0x1, 0x6, 0x0, 0x7, 0x0, 0x8}, r1, 0xa, 0xffffffffffffffff, 0x3)
r2 = creat(&(0x7f0000000100)='./file0\x00', 0x1)
ioctl$VT_DISALLOCATE(r2, 0x5608)
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='./file0\x00', 0x80, 0x2c)
pread64(r3, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$TIOCCBRK(r3, 0x5428)

05:53:56 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x400000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:53:56 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0xf}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:53:56 executing program 3:
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_mount_image$nfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x2b, 0x0, 0x0, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000940)='./file0\x00', &(0x7f0000000980)=@ceph_nfs_snapfh={0x1c}, 0x0, 0x3)
r2 = eventfd2(0x8, 0x180001)
writev(r2, &(0x7f0000000680)=[{&(0x7f00000001c0)="b863c90102d228286cf8546838d4596ce28bca4109196960f4ec6f5983f9fbf7271f71fa195ca40e541f34a4b9768c2b233c2a1a2e2b96acf32ea3f0187c4d9e61f92c4895dd67f0b838ddf2", 0x4c}, {&(0x7f00000009c0)="0300b3e638f279da0f20e1c43b795d007fc12725d341cd979b38d9b14d1876204eb4df6219d6efe672c18e3b9120e916c966b4d15004becb7b6f336d10a0ebc8cbc45667677406d9096e75cebb9fe35a1a8ba4562af8a8087fdf535b815c93e5afe2fb563bb6317ef755ee4698fb6a806065321171ad9d8b29de4a0c2f22656d0e995e6487e45d01ecc8faf81cc88b8e43aca508794adb9fefd38336f919ff07c3f29a28388e70cb810726bf8bf5958288bc8bffc01d763bbca8eed55f55a1be8add3e806a1c94b201e67d4c09c49651cc254f88d72a283ad63b091bf02257c5cf1d0d8fcd457b990f9902a3800a0750baf0511b9eb022e492aa6ccf6cd95b62764c2ab3dd2fb1fbb0ad5a53ddfa2924a06066c987c0360031a56f56d9d06de79f06befcb90a020c1579336656aeb2a8a654cd9aa9c7dfb24c9f55cad95683206a0b100ec40c5ccb9307db06717c8787f063a33f163895bdd8a937e6374fc7c312491cfa5df71d313140ac1e49c5ec8923c522e222ddab91000596ce9223abc45a102a9ba3c06dff7cdbfeb8a884eeffce15f9a961236ee01728095dddf6892748f010ad2f8f020095b92f8cc4a0a77e84a8d48bf41b3116d14382f6ac808cc439afe1bf00d3da6dedd0ed5ffa28339a0cab81c75df8577b37554ff9916f11b7087c4e1a8816ad714381d24d67253cf0b52599c036cff522b4b1d7a528296a435afb4ae9631d5cd9bbe79e21619363a81ada162bb5b057da67a902c38cb15496072b2ba7d2a02a96f51e15c9d9d2cb640fbf77b81515ae106135aed820cd3bdecce37ee7c8d55e8ca57a4346e355a42182643858a3a1734d84cce5cd2bbd518a88a34adc328f12a4ddba6e735f945047843a6ef03c2b8eb96a0bf2fa37c0e53a3d02273cb812c41e528e4028ef7c3a742b0ee27a9f618ce86fb0480f58934db9c4257c601d67fc774e8cf7c5fdc150a4b3ed463aa6d89781e0e915b1e8578556617fff0f42269a286bbf8a1af21601ec2a6cc1536c9d5f044b38dc1d81609641346b1009abbbfa4444314d6cc21dfd5564ae85c86563b69d44c7b8cb66662d00e34f4dd14ea69a7629da70629bbeacf300e6fb0a07da581881a9bcfd760352ed86585a8148496259c0e5f60b88220320bc57b402d1fbda00d2fe3905eb31989a821c4e44fd91afbdaa64d82ee3281df5ce1dfe1c98ebb9f136124aaf1f3fb81b6eac171587559d24fbdf20c2c855e2f1ebee6dd19c6890444a4d114743cd7cf04d423728fa3e37a3329e7248a8e9698b8e0a9dd10497c410bea8581a7f729ca5803c1ca686fb2c20ef4bb6ba8be01a3d1d67649299b224d42085722e15c48462edcfe8a432c409c9c18c075f76d5e0a81b846122ededb79a2d028e1d3e9edb5bfd54076414d99ddbdf49f084a16f5f64572d14712c199b116c4d8f2b624c454645745cb45767634c5774537c6c0de5b1a9b7db42ed7fbd6bbaacd11de32783e6a2e2a6fbdee24746e96f08b725aa9e5f99071fb87a9fc599ae10de887b99da0c9d0b713c197f6c1e82a44ba12a27224dc01cdc8513f2b4636e810901584e6c78f11807623af5c474d8d433ac4382e7d3f585d8ccc5df2f05cdfda2ac741debe91d16953f72c6ff85625f16ea1a0f318bb0c4fb4c3ea94e99d9e0779215e3c7356f0df165a66323698b01ef3c6f23931e09b894c048fa49b1ecd419e278dc6ba3e167449621ac57028f8ff9d2c2650c089d5cc024cfc07d74d4b4873f1f5b0f1dab43c01935b10c0a296d2a7d9978120769dfcea6c5a0c20c8b28594918ee29238ad38e32d92891e99d64138cecb3f0f8348cae028cefe844356c253cd3f1644631a9c71d6887a7282b45c6c333e413ad52633512993de6937ec58c8917bbecd2caaa10cb7374e309cbfc7ca1a579ee3ebb22d3d7a0cf1db1e53a70b2085828059d0eee2b2cae69de3edfe4a5c004416c5eec230e3c930d461e94d1aaaf96706e2b500621162839efebc4092bcf783da840d219673a4cc7d2839c65021cb2aab4a8ff08f8deed67f9fdb10f5abb32d995536d298a515f545a7bd5b00e7b283f01cb20ce1c16e61f44900c97e1385ace56914e39e0ffb1f1a24fa0d63c9f3e56594bd484bb620764b01246fc2f2888e79e274814c5b1f9c2cab38287a9ef361d9343868655a2f2c1b25842e3e429332c468bef6628e4fefdb26f109228517115ddc81c30e1c796b9aad13dcb9c11b49a80ca93cbb50b1f22d42ab96305610f3f11015ac849ec3618c6dd6f4a2df977204300de1c3ce50f8550575a28dfedeac034b217d72b3e041b742539b7ddc0ed0ad1bd7850dbaae919248a0ffcc7cc43ebe44e04e701f084d9f6b5264bf7544df50a754b0881c0dcc2e800c94c85c5a985dbb3b20f32e7a76b4976cf3e902a3eff6ad185841ceb9251d67a07b367a827aacaad5ad0637f15d42c2faf81f49163fb3586a4ec94fb46ebed4133b90cfe2444ec6d278eaba7ff375301668bf04cd1ca061d4620c264b1a03d9189d91213f0be56ab19aeba29d5634dcba2bef7cd8355264bd847cf4feca3ad8671245bc194d60daecf8587d43c008c4168e3558e5d7ab33a884000a2440b8d5e587ceaf821d145c38bac0067172a4b425536fd7d7417a9f0d0018deaaf43a4ee36b8631c229bab168f10f56577f823b56ae71592dde2f4c0611a641a274851e04b768bce24343b7a8595b8625212456950d330abe0f13d488417803ed71758bc41af63b34120bfb586177cf5a4e68de47c6af1ffb4e840fd8689af0204585184e78146e852449d78bfb0b1ca54708fb55fac736cea9409b6d0690cf78d5bf2c10159318a01d127858dc503bc3436d6b14b5e88843ccc85bf878ec9f86fd1bbf06769a7a3f6867205263fffb0ccab9defa0e49444ec8611c4d5a4ff1a7d2fde237cb1391f0d8420461af45db56e3033ba1e535db690eb675be7b08539c5de502c18a58294e4b7c587be44a30706f51dd45b87a573dfbff98dd8515efa29e2ddcdcafe26339a075b2f7725a47fab619be7d21ae1964869269a7cb7f5f46229683448933986a8bbaa11f043e1fbd3d1198eabe7873f68a5ffce463aa1d885263cfecd553440ebf1f39710ce04b7579df5c7076fa9dad484209ed1c3fd8b7bf53de80d5c58dbbfe89b57d5b1c8b41e787d8b3bc44234f2230115c89a5b9ae478fa9fb22678b657cee30e9ed25991d08411190df9ae7e7f0c47738e0e86df7e1c36a0fdd1233209177f38ceb9757063b9488a2ef793e6a26057f78a432a9102a225a4a2088cbcefb7346c94382315efaa5f8ea571429d1b420bc533aef0a4a15b7266732a5281fa7c598fea9258847119e0b7b808f1535febd50ca881a855a84487a7ad6d9b9631356a133c937a335d77ae808cc1cca988c15333764674902359e70c0c2ddb766c5617f620048c32f4ef6bd0179e2196005bf53352f0e526066130710b96dfa811ae698a7b47a1b903d0699134cad3a95894e2c3999eb9b3fafb8c2b806a8ccb75809bafafc72975849faaa8d023ef35beb4a8fd7139cceffc6f59c901c69366682e9e87ab81fdadac29e24b72e3d258a8951668261f1031a9294153c970adf09e3fc1cd8b0a042bc50c01b30beed0d71a491506c27ebc7ac8b53d300c75dfe62b3fd916a83b0e7e019258855115757751f96e05d5a130b171e16b60e8d6fb446e42c7988b376a24da770cbdc4fcaf8e4d803be01db38ac7562c0947205fabe7dad2f1fb4ca73275004633278b42b2871c43f93fb83caef7623c9b2b31c6e1d92da9086e28d4fbe3c05714066069e36b62d4b1fea7a63e5110441c83769933064dc6e2b477f5f8eb1b24358bf9b109bf670b3c41dcd941cb9be09e33905bfe6eb1b3c359e93d1e641496e35e456200d5359c1a1867a4bb8c9fedd3f23c09aa97f169c6994052349fc016fe05b08806fc0c67fde4c14c5a82d4e928afa1a724bd499b2d27362ad667ce9ef148c3724a8174bfdd93918896802003f50f0f63ca90bfb6a1eab78a32daf3464079f44ea9d20a2d55a2b103d6f3f7fb310aabc9cccc4535080cd72f32013583fa785a96557b50b5b555a71116e94110180a8fe82eb9a6cdb80a9a9323ee809eb7383eb4464e4831ca7c3f7638341726ead63018ffa23f50af8d78db529da2c2ca409c7463fc1b396f3c1c18789c3f32bd8831b2eadee8bc639b91ff2aaf6bf1fcd48c67ed92f123d38b36204ba030a2cbe3f994473bf4d21e78d5560c9f4349612af55d04862f04e73a9f5dcd41befca3ef8c21d86d2b4c933a1df3d7b07b0abeea905d9faaf3e69c188a26783a01f187099b903117aa75f2782c63055d533d7b5d7974507c512c5fc6c5efddd1635bc971b24f3dbf01106f8d5abafe1b1fcaacc532fe99894568b4132383792f4a4c0f414088b51101a8b40023aeb0831dd947a4ee7e2274615c9d2e2be760db2a76d6c3e90787f3bb12834060ac3cdcf643c324f95fbf4903bbd37a88570eeca4becec3ad1e9a718e214772b84df53ac66fab3ceba590519bad56842fa88dc37f0d23b21798b8d23ee3d1fa73873d53144bf08284e040385e249d814f1cc781db75381c34384ec764e31f1f3268954be664ca5726ab1c637eee12d6b4834e6fdbde7592f1d63632303773100f9b418d98d30203586f8c3b42dd4b3ae15c45e7f4988e3483c364ed71d69b130d8212945e367d81baa54f9922e6b7ce526e2fa13ef1700cb877e2013014854803e354f26746ba0fd3b325735c1c29d63216469d08f2bde9cfdc968af20b02f46558233a454851c0ca4684c179fe8d754d7e31846c4588e84b123b6b108f83d359014e2f7a1cbf99363388fbb299a615c9f72c5de0ec52d387c3f07fffa4a68a05bb310133e438c31257f1a49fe4c3f8758e41ec36f87a5705b872d586a3b92db461a9c3467a867d496c140988f439790b8a717f632c567f6bb299e705172e3815720b481f92ad77d07b8797f82e5f5e956b9dad71d13afb70254d5bb42d7c8ab20621f031a61e110654d3526b9f748f29883780c0565b33b5434d75f7a579dd3a0b0bb0d9f16c1b9b705655104461d134582342372a1a761502e0446b415f8c245e0d72ea9f1c6569bcfe1206184f24a6d12413ee0a354630ac2150bfef5746ca09c6c2a8c7dc4e466e8789718e238c1bde93242ccd52ed51fb5e2e376b76b9d952db85c1e8a2025d9c8f8c986f5548c337d3b28a438e71e974f38a0c222601cfc7124c278db285d2214c36e8b3b7ca0e7fea7b4d4326784bc868f24d53e4e7a725115ec57d9c69d5272dd43223d2e514143dd4391d3e6f84d05fcf1c0c349925486667c227514fdf2afb9ca3d992b78f235faf07ee565b966bed16b840a018ac8ba5631c1d0d26a10077e9090ab2ab3340caa0fe555836aabf2712363d9ae71766db4cccb0d9e014f67cac999527c8f9028de725110da153ea38ba392f64943acaa40aa60282402131655f337e18141072cee9505f320e3ca0ef2f4a79285ec0e75fbde6f10e8eb5bde8632e0b2a38a310f1bb5a36fb6012aa5cf95f0da2310f2d73f15ba94e0d92a1958015ee39c82708f31a7732f45a7a409ebfa11db7592c17293af8445262250fe74fa735f8581715641b3fe576816268ac3e41eaa81d2232b930c49f04f1bfd08ae1f0dac93165d9aa7ea44e66e87b10933d63b5f72be76344b7f0f8b774a30dcc1268c221fd9052a5475415fad913d0aafb4149649772c12493943fb169b2870f8cfa7c3916a6ed77dc5b977513de13d6fd8cc237", 0x1000}, {&(0x7f0000000240)="03111b85d2a2a2bec8af066fb6a57188e53f7822304492aedd82c3c8cd3c3b044aac7ad389de1cdb8130e9998efaffd77716dbe1fdf3666f8d198caf09cb1b3163008f6f7139630ff35acfbe0951e6f7671f134225c3d20332e008a7e86444aec1caacc65197d168006d3ec1ded78a336faa1c751f640f73e600c2747a5e27357adeb994975d177852a5d7f0425d2b512b17452e8a830f465fa73ffe7cc361ded70ce31b34bdf0e9f21ecd6576c3fcb557e5fd178c56ed1dffc14d6794a284405e6c664650c3840a9d2bacb9feba62ba15cffb7f6aa0e89698d9358fc3", 0xdd}, {&(0x7f0000000340)="9ecdd4069acdfa600692aef91473165d3d72d6bbb8fd321b795cdfde63e13cb84c3d59f8004a3a0ce708205fa84c7a4ab13c2e59f45673028ee4bb3a08dbeed8f0a866c9720f6e8e4b805b557f5d5f9ab4519ad12f1f4909f13a718ab13a85a53b9433e9089ef3dd5896243e5b3c0be5d26155e8a51cf88a21299769a520b8c14333d0ed2239ba4eafcc75306fe166d196e6dcba68a58209233a9da25519a12f3d16ad", 0xa3}, {&(0x7f0000000400)="9675d2197eda888ad0f61ecb3eeca2d3fe06a89c1f004f02458a0f120853bc4040f7a98eb2693620d352993243de7b46684ce3512b709786f06fa7b38e4c241ef7", 0x41}, {&(0x7f0000000480)="af8630bcab785bd69e5aa1ca0323c93f4864122b", 0x14}, {&(0x7f00000004c0)="0e134de190afcfe63f0f2ee7da0629bfddb34b87fd35a69f487c571636a5d08d0111dbac77cdbcfd6a37a910c8bae636f08cbfe07c5bce494bbe188a8fb0bf02a235e6ce98643f14f7a6dc38992e931f44bd61a285df19898ccabfedf21e842e48914c3ae2a75995ebb6aaa05828fd81972ba8fce7b2cadae5595ca4681a0ef7ede6278a48dac13928984e0f17a89e00bc560031b5e897d07394436cabe6b17e11ba65988480043a0cd32c9c55f1184519f8ab921cb0238e5ec888a5a3bc34f6ad3bb02505e3f161775a285235faacaa22542e178e4373d7b2359bcd7bce941d46f994764caf68ba21130a4722b9601ac428aeb033", 0xf5}, {&(0x7f00000005c0)="60892ae458f12657146a35b8b94355c8a12f8bc13d7cfda33a3c9ed1f0d70f77253d8cf149b8de36a2f9e70877e627c46caef31b12ecfdb58b189d319995cc7e4ad1cb4c950919529d36dd836486f9f9f604bcd2ed4ac68efd22a086b72efc1949866acdfd3ccd61f44a582e9de5e6ab3886de32034f5cf6040349496cfd20b675ca19", 0x83}, {&(0x7f00000019c0)="743bdb8f2cf337f39ad2fb4401a81fb3cb4b2647db7efe4a69a6f563a12afdef99466786c810a04333182cc813a0cc459a0318e2ea85e28d713eab97856621fa2cac7902004a86f909bab39d24c4b1898e954c95e1cc1e90051af9e100490bf73de07b0f7767d1ddf33f4de2a57d344c657bf900613af856d2a358c36823e851f676c763dfef46a964f6023b12b5b54e0ff196010c09b6c0ecf2e7a27e8d06c88b0fac8ef9df12e7809d298e74acc59c52107980752d70c4ca79f0dd45790b8194b044d83dbc281b34e12dd10287f70e64eff1f7d8a887885038425a16e7a5783fd5a24b03313687153b28776e44d327fbab143fd2556444852e278f9c15d8d3dd5e08e0b0c11729fb8bee1fdae247c44764c79b70a84f053ce59013cf9159dfb56e810c1673e23e5f614dd19b3a58910fdd04c8294ef0b9cdc0e2ecb605bf5074e394651dcc2c3c235df55637dd8f1f7cc4d822ffe7fc50d4ee130f428cdec0817c7c742029a7dfca2db347f018f1a9f7fa367c412c5069ad66d4904f5063e5ca76365f99e5bafc90df76845fbe1400960f6f72f6fba06a37c2bf8ae1b671e945bd2d462612eda821634d10f5b487b372ae64daa6872386bf33d3c45cef7b5ab998090ef7c2dcd97feb8dfa2467336c9b59d9f388714e069f946a58b65a791d66795a27b091ebdc50f268cd1c5464a21c7911411cf40846fe3a78b469b7fdb25d9da4fb474a3c8b09f2dc1baaae02d5896977a5114957e4a7465cb96b70ec6017e49ba41ed52e48ff33e94de6bcdb1f6db2902293cda2de57a9e8b79f997725f303285cf7c734d6640546c11fb9551b4778e6deae8aca4df399270fe215ed045a5754041536da9622cf3215b8623faa0ba7c458f21f731185bf905471ee088bef5e80ff8ce1708381da2fe7301b96fee9e35820e57c732c3b3b76fceb81b841ac10126fbc7cf5a924eb60e34e933f007f91530f1245a2f2c21a454e5900abc593edbedc42786416c50c167841903be0d5b3996a48ef18af7cd7aef51d0cb929e363bdb8e3cf1ab2fda1d07c0d6ba9890ffc7a66306651d7cf3794e75b221cefb2c8080a202edc89e428c8ec602e5450c3d71e1a29b70e0605f9cf2294b6309786ce41b4613a658bc5d5175f41637f505008dc744ca55d7f80428d00348b351af40ffd9453ca55b81a7f2156fc73c072d00743fab25b0bb9058c95e3d6f78d33794f5997a0c6b3c5d8e1b802f129d9356821f2c4ac643c177bb3e301a71141f5198db4daccd55dd272d2912c8ec9801768f327aa4d7d9a3e4463c6e5edf06c0ae17d4876ed11b997893092aed97aa0350685321156b8ccc99838faa2702d53c17cfb067438ba246c1f756236664ba9a3bfca69ff0892e1127c9a9c65c9a57606570c13325003eca88ef35c0eb4320d503952d6b3b483395275bc2bb2327e55ee473d42a1791d0f733b1c488a9be3d68f9e17a3af9243b59bbcb7ec24dcdb880ee9cce515dc06918ef192f3f38ac822ccf05fc2ca25af400420302dcdb9bb80e5caaa2f8c053882ad71e810a955992e519406501a885b1053f292348a0ef9251e1075038a44eee715abe2a74091d9cd179df0f56ae1f7aa5b0b359b2472dd8af01904c61199dbad3c4a6500c9be8331aea7aaaf47a86eb4b47b5a8a30c605ef741b90501f718254ff438b25e59f430cb483c85cf700b75fac30b13f74c3c77efb8c5a894848304fef99cb4eb205b0d85e684153f993accbaa2cb0cad3246ed6980240caf6e1791662edac82cd815fa35fe9b02cf8afc43027e405ef47906c73ba604cc1922fa92d5e3dd5a07a45727ed4809a4c55e61c10d18e816ba18a46a86a7d5df3e527f75a7ba8d2302eb517bc5ec182372e05f5b60d66a088110043f20630ad18a59a40623da6f0ad3a39634490e144115ff3571051e506d06bcc7289e11a9d11714965e4f57bbb7f94b96249e9f52f902d4253f5ed0e7b043cf7c27054e6dea557a5468270302394dc87f22edbf8f57812b6f75b2d7ed7653554f39d26bea53f0312fd27ce349cb186a48778c07c5e8b027a7d3b598bd96efcdd2c778604dc5ffcbdb47d378de9b3319e9cfce71c7f1f36ac8548caa37ccdf5c346a5f2ec1c1b1fcef07f3d7dbddd599da5863e8c29eb18737bb75bc6b4916fbeed6a84dd3126190a685bba5777b3c9c231a27a3f925d174bfc73c697387810a89833fbd0860f840f0b892f47f0b7d1ec33ea6835e75cfc78080ad7154438f9d32b1d136ad4b58832f19d4401c2af3c430d932b580660cc29d392d7fad1a2e0b98e518bcd24e68b7d02ca4c6e2d906b4ea20127f8bd4ca3b4fe00a1ad68e05b70427032b6db456c34d4e1e77f026e8e041a8f61b4a8a9cb07e64ba2a15ef04e9808d7f88627827e4a39a4cd168e81bace8344322c0ebfc85f235119616827bf7fcaa589367fe9d0f16292e73b331900d5ab441476f94740f4670f896d280d260e298c16ece290b9115ac19230a3458b78f5f54d9d9b64c48e83a5fb9707eea35e8d19a1cfdc495c9ac77bfbe6ec9a30b3caa2ed4d392826d169148c6b97eb7790412c2ed4c8daa6489bec0c91e5ea7dc181f79c3c237fa231dab5b5e012c4db40c3cceca9ffdd3d768f6bf7839712b959778b07c397cd644c63188249f0093fa9b7c7f377199890765732d0ad9a4be8533863d2261979cda78dd458cdd9cf1bb2f70c7e84eca3739b0e79a874dd9695732ca032b5ed094a61eae1488708136ed1f620bf0ecc4e430b6923f2934f992ab1dc99b83d988775d55b8a8ad3e6f94d2c58645fcf3e7f092d4318ccd4e1fce022c9b39bb9c6ad2c24e64fa0623f6f10c246ff2af31c51ec8776d83fac010595183c04850b64f546b06c873f6a95d99a7e161bb3f3dc9f76c1b552d997488d932ad74d95005bdfc3dad62106d554e8775d2a50a6caac36e6da4ea0a2751ec88a138c2948adf3fe872b90668f885edbaec46773e3b958434e93b0183273bd6b6181c6025916941851b92eea32ab1507d1a7c3fc6839e9b1d7cca81d70f9fdb9cc704b310686d531e48de91dc90825abf48087333359359e89d830bd1b4884abbc4e9c5f4165e1e81b7ca5e68eedacd76ac1913f0b076a763c3cff2fe20a3645567c652278c56f9977179d411ec3362f52b9036866dd232305789fa7f9b7645248ef2e7f5c1c1ce134072ee5c534b43d6d2393fc6976fe33e10006cdcfa2d1ce742a52a7b4d39de758d2d319799e9d509d9eef358aac8de2407f55399ecdeb50a81dc34948c2b3a4fe9912cfb442bf080d5dcf618315ea2cd0266cbe5c39ef55bd23a23fc7a011ec2b4eead80dcb8344d7b3a0a2152b3dac10e1ec239633cee954a3b9b4107f1e1cd2d238abb03a6260caef9b68d2355ff1b3183429d11e4545ba9b4ab149a261108240e0348807e574490d9c7a06cf617c7a7f79f5aeaff2a36c7577237057d9d8cf648ee69d2e0c60eb7f1b880941431f5eabe89d6925006631e24c9803a2d4cec39f548278d31476ee0e43599a925eff10ce4a6deeb80f1e838a1dd58f8057f0cb934cf874d3867f0440fcad0449bf907d4380d759a2cb4ab199c4c5b257804995cce24e55d8b63fa06a4b11b68121e0f2c1f6c5acc837c8017a37a872233403b89b0adf0d84c7387d008122198642bcd241b2dfa3953fa02ad7106b1a4ac31750b6760d219ca9ff180423cd32e3f1fd73a12629850fd0195d14b825ae7a20845d7c692c8d2c0d68686bbf6da8ed1e94de87241243f9c7f58aa13c30682d1522cb89393bfe2606bda3e5ecf07bf6d948ebd1e183aaa7cf7088d637e528facde8a70be5087e0c8ba167d4e85bddc89b276b807dc15a5b996ee1b281749e9d5994d98c951a497e2dd10ef5deb4d1ec53ab9a6bbcc47b768ce0e63a3f4adf70c3438cfaec14751364039f0abe512ec51fe0c9fb506841f87f42cea19f3e13e631db0c23290fc5067a360b42d9cfcc1ccdbc8594fbc5588c1d0cbc058dc3d6251b99f890021488e3f8898105e39d859646397b5842049772d61028ac80de3f356876c30027771458d3acc3bdd379e1187da517568445b0f26b1d2a6aabd7a0cfcb49d046bba0c8225f6eb74c4943d23c5d6004b2b607fa787cb5852cb4072f5b921c2ef156d8540201d5525a02c046535ae54937489675ed7bc4e14624b3918ce20496d5a9ee4e2deca62328794c1066a6deca942e7b3c4cf6e0452189f9dafbe46df9a42b2dfbbcbb635d7c1a54aafd8e0cad0eb667398fc4e76d58a6285633fdd6ec7b9f45cc61ead6ee83b4451940ec3dc206ef9ac468b7d178162e2ea8089dee4557e2ee964e586ac2e92aa87f56059086f5c09335c56cab1857dbdc72a1eb905bda1674986c020b1aff5f275535252b6742fef1cd97017b149eda721edc8711cdc750b6d71df2db5024598427ffc5e5ba44d7801adfa38445878385d161621271faa5d91d66320b88757b6158c2b0be0bc60b6869ffeb61e9eef5bc66064015fb0f91c48cc1b1fab5064ecd8e7217645ee0d0fa6e93a32cac63c61c0b0a6aaa9cbf4469331eed93c804135797828a56a6bdff2efe1f4749badc4d28c731ea045b34c1bca749b45e4b048f31e7f890c3f51eb66e26c3b246049aad8282bf205996e749b58d3f4c68cd5949221e307be8a7cdfe4aec9bd172ad2668dc3fe7299349a80f6ea64f091fa561720bf6442f086ec2183c492fbd3a1c445dc846d9ebdf1d1c0f0a1162977ba1f70cadc8c64c85fb189f92ea254de8465a4a3e981978b22553567405329ba086d3ef09383dbd500d1d3092ae5760c07cf0626c6b59dad208e4539d879416afc71e5750a29e1de8a76cbffd653a73ee1116395287735ba84e0edb944b62896c66cc8c7a52ad40bb6d3e13283663d2d9a636e58e03f6e9db658558e553423f66e980dca73588af81012005f45b9e3c18fd74dcb32762cc5b9d615dc7515d8dfe96041f1f642492efb6113bbb3524ff3a8aff0cbf8c7915bfb44cf60b71279804a1075bf4d5dca56a91df7ebea308042eaef20cdaaf013412bd51bb4c77d942f59b27727942e6c5f42877244bba9d2f4f402e5b4c06dbb229ad9af013f905921ab6369808c6d4e699edd4834899d54a04d3472063e0c69c38019b5d6bf3d5fc3c6bfaa0637f84573bb815ee1adcbc0314b7b4019812d52c03a7f00cc6e007c123aaa699e1c371ea61c8c9778962f3402f06a2fac9f18d2f79c2bee0586a67468eee703e8f88ac9fc2eb4cffa92c4dde9e0b413faa57d9be0d83bef4eb46293e22fd00bb0d8dc8dca31f3d0672c5f7c685ee6d05ae09989b207ca6f9225b8daac48e79d63575d721d722a9cac7c63cbf77ec8bc08626a4398efe48d6c87de61fb541d9cd9a31a4de73a08547659e14544467672466fe40864129d648b1dd919bcc33c149a45c3957dacfbd80b96bbf22fdd1e84f39ab2deb2028e934cc956ffb7a53cf5f4245979ea747630816d6ab4b97b564b91ac7e72e7c8036891088e63e175d1c693e935cae4405ffe54a07c448aa62d4d7e04ba918a0e3c783956ae6dba97529c0f8dc42de9bc5bf2c55f69d41de67086fdfbaaf50077dd7d388ebfa6fe2261350c38f3d132b916250cb7eb8508ce838afd6a8005ec41641c104dbc7ee6471fb4b78e81529cc2bb350a342a7eabb12606d2666689be48773da8d07dba68ea445bda84c2680428d3ba35f5dce7cbbdac7cb5da9d0806fe6fe3d15294fa92644790512336660a7cc11700c2b4fbfc6eb2667d0901a7f44f9f86a9ba7de7b3ec4440f5aef", 0x1000}], 0x9)
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r3, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$EXT4_IOC_CHECKPOINT(r3, 0x4004662b, &(0x7f0000000740)=0x2)
name_to_handle_at(r1, &(0x7f0000000080)='\x00', &(0x7f00000000c0)=@reiserfs_6={0x18, 0x6, {0x7, 0x8, 0x8, 0x43f, 0x3, 0x78}}, &(0x7f0000000180), 0x400)
open_by_handle_at(r0, &(0x7f0000000040)=@ceph_nfs_fh={0x8, 0x1, {0x6}}, 0xc0900)
r4 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r4, &(0x7f0000000040)=""/156, 0x9c, 0x2)
name_to_handle_at(r4, &(0x7f0000000780)='./file0\x00', &(0x7f00000007c0)=@FILEID_BTRFS_WITH_PARENT_ROOT={0x28, 0x4e, {0x4, 0x8, 0x3f, 0xffff, 0x0, 0x1}}, &(0x7f0000000800), 0x400)

05:53:56 executing program 0:
mlockall(0x4)
shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
shmget$private(0x0, 0x2000, 0x194, &(0x7f00007c8000/0x2000)=nil)
shmdt(0x0)
shmdt(0x0)

[ 1069.245057] audit: type=1326 audit(1755410036.591:148): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8215 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
[ 1069.300748] syz-executor.0 invoked oom-killer: gfp_mask=0x400cc0(GFP_KERNEL_ACCOUNT), order=0, oom_score_adj=1000
[ 1069.301843] CPU: 1 UID: 0 PID: 8223 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1069.301861] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1069.301869] Call Trace:
[ 1069.301874]  <TASK>
[ 1069.301879]  dump_stack_lvl+0xfa/0x120
[ 1069.301899]  dump_header+0x107/0x950
[ 1069.301921]  oom_kill_process+0x278/0xa00
[ 1069.301940]  out_of_memory+0x34b/0x1690
[ 1069.301962]  ? __pfx_out_of_memory+0x10/0x10
[ 1069.301986]  mem_cgroup_out_of_memory+0x164/0x190
[ 1069.302006]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1069.302030]  ? mark_held_locks+0x49/0x80
[ 1069.302048]  try_charge_memcg+0x81f/0xf30
[ 1069.302071]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1069.302089]  ? get_mem_cgroup_from_objcg+0xf8/0x430
[ 1069.302105]  obj_cgroup_charge_account+0xa8/0x6e0
[ 1069.302125]  __memcg_slab_post_alloc_hook+0x33c/0x9d0
[ 1069.302145]  ? __create_object+0x59/0x80
[ 1069.302162]  __kmalloc_cache_noprof+0x338/0x3e0
[ 1069.302179]  ? lock_acquire+0x15e/0x2f0
[ 1069.302191]  ? ipcget+0xc6/0xdc0
[ 1069.302209]  newseg+0x246/0xdd0
[ 1069.302230]  ? __pfx_newseg+0x10/0x10
[ 1069.302247]  ? __pfx_down_write+0x10/0x10
[ 1069.302263]  ? try_to_free_mem_cgroup_pages+0x3a1/0x710
[ 1069.302288]  ipcget+0xf6/0xdc0
[ 1069.302302]  ? __pfx_do_futex+0x10/0x10
[ 1069.302320]  ? __pfx_ipcget+0x10/0x10
[ 1069.302333]  ? __x64_sys_futex+0x1c9/0x4d0
[ 1069.302345]  ? __x64_sys_futex+0x1d2/0x4d0
[ 1069.302361]  __x64_sys_shmget+0x13b/0x1b0
[ 1069.302374]  ? __pfx___x64_sys_shmget+0x10/0x10
[ 1069.302393]  do_syscall_64+0xbf/0x360
[ 1069.302409]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1069.302423] RIP: 0033:0x7ff98bb47b19
[ 1069.302433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1069.302446] RSP: 002b:00007ff9890bd188 EFLAGS: 00000246 ORIG_RAX: 000000000000001d
[ 1069.302459] RAX: ffffffffffffffda RBX: 00007ff98bc5af60 RCX: 00007ff98bb47b19
[ 1069.302468] RDX: 0000000000000000 RSI: 0000000000c00000 RDI: 0000000000000000
[ 1069.302475] RBP: 00007ff98bba1f6d R08: 0000000000000000 R09: 0000000000000000
[ 1069.302483] R10: 0000000020400000 R11: 0000000000000246 R12: 0000000000000000
[ 1069.302491] R13: 00007ffc54e3909f R14: 00007ff9890bd300 R15: 0000000000022000
[ 1069.302512]  </TASK>
[ 1069.302517] memory: usage 307200kB, limit 307200kB, failcnt 2486
[ 1069.309171] FAULT_INJECTION: forcing a failure.
[ 1069.309171] name failslab, interval 1, probability 0, space 0, times 0
[ 1069.309488] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1069.310217] CPU: 0 UID: 0 PID: 8224 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1069.310249] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1069.310263] Call Trace:
[ 1069.310273]  <TASK>
[ 1069.310284]  dump_stack_lvl+0xfa/0x120
[ 1069.310319]  should_fail_ex+0x4d7/0x5e0
[ 1069.310370]  ? __kernfs_new_node+0xd3/0x870
[ 1069.310392]  should_failslab+0xc2/0x120
[ 1069.310433]  kmem_cache_alloc_noprof+0x5f/0x3d0
[ 1069.310464]  ? perf_trace_run_bpf_submit+0xef/0x180
[ 1069.310524]  __kernfs_new_node+0xd3/0x870
[ 1069.310566]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1069.310608]  ? lock_acquire+0x15e/0x2f0
[ 1069.310635]  ? kernfs_root+0x23/0x2a0
[ 1069.310662]  ? find_held_lock+0x2b/0x80
[ 1069.310697]  ? kernfs_root+0xee/0x2a0
[ 1069.310722]  ? lock_release+0xc8/0x290
[ 1069.310743]  ? lock_is_held_type+0x9e/0x120
[ 1069.310792]  kernfs_new_node+0x13c/0x1e0
[ 1069.310849]  __kernfs_create_file+0x55/0x360
[ 1069.310898]  sysfs_add_file_mode_ns+0x21c/0x440
[ 1069.310950]  ? __pfx_slab_attr_store+0x10/0x10
[ 1069.311000]  internal_create_group+0x571/0xeb0
[ 1069.311074]  ? __pfx_internal_create_group+0x10/0x10
[ 1069.311146]  sysfs_slab_add+0x188/0x210
[ 1069.311190]  do_kmem_cache_create+0x235/0x5a0
[ 1069.311239]  __kmem_cache_create_args+0x20f/0x360
[ 1069.311263]  ? p9_client_create+0xd52/0x11b0
[ 1069.311309]  p9_client_create+0xdfc/0x11b0
[ 1069.311370]  ? __pfx_p9_client_create+0x10/0x10
[ 1069.311436]  ? trace_kmalloc+0x1f/0xb0
[ 1069.311464]  ? legacy_get_tree+0x109/0x220
[ 1069.311491]  ? vfs_get_tree+0x93/0x340
[ 1069.311522]  ? lockdep_init_map_type+0x4b/0x240
[ 1069.311554]  ? __raw_spin_lock_init+0x3a/0x110
[ 1069.311604]  v9fs_session_init+0x1df/0x17a0
[ 1069.311635]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1069.311691]  ? find_held_lock+0x2b/0x80
[ 1069.311725]  ? __create_object+0x59/0x80
[ 1069.311759]  ? __pfx_v9fs_session_init+0x10/0x10
[ 1069.311785]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1069.311822]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1069.311864]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1069.311904]  ? __create_object+0x59/0x80
[ 1069.311942]  ? trace_kmalloc+0x1f/0xb0
[ 1069.311966]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[ 1069.311996]  ? cred_has_capability.isra.0+0x1be/0x2c0
[ 1069.312056]  v9fs_mount+0xbc/0x9e0
[ 1069.312097]  ? __pfx_v9fs_mount+0x10/0x10
[ 1069.312143]  ? cap_capable+0xdb/0x3b0
[ 1069.312182]  ? __pfx_v9fs_mount+0x10/0x10
[ 1069.312220]  legacy_get_tree+0x109/0x220
[ 1069.312265]  vfs_get_tree+0x93/0x340
[ 1069.312303]  path_mount+0x122f/0x1db0
[ 1069.312350]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1069.312400]  ? __pfx_path_mount+0x10/0x10
[ 1069.312443]  ? kmem_cache_free+0x2a1/0x460
[ 1069.312480]  ? putname.part.0+0x11b/0x160
[ 1069.312512]  ? getname_flags.part.0+0x1c6/0x540
[ 1069.312555]  ? putname.part.0+0x11b/0x160
[ 1069.312602]  __x64_sys_mount+0x27b/0x300
[ 1069.312646]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1069.312723]  do_syscall_64+0xbf/0x360
[ 1069.312761]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1069.312786] RIP: 0033:0x7fdbea32eb19
[ 1069.312807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1069.312831] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1069.312855] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[ 1069.312872] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[ 1069.312887] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[ 1069.312903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1069.312918] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[ 1069.312991]  </TASK>
[ 1069.321721] SLUB: Unable to add cache 9p-fcall-cache-113 to sysfs
[ 1069.322275] Memory cgroup stats for /syz0
[ 1069.332145] 9p: Unknown access argument 18446744073709551615: -34
[ 1069.332403] :
[ 1069.365368] anon 139264
[ 1069.366538] file 312950784
[ 1069.367700] kernel 1482752
[ 1069.368529] kernel_stack 65536
[ 1069.369399] pagetables 147456
[ 1069.370133] sec_pagetables 0
[ 1069.370631] percpu 64
[ 1069.371297] sock 0
[ 1069.371658] vmalloc 0
[ 1069.372261] shmem 312950784
[ 1069.372724] file_mapped 0
[ 1069.373426] file_dirty 0
[ 1069.374070] file_writeback 0
[ 1069.374549] swapcached 0
[ 1069.375206] inactive_anon 306544640
[ 1069.375770] active_anon 6545408
[ 1069.376505] inactive_file 0
[ 1069.377191] active_file 0
[ 1069.377632] unevictable 0
[ 1069.378287] slab_reclaimable 945200
[ 1069.379090] slab_unreclaimable 339648
[ 1069.379677] slab 1284848
[ 1069.380321] workingset_refault_anon 0
[ 1069.381129] workingset_refault_file 1
[ 1069.381717] workingset_activate_anon 0
[ 1069.382537] workingset_activate_file 0
[ 1069.383386] workingset_restore_anon 0
[ 1069.384192] workingset_restore_file 0
[ 1069.384779] workingset_nodereclaim 0
[ 1069.385550] pgdemote_kswapd 0
[ 1069.386071] pgdemote_direct 0
[ 1069.386562] pgdemote_khugepaged 0
[ 1069.387138] pgdemote_proactive 0
[ 1069.387663] pgscan 801
[ 1069.388087] pgsteal 9
[ 1069.388477] pswpin 0
[ 1069.388895] pswpout 0
[ 1069.389287] pgscan_kswapd 0
[ 1069.389746] pgscan_direct 801
[ 1069.390280] pgscan_khugepaged 0
[ 1069.390791] pgscan_proactive 0
[ 1069.391326] pgsteal_kswapd 0
[ 1069.391810] pgsteal_direct 9
[ 1069.392327] pgsteal_khugepaged 0
[ 1069.392881] pgsteal_proactive 0
[ 1069.393401] pgfault 87622
[ 1069.393868] pgmajfault 0
[ 1069.394292] pgrefill 768
[ 1069.394711] pgactivate 3833
[ 1069.395216] pgdeactivate 768
[ 1069.395696] pglazyfree 0
[ 1069.396145] pglazyfreed 0
[ 1069.396581] swpin_zero 0
[ 1069.397049] swpout_zero 0
[ 1069.397486] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8220,uid=0
[ 1069.399803] Memory cgroup out of memory: Killed process 8220 (syz-executor.0) total-vm:93552kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
05:53:56 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)

05:53:56 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:53:56 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x500000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[ 1070.072125] audit: type=1326 audit(1755410037.419:149): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8215 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:54:06 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x7000000, 0x0)

05:54:06 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x3)

05:54:06 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
shmdt(r1)
r2 = shmget$private(0x0, 0x3000, 0x20, &(0x7f0000782000/0x3000)=nil)
shmat(r2, &(0x7f0000ca7000/0x1000)=nil, 0x0)

05:54:06 executing program 1:
r0 = syz_genetlink_get_family_id$fou(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x30, r0, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [@FOU_ATTR_PEER_V6={0x14, 0x9, @mcast2}, @FOU_ATTR_IPPROTO={0x5, 0x3, 0x3c}]}, 0x30}, 0x1, 0x0, 0x0, 0x400c000}, 0x20040010)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {0x0, 0x0, 0xfffffffffffffffd}], 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="6e6f6d6263616368652c00ef8374a7986855a51556c6fa7a6ffadf79ef1f59652e728c63b6a12abde97df6ad04a1ab957fc29eb23b4e9f5eb047e29fca03a7a25cd2a8eb6208923132e0327f772132f37ca7eaba61e6bffdc9d3a21f8100d2b1c0672a0fbee537512809d8704538c375715b1ab7e9ccbb75b230087a3790f681c2e4fbcab82ac260f4c083bd62a34fa1d102dbe1f5bebddc5264f03b079b308c444498c2e17cd5012fea8f8d028e1e93743c831e9e22800cd8fd"])
open(&(0x7f0000000080)='./file0\x00', 0x2200, 0x90)

05:54:06 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 87)

05:54:06 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x505000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:54:07 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0x0, 0x2}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:54:07 executing program 3:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0)
openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
ioctl$CDROM_SEND_PACKET(r0, 0x5392, &(0x7f0000000180)={"026707800000d8904af4df2f", 0x0, 0x0, 0x33, 0x0, 0x1, 0x0, 0x0, 0x0})

[ 1079.687658] audit: type=1326 audit(1755410047.034:150): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8246 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
[ 1079.761064] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1079.762359] 9p: Unknown access argument 18446744073709551615: -34
[ 1079.762770] CPU: 0 UID: 0 PID: 8245 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1079.762801] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1079.762822] Call Trace:
[ 1079.762830]  <TASK>
[ 1079.762840]  dump_stack_lvl+0xfa/0x120
[ 1079.762874]  dump_header+0x107/0x950
[ 1079.762912]  oom_kill_process+0x278/0xa00
[ 1079.762946]  out_of_memory+0x34b/0x1690
[ 1079.762986]  ? __pfx_out_of_memory+0x10/0x10
[ 1079.763029]  mem_cgroup_out_of_memory+0x164/0x190
[ 1079.763064]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1079.763107]  ? mark_held_locks+0x49/0x80
[ 1079.763140]  try_charge_memcg+0x81f/0xf30
[ 1079.763179]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1079.763222]  charge_memcg+0x7b/0x290
[ 1079.763249]  __mem_cgroup_charge+0x28/0x90
[ 1079.763281]  do_wp_page+0x58c/0x3240
[ 1079.763322]  ? __pfx_do_wp_page+0x10/0x10
[ 1079.763353]  ? do_raw_spin_lock+0x123/0x260
[ 1079.763384]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1079.763412]  ? ___pte_offset_map+0x176/0x370
[ 1079.763445]  __handle_mm_fault+0xde1/0x3030
[ 1079.763473]  ? reacquire_held_locks+0xd1/0x200
[ 1079.763496]  ? lock_vma_under_rcu+0x11e/0x530
[ 1079.763535]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1079.763580]  ? lock_vma_under_rcu+0x17b/0x530
[ 1079.763632]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1079.763677]  handle_mm_fault+0x2c3/0x900
[ 1079.763707]  ? access_error+0x17d/0x380
[ 1079.763739]  do_user_addr_fault+0x4fa/0xeb0
[ 1079.763773]  exc_page_fault+0xb0/0x180
[ 1079.763799]  asm_exc_page_fault+0x26/0x30
[ 1079.763822] RIP: 0033:0x7ff98baf5d30
[ 1079.763839] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1079.763862] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1079.763880] RAX: 000000000da4c98d RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1079.763895] RDX: 0000001b2cf2007c RSI: ffffffff812c80c8 RDI: 0000000000000000
[ 1079.763909] RBP: 0000000000000001 R08: 000000000da4c98d R09: 0000001b2cf2001c
[ 1079.763923] R10: 000000000000098d R11: 000000000da4c991 R12: 0000000000000017
[ 1079.763938] R13: 00007ff98bc4f000 R14: ffffffff812c80c8 R15: 00007ff98bc5aff0
[ 1079.763954]  ? x86_task_fpu+0x58/0xa0
[ 1079.763991]  ? x86_task_fpu+0x58/0xa0
[ 1079.764020]  </TASK>
[ 1079.764100] memory: usage 307200kB, limit 307200kB, failcnt 2556
[ 1079.796172] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
05:54:07 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x600000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[ 1079.797090] Memory cgroup stats for /syz0:
[ 1079.841196] anon 135168
[ 1079.843121] file 312950784
[ 1079.843551] kernel 1486848
[ 1079.844375] kernel_stack 65536
[ 1079.845066] pagetables 147456
[ 1079.845532] sec_pagetables 0
[ 1079.846020] percpu 64
[ 1079.846389] sock 0
[ 1079.846712] vmalloc 0
[ 1079.847104] shmem 312950784
[ 1079.847544] file_mapped 0
[ 1079.848017] file_dirty 0
[ 1079.848423] file_writeback 0
[ 1079.848919] swapcached 0
[ 1079.849319] inactive_anon 306540544
[ 1079.849873] active_anon 6545408
[ 1079.850359] inactive_file 0
[ 1079.850790] active_file 0
[ 1079.851240] unevictable 0
[ 1079.851666] slab_reclaimable 948656
[ 1079.852240] slab_unreclaimable 339648
[ 1079.852793] slab 1288304
[ 1079.853214] workingset_refault_anon 0
[ 1079.853781] workingset_refault_file 1
[ 1079.854375] workingset_activate_anon 0
[ 1079.854973] workingset_activate_file 0
[ 1079.855542] workingset_restore_anon 0
[ 1079.856153] workingset_restore_file 0
[ 1079.856717] workingset_nodereclaim 0
[ 1079.857301] pgdemote_kswapd 0
[ 1079.857764] pgdemote_direct 0
[ 1079.858271] pgdemote_khugepaged 0
[ 1079.858784] pgdemote_proactive 0
[ 1079.859313] pgscan 801
[ 1079.859704] pgsteal 9
[ 1079.860103] pswpin 0
[ 1079.860455] pswpout 0
[ 1079.860862] pgscan_kswapd 0
[ 1079.861300] pgscan_direct 801
[ 1079.861759] pgscan_khugepaged 0
[ 1079.862281] pgscan_proactive 0
[ 1079.862764] pgsteal_kswapd 0
[ 1079.863256] pgsteal_direct 9
[ 1079.863723] pgsteal_khugepaged 0
[ 1079.864254] pgsteal_proactive 0
[ 1079.864743] pgfault 87674
[ 1079.865178] pgmajfault 0
05:54:07 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0x0, 0x3}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[ 1079.865579] pgrefill 768
[ 1079.866158] pgactivate 3833
[ 1079.866686] pgdeactivate 768
[ 1079.867239] pglazyfree 0
[ 1079.867664] pglazyfreed 0
[ 1079.868119] swpin_zero 0
[ 1079.868533] swpout_zero 0
[ 1079.868985] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8245,uid=0
[ 1079.871190] Memory cgroup out of memory: Killed process 8245 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
05:54:07 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0x0, 0x4}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:54:07 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 88)

05:54:07 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x4)

05:54:07 executing program 1:
r0 = io_uring_setup(0x5053, &(0x7f0000000140))
r1 = socket$inet_icmp(0x2, 0x2, 0x1)
ioctl$BTRFS_IOC_SET_FEATURES(r1, 0x40309439, &(0x7f0000000000)={0x2, 0x3, 0x1})
io_uring_register$IORING_REGISTER_FILES(r0, 0x16, 0x0, 0x0)

05:54:07 executing program 3:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x400)
ioctl$TIOCSWINSZ(0xffffffffffffffff, 0x5414, &(0x7f0000000000)={0x8000, 0x7fff, 0x35, 0x7})
pwritev2(r0, &(0x7f0000000280)=[{&(0x7f0000000080)="8c", 0x1}], 0x1, 0x0, 0x0, 0x23)

05:54:07 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x605000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[ 1080.140257] FAULT_INJECTION: forcing a failure.
[ 1080.140257] name failslab, interval 1, probability 0, space 0, times 0
[ 1080.141963] CPU: 1 UID: 0 PID: 8277 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1080.141993] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1080.142006] Call Trace:
[ 1080.142015]  <TASK>
[ 1080.142025]  dump_stack_lvl+0xfa/0x120
[ 1080.142057]  should_fail_ex+0x4d7/0x5e0
[ 1080.142097]  ? __kernfs_new_node+0xd3/0x870
[ 1080.142117]  should_failslab+0xc2/0x120
[ 1080.142153]  kmem_cache_alloc_noprof+0x5f/0x3d0
[ 1080.142184]  ? perf_trace_lock_acquire+0xc9/0x700
[ 1080.142219]  __kernfs_new_node+0xd3/0x870
[ 1080.142246]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1080.142274]  ? lock_acquire+0x15e/0x2f0
[ 1080.142295]  ? kernfs_root+0x23/0x2a0
[ 1080.142316]  ? find_held_lock+0x2b/0x80
[ 1080.142346]  ? kernfs_root+0xee/0x2a0
[ 1080.142365]  ? lock_release+0xc8/0x290
[ 1080.142385]  ? lock_is_held_type+0x9e/0x120
[ 1080.142417]  kernfs_new_node+0x13c/0x1e0
[ 1080.142449]  __kernfs_create_file+0x55/0x360
[ 1080.142484]  sysfs_add_file_mode_ns+0x21c/0x440
[ 1080.142523]  ? __pfx_slab_attr_store+0x10/0x10
[ 1080.142561]  internal_create_group+0x571/0xeb0
[ 1080.142596]  ? __pfx_internal_create_group+0x10/0x10
[ 1080.142637]  sysfs_slab_add+0x188/0x210
[ 1080.142671]  do_kmem_cache_create+0x235/0x5a0
[ 1080.142709]  __kmem_cache_create_args+0x20f/0x360
[ 1080.142731]  ? p9_client_create+0xd52/0x11b0
[ 1080.142765]  p9_client_create+0xdfc/0x11b0
[ 1080.142806]  ? __pfx_p9_client_create+0x10/0x10
[ 1080.142855]  ? trace_kmalloc+0x1f/0xb0
[ 1080.142878]  ? legacy_get_tree+0x109/0x220
[ 1080.142904]  ? vfs_get_tree+0x93/0x340
[ 1080.142931]  ? lockdep_init_map_type+0x4b/0x240
[ 1080.142956]  ? __raw_spin_lock_init+0x3a/0x110
[ 1080.142991]  v9fs_session_init+0x1df/0x17a0
[ 1080.143018]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1080.143061]  ? find_held_lock+0x2b/0x80
[ 1080.143090]  ? __create_object+0x59/0x80
[ 1080.143117]  ? __pfx_v9fs_session_init+0x10/0x10
[ 1080.143141]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1080.143175]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1080.143210]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1080.143244]  ? __create_object+0x59/0x80
[ 1080.143271]  ? trace_kmalloc+0x1f/0xb0
[ 1080.143292]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[ 1080.143318]  ? cred_has_capability.isra.0+0x1be/0x2c0
[ 1080.143355]  v9fs_mount+0xbc/0x9e0
[ 1080.143387]  ? __pfx_v9fs_mount+0x10/0x10
[ 1080.143420]  ? cap_capable+0xdb/0x3b0
[ 1080.143447]  ? __pfx_v9fs_mount+0x10/0x10
[ 1080.143478]  legacy_get_tree+0x109/0x220
[ 1080.143509]  vfs_get_tree+0x93/0x340
[ 1080.143537]  path_mount+0x122f/0x1db0
[ 1080.143587]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1080.143624]  ? __pfx_path_mount+0x10/0x10
[ 1080.143657]  ? kmem_cache_free+0x2a1/0x460
[ 1080.143687]  ? putname.part.0+0x11b/0x160
[ 1080.143712]  ? getname_flags.part.0+0x1c6/0x540
[ 1080.143742]  ? putname.part.0+0x11b/0x160
[ 1080.143772]  __x64_sys_mount+0x27b/0x300
[ 1080.143806]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1080.143853]  do_syscall_64+0xbf/0x360
[ 1080.143882]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1080.143905] RIP: 0033:0x7fdbea32eb19
[ 1080.143923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1080.143945] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1080.143967] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[ 1080.143982] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[ 1080.143995] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[ 1080.144009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1080.144023] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[ 1080.144060]  </TASK>
[ 1080.211981] SLUB: Unable to add cache 9p-fcall-cache-115 to sysfs
[ 1080.223308] 9p: Unknown access argument 18446744073709551615: -34
[ 1080.517804] audit: type=1326 audit(1755410047.865:151): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8246 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:54:16 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
mlockall(0x0)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmat(r0, &(0x7f0000e9b000/0x2000)=nil, 0x1000)
r2 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r3 = shmat(r2, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(r3)
shmdt(r3)
shmdt(r1)
shmat(r2, &(0x7f0000cda000/0x3000)=nil, 0x0)

05:54:16 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x8000000, 0x0)

05:54:16 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x5)

05:54:16 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x700000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:54:16 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0x0, 0x5}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:54:16 executing program 3:
r0 = dup(0xffffffffffffffff)
ioctl$KDGETLED(r0, 0x4b31, &(0x7f0000000040))
syz_emit_ethernet(0x12e, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c2000000ffffffffffff86dd60409d2600f88800fc000000000000000000000000000000fe8000000000000000000000000000aa0000040000301c"], 0x0)

[ 1089.525795] audit: type=1326 audit(1755410056.873:152): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8291 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:54:16 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 89)

[ 1089.541118] 9p: Unknown access argument 18446744073709551615: -34
05:54:16 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$BTRFS_IOC_RM_DEV(r0, 0x5000940b, &(0x7f0000000000)={{r1}, "b09229c808d1074cf70fbf0ad396cfb71de021a064b7bde21b9c3ebbfea7f4c9844c1573cabf096feeaaa29c09db22399dfa381efda2c2f6463231a5305416a4d3e3d94ff9e73419df5c847269829ff79ae06cde0cccbf66a383ec641eecc7e834153a0d685897c7f0a15ec3ca6a0777b6781e09ed21e4af547fa408be27552741bd71e12ad29cc9d3e3ac567b85478dcbd125b008bb166874ca7fe1a41b30eed3aca6762453630e5d3352a20ae1212c8a619485056f2f9f5ca9f369ab5576c6a0d084ec8f80463ec86ded0358a233a5e3b495d30c15ac7d2ec4689ef8faf27c0cba15337713c5d2b49586429f6c8c1ce47af0914d658bc1380f8cce1b28e238eaf1e4cfb3229f15de8c221da4245420a4276102229d9f90c7ccb590d95d44f87cb100f7880fee9f8115d721df74473da5c9a0118c72fc300b989a8e590608b3646364ce2a37c6c40a06115360fbb86653c5b9a57554f6854493b31d22f7c045426d6df76a951e92bb170910c2aa41f7d1afe71c1d6abf6d1dd1110838d9f267efa7b2e68f74dcf22cc089c54dbf405409644f4f93b501a3cfc56b442a8139ebdda9b3775e44199a097bd74c62531d6eb4e2aa2dc49441e14cd12d66988e941563d1179364c798123aa43e7293ecebf3ab8c2c8fb84e5d2e5f2c65373dc73dd8cca26c68b9a62c2ab6f7915e0734eb0d29cf3616e8a5675844348fb88b1291088ef96a7db15f6f300cca85ea94c8a980e88ab23d9b6dda9998f87c055c67e16ab73849741af7662d0fc17f6a3ede5601f01899214ee088baaf506554c94fee1af2cf63689e317d5b8d8437a9997b51cdbb08416edd6c5fcb672d8224929cf568f97d8dc2777da0ee94039d87b4f2aedd25640ed1af27773a2efad307b8b773c543e622b2dc27daae18c06e1ae35a13906127c5af88516a23245e66b91964631438e3b44837c7cfe0005437d4c6ca78d3cb4988c0431daabc1ef6dff538293b5183efef12855b5c3183aa95f8d19f054b8d82da05b44976ed92deacfc9ae8132cb01d6d5762541730120c83e1bd855508a9f2527523d00ea0f436d936793822bebacf465a694cb4c48c96d79a9aac3f1b69237f70ede1ffcbd9003430400a8e49516c7641bde1aba30785fcd4a8900dc41e4d0b5689c67594f177607864305a63bb064c113414b23d50359305c1566bd294e261b1cd2af3b66b195252d27cb33cbe9fd7f5907c823e578a4a2648e7bc9a905b7fb05f160d67bb4a9377e4f9eb2a8f265b96e09dc7f84f061bb27cfff4188ee3f8af25d857e547b34fc820ec0e77f4c5f5efe64e16752a36b2c7b5d2cab7daf1882a9c2e4d1374b4725acc870fbb413941f25562af66d42707a2a07a210d016b0c0c7d45c87a0395b2ced1c407f4f23f686979913ca3ae1ba4fabbdb3c1c91006c010c63f8e7f67e50ad62f67032b15d6ab0b93d6a181bcb833b8a96a6d7a064fc0aefaa2e0096b9fd70282ec1a2ed81b6e43786f4396f1773c71d2bfd39d67efc2f8f1b100bd06cbd3a9ce568da678bb5c4fcb6f02c8c83d568ad503e8432f21c34b69b6cf771dfee1e17525ef9ccff6012113c5a0081f104e61b7bfc9bc670dd72626b161a37d490a78e295174d2dacf99a8c6431c293bb4d1563bfadb432847aa7769587649b45be5026a1ae6e8f24c97e1a234e56a7e5ce94372b9ca803534d35b461a7ea2ac5a4563ab3bc43468b4ffa83d1ce216113b264c7a6535204f0af019cc9cde60a72fbf59133f64f4231ee83358f3e13b72af9629e554691cb7eff0bbe3b5610214d5be5e1fef74004648a4c8db44f83c2d521678dbc93c7c391dadce64fa880efbc1bc65c5e82ac68f7682654cdcb1ab2cb2ce0f2d794f24c8866b2dae7386181c130daf3058ae5643d55e83a74b2317534e7abff1ee11ccb900d9950b57e46365b94fa0d00ef853784d85816b60f98e497988cb576ec81d4c6f4df410083300b52244f1a9c54d083db29b540e0f1d9f34a938389bee70c2dd3059601d5b35948ab41902b09eb6e18f397cbe2aa6a8acdcb91c3c6d3dafc949a319c1d458a0febcd12e65f6ae786a582bc44fdd857208edd3a22d2045cb1fb4181316b6a5d82daa89201f37a5f45c7ce6eb8ee1c5ece47c5aacbf4d2cce48edd343c18b3e3a948a3ad082385d482f11a7d63fd158df97b5db8a9029d6c9668871e5d216efb8acae871e9d88970a75bd2c72107ecbceb0169d613686d3e995d39cf4c72ec7df475efb839217226c8f8c3200fd6a5221a2bd16cfe8ec4deaaec344e1c27c8f41a16700b1703024a06f366aba16ff2372b0e6a143e646a7af5c50833c30af6cf7b38bb9a2b78dfa5c49d430a7d4e84a784a737d3f70eee39bcb046c42b66519df8a5d6f451da07555fb77a22d0f504ae7b96af261694034d1a8fdc4f0172b2218889afbd16f9b670aae2a5cb5561cd5d99103a2eca9619275e847ca8d3066f8bd46989561cc7e9518a5ef4dc0d95ad3cf14e27cdf5b1a13e91da3265e54e6580ea03f625c16d93415c09485b4e6f670a8b9f1747d433c03dd7e63e4021d594ffb8cf2fa3f35cbed0b311a881923eff806cae7d4d49903bdb75a80ae453fac5c2c76e0d5f77576eac70cb3bbd04cbb100251f6f52469e7803e247e7dede3b2cb5436777b75eed8614d30f7670dbd0674cb6ff47d798c396da0da8ce4381f1088326e71a20609ce716e3fd3d3e9890d601723655ac9d031dc1e24d03f5d56476f63945e802d70c89d3adea163f0e901893032d8d72f370cb2420ffc5138396635ad4d72b993317838884af583455b7825b0610222c629dd6384561e7851c65e4fd58fb34794966eaf9bb29be21f9b3f8397f2efd1cdfdbaef57f6d648aede3490675ac8fb7f90fad0f479571fe589fb8f04eb5a5c9ec95488fd5f64ae46893f966f648a1fd974f2b46d35a92834e0a3cb58e85f9427607b970dbf4a2e9fcfc8c725b05408f40c3ff71933406b3c27059841a9d08c9444a14433b5e0f77d5c8af6a58d8cc7785dc62faf50cb55bcbf3c91630912010c9ec5a1c8d6a1dc3a23acbf2079f7131b012444e35e06fff4b6ebdf38480cd3d98dddb70641dcc79a1750eda8761fe9ede0f29e6bab57d03cc7a8691120ab2d6919bdb24bfd2382256c78432b97338a475f5cac217979b767375cd9e593efb69fdad82895d9cd32b3f4c86fd83b1aa4da53233aad5886c64c3a10d79a480df3b78379097aa01fdd9985b41e0ef56135ef6d7310eacf980458fe281c49d14d2965bfc5cb78f23e483711ab13179ee62bcb39315f3728bb1905625e1928720776c93b07679db50037589bd86012f07ec161a6f5933dfd0d0a07f9a298dc072d33640e1f2914bd5a9fc0237f1439810b2ca26e79b704c73a94dd73cd32af96010a0bb460a3ae1235ce72160e381e55045237d78cd0d3e25fbbff291bb289084ecbad1ebedb9e640c4c3fa1121755181e03494f78a5c4bafdac145627523e9f6b4452d46031c2ea2944b4ee93fda0899c201c417b0be3436530402ce144b21f15ac1681cdfd86ad5db1d678c08f485736f5c06d4b476768acb6bbc155e0933d96e4740b2f425f7d97e41c93a9746bf9c93a638020b4e81b030fc79b0ee550e7cc906dfb1fb51fe620d13dbe34d56abb8be05addf84d166e7584a3b0365b7519c1ac54a99db5b556a00cdf63b233a8dcba9b0c38eaa21a38981fd2971f705301c14bbf1b954d891346bbe83c890af2a403acc45edf14a26cdd3f28bcb283ff93ddaaf6f7f677166976811e1d0a3c9739b6da7efd68cdd9573a6aaf15e266217eea2bb2b26e9a901d11fe8ac8f14163dd1043d8ed16d80edfcf4973443954c125a4b248eb93ab5aa4b17b099f4ccce0cb66e4a119030f828d3fe603f180f606b28aa8bfe1e343e2851fa053edeb01beaa3331ad3bc6b15b8dad5167c257f8d7542b0f829d255289443047ce0caefd56b22683c467a99beeb64ed4acc4fdbb951727325420326cb20b9e287c3fde397d847114f0c9a7412f989e88099a97196959722bbb33068d27e4a129786c1f0e9790be9b0078e34a0d3c1cec47f03b4c7cb6cf711e86426542391531a587b62d65b437b0b9322b7f1d22189eba1058d2dc3fcd686c892a5707e1b41551d3d0c922e6bfa8e327562e9fd2827be47c3632ae9eb0801686650682d98e92058876f4579f3f4bd2a846ab979e2819f82d60cd4991117551f8162b95687e906cf25873d5cc524720c2a2987394398fefd6d1fc63e1d5719802bdb221b85cb2fc12299e4c0b04c27f4bb2b72541401fc96fa0740a0d76e1506c16651568d9ecf27adaad11f558745efb42e90c87f1459ef65fed9cc2f6795724996c8617fa02c33fc19d4431374374cf2c16af173bdf545d84915993308895bec62eef8c4a7400c929df719f4f3399067a6ef5d39a5ceace4cb34c2d7432a730ba42c7a5213980f165a64645f032f23e3a2b814649dcccb36d07153245a4acd9e84a663ef3565ceee6c38e6720274664d740c67c6558c5872f45e3e393145281dd0c843fdf62df96b0df0f6939bdb900287f3e1af9612a24f8c9f618ebff6667f6cfbfdd5a1055823753714c3ed5d3300cb99772a8a64c1f765806b276493f1739b801e91557acf91268361abc546f01d096095b230bc7df794a1c3637b775eee542d53640cbe8bbb103521b504ece67442544e4b24c312cce9bd3b6a8a160f2a69d8dbe02fae4ebc33fb803a698925b331cfac6fdfef34336c850cfd9f72457120e9bcfb88fcc3f5f423b8dc4ddc35c6f22bb9cdeb13758c201349caed2d0be5803b2261b696998cca26573b1389a51cba8f8157acdfe7dacfabe6d78445325abec36206ec51cabedea8b8646366e531a18e304c6fcf0f4084f1c0192db5b4cf2fe2467a6dec4e496c7d6a17f938c35cbeb48a12b26521ae32d95dedb5843fc656bb9544c9ee9e1525e7e2dc9a53292e713f2d87c1421ae5414933fb4ab5ffe88139a4b87f97a1ce9983ec65b5a719545d98a8464f9d4e32cc107e69ad2dad407526f98ee28933dd4d0e95c81095fbb9a7de1fd4f39f84989fa956490a246e492da8ec3751e3f8a9fa46825fdc963028a1931c64ef1d0b6e726208d753f9a4f0d54d45678fa111ce282d455925942d70f3850dbee81ff6cb46950b16e154adac1848b9489d12c1105d3f78d110dcd13a7658aa36bb95fc88569655cec085c34bd52bff3183d0dbf1bf12bf5b0ec137f3b5a0472ffc323a13c477dbc0fdcf4358209a42d79c7c61ad47aef6b342ce2d5bae7d2bfc490ad1097e2f54ad426c34778939069daac17b8c129728511cd977e27e7b10231185256e96790c3d2757e1bdd4e51e62ed8030771e37bb367fb0f363e4f9000a34c81aa62cc7cd1daaddb4ea2ca1869e6449084c23b2a41a354d20354466d69f9194d8c07cae9d45be870568b5a5a3b0ea5bb309cfb46d33a64d3539e294c366ac23eb6e3a656df6f3ce19dbb8c03471efbebe31f1d41dce1e5406ae617b0f7623fda8a66ffb80b0c07472819e46e91a6d73db0700785a0003c7c8eff06693de1bbfdfbadd889a02e71ff73b135248d9d4fa422073d6d0bf57f649050b718bdf20b8044886bc104edd544258ed629bc02cc0382e478d4429ad33863573ea683dfb120881c09179d3d05ea3bd96c0eed282d2979b2fd55a6836f778eef71a90a37d829c4b27f96eaca64f2426b5e0720c84ec3404174eed7fa40c99933c05218e21fcd0c578ee40e8fc247013463b636de68311771386e"})
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$inet6_int(r2, 0x3a, 0x0, 0x0, 0x0)
r3 = fsopen(&(0x7f0000001000)='bdev\x00', 0x0)
ioctl$AUTOFS_IOC_PROTOVER(r3, 0x80049363, &(0x7f0000001040))

05:54:16 executing program 3:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000002200), 0x40002, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, r2)
r3 = openat$nvram(0xffffffffffffff9c, 0x0, 0x101040, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/udplite6\x00')
pread64(r4, &(0x7f0000000200)=""/193, 0xc1, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000002200), 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82)
ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82)
r7 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000002200), 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(r7, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c80, r6)
ioctl$BLKIOMIN(0xffffffffffffffff, 0x1260, &(0x7f00000029c0))
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)

05:54:16 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 90)

05:54:16 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f0000000040)={{0x1}})
r1 = dup(r0)
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000180)={0x0, 0x7, 0xffff, 0x0, 0x8})
dup(r2)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x5420, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000100)={0x5, 0x1, 0xc63f, 0x0, 0xd})

05:54:16 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x705000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[ 1089.651957] FAULT_INJECTION: forcing a failure.
[ 1089.651957] name failslab, interval 1, probability 0, space 0, times 0
[ 1089.653045] CPU: 1 UID: 0 PID: 8315 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1089.653062] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1089.653070] Call Trace:
[ 1089.653074]  <TASK>
[ 1089.653080]  dump_stack_lvl+0xfa/0x120
[ 1089.653100]  should_fail_ex+0x4d7/0x5e0
[ 1089.653123]  ? __kernfs_new_node+0xd3/0x870
[ 1089.653134]  should_failslab+0xc2/0x120
[ 1089.653154]  kmem_cache_alloc_noprof+0x5f/0x3d0
[ 1089.653172]  ? perf_trace_lock_acquire+0xc9/0x700
[ 1089.653192]  __kernfs_new_node+0xd3/0x870
[ 1089.653206]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1089.653221]  ? lock_acquire+0x15e/0x2f0
[ 1089.653233]  ? kernfs_root+0x23/0x2a0
[ 1089.653244]  ? find_held_lock+0x2b/0x80
[ 1089.653260]  ? kernfs_root+0xee/0x2a0
[ 1089.653270]  ? lock_release+0xc8/0x290
[ 1089.653281]  ? lock_is_held_type+0x9e/0x120
[ 1089.653299]  kernfs_new_node+0x13c/0x1e0
[ 1089.653316]  __kernfs_create_file+0x55/0x360
[ 1089.653335]  sysfs_add_file_mode_ns+0x21c/0x440
[ 1089.653356]  ? __pfx_slab_attr_store+0x10/0x10
[ 1089.653377]  internal_create_group+0x571/0xeb0
[ 1089.653396]  ? __pfx_internal_create_group+0x10/0x10
[ 1089.653417]  sysfs_slab_add+0x188/0x210
[ 1089.653435]  do_kmem_cache_create+0x235/0x5a0
[ 1089.653456]  __kmem_cache_create_args+0x20f/0x360
[ 1089.653468]  ? p9_client_create+0xd52/0x11b0
[ 1089.653486]  p9_client_create+0xdfc/0x11b0
[ 1089.653508]  ? __pfx_p9_client_create+0x10/0x10
[ 1089.653530]  ? trace_kmalloc+0x1f/0xb0
[ 1089.653543]  ? legacy_get_tree+0x109/0x220
[ 1089.653557]  ? vfs_get_tree+0x93/0x340
[ 1089.653572]  ? lockdep_init_map_type+0x4b/0x240
[ 1089.653585]  ? __raw_spin_lock_init+0x3a/0x110
[ 1089.653604]  v9fs_session_init+0x1df/0x17a0
[ 1089.653619]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1089.653642]  ? find_held_lock+0x2b/0x80
[ 1089.653658]  ? __create_object+0x59/0x80
[ 1089.653673]  ? __pfx_v9fs_session_init+0x10/0x10
[ 1089.653686]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1089.653705]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1089.653723]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1089.653742]  ? __create_object+0x59/0x80
[ 1089.653756]  ? trace_kmalloc+0x1f/0xb0
[ 1089.653767]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[ 1089.653781]  ? cred_has_capability.isra.0+0x1be/0x2c0
[ 1089.653802]  v9fs_mount+0xbc/0x9e0
[ 1089.653824]  ? __pfx_v9fs_mount+0x10/0x10
[ 1089.653842]  ? cap_capable+0xdb/0x3b0
[ 1089.653857]  ? __pfx_v9fs_mount+0x10/0x10
[ 1089.653873]  legacy_get_tree+0x109/0x220
[ 1089.653890]  vfs_get_tree+0x93/0x340
[ 1089.653905]  path_mount+0x122f/0x1db0
[ 1089.653924]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1089.653944]  ? __pfx_path_mount+0x10/0x10
[ 1089.653962]  ? kmem_cache_free+0x2a1/0x460
[ 1089.653980]  ? putname.part.0+0x11b/0x160
[ 1089.653995]  ? getname_flags.part.0+0x1c6/0x540
[ 1089.654012]  ? putname.part.0+0x11b/0x160
[ 1089.654028]  __x64_sys_mount+0x27b/0x300
[ 1089.654047]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1089.654072]  do_syscall_64+0xbf/0x360
[ 1089.654088]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1089.654101] RIP: 0033:0x7fdbea32eb19
[ 1089.654111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1089.654123] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1089.654136] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[ 1089.654144] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[ 1089.654152] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[ 1089.654159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1089.654167] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[ 1089.654186]  </TASK>
05:54:17 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0x0, 0x6}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:54:17 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x6)

05:54:17 executing program 1:
ioctl$TIOCGLCKTRMIOS(0xffffffffffffffff, 0x5456, &(0x7f0000000000)={0x3d4, 0x3, 0x2, 0x8, 0x16, "223d65e53eda756f740966e88b0cfcbebc6c28"})
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000080)={0x1, 0x4, 0x1, 0x1, 0x1, "7751a279bc654c2587e88cff50d678db4abc5f", 0x7, 0x7ff})
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x4, 0x800b}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f00000000c0)={0x4, &(0x7f0000000100)=[{0x8, 0x8, 0x0, 0x6}, {0x6, 0x9, 0x1, 0x1ff}, {0x8, 0xc2, 0x0, 0x10000}, {0x5, 0x1f, 0x0, 0x6b}]}, 0x10)
dup3(r0, 0xffffffffffffffff, 0x0)

[ 1089.748283] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1089.749928] CPU: 0 UID: 0 PID: 8301 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1089.749959] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1089.749973] Call Trace:
[ 1089.749982]  <TASK>
[ 1089.749992]  dump_stack_lvl+0xfa/0x120
[ 1089.750025]  dump_header+0x107/0x950
[ 1089.750063]  oom_kill_process+0x278/0xa00
[ 1089.750098]  out_of_memory+0x34b/0x1690
[ 1089.750138]  ? __pfx_out_of_memory+0x10/0x10
[ 1089.750182]  mem_cgroup_out_of_memory+0x164/0x190
[ 1089.750216]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1089.750259]  ? mark_held_locks+0x49/0x80
[ 1089.750291]  try_charge_memcg+0x81f/0xf30
[ 1089.750331]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1089.750372]  charge_memcg+0x7b/0x290
[ 1089.750400]  __mem_cgroup_charge+0x28/0x90
[ 1089.750431]  do_wp_page+0x58c/0x3240
[ 1089.750472]  ? __pfx_do_wp_page+0x10/0x10
[ 1089.750500]  ? do_raw_spin_lock+0x123/0x260
[ 1089.750528]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1089.750555]  ? ___pte_offset_map+0x176/0x370
[ 1089.750587]  __handle_mm_fault+0xde1/0x3030
[ 1089.750614]  ? reacquire_held_locks+0xd1/0x200
[ 1089.750636]  ? lock_vma_under_rcu+0x11e/0x530
[ 1089.750675]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1089.750705]  ? lock_vma_under_rcu+0x17b/0x530
[ 1089.750756]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1089.750802]  handle_mm_fault+0x2c3/0x900
[ 1089.750840]  ? access_error+0x17d/0x380
[ 1089.750871]  do_user_addr_fault+0x4fa/0xeb0
[ 1089.750905]  exc_page_fault+0xb0/0x180
[ 1089.750931]  asm_exc_page_fault+0x26/0x30
[ 1089.750954] RIP: 0033:0x7ff98baf5d30
[ 1089.750973] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1089.750995] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1089.751013] RAX: 000000000da4c98d RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1089.751028] RDX: 0000001b2cf2007c RSI: ffffffff812c80c8 RDI: 0000000000000000
[ 1089.751043] RBP: 0000000000000001 R08: 000000000da4c98d R09: 0000001b2cf2001c
[ 1089.751057] R10: 000000000000098d R11: 000000000da4c991 R12: 0000000000000017
[ 1089.751071] R13: 00007ff98bc4f000 R14: ffffffff812c80c8 R15: 00007ff98bc5aff0
[ 1089.751088]  ? x86_task_fpu+0x58/0xa0
[ 1089.751125]  ? x86_task_fpu+0x58/0xa0
[ 1089.751154]  </TASK>
[ 1089.759982] SLUB: Unable to add cache 9p-fcall-cache-117 to sysfs
[ 1089.760380] memory: usage 307200kB, limit 307200kB, failcnt 2587
[ 1089.767761] 9p: Unknown access argument 18446744073709551615: -34
[ 1089.767912] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1089.789401] Memory cgroup stats for /syz0:
[ 1089.808112] anon 135168
[ 1089.809131] file 312950784
[ 1089.809562] kernel 1486848
[ 1089.810039] kernel_stack 65536
[ 1089.810500] pagetables 147456
[ 1089.811001] sec_pagetables 0
[ 1089.811440] percpu 64
[ 1089.811798] sock 0
[ 1089.812238] vmalloc 0
[ 1089.812597] shmem 312950784
[ 1089.813056] file_mapped 0
[ 1089.813525] file_dirty 0
[ 1089.813973] file_writeback 0
[ 1089.814492] swapcached 0
[ 1089.814930] inactive_anon 306507776
[ 1089.815448] active_anon 6545408
[ 1089.816051] inactive_file 0
[ 1089.816497] active_file 0
[ 1089.816950] unevictable 0
[ 1089.817356] slab_reclaimable 948656
[ 1089.817920] slab_unreclaimable 339648
[ 1089.818561] slab 1288304
[ 1089.818997] workingset_refault_anon 0
[ 1089.819539] workingset_refault_file 1
[ 1089.820249] workingset_activate_anon 0
[ 1089.820804] workingset_activate_file 0
[ 1089.821413] workingset_restore_anon 0
[ 1089.821992] workingset_restore_file 0
[ 1089.822628] workingset_nodereclaim 0
[ 1089.823201] pgdemote_kswapd 0
[ 1089.823655] pgdemote_direct 0
[ 1089.824160] pgdemote_khugepaged 0
[ 1089.824659] pgdemote_proactive 0
[ 1089.825275] pgscan 801
[ 1089.825648] pgsteal 9
[ 1089.826049] pswpin 0
[ 1089.826404] pswpout 0
[ 1089.826758] pgscan_kswapd 0
[ 1089.827300] pgscan_direct 801
[ 1089.827755] pgscan_khugepaged 0
[ 1089.828284] pgscan_proactive 0
[ 1089.828748] pgsteal_kswapd 0
[ 1089.829222] pgsteal_direct 9
[ 1089.829745] pgsteal_khugepaged 0
[ 1089.830276] pgsteal_proactive 0
[ 1089.830883] pgfault 87727
[ 1089.831286] pgmajfault 0
[ 1089.831672] pgrefill 768
[ 1089.832120] pgactivate 3833
[ 1089.832618] pgdeactivate 768
[ 1089.833107] pglazyfree 0
[ 1089.833564] pglazyfreed 0
[ 1089.834009] swpin_zero 0
[ 1089.834469] swpout_zero 0
[ 1089.834923] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8301,uid=0
[ 1089.837029] Memory cgroup out of memory: Killed process 8301 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
05:54:17 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x100000, 0x2a, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000800100000f000000000000000100000005000000000004000040000020000000d9f4655fd9f4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000004000008000000d2c20100120300000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e39313833393035343700"/192, 0xc0, 0x400}, {&(0x7f0000010100)="00000000000000000000000085f42d27379e44ba9a8dcb77402e9f71010040000c00000000000000d9f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000000000000000000000000000000040000004400000000000000", 0x40, 0x540}, {&(0x7f0000010300)="0300000004000000000000000000000000000000010400"/32, 0x20, 0x640}, {&(0x7f0000010400)="02000000030000000400000018000f000300040000000000000000000f00c2b4", 0x20, 0x800}, {&(0x7f0000010500)="ff000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000d9f4655fd9f4655fd9f4655f00"/4128, 0x1020, 0x1000}, {&(0x7f0000011600)="ed41000000080000d9f4655fd9f4655fd9f4655f00000000000004004000000000000800050000000af301000400000000000000000000000100000020000000", 0x40, 0x2400}, {&(0x7f0000011700)="20000000d897e2e1d897e2e100000000d9f4655f00"/32, 0x20, 0x2480}, {&(0x7f0000011800)="8081000000180000d9f4655fd9f4655fd9f4655f00000000000001004000000010000800000000000af301000400000000000000000000000300000040000000", 0x40, 0x2800}, {&(0x7f0000011900)="20000000000000000000000000000000d9f4655f00"/32, 0x20, 0x2880}, {&(0x7f0000011a00)="8081000000180000d9f4655fd9f4655fd9f4655f00000000000001004000000010000800000000000af301000400000000000000000000000300000050000000", 0x40, 0x2c00}, {&(0x7f0000011b00)="20000000000000000000000000000000d9f4655f00"/32, 0x20, 0x2c80}, {&(0x7f0000011c00)="c041000000380000d9f4655fd9f4655fd9f4655f00000000000002004000000000000800000000000af301000400000000000000000000000700000030000000", 0x40, 0x4800}, {&(0x7f0000011d00)="20000000000000000000000000000000d9f4655f000000000000000000000000000002ea00"/64, 0x40, 0x4880}, {&(0x7f0000011e00)="ed4100003c000000d9f4655fd9f4655fd9f4655f0000000000000200000000000000001003000000020000000d0000001000050166696c65300000000e0000002800050766696c6531000000000000000000000000000000000000000000000000000000c48b648700000000000000000000000000000000000000000000000020000000d897e2e1d897e2e1d897e2e1d9f4655fd897e2e10000000000000000000002ea04070000000000000000000000000000646174610000000000000000", 0xc0, 0x4c00}, {&(0x7f0000011f00)="ed8100001a040000d9f4655fd9f4655fd9f4655f00000000000001004000000000000800010000000af301000400000000000000000000000100000060000000000000000000000000000000000000000000000000000000000000000000000000000000c8ee3c9e00000000000000000000000000000000000000000000000020000000d897e2e1d897e2e1d897e2e1d9f4655fd897e2e10000000000000000", 0xa0, 0x5000}, {&(0x7f0000012000)="ffa1000026000000d9f4655fd9f4655fd9f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3931383339303534372f66696c65302f66696c6530000000000000000000000000000000000000000000008af507fc00000000000000000000000000000000000000000000000020000000d897e2e1d897e2e1d897e2e1d9f4655fd897e2e10000000000000000", 0xa0, 0x5400}, {&(0x7f0000012100)="ed8100000a000000d9f4655fd9f4655fd9f4655f000000000000010000000000000000100100000073797a6b616c6c6572730000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c4518baf00000000000000000000000000000000000000000000000020000000d897e2e1d897e2e1d897e2e1d9f4655fd897e2e10000000000000000000002ea040700000000000000000000000000006461746106015403000000000600000000000000786174747231000006014c0300000000060000000000000078617474723200"/256, 0x100, 0x5800}, {&(0x7f0000012200)="0000000000000000000000000000000078617474723200007861747472310000ed81000028230000d9f4655fd9f4655fd9f4655f00000000000002004000000000000800010000000af301000400000000000000000000000500000070000000000000000000000000000000000000000000000000000000000000000000000000000000e8b186cc00000000000000000000000000000000000000000000000020000000d897e2e1d897e2e1d897e2e1d9f4655fd897e2e10000000000000000", 0xc0, 0x5be0}, {&(0x7f0000012300)="ed81000064000000d9f4655fd9f4655fd9f4655f000000000000010000000000000000100100000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c4504c7b300000000000000000000000000000000000000000000000020000000d897e2e1d897e2e1d897e2e1d9f4655fd897e2e10000000000000000000002ea04073403000000002800000000000000646174610000000000000000", 0xc0, 0x6000}, {&(0x7f0000012400)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00lersyzkallersyzkallersyzkallersyzkallers', 0x40, 0x63c0}, {&(0x7f0000012500)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009407090166696c652e636f6c64000000", 0x80, 0x10000}, {&(0x7f0000012600)="0b0000000c0001022e000000020000000c0002022e2e000000000000e8070000", 0x20, 0x18000}, {&(0x7f0000012700)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x18800}, {&(0x7f0000012800)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x19000}, {&(0x7f0000012900)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x19800}, {&(0x7f0000012a00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x1a000}, {&(0x7f0000012b00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x1a800}, {&(0x7f0000012c00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x1b000}, {&(0x7f0000012d00)="111fc0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x20000}, {&(0x7f0000012e00)="0200"/32, 0x20, 0x20400}, {&(0x7f0000012f00)="0300"/32, 0x20, 0x20800}, {&(0x7f0000013000)="0400"/32, 0x20, 0x20c00}, {&(0x7f0000013100)="0500"/32, 0x20, 0x21000}, {&(0x7f0000013200)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000200"/96, 0x60, 0x21400}, {&(0x7f0000013300)="2719c0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x28000}, {&(0x7f0000013400)="0200"/32, 0x20, 0x28400}, {&(0x7f0000013500)="0300"/32, 0x20, 0x28800}, {&(0x7f0000013600)="0400"/32, 0x20, 0x28c00}, {&(0x7f0000013700)="0500"/32, 0x20, 0x29000}, {&(0x7f0000013800)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000200"/96, 0x60, 0x29400}, {&(0x7f0000013900)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x30000}], 0x0, &(0x7f0000013e00))
r0 = syz_open_dev$vcsu(&(0x7f0000000600), 0x8, 0xe0000)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@loose}, {@uname={'uname', 0x3d, ':&\xd7)]('}}, {@access_user}, {@cache_loose}], [{@smackfsdef={'smackfsdef', 0x3d, 'user.incfs.metadata\x00'}}, {@dont_measure}, {@func={'func', 0x3d, 'FILE_MMAP'}}, {@fsname={'fsname', 0x3d, '$k\'/,,-\\'}}, {@subj_user={'subj_user', 0x3d, 'ext4\x00'}}]}})
setxattr$incfs_metadata(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), &(0x7f0000000140)="d6928af7961f1d5c7bf6b9eec1b9fea1722fa02dae4b18cc1feb49ffb7d61d3c5f145493d43c5d8091a51da4d55a6c04ca437e61edbb902a209cf1bdaa4619fb432270e54e1deead5b5fe4728ed18726c8d04fc7097e10e6", 0x58, 0x2)
syz_open_dev$mouse(&(0x7f0000000780), 0x1000, 0x240040)
ioctl$sock_inet_tcp_SIOCATMARK(r1, 0x8905, &(0x7f0000000740))

05:54:17 executing program 0:
mlockall(0x2)
mlockall(0x2)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
shmdt(r1)

[ 1089.959256] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1089.960282] CPU: 1 UID: 0 PID: 8339 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1089.960299] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1089.960307] Call Trace:
[ 1089.960312]  <TASK>
[ 1089.960317]  dump_stack_lvl+0xfa/0x120
[ 1089.960338]  dump_header+0x107/0x950
[ 1089.960358]  oom_kill_process+0x278/0xa00
[ 1089.960376]  out_of_memory+0x34b/0x1690
[ 1089.960396]  ? __pfx_out_of_memory+0x10/0x10
[ 1089.960418]  mem_cgroup_out_of_memory+0x164/0x190
[ 1089.960436]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1089.960458]  ? mark_held_locks+0x49/0x80
[ 1089.960476]  try_charge_memcg+0x81f/0xf30
[ 1089.960497]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1089.960518]  charge_memcg+0x7b/0x290
[ 1089.960532]  __mem_cgroup_charge+0x28/0x90
[ 1089.960549]  do_wp_page+0x58c/0x3240
[ 1089.960569]  ? __pfx_do_wp_page+0x10/0x10
[ 1089.960584]  ? do_raw_spin_lock+0x123/0x260
[ 1089.960599]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1089.960613]  ? ___pte_offset_map+0x176/0x370
[ 1089.960630]  __handle_mm_fault+0xde1/0x3030
[ 1089.960644]  ? reacquire_held_locks+0xd1/0x200
[ 1089.960656]  ? lock_vma_under_rcu+0x11e/0x530
[ 1089.960680]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1089.960696]  ? lock_vma_under_rcu+0x17b/0x530
[ 1089.960722]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1089.960746]  handle_mm_fault+0x2c3/0x900
[ 1089.960761]  ? access_error+0x17d/0x380
[ 1089.960778]  do_user_addr_fault+0x4fa/0xeb0
[ 1089.960796]  exc_page_fault+0xb0/0x180
[ 1089.960809]  asm_exc_page_fault+0x26/0x30
[ 1089.960824] RIP: 0033:0x7ff98baf5d30
[ 1089.960834] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1089.960845] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1089.960856] RAX: 00000000d44b4167 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1089.960864] RDX: 0000001b2cf20024 RSI: ffffffff819e8236 RDI: 0000000000000000
[ 1089.960871] RBP: 0000000000000001 R08: 00000000d44b4167 R09: 0000001b2cf2001c
[ 1089.960879] R10: 0000000000000167 R11: 00000000d44b416b R12: 0000000000000001
[ 1089.960887] R13: 00007ff98bc4f000 R14: ffffffff819e8236 R15: 00007ff98bc5aff0
[ 1089.960895]  ? __do_sys_mlockall+0x16/0x5c0
[ 1089.960917]  ? __do_sys_mlockall+0x16/0x5c0
[ 1089.960937]  </TASK>
[ 1089.977948] memory: usage 307200kB, limit 307200kB, failcnt 2610
[ 1089.978439] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1089.978939] Memory cgroup stats for /syz0:
[ 1089.997267] anon 110592
[ 1089.997959] file 312950784
[ 1089.998194] kernel 1511424
[ 1089.998587] kernel_stack 65536
[ 1089.998998] pagetables 151552
[ 1089.999255] sec_pagetables 0
[ 1089.999505] percpu 128
[ 1089.999716] sock 0
[ 1090.000073] vmalloc 0
[ 1090.000274] shmem 312950784
[ 1090.000512] file_mapped 0
[ 1090.000736] file_dirty 0
[ 1090.001124] file_writeback 0
[ 1090.001373] swapcached 0
[ 1090.001587] inactive_anon 306515968
[ 1090.002003] active_anon 6545408
[ 1090.002271] inactive_file 0
[ 1090.002507] active_file 0
[ 1090.002727] unevictable 0
[ 1090.003121] slab_reclaimable 948656
[ 1090.003411] slab_unreclaimable 359856
[ 1090.003714] slab 1308512
[ 1090.004109] workingset_refault_anon 0
[ 1090.004508] workingset_refault_file 1
[ 1090.004831] workingset_activate_anon 0
[ 1090.005138] workingset_activate_file 0
[ 1090.005451] workingset_restore_anon 0
[ 1090.005749] workingset_restore_file 0
[ 1090.006073] workingset_nodereclaim 0
[ 1090.006370] pgdemote_kswapd 0
[ 1090.006623] pgdemote_direct 0
[ 1090.006897] pgdemote_khugepaged 0
[ 1090.007176] pgdemote_proactive 0
[ 1090.007448] pgscan 801
[ 1090.007656] pgsteal 9
[ 1090.007874] pswpin 0
[ 1090.008078] pswpout 0
[ 1090.008276] pgscan_kswapd 0
[ 1090.008511] pgscan_direct 801
[ 1090.008763] pgscan_khugepaged 0
[ 1090.009059] pgscan_proactive 0
[ 1090.009321] pgsteal_kswapd 0
[ 1090.009566] pgsteal_direct 9
[ 1090.009832] pgsteal_khugepaged 0
[ 1090.010103] pgsteal_proactive 0
[ 1090.010366] pgfault 87768
[ 1090.010585] pgmajfault 0
[ 1090.010800] pgrefill 768
[ 1090.011040] pgactivate 3833
[ 1090.011276] pgdeactivate 768
[ 1090.011520] pglazyfree 0
[ 1090.011736] pglazyfreed 0
[ 1090.011984] swpin_zero 0
[ 1090.012214] swpout_zero 0
[ 1090.012435] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8339,uid=0
[ 1090.013611] Memory cgroup out of memory: Killed process 8339 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[ 1090.359933] audit: type=1326 audit(1755410057.707:153): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8291 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:54:26 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 91)

05:54:26 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x7)

05:54:26 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x9000000, 0x0)

05:54:26 executing program 0:
r0 = fcntl$getown(0xffffffffffffffff, 0x9)
r1 = syz_open_procfs(r0, &(0x7f0000000180)='environ\x00')
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
mlockall(0x2)
shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
mlockall(0x1)
r2 = shmget$private(0x0, 0x1000, 0x1000, &(0x7f0000fff000/0x1000)=nil)
r3 = shmat(r2, &(0x7f00009de000/0x400000)=nil, 0x3000)
shmdt(0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r4, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0x40605346, &(0x7f0000000100)={0xff, 0x1, {0x1, 0x3, 0x7, 0x3, 0x6}, 0x4})
shmdt(r3)
r5 = syz_io_uring_complete(0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
r7 = shmget$private(0x0, 0x4000, 0x78000000, &(0x7f0000e26000/0x4000)=nil)
shmat(r7, &(0x7f000055d000/0x2000)=nil, 0x2000)
pread64(r6, &(0x7f0000000040)=""/156, 0x9c, 0x2)
dup2(r5, r6)

05:54:26 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0x0, 0x7}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:54:26 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000540)='./file0/file1\x00', r0, &(0x7f0000000580)='./file0\x00', 0x400)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
r2 = syz_mount_image$msdos(&(0x7f0000000740), &(0x7f0000000780)='./file0/file0\x00', 0x9744, 0x4, &(0x7f0000000a80)=[{&(0x7f00000007c0)="db995920f9630b41d481d60a17a3023566befc958306150d62b54d7454da003b6d61672b8ed8a4c34a69f2d04066440684f2b74d19fff3bf70a71cfced7bff4323295b11596752c5d44050420714294c4789013b1047c7eb30dde83416c38cdcbd013758fe80476382ff5b9855799b1f881b9ab01a96a149bc4b84a471564ee99096e223c0d813d254557d0c67fcb1718f044f5b58d73c13230cee9f8f2d96c7f829852a8b76ee2af92498e0a151be12", 0xb0, 0x2}, {&(0x7f0000000880)="d9a05701ee1aecaf1eabe37f309cb9608779aa36b6eab121e728cb6cabf23445a163b2fba2760b70702d6a2beb20d959e420b28807523478e8ae5a10b7bc17f15cce5dbd36d6f0cb4e6cd96568645a3343c7f30280087678b5fcf88847a4ac1a3200644290a8b73cee78f8aca792c798764ca9dbbfc165b1ff8217f84199676a811cba56df65efa566db23620ea75ffebde3d4d433432602bb42e11403d3", 0x9e, 0x9}, {&(0x7f00000009c0)="80c9d4c0b305183fa4ef686aca49f24dad725404c2d57910079a81f969e2d5c1bf16c2b1a40d48b24cad373ab4fa88f41f68036d9e6ec4c40515969afbdd14f466f321abd0506f77e134762e30b78be1e1f4d3ae4311767bde33e30a8af793b0ad6bf1dee677bf35b5a24e2f84a8ac6a19c2f0e102b034f83613e9088735a4e9926659a119fc48455e15ea6a72864534cbfa247a59", 0x95, 0x1024}, {&(0x7f0000000940)="8408e33af53689e2a1acf5b58e9aacf0c9b31216bec82230a80a672b6ee422c54b50ac02cab9c5bc592702f4c885656ffb", 0x31, 0x5}], 0x12, &(0x7f0000000b00)={[{@fat=@flush}, {@fat=@usefree}, {@nodots}, {@nodots}, {@nodots}, {@fat=@check_strict}, {@dots}, {@nodots}], [{@fowner_lt={'fowner<', 0xee01}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@obj_role={'obj_role', 0x3d, 'smackfshat'}}]})
ioctl$AUTOFS_IOC_FAIL(r2, 0x9361, 0x4)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x40087602, &(0x7f0000000700)=0x8)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000c00)={0x0, 0x0, <r4=>0x0}, &(0x7f0000008600)=0xc)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000bc0)=0x7b1f, 0xfa3)
lstat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_unix(&(0x7f0000000280)='./file0/file1\x00', &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x8, &(0x7f0000000400)={'trans=unix,', {[{@access_user}, {@cachetag={'cachetag', 0x3d, '%]+:#^'}}, {@dfltgid={'dfltgid', 0x3d, r4}}, {@dfltuid={'dfltuid', 0x3d, r5}}, {@version_u}, {@cache_none}, {@fscache}, {@uname={'uname', 0x3d, ',[,%['}}, {@fscache}], [{@smackfshat={'smackfshat', 0x3d, 'tmpfs\x00'}}, {@euid_gt={'euid>', 0xffffffffffffffff}}, {@obj_type={'obj_type', 0x3d, 'security.evm\x00'}}, {@measure}]}})
statx(r0, &(0x7f00000000c0)='./file0/file0\x00', 0x6000, 0x40, &(0x7f0000000180))
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:54:26 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x800000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:54:26 executing program 1:
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000200)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB="e00000209ad3f7967d6c9a3b360a41daaa0c56b22def42f4e3c0f941f6223a9800462938f86f8988847fbbb91fccee513674b43b7c642368bf8f48f4cddd45538472e589316a0e610df6387d1ee9466554d17cbe00b8742c5146c796299d0742eedf4cd6f9af08527f0ded643fac4a"])
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), 0xffffffffffffffff)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000005c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x4058534c, &(0x7f0000000000)={0x80, 0x200, 0x3})
r2 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r1, 0x408c5333, &(0x7f0000000140)={0xdf4e, 0x80000001, 0x1, 'queue1\x00', 0x9})
close(r3)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r4=>r2}, './file0\x00'})
ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f00000000c0)={@mcast2, @private2, @empty, 0x74f, 0x6, 0x200, 0x500, 0x9232, 0x40000000})

[ 1099.008469] 9p: Unknown access argument 18446744073709551615: -34
[ 1099.009102] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1099.009901] CPU: 1 UID: 0 PID: 8348 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1099.009918] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1099.009925] Call Trace:
[ 1099.009930]  <TASK>
[ 1099.009935]  dump_stack_lvl+0xfa/0x120
[ 1099.009956]  dump_header+0x107/0x950
[ 1099.009977]  oom_kill_process+0x278/0xa00
[ 1099.009996]  out_of_memory+0x34b/0x1690
[ 1099.010018]  ? __pfx_out_of_memory+0x10/0x10
[ 1099.010040]  mem_cgroup_out_of_memory+0x164/0x190
[ 1099.010059]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1099.010082]  ? mark_held_locks+0x49/0x80
[ 1099.010100]  try_charge_memcg+0x81f/0xf30
[ 1099.010122]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1099.010148]  charge_memcg+0x7b/0x290
[ 1099.010163]  __mem_cgroup_charge+0x28/0x90
[ 1099.010179]  do_wp_page+0x58c/0x3240
[ 1099.010201]  ? __pfx_do_wp_page+0x10/0x10
[ 1099.010217]  ? do_raw_spin_lock+0x123/0x260
[ 1099.010232]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1099.010247]  ? ___pte_offset_map+0x176/0x370
[ 1099.010264]  __handle_mm_fault+0xde1/0x3030
[ 1099.010279]  ? reacquire_held_locks+0xd1/0x200
[ 1099.010291]  ? lock_vma_under_rcu+0x11e/0x530
[ 1099.010311]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1099.010328]  ? lock_vma_under_rcu+0x17b/0x530
[ 1099.010355]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1099.010380]  handle_mm_fault+0x2c3/0x900
[ 1099.010395]  ? access_error+0x17d/0x380
[ 1099.010413]  do_user_addr_fault+0x4fa/0xeb0
[ 1099.010431]  exc_page_fault+0xb0/0x180
[ 1099.010445]  asm_exc_page_fault+0x26/0x30
[ 1099.010458] RIP: 0033:0x7ff98baf5d30
[ 1099.010467] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1099.010479] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1099.010489] RAX: 00000000153e9594 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1099.010497] RDX: 0000001b2cf20054 RSI: ffffffff812c807f RDI: 0000000000000000
[ 1099.010505] RBP: 0000000000000001 R08: 00000000153e9594 R09: 0000001b2cf2001c
[ 1099.010512] R10: 0000000000001594 R11: 00000000153e9598 R12: 000000000000000d
[ 1099.010520] R13: 00007ff98bc4f000 R14: ffffffff812c807f R15: 00007ff98bc5aff0
[ 1099.010528]  ? x86_task_fpu+0xf/0xa0
[ 1099.010548]  ? x86_task_fpu+0xf/0xa0
[ 1099.010563]  </TASK>
[ 1099.010579] memory: usage 307200kB, limit 307200kB, failcnt 2635
[ 1099.028467] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1099.029002] Memory cgroup stats for /syz0:
[ 1099.041641] 9pnet_fd: p9_fd_create_unix (8356): problem connecting socket: ./file0/file1: -2
[ 1099.064663] audit: type=1326 audit(1755410066.411:154): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8357 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
[ 1099.070247] 9pnet_fd: p9_fd_create_unix (8356): problem connecting socket: ./file0/file1: -2
[ 1099.072937] anon 135168
[ 1099.073168] file 312950784
[ 1099.073405] kernel 1486848
[ 1099.073655] kernel_stack 65536
[ 1099.074052] pagetables 147456
[ 1099.074312] sec_pagetables 0
[ 1099.074567] percpu 64
[ 1099.074771] sock 0
[ 1099.075080] vmalloc 0
[ 1099.075289] shmem 312950784
[ 1099.075528] file_mapped 0
[ 1099.075763] file_dirty 0
[ 1099.076109] file_writeback 0
[ 1099.076365] swapcached 0
[ 1099.076595] inactive_anon 306540544
[ 1099.076919] active_anon 6545408
[ 1099.077192] inactive_file 0
[ 1099.077436] active_file 0
[ 1099.077663] unevictable 0
[ 1099.077915] slab_reclaimable 948656
[ 1099.078214] slab_unreclaimable 339648
[ 1099.078529] slab 1288304
[ 1099.078758] workingset_refault_anon 0
[ 1099.079104] workingset_refault_file 1
[ 1099.079423] workingset_activate_anon 0
[ 1099.079752] workingset_activate_file 0
[ 1099.080091] workingset_restore_anon 0
[ 1099.080402] workingset_restore_file 0
[ 1099.080720] workingset_nodereclaim 0
[ 1099.081042] pgdemote_kswapd 0
[ 1099.081306] pgdemote_direct 0
[ 1099.081566] pgdemote_khugepaged 0
[ 1099.081876] pgdemote_proactive 0
[ 1099.082154] pgscan 801
[ 1099.082363] pgsteal 9
[ 1099.082562] pswpin 0
[ 1099.082757] pswpout 0
[ 1099.082980] pgscan_kswapd 0
[ 1099.083230] pgscan_direct 801
[ 1099.083499] pgscan_khugepaged 0
[ 1099.083775] pgscan_proactive 0
[ 1099.084065] pgsteal_kswapd 0
[ 1099.084323] pgsteal_direct 9
[ 1099.084581] pgsteal_khugepaged 0
[ 1099.084901] pgsteal_proactive 0
[ 1099.085175] pgfault 87821
[ 1099.085403] pgmajfault 0
[ 1099.085627] pgrefill 768
[ 1099.085869] pgactivate 3833
[ 1099.086110] pgdeactivate 768
[ 1099.086358] pglazyfree 0
[ 1099.086581] pglazyfreed 0
[ 1099.086830] swpin_zero 0
[ 1099.087055] swpout_zero 0
[ 1099.087284] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8348,uid=0
[ 1099.088502] Memory cgroup out of memory: Killed process 8348 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
05:54:26 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 92)

05:54:26 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000540)='./file0/file1\x00', r0, &(0x7f0000000580)='./file0\x00', 0x400)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
r2 = syz_mount_image$msdos(&(0x7f0000000740), &(0x7f0000000780)='./file0/file0\x00', 0x9744, 0x4, &(0x7f0000000a80)=[{&(0x7f00000007c0)="db995920f9630b41d481d60a17a3023566befc958306150d62b54d7454da003b6d61672b8ed8a4c34a69f2d04066440684f2b74d19fff3bf70a71cfced7bff4323295b11596752c5d44050420714294c4789013b1047c7eb30dde83416c38cdcbd013758fe80476382ff5b9855799b1f881b9ab01a96a149bc4b84a471564ee99096e223c0d813d254557d0c67fcb1718f044f5b58d73c13230cee9f8f2d96c7f829852a8b76ee2af92498e0a151be12", 0xb0, 0x2}, {&(0x7f0000000880)="d9a05701ee1aecaf1eabe37f309cb9608779aa36b6eab121e728cb6cabf23445a163b2fba2760b70702d6a2beb20d959e420b28807523478e8ae5a10b7bc17f15cce5dbd36d6f0cb4e6cd96568645a3343c7f30280087678b5fcf88847a4ac1a3200644290a8b73cee78f8aca792c798764ca9dbbfc165b1ff8217f84199676a811cba56df65efa566db23620ea75ffebde3d4d433432602bb42e11403d3", 0x9e, 0x9}, {&(0x7f00000009c0)="80c9d4c0b305183fa4ef686aca49f24dad725404c2d57910079a81f969e2d5c1bf16c2b1a40d48b24cad373ab4fa88f41f68036d9e6ec4c40515969afbdd14f466f321abd0506f77e134762e30b78be1e1f4d3ae4311767bde33e30a8af793b0ad6bf1dee677bf35b5a24e2f84a8ac6a19c2f0e102b034f83613e9088735a4e9926659a119fc48455e15ea6a72864534cbfa247a59", 0x95, 0x1024}, {&(0x7f0000000940)="8408e33af53689e2a1acf5b58e9aacf0c9b31216bec82230a80a672b6ee422c54b50ac02cab9c5bc592702f4c885656ffb", 0x31, 0x5}], 0x12, &(0x7f0000000b00)={[{@fat=@flush}, {@fat=@usefree}, {@nodots}, {@nodots}, {@nodots}, {@fat=@check_strict}, {@dots}, {@nodots}], [{@fowner_lt={'fowner<', 0xee01}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@obj_role={'obj_role', 0x3d, 'smackfshat'}}]})
ioctl$AUTOFS_IOC_FAIL(r2, 0x9361, 0x4)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x40087602, &(0x7f0000000700)=0x8)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000c00)={0x0, 0x0, <r4=>0x0}, &(0x7f0000008600)=0xc)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000bc0)=0x7b1f, 0xfa3)
lstat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_unix(&(0x7f0000000280)='./file0/file1\x00', &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x8, &(0x7f0000000400)={'trans=unix,', {[{@access_user}, {@cachetag={'cachetag', 0x3d, '%]+:#^'}}, {@dfltgid={'dfltgid', 0x3d, r4}}, {@dfltuid={'dfltuid', 0x3d, r5}}, {@version_u}, {@cache_none}, {@fscache}, {@uname={'uname', 0x3d, ',[,%['}}, {@fscache}], [{@smackfshat={'smackfshat', 0x3d, 'tmpfs\x00'}}, {@euid_gt={'euid>', 0xffffffffffffffff}}, {@obj_type={'obj_type', 0x3d, 'security.evm\x00'}}, {@measure}]}})
statx(r0, &(0x7f00000000c0)='./file0/file0\x00', 0x6000, 0x40, &(0x7f0000000180))
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:54:26 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x805000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:54:26 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0x0, 0x8}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:54:26 executing program 1:
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000200)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB="e00000209ad3f7967d6c9a3b360a41daaa0c56b22def42f4e3c0f941f6223a9800462938f86f8988847fbbb91fccee513674b43b7c642368bf8f48f4cddd45538472e589316a0e610df6387d1ee9466554d17cbe00b8742c5146c796299d0742eedf4cd6f9af08527f0ded643fac4a"])
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), 0xffffffffffffffff)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000005c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x4058534c, &(0x7f0000000000)={0x80, 0x200, 0x3})
r2 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r1, 0x408c5333, &(0x7f0000000140)={0xdf4e, 0x80000001, 0x1, 'queue1\x00', 0x9})
close(r3)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r4=>r2}, './file0\x00'})
ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f00000000c0)={@mcast2, @private2, @empty, 0x74f, 0x6, 0x200, 0x500, 0x9232, 0x40000000})

05:54:26 executing program 0:
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmat(r0, &(0x7f0000df0000/0x3000)=nil, 0x7000)
shmdt(0x0)
munlock(&(0x7f00005bb000/0x2000)=nil, 0x2000)
shmdt(r1)
shmat(r0, &(0x7f00008d4000/0x3000)=nil, 0x6000)
shmget$private(0x0, 0x2000, 0x78000000, &(0x7f0000901000/0x2000)=nil)
shmat(r0, &(0x7f00005ed000/0x1000)=nil, 0x5000)

[ 1099.180781] 9p: Unknown access argument 18446744073709551615: -34
[ 1099.231231] 9pnet_fd: p9_fd_create_unix (8370): problem connecting socket: ./file0/file1: -2
05:54:26 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 93)

05:54:26 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x8)

05:54:26 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000540)='./file0/file1\x00', r0, &(0x7f0000000580)='./file0\x00', 0x400)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
r2 = syz_mount_image$msdos(&(0x7f0000000740), &(0x7f0000000780)='./file0/file0\x00', 0x9744, 0x4, &(0x7f0000000a80)=[{&(0x7f00000007c0)="db995920f9630b41d481d60a17a3023566befc958306150d62b54d7454da003b6d61672b8ed8a4c34a69f2d04066440684f2b74d19fff3bf70a71cfced7bff4323295b11596752c5d44050420714294c4789013b1047c7eb30dde83416c38cdcbd013758fe80476382ff5b9855799b1f881b9ab01a96a149bc4b84a471564ee99096e223c0d813d254557d0c67fcb1718f044f5b58d73c13230cee9f8f2d96c7f829852a8b76ee2af92498e0a151be12", 0xb0, 0x2}, {&(0x7f0000000880)="d9a05701ee1aecaf1eabe37f309cb9608779aa36b6eab121e728cb6cabf23445a163b2fba2760b70702d6a2beb20d959e420b28807523478e8ae5a10b7bc17f15cce5dbd36d6f0cb4e6cd96568645a3343c7f30280087678b5fcf88847a4ac1a3200644290a8b73cee78f8aca792c798764ca9dbbfc165b1ff8217f84199676a811cba56df65efa566db23620ea75ffebde3d4d433432602bb42e11403d3", 0x9e, 0x9}, {&(0x7f00000009c0)="80c9d4c0b305183fa4ef686aca49f24dad725404c2d57910079a81f969e2d5c1bf16c2b1a40d48b24cad373ab4fa88f41f68036d9e6ec4c40515969afbdd14f466f321abd0506f77e134762e30b78be1e1f4d3ae4311767bde33e30a8af793b0ad6bf1dee677bf35b5a24e2f84a8ac6a19c2f0e102b034f83613e9088735a4e9926659a119fc48455e15ea6a72864534cbfa247a59", 0x95, 0x1024}, {&(0x7f0000000940)="8408e33af53689e2a1acf5b58e9aacf0c9b31216bec82230a80a672b6ee422c54b50ac02cab9c5bc592702f4c885656ffb", 0x31, 0x5}], 0x12, &(0x7f0000000b00)={[{@fat=@flush}, {@fat=@usefree}, {@nodots}, {@nodots}, {@nodots}, {@fat=@check_strict}, {@dots}, {@nodots}], [{@fowner_lt={'fowner<', 0xee01}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@obj_role={'obj_role', 0x3d, 'smackfshat'}}]})
ioctl$AUTOFS_IOC_FAIL(r2, 0x9361, 0x4)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x40087602, &(0x7f0000000700)=0x8)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000c00)={0x0, 0x0, <r4=>0x0}, &(0x7f0000008600)=0xc)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000bc0)=0x7b1f, 0xfa3)
lstat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_unix(&(0x7f0000000280)='./file0/file1\x00', &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x8, &(0x7f0000000400)={'trans=unix,', {[{@access_user}, {@cachetag={'cachetag', 0x3d, '%]+:#^'}}, {@dfltgid={'dfltgid', 0x3d, r4}}, {@dfltuid={'dfltuid', 0x3d, r5}}, {@version_u}, {@cache_none}, {@fscache}, {@uname={'uname', 0x3d, ',[,%['}}, {@fscache}], [{@smackfshat={'smackfshat', 0x3d, 'tmpfs\x00'}}, {@euid_gt={'euid>', 0xffffffffffffffff}}, {@obj_type={'obj_type', 0x3d, 'security.evm\x00'}}, {@measure}]}})
statx(r0, &(0x7f00000000c0)='./file0/file0\x00', 0x6000, 0x40, &(0x7f0000000180))
unlink(&(0x7f0000000080)='./file0/file0\x00')

[ 1099.313747] FAULT_INJECTION: forcing a failure.
[ 1099.313747] name failslab, interval 1, probability 0, space 0, times 0
[ 1099.314866] CPU: 1 UID: 0 PID: 8380 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1099.314883] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1099.314891] Call Trace:
[ 1099.314896]  <TASK>
[ 1099.314901]  dump_stack_lvl+0xfa/0x120
[ 1099.314922]  should_fail_ex+0x4d7/0x5e0
[ 1099.314945]  ? __kernfs_new_node+0xd3/0x870
[ 1099.314957]  should_failslab+0xc2/0x120
[ 1099.314977]  kmem_cache_alloc_noprof+0x5f/0x3d0
[ 1099.314994]  ? perf_trace_lock_acquire+0xc9/0x700
[ 1099.315014]  __kernfs_new_node+0xd3/0x870
[ 1099.315029]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1099.315044]  ? lock_acquire+0x15e/0x2f0
[ 1099.315057]  ? kernfs_root+0x23/0x2a0
[ 1099.315068]  ? find_held_lock+0x2b/0x80
[ 1099.315084]  ? kernfs_root+0xee/0x2a0
[ 1099.315095]  ? lock_release+0xc8/0x290
[ 1099.315106]  ? lock_is_held_type+0x9e/0x120
[ 1099.315124]  kernfs_new_node+0x13c/0x1e0
[ 1099.315141]  __kernfs_create_file+0x55/0x360
[ 1099.315160]  sysfs_add_file_mode_ns+0x21c/0x440
[ 1099.315182]  ? __pfx_slab_attr_store+0x10/0x10
[ 1099.315206]  internal_create_group+0x571/0xeb0
[ 1099.315226]  ? __pfx_internal_create_group+0x10/0x10
[ 1099.315248]  sysfs_slab_add+0x188/0x210
[ 1099.315266]  do_kmem_cache_create+0x235/0x5a0
[ 1099.315287]  __kmem_cache_create_args+0x20f/0x360
[ 1099.315299]  ? p9_client_create+0xd52/0x11b0
[ 1099.315318]  p9_client_create+0xdfc/0x11b0
[ 1099.315340]  ? __pfx_p9_client_create+0x10/0x10
[ 1099.315363]  ? trace_kmalloc+0x1f/0xb0
[ 1099.315375]  ? legacy_get_tree+0x109/0x220
[ 1099.315389]  ? vfs_get_tree+0x93/0x340
[ 1099.315404]  ? lockdep_init_map_type+0x4b/0x240
[ 1099.315418]  ? __raw_spin_lock_init+0x3a/0x110
[ 1099.315436]  v9fs_session_init+0x1df/0x17a0
[ 1099.315451]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1099.315475]  ? find_held_lock+0x2b/0x80
[ 1099.315490]  ? __create_object+0x59/0x80
[ 1099.315505]  ? __pfx_v9fs_session_init+0x10/0x10
[ 1099.315518]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1099.315537]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1099.315556]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1099.315574]  ? __create_object+0x59/0x80
[ 1099.315588]  ? trace_kmalloc+0x1f/0xb0
[ 1099.315599]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[ 1099.315613]  ? cred_has_capability.isra.0+0x1be/0x2c0
[ 1099.315634]  v9fs_mount+0xbc/0x9e0
[ 1099.315651]  ? __pfx_v9fs_mount+0x10/0x10
[ 1099.315669]  ? cap_capable+0xdb/0x3b0
[ 1099.315685]  ? __pfx_v9fs_mount+0x10/0x10
[ 1099.315701]  legacy_get_tree+0x109/0x220
[ 1099.315718]  vfs_get_tree+0x93/0x340
[ 1099.315733]  path_mount+0x122f/0x1db0
[ 1099.315753]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1099.315773]  ? __pfx_path_mount+0x10/0x10
[ 1099.315791]  ? kmem_cache_free+0x2a1/0x460
[ 1099.315807]  ? putname.part.0+0x11b/0x160
[ 1099.315825]  ? getname_flags.part.0+0x1c6/0x540
[ 1099.315841]  ? putname.part.0+0x11b/0x160
[ 1099.315857]  __x64_sys_mount+0x27b/0x300
[ 1099.315875]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1099.315901]  do_syscall_64+0xbf/0x360
[ 1099.315917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1099.315930] RIP: 0033:0x7fdbea32eb19
[ 1099.315940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1099.315952] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1099.315964] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[ 1099.315973] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[ 1099.315981] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[ 1099.315988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1099.315996] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[ 1099.316016]  </TASK>
[ 1099.344358] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1099.345158] CPU: 1 UID: 0 PID: 8371 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1099.345174] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1099.345180] Call Trace:
[ 1099.345188]  <TASK>
[ 1099.345193]  dump_stack_lvl+0xfa/0x120
[ 1099.345207]  dump_header+0x107/0x950
[ 1099.345227]  oom_kill_process+0x278/0xa00
[ 1099.345245]  out_of_memory+0x34b/0x1690
[ 1099.345265]  ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 1099.345283]  ? __pfx_out_of_memory+0x10/0x10
[ 1099.345306]  mem_cgroup_out_of_memory+0x164/0x190
[ 1099.345323]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1099.345346]  ? mark_held_locks+0x49/0x80
[ 1099.345362]  try_charge_memcg+0x81f/0xf30
[ 1099.345383]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1099.345405]  charge_memcg+0x7b/0x290
[ 1099.345420]  __mem_cgroup_charge+0x28/0x90
[ 1099.345436]  do_wp_page+0x58c/0x3240
[ 1099.345458]  ? __pfx_do_wp_page+0x10/0x10
[ 1099.345473]  ? do_raw_spin_lock+0x123/0x260
[ 1099.345488]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1099.345503]  ? ___pte_offset_map+0x176/0x370
[ 1099.345520]  __handle_mm_fault+0xde1/0x3030
[ 1099.345535]  ? reacquire_held_locks+0xd1/0x200
[ 1099.345547]  ? lock_vma_under_rcu+0x11e/0x530
[ 1099.345568]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1099.345584]  ? lock_vma_under_rcu+0x17b/0x530
[ 1099.345612]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1099.345636]  handle_mm_fault+0x2c3/0x900
[ 1099.345651]  ? access_error+0x17d/0x380
[ 1099.345668]  do_user_addr_fault+0x4fa/0xeb0
[ 1099.345687]  exc_page_fault+0xb0/0x180
[ 1099.345700]  asm_exc_page_fault+0x26/0x30
[ 1099.345711] RIP: 0033:0x7ff98baf30c5
[ 1099.345721] Code: 0f 1f 44 00 00 48 8b 57 18 48 83 fa ff 74 22 48 81 fa e7 03 00 00 0f 87 ee 00 00 00 48 c1 e2 04 48 8d 0d de 3f 16 00 48 01 ca <c6> 02 01 48 89 42 08 48 8b 53 10 4c 8d 2d 29 bf 56 00 4c 39 ea 0f
[ 1099.345732] RSP: 002b:00007ffc54e390e0 EFLAGS: 00010206
[ 1099.345741] RAX: 000000000000004e RBX: 00007ff98bc5af60 RCX: 00007ff98bc570a0
[ 1099.345749] RDX: 00007ff98bc570a0 RSI: 0000000000000080 RDI: 00007ff98bc5af60
[ 1099.345757] RBP: 00007ff98bc5af60 R08: 00007ff98bc37000 R09: 0000000000000000
[ 1099.345765] R10: 00007ffc54e391f0 R11: 0000000000000246 R12: 000000000010c548
[ 1099.345772] R13: 00000000000003e8 R14: 00007ff98bc5af60 R15: 000000000010c535
[ 1099.345792]  </TASK>
[ 1099.345807] memory: usage 307200kB, limit 307200kB, failcnt 2654
[ 1099.363094] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1099.363592] Memory cgroup stats for /syz0:
[ 1099.371789] anon 106496
[ 1099.372389] file 312950784
[ 1099.372627] kernel 1515520
[ 1099.372889] kernel_stack 65536
[ 1099.373151] pagetables 151552
[ 1099.373402] sec_pagetables 0
[ 1099.373646] percpu 128
[ 1099.373881] sock 0
[ 1099.374063] vmalloc 0
[ 1099.374262] shmem 312950784
[ 1099.374498] file_mapped 0
[ 1099.374721] file_dirty 0
[ 1099.374964] file_writeback 0
[ 1099.375212] swapcached 0
[ 1099.375428] inactive_anon 306511872
[ 1099.375715] active_anon 6545408
[ 1099.376000] inactive_file 0
[ 1099.376240] active_file 0
[ 1099.376467] unevictable 0
[ 1099.376697] slab_reclaimable 949040
[ 1099.377011] slab_unreclaimable 362976
[ 1099.377315] slab 1312016
[ 1099.377530] workingset_refault_anon 0
[ 1099.377849] workingset_refault_file 1
[ 1099.378156] workingset_activate_anon 0
[ 1099.378465] workingset_activate_file 0
[ 1099.378769] workingset_restore_anon 0
[ 1099.379092] workingset_restore_file 0
[ 1099.379399] workingset_nodereclaim 0
[ 1099.379691] pgdemote_kswapd 0
[ 1099.379965] pgdemote_direct 0
[ 1099.380218] pgdemote_khugepaged 0
[ 1099.380493] pgdemote_proactive 0
[ 1099.380773] pgscan 801
[ 1099.381005] pgsteal 9
[ 1099.381206] pswpin 0
[ 1099.381397] pswpout 0
[ 1099.381594] pgscan_kswapd 0
[ 1099.381846] pgscan_direct 801
[ 1099.382101] pgscan_khugepaged 0
[ 1099.382364] pgscan_proactive 0
[ 1099.382621] pgsteal_kswapd 0
[ 1099.382889] pgsteal_direct 9
[ 1099.383137] pgsteal_khugepaged 0
[ 1099.383406] pgsteal_proactive 0
[ 1099.383672] pgfault 87859
[ 1099.383918] pgmajfault 0
[ 1099.384138] pgrefill 768
[ 1099.384358] pgactivate 3833
[ 1099.384602] pgdeactivate 768
[ 1099.384871] pglazyfree 0
[ 1099.385091] pglazyfreed 0
[ 1099.385316] swpin_zero 0
[ 1099.385529] swpout_zero 0
[ 1099.385754] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8371,uid=0
[ 1099.386967] Memory cgroup out of memory: Killed process 8371 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
05:54:26 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x900000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[ 1099.394008] SLUB: Unable to add cache 9p-fcall-cache-120 to sysfs
[ 1099.394576] 9p: Unknown access argument 18446744073709551615: -34
05:54:26 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0x0, 0x9}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[ 1099.497493] 9pnet_fd: p9_fd_create_unix (8387): problem connecting socket: ./file0/file1: -2
[ 1099.885713] audit: type=1326 audit(1755410067.233:155): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8357 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:54:35 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
mlockall(0x5)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
shmdt(r1)
r2 = shmget$private(0x0, 0x5000, 0x0, &(0x7f0000ffb000/0x5000)=nil)
shmat(r2, &(0x7f0000ffb000/0x4000)=nil, 0x4000)
r3 = shmget$private(0x0, 0x5000, 0x0, &(0x7f0000ffb000/0x5000)=nil)
shmat(r3, &(0x7f0000ffb000/0x4000)=nil, 0x4000)
shmat(r3, &(0x7f0000ffe000/0x1000)=nil, 0x4000)
shmat(r3, &(0x7f00006aa000/0x2000)=nil, 0x2000)
shmat(r2, &(0x7f0000ffe000/0x1000)=nil, 0x4000)
shmat(r2, &(0x7f0000ffa000/0x4000)=nil, 0x2000)
madvise(&(0x7f0000705000/0x1000)=nil, 0x1000, 0x14)

05:54:35 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0xa000000, 0x0)

05:54:35 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010100)="000000000000000000000000e9", 0xd, 0x4de}, {&(0x7f0000010300)="02000000030000000400000066000f000300040000000000000000000f007f5c", 0x20, 0x2000000000800}, {&(0x7f0000000040)="ed41000000080000dff4655fe0f4655fe0f4655f000000000000040004", 0x1d, 0x2200}, {0x0}, {0x0}], 0x0, &(0x7f0000012c00))

05:54:35 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0x0, 0xf}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:54:35 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x905000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:54:35 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0xa)

05:54:35 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000540)='./file0/file1\x00', r0, &(0x7f0000000580)='./file0\x00', 0x400)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
r2 = syz_mount_image$msdos(&(0x7f0000000740), &(0x7f0000000780)='./file0/file0\x00', 0x9744, 0x4, &(0x7f0000000a80)=[{&(0x7f00000007c0)="db995920f9630b41d481d60a17a3023566befc958306150d62b54d7454da003b6d61672b8ed8a4c34a69f2d04066440684f2b74d19fff3bf70a71cfced7bff4323295b11596752c5d44050420714294c4789013b1047c7eb30dde83416c38cdcbd013758fe80476382ff5b9855799b1f881b9ab01a96a149bc4b84a471564ee99096e223c0d813d254557d0c67fcb1718f044f5b58d73c13230cee9f8f2d96c7f829852a8b76ee2af92498e0a151be12", 0xb0, 0x2}, {&(0x7f0000000880)="d9a05701ee1aecaf1eabe37f309cb9608779aa36b6eab121e728cb6cabf23445a163b2fba2760b70702d6a2beb20d959e420b28807523478e8ae5a10b7bc17f15cce5dbd36d6f0cb4e6cd96568645a3343c7f30280087678b5fcf88847a4ac1a3200644290a8b73cee78f8aca792c798764ca9dbbfc165b1ff8217f84199676a811cba56df65efa566db23620ea75ffebde3d4d433432602bb42e11403d3", 0x9e, 0x9}, {&(0x7f00000009c0)="80c9d4c0b305183fa4ef686aca49f24dad725404c2d57910079a81f969e2d5c1bf16c2b1a40d48b24cad373ab4fa88f41f68036d9e6ec4c40515969afbdd14f466f321abd0506f77e134762e30b78be1e1f4d3ae4311767bde33e30a8af793b0ad6bf1dee677bf35b5a24e2f84a8ac6a19c2f0e102b034f83613e9088735a4e9926659a119fc48455e15ea6a72864534cbfa247a59", 0x95, 0x1024}, {&(0x7f0000000940)="8408e33af53689e2a1acf5b58e9aacf0c9b31216bec82230a80a672b6ee422c54b50ac02cab9c5bc592702f4c885656ffb", 0x31, 0x5}], 0x12, &(0x7f0000000b00)={[{@fat=@flush}, {@fat=@usefree}, {@nodots}, {@nodots}, {@nodots}, {@fat=@check_strict}, {@dots}, {@nodots}], [{@fowner_lt={'fowner<', 0xee01}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@obj_role={'obj_role', 0x3d, 'smackfshat'}}]})
ioctl$AUTOFS_IOC_FAIL(r2, 0x9361, 0x4)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x40087602, &(0x7f0000000700)=0x8)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000c00)={0x0, 0x0, <r4=>0x0}, &(0x7f0000008600)=0xc)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000bc0)=0x7b1f, 0xfa3)
lstat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_unix(&(0x7f0000000280)='./file0/file1\x00', &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x8, &(0x7f0000000400)={'trans=unix,', {[{@access_user}, {@cachetag={'cachetag', 0x3d, '%]+:#^'}}, {@dfltgid={'dfltgid', 0x3d, r4}}, {@dfltuid={'dfltuid', 0x3d, r5}}, {@version_u}, {@cache_none}, {@fscache}, {@uname={'uname', 0x3d, ',[,%['}}, {@fscache}], [{@smackfshat={'smackfshat', 0x3d, 'tmpfs\x00'}}, {@euid_gt={'euid>', 0xffffffffffffffff}}, {@obj_type={'obj_type', 0x3d, 'security.evm\x00'}}, {@measure}]}})
statx(r0, &(0x7f00000000c0)='./file0/file0\x00', 0x6000, 0x40, &(0x7f0000000180))
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:54:35 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 94)

[ 1108.021629] audit: type=1326 audit(1755410075.369:156): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8396 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
[ 1108.037772] FAULT_INJECTION: forcing a failure.
[ 1108.037772] name failslab, interval 1, probability 0, space 0, times 0
[ 1108.038873] CPU: 1 UID: 0 PID: 8402 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1108.038891] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1108.038899] Call Trace:
[ 1108.038904]  <TASK>
[ 1108.038909]  dump_stack_lvl+0xfa/0x120
[ 1108.038929]  should_fail_ex+0x4d7/0x5e0
[ 1108.038952]  ? __kernfs_new_node+0xd3/0x870
[ 1108.038963]  should_failslab+0xc2/0x120
[ 1108.038983]  kmem_cache_alloc_noprof+0x5f/0x3d0
[ 1108.039001]  ? perf_trace_lock_acquire+0xc9/0x700
[ 1108.039020]  __kernfs_new_node+0xd3/0x870
[ 1108.039035]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1108.039050]  ? lock_acquire+0x15e/0x2f0
[ 1108.039062]  ? kernfs_root+0x23/0x2a0
[ 1108.039073]  ? find_held_lock+0x2b/0x80
[ 1108.039089]  ? kernfs_root+0xee/0x2a0
[ 1108.039100]  ? lock_release+0xc8/0x290
[ 1108.039110]  ? lock_is_held_type+0x9e/0x120
[ 1108.039128]  kernfs_new_node+0x13c/0x1e0
[ 1108.039145]  __kernfs_create_file+0x55/0x360
[ 1108.039164]  sysfs_add_file_mode_ns+0x21c/0x440
[ 1108.039185]  ? __pfx_slab_attr_store+0x10/0x10
[ 1108.039206]  internal_create_group+0x571/0xeb0
[ 1108.039224]  ? __pfx_internal_create_group+0x10/0x10
[ 1108.039246]  sysfs_slab_add+0x188/0x210
[ 1108.039264]  do_kmem_cache_create+0x235/0x5a0
[ 1108.039283]  __kmem_cache_create_args+0x20f/0x360
[ 1108.039296]  ? p9_client_create+0xd52/0x11b0
[ 1108.039314]  p9_client_create+0xdfc/0x11b0
[ 1108.039336]  ? __pfx_p9_client_create+0x10/0x10
[ 1108.039358]  ? trace_kmalloc+0x1f/0xb0
[ 1108.039370]  ? legacy_get_tree+0x109/0x220
[ 1108.039385]  ? vfs_get_tree+0x93/0x340
[ 1108.039399]  ? lockdep_init_map_type+0x4b/0x240
[ 1108.039413]  ? __raw_spin_lock_init+0x3a/0x110
[ 1108.039432]  v9fs_session_init+0x1df/0x17a0
[ 1108.039446]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1108.039470]  ? find_held_lock+0x2b/0x80
[ 1108.039485]  ? __create_object+0x59/0x80
[ 1108.039500]  ? __pfx_v9fs_session_init+0x10/0x10
[ 1108.039513]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1108.039531]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1108.039550]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1108.039568]  ? __create_object+0x59/0x80
[ 1108.039582]  ? trace_kmalloc+0x1f/0xb0
[ 1108.039594]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[ 1108.039608]  ? cred_has_capability.isra.0+0x1be/0x2c0
[ 1108.039628]  v9fs_mount+0xbc/0x9e0
[ 1108.039645]  ? __pfx_v9fs_mount+0x10/0x10
[ 1108.039663]  ? cap_capable+0xdb/0x3b0
[ 1108.039678]  ? __pfx_v9fs_mount+0x10/0x10
[ 1108.039694]  legacy_get_tree+0x109/0x220
[ 1108.039711]  vfs_get_tree+0x93/0x340
[ 1108.039726]  path_mount+0x122f/0x1db0
[ 1108.039745]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1108.039765]  ? __pfx_path_mount+0x10/0x10
[ 1108.039783]  ? kmem_cache_free+0x2a1/0x460
[ 1108.039799]  ? putname.part.0+0x11b/0x160
[ 1108.039817]  ? getname_flags.part.0+0x1c6/0x540
[ 1108.039833]  ? putname.part.0+0x11b/0x160
[ 1108.039849]  __x64_sys_mount+0x27b/0x300
[ 1108.039867]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1108.039892]  do_syscall_64+0xbf/0x360
[ 1108.039908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1108.039921] RIP: 0033:0x7fdbea32eb19
[ 1108.039931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1108.039943] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1108.039955] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[ 1108.039964] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[ 1108.039971] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[ 1108.039979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1108.039986] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[ 1108.040006]  </TASK>
[ 1108.074257] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1108.075060] CPU: 1 UID: 0 PID: 8395 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1108.075076] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1108.075083] Call Trace:
[ 1108.075087]  <TASK>
[ 1108.075092]  dump_stack_lvl+0xfa/0x120
[ 1108.075106]  dump_header+0x107/0x950
[ 1108.075127]  oom_kill_process+0x278/0xa00
[ 1108.075146]  out_of_memory+0x34b/0x1690
[ 1108.075167]  ? __pfx_out_of_memory+0x10/0x10
[ 1108.075191]  mem_cgroup_out_of_memory+0x164/0x190
[ 1108.075208]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1108.075232]  ? mark_held_locks+0x49/0x80
[ 1108.075248]  try_charge_memcg+0x81f/0xf30
[ 1108.075269]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1108.075291]  charge_memcg+0x7b/0x290
[ 1108.075306]  __mem_cgroup_charge+0x28/0x90
[ 1108.075323]  do_wp_page+0x58c/0x3240
[ 1108.075345]  ? __pfx_do_wp_page+0x10/0x10
[ 1108.075361]  ? do_raw_spin_lock+0x123/0x260
[ 1108.075376]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1108.075391]  ? ___pte_offset_map+0x176/0x370
[ 1108.075408]  __handle_mm_fault+0xde1/0x3030
[ 1108.075423]  ? reacquire_held_locks+0xd1/0x200
[ 1108.075435]  ? lock_vma_under_rcu+0x11e/0x530
[ 1108.075457]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1108.075473]  ? lock_vma_under_rcu+0x17b/0x530
[ 1108.075501]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1108.075525]  handle_mm_fault+0x2c3/0x900
[ 1108.075541]  ? access_error+0x17d/0x380
[ 1108.075559]  do_user_addr_fault+0x4fa/0xeb0
[ 1108.075577]  exc_page_fault+0xb0/0x180
[ 1108.075591]  asm_exc_page_fault+0x26/0x30
[ 1108.075602] RIP: 0033:0x7ff98baf5d30
[ 1108.075611] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1108.075623] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1108.075632] RAX: 00000000282bb3e7 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1108.075640] RDX: 0000001b2cf2004c RSI: ffffffff819e7e16 RDI: 0000000000000000
[ 1108.075648] RBP: 0000000000000001 R08: 00000000282bb3e7 R09: 0000001b2cf2001c
[ 1108.075656] R10: 00000000000013e7 R11: 00000000282bb3eb R12: 000000000000000b
[ 1108.075663] R13: 00007ff98bc4f000 R14: ffffffff819e7e16 R15: 00007ff98bc5aff0
[ 1108.075672]  ? apply_mlockall_flags+0x86/0x480
[ 1108.075696]  ? apply_mlockall_flags+0x86/0x480
[ 1108.075717]  </TASK>
[ 1108.075722] memory: usage 307200kB, limit 307200kB, failcnt 2673
[ 1108.094784] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1108.095334] Memory cgroup stats for /syz0:
[ 1108.097912] SLUB: Unable to add cache 9p-fcall-cache-121 to sysfs
[ 1108.099209] 9p: Unknown access argument 18446744073709551615: -34
[ 1108.100216] anon 131072
[ 1108.100446] file 312950784
[ 1108.100685] kernel 1490944
[ 1108.101138] kernel_stack 65536
[ 1108.101692] pagetables 147456
[ 1108.102162] sec_pagetables 0
[ 1108.102427] percpu 64
[ 1108.102635] sock 0
[ 1108.102993] vmalloc 0
[ 1108.103207] shmem 312950784
[ 1108.103452] file_mapped 0
[ 1108.103682] file_dirty 0
[ 1108.103925] file_writeback 0
[ 1108.104180] swapcached 0
[ 1108.104420] inactive_anon 306536448
[ 1108.104725] active_anon 6545408
[ 1108.105027] inactive_file 0
[ 1108.105294] active_file 0
[ 1108.105538] unevictable 0
[ 1108.105776] slab_reclaimable 949040
[ 1108.106114] slab_unreclaimable 343688
[ 1108.106458] slab 1292728
[ 1108.106702] workingset_refault_anon 0
[ 1108.107044] workingset_refault_file 1
[ 1108.107387] workingset_activate_anon 0
[ 1108.107736] workingset_activate_file 0
[ 1108.108103] workingset_restore_anon 0
[ 1108.108429] workingset_restore_file 0
[ 1108.108750] workingset_nodereclaim 0
[ 1108.109106] pgdemote_kswapd 0
[ 1108.109367] pgdemote_direct 0
[ 1108.109633] pgdemote_khugepaged 0
[ 1108.109953] pgdemote_proactive 0
[ 1108.110234] pgscan 801
[ 1108.110449] pgsteal 9
[ 1108.110654] pswpin 0
[ 1108.110882] pswpout 0
[ 1108.111095] pgscan_kswapd 0
[ 1108.111340] pgscan_direct 801
[ 1108.111612] pgscan_khugepaged 0
[ 1108.111917] pgscan_proactive 0
[ 1108.112203] pgsteal_kswapd 0
[ 1108.112459] pgsteal_direct 9
[ 1108.112736] pgsteal_khugepaged 0
[ 1108.113054] pgsteal_proactive 0
[ 1108.113347] pgfault 87910
[ 1108.113592] pgmajfault 0
[ 1108.113853] pgrefill 768
[ 1108.114090] pgactivate 3833
[ 1108.114345] pgdeactivate 768
[ 1108.114600] pglazyfree 0
[ 1108.114862] pglazyfreed 0
[ 1108.115105] swpin_zero 0
[ 1108.115347] swpout_zero 0
[ 1108.115582] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8395,uid=0
[ 1108.116841] Memory cgroup out of memory: Killed process 8395 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[ 1108.163687] 9pnet_fd: p9_fd_create_unix (8407): problem connecting socket: ./file0/file1: -2
05:54:35 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x907040000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:54:35 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
shmdt(r1)
shmat(r0, &(0x7f0000834000/0x1000)=nil, 0x0)

05:54:35 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0, <r1=>0x0}, &(0x7f0000000040)=0x5)
setuid(r1)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x1e0}], 0x0, &(0x7f0000000080)={[], [{@audit}, {@seclabel}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@subj_role}, {@obj_type={'obj_type', 0x3d, 'vfat\x00'}}, {@euid_lt={'euid<', r1}}]})

05:54:35 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 95)

05:54:35 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x10)

05:54:35 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0x0, 0x300}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[ 1108.280620] FAULT_INJECTION: forcing a failure.
[ 1108.280620] name failslab, interval 1, probability 0, space 0, times 0
[ 1108.281590] CPU: 1 UID: 0 PID: 8419 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1108.281607] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1108.281615] Call Trace:
[ 1108.281620]  <TASK>
[ 1108.281625]  dump_stack_lvl+0xfa/0x120
[ 1108.281646]  should_fail_ex+0x4d7/0x5e0
[ 1108.281669]  ? __kernfs_new_node+0xd3/0x870
[ 1108.281681]  should_failslab+0xc2/0x120
[ 1108.281701]  kmem_cache_alloc_noprof+0x5f/0x3d0
[ 1108.281718]  ? perf_trace_lock_acquire+0xc9/0x700
[ 1108.281738]  __kernfs_new_node+0xd3/0x870
[ 1108.281753]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1108.281768]  ? lock_acquire+0x15e/0x2f0
[ 1108.281780]  ? kernfs_root+0x23/0x2a0
[ 1108.281792]  ? find_held_lock+0x2b/0x80
[ 1108.281811]  ? kernfs_root+0xee/0x2a0
[ 1108.281822]  ? lock_release+0xc8/0x290
[ 1108.281833]  ? lock_is_held_type+0x9e/0x120
[ 1108.281851]  kernfs_new_node+0x13c/0x1e0
[ 1108.281868]  __kernfs_create_file+0x55/0x360
[ 1108.281887]  sysfs_add_file_mode_ns+0x21c/0x440
[ 1108.281909]  ? __pfx_slab_attr_store+0x10/0x10
[ 1108.281930]  internal_create_group+0x571/0xeb0
[ 1108.281949]  ? __pfx_internal_create_group+0x10/0x10
[ 1108.281971]  sysfs_slab_add+0x188/0x210
[ 1108.281989]  do_kmem_cache_create+0x235/0x5a0
[ 1108.282009]  __kmem_cache_create_args+0x20f/0x360
[ 1108.282021]  ? p9_client_create+0xd52/0x11b0
[ 1108.282040]  p9_client_create+0xdfc/0x11b0
[ 1108.282062]  ? __pfx_p9_client_create+0x10/0x10
[ 1108.282084]  ? trace_kmalloc+0x1f/0xb0
[ 1108.282097]  ? legacy_get_tree+0x109/0x220
[ 1108.282111]  ? vfs_get_tree+0x93/0x340
[ 1108.282126]  ? lockdep_init_map_type+0x4b/0x240
[ 1108.282139]  ? __raw_spin_lock_init+0x3a/0x110
[ 1108.282158]  v9fs_session_init+0x1df/0x17a0
[ 1108.282173]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1108.282196]  ? find_held_lock+0x2b/0x80
[ 1108.282212]  ? __create_object+0x59/0x80
[ 1108.282226]  ? __pfx_v9fs_session_init+0x10/0x10
[ 1108.282240]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1108.282258]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1108.282276]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1108.282295]  ? __create_object+0x59/0x80
[ 1108.282309]  ? trace_kmalloc+0x1f/0xb0
[ 1108.282320]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[ 1108.282334]  ? cred_has_capability.isra.0+0x1be/0x2c0
[ 1108.282354]  v9fs_mount+0xbc/0x9e0
[ 1108.282372]  ? __pfx_v9fs_mount+0x10/0x10
[ 1108.282390]  ? cap_capable+0xdb/0x3b0
[ 1108.282405]  ? __pfx_v9fs_mount+0x10/0x10
[ 1108.282421]  legacy_get_tree+0x109/0x220
[ 1108.282437]  vfs_get_tree+0x93/0x340
[ 1108.282452]  path_mount+0x122f/0x1db0
[ 1108.282472]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1108.282492]  ? __pfx_path_mount+0x10/0x10
[ 1108.282510]  ? kmem_cache_free+0x2a1/0x460
[ 1108.282526]  ? putname.part.0+0x11b/0x160
[ 1108.282540]  ? getname_flags.part.0+0x1c6/0x540
[ 1108.282556]  ? putname.part.0+0x11b/0x160
[ 1108.282572]  __x64_sys_mount+0x27b/0x300
[ 1108.282590]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1108.282615]  do_syscall_64+0xbf/0x360
[ 1108.282631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1108.282644] RIP: 0033:0x7fdbea32eb19
[ 1108.282654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1108.282666] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1108.282678] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[ 1108.282687] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[ 1108.282694] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[ 1108.282701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1108.282709] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[ 1108.282729]  </TASK>
[ 1108.317069] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1108.317996] CPU: 1 UID: 0 PID: 8413 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1108.318011] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1108.318018] Call Trace:
[ 1108.318022]  <TASK>
[ 1108.318027]  dump_stack_lvl+0xfa/0x120
[ 1108.318041]  dump_header+0x107/0x950
[ 1108.318061]  oom_kill_process+0x278/0xa00
[ 1108.318079]  out_of_memory+0x34b/0x1690
[ 1108.318100]  ? __pfx_out_of_memory+0x10/0x10
[ 1108.318123]  mem_cgroup_out_of_memory+0x164/0x190
[ 1108.318140]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1108.318163]  ? mark_held_locks+0x49/0x80
[ 1108.318182]  try_charge_memcg+0x81f/0xf30
[ 1108.318205]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1108.318227]  charge_memcg+0x7b/0x290
[ 1108.318242]  __mem_cgroup_charge+0x28/0x90
[ 1108.318259]  do_wp_page+0x58c/0x3240
[ 1108.318281]  ? __pfx_do_wp_page+0x10/0x10
[ 1108.318296]  ? do_raw_spin_lock+0x123/0x260
[ 1108.318311]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1108.318326]  ? ___pte_offset_map+0x176/0x370
[ 1108.318343]  __handle_mm_fault+0xde1/0x3030
[ 1108.318358]  ? reacquire_held_locks+0xd1/0x200
[ 1108.318370]  ? lock_vma_under_rcu+0x11e/0x530
[ 1108.318391]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1108.318408]  ? lock_vma_under_rcu+0x17b/0x530
[ 1108.318435]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1108.318459]  handle_mm_fault+0x2c3/0x900
[ 1108.318474]  ? access_error+0x17d/0x380
[ 1108.318492]  do_user_addr_fault+0x4fa/0xeb0
[ 1108.318511]  exc_page_fault+0xb0/0x180
[ 1108.318524]  asm_exc_page_fault+0x26/0x30
[ 1108.318535] RIP: 0033:0x7ff98baf5d30
[ 1108.318544] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1108.318555] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1108.318564] RAX: 000000004137ace7 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1108.318572] RDX: 0000001b2cf20018 RSI: ffffffff819ee58d RDI: 0000000000000000
[ 1108.318580] RBP: 0000000000000001 R08: 000000004137ace7 R09: 0000001b2cf2001c
[ 1108.318588] R10: 0000000000000ce7 R11: 000000004137aceb R12: 0000000000000000
[ 1108.318595] R13: 00007ff98bc4f000 R14: ffffffff819ee58d R15: 00007ff98bc5aff0
[ 1108.318604]  ? __x64_sys_mlockall+0xd/0x40
[ 1108.318620]  ? __x64_sys_mlockall+0xd/0x40
[ 1108.318634]  </TASK>
[ 1108.318639] memory: usage 307200kB, limit 307200kB, failcnt 2708
[ 1108.337296] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
05:54:35 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000540)='./file0/file1\x00', r0, &(0x7f0000000580)='./file0\x00', 0x400)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
r2 = syz_mount_image$msdos(&(0x7f0000000740), &(0x7f0000000780)='./file0/file0\x00', 0x9744, 0x4, &(0x7f0000000a80)=[{&(0x7f00000007c0)="db995920f9630b41d481d60a17a3023566befc958306150d62b54d7454da003b6d61672b8ed8a4c34a69f2d04066440684f2b74d19fff3bf70a71cfced7bff4323295b11596752c5d44050420714294c4789013b1047c7eb30dde83416c38cdcbd013758fe80476382ff5b9855799b1f881b9ab01a96a149bc4b84a471564ee99096e223c0d813d254557d0c67fcb1718f044f5b58d73c13230cee9f8f2d96c7f829852a8b76ee2af92498e0a151be12", 0xb0, 0x2}, {&(0x7f0000000880)="d9a05701ee1aecaf1eabe37f309cb9608779aa36b6eab121e728cb6cabf23445a163b2fba2760b70702d6a2beb20d959e420b28807523478e8ae5a10b7bc17f15cce5dbd36d6f0cb4e6cd96568645a3343c7f30280087678b5fcf88847a4ac1a3200644290a8b73cee78f8aca792c798764ca9dbbfc165b1ff8217f84199676a811cba56df65efa566db23620ea75ffebde3d4d433432602bb42e11403d3", 0x9e, 0x9}, {&(0x7f00000009c0)="80c9d4c0b305183fa4ef686aca49f24dad725404c2d57910079a81f969e2d5c1bf16c2b1a40d48b24cad373ab4fa88f41f68036d9e6ec4c40515969afbdd14f466f321abd0506f77e134762e30b78be1e1f4d3ae4311767bde33e30a8af793b0ad6bf1dee677bf35b5a24e2f84a8ac6a19c2f0e102b034f83613e9088735a4e9926659a119fc48455e15ea6a72864534cbfa247a59", 0x95, 0x1024}, {&(0x7f0000000940)="8408e33af53689e2a1acf5b58e9aacf0c9b31216bec82230a80a672b6ee422c54b50ac02cab9c5bc592702f4c885656ffb", 0x31, 0x5}], 0x12, &(0x7f0000000b00)={[{@fat=@flush}, {@fat=@usefree}, {@nodots}, {@nodots}, {@nodots}, {@fat=@check_strict}, {@dots}, {@nodots}], [{@fowner_lt={'fowner<', 0xee01}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@obj_role={'obj_role', 0x3d, 'smackfshat'}}]})
ioctl$AUTOFS_IOC_FAIL(r2, 0x9361, 0x4)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x40087602, &(0x7f0000000700)=0x8)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000c00)={0x0, 0x0, <r4=>0x0}, &(0x7f0000008600)=0xc)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000bc0)=0x7b1f, 0xfa3)
lstat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_unix(&(0x7f0000000280)='./file0/file1\x00', &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x8, &(0x7f0000000400)={'trans=unix,', {[{@access_user}, {@cachetag={'cachetag', 0x3d, '%]+:#^'}}, {@dfltgid={'dfltgid', 0x3d, r4}}, {@dfltuid={'dfltuid', 0x3d, r5}}, {@version_u}, {@cache_none}, {@fscache}, {@uname={'uname', 0x3d, ',[,%['}}, {@fscache}], [{@smackfshat={'smackfshat', 0x3d, 'tmpfs\x00'}}, {@euid_gt={'euid>', 0xffffffffffffffff}}, {@obj_type={'obj_type', 0x3d, 'security.evm\x00'}}, {@measure}]}})
unlink(&(0x7f0000000080)='./file0/file0\x00')

[ 1108.337791] Memory cgroup stats for /syz0:
[ 1108.352949] anon 106496
[ 1108.353517] file 312950784
[ 1108.353753] kernel 1515520
[ 1108.354035] kernel_stack 65536
[ 1108.354302] pagetables 151552
[ 1108.354558] sec_pagetables 0
[ 1108.354870] percpu 128
[ 1108.355085] sock 0
[ 1108.355270] vmalloc 0
[ 1108.355474] shmem 312950784
[ 1108.355714] file_mapped 0
[ 1108.355967] file_dirty 0
[ 1108.356192] file_writeback 0
[ 1108.356443] swapcached 0
[ 1108.356664] inactive_anon 306511872
[ 1108.356991] active_anon 6545408
[ 1108.357269] inactive_file 0
[ 1108.357512] active_file 0
[ 1108.357739] unevictable 0
[ 1108.357990] slab_reclaimable 949040
[ 1108.358290] slab_unreclaimable 363896
[ 1108.358598] slab 1312936
[ 1108.358841] workingset_refault_anon 0
[ 1108.359152] workingset_refault_file 1
[ 1108.359466] workingset_activate_anon 0
[ 1108.359779] workingset_activate_file 0
[ 1108.360127] workingset_restore_anon 0
[ 1108.360438] workingset_restore_file 0
[ 1108.360750] workingset_nodereclaim 0
[ 1108.361084] pgdemote_kswapd 0
[ 1108.361350] pgdemote_direct 0
[ 1108.361608] pgdemote_khugepaged 0
[ 1108.361910] pgdemote_proactive 0
[ 1108.362194] pgscan 801
[ 1108.362404] pgsteal 9
[ 1108.362604] pswpin 0
[ 1108.362799] pswpout 0
[ 1108.363028] pgscan_kswapd 0
[ 1108.363272] pgscan_direct 801
[ 1108.363531] pgscan_khugepaged 0
[ 1108.363803] pgscan_proactive 0
[ 1108.364098] pgsteal_kswapd 0
[ 1108.364350] pgsteal_direct 9
[ 1108.364600] pgsteal_khugepaged 0
[ 1108.365008] pgsteal_proactive 0
[ 1108.365282] pgfault 87949
[ 1108.365511] pgmajfault 0
[ 1108.365736] pgrefill 768
[ 1108.366073] pgactivate 3833
[ 1108.366323] pgdeactivate 768
[ 1108.366571] pglazyfree 0
[ 1108.366795] pglazyfreed 0
[ 1108.367141] swpin_zero 0
[ 1108.367365] swpout_zero 0
[ 1108.367596] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8413,uid=0
[ 1108.368904] Memory cgroup out of memory: Killed process 8413 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
05:54:35 executing program 1:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
add_key$keyring(&(0x7f0000000180), 0x0, 0x0, 0x0, 0xffffffffffffffff)
r0 = creat(&(0x7f0000000300)='./file0\x00', 0x42)
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0xff, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3f}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfb5e, 0x0, 0x81}, 0xffffffffffffffff, 0x4, 0xffffffffffffffff, 0x0)
write(r0, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c", 0xc5)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
sendfile(r0, r1, 0x0, 0xfdef)
keyctl$read(0xb, 0x0, 0x0, 0x0)

05:54:35 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xa00000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[ 1108.389186] SLUB: Unable to add cache 9p-fcall-cache-122 to sysfs
[ 1108.389769] 9p: Unknown access argument 18446744073709551615: -34
[ 1108.410757] 9pnet_fd: p9_fd_create_unix (8426): problem connecting socket: ./file0/file1: -2
[ 1108.845489] audit: type=1326 audit(1755410076.193:157): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8396 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:54:45 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000540)='./file0/file1\x00', r0, &(0x7f0000000580)='./file0\x00', 0x400)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
r2 = syz_mount_image$msdos(&(0x7f0000000740), &(0x7f0000000780)='./file0/file0\x00', 0x9744, 0x4, &(0x7f0000000a80)=[{&(0x7f00000007c0)="db995920f9630b41d481d60a17a3023566befc958306150d62b54d7454da003b6d61672b8ed8a4c34a69f2d04066440684f2b74d19fff3bf70a71cfced7bff4323295b11596752c5d44050420714294c4789013b1047c7eb30dde83416c38cdcbd013758fe80476382ff5b9855799b1f881b9ab01a96a149bc4b84a471564ee99096e223c0d813d254557d0c67fcb1718f044f5b58d73c13230cee9f8f2d96c7f829852a8b76ee2af92498e0a151be12", 0xb0, 0x2}, {&(0x7f0000000880)="d9a05701ee1aecaf1eabe37f309cb9608779aa36b6eab121e728cb6cabf23445a163b2fba2760b70702d6a2beb20d959e420b28807523478e8ae5a10b7bc17f15cce5dbd36d6f0cb4e6cd96568645a3343c7f30280087678b5fcf88847a4ac1a3200644290a8b73cee78f8aca792c798764ca9dbbfc165b1ff8217f84199676a811cba56df65efa566db23620ea75ffebde3d4d433432602bb42e11403d3", 0x9e, 0x9}, {&(0x7f00000009c0)="80c9d4c0b305183fa4ef686aca49f24dad725404c2d57910079a81f969e2d5c1bf16c2b1a40d48b24cad373ab4fa88f41f68036d9e6ec4c40515969afbdd14f466f321abd0506f77e134762e30b78be1e1f4d3ae4311767bde33e30a8af793b0ad6bf1dee677bf35b5a24e2f84a8ac6a19c2f0e102b034f83613e9088735a4e9926659a119fc48455e15ea6a72864534cbfa247a59", 0x95, 0x1024}, {&(0x7f0000000940)="8408e33af53689e2a1acf5b58e9aacf0c9b31216bec82230a80a672b6ee422c54b50ac02cab9c5bc592702f4c885656ffb", 0x31, 0x5}], 0x12, &(0x7f0000000b00)={[{@fat=@flush}, {@fat=@usefree}, {@nodots}, {@nodots}, {@nodots}, {@fat=@check_strict}, {@dots}, {@nodots}], [{@fowner_lt={'fowner<', 0xee01}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@obj_role={'obj_role', 0x3d, 'smackfshat'}}]})
ioctl$AUTOFS_IOC_FAIL(r2, 0x9361, 0x4)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x40087602, &(0x7f0000000700)=0x8)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000c00), &(0x7f0000008600)=0xc)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000bc0)=0x7b1f, 0xfa3)
lstat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380))
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:54:45 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 96)

05:54:45 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xa05000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:54:45 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0x0, 0x500}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:54:45 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x300)

05:54:45 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0xf000000, 0x0)

05:54:45 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
accept4$bt_l2cap(r1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xc0, 0x40, 0x4, 0x7, 0x0, 0x7fff, 0x44030, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x5, 0x1, @perf_bp, 0x54b40, 0x81, 0x6979, 0x9, 0x10000, 0x1, 0x9, 0x0, 0x59, 0x0, 0x7fff}, 0x0, 0x8, r0, 0xa)

05:54:45 executing program 1:
syz_emit_ethernet(0x4a, &(0x7f00000000c0)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @source_quench={0x3, 0x0, 0x0, 0x0, {0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @dev, @loopback, {[@timestamp_addr={0x44, 0xc, 0xc9, 0x1, 0x7, [{@loopback, 0x3ff}]}]}}}}}}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x7ff}}, './file0\x00'})
recvmmsg(r0, &(0x7f0000001c80)=[{{&(0x7f0000000040)=@ieee802154={0x24, @short}, 0x80, &(0x7f0000000180), 0x0, &(0x7f00000001c0)=""/173, 0xad}, 0x200}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000280)=""/235, 0xeb}, {&(0x7f0000000380)=""/245, 0xf5}, {&(0x7f0000000480)=""/121, 0x79}, {&(0x7f0000000500)=""/251, 0xfb}, {&(0x7f0000000600)=""/6, 0x6}, {&(0x7f0000000640)=""/87, 0x57}, {&(0x7f00000006c0)=""/96, 0x60}, {&(0x7f0000000740)=""/4, 0x4}], 0x8, &(0x7f0000000800)=""/156, 0x9c}, 0x5}, {{&(0x7f00000008c0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, 0x80, &(0x7f0000001b40)=[{&(0x7f0000000940)=""/62, 0x3e}, {&(0x7f0000000980)=""/4096, 0x1000}, {&(0x7f0000001980)=""/74, 0x4a}, {&(0x7f0000001a00)=""/79, 0x4f}, {&(0x7f0000001a80)=""/171, 0xab}], 0x5, &(0x7f0000001bc0)=""/132, 0x84}, 0x2}], 0x3, 0x40000000, &(0x7f0000001d40))

05:54:45 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0xc00000, 0x200, &(0x7f0000400000/0xc00000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
shmdt(r1)
get_mempolicy(&(0x7f0000000000), &(0x7f0000000080), 0xffffffffffffffff, &(0x7f0000f98000/0x1000)=nil, 0x1)

[ 1118.206771] FAULT_INJECTION: forcing a failure.
[ 1118.206771] name failslab, interval 1, probability 0, space 0, times 0
[ 1118.208090] CPU: 0 UID: 0 PID: 8446 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1118.208107] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1118.208115] Call Trace:
[ 1118.208120]  <TASK>
[ 1118.208126]  dump_stack_lvl+0xfa/0x120
[ 1118.208149]  should_fail_ex+0x4d7/0x5e0
[ 1118.208177]  ? __kernfs_new_node+0xd3/0x870
[ 1118.208189]  should_failslab+0xc2/0x120
[ 1118.208212]  kmem_cache_alloc_noprof+0x5f/0x3d0
[ 1118.208228]  ? perf_trace_run_bpf_submit+0xef/0x180
[ 1118.208259]  __kernfs_new_node+0xd3/0x870
[ 1118.208280]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1118.208301]  ? lock_acquire+0x15e/0x2f0
[ 1118.208316]  ? kernfs_root+0x23/0x2a0
[ 1118.208329]  ? find_held_lock+0x2b/0x80
[ 1118.208349]  ? kernfs_root+0xee/0x2a0
[ 1118.208361]  ? lock_release+0xc8/0x290
[ 1118.208372]  ? lock_is_held_type+0x9e/0x120
[ 1118.208398]  kernfs_new_node+0x13c/0x1e0
[ 1118.208423]  __kernfs_create_file+0x55/0x360
[ 1118.208449]  sysfs_add_file_mode_ns+0x21c/0x440
[ 1118.208476]  ? __pfx_slab_attr_store+0x10/0x10
[ 1118.208502]  internal_create_group+0x571/0xeb0
[ 1118.208531]  ? __pfx_internal_create_group+0x10/0x10
[ 1118.208567]  sysfs_slab_add+0x188/0x210
[ 1118.208590]  do_kmem_cache_create+0x235/0x5a0
[ 1118.208615]  __kmem_cache_create_args+0x20f/0x360
[ 1118.208628]  ? p9_client_create+0xd52/0x11b0
[ 1118.208653]  p9_client_create+0xdfc/0x11b0
[ 1118.208684]  ? __pfx_p9_client_create+0x10/0x10
[ 1118.208717]  ? trace_kmalloc+0x1f/0xb0
[ 1118.208731]  ? legacy_get_tree+0x109/0x220
[ 1118.208746]  ? vfs_get_tree+0x93/0x340
[ 1118.208763]  ? lockdep_init_map_type+0x4b/0x240
[ 1118.208779]  ? __raw_spin_lock_init+0x3a/0x110
[ 1118.208805]  v9fs_session_init+0x1df/0x17a0
[ 1118.208829]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1118.208859]  ? find_held_lock+0x2b/0x80
[ 1118.208877]  ? __create_object+0x59/0x80
[ 1118.208896]  ? __pfx_v9fs_session_init+0x10/0x10
[ 1118.208910]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1118.208930]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1118.208952]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1118.208973]  ? __create_object+0x59/0x80
[ 1118.208992]  ? trace_kmalloc+0x1f/0xb0
[ 1118.209003]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[ 1118.209018]  ? cred_has_capability.isra.0+0x1be/0x2c0
[ 1118.209050]  v9fs_mount+0xbc/0x9e0
[ 1118.209071]  ? __pfx_v9fs_mount+0x10/0x10
[ 1118.209094]  ? cap_capable+0xdb/0x3b0
[ 1118.209113]  ? __pfx_v9fs_mount+0x10/0x10
[ 1118.209132]  legacy_get_tree+0x109/0x220
[ 1118.209155]  vfs_get_tree+0x93/0x340
[ 1118.209173]  path_mount+0x122f/0x1db0
[ 1118.209197]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1118.209221]  ? __pfx_path_mount+0x10/0x10
[ 1118.209242]  ? kmem_cache_free+0x2a1/0x460
[ 1118.209260]  ? putname.part.0+0x11b/0x160
[ 1118.209276]  ? getname_flags.part.0+0x1c6/0x540
[ 1118.209297]  ? putname.part.0+0x11b/0x160
[ 1118.209321]  __x64_sys_mount+0x27b/0x300
[ 1118.209343]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1118.209381]  do_syscall_64+0xbf/0x360
[ 1118.209400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1118.209414] RIP: 0033:0x7fdbea32eb19
[ 1118.209425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1118.209437] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1118.209460] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[ 1118.209470] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[ 1118.209478] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[ 1118.209486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1118.209493] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[ 1118.209529]  </TASK>
[ 1118.252237] audit: type=1326 audit(1755410085.593:158): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8440 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:54:45 executing program 1:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/hci\x00')
r1 = creat(&(0x7f0000000080)='./file1\x00', 0x0)
lseek(r1, 0x0, 0x3)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x1)
ioctl$F2FS_IOC_DEFRAGMENT(r0, 0xc010f508, &(0x7f00000000c0)={0x2, 0x47})

[ 1118.290605] SLUB: Unable to add cache 9p-fcall-cache-123 to sysfs
[ 1118.293624] 9p: Unknown access argument 18446744073709551615: -34
05:54:45 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xa30000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:54:45 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 97)

05:54:45 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000540)='./file0/file1\x00', r0, &(0x7f0000000580)='./file0\x00', 0x400)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
r2 = syz_mount_image$msdos(&(0x7f0000000740), &(0x7f0000000780)='./file0/file0\x00', 0x9744, 0x4, &(0x7f0000000a80)=[{&(0x7f00000007c0)="db995920f9630b41d481d60a17a3023566befc958306150d62b54d7454da003b6d61672b8ed8a4c34a69f2d04066440684f2b74d19fff3bf70a71cfced7bff4323295b11596752c5d44050420714294c4789013b1047c7eb30dde83416c38cdcbd013758fe80476382ff5b9855799b1f881b9ab01a96a149bc4b84a471564ee99096e223c0d813d254557d0c67fcb1718f044f5b58d73c13230cee9f8f2d96c7f829852a8b76ee2af92498e0a151be12", 0xb0, 0x2}, {&(0x7f0000000880)="d9a05701ee1aecaf1eabe37f309cb9608779aa36b6eab121e728cb6cabf23445a163b2fba2760b70702d6a2beb20d959e420b28807523478e8ae5a10b7bc17f15cce5dbd36d6f0cb4e6cd96568645a3343c7f30280087678b5fcf88847a4ac1a3200644290a8b73cee78f8aca792c798764ca9dbbfc165b1ff8217f84199676a811cba56df65efa566db23620ea75ffebde3d4d433432602bb42e11403d3", 0x9e, 0x9}, {&(0x7f00000009c0)="80c9d4c0b305183fa4ef686aca49f24dad725404c2d57910079a81f969e2d5c1bf16c2b1a40d48b24cad373ab4fa88f41f68036d9e6ec4c40515969afbdd14f466f321abd0506f77e134762e30b78be1e1f4d3ae4311767bde33e30a8af793b0ad6bf1dee677bf35b5a24e2f84a8ac6a19c2f0e102b034f83613e9088735a4e9926659a119fc48455e15ea6a72864534cbfa247a59", 0x95, 0x1024}, {&(0x7f0000000940)="8408e33af53689e2a1acf5b58e9aacf0c9b31216bec82230a80a672b6ee422c54b50ac02cab9c5bc592702f4c885656ffb", 0x31, 0x5}], 0x12, &(0x7f0000000b00)={[{@fat=@flush}, {@fat=@usefree}, {@nodots}, {@nodots}, {@nodots}, {@fat=@check_strict}, {@dots}, {@nodots}], [{@fowner_lt={'fowner<', 0xee01}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@obj_role={'obj_role', 0x3d, 'smackfshat'}}]})
ioctl$AUTOFS_IOC_FAIL(r2, 0x9361, 0x4)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x40087602, &(0x7f0000000700)=0x8)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000c00), &(0x7f0000008600)=0xc)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000bc0)=0x7b1f, 0xfa3)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:54:45 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0x0, 0x600}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[ 1118.375673] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
05:54:45 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f00000004c0)=""/171, 0xab, 0x13)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
sendfile(r1, r0, 0x0, 0xad)
setsockopt$WPAN_WANTACK(r0, 0x0, 0x0, &(0x7f0000000100)=0x1, 0x4)
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)
perf_event_open(&(0x7f0000000280)={0x2, 0x80, 0x3, 0x2, 0x0, 0x8, 0x0, 0x2d, 0x88001, 0x9, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x4c, 0x4, @perf_bp={&(0x7f0000000080), 0xa}, 0x2000, 0x4, 0xffffffff, 0x3, 0x8, 0x2, 0x4, 0x0, 0x3, 0x0, 0x10001}, 0xffffffffffffffff, 0xd, r2, 0x2)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0x14, &(0x7f0000000180)=0xc9eb, 0x4)
sendmmsg$sock(r3, &(0x7f0000000600)=[{{&(0x7f0000000200)=@nfc={0x27, 0x2}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000340)="cb0e3047c20e3e0f1385b4e242bcc907270b8ced2a53694c600920fc3a871614102a776c966ec592049e2162a0d21443977f03b6c7d9bf18dfb1b4495c4b7d573f0be7dafa917230c7d266b9377aa6bf19a1a4dde183755df89b6562201c846eff7ce1e9e09d7d69508cae7fc2b39fb7d1a88b4ddd1c7ceea018a0ccb2ff1abbbb4307120eeff4560a31cfc389a3be87c918d6e97d0b4107a509ad934724e0c6c2f02eb95b58f2a3f94550449eada74483bcc1f38ca01e22426facaf2736c56452d1262847901bee85a2a787df917d4194f84b9b60ac6d341813e4eaaf26c42c56b9a64ac52f5134de94a78b4ea7a49dbc942e4b6420cd44fd9c097a7c142079b69d9900389ee60e0802e2424da4b76590aad742e6bbdc4b15363b932b390774bc47ca4ff0a518b43d32c92afdc866ffa452f5d66c6ce70c99a2f1ac966ec728a401c4b7dd72f82c7a181c08dc23338e029b5b91fc8a0baf9271a85dfe79470000000000000000dcc390f3c0de81193648511046583fed48", 0x178}], 0x1}}], 0x1, 0x0)
lsetxattr$security_selinux(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f0000000140)='system_u:object_r:crack_db_t:s0\x00', 0x20, 0x3)

[ 1118.377245] CPU: 1 UID: 0 PID: 8455 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1118.377275] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1118.377288] Call Trace:
[ 1118.377296]  <TASK>
[ 1118.377305]  dump_stack_lvl+0xfa/0x120
[ 1118.377337]  dump_header+0x107/0x950
[ 1118.377373]  oom_kill_process+0x278/0xa00
[ 1118.377405]  out_of_memory+0x34b/0x1690
[ 1118.377443]  ? __pfx_out_of_memory+0x10/0x10
[ 1118.377497]  mem_cgroup_out_of_memory+0x164/0x190
[ 1118.377530]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1118.377572]  ? mark_held_locks+0x49/0x80
[ 1118.377603]  try_charge_memcg+0x81f/0xf30
[ 1118.377640]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1118.377679]  charge_memcg+0x7b/0x290
[ 1118.377706]  __mem_cgroup_charge+0x28/0x90
[ 1118.377737]  do_wp_page+0x58c/0x3240
[ 1118.377775]  ? __pfx_do_wp_page+0x10/0x10
[ 1118.377802]  ? do_raw_spin_lock+0x123/0x260
[ 1118.377837]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1118.377864]  ? ___pte_offset_map+0x176/0x370
[ 1118.377894]  __handle_mm_fault+0xde1/0x3030
[ 1118.377921]  ? reacquire_held_locks+0xd1/0x200
[ 1118.377943]  ? lock_vma_under_rcu+0x11e/0x530
[ 1118.377980]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1118.378010]  ? lock_vma_under_rcu+0x17b/0x530
[ 1118.378059]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1118.378102]  handle_mm_fault+0x2c3/0x900
[ 1118.378130]  ? access_error+0x17d/0x380
[ 1118.378161]  do_user_addr_fault+0x4fa/0xeb0
[ 1118.378193]  exc_page_fault+0xb0/0x180
[ 1118.378217]  asm_exc_page_fault+0x26/0x30
[ 1118.378239] RIP: 0033:0x7ff98baf5d30
[ 1118.378257] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1118.378279] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1118.378296] RAX: 00000000282bb3e7 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1118.378311] RDX: 0000001b2cf2004c RSI: ffffffff819e7e16 RDI: 0000000000000000
[ 1118.378325] RBP: 0000000000000001 R08: 00000000282bb3e7 R09: 0000001b2cf2001c
[ 1118.378339] R10: 00000000000013e7 R11: 00000000282bb3eb R12: 000000000000000b
[ 1118.378353] R13: 00007ff98bc4f000 R14: ffffffff819e7e16 R15: 00007ff98bc5aff0
[ 1118.378368]  ? apply_mlockall_flags+0x86/0x480
[ 1118.378410]  ? apply_mlockall_flags+0x86/0x480
[ 1118.378447]  </TASK>
[ 1118.411626] memory: usage 307200kB, limit 307200kB, failcnt 2729
[ 1118.412610] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1118.413623] Memory cgroup stats for /syz0:
[ 1118.427639] anon 131072
[ 1118.429289] file 312950784
[ 1118.429745] kernel 1490944
[ 1118.430262] kernel_stack 65536
[ 1118.430764] pagetables 147456
[ 1118.431299] sec_pagetables 0
[ 1118.431767] percpu 64
[ 1118.432207] sock 0
[ 1118.432554] vmalloc 0
[ 1118.432979] shmem 312950784
[ 1118.433445] file_mapped 0
[ 1118.433949] file_dirty 0
[ 1118.434366] file_writeback 0
[ 1118.434860] swapcached 0
[ 1118.435288] inactive_anon 306503680
[ 1118.435887] active_anon 6545408
[ 1118.436430] inactive_file 0
[ 1118.436951] active_file 0
[ 1118.437383] unevictable 0
[ 1118.437854] slab_reclaimable 949040
[ 1118.438415] slab_unreclaimable 343688
[ 1118.439032] slab 1292728
[ 1118.439446] workingset_refault_anon 0
[ 1118.440080] workingset_refault_file 1
[ 1118.440657] workingset_activate_anon 0
[ 1118.441292] workingset_activate_file 0
[ 1118.441935] workingset_restore_anon 0
[ 1118.442512] workingset_restore_file 0
[ 1118.443140] workingset_nodereclaim 0
[ 1118.443701] pgdemote_kswapd 0
[ 1118.444249] pgdemote_direct 0
[ 1118.444726] pgdemote_khugepaged 0
[ 1118.445307] pgdemote_proactive 0
[ 1118.445862] pgscan 801
[ 1118.446270] pgsteal 9
[ 1118.446644] pswpin 0
[ 1118.447065] pswpout 0
[ 1118.447448] pgscan_kswapd 0
[ 1118.447937] pgscan_direct 801
[ 1118.448436] pgscan_khugepaged 0
[ 1118.448998] pgscan_proactive 0
[ 1118.449513] pgsteal_kswapd 0
[ 1118.450034] pgsteal_direct 9
[ 1118.450502] pgsteal_khugepaged 0
[ 1118.451058] pgsteal_proactive 0
[ 1118.451560] pgfault 88000
[ 1118.452044] pgmajfault 0
[ 1118.452460] pgrefill 768
[ 1118.452916] pgactivate 3833
[ 1118.453382] pgdeactivate 768
[ 1118.453883] pglazyfree 0
[ 1118.454295] pglazyfreed 0
[ 1118.454698] swpin_zero 0
[ 1118.455149] swpout_zero 0
[ 1118.455578] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8455,uid=0
[ 1118.456664] 9p: Unknown access argument 18446744073709551615: -34
[ 1118.457785] Memory cgroup out of memory: Killed process 8455 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[ 1119.052141] audit: type=1326 audit(1755410086.399:159): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8440 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:54:55 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 98)

05:54:55 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x10000000, 0x0)

05:54:55 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0x0, 0x700}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:54:55 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x500)

05:54:55 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000015c0), &(0x7f0000001600)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@mpol={'mpol', 0x3d, {'prefer', '=static', @val={0x3a, [0x0]}}}}], [{@fscontext={'fscontext', 0x3d, 'user_u'}}]})

05:54:55 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000540)='./file0/file1\x00', r0, &(0x7f0000000580)='./file0\x00', 0x400)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
r2 = syz_mount_image$msdos(&(0x7f0000000740), &(0x7f0000000780)='./file0/file0\x00', 0x9744, 0x4, &(0x7f0000000a80)=[{&(0x7f00000007c0)="db995920f9630b41d481d60a17a3023566befc958306150d62b54d7454da003b6d61672b8ed8a4c34a69f2d04066440684f2b74d19fff3bf70a71cfced7bff4323295b11596752c5d44050420714294c4789013b1047c7eb30dde83416c38cdcbd013758fe80476382ff5b9855799b1f881b9ab01a96a149bc4b84a471564ee99096e223c0d813d254557d0c67fcb1718f044f5b58d73c13230cee9f8f2d96c7f829852a8b76ee2af92498e0a151be12", 0xb0, 0x2}, {&(0x7f0000000880)="d9a05701ee1aecaf1eabe37f309cb9608779aa36b6eab121e728cb6cabf23445a163b2fba2760b70702d6a2beb20d959e420b28807523478e8ae5a10b7bc17f15cce5dbd36d6f0cb4e6cd96568645a3343c7f30280087678b5fcf88847a4ac1a3200644290a8b73cee78f8aca792c798764ca9dbbfc165b1ff8217f84199676a811cba56df65efa566db23620ea75ffebde3d4d433432602bb42e11403d3", 0x9e, 0x9}, {&(0x7f00000009c0)="80c9d4c0b305183fa4ef686aca49f24dad725404c2d57910079a81f969e2d5c1bf16c2b1a40d48b24cad373ab4fa88f41f68036d9e6ec4c40515969afbdd14f466f321abd0506f77e134762e30b78be1e1f4d3ae4311767bde33e30a8af793b0ad6bf1dee677bf35b5a24e2f84a8ac6a19c2f0e102b034f83613e9088735a4e9926659a119fc48455e15ea6a72864534cbfa247a59", 0x95, 0x1024}, {&(0x7f0000000940)="8408e33af53689e2a1acf5b58e9aacf0c9b31216bec82230a80a672b6ee422c54b50ac02cab9c5bc592702f4c885656ffb", 0x31, 0x5}], 0x12, &(0x7f0000000b00)={[{@fat=@flush}, {@fat=@usefree}, {@nodots}, {@nodots}, {@nodots}, {@fat=@check_strict}, {@dots}, {@nodots}], [{@fowner_lt={'fowner<', 0xee01}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@obj_role={'obj_role', 0x3d, 'smackfshat'}}]})
ioctl$AUTOFS_IOC_FAIL(r2, 0x9361, 0x4)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x40087602, &(0x7f0000000700)=0x8)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000c00), &(0x7f0000008600)=0xc)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:54:55 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xb00000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[ 1127.705692] tmpfs: Bad value for 'mpol'
[ 1127.707975] tmpfs: Bad value for 'mpol'
[ 1127.716898] FAULT_INJECTION: forcing a failure.
[ 1127.716898] name failslab, interval 1, probability 0, space 0, times 0
[ 1127.717769] CPU: 0 UID: 0 PID: 8483 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1127.717787] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1127.717795] Call Trace:
[ 1127.717800]  <TASK>
[ 1127.717807]  dump_stack_lvl+0xfa/0x120
[ 1127.717834]  should_fail_ex+0x4d7/0x5e0
[ 1127.717865]  ? __kernfs_new_node+0xd3/0x870
[ 1127.717877]  should_failslab+0xc2/0x120
[ 1127.717901]  kmem_cache_alloc_noprof+0x5f/0x3d0
[ 1127.717930]  ? perf_trace_run_bpf_submit+0xef/0x180
[ 1127.717963]  __kernfs_new_node+0xd3/0x870
[ 1127.717986]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1127.718008]  ? lock_acquire+0x15e/0x2f0
[ 1127.718023]  ? kernfs_root+0x23/0x2a0
[ 1127.718037]  ? find_held_lock+0x2b/0x80
[ 1127.718056]  ? kernfs_root+0xee/0x2a0
[ 1127.718069]  ? lock_release+0xc8/0x290
[ 1127.718081]  ? lock_is_held_type+0x9e/0x120
[ 1127.718108]  kernfs_new_node+0x13c/0x1e0
[ 1127.718135]  __kernfs_create_file+0x55/0x360
[ 1127.718161]  sysfs_add_file_mode_ns+0x21c/0x440
[ 1127.718190]  ? __pfx_slab_attr_store+0x10/0x10
[ 1127.718217]  internal_create_group+0x571/0xeb0
[ 1127.718250]  ? __pfx_internal_create_group+0x10/0x10
[ 1127.718288]  sysfs_slab_add+0x188/0x210
[ 1127.718312]  do_kmem_cache_create+0x235/0x5a0
[ 1127.718340]  __kmem_cache_create_args+0x20f/0x360
[ 1127.718353]  ? p9_client_create+0xd52/0x11b0
[ 1127.718378]  p9_client_create+0xdfc/0x11b0
[ 1127.718411]  ? __pfx_p9_client_create+0x10/0x10
[ 1127.718447]  ? trace_kmalloc+0x1f/0xb0
[ 1127.718463]  ? legacy_get_tree+0x109/0x220
[ 1127.718478]  ? vfs_get_tree+0x93/0x340
[ 1127.718496]  ? lockdep_init_map_type+0x4b/0x240
[ 1127.718513]  ? __raw_spin_lock_init+0x3a/0x110
[ 1127.718541]  v9fs_session_init+0x1df/0x17a0
[ 1127.718559]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1127.718590]  ? find_held_lock+0x2b/0x80
[ 1127.718609]  ? __create_object+0x59/0x80
[ 1127.718627]  ? __pfx_v9fs_session_init+0x10/0x10
[ 1127.718641]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1127.718661]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1127.718683]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1127.718704]  ? __create_object+0x59/0x80
[ 1127.718723]  ? trace_kmalloc+0x1f/0xb0
[ 1127.718735]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[ 1127.718749]  ? cred_has_capability.isra.0+0x1be/0x2c0
[ 1127.718780]  v9fs_mount+0xbc/0x9e0
[ 1127.718801]  ? __pfx_v9fs_mount+0x10/0x10
[ 1127.718824]  ? cap_capable+0xdb/0x3b0
[ 1127.718845]  ? __pfx_v9fs_mount+0x10/0x10
[ 1127.718864]  legacy_get_tree+0x109/0x220
[ 1127.718886]  vfs_get_tree+0x93/0x340
[ 1127.718905]  path_mount+0x122f/0x1db0
[ 1127.718929]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1127.718954]  ? __pfx_path_mount+0x10/0x10
[ 1127.718975]  ? kmem_cache_free+0x2a1/0x460
[ 1127.718993]  ? putname.part.0+0x11b/0x160
[ 1127.719010]  ? getname_flags.part.0+0x1c6/0x540
[ 1127.719031]  ? putname.part.0+0x11b/0x160
[ 1127.719055]  __x64_sys_mount+0x27b/0x300
[ 1127.719076]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1127.719115]  do_syscall_64+0xbf/0x360
[ 1127.719135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1127.719149] RIP: 0033:0x7fdbea32eb19
[ 1127.719159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1127.719172] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1127.719184] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[ 1127.719192] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[ 1127.719200] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[ 1127.719208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1127.719215] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[ 1127.719252]  </TASK>
05:54:55 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000704000/0x4000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
r2 = shmget$private(0x0, 0x2000, 0x8, &(0x7f0000ffc000/0x2000)=nil)
mmap$IORING_OFF_CQ_RING(&(0x7f0000852000/0x2000)=nil, 0x2000, 0x300000a, 0x1010, 0xffffffffffffffff, 0x8000000)
shmat(r2, &(0x7f0000ffb000/0x4000)=nil, 0x4000)
shmat(r2, &(0x7f0000ffe000/0x1000)=nil, 0x4000)
shmat(r2, &(0x7f0000ffe000/0x1000)=nil, 0x6000)
shmget$private(0x0, 0x4000, 0x800, &(0x7f00007f2000/0x4000)=nil)
mmap$IORING_OFF_CQ_RING(&(0x7f0000d3c000/0x2000)=nil, 0x2000, 0x7000004, 0x110, 0xffffffffffffffff, 0x8000000)
shmdt(0x0)
shmdt(r1)

05:54:55 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x3}, 0x1c)
sendmmsg$inet6(r0, &(0x7f00000007c0)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @remote, 0x1ff}, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="b0c62c20f9a2e69867fced67bfc101a96e69cccf666a6e63d31362b87a37caea7683c883a769e66f2b4758825914ae25"}], 0x0, &(0x7f0000000140)=[@hopopts_2292={{0x0, 0x29, 0x36, {0x2b, 0x0, '\x00', [@calipso={0x7, 0x0, {0x3, 0x0, 0x5, 0x6, [0x2, 0x80000001, 0x10000, 0x8]}}, @jumbo={0xc2, 0x4, 0x8}, @pad1, @calipso={0x7, 0x0, {0x0, 0x0, 0xf9, 0x3, [0x2, 0x7, 0x5, 0x2, 0x7fff]}}, @calipso={0x7, 0x0, {0x1, 0x0, 0x1, 0x8, [0x4, 0x0, 0x1e2f, 0x5, 0x8]}}, @jumbo={0xc2, 0x4, 0x1}, @generic={0x1f, 0x0, "08914d9081976b89bca2faa0b18958ff82a6ae9cbe2e5df8f31a4f6692686f077b986585c474f19712f8dcf03202bb5151c930391674d3c29309536ad191896f653c249643d6c70cc8072204db72733979abb90dd1ceecc8f2d030b1b0ee643d9ff054e58d5d0ce2fd8df8a82a6f6068a4970a29f1634b10c83409bae9aaffe28275a3fe2d7307"}, @enc_lim={0x4, 0x1, 0x4}, @enc_lim={0x4, 0x1, 0x3}, @jumbo]}}}, @hoplimit={{0x0, 0x29, 0x34, 0x40000000}}]}}, {{&(0x7f00000000c0)={0xa, 0x4e24, 0x200, @ipv4={'\x00', '\xff\xff', @remote}, 0x9}, 0x0, &(0x7f00000006c0)=[{&(0x7f00000002c0)="e44086cedc1b6a75e457"}, {&(0x7f0000000300)="6bc35a6d46c1641d02cf8ce0ef2c9b4162905060bf7fea080417f6f804ba19089b30872d9f1156620c42d5c6c11ac10cf89a641673ac23d947dd72f123e80cdda930373c3ddbff1e011443"}, {&(0x7f0000000380)="692b91342f22abf60ae6aa5610099f2e3405de7cefd9db194980362453874743e50c3842d1618ba030beb25c33efe775821a1e17b9f20288496779fa123b573cf35fb4c88994e62ee6b58505f52e583fdb7033c20a2fea749b0d3636a5e2f3bfc594bdb04aca56b8d3125c079db3c8c02114123de92daca18211fbd0e93464ffd7e2714c423120363a1051c89f070832a7c5c8b76d157cdc2e90c88fdf76ef9036670ba4770fbd7517b3d8602a37871897ad03cce47912a65be7ab6840475f00c877a71dd0"}, {&(0x7f0000000480)="2b4b9b4659114aa4c1f8a3e7156f8dba3dd75cd473940cf3e102128f94ed50be031e9ea91db710a142ab251ba94e496cf3d4262242857808305ba4f7556c8d89418cac5dce89f47b5baf4f380d3c368a706fd97992f654db623f2e810912baa8a1f37a79263d3839bed8ee798561f5780bb69ef770e591137753292fc9757d3633d1700b48a2bdeea77c1c56c229457087e5372bb491ed879cd4634d1171c253e4a388ce9b2aa767b15da6b68d3afc587324632538d7ca3c93e4a81c9053"}, {&(0x7f0000000540)="f17638f47f783bc7e3aa796e460d93aa7489fd81acd8d61f70b799e81fc66a416c2fb9e4c5044c9c1865"}, {&(0x7f0000000580)="3a2dd67f586f6a5428ea64a77637d59f63bda53e69210c3e75d30847ea72d399"}, {&(0x7f00000005c0)="91322817c1ce99e9b0e211fb0c2ef13c74347aaf55a48005e48e29f1d563ed763eb9ee61269a5c8384002fffe9d418480f3f9c069ac592539c1ffe659c2ef2a6435c393dbeb68fbdbd409f98cdbc20937486d07196b06de4fe6fb6afa924110aae35503fe757f946b772528ff90d1952539311e993ce9ef02083606b06517d5535e6b3fbac68261a38b04b796d204f57313c473453c0218d7b505327ed8a0bd31ac7db56e26e8c74ea9f771718db2d17258097141f4d4c56b1fc610e93dc47a5a4ec89744bbb6b9b7bab330d5575f448307a7e2bdaebb3475232c2c8d393617878a2d59bd784c9e05ac9af63f2d80d403287f52333144aff76e45f6481"}], 0x0, &(0x7f0000000740)=[@tclass={{0x0, 0x29, 0x43, 0x1}}, @dontfrag={{0x0, 0x29, 0x3e, 0x3f}}, @hopopts={{0x0, 0x29, 0x36, {0x2c, 0x0, '\x00', [@enc_lim={0x4, 0x1, 0x1}, @generic={0x0, 0x0, "0313f09fe5"}]}}}]}}], 0x1, 0x0)

[ 1127.810766] SLUB: Unable to add cache 9p-fcall-cache-125 to sysfs
[ 1127.813998] 9p: Unknown access argument 18446744073709551615: -34
05:54:55 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xf30000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[ 1127.834075] audit: type=1326 audit(1755410095.179:160): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8491 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:54:55 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x600)

05:54:55 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000001740)={0x1, &(0x7f0000001700)=[{0x6}]}, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000001740)={0x1, &(0x7f0000001700)=[{0x6}]}, 0x10)
r3 = signalfd(r0, &(0x7f0000000000)={[0x5]}, 0x8)
setsockopt$packet_fanout_data(r3, 0x107, 0x16, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x1000, 0x1, 0x9, 0x4}, {0x3, 0xc7, 0x0, 0x20}]}, 0x10)

05:54:55 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 99)

[ 1127.881682] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1127.882594] CPU: 0 UID: 0 PID: 8489 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1127.882610] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1127.882618] Call Trace:
[ 1127.882623]  <TASK>
[ 1127.882628]  dump_stack_lvl+0xfa/0x120
[ 1127.882648]  dump_header+0x107/0x950
[ 1127.882669]  oom_kill_process+0x278/0xa00
[ 1127.882686]  out_of_memory+0x34b/0x1690
[ 1127.882707]  ? __pfx_out_of_memory+0x10/0x10
[ 1127.882729]  mem_cgroup_out_of_memory+0x164/0x190
[ 1127.882748]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1127.882770]  ? mark_held_locks+0x49/0x80
[ 1127.882788]  try_charge_memcg+0x81f/0xf30
[ 1127.882812]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1127.882833]  charge_memcg+0x7b/0x290
[ 1127.882848]  __mem_cgroup_charge+0x28/0x90
[ 1127.882865]  do_wp_page+0x58c/0x3240
[ 1127.882886]  ? __pfx_do_wp_page+0x10/0x10
[ 1127.882901]  ? do_raw_spin_lock+0x123/0x260
[ 1127.882917]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1127.882932]  ? ___pte_offset_map+0x176/0x370
[ 1127.882948]  __handle_mm_fault+0xde1/0x3030
[ 1127.882964]  ? reacquire_held_locks+0xd1/0x200
[ 1127.882976]  ? lock_vma_under_rcu+0x11e/0x530
[ 1127.882997]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1127.883013]  ? lock_vma_under_rcu+0x17b/0x530
[ 1127.883039]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1127.883063]  handle_mm_fault+0x2c3/0x900
[ 1127.883079]  ? access_error+0x17d/0x380
[ 1127.883096]  do_user_addr_fault+0x4fa/0xeb0
[ 1127.883114]  exc_page_fault+0xb0/0x180
[ 1127.883128]  asm_exc_page_fault+0x26/0x30
[ 1127.883140] RIP: 0033:0x7ff98baf5d30
[ 1127.883150] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1127.883162] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1127.883172] RAX: 00000000282bb3e7 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1127.883180] RDX: 0000001b2cf2004c RSI: ffffffff819e7e16 RDI: 0000000000000000
[ 1127.883188] RBP: 0000000000000001 R08: 00000000282bb3e7 R09: 0000001b2cf2001c
[ 1127.883196] R10: 00000000000013e7 R11: 00000000282bb3eb R12: 000000000000000b
[ 1127.883204] R13: 00007ff98bc4f000 R14: ffffffff819e7e16 R15: 00007ff98bc5aff0
[ 1127.883212]  ? apply_mlockall_flags+0x86/0x480
[ 1127.883235]  ? apply_mlockall_flags+0x86/0x480
[ 1127.883255]  </TASK>
[ 1127.900019] memory: usage 307200kB, limit 307200kB, failcnt 2750
[ 1127.900500] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
05:54:55 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000540)='./file0/file1\x00', r0, &(0x7f0000000580)='./file0\x00', 0x400)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
r2 = syz_mount_image$msdos(&(0x7f0000000740), &(0x7f0000000780)='./file0/file0\x00', 0x9744, 0x4, &(0x7f0000000a80)=[{&(0x7f00000007c0)="db995920f9630b41d481d60a17a3023566befc958306150d62b54d7454da003b6d61672b8ed8a4c34a69f2d04066440684f2b74d19fff3bf70a71cfced7bff4323295b11596752c5d44050420714294c4789013b1047c7eb30dde83416c38cdcbd013758fe80476382ff5b9855799b1f881b9ab01a96a149bc4b84a471564ee99096e223c0d813d254557d0c67fcb1718f044f5b58d73c13230cee9f8f2d96c7f829852a8b76ee2af92498e0a151be12", 0xb0, 0x2}, {&(0x7f0000000880)="d9a05701ee1aecaf1eabe37f309cb9608779aa36b6eab121e728cb6cabf23445a163b2fba2760b70702d6a2beb20d959e420b28807523478e8ae5a10b7bc17f15cce5dbd36d6f0cb4e6cd96568645a3343c7f30280087678b5fcf88847a4ac1a3200644290a8b73cee78f8aca792c798764ca9dbbfc165b1ff8217f84199676a811cba56df65efa566db23620ea75ffebde3d4d433432602bb42e11403d3", 0x9e, 0x9}, {&(0x7f00000009c0)="80c9d4c0b305183fa4ef686aca49f24dad725404c2d57910079a81f969e2d5c1bf16c2b1a40d48b24cad373ab4fa88f41f68036d9e6ec4c40515969afbdd14f466f321abd0506f77e134762e30b78be1e1f4d3ae4311767bde33e30a8af793b0ad6bf1dee677bf35b5a24e2f84a8ac6a19c2f0e102b034f83613e9088735a4e9926659a119fc48455e15ea6a72864534cbfa247a59", 0x95, 0x1024}, {&(0x7f0000000940)="8408e33af53689e2a1acf5b58e9aacf0c9b31216bec82230a80a672b6ee422c54b50ac02cab9c5bc592702f4c885656ffb", 0x31, 0x5}], 0x12, &(0x7f0000000b00)={[{@fat=@flush}, {@fat=@usefree}, {@nodots}, {@nodots}, {@nodots}, {@fat=@check_strict}, {@dots}, {@nodots}], [{@fowner_lt={'fowner<', 0xee01}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@obj_role={'obj_role', 0x3d, 'smackfshat'}}]})
ioctl$AUTOFS_IOC_FAIL(r2, 0x9361, 0x4)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x40087602, &(0x7f0000000700)=0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:54:55 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0x0, 0x900}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[ 1127.901136] Memory cgroup stats for /syz0:
[ 1127.945070] 9p: Unknown access argument 18446744073709551615: -34
[ 1127.946386] anon 131072
[ 1127.946607] file 312950784
[ 1127.946888] kernel 1490944
[ 1127.947134] kernel_stack 65536
[ 1127.947411] pagetables 147456
[ 1127.947662] sec_pagetables 0
[ 1127.948061] percpu 64
[ 1127.948270] sock 0
[ 1127.948444] vmalloc 0
[ 1127.948640] shmem 312950784
[ 1127.948935] file_mapped 0
[ 1127.949158] file_dirty 0
[ 1127.949373] file_writeback 0
[ 1127.949614] swapcached 0
[ 1127.949854] inactive_anon 306536448
[ 1127.950146] active_anon 6545408
[ 1127.950406] inactive_file 0
[ 1127.950641] active_file 0
[ 1127.950884] unevictable 0
[ 1127.951105] slab_reclaimable 949040
[ 1127.951398] slab_unreclaimable 343688
[ 1127.951697] slab 1292728
[ 1127.951932] workingset_refault_anon 0
[ 1127.952236] workingset_refault_file 1
[ 1127.952535] workingset_activate_anon 0
[ 1127.952860] workingset_activate_file 0
[ 1127.953163] workingset_restore_anon 0
[ 1127.953461] workingset_restore_file 0
[ 1127.953759] workingset_nodereclaim 0
[ 1127.954099] pgdemote_kswapd 0
[ 1127.954348] pgdemote_direct 0
[ 1127.954600] pgdemote_khugepaged 0
[ 1127.954897] pgdemote_proactive 0
[ 1127.955164] pgscan 801
[ 1127.955365] pgsteal 9
[ 1127.955559] pswpin 0
[ 1127.955748] pswpout 0
[ 1127.955965] pgscan_kswapd 0
[ 1127.956201] pgscan_direct 801
[ 1127.956449] pgscan_khugepaged 0
[ 1127.956711] pgscan_proactive 0
[ 1127.956984] pgsteal_kswapd 0
[ 1127.957229] pgsteal_direct 9
[ 1127.957469] pgsteal_khugepaged 0
[ 1127.957734] pgsteal_proactive 0
[ 1127.958027] pgfault 88051
[ 1127.958250] pgmajfault 0
[ 1127.958462] pgrefill 768
[ 1127.958676] pgactivate 3833
[ 1127.958930] pgdeactivate 768
[ 1127.959175] pglazyfree 0
[ 1127.959389] pglazyfreed 0
[ 1127.959608] swpin_zero 0
[ 1127.959842] swpout_zero 0
[ 1127.960066] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8489,uid=0
[ 1127.961227] Memory cgroup out of memory: Killed process 8489 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[ 1128.652491] audit: type=1326 audit(1755410096.000:161): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8491 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:55:06 executing program 1:
set_mempolicy(0x3, &(0x7f00000007c0)=0x5, 0x11)
syz_open_dev$tty20(0xc, 0x4, 0x1)

05:55:06 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x1000000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:55:06 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x700)

05:55:06 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0x1000, 0x1, &(0x7f0000fff000/0x1000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
r2 = shmget$private(0x0, 0x5000, 0x0, &(0x7f0000ffb000/0x5000)=nil)
shmat(r2, &(0x7f0000ffb000/0x4000)=nil, 0x4000)
shmat(r2, &(0x7f0000ffe000/0x1000)=nil, 0x4000)
shmat(r2, &(0x7f0000a1f000/0x3000)=nil, 0xe9a3ab9b6a9fc663)
mbind(&(0x7f0000e13000/0x1000)=nil, 0x1000, 0x8000, &(0x7f0000000000)=0x2, 0x1, 0x4)
mlockall(0xa)
shmdt(r1)
shmat(r0, &(0x7f0000e11000/0x3000)=nil, 0x1000)

05:55:06 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {0x4, 0x0, 0xf00}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:55:06 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000540)='./file0/file1\x00', r0, &(0x7f0000000580)='./file0\x00', 0x400)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
r2 = syz_mount_image$msdos(&(0x7f0000000740), &(0x7f0000000780)='./file0/file0\x00', 0x9744, 0x4, &(0x7f0000000a80)=[{&(0x7f00000007c0)="db995920f9630b41d481d60a17a3023566befc958306150d62b54d7454da003b6d61672b8ed8a4c34a69f2d04066440684f2b74d19fff3bf70a71cfced7bff4323295b11596752c5d44050420714294c4789013b1047c7eb30dde83416c38cdcbd013758fe80476382ff5b9855799b1f881b9ab01a96a149bc4b84a471564ee99096e223c0d813d254557d0c67fcb1718f044f5b58d73c13230cee9f8f2d96c7f829852a8b76ee2af92498e0a151be12", 0xb0, 0x2}, {&(0x7f0000000880)="d9a05701ee1aecaf1eabe37f309cb9608779aa36b6eab121e728cb6cabf23445a163b2fba2760b70702d6a2beb20d959e420b28807523478e8ae5a10b7bc17f15cce5dbd36d6f0cb4e6cd96568645a3343c7f30280087678b5fcf88847a4ac1a3200644290a8b73cee78f8aca792c798764ca9dbbfc165b1ff8217f84199676a811cba56df65efa566db23620ea75ffebde3d4d433432602bb42e11403d3", 0x9e, 0x9}, {&(0x7f00000009c0)="80c9d4c0b305183fa4ef686aca49f24dad725404c2d57910079a81f969e2d5c1bf16c2b1a40d48b24cad373ab4fa88f41f68036d9e6ec4c40515969afbdd14f466f321abd0506f77e134762e30b78be1e1f4d3ae4311767bde33e30a8af793b0ad6bf1dee677bf35b5a24e2f84a8ac6a19c2f0e102b034f83613e9088735a4e9926659a119fc48455e15ea6a72864534cbfa247a59", 0x95, 0x1024}, {&(0x7f0000000940)="8408e33af53689e2a1acf5b58e9aacf0c9b31216bec82230a80a672b6ee422c54b50ac02cab9c5bc592702f4c885656ffb", 0x31, 0x5}], 0x12, &(0x7f0000000b00)={[{@fat=@flush}, {@fat=@usefree}, {@nodots}, {@nodots}, {@nodots}, {@fat=@check_strict}, {@dots}, {@nodots}], [{@fowner_lt={'fowner<', 0xee01}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@obj_role={'obj_role', 0x3d, 'smackfshat'}}]})
ioctl$AUTOFS_IOC_FAIL(r2, 0x9361, 0x4)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x40087602, &(0x7f0000000700)=0x8)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:55:06 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x20000000, 0x0)

05:55:06 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}}) (fail_nth: 100)

[ 1139.399632] audit: type=1326 audit(1755410106.746:162): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8526 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
[ 1139.402261] FAULT_INJECTION: forcing a failure.
[ 1139.402261] name failslab, interval 1, probability 0, space 0, times 0
[ 1139.403294] CPU: 1 UID: 0 PID: 8529 Comm: syz-executor.4 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1139.403311] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1139.403319] Call Trace:
[ 1139.403324]  <TASK>
[ 1139.403329]  dump_stack_lvl+0xfa/0x120
[ 1139.403350]  should_fail_ex+0x4d7/0x5e0
[ 1139.403373]  ? __kernfs_new_node+0xd3/0x870
[ 1139.403385]  should_failslab+0xc2/0x120
[ 1139.403406]  kmem_cache_alloc_noprof+0x5f/0x3d0
[ 1139.403423]  ? perf_trace_lock_acquire+0xc9/0x700
[ 1139.403443]  __kernfs_new_node+0xd3/0x870
[ 1139.403458]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1139.403473]  ? lock_acquire+0x15e/0x2f0
[ 1139.403486]  ? kernfs_root+0x23/0x2a0
[ 1139.403497]  ? find_held_lock+0x2b/0x80
[ 1139.403513]  ? kernfs_root+0xee/0x2a0
[ 1139.403524]  ? lock_release+0xc8/0x290
[ 1139.403535]  ? lock_is_held_type+0x9e/0x120
[ 1139.403553]  kernfs_new_node+0x13c/0x1e0
[ 1139.403570]  __kernfs_create_file+0x55/0x360
[ 1139.403589]  sysfs_add_file_mode_ns+0x21c/0x440
[ 1139.403611]  ? __pfx_slab_attr_store+0x10/0x10
[ 1139.403633]  internal_create_group+0x571/0xeb0
[ 1139.403652]  ? __pfx_internal_create_group+0x10/0x10
[ 1139.403674]  sysfs_slab_add+0x188/0x210
[ 1139.403692]  do_kmem_cache_create+0x235/0x5a0
[ 1139.403712]  __kmem_cache_create_args+0x20f/0x360
[ 1139.403725]  ? p9_client_create+0xd52/0x11b0
[ 1139.403744]  p9_client_create+0xdfc/0x11b0
[ 1139.403765]  ? __pfx_p9_client_create+0x10/0x10
[ 1139.403788]  ? trace_kmalloc+0x1f/0xb0
[ 1139.403800]  ? legacy_get_tree+0x109/0x220
[ 1139.403819]  ? vfs_get_tree+0x93/0x340
[ 1139.403834]  ? lockdep_init_map_type+0x4b/0x240
[ 1139.403851]  ? __raw_spin_lock_init+0x3a/0x110
[ 1139.403870]  v9fs_session_init+0x1df/0x17a0
[ 1139.403886]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1139.403909]  ? find_held_lock+0x2b/0x80
[ 1139.403924]  ? __create_object+0x59/0x80
[ 1139.403940]  ? __pfx_v9fs_session_init+0x10/0x10
[ 1139.403953]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1139.403972]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1139.403990]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1139.404008]  ? __create_object+0x59/0x80
[ 1139.404023]  ? trace_kmalloc+0x1f/0xb0
[ 1139.404034]  ? __kmalloc_cache_noprof+0x1b3/0x3e0
[ 1139.404048]  ? cred_has_capability.isra.0+0x1be/0x2c0
[ 1139.404068]  v9fs_mount+0xbc/0x9e0
[ 1139.404086]  ? __pfx_v9fs_mount+0x10/0x10
[ 1139.404104]  ? cap_capable+0xdb/0x3b0
[ 1139.404119]  ? __pfx_v9fs_mount+0x10/0x10
[ 1139.404135]  legacy_get_tree+0x109/0x220
[ 1139.404152]  vfs_get_tree+0x93/0x340
[ 1139.404167]  path_mount+0x122f/0x1db0
[ 1139.404187]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 1139.404207]  ? __pfx_path_mount+0x10/0x10
[ 1139.404225]  ? kmem_cache_free+0x2a1/0x460
[ 1139.404241]  ? putname.part.0+0x11b/0x160
[ 1139.404255]  ? getname_flags.part.0+0x1c6/0x540
[ 1139.404271]  ? putname.part.0+0x11b/0x160
[ 1139.404287]  __x64_sys_mount+0x27b/0x300
[ 1139.404306]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1139.404332]  do_syscall_64+0xbf/0x360
[ 1139.404347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1139.404361] RIP: 0033:0x7fdbea32eb19
[ 1139.404370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1139.404382] RSP: 002b:00007fdbe78a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1139.404395] RAX: ffffffffffffffda RBX: 00007fdbea441f60 RCX: 00007fdbea32eb19
[ 1139.404403] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[ 1139.404411] RBP: 00007fdbe78a41d0 R08: 0000000020000100 R09: 0000000000000000
[ 1139.404419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[ 1139.404426] R13: 00007ffe31abdb1f R14: 00007fdbe78a4300 R15: 0000000000022000
[ 1139.404446]  </TASK>
[ 1139.435125] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1139.435980] CPU: 0 UID: 0 PID: 8519 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1139.435998] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1139.436006] Call Trace:
[ 1139.436011]  <TASK>
[ 1139.436016]  dump_stack_lvl+0xfa/0x120
[ 1139.436038]  dump_header+0x107/0x950
[ 1139.436060]  oom_kill_process+0x278/0xa00
[ 1139.436078]  out_of_memory+0x34b/0x1690
[ 1139.436098]  ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 1139.436118]  ? __pfx_out_of_memory+0x10/0x10
[ 1139.436142]  mem_cgroup_out_of_memory+0x164/0x190
[ 1139.436161]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1139.436184]  ? mark_held_locks+0x49/0x80
[ 1139.436203]  try_charge_memcg+0x81f/0xf30
[ 1139.436224]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1139.436246]  charge_memcg+0x7b/0x290
[ 1139.436261]  __mem_cgroup_charge+0x28/0x90
[ 1139.436278]  do_wp_page+0x58c/0x3240
[ 1139.436300]  ? __pfx_do_wp_page+0x10/0x10
[ 1139.436316]  ? do_raw_spin_lock+0x123/0x260
[ 1139.436331]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1139.436346]  ? ___pte_offset_map+0x176/0x370
[ 1139.436364]  __handle_mm_fault+0xde1/0x3030
[ 1139.436378]  ? reacquire_held_locks+0xd1/0x200
[ 1139.436390]  ? lock_vma_under_rcu+0x11e/0x530
[ 1139.436412]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1139.436428]  ? lock_vma_under_rcu+0x17b/0x530
[ 1139.436456]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1139.436481]  handle_mm_fault+0x2c3/0x900
[ 1139.436498]  ? access_error+0x17d/0x380
[ 1139.436515]  do_user_addr_fault+0x4fa/0xeb0
[ 1139.436534]  exc_page_fault+0xb0/0x180
[ 1139.436547]  asm_exc_page_fault+0x26/0x30
[ 1139.436560] RIP: 0033:0x7ff98baf5d30
[ 1139.436570] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1139.436582] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1139.436593] RAX: 00000000282bb3e7 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1139.436601] RDX: 0000001b2cf2004c RSI: ffffffff819e7e16 RDI: 0000000000000000
[ 1139.436609] RBP: 0000000000000001 R08: 00000000282bb3e7 R09: 0000001b2cf2001c
[ 1139.436616] R10: 00000000000013e7 R11: 00000000282bb3eb R12: 000000000000000b
[ 1139.436623] R13: 00007ff98bc4f000 R14: ffffffff819e7e16 R15: 00007ff98bc5aff0
[ 1139.436632]  ? apply_mlockall_flags+0x86/0x480
[ 1139.436656]  ? apply_mlockall_flags+0x86/0x480
[ 1139.436677]  </TASK>
[ 1139.436682] memory: usage 307200kB, limit 307200kB, failcnt 2771
[ 1139.442648] SLUB: Unable to add cache 9p-fcall-cache-127 to sysfs
[ 1139.442794] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1139.443248] 9p: Unknown access argument 18446744073709551615: -34
[ 1139.443478] Memory cgroup stats for /syz0:
[ 1139.443565] anon 131072
[ 1139.457376] file 312950784
[ 1139.457612] kernel 1490944
[ 1139.457870] kernel_stack 65536
[ 1139.458140] pagetables 147456
[ 1139.458399] sec_pagetables 0
[ 1139.458655] percpu 64
[ 1139.458877] sock 0
[ 1139.459068] vmalloc 0
[ 1139.459272] shmem 312950784
[ 1139.459514] file_mapped 0
[ 1139.459745] file_dirty 0
[ 1139.459988] file_writeback 0
[ 1139.460241] swapcached 0
[ 1139.460462] inactive_anon 306536448
[ 1139.460756] active_anon 6545408
[ 1139.461055] inactive_file 0
[ 1139.461300] active_file 0
[ 1139.461528] unevictable 0
[ 1139.461753] slab_reclaimable 949040
[ 1139.462069] slab_unreclaimable 343688
[ 1139.462380] slab 1292728
[ 1139.462607] workingset_refault_anon 0
[ 1139.462935] workingset_refault_file 1
[ 1139.463249] workingset_activate_anon 0
[ 1139.463569] workingset_activate_file 0
[ 1139.463905] workingset_restore_anon 0
[ 1139.464219] workingset_restore_file 0
[ 1139.464528] workingset_nodereclaim 0
[ 1139.464853] pgdemote_kswapd 0
[ 1139.465115] pgdemote_direct 0
[ 1139.465374] pgdemote_khugepaged 0
[ 1139.465657] pgdemote_proactive 0
[ 1139.465956] pgscan 801
[ 1139.466167] pgsteal 9
[ 1139.466367] pswpin 0
[ 1139.466574] pswpout 0
[ 1139.466778] pgscan_kswapd 0
[ 1139.467040] pgscan_direct 801
[ 1139.467298] pgscan_khugepaged 0
[ 1139.467571] pgscan_proactive 0
[ 1139.467858] pgsteal_kswapd 0
[ 1139.468112] pgsteal_direct 9
[ 1139.468360] pgsteal_khugepaged 0
[ 1139.468637] pgsteal_proactive 0
[ 1139.468928] pgfault 88102
[ 1139.469161] pgmajfault 0
[ 1139.469382] pgrefill 768
[ 1139.469602] pgactivate 3833
[ 1139.469866] pgdeactivate 768
[ 1139.470122] pglazyfree 0
[ 1139.470344] pglazyfreed 0
[ 1139.470576] swpin_zero 0
[ 1139.470797] swpout_zero 0
[ 1139.471063] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8519,uid=0
[ 1139.472330] Memory cgroup out of memory: Killed process 8519 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
05:55:06 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x2, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:55:06 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x1201000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:55:06 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000800100000f000000000000000100000005000000000004000040000020000000d3f4655fd3f4655f0100ffff53ef010001000000d3f4655f000000000000000001000000000000000b0000000004000008000000d2", 0x61, 0x400}], 0x0, &(0x7f0000013e00))
statx(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x100, 0x400, &(0x7f0000000240))

05:55:06 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000540)='./file0/file1\x00', r0, &(0x7f0000000580)='./file0\x00', 0x400)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
r2 = syz_mount_image$msdos(&(0x7f0000000740), &(0x7f0000000780)='./file0/file0\x00', 0x9744, 0x4, &(0x7f0000000a80)=[{&(0x7f00000007c0)="db995920f9630b41d481d60a17a3023566befc958306150d62b54d7454da003b6d61672b8ed8a4c34a69f2d04066440684f2b74d19fff3bf70a71cfced7bff4323295b11596752c5d44050420714294c4789013b1047c7eb30dde83416c38cdcbd013758fe80476382ff5b9855799b1f881b9ab01a96a149bc4b84a471564ee99096e223c0d813d254557d0c67fcb1718f044f5b58d73c13230cee9f8f2d96c7f829852a8b76ee2af92498e0a151be12", 0xb0, 0x2}, {&(0x7f0000000880)="d9a05701ee1aecaf1eabe37f309cb9608779aa36b6eab121e728cb6cabf23445a163b2fba2760b70702d6a2beb20d959e420b28807523478e8ae5a10b7bc17f15cce5dbd36d6f0cb4e6cd96568645a3343c7f30280087678b5fcf88847a4ac1a3200644290a8b73cee78f8aca792c798764ca9dbbfc165b1ff8217f84199676a811cba56df65efa566db23620ea75ffebde3d4d433432602bb42e11403d3", 0x9e, 0x9}, {&(0x7f00000009c0)="80c9d4c0b305183fa4ef686aca49f24dad725404c2d57910079a81f969e2d5c1bf16c2b1a40d48b24cad373ab4fa88f41f68036d9e6ec4c40515969afbdd14f466f321abd0506f77e134762e30b78be1e1f4d3ae4311767bde33e30a8af793b0ad6bf1dee677bf35b5a24e2f84a8ac6a19c2f0e102b034f83613e9088735a4e9926659a119fc48455e15ea6a72864534cbfa247a59", 0x95, 0x1024}, {&(0x7f0000000940)="8408e33af53689e2a1acf5b58e9aacf0c9b31216bec82230a80a672b6ee422c54b50ac02cab9c5bc592702f4c885656ffb", 0x31, 0x5}], 0x12, &(0x7f0000000b00)={[{@fat=@flush}, {@fat=@usefree}, {@nodots}, {@nodots}, {@nodots}, {@fat=@check_strict}, {@dots}, {@nodots}], [{@fowner_lt={'fowner<', 0xee01}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@obj_role={'obj_role', 0x3d, 'smackfshat'}}]})
ioctl$AUTOFS_IOC_FAIL(r2, 0x9361, 0x4)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:55:06 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0xa00)

[ 1139.564103] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 1139.570985] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 1140.230287] audit: type=1326 audit(1755410107.577:163): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8526 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:55:18 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
shmdt(0x0)
shmdt(r1)
shmat(r0, &(0x7f0000937000/0x3000)=nil, 0x6000)
mremap(&(0x7f0000c6c000/0x1000)=nil, 0x1000, 0x3000, 0x4, &(0x7f0000d4c000/0x3000)=nil)
r2 = shmget$private(0x0, 0x3000, 0x80, &(0x7f0000cf5000/0x3000)=nil)
shmat(r2, &(0x7f0000d44000/0x3000)=nil, 0x5000)
r3 = shmget$private(0x0, 0x5000, 0x0, &(0x7f0000ffb000/0x5000)=nil)
shmat(r3, &(0x7f0000ffb000/0x4000)=nil, 0x4000)
shmat(r3, &(0x7f0000ffe000/0x1000)=nil, 0x4000)
shmat(r3, &(0x7f0000577000/0x1000)=nil, 0x1000)

05:55:18 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x24030000, 0x0)

05:55:18 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x80000)

05:55:18 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x1b30000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:55:18 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000540)='./file0/file1\x00', r0, &(0x7f0000000580)='./file0\x00', 0x400)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
r1 = syz_mount_image$msdos(&(0x7f0000000740), &(0x7f0000000780)='./file0/file0\x00', 0x9744, 0x4, &(0x7f0000000a80)=[{&(0x7f00000007c0)="db995920f9630b41d481d60a17a3023566befc958306150d62b54d7454da003b6d61672b8ed8a4c34a69f2d04066440684f2b74d19fff3bf70a71cfced7bff4323295b11596752c5d44050420714294c4789013b1047c7eb30dde83416c38cdcbd013758fe80476382ff5b9855799b1f881b9ab01a96a149bc4b84a471564ee99096e223c0d813d254557d0c67fcb1718f044f5b58d73c13230cee9f8f2d96c7f829852a8b76ee2af92498e0a151be12", 0xb0, 0x2}, {&(0x7f0000000880)="d9a05701ee1aecaf1eabe37f309cb9608779aa36b6eab121e728cb6cabf23445a163b2fba2760b70702d6a2beb20d959e420b28807523478e8ae5a10b7bc17f15cce5dbd36d6f0cb4e6cd96568645a3343c7f30280087678b5fcf88847a4ac1a3200644290a8b73cee78f8aca792c798764ca9dbbfc165b1ff8217f84199676a811cba56df65efa566db23620ea75ffebde3d4d433432602bb42e11403d3", 0x9e, 0x9}, {&(0x7f00000009c0)="80c9d4c0b305183fa4ef686aca49f24dad725404c2d57910079a81f969e2d5c1bf16c2b1a40d48b24cad373ab4fa88f41f68036d9e6ec4c40515969afbdd14f466f321abd0506f77e134762e30b78be1e1f4d3ae4311767bde33e30a8af793b0ad6bf1dee677bf35b5a24e2f84a8ac6a19c2f0e102b034f83613e9088735a4e9926659a119fc48455e15ea6a72864534cbfa247a59", 0x95, 0x1024}, {&(0x7f0000000940)="8408e33af53689e2a1acf5b58e9aacf0c9b31216bec82230a80a672b6ee422c54b50ac02cab9c5bc592702f4c885656ffb", 0x31, 0x5}], 0x12, &(0x7f0000000b00)={[{@fat=@flush}, {@fat=@usefree}, {@nodots}, {@nodots}, {@nodots}, {@fat=@check_strict}, {@dots}, {@nodots}], [{@fowner_lt={'fowner<', 0xee01}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@obj_role={'obj_role', 0x3d, 'smackfshat'}}]})
ioctl$AUTOFS_IOC_FAIL(r1, 0x9361, 0x4)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:55:18 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x3, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:55:18 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

05:55:18 executing program 1:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x1d, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001000018000000c28500002b0200000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e34343631303034383400"/192, 0xc0, 0x400}, {&(0x7f0000010100)="000000000000000000000000dff4ef821ec34de5a68f275e28ea4831010040000c00000000000000d7f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000500400000000000000000000000000000003100000000000000", 0x40, 0x540}, {&(0x7f0000010300)="03000000040000000500000019000f0003000400"/32, 0x20, 0x800}, {&(0x7f0000010400)="7f000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000d7f4655fd7f4655fd7f4655f00"/2080, 0x820, 0xc00}, {&(0x7f0000010d00)="ed41000000040000d7f4655fd8f4655fd8f4655f00000000000004002000000000000800050000000af301000400000000000000000000000100000010000000", 0x40, 0x1580}, {&(0x7f0000010e00)="20000000901431899014318900000000d7f4655f00"/32, 0x20, 0x1580}, {&(0x7f0000010f00)="8081000000300404d7f4655fd7f4655fd7f4655f00000000000001002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000d7f4655f00"/160, 0xa0, 0x1a00}, {&(0x7f0000011000)="c0410000002c0000d7f4655fd7f4655fd7f4655f00000000000002002000000000000800000000000af301000400000000000000000000000b00000020000000", 0x40, 0x1e00}, {&(0x7f0000011100)="20000000000000000000000000000000d7f4655f000000000000000000000000000002ea00"/64, 0x40, 0x1e80}, {&(0x7f0000000dc0)="ed4700003c000000d8f4655fd8f4655fd8f4655f0000000000000200000000000000001003000000020000000d0000001000050166696c65300000000e0000002800050766696c653100000000000000000000000000000000000000000000000000000014a8ae82000000002a6174000000000000000000000000000000000000000020000000901431899014318990043189d8f4655f901431890000000000000000000002ea04070000000000000000000000000000646174610000000000000000", 0xc3, 0x1f00}, {&(0x7f0000011300)="ed8100001a040000d8f4655fd8f4655fd8f4655f00000000000001002000000000000800010000000af3010004000000000000000000000002000000500000000000000000000000000000000000000000000000000000000000000000000000000000001c98117600000000000000000000000000000000000000000000000020000000901431899014318990143189d8f4655f901431890000000000000000", 0xa0, 0x2000}, {&(0x7f0000011400)="ffa1000026000000d8f4655fd8f4655fd8f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3434363130303438342f66696c65302f66696c653000000000000000000000000000000000000000000000125dc13800000000000000000000000000000000000000000000000020000000901431899014318990143189d8f4655f901431890000000000000000", 0xa0, 0x2100}, {&(0x7f0000011500)="ed8100000a000000d8f4655fd8f4655fd8f4655f000000000000010000000000000000100100000073797a6b616c6c6572730000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d38e570b00000000000000000000000000000000000000000000000020000000901431899014318990143189d8f4655f901431890000000000000000000002ea040700000000000000000000000000006461746106015400000000000600000000000000786174747231000006014c000000000006000000000000007861747472320000000000000000000078617474723200007861747472310000ed81000028230000d8f4655fd8f4655fd8f4655f00000000000002002000000000000800010000000af301000400000000000000000000000900000060000000000000000000000000000000000000000000000000000000000000000000000000000000a6e5962c00000000000000000000000000000000000000000000000020000000901431899014318990143189d8f4655f901431890000000000000000", 0x1a0, 0x2200}, {&(0x7f0000011700)="ed81000064000000d8f4655fd8f4655fd8f4655f000000000000010000000000000000100100000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616ca48ba4e600000000000000000000000000000000000000000000000020000000901431899014318990143189d8f4655f901431890000000000000000000002ea040734000000000028000000000000006461746100000000000000000000000000000000000000000000000000000000000000006c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273", 0x100, 0x2400}, {&(0x7f0000011800)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009403090166696c652e636f6c64000000", 0x80, 0x4000}, {&(0x7f0000011900)="0b0000000c0001022e000000020000000c0002022e2e000000000000e8030000", 0x20, 0x8000}, {&(0x7f0000011a00)="00000000000400"/32, 0x20, 0x8400}, {&(0x7f0000011b00)="00000000000400"/32, 0x20, 0x8800}, {&(0x7f0000011c00)="00000000000400"/32, 0x20, 0x8c00}, {&(0x7f0000011d00)="000000aa42042000000000000000000000000000000000000000000000110000", 0x20, 0x9000}, {&(0x7f0000011e00)="00000000000400"/32, 0x20, 0x9400}, {&(0x7f0000011f00)="00000000000400"/32, 0x20, 0x9800}, {&(0x7f0000000b40)="00000000000400"/32, 0x20, 0x9c00}, {&(0x7f0000012100)="00000000000400"/32, 0x20, 0xa000}, {&(0x7f0000012200)="00000000000400"/32, 0x20, 0xa400}, {&(0x7f0000012300)="00000000000400"/32, 0x20, 0xa800}, {&(0x7f0000012400)="504d4d00504d4dffd8f4655f00000000647679756b6f762d676c6170746f70320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006c6f6f7033300075782f746573742f73797a5f6d6f756e745f696d6167655f650500"/128, 0x80, 0x10000}, {&(0x7f0000012500)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x14000}], 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="660856bbec750900000003000000c55b16c6369f1927337c0000"])
syz_mount_image$nfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x233, 0xa, &(0x7f0000000980)=[{&(0x7f0000000140)="e0c6d78cc90f1915af342c313963e8b7d26d5d53c6fcda7f5c2f1019618887aaa044338a26780400473eff423e3627871056ea604b4b32a457bfcded70a82fa79275b362bf6bd745d902d2ceac05305ff20273b2877ab4b04cdb7d08f614e6154a506feee22ac9b2bee8d8f5ec82f34eaa252673dd21faf9be0a384ed2a3d9", 0x7f, 0x3f}, {&(0x7f00000004c0)="1584bd5939a2d4f46d8d88315458eb706aa17718214b276b72a0623d17c46e2d6af84f09fe8f76fe207fd907edde66e996b978a1ab0c1ea59bd20575f1ae102d157c6f5cf4ef9b18947d76fbeb36d5663bcf72f380e5811708098b45d08a0646011c64eef61321d071", 0x69, 0x7}, {&(0x7f00000000c0)="9dd3d5718863e4d7b5f31ee626e33a77c706844b4323e423df4ccd280a1f44ffc9abe09458549c99034cdb7da31d2d16c79082", 0x33, 0x5}, {&(0x7f0000000540)="31bd96fa93ccdc9d206dcfb220c7fe286fc58e6371b23b6cdf1a39c65a2c08a1088faa650fc3ce4e4e8e3a4781dc930057e8a6cfab2e2f78b569bb3d6619d81324034f5aa36b8759bf5dbeccdcbdfe0e18fe801d5381efe23d4c99d219bedf22a8c5f29ed67cbc6bf4fca6ef1c6820128158717ba745429ac06b8f80fd8fbb9a184b9a99c972405a9835e4e7a0fe04592e25818e2d06cdbca1b8d3b5936f8a44e495a5f1a388adf9e20ae9feea5508c0bbd1542a785f1c8558d46a0846276e172f133ec97a4f4065", 0xc8, 0x6}, {&(0x7f0000000640)="15ac6bb123483386a5225f0b2cceb6f356cd84e7145db04d5e68204b3db8fcfdac455dba1421d7b4059c08582fbd0d578cfcd20e624fd8e40519b2f59aaa013262aac7ea944827baf62c3d9a341584ecd83500ac72198ea4b91112ded9463af2e02dd29fc47bbff8fa7f88f222ff544af0531de4804f075d409117f243e7075e0b9e4a7c545bebaa869cfd93e654ed14e86e6449b3c2ab41bcd0adf4c979ac3393856830cae4b07e8e39a101d74f0f6a93c409d3262cf420c0a2b67f759648e02b88fa76634b875a194f84b7d8354a242acd0b46", 0xd4, 0x8}, {&(0x7f0000000740)="5bac3551950f51b4ca125ab90c6b531cadbef257e390f20f29409be300939e7a1f9273b8c8d15446d8adf6e4488f6f987df6642a2eae1d9a4a180cdfedfe46ce6b29d26a89f8cbbf33f741722cbdba5d10e6564c7973a83194907b5ca726f81ceed947c616e3d1cc5d14a850f549f310c5166a1b", 0x74}, {&(0x7f00000007c0)="e6fa9067b4a17f0bca780bbe5ce4e6eae09529055535c3fc2687c00837f1e4c4446bd98fd8dc8ebb03a0256df63b12971698e012cb06f61be5d090c934450f203889cbf46cb0b4ad531583aefdc7bb65fe1721d709744ff5814d3c2330cd3f8db2fecc1d73e883b3e20fc27c6bd87e545c6cd6295ef4e68f6e5c042fd8551acfd2e119760e51949633583c284d299afe77ce4d52a547756a14743dd44453a18f16240067f90cc927136a65e9648bd185dd7ec1ff2dfa1d222e53e01defe0a11f373fe0c553801df5", 0xc8, 0x1}, {&(0x7f00000008c0)="1ed99c8eb61983fe985cae6e8d71b0d67fee6c0fc7a35bfa3c5e0d3444fd5c0df097e1fffa63243401b5dd46f71096d764e8b68f377376d0c63f315ba29ec1aff84e8b1cef73e17035fe20468fa6704196373efd495093eebffad3cd1dc34c12bb784a07e2e708999b138f9cf87c598aeb7b1bb2920766", 0x77, 0xfffffffffffffe00}, {&(0x7f00000001c0)="db2eb5088fa0c5389a2b4b845a6fe0490ab72933b6e3ba89e8627b0fc2f449ff86ad7e550f96e7d7fed263df60ec2886b29dfded1ca2", 0x36, 0xc65}, {&(0x7f0000000940)="79597e170a", 0x5, 0x7ff}], 0x2186080, &(0x7f0000000cc0)=ANY=[@ANYBLOB="65787434002c2c6d61736b3d4d41595f455845432c6673757569648000000013be633461326664622d373263f8972ecac5682d67e95d610ba86f96352d613565e12d606531f9ffffffffffffff00312c650000000000000000000000000a5cf429017f87277e2616122a0ae4cdddf896354568ddbbedba1ce3545c5a77837fff602cb0bd9f0539a1947cb588f2bed5417806f50532f29dd03da2050c768394c16bb9f8059b7063d92000714d02aaa9f5484dc795040e", @ANYRESDEC, @ANYBLOB=',rootcontext=staff_u,hash,uid=', @ANYRESDEC=0xee00, @ANYBLOB=',\x00'])
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)
mount$9p_fd(0x0, &(0x7f0000000ac0)='./file1\x00', &(0x7f0000000b00), 0x1100480, &(0x7f0000000c00)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}], [{@permit_directio}, {@dont_measure}, {@pcr={'pcr', 0x3d, 0x9}}, {@mask={'mask', 0x3d, 'MAY_READ'}}, {@audit}]}})

[ 1151.259007] audit: type=1326 audit(1755410118.605:164): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8558 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
[ 1151.273361] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1151.274413] CPU: 0 UID: 0 PID: 8553 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1151.274435] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1151.274445] Call Trace:
[ 1151.274452]  <TASK>
[ 1151.274459]  dump_stack_lvl+0xfa/0x120
[ 1151.274485]  dump_header+0x107/0x950
[ 1151.274514]  oom_kill_process+0x278/0xa00
[ 1151.274540]  out_of_memory+0x34b/0x1690
[ 1151.274567]  ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 1151.274594]  ? __pfx_out_of_memory+0x10/0x10
[ 1151.274626]  mem_cgroup_out_of_memory+0x164/0x190
[ 1151.274651]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1151.274683]  ? mark_held_locks+0x49/0x80
[ 1151.274707]  try_charge_memcg+0x81f/0xf30
[ 1151.274737]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1151.274767]  charge_memcg+0x7b/0x290
[ 1151.274788]  __mem_cgroup_charge+0x28/0x90
[ 1151.274816]  do_wp_page+0x58c/0x3240
[ 1151.274846]  ? __pfx_do_wp_page+0x10/0x10
[ 1151.274867]  ? do_raw_spin_lock+0x123/0x260
[ 1151.274888]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1151.274908]  ? ___pte_offset_map+0x176/0x370
[ 1151.274932]  __handle_mm_fault+0xde1/0x3030
[ 1151.274953]  ? reacquire_held_locks+0xd1/0x200
[ 1151.274969]  ? lock_vma_under_rcu+0x11e/0x530
[ 1151.274998]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1151.275021]  ? lock_vma_under_rcu+0x17b/0x530
[ 1151.275068]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1151.275102]  handle_mm_fault+0x2c3/0x900
[ 1151.275124]  ? access_error+0x17d/0x380
[ 1151.275147]  do_user_addr_fault+0x4fa/0xeb0
[ 1151.275172]  exc_page_fault+0xb0/0x180
[ 1151.275190]  asm_exc_page_fault+0x26/0x30
[ 1151.275207] RIP: 0033:0x7ff98baf5d30
[ 1151.275220] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1151.275236] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1151.275250] RAX: 00000000282bb3e7 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1151.275261] RDX: 0000001b2cf2004c RSI: ffffffff819e7e16 RDI: 0000000000000000
[ 1151.275272] RBP: 0000000000000001 R08: 00000000282bb3e7 R09: 0000001b2cf2001c
[ 1151.275282] R10: 00000000000013e7 R11: 00000000282bb3eb R12: 000000000000000b
[ 1151.275293] R13: 00007ff98bc4f000 R14: ffffffff819e7e16 R15: 00007ff98bc5aff0
[ 1151.275305]  ? apply_mlockall_flags+0x86/0x480
[ 1151.275338]  ? apply_mlockall_flags+0x86/0x480
[ 1151.275367]  </TASK>
[ 1151.277200] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 1151.277324] memory: usage 307200kB, limit 307200kB, failcnt 2807
[ 1151.294805] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 1151.294938] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1151.298205] 9p: Unknown access argument 18446744073709551615: -34
05:55:18 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)
dup2(r0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
sendmmsg$inet6(r1, &(0x7f0000003600)=[{{&(0x7f0000000080)={0xa, 0x4e22, 0xfff, @loopback, 0x4}, 0x1c, &(0x7f00000002c0)=[{&(0x7f00000000c0)="04fffc68dc53d0ce9d86a3eeb4dc74612d01a2359b5d09a3ecac8729bd4cf3b9c40cff32a1c269cf7643d8d7198b25b356e86070c8d2cb200f0abdad60fda4c0c9cc30c53571ed938510", 0x4a}, {&(0x7f0000000140)="2f9234f64c4ef0f608e278337b048da55c729dba77b1f7d8d17d93ce022bb0a5e4c579e086d6a782b00fef41742dbb391543924d778468db461e8f53c4cc53d34eed635743db6f0850c9c245bc60c57360fe67cf13cb7b399b91d5dd5bc170acc6a849044cb6d51d81d6ac90d62c", 0x6e}], 0x2}}, {{&(0x7f0000000300)={0xa, 0x4e21, 0x5, @dev={0xfe, 0x80, '\x00', 0x3f}, 0x1}, 0x1c, &(0x7f0000002840)=[{&(0x7f0000000340)="b73145325e919dac372cd0ff85db629d49d0d3d203dc1be4028a5132e299ba7b8bcf654ab85d5ece160daa008ce4affbc08f40b27f26c3911ea753c3321af3dcc1b99eef235705cabaabddff6e7cb8ffcee532dfe0cb8435b248523a4fd141404b66e7a1ee7286f07350fd1e66234c89ba106521391d091fce0bb5fc3f1b9dfefa56637dfdb046195cf5897be41e4540775598ee417fcd46e5f87361baa66ff7e417144ab78d064969adddc8b4145be3da39df5226dbe725e4ffb87a8bf0894551133bbf0da46a2d178f50c47c582437d20d02edfa16f21eadd4e3b3ad96eb2d979aeabe536951750bae85c6be59efe5aa9ee9a02851f8bd86680f7730fd056189be7447316fbe66eac7622427bd9810f2dda170b05512addf6be6c7a392801c58074dfa341b0dbd2facfa7e7bb188cdf9282b69fdbaf3d69222fe8a495c0d77732a10cd19022b3e62d19896102de10f15837d96308101e2cde718ddd75ae863d5ccaba41831b3bcde93d37cff243bafad0d14fd5b9b8e91fb44fec85921f2978db90dcefe8ceed7bc54afa4b11c90fe2bfcf999185ab9ea05087cb3393012fe048354cb8f03e89cbc28d14a7b45cb234ecc78841289582758736a8b28b1b91cada66aa48897c87babf55a4ce8ba83be3b9e622bb61687e3619293dd69d8cac1f24abffac5cc9385ecaf009359925b640d1d719241047841b780db4100d39c82332122527c6f6f88114a34634a7eea68b9cc9ae34f823981aca627279787bc00df06a91caa4ce6e88b3a2c5774693bca21a5be2217b5f2b94d06d9a53ca78983da314583b18ef19401a9f97668ac314ab428212a9f9c47f95331cabbd98e4f99405ab5db28ce2d380f9de69db839f73133a99fae813316b6472fc6b515b99fc67e1258cc5ab969a49ea5458bad081cb326ce6c8cf4c11e0d7f0f17e1bea4f852b8caec1df11e257495e208eb30f12fe0e33662349614389be50e63201cbc85168a356e67f6997acc785591d1ae743b742c12c8a3c292b7968661f29a6885b87d159e1b5fdbfc2fe3d9eb0e77fcaf1942178a3800799213797d6010ba3ac88a407c2167281f484de1ee95488f555bb777bc1274482d64955487c9c5bf53d4c33c7cf48ba787bab05110fc6aa480bcbf8f0ee1f3a3329c6b93bd6feedaee5f96d2640b63118c692bfd68d2cd97ff2b8d3322c4d26ed5a94c77fc112029746d0ebb09296f53995e0231c1b655f178729f4277e1cb66303b7c0da4f6648a2f3855503981a3d3ca8ef0456241ae41679e8798eeaa7c55874e8ffcc79d308ee7bb808fde369b858f200080de17a6280ea0b30ed535611c9ef200f25cadbfdf45195405ad8fdb7b664ad0172eb88b6244576c33249e33c902852a7510771eebf2a10cc92d39e0c630b16973ea3505a3b6f884e4790e3834ba95e635eb569f47a80ead1ec56b55c804622fcfa14eaa8c0005ebd80df5a679b2776fa554582071410f77641d26b7fde0f5df4049e216ae7ad692fedadf1f42be0e9d11e3a4dad47c4b7db1d9cddbb870c6225743bd03476c4ac4a4efd69da51605abe27e4313ce6b9baec05544164fdd45315ec131746ba75fd6c787a30cbed5d3dfaed7e8dded7935727f4820fe76b216230848d04dd9f36a0376f5f8a4bb88bc483e4c3be6eae9f02161ca342e2de478e390a6c013983b190534b700613a21d71954b2a9d37fb75e39f4698b108aebcc2b1090434a78193d4b88ae4c3d5caf7c001747f46da01ce31dea467c6b8d826c2ac91b5602cbf30e5532979ac6d5884ebee8830217c448af4a3caf652c2a52df097c18f441cf38d8ef915528a0ecdc3dfd14de056fc648851c750e7b5c9d132c43e8fbe629cfe67d83a477e5c97a8f978b66a23b7d7e333354a79df63efa3eeef277fdf21cd683968d953b12cd554b843fa0b854773d10f78a41c656febced63e79977c7d3692a22126ad2ca8d43b37299b92887f1c83f6b9b53bb134a94788524efab428c5ea938c480613cc430131daae07736ab3c398a3c6782590a3125b3bab0101ad3e516762443269da203d731efe0a2c6e9880649d40e5e2653fa992408db0a079b4cf156a1b0d534f141c567d9cf06f5cd7ab16e8d840a521f08eba0c26359f536d43ea47c0c95c2d2f2dc1169f1664be5ea86739e3369331f56f588cf9d002a2a2564fbbe20711082ca1d53d26629d7d387e88ddd9c2030a30736ad542ccc6967b41db4b9401441445f223da2545f19d11c70f247b1de58acf92bf90b769ba8df3476b817ceb6d62bf8902523decd9c39c4e531b4530191dad2b77b53e1ee62e07743fbd097366dd0b1345c093cf297391479a287309089c76d3992b3e39c3e356b9ed16a7632da5509a316970894851609a927ea9e4d3df534f73575ee9e7b7e1886fd2f2c3d20fe2036d09638f424e83f81c53779883cec7f49098fb111173191e7dc105cb16ae529ce78d3e0c3e8f5158164d6e9d0d3aba358e86f21a054cec1e4b4e5827cae0ea8c433de0f9f3fe01fc560064740c3f0b76ac0a20fb17ae420038ca85633ca6e412d0fdd8147d3a9e2839eef27ab829a6d97486362a97450edc433158ce95e8d528437c49b203a0a84983b9f00bd7fcfc7cb4c07bdaa62e5c52bc524de4ba52d3448eae28f78b26c27e4c1f4c733e2007dd899a13bd20f6b729cd4c2097ba17db70fb58f32e65e2929fd5f71de13930ae3dd784504221c661f92fd46fe165a045705c5f8551f1abc699ef378086d70d594f7958e95fab05b9a9f37bc25b01b9240b937d52d4315b88e0f103ff5823cdceb831d6a0d00c78e1262942f0a4415809ff2e3c3b73802df71fc8330cb6ffcff5eaef2687e2250469e4e46e437269404bec103c9e7584b90074b211c67db86e0345c7fe3ef2a7325f796e9a42ce4e3c7c8e85aa045d69b02ea69d89a067d87c5076635eae889e3209b39244ec55c9cc360d57018695777ee015b51b820df086678f2479b1e90570f4928154835c39071acd9343e6d098f4d6b39c9f98e126bfb22bd1787e2b9a3d8d123a2e165d7b6ad1dd0aa00cb13a69654ff7a70e23a1ea9b46463e15c9b4e1347deb7a0852057f22c217fcca41ef438d712d9ae2557c2542f50103c94fdfe4f3321b6c12edf986965b91b745b31337440cb548abdb78bed4abc0c19c490248dfc8adfa8766253ed11488d595da539dc07b4e9c5c0940b83ba32a5c760f66d6e7e4267f962a6c505a37546fafc043959f0c638e432741bc9fcf436f26762d76416057a4e5987daa71605f2b8d71412b2a7bcce632d68d16211d2780bb25c082ce9c77a344c7162b093803916add07ef8a1ff0f0e1e9907401c484592b9bd2638d2b541d335cfedb12babd1563a5d7177d4aa2e5c89f9b447dc6c7b44efe8edb051f7e2202d5880ad29319a99ceb663855c6f13ca8de872244466340daa3f63935a8815065940c8712deb29fe0197a6d3ab837db85d04f01ebe79283d770703b9649d37b8facb84f69c19329fb4476a2633f4157df511df1641ff5b56466b9da511158e5e055f3442fcff4b3e0023ba4d8b5bfcbebb096c37cb898d917c7a0c586e04fbe8dc1a9862887f2bfbe67bb2d70c71bb6f67d37c5afd3903dbf4ac5fd4f927825e944d075c8234ca63357d1b6673274570d09664c62a347000b89ea225143cecd8a743e97155f4953044b53b79286cf746a44971c05f85e8b838fd171d47e7e44635b39ec6011f122ceb054e2e84f4d1a8afbbaf220daa8fc081ae83680ebe4f5b416cc07c30360dc11a8aead71a2992e89db41d88135f1b8223b2d6febe81bdd8262aacd3f9b57f9d65212d64efab4035e562a740637586478f59a6effbc1cbb37bed769cf7f3b7964607546ef22d96c5ca66c6a6b4b4a1155857203b49d6d67b55abbefde6ecff266aec01f2a48b8671982408e8a760e0a8da4e36012b43fb81df13fc99584b5632af70b3e46b47b3213f9e6ec7b398bbc0f8e5cae6f8c332e94eff3ce11418ad5e0d2821a09f4eb14015203b51188f4d8ff4590b17f153cfbbd32484750eb88ecda5f17aaadafe01ac6cb3c6a3a4fabbf626b223b9bb8f665aec6a4f1435a680e4bc725708e37fcc16bb517c9abb38117a8fc2696433fe422b308963c527006267d493602a25dc217cc313cfd24ea942c01d22b7d49f945ddf5aff65b0084d75c953a1aa78fecd90dc722e6bc81b3f47395b8b5a001a307f7504d314d2ec34ccc1a501d07a9a2a1d55ac2f3553087337a77e33b7a566d44ec41d4b13efd74e4e70ccbcdd7cab5ca06463c8d003641bf9a966ce805c7aba91dfb2609536d4d15fe23f8121e285a9fb5986cf31ba128088cd39b3291781a2ffaeecc3950be1e6387008630bfeda0d4027fa2e167ee16f6ff3caabcd32b62eacb79f4a62385064ce4db2aea79672ed128bc5405b4fff9c490a48b24ae9aed6e6ddc604164e23cff6a271d989302a77ffce2d68c44c4d398275911c46512f66de6063c2adfece859c47f7aa28dd8b786f13c2954f8dfa98001b0677b9746711b4c9bfad8424c6e4da8675589cdf4196da0228ccc0c536f005aec76bbef160e214c58f10f46de82e6c323ea9badef4ecd92e31b3f5217d7cf54d6f296ade39e9855fc16cac668a16345232690bd1cef9bdeb793ad3274ff3d17122a2ba9bfe6835c78e109bc9b8e3b85ecb93326f08baef774259a1f9ac5b18ef3be5701da3515c7647fd6b29adca17ced48e211c451867ca14b26a49c082fb91c8289e54d5b18995d3b92bfc6ae196d9e0cc9d72bd3c9f45dba8330a98300da89ce9b0d3d96e6ef19ec1d9b39a55cef97bfb96b53061f7267c35ccc9e7de90ee873cbf81f35d604dce6a4ad864fa978f9db2bde69fe1a6f4809f13c68e1b1490a002c119305b344237460b5e468865a60d8121947368bd207c8650281f82db00389912586fa8f1c76c77e0f66bb6d5c2201e73a1712cf8cf170caaafa5faa8fbf5a80eeddd371709b894791d21e0e3c9e1d0548fba5a664972913efb0fcdd65274e93dab662cd818eadeebdb74c4bc2412cd1bb9698e45a7f5fad8b709001c14ea25944d9f8730f44a562c8d2e781dbef00c600b48c1a608a67c51749de57196028c3388f193dc841528a242980ef3c84da5a549b17515ed5da3bc9017638bfca76028172d4f1c51a671df08dbf7134c29becc357cd5c7f5c1d07bec34222208aca5121858300fe3ea1240aeaf204f9851933a9a8f34855b7ce4e82b47d4ee623b6be573144c99463ee3d7642b5c69c73f4799340742e6f98293950afa9093ae58586acf6a5946842592d473f815244cdac1ca3dcf6f761e2f30c32e2fed2b67de6770a307508d5c92c40b79354141a0a51e8599664c4bd99f082273b522fbe9419a44bba16f2426f6f7b505dfea534cab10c97f42402e00e4aba322cc7a72838fd1bf7b9c7e54d5b7ea67c1e575335bbea404893978b661a83f78a90923c58ce75aea99f4cd20687553e3db8bd237a3ff0e5d0282ae7e56bfe94ff135697f156a0841a4b2e63da4fdf86d7473d0c25690dad031d21cc65eab476a8b63f4e64e329adb6f86d94b0ef32cfa29b74cf1f796cec15830bffa2496545c0031abb117c1f0e7104c18c95815a7e1520cdeadcf2ed8dea2afb39174ef72ee7095380505b1ef1b73a3763485ba5c47305fc9890ea9ef0e9a31617fc2b9f25cbc528804ac899943bd9a30bc448879082829c77dc91a9b4d0f85ae440efca58b99954ad2e1a26737b5f59b8f831faa6668fc1bc8096a622eb7245f90a0ac", 0x1000}, {&(0x7f0000001340)="88baea8ce5bd69392733079a78c4a20fd9a23c93a2037330a7954e6be162990cbb8d702803cc92e2c051826ff6215d9a89ededa65c3ceaa5f45b1793f9b44ef3a86124ab8c3db9c42e5ac76934abc5c4b6f28e92e286c1ab33f88d329ed6b0767490e5ad7c24276fb8021110b5d7d5980480b2d75b93a523312de2f28b44a1970e28e2f483c957b2eb0d44104c3996f40e2473ffbd673a9885610527fcd137f8b697da553056f00bf2cb0537e6cf7ac968a8852fc37d2497486b6bf55536487c5382d136b3bc0766ca41446ad5f9a00cdca12156", 0xd4}, {&(0x7f0000001440)="d2f11f8c392870a550fc1729b834ff0e625b1ef482f1d40ab7f5fe1211293c9c3ef8dc941116b5b561f88fc92161d43298116ae3", 0x34}, {&(0x7f0000001480)="ba18eaad07c54daffa38a89d5137ca3cf3d1fc05091bfb12a67a8034f2e030ecdccf4efc2d16468966f92e0b2a2278189512bc84d62e41a1f78c1518810d8aaeba2dddfcadcfbc56bcfb045d5bab15d8cd913f29761d64a1015e2987cd451c069795eca8eca35280ad61e86f64b9502d80dfbcc90d9a32452d9af1529557456f1f", 0x81}, {&(0x7f0000001540)="cce103e1ccd9616a6303f99c2bcc5d8e39de08fe0cec7fc20602206946abc978ee6b2f0087c328b829b07f505bdebd4ff7b7ca9fedab71947a5e224f60ffc8447a6705741438", 0x46}, {&(0x7f00000015c0)="dbbe31fad1b88eb9e34627d380eabb78a1e109c2b12eaae7579113a2be16ed93e3f4df449feffa04c30044b03fb42d614f6d5ee5152a829e72116f6f63fa912d9ca7903d0da1ee59905f906d956865e1dab1d3641c9979ce23b648222c28c442ee86bc86711921ded07e7e3f5b94bd8e4accdf81922d858d419170591beba5b92e54aa8342e8c888938d258fe42e0cf7d370b7e7a6347bbc1921d7d2a9f377f3afa8b61252235cd0f06fe5636eb26bdf5bdbadc709ccaa706ad71ceb21f608e58f0c9362c88e8ef2591fbca5fb3428d498aebe61e1bfeb211c64c9a93fe50df5a5d8d0e0bb3caf266a8f577040c639c9df8855e95f5f7026524b70c31fd8538705a2c4e76f28ab39fe315c2700456ad5b214552509f62c8d764b81c059e2efe275721902784909ff17ae811e94891c2579b26fa9ac47752ac84125dcf9aa2022b786b6da3897fcb9512f18d53aa53efb0296489c1aaec344995493635fb5f49e0a4a56236134c2310322c5ab7e4a1d4734c290737b702b32080d1abd373729cfa5ff81407a21f7a6ef15c3086b86cf5becaf0fc36defef8dd643885e37818043c2106389e4ab3d97b82cc85153dde558249b8485614f51731779d5de917adc8d577371c0848ea3d9b20ccea9013a7716703dc6c13fc43c5eafafdcb8aa5890d4e9707c4fa00a360985bd6627d3c6b25211ab6f66cd63285279eb3db859b02af3190c0834a5296c0b5898780ab4716eabcc75c2f150b5f48d3cdffe36896aa96ece4f3f2283982f0a9575576d3f1ce9f203dfb8c4ccf137742f183644464cb3cca4c90d4d66fb3e2df4672fd04d8d257f4507e7b6a37d1264bec64351fbff0b19ba33911954a868a68bc028144d1a2e957f130d08520b1b1ac216c583c16bdd013c14062f637675ef334dbd5a726598793c03e5966bfdbf6ab75e852703fcb36c027ded1c655c4980ec67b11ec69c635af5957580225d79614d014ef47a1820d3dee021f69f822d22f196b830734f09275a36f503ee091ce46a2265ea94a6f3a66a1bc109aa074dcfebd53ec0e7b6506444a05822841cc7502b5c900f1b4bba61fbc8bec289293419c25e4eac6bc48f85cec7d41201509ad7e275839a01bd57fdb760d78a7fdfa84dacf985f96bb13f411d8cb021e26fb94c6f5f1f96534d118ecad3bf74017b18a2048688770a80169255f9b36dacd7229078642a4ea9a1152b2209ee57de4eb710951bee449666d5be2e0f599a0f8036dff20c8182f63dfda308981586515b0b33c94434590ddd9057b4abbeb376d8a03d31592ab705938750fff3de1e2e67b61199d034bfcc41f8b5024a1907cb28a0e2d480ca10d3bb3b6da54bb9d6b4e58f7c8313accd3e985f55966e549d67cbb5352f0c53f0689c1fae27db776f25e5b00bfa2d2ad0706301e05579df2ff89a9423137433764267fa1274a8293dcdc1b37f7cf3aee3ed00a3defd7f4d1f11da9d4b92973de0264852e7f93f8859a0a5294ce3b01e85d478d3c73a7e22164fbb3d57fd88b12f51fb8628b299dc502b18793f0ad687f35d05a0233a3a3a8cd72acd918d423fe1273573309f5d2e599618e27a28f06fdec0174ce1a0e4fb3f0dd3dbf3ef945277af3fd4a40e6d32dc323f8bcc55497ac19edf2f0082c15de17889d03a4b00897ba6c0aa3521c1f824aeb50695a4602977442a12cd57e7a9819b40cb75d7dd2130bfd85bb2e994646eaf33cf2ca3fd94172b0151ba80b3540be2cf00529349976e381c999b6a9c9db814dcbae983ed66c65501155bb20c72e26ce54f686a7f542dcd23d0045d4296448b421a818ac492f912a5c2f0a8e9284c9b47220080cbe729fb0dd381bf1f75eda23efd8fe24bc8b0302f6fac1def437763bc89936e499bb32bc81f3ee3fc87cc1e9c8b282c3b4998e6a15fcac90abb606df368a49b9ae5a23e18679bebf8fcc3b60b438fefdcefaaa6b7bb42f8746f2fa930f0c4f0ac8a709c17140342776f7a1eb52088ec758dbd29ee81f131bf8e144bec8bfb2c74e0cd0eb06efad442355e5c902bd5c1d37794fcbc53ff2ed42fa4fcd1467ef9ceafd318595534d7463e87d052516191c621b89695978ac1422e74efe613c138257f8a5529a45953963aa567ed02c997c8a2a44bc9744d4728501490b519eb42ada46b59dd51154f902aa14923f6e9389e3f216fc5d9d34f774a616d2c25ef0155d566b54d13683b62c0dc312ac4a6142d9825c15b6369ef13bcdcb858742c9b363b304d4fde9688945e685c13c884c1991a0b172da874b8c22b8066b3bf9f9d5fb18b00e1b4d373f24789222073e5974a7dd2a3e1f6641a39180e9e5457d6272cbd15f2f89fb58280cd10d4d27cd3750f325fe96fdf4f82648ebe355b0c1d119da4deb8af16338a0d10ba2dc42b95d1b3683dd3aed4a8350ecf0d882a22b91800b59fca70ecf25d5c2dc5bdde4c6f6f69ad6fea653bf518d2854b5bab4640f5e43dd1f86b39a5f8f41e60b37ab2680bb2e61d6a842a271bb078b22f38284ec920434964f6fe950f3f4dffc9964abe4c6c25e9956baaa8fcf811c6e21598cec65acffffacb77c267b4e5f9943c58c9ec956d00670608941b8f6ea2ac317d57efab9bd1425bf7cd068dcbd1b97341f71a01fc913162ab90a2fb77cb4dac7b320415c7e72ee73206b74e07b7c380354a642f59c431c3d15dbc9c3fe2d04521f4b07e7479e07663b5839027bb4c9be33a21efdded4561a5bda4c5f731cd5e66eb1c10c25d2708adc24b0a31ad5ac18438595a368b80177adf3e466e7dae9668c730b756a6553a49bfa032d28619ccb9129607ab5b5786b2e467cd8cd7f6ada33c1cfad94a86fe697e6c874da4007b3432b682a166bf795c6a6487086a4c3f76deddeb80f4ced87ffe69500ed4435b0ee92241b53f05b7f62d693ee449d00f15448dfb3f3d43eaa082ee3a80e11933762a94e8136694915539059528d4e0a7fd90ee6b20c22a0c5f5b2a5535d690affb151f9250e79ab6a93ef656a15c86d35f84a5bf6d556e8378fa20cd9cc0ee4396b3d0433737ad08ba827d02af74e3e870369f39950e12442b0dc07d78700d95ec352149a436d544e053c9406ddf13c1c87e705d202a3d23f82d52032e544495e22784361bd98bd07d6685778a97601a6022980ae5376d35ebedd285cf919d227bff11ae8af9884c9e64f9b84070da70a2e13f531d9e54f63b356535dd61a97380184b4e59c2b9654debe3fb4682000c9945d05a615a16d6ade6787442352f77d54792452853a3a280b40d385d97fe651427ead7e07faff2aa54899704a1281c7e84ad3b6a2aa37ee0b8557485db8d5f746b0ed1b90bd1cd374e2d24f6dc4f92100943d4888a4754337a0ba208650eb8fdc43663dbb5de994cb97e43566af3d091abf1caa903c1192b74f331937ed687115c0ea043310225cb213663fc44b03cb15ccc0c3afd141ad8469d2e1f25a28beddbe1bd1ae791cc11e7e09411265255b9e3806cee528de8b39b28c9ce7b01bfc7e73d4b1e4ac0bdd734b48c2f4e189564c451f1cf17fa3f93a8891168a0d6be162b7e86276a70ec0122f520738d0cbdabc4d11c416200f9b3e0fb5d66aac00f5e9d290eab80cb672899f514a8a0448445f29f07e6e27290b6eb2de7f1f0cb973f05ffe8ec7e8ded6221e6e0bf7664b878ab2e9533370562d71121166efb4ecb599a7e8785f1280cfd4c40a2188657c1922aeeaf3878852d389bd5368e421cc570edf4c4c85763c6529dcb1a774bc01da21f05eba2e16dd4c6b6f8628c267a08151ea73008ecee619b1aaf7313acb14cb1a6442106d7c2585fd0b65f38dcebaecc9fc7eccf64097475039cd304b0d59da00c6e31a4b59d3b0b073e81f097f9b2d95ea2eec15cd506e3d368c58abcbf9773982a7482cc537a4054366301123688cc04fee700e15b254c532502827636c2f3387523bcfdaf513fcb626200874ed43c1b22f1477e85f82705e329b1aa3fa236e3d445e7375148cdad1180ab09baa5a6defd853e53175d7e8871fd788e13479750b389e274ca2c525bda265199e70799b7fe4c33872e41973d46ff78186ecfe4a5e9d8493e5676f7e04886251893f1066285500a4e4e3214b010176bbdbaf10d03331d176cf9e47a60d529b276b1d5448cf7e66a52d41728504dfc03b542f98dc359125aab6bce19f08e354fa00c25b8bf77fd2cd8a5faa68df4ac3c876efcb71073507716b83def81a5a5381369d262d77049e6824eeaf4894b94ece4688b5eca284bf18376017ad605fc436043d1f482386ea685f11e9c76b833a8b24ee7e4981138e514fc336cea8145282402239ed5f58f0a4ec9c0391f5f738953dc08b8bd871044d466399350cfb1a5b36a078a742ef390a8f5287d823a40cec39f1f69f8d0cd9c3893aa06089ada9d4f4d297216d6dbf45361cc4e477c4eb35d5792cb6bd33fae3381e221939aaca93828cd6d0db3945814a67f10edf4f027699dd9e4a6696b327cdf041d419702073755f9f60dec1f9ba5595b06614194a0162f298073222a1e70b4ac294a66bcf852809c940c4adf0383b7681b5a92a7bba6619e50a76fb076b205dd957bc382ef584ddfe9acd43ca7dbdc0bdaba9c1df0f8310bf268c2122b535714a0ecebd8bb67ed7da905fb3038e0e4111b2a4a18a8f5acf57738a33f4669de50ee53d6f00f93611b87ac84e09def88723708bd86f5fdc2a3300c069a45a889d4c878a1500b8305b6665aab496d1ada490dfb15596e644bde9fb5e8b1bfe323357db4e63c53054b6b2367e0d0aef75ddffe2b0b1d50d4124062e83993d8a3a5a098b0aa7dd5023294aeed5c1abd342ca9e804bd4c57e9db5fb041529bccaa5c742d216d9ff9e10e43b7e22ba8bf4ada5d8d8e3e10911b7eed4aaa96ce9466d1abb7e087922e881dc9e17ebf56b24cb14ce97049ded5662264417de4931e5af9ae4863e1b7bf4e976800d5f779fec4e51a8da6932f40aa495be21cc9eca9a1bf576cb0e44e93a2ce7698ea4e2d65ff6b8064eee9ee8dfe607a40031756dba3aefe02a95f9ab9b51b65b4ef36d017eb6385dde30012787d90192cfbfdfcf6562c77f3ddadf6995ed0247aa056ed1d93927e5d140c8e34730e63818ea69dcce31b552012f859b9b2353f60d7238e37b001bfab35e78eeea2ed300335a0c5e4ab2bcaca7f70334153f7b116587843e1a264dec0f72434d0b20aea5135fea1ef246dbff9b7b66200c2f065d3df34e243c1d2daf668613c639801783c87afc8e052f5e0652768dc5fde45f10321868b22f5331ff3332f3bef851be934b4be6e8a342ed3e0841df317fd348f71f4123da8c4d90a9c3c5408215c277c0e6a4029f6ddc9025c25a89b6696a44068ce3c659202fcc6b8ad458465c3cc4ee9bb156c9d1aab94cacbaae1410d9af4868be21bda920bca5895511a401a536b0c239fac831dc9f801a166ef6ac55d79c50138a4d7d36107328ffa9eeecb6ac38c3db3814174a7326a49ecc8f522f1b8697cbfde7db1f537806a2ba04f66a7ad77041769f71501f0128226f6224fbe74dc88153db56d1d63d38705663103f727be1df2bdeb6a762d5761482fb7d6687045fd7f6bbcca6e7abb0e1124c64ba08f1abb91f3c667f64f8edca4b541ae0425df1d575ec03e32f30c7144b9b0721fa7d93db45e2fc795cbd09db1043e2219c9d791cf7ba2b6dd16d79dd074dcf25ce4d1c490dee70538072b0adc4dea2fa0de5e3a120074d13b56919b3539b6e583eeebff9dd0cb63aeb4a63f3f740d828cadcda912c7b94f66950413", 0x1000}, {&(0x7f00000025c0)="6372db726a1f0075d441542e3a4c1069d8825440039d9e706837579f94d0a699b4203f968eeee146972aceb816de8e41bd4103addb6a1881acf50c20543879c6559c32bc80d39a82", 0x48}, {&(0x7f0000002640)="e1df04e4566bcb5b9caed42f555a9bdfd313949e73b269ea70d9850c94e2e51040817d9fc5012871c7150a10507ee8d44163ef7da3c639e9ffec9a4b4fd8208e8db368cad6fc8a01673d4ac8a4c726a285756b93572edf075a80e23c09ec08fc737da4860da82335ff5180960093a655c3f4d181b7480c6bfed632bfa01076d7ce8effd137cd572fc405a7d39fb9df2f6f8d463fe6eba7dd660d02f35269b2a17efa779517fbd68710718ac0c5ff83a1e8d57b2ff9286cc0628b189cfce72247192106c17d7df2e4d084a7c7c54fdede9082426e6d905491be812d947c3a6a947c472f373c3ef4880ed2f380e4425de27bfe9b43510e0b", 0xf7}, {&(0x7f0000002740)="4707322d41bfd7cb367987604a22bd9e9bad2d8df6088d32fa45ffa9d6d87f3c5a584c1e539c803902ff64d02c2eeca87e5cdff5e917a03a1f6c6b2fc4b4ae7a964c85f8b0531d2d2ce49f957fa366beca18fc440fa0f9b954b7317da902067fa641dea6b83924ab6b8de315a3bc906fbe98a9264fdb8479e3d68a04cfe252f20f6c0077c1fdb70b2389571fb952687d42ef8a0e8a32e6dfb2c51cd75d72eb55f96d3a96096d0c134288eeea1087fabd6bc232855dbe12c3b4280836a2b0c4c5d0b9", 0xc2}], 0x9, &(0x7f0000002900)=[@rthdr={{0x68, 0x29, 0x39, {0xc, 0xa, 0x0, 0x98, 0x0, [@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @loopback, @remote, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, @local]}}}], 0x68}}, {{&(0x7f0000002980)={0xa, 0x4e21, 0x5, @remote}, 0x1c, &(0x7f0000002c80)=[{&(0x7f00000029c0)="a2bfe392f60422bb72a8c6debcd9d5d18a015799c246d3824b7fdcf93cbc8ddc9f11826fe12542da43631e82fd17db1ddacbc08475f23151e09cb38410c2bdda8ac4f409c4a22e7fc96129ac33728f199318f97a05d1a756a7f23a3bc73b233a594c45ac3cf07ffe9eaa22fdd945b0dbaefb9c79858c4cb94adf404c001395157b527a8e378f5d0219a8d7b27697f75d025feae94c0261a789c7509109b93e03c991c7aa9c18e64eaa89c2", 0xab}, {&(0x7f0000002a80)="af351d9e3561388fe277a799b7cdf26a07ddfa74ae3b82d03cb74ac1d02c6ca202445bd04d2eb18e47101a91015e7ff01a85f2a7cacab1cc88e3bbcdb00b0926c950340348ad2dc5962facb61745ecd5c0cdc5d40b175910f7a74899e0f3473d51126c68bf6634deda9deb6bd0329f1f65ed6d86e979e0dc68da43c9fccfde0d4135a46460604d72a78448b0f47313bc9909b157052b18f23a60881ddaa80d1f95b05b6f0751eb40a0c9c21a6f35d7f234d721c5463b3add9ddecf2f53855e85dabfe887da", 0xc5}, {&(0x7f0000002b80)="237a449d54f9d558820b33fa1aef1606c54fb8aeb06c7aedbc14725a4864a6d7ca7c6f84d89c6725128eaa88589b3c6a308d8c285cd0346f77091cc6d6d64a96d23b05db076ba9df445677fc44ee9b5d3b4e058aaf5a8982dac675a39bfe1706491f8dd5c6a00ebe9511b15c480f2c689a6b9972b1bbb1e86e5c747cb655fd97ac3ba9d8a50d7df57bc3bd6f99521b39d9d9b79aa028cde6932b90f75968d66bd3abcf50cf83a40b0321ccf4c38ab97378b5563d7fc276f1516ca7c160e773c5c7febdf7a35e93866e", 0xc9}], 0x3, &(0x7f0000002cc0)=[@hoplimit={{0x14, 0x29, 0x34, 0x8}}, @rthdrdstopts={{0xf8, 0x29, 0x37, {0x6, 0x1b, '\x00', [@hao={0xc9, 0x10, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @hao={0xc9, 0x10, @mcast2}, @enc_lim={0x4, 0x1, 0x8}, @jumbo={0xc2, 0x4, 0x7ff}, @generic={0xba, 0xe, "acc3bed8785f08810e5fe95dac29"}, @generic={0x4, 0x6a, "f6bc61f6a366dd62205110b1755cd6f37f8fe24757a6ec6c32c02f37c747d966630c06d45693de98300c0ef63ea5a6a3025d6de4c0d880c764230b58aad156617212c7ca9470e628d8e0b15abbf2521375ca7ae817852d45d6b06e1f985618ef32d28d740962c865873c"}, @generic={0x1, 0x12, "8e102332ea04ba74f0eb38ee3b26526ee3e5"}, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @multicast1}}, @padn={0x1, 0x2, [0x0, 0x0]}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}]}}}], 0x110}}, {{0x0, 0x0, &(0x7f0000003180)=[{&(0x7f0000002e00)="b180736f689293d5c48da03f33dc3912231e6da07c3c26a6505ef21a23741901839246589cfeb291764314728c12b4fba882cc6e03ad845dd6a3a80c1f907c00658b2dc92bab39e6ac53efb62e68a61eefed5427982445d9a737a02fa536dd2fabe77e42bb984b74993145c1f140e5e9e8a3b3597c079d842106de31ca432e087beb16d1d6340daaba27b4db1e98821da8dfc3c61440dfc4e823b6e0b74f4ca69e19ae4ece08fe43ce5f6becde3c3a0ac29007d34cc3a9e6189258319d27dcea44d80e3a21ad393365eeed6c038cd04037cf33ddb2519d2b340bb06054d8aa57f178e7a101ee624a93c61fc9368200421c9c4c8eba382aecf908fec41271", 0xfe}, {&(0x7f0000002f00)="eb31ccd6295f1783a295a6e16c301c4cb70a22caf2156d9b39313c3d4ae383", 0x1f}, {&(0x7f0000002f40)="33418bfbbbb801bb3b294fddb46c1d05f8144de620edeac0cbc789aa6037525b717c81a2ff219413415f3ac956d91c25cdf1f892cc123d4b491f05d47acabf3d24ab3c3048fa732b64ba5fa955e40224fe0432899ce041f3a6a96505ace8a69b56b70f8d0c29e57941e934790d802dd1d535fd139cc4653dc37246e027d8ef84a0ce9cd5aafd5961b8de0d5d48b910a2a77addb5c201a6d8caf5604b99f4203c30648eaf0b60e9fc4eedff1e8050223b2e8c325eaf903be16dfce6d328e6233b669ee18965720d71146c5aad01eacf1117ad10e5a0ef3a6a2226a367c01b9d63b1b2c691d4bd506a71d7da3b7db005140aad87", 0xf3}, {&(0x7f0000003040)="d6b50b705b5447a279", 0x9}, {&(0x7f0000003080)="3811adc4b329630ecbbeece6fa157b70799017532a9d01d03bdeedd89f0709b3883dd258dc26e71e366d90b6fcbddaf04faecc998387e41441387bd64c8c8d6085cd565ab37c7e255917f7983760ba61d1e381a6ed8e4ed8d4612ce82b5bc0fcb7c3ffe0f5b37fb85e61ad2fb4159e033b6d64b0d1f298d16534de98adf6fd816ee4c0efb31c6c2c1864cf142d161cc513767de19d8907eebc3d082f37535d3fc5514ef44768c90adb49333ca779b8370113d1123f1bc6921c08996c67f412629adc19d6441700057e037c07a9ea50a67da672", 0xd3}], 0x5, &(0x7f0000003200)=[@dstopts_2292={{0x38, 0x29, 0x4, {0x33, 0x3, '\x00', [@calipso={0x7, 0x18, {0x3, 0x4, 0x4, 0x3, [0x800, 0x0]}}]}}}, @dstopts_2292={{0x30, 0x29, 0x4, {0x3a, 0x2, '\x00', [@hao={0xc9, 0x10, @private1}]}}}, @hopopts_2292={{0xb0, 0x29, 0x36, {0x87, 0x12, '\x00', [@calipso={0x7, 0x50, {0x1, 0x12, 0xfd, 0xe11, [0x1f, 0xbaaa, 0x5, 0x800000000, 0x0, 0xfff, 0x8000, 0x3d, 0x1]}}, @calipso={0x7, 0x40, {0x3, 0xe, 0x3f, 0xa5, [0x100000001, 0x4, 0x2000000, 0x9, 0x5, 0x5, 0xffff]}}]}}}], 0x118}}, {{&(0x7f0000003340)={0xa, 0x4e24, 0x6, @empty, 0x80000000}, 0x1c, &(0x7f0000003400)=[{&(0x7f0000003380)="52c158f65b70f10c0243679811220a53355890c8623290e7ed122f0f8832dad7fd31c8c50e3cb68b8004fa0c2988c63d3d290f7636a17f14088946e5a5dc6b8c4ab9ec7b28a3cbeae0cd37c101ba5cbd4098", 0x52}], 0x1, &(0x7f0000003440)=[@rthdr={{0x48, 0x29, 0x39, {0x6c, 0x6, 0x2, 0x0, 0x0, [@empty, @mcast2, @remote]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0x8}}, @hopopts_2292={{0x140, 0x29, 0x36, {0x8, 0x25, '\x00', [@pad1, @pad1, @generic={0x1, 0xd6, "d6542a8a80d8e9bb0d7f75e449284f73b35e48951a77eb919998edd6e188d3b2328745c878129484279190f2751c886a7009243a9ac4a58c00fe2fc3428f9123b71cbaefff8587f4c244be07db1ad673dfc52063f8f37ca3606d52f7d7f84bb6318e1088deb275f27694bd6516e1cf72d51281a727930c17925a874cdb6dc46995aa7ab9229589f82c66ef0cb4923b77025e7f5bdb18c8c5fa4e6514320f53c842284466a67190bdb8e6ef76016d362abe0da82452692febc235bd3bbe97f33625559b8034a2abb5ba0a82a80fcc62f80a4155f2cf89"}, @jumbo={0xc2, 0x4, 0x7f}, @calipso={0x7, 0x18, {0x1, 0x4, 0x7f, 0x5, [0x101, 0x200]}}, @calipso={0x7, 0x28, {0x2, 0x8, 0x3, 0x800, [0x4, 0x6, 0x5, 0x9]}}]}}}], 0x1a0}}], 0x5, 0x40040)
clone3(&(0x7f0000000240)={0x61020100, &(0x7f00000056c0), 0x0, 0x0, {}, &(0x7f00000001c0)=""/96, 0x54, 0x0, &(0x7f0000000000), 0x3}, 0x58)

05:55:18 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x100000)

05:55:18 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x1d0f36a500000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[ 1151.298683] Memory cgroup stats for /syz0:
[ 1151.364908] anon 131072
[ 1151.365648] file 312950784
[ 1151.365996] kernel 1490944
[ 1151.366300] kernel_stack 65536
[ 1151.366642] pagetables 147456
[ 1151.367002] sec_pagetables 0
[ 1151.367336] percpu 64
[ 1151.367601] sock 0
[ 1151.367870] vmalloc 0
[ 1151.368138] shmem 312950784
[ 1151.368446] file_mapped 0
[ 1151.368744] file_dirty 0
[ 1151.369058] file_writeback 0
[ 1151.369388] swapcached 0
[ 1151.369690] inactive_anon 306536448
[ 1151.370094] active_anon 6545408
[ 1151.370459] inactive_file 0
[ 1151.370784] active_file 0
[ 1151.371134] unevictable 0
[ 1151.371438] slab_reclaimable 949040
[ 1151.371840] slab_unreclaimable 343688
[ 1151.372246] slab 1292728
[ 1151.372535] workingset_refault_anon 0
[ 1151.372961] workingset_refault_file 1
[ 1151.373366] workingset_activate_anon 0
[ 1151.373766] workingset_activate_file 0
[ 1151.374218] workingset_restore_anon 0
[ 1151.374623] workingset_restore_file 0
[ 1151.375055] workingset_nodereclaim 0
[ 1151.375453] pgdemote_kswapd 0
[ 1151.375781] pgdemote_direct 0
[ 1151.376142] pgdemote_khugepaged 0
[ 1151.376504] pgdemote_proactive 0
[ 1151.376890] pgscan 801
[ 1151.377159] pgsteal 9
[ 1151.377418] pswpin 0
[ 1151.377669] pswpout 0
[ 1151.377954] pgscan_kswapd 0
[ 1151.378263] pgscan_direct 801
[ 1151.378596] pgscan_khugepaged 0
[ 1151.378965] pgscan_proactive 0
[ 1151.379338] pgsteal_kswapd 0
[ 1151.379660] pgsteal_direct 9
[ 1151.380006] pgsteal_khugepaged 0
[ 1151.380366] pgsteal_proactive 0
[ 1151.380714] pgfault 88153
[ 1151.381039] pgmajfault 0
[ 1151.381324] pgrefill 768
[ 1151.381616] pgactivate 3833
[ 1151.381957] pgdeactivate 768
[ 1151.382285] pglazyfree 0
[ 1151.382580] pglazyfreed 0
[ 1151.382897] swpin_zero 0
[ 1151.383196] swpout_zero 0
[ 1151.383489] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8553,uid=0
[ 1151.385038] Memory cgroup out of memory: Killed process 8553 (syz-executor.0) total-vm:93420kB, anon-rss:276kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
05:55:18 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000540)='./file0/file1\x00', r0, &(0x7f0000000580)='./file0\x00', 0x400)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
syz_mount_image$msdos(&(0x7f0000000740), &(0x7f0000000780)='./file0/file0\x00', 0x9744, 0x4, &(0x7f0000000a80)=[{&(0x7f00000007c0)="db995920f9630b41d481d60a17a3023566befc958306150d62b54d7454da003b6d61672b8ed8a4c34a69f2d04066440684f2b74d19fff3bf70a71cfced7bff4323295b11596752c5d44050420714294c4789013b1047c7eb30dde83416c38cdcbd013758fe80476382ff5b9855799b1f881b9ab01a96a149bc4b84a471564ee99096e223c0d813d254557d0c67fcb1718f044f5b58d73c13230cee9f8f2d96c7f829852a8b76ee2af92498e0a151be12", 0xb0, 0x2}, {&(0x7f0000000880)="d9a05701ee1aecaf1eabe37f309cb9608779aa36b6eab121e728cb6cabf23445a163b2fba2760b70702d6a2beb20d959e420b28807523478e8ae5a10b7bc17f15cce5dbd36d6f0cb4e6cd96568645a3343c7f30280087678b5fcf88847a4ac1a3200644290a8b73cee78f8aca792c798764ca9dbbfc165b1ff8217f84199676a811cba56df65efa566db23620ea75ffebde3d4d433432602bb42e11403d3", 0x9e, 0x9}, {&(0x7f00000009c0)="80c9d4c0b305183fa4ef686aca49f24dad725404c2d57910079a81f969e2d5c1bf16c2b1a40d48b24cad373ab4fa88f41f68036d9e6ec4c40515969afbdd14f466f321abd0506f77e134762e30b78be1e1f4d3ae4311767bde33e30a8af793b0ad6bf1dee677bf35b5a24e2f84a8ac6a19c2f0e102b034f83613e9088735a4e9926659a119fc48455e15ea6a72864534cbfa247a59", 0x95, 0x1024}, {&(0x7f0000000940)="8408e33af53689e2a1acf5b58e9aacf0c9b31216bec82230a80a672b6ee422c54b50ac02cab9c5bc592702f4c885656ffb", 0x31, 0x5}], 0x12, &(0x7f0000000b00)={[{@fat=@flush}, {@fat=@usefree}, {@nodots}, {@nodots}, {@nodots}, {@fat=@check_strict}, {@dots}, {@nodots}], [{@fowner_lt={'fowner<', 0xee01}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@obj_role={'obj_role', 0x3d, 'smackfshat'}}]})
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:55:18 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x6, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:55:18 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

[ 1151.528123] netlink: 'syz-executor.7': attribute type 2 has an invalid length.
05:55:18 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x1000000)

[ 1151.551407] netlink: 'syz-executor.7': attribute type 2 has an invalid length.
05:55:18 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x2000000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:55:18 executing program 0:
mlockall(0x2)
shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r0 = shmget$private(0x0, 0x2000, 0x10, &(0x7f0000aef000/0x2000)=nil)
r1 = shmat(r0, &(0x7f0000c1b000/0x3000)=nil, 0x7000)
munlock(&(0x7f000091b000/0x4000)=nil, 0x4000)
shmdt(0x0)
shmdt(r1)

[ 1151.719988] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1151.721085] CPU: 0 UID: 0 PID: 8592 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1151.721108] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1151.721119] Call Trace:
[ 1151.721126]  <TASK>
[ 1151.721133]  dump_stack_lvl+0xfa/0x120
[ 1151.721159]  dump_header+0x107/0x950
[ 1151.721187]  oom_kill_process+0x278/0xa00
[ 1151.721212]  out_of_memory+0x34b/0x1690
[ 1151.721239]  ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 1151.721266]  ? __pfx_out_of_memory+0x10/0x10
[ 1151.721296]  mem_cgroup_out_of_memory+0x164/0x190
[ 1151.721322]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1151.721353]  ? mark_held_locks+0x49/0x80
[ 1151.721376]  try_charge_memcg+0x81f/0xf30
[ 1151.721405]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1151.721434]  charge_memcg+0x7b/0x290
[ 1151.721455]  __mem_cgroup_charge+0x28/0x90
[ 1151.721477]  do_wp_page+0x58c/0x3240
[ 1151.721506]  ? __pfx_do_wp_page+0x10/0x10
[ 1151.721527]  ? do_raw_spin_lock+0x123/0x260
[ 1151.721549]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1151.721569]  ? ___pte_offset_map+0x176/0x370
[ 1151.721592]  __handle_mm_fault+0xde1/0x3030
[ 1151.721612]  ? reacquire_held_locks+0xd1/0x200
[ 1151.721629]  ? lock_vma_under_rcu+0x11e/0x530
[ 1151.721657]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1151.721680]  ? lock_vma_under_rcu+0x17b/0x530
[ 1151.721716]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1151.721750]  handle_mm_fault+0x2c3/0x900
[ 1151.721771]  ? access_error+0x17d/0x380
[ 1151.721794]  do_user_addr_fault+0x4fa/0xeb0
[ 1151.721824]  exc_page_fault+0xb0/0x180
[ 1151.721843]  asm_exc_page_fault+0x26/0x30
[ 1151.721859] RIP: 0033:0x7ff98baf5d30
[ 1151.721872] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1151.721888] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1151.721902] RAX: 000000004137ace7 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1151.721913] RDX: 0000001b2cf20018 RSI: ffffffff819ee58d RDI: 0000000000000000
[ 1151.721924] RBP: 0000000000000001 R08: 000000004137ace7 R09: 0000001b2cf2001c
[ 1151.721934] R10: 0000000000000ce7 R11: 000000004137aceb R12: 0000000000000000
[ 1151.721944] R13: 00007ff98bc4f000 R14: ffffffff819ee58d R15: 00007ff98bc5aff0
[ 1151.721956]  ? __x64_sys_mlockall+0xd/0x40
[ 1151.721978]  ? __x64_sys_mlockall+0xd/0x40
[ 1151.721997]  </TASK>
[ 1151.744796] memory: usage 307200kB, limit 307200kB, failcnt 2842
[ 1151.745471] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1151.746133] Memory cgroup stats for /syz0:
[ 1151.749770] anon 106496
[ 1151.750700] file 312950784
[ 1151.751096] kernel 1515520
[ 1151.751407] kernel_stack 65536
[ 1151.751747] pagetables 151552
[ 1151.752117] sec_pagetables 0
[ 1151.752440] percpu 128
[ 1151.752713] sock 0
[ 1151.752981] vmalloc 0
[ 1151.753248] shmem 312950784
[ 1151.753554] file_mapped 0
[ 1151.753875] file_dirty 0
[ 1151.754160] file_writeback 0
[ 1151.754480] swapcached 0
[ 1151.754767] inactive_anon 306491392
[ 1151.755177] active_anon 6545408
[ 1151.755524] inactive_file 0
[ 1151.755857] active_file 0
[ 1151.756158] unevictable 0
[ 1151.756451] slab_reclaimable 949040
[ 1151.756856] slab_unreclaimable 363896
[ 1151.757255] slab 1312936
[ 1151.757536] workingset_refault_anon 0
[ 1151.757951] workingset_refault_file 1
[ 1151.758345] workingset_activate_anon 0
[ 1151.758745] workingset_activate_file 0
[ 1151.759179] workingset_restore_anon 0
[ 1151.759575] workingset_restore_file 0
[ 1151.759994] workingset_nodereclaim 0
[ 1151.760380] pgdemote_kswapd 0
[ 1151.760708] pgdemote_direct 0
[ 1151.761061] pgdemote_khugepaged 0
[ 1151.761424] pgdemote_proactive 0
[ 1151.761779] pgscan 801
[ 1151.762072] pgsteal 9
[ 1151.762337] pswpin 0
[ 1151.762591] pswpout 0
[ 1151.762879] pgscan_kswapd 0
[ 1151.763202] pgscan_direct 801
[ 1151.763549] pgscan_khugepaged 0
[ 1151.763920] pgscan_proactive 0
[ 1151.764347] pgsteal_kswapd 0
[ 1151.764674] pgsteal_direct 9
[ 1151.765022] pgsteal_khugepaged 0
[ 1151.765380] pgsteal_proactive 0
[ 1151.765847] pgfault 88192
[ 1151.766208] pgmajfault 0
[ 1151.766492] pgrefill 768
[ 1151.766775] pgactivate 3833
[ 1151.767123] pgdeactivate 768
[ 1151.767447] pglazyfree 0
[ 1151.767737] pglazyfreed 0
[ 1151.768054] swpin_zero 0
[ 1151.768348] swpout_zero 0
[ 1151.768641] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8592,uid=0
[ 1151.770173] Memory cgroup out of memory: Killed process 8592 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[ 1152.086749] audit: type=1326 audit(1755410119.434:165): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8558 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:55:28 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x6000)
r2 = shmget$private(0x0, 0x1000, 0x400, &(0x7f0000eeb000/0x1000)=nil)
shmget$private(0x0, 0x3000, 0x400, &(0x7f00004c6000/0x3000)=nil)
shmat(r2, &(0x7f0000ffb000/0x4000)=nil, 0x4000)
shmat(r2, &(0x7f0000ffe000/0x1000)=nil, 0x4000)
shmat(r2, &(0x7f0000ffb000/0x3000)=nil, 0x4000)
shmdt(0x0)
shmdt(r1)

05:55:28 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x3f000000, 0x0)

05:55:28 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x3, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

05:55:28 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x10, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:55:28 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2000000)

05:55:28 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000540)='./file0/file1\x00', r0, &(0x7f0000000580)='./file0\x00', 0x400)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:55:28 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x2010000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:55:28 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1={0xff, 0x5}}, 0x1c)

[ 1161.679042] audit: type=1326 audit(1755410129.023:166): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8607 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
[ 1161.698643] netlink: 'syz-executor.7': attribute type 2 has an invalid length.
[ 1161.714986] netlink: 'syz-executor.7': attribute type 2 has an invalid length.
05:55:29 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x2207000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:55:29 executing program 1:
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0xa8, 0x0, 0x2, 0x101, 0x0, 0x0, {0xc, 0x0, 0x3}, [@CTA_EXPECT_FLAGS={0x8}, @CTA_EXPECT_TUPLE={0x7c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @rand_addr=0x64010100}}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x2e}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}]}, @CTA_EXPECT_ZONE={0x6, 0x7, 0x1, 0x0, 0x1}, @CTA_EXPECT_CLASS={0x8, 0x9, 0x1, 0x0, 0x101}]}, 0xa8}, 0x1, 0x0, 0x0, 0x400c010}, 0x20004000)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x100, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_LEAVE_OCB(r0, &(0x7f00000002c0)={&(0x7f00000001c0), 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x28, r1, 0x8, 0x70bd28, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x9, 0x53}}}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4004}, 0xc01d)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r0)
sendmsg$NL80211_CMD_GET_SURVEY(r0, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x28, r2, 0x800, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7, 0x6a}}}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x84}, 0x40000080)
recvmmsg$unix(r0, &(0x7f0000003940)=[{{&(0x7f0000000440)=@abs, 0x6e, &(0x7f0000000500)=[{&(0x7f00000004c0)=""/37, 0x25}], 0x1, &(0x7f0000000540)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, <r3=>0x0}}}], 0x58}}, {{&(0x7f00000005c0)=@abs, 0x6e, &(0x7f0000001a40)=[{&(0x7f0000000640)=""/151, 0x97}, {&(0x7f0000000700)=""/136, 0x88}, {&(0x7f00000007c0)=""/166, 0xa6}, {&(0x7f0000000880)=""/84, 0x54}, {&(0x7f0000000900)}, {&(0x7f0000000940)=""/10, 0xa}, {&(0x7f0000000980)=""/191, 0xbf}, {&(0x7f0000000a40)=""/4096, 0x1000}], 0x8}}, {{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000001ac0)=""/7, 0x7}, {&(0x7f0000001b00)=""/4096, 0x1000}, {&(0x7f0000002b00)=""/121, 0x79}, {&(0x7f0000002b80)=""/41, 0x29}, {&(0x7f0000002bc0)=""/45, 0x2d}], 0x5, &(0x7f0000002c80)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x10}}], 0xc0}}, {{&(0x7f0000002d40)=@abs, 0x6e, &(0x7f0000003100)=[{&(0x7f0000002dc0)=""/178, 0xb2}, {&(0x7f0000002e80)=""/228, 0xe4}, {&(0x7f0000002f80)=""/37, 0x25}, {&(0x7f0000002fc0)=""/163, 0xa3}, {&(0x7f0000003080)=""/45, 0x2d}, {&(0x7f00000030c0)=""/24, 0x18}], 0x6, &(0x7f0000003180)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, <r4=>0x0}}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff, 0xffffffffffffffff, <r8=>0xffffffffffffffff]}}, @cred={{0x1c}}], 0xd0}}, {{&(0x7f0000003280), 0x6e, &(0x7f0000003880)=[{&(0x7f0000003300)=""/241, 0xf1}, {&(0x7f0000003400)=""/56, 0x38}, {&(0x7f0000003440)=""/138, 0x8a}, {&(0x7f0000003500)=""/150, 0x96}, {&(0x7f00000035c0)=""/220, 0xdc}, {&(0x7f00000036c0)=""/188, 0xbc}, {&(0x7f0000003780)=""/123, 0x7b}, {&(0x7f0000003800)=""/128, 0x80}], 0x8, &(0x7f0000003900)=[@cred={{0x1c}}], 0x20}}], 0x5, 0x10120, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r7, &(0x7f0000003b40)={&(0x7f0000003a80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000003b00)={&(0x7f0000003ac0)={0x1c, 0x3, 0x1, 0x301, 0x0, 0x0, {0x5}, [@CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x8000)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000003bc0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000003c00)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, &(0x7f0000003dc0)={&(0x7f0000003b80)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000003d80)={&(0x7f0000003c40)={0x12c, r9, 0x200, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0xe951, 0x6c}}}}, [@NL80211_ATTR_TESTDATA={0x103, 0x45, "7f49eedfafc264c1a90ce8012b62f0edb013fdac1aa95f4dbe8e39e5e63d847cfc869ec5ef77ceb36e2b104a0a9ad9313c6d271797839a98123ce5f90f4b9738ac5c7f56b255d410eb4886b3eb07ba40fdbe5695629aa0694bd452748334839e277bf15d87398b8042fe2fc531d64847929a0cb552fcc1538e392db2ebe4e39477c8beec346c2f69aa50165944828ceed684ecb323000a254bbb9ee88c40bd496f0541a7379e250821a0f88806a115d2b4e5bfd103d4951fa6cc6718851b682c6ca0a5315d620dab603c1c7393023d2fc72eb0f611e7a6a3f4b44277d71cc19a5613b4a3e836309676f758664ec4b2298f700c0ea07d9891060a9fdfae63b4"}]}, 0x12c}, 0x1, 0x0, 0x0, 0x8000}, 0x4000010)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f0000003f00)={&(0x7f0000003e00)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000003ec0)={&(0x7f0000003e40)={0x58, r2, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x13f, 0x71}}}}, [@NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0xefb}, @NL80211_ATTR_SCHED_SCAN_MULTI={0x4}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0x3ff}, @NL80211_ATTR_BSSID={0xa}, @NL80211_ATTR_SCHED_SCAN_INTERVAL={0x8, 0x77, 0x3}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x3}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x6}]}, 0x58}, 0x1, 0x0, 0x0, 0x400}, 0x0)
r11 = openat$full(0xffffffffffffff9c, &(0x7f0000003f40), 0x200000, 0x0)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000003fc0), r8)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r11, &(0x7f0000004080)={&(0x7f0000003f80)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000004040)={&(0x7f0000004000)={0x30, r12, 0x200, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x1, 0x47}, @val={0x8}, @val={0xc, 0x99, {0x9, 0x71}}}}, ["", "", "", "", ""]}, 0x30}}, 0x20000880)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r6, 0xc018937b, &(0x7f00000040c0)={{0x1, 0x1, 0x18, <r13=>r8, {r4, r3}}, './file0\x00'})
recvfrom$unix(r13, &(0x7f0000004100)=""/164, 0xa4, 0x20f0, &(0x7f00000041c0)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
pipe2(&(0x7f0000004240)={0xffffffffffffffff, <r14=>0xffffffffffffffff}, 0x4800)
sendmsg$NL80211_CMD_STOP_NAN(r14, &(0x7f0000004340)={&(0x7f0000004280)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000004300)={&(0x7f00000042c0)={0x1c, r12, 0x300, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r10}, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x1)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r0, &(0x7f0000004480)={&(0x7f0000004380)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000004440)={&(0x7f0000004400)={0x28, r12, 0x2, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @val={0x8}, @val={0xc, 0x99, {0x3, 0x5}}}}, ["", "", "", "", "", "", "", "", ""]}, 0x28}}, 0x40805)

[ 1161.745722] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1161.747205] CPU: 0 UID: 0 PID: 8602 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1161.747235] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1161.747248] Call Trace:
[ 1161.747256]  <TASK>
[ 1161.747265]  dump_stack_lvl+0xfa/0x120
[ 1161.747297]  dump_header+0x107/0x950
[ 1161.747334]  oom_kill_process+0x278/0xa00
[ 1161.747367]  out_of_memory+0x34b/0x1690
[ 1161.747406]  ? __pfx_out_of_memory+0x10/0x10
[ 1161.747448]  mem_cgroup_out_of_memory+0x164/0x190
[ 1161.747481]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1161.747537]  ? mark_held_locks+0x49/0x80
[ 1161.747569]  try_charge_memcg+0x81f/0xf30
[ 1161.747608]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1161.747648]  charge_memcg+0x7b/0x290
[ 1161.747675]  __mem_cgroup_charge+0x28/0x90
[ 1161.747705]  do_wp_page+0x58c/0x3240
[ 1161.747745]  ? __pfx_do_wp_page+0x10/0x10
[ 1161.747773]  ? do_raw_spin_lock+0x123/0x260
[ 1161.747800]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1161.747833]  ? ___pte_offset_map+0x176/0x370
[ 1161.747864]  __handle_mm_fault+0xde1/0x3030
[ 1161.747891]  ? reacquire_held_locks+0xd1/0x200
[ 1161.747913]  ? lock_vma_under_rcu+0x11e/0x530
[ 1161.747951]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1161.747981]  ? lock_vma_under_rcu+0x17b/0x530
[ 1161.748031]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1161.748075]  handle_mm_fault+0x2c3/0x900
[ 1161.748104]  ? access_error+0x17d/0x380
[ 1161.748134]  do_user_addr_fault+0x4fa/0xeb0
[ 1161.748167]  exc_page_fault+0xb0/0x180
[ 1161.748192]  asm_exc_page_fault+0x26/0x30
[ 1161.748214] RIP: 0033:0x7ff98baf5d30
[ 1161.748231] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1161.748252] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1161.748270] RAX: 00000000282bb3e7 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1161.748284] RDX: 0000001b2cf2004c RSI: ffffffff819e7e16 RDI: 0000000000000000
[ 1161.748298] RBP: 0000000000000001 R08: 00000000282bb3e7 R09: 0000001b2cf2001c
[ 1161.748312] R10: 00000000000013e7 R11: 00000000282bb3eb R12: 000000000000000b
[ 1161.748325] R13: 00007ff98bc4f000 R14: ffffffff819e7e16 R15: 00007ff98bc5aff0
[ 1161.748341]  ? apply_mlockall_flags+0x86/0x480
[ 1161.748384]  ? apply_mlockall_flags+0x86/0x480
[ 1161.748422]  </TASK>
[ 1161.778183] memory: usage 307200kB, limit 307200kB, failcnt 2863
[ 1161.779067] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
05:55:29 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x4, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[ 1161.779964] Memory cgroup stats for /syz0:
[ 1161.812300] anon 131072
[ 1161.813324] file 312950784
[ 1161.813726] kernel 1490944
[ 1161.814175] kernel_stack 65536
[ 1161.814639] pagetables 147456
[ 1161.815117] sec_pagetables 0
[ 1161.815558] percpu 64
[ 1161.815933] sock 0
[ 1161.816252] vmalloc 0
[ 1161.816592] shmem 312950784
[ 1161.817035] file_mapped 0
[ 1161.817421] file_dirty 0
[ 1161.817793] file_writeback 0
[ 1161.818242] swapcached 0
[ 1161.818614] inactive_anon 306536448
[ 1161.819147] active_anon 6545408
[ 1161.819617] inactive_file 0
[ 1161.820053] active_file 0
[ 1161.820438] unevictable 0
[ 1161.820855] slab_reclaimable 949040
[ 1161.821356] slab_unreclaimable 343688
[ 1161.821911] slab 1292728
[ 1161.822290] workingset_refault_anon 0
[ 1161.822839] workingset_refault_file 1
[ 1161.823369] workingset_activate_anon 0
[ 1161.823940] workingset_activate_file 0
[ 1161.824468] workingset_restore_anon 0
[ 1161.825011] workingset_restore_file 0
[ 1161.825526] workingset_nodereclaim 0
[ 1161.826063] pgdemote_kswapd 0
[ 1161.826494] pgdemote_direct 0
[ 1161.826952] pgdemote_khugepaged 0
[ 1161.827426] pgdemote_proactive 0
[ 1161.827927] pgscan 801
[ 1161.828283] pgsteal 9
[ 1161.828622] pswpin 0
[ 1161.828994] pswpout 0
[ 1161.829332] pgscan_kswapd 0
[ 1161.829745] pgscan_direct 801
[ 1161.830209] pgscan_khugepaged 0
[ 1161.830663] pgscan_proactive 0
[ 1161.831132] pgsteal_kswapd 0
[ 1161.831563] pgsteal_direct 9
[ 1161.832020] pgsteal_khugepaged 0
[ 1161.832488] pgsteal_proactive 0
[ 1161.832969] pgfault 88243
[ 1161.833357] pgmajfault 0
[ 1161.833727] pgrefill 768
[ 1161.834132] pgactivate 3833
[ 1161.834540] pgdeactivate 768
[ 1161.834991] pglazyfree 0
[ 1161.835364] pglazyfreed 0
[ 1161.835761] swpin_zero 0
[ 1161.836163] swpout_zero 0
[ 1161.836548] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8602,uid=0
[ 1161.838547] Memory cgroup out of memory: Killed process 8602 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
05:55:29 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x2307000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:55:29 executing program 1:
write(0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
write(r0, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba308cfc4161e562abde3ac4f3d7e0a3584d4928100197f102307c05c0b4b4898b0591bc1433af443478979f28e6136ffb21aaeac2be5490475a08e96bb94fd9d9d3aa2f8a1e147a80ba9bfd04dac3f476ff128476c693ea71f7be47a508c98eddc479eb703d6f17cc5be2182f7c39b0a47eb23e0808b5d87dd2a9ce88eb48a601781c53677b642fa92a7b767d76e208d17a13940ff013466264e16a26d7f004dfb575a75317d1eded2d32cbd9c6789c474435873ebc769bfbf0a064e61b363a4c45bc4b5fc77b81c120bbd2ecf508e748", 0x250)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = getpgrp(0x0)
kcmp(0x0, r2, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
r3 = getpgid(0x0)
r4 = getpgrp(0x0)
kcmp(r3, r4, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0)
ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, 0x0)
clone3(0x0, 0x0)
recvmsg$unix(r0, &(0x7f0000000200)={&(0x7f0000000040)=@abs, 0x6e, &(0x7f0000000180)=[{&(0x7f00000000c0)=""/145, 0x91}], 0x1, &(0x7f00000001c0)=[@cred={{0x1c, 0x1, 0x2, {<r5=>0x0}}}, @cred={{0x1c}}], 0x40}, 0x40000000)
tgkill(r2, r5, 0x34)
mq_getsetattr(0xffffffffffffffff, 0x0, 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
sendfile(r0, r1, 0x0, 0xfdef)

05:55:29 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x3000000)

05:55:29 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000540)='./file0/file1\x00', r0, &(0x7f0000000580)='./file0\x00', 0x400)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:55:29 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x4, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

05:55:29 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x5, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[ 1162.505922] audit: type=1326 audit(1755410129.853:167): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8607 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:55:29 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x6, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:55:29 executing program 0:
mlockall(0x2)
r0 = shmget$private(0x0, 0xc00000, 0x0, &(0x7f0000400000/0xc00000)=nil)
r1 = shmat(r0, &(0x7f0000cf7000/0x1000)=nil, 0x91913816baa1f9c6)
mlockall(0x0)
shmdt(0x0)
shmdt(r1)

05:55:29 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x40000000, 0x0)

05:55:29 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x4000000)

05:55:29 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x2407000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:55:29 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000540)='./file0/file1\x00', r0, &(0x7f0000000580)='./file0\x00', 0x400)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:55:29 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x5, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

[ 1162.697274] audit: type=1326 audit(1755410130.042:168): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8657 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
[ 1162.726474] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1162.727972] CPU: 0 UID: 0 PID: 8647 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1162.728002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1162.728016] Call Trace:
[ 1162.728024]  <TASK>
[ 1162.728034]  dump_stack_lvl+0xfa/0x120
[ 1162.728065]  dump_header+0x107/0x950
[ 1162.728101]  oom_kill_process+0x278/0xa00
[ 1162.728134]  out_of_memory+0x34b/0x1690
[ 1162.728172]  ? __pfx_out_of_memory+0x10/0x10
[ 1162.728213]  mem_cgroup_out_of_memory+0x164/0x190
[ 1162.728246]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1162.728287]  ? mark_held_locks+0x49/0x80
[ 1162.728317]  try_charge_memcg+0x81f/0xf30
[ 1162.728355]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1162.728394]  charge_memcg+0x7b/0x290
[ 1162.728421]  __mem_cgroup_charge+0x28/0x90
[ 1162.728451]  do_wp_page+0x58c/0x3240
[ 1162.728489]  ? __pfx_do_wp_page+0x10/0x10
[ 1162.728517]  ? do_raw_spin_lock+0x123/0x260
[ 1162.728544]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1162.728571]  ? ___pte_offset_map+0x176/0x370
[ 1162.728601]  __handle_mm_fault+0xde1/0x3030
[ 1162.728628]  ? reacquire_held_locks+0xd1/0x200
[ 1162.728650]  ? lock_vma_under_rcu+0x11e/0x530
[ 1162.728688]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1162.728718]  ? lock_vma_under_rcu+0x17b/0x530
[ 1162.728766]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1162.728816]  handle_mm_fault+0x2c3/0x900
[ 1162.728844]  ? access_error+0x17d/0x380
[ 1162.728874]  do_user_addr_fault+0x4fa/0xeb0
[ 1162.728912]  exc_page_fault+0xb0/0x180
[ 1162.728936]  asm_exc_page_fault+0x26/0x30
[ 1162.728958] RIP: 0033:0x7ff98baf5d30
[ 1162.728975] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1162.728996] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1162.729014] RAX: 000000004137ace7 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1162.729029] RDX: 0000001b2cf20018 RSI: ffffffff819ee58d RDI: 0000000000000000
[ 1162.729043] RBP: 0000000000000001 R08: 000000004137ace7 R09: 0000001b2cf2001c
[ 1162.729057] R10: 0000000000000ce7 R11: 000000004137aceb R12: 0000000000000000
[ 1162.729071] R13: 00007ff98bc4f000 R14: ffffffff819ee58d R15: 00007ff98bc5aff0
[ 1162.729087]  ? __x64_sys_mlockall+0xd/0x40
[ 1162.729117]  ? __x64_sys_mlockall+0xd/0x40
[ 1162.729142]  </TASK>
[ 1162.760333] memory: usage 307200kB, limit 307200kB, failcnt 2888
[ 1162.761257] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1162.762177] Memory cgroup stats for /syz0:
[ 1162.762336] anon 53248
[ 1162.763345] file 312950784
[ 1162.763803] kernel 1257472
[ 1162.764265] kernel_stack 0
[ 1162.764688] pagetables 16384
[ 1162.765171] sec_pagetables 0
[ 1162.765620] percpu 64
[ 1162.766008] sock 0
[ 1162.766352] vmalloc 0
[ 1162.766709] shmem 312950784
[ 1162.767181] file_mapped 0
[ 1162.767609] file_dirty 0
[ 1162.768056] file_writeback 0
[ 1162.768507] swapcached 0
[ 1162.768936] inactive_anon 306458624
[ 1162.769464] active_anon 6545408
[ 1162.769972] inactive_file 0
[ 1162.770403] active_file 0
[ 1162.770842] unevictable 0
[ 1162.771259] slab_reclaimable 945968
[ 1162.771859] slab_unreclaimable 310848
[ 1162.772425] slab 1256816
[ 1162.772857] workingset_refault_anon 0
[ 1162.773413] workingset_refault_file 1
[ 1162.773991] workingset_activate_anon 0
[ 1162.774555] workingset_activate_file 0
[ 1162.775141] workingset_restore_anon 0
[ 1162.775720] workingset_restore_file 0
[ 1162.776304] workingset_nodereclaim 0
[ 1162.776882] pgdemote_kswapd 0
[ 1162.777350] pgdemote_direct 0
[ 1162.777804] pgdemote_khugepaged 0
[ 1162.778360] pgdemote_proactive 0
[ 1162.778892] pgscan 801
[ 1162.779268] pgsteal 9
[ 1162.779654] pswpin 0
[ 1162.780042] pswpout 0
[ 1162.780403] pgscan_kswapd 0
[ 1162.780863] pgscan_direct 801
[ 1162.781332] pgscan_khugepaged 0
[ 1162.781838] pgscan_proactive 0
[ 1162.782316] pgsteal_kswapd 0
[ 1162.782764] pgsteal_direct 9
[ 1162.783246] pgsteal_khugepaged 0
[ 1162.783768] pgsteal_proactive 0
[ 1162.784286] pgfault 88248
[ 1162.784691] pgmajfault 0
[ 1162.785114] pgrefill 768
[ 1162.785511] pgactivate 3833
[ 1162.785967] pgdeactivate 768
[ 1162.786421] pglazyfree 0
[ 1162.786842] pglazyfreed 0
[ 1162.787246] swpin_zero 0
[ 1162.787675] swpout_zero 0
[ 1162.788116] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8647,uid=0
[ 1162.790237] Memory cgroup out of memory: Killed process 8647 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[ 1163.523441] audit: type=1326 audit(1755410130.871:169): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8657 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:55:41 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x4f010000, 0x0)

05:55:41 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x3, 0xb9, 0x6, 0xff, 0x0, 0x10001, 0x0, 0xf, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80, 0x4, @perf_config_ext={0xe894ca7, 0x8d}, 0x400, 0xffff, 0x4c4, 0x8, 0x3, 0x5523, 0x1, 0x0, 0xf90, 0x0, 0x1ff}, 0x0, 0x1, 0xffffffffffffffff, 0x0)

05:55:41 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x8, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:55:41 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x2630000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:55:41 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x6, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

05:55:41 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000540)='./file0/file1\x00', r0, &(0x7f0000000580)='./file0\x00', 0x400)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:55:41 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x5000000)

05:55:42 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2088002}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x40, r2, 0x300, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x20, 0x47}}}}, [@NL80211_ATTR_CRIT_PROT_ID={0x6}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x2}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x2}]}, 0x40}, 0x1, 0x0, 0x0, 0x18}, 0x20004045)
getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f0000008600))
r4 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r4, &(0x7f0000000040)=""/156, 0x9c, 0x2)
syncfs(r4)

[ 1174.665406] audit: type=1326 audit(1755410142.013:170): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8670 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:55:42 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000540)='./file0/file1\x00', r0, &(0x7f0000000580)='./file0\x00', 0x400)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:55:42 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x9, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:55:42 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x6000000)

[ 1174.785718] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1174.787179] CPU: 0 UID: 0 PID: 8676 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1174.787210] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1174.787223] Call Trace:
[ 1174.787232]  <TASK>
[ 1174.787241]  dump_stack_lvl+0xfa/0x120
[ 1174.787272]  dump_header+0x107/0x950
[ 1174.787308]  oom_kill_process+0x278/0xa00
[ 1174.787341]  out_of_memory+0x34b/0x1690
[ 1174.787379]  ? __pfx_out_of_memory+0x10/0x10
[ 1174.787419]  mem_cgroup_out_of_memory+0x164/0x190
[ 1174.787453]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1174.787493]  ? mark_held_locks+0x49/0x80
[ 1174.787523]  try_charge_memcg+0x81f/0xf30
[ 1174.787560]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1174.787599]  charge_memcg+0x7b/0x290
[ 1174.787626]  __mem_cgroup_charge+0x28/0x90
[ 1174.787656]  do_wp_page+0x58c/0x3240
[ 1174.787693]  ? __pfx_do_wp_page+0x10/0x10
[ 1174.787721]  ? do_raw_spin_lock+0x123/0x260
[ 1174.787748]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1174.787775]  ? ___pte_offset_map+0x176/0x370
[ 1174.787805]  __handle_mm_fault+0xde1/0x3030
[ 1174.787839]  ? reacquire_held_locks+0xd1/0x200
[ 1174.787862]  ? lock_vma_under_rcu+0x11e/0x530
[ 1174.787899]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1174.787938]  ? lock_vma_under_rcu+0x17b/0x530
[ 1174.788012]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1174.788059]  handle_mm_fault+0x2c3/0x900
[ 1174.788088]  ? access_error+0x17d/0x380
[ 1174.788133]  do_user_addr_fault+0x4fa/0xeb0
[ 1174.788166]  exc_page_fault+0xb0/0x180
[ 1174.788190]  asm_exc_page_fault+0x26/0x30
[ 1174.788211] RIP: 0033:0x7ff98baf5d30
[ 1174.788228] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1174.788249] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1174.788267] RAX: 00000000b679e0c2 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1174.788282] RDX: 0000001b2cf20034 RSI: ffffffff819bd515 RDI: 0000000000000000
[ 1174.788296] RBP: 0000000000000001 R08: 00000000b679e0c2 R09: 0000001b2cf2001c
[ 1174.788310] R10: 00000000000000c2 R11: 00000000b679e0c6 R12: 0000000000000005
[ 1174.788324] R13: 00007ff98bc4f000 R14: ffffffff819bd515 R15: 00007ff98bc5aff0
[ 1174.788340]  ? __might_fault+0x75/0x190
[ 1174.788369]  ? __might_fault+0x75/0x190
[ 1174.788395]  </TASK>
[ 1174.819918] memory: usage 307200kB, limit 307200kB, failcnt 2909
[ 1174.820900] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1174.821856] Memory cgroup stats for /syz0:
[ 1174.843731] anon 122880
[ 1174.844624] file 312950784
[ 1174.844976] kernel 1499136
[ 1174.845274] kernel_stack 65536
[ 1174.845609] pagetables 155648
[ 1174.845940] sec_pagetables 0
[ 1174.846242] percpu 64
[ 1174.846498] sock 0
[ 1174.846709] vmalloc 0
[ 1174.846958] shmem 312950784
[ 1174.847210] file_mapped 0
[ 1174.847436] file_dirty 0
[ 1174.847652] file_writeback 0
[ 1174.847909] swapcached 0
[ 1174.848153] inactive_anon 306507776
[ 1174.848458] active_anon 6545408
[ 1174.848728] inactive_file 0
[ 1174.848999] active_file 0
[ 1174.849243] unevictable 0
[ 1174.849473] slab_reclaimable 949424
[ 1174.849755] slab_unreclaimable 344528
[ 1174.850094] slab 1293952
[ 1174.850313] workingset_refault_anon 0
[ 1174.850618] workingset_refault_file 1
[ 1174.850930] workingset_activate_anon 0
[ 1174.851247] workingset_activate_file 0
[ 1174.851558] workingset_restore_anon 0
[ 1174.851886] workingset_restore_file 0
[ 1174.852196] workingset_nodereclaim 0
[ 1174.852494] pgdemote_kswapd 0
[ 1174.852744] pgdemote_direct 0
[ 1174.853018] pgdemote_khugepaged 0
[ 1174.853298] pgdemote_proactive 0
[ 1174.853564] pgscan 801
[ 1174.853771] pgsteal 9
[ 1174.854000] pswpin 0
[ 1174.854212] pswpout 0
[ 1174.854400] pgscan_kswapd 0
[ 1174.854637] pgscan_direct 801
[ 1174.854900] pgscan_khugepaged 0
[ 1174.855180] pgscan_proactive 0
[ 1174.855422] pgsteal_kswapd 0
[ 1174.855669] pgsteal_direct 9
[ 1174.855925] pgsteal_khugepaged 0
[ 1174.856226] pgsteal_proactive 0
[ 1174.856480] pgfault 88328
[ 1174.856705] pgmajfault 0
[ 1174.856943] pgrefill 768
[ 1174.857177] pgactivate 3833
[ 1174.857415] pgdeactivate 768
[ 1174.857661] pglazyfree 0
[ 1174.857905] pglazyfreed 0
[ 1174.858149] swpin_zero 0
[ 1174.858379] swpout_zero 0
[ 1174.858591] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8676,uid=0
[ 1174.859834] Memory cgroup out of memory: Killed process 8676 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
[ 1175.499872] audit: type=1326 audit(1755410142.847:171): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8670 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:55:51 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000540)='./file0/file1\x00', r0, &(0x7f0000000580)='./file0\x00', 0x400)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:55:51 executing program 1:
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = epoll_create(0x9)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000)={0x5})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080))
epoll_pwait(r1, &(0x7f00000000c0)=[{}], 0x1a000, 0x0, 0x0, 0x0)

05:55:51 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x2700000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:55:51 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0xa, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:55:51 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={[{@mpol={'mpol', 0x3d, {'prefer', '', @val={0x3a, [0x30]}}}}]})
setxattr$incfs_metadata(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140), 0x0, 0x0, 0x0)
llistxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)=""/240, 0xf0)

05:55:51 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x7000000)

05:55:51 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x7, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

05:55:51 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x6a020000, 0x0)

[ 1184.637304] audit: type=1326 audit(1755410151.983:172): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8703 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:55:51 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x2730000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:55:52 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x2)
fsetxattr$security_selinux(r0, &(0x7f0000000000), &(0x7f0000000100)='system_u:object_r:xconsole_device_t:s0\x00', 0x27, 0x1)
fcntl$setstatus(r0, 0x4, 0x800)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000000c0), 0x640000, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r0)

05:55:52 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x27ea010000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:55:52 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000540)='./file0/file1\x00', r0, &(0x7f0000000580)='./file0\x00', 0x400)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:55:52 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0xb, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:55:52 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x8, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

05:55:52 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x3001000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[ 1184.786916] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1184.788553] CPU: 1 UID: 0 PID: 8707 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1184.788595] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1184.788609] Call Trace:
[ 1184.788618]  <TASK>
[ 1184.788627]  dump_stack_lvl+0xfa/0x120
[ 1184.788659]  dump_header+0x107/0x950
[ 1184.788697]  oom_kill_process+0x278/0xa00
[ 1184.788733]  out_of_memory+0x34b/0x1690
[ 1184.788774]  ? __pfx_out_of_memory+0x10/0x10
[ 1184.788824]  mem_cgroup_out_of_memory+0x164/0x190
[ 1184.788859]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1184.788903]  ? mark_held_locks+0x49/0x80
[ 1184.788936]  try_charge_memcg+0x81f/0xf30
[ 1184.788976]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1184.789018]  charge_memcg+0x7b/0x290
[ 1184.789047]  __mem_cgroup_charge+0x28/0x90
[ 1184.789080]  do_wp_page+0x58c/0x3240
[ 1184.789120]  ? __pfx_do_wp_page+0x10/0x10
[ 1184.789150]  ? do_raw_spin_lock+0x123/0x260
[ 1184.789179]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1184.789208]  ? ___pte_offset_map+0x176/0x370
[ 1184.789241]  __handle_mm_fault+0xde1/0x3030
[ 1184.789270]  ? reacquire_held_locks+0xd1/0x200
[ 1184.789294]  ? lock_vma_under_rcu+0x11e/0x530
[ 1184.789337]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1184.789369]  ? lock_vma_under_rcu+0x17b/0x530
[ 1184.789422]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1184.789468]  handle_mm_fault+0x2c3/0x900
[ 1184.789499]  ? access_error+0x17d/0x380
[ 1184.789531]  do_user_addr_fault+0x4fa/0xeb0
[ 1184.789567]  exc_page_fault+0xb0/0x180
[ 1184.789592]  asm_exc_page_fault+0x26/0x30
[ 1184.789615] RIP: 0033:0x7ff98baf5d30
[ 1184.789635] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1184.789658] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1184.789677] RAX: 00000000b679e0c2 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1184.789693] RDX: 0000001b2cf20034 RSI: ffffffff819bd515 RDI: 0000000000000000
[ 1184.789709] RBP: 0000000000000001 R08: 00000000b679e0c2 R09: 0000001b2cf2001c
[ 1184.789724] R10: 00000000000000c2 R11: 00000000b679e0c6 R12: 0000000000000005
[ 1184.789739] R13: 00007ff98bc4f000 R14: ffffffff819bd515 R15: 00007ff98bc5aff0
[ 1184.789756]  ? __might_fault+0x75/0x190
[ 1184.789789]  ? __might_fault+0x75/0x190
[ 1184.789817]  </TASK>
[ 1184.823592] memory: usage 307200kB, limit 307200kB, failcnt 2944
[ 1184.824614] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1184.825611] Memory cgroup stats for /syz0:
[ 1184.855964] anon 122880
[ 1184.856590] file 312950784
[ 1184.856953] kernel 1499136
[ 1184.857194] kernel_stack 65536
[ 1184.857464] pagetables 155648
[ 1184.857854] sec_pagetables 0
[ 1184.858170] percpu 64
[ 1184.858375] sock 0
[ 1184.858557] vmalloc 0
[ 1184.858776] shmem 312950784
[ 1184.859046] file_mapped 0
[ 1184.859275] file_dirty 0
[ 1184.859501] file_writeback 0
[ 1184.859751] swapcached 0
[ 1184.859999] inactive_anon 306528256
[ 1184.860299] active_anon 6545408
[ 1184.860568] inactive_file 0
[ 1184.860842] active_file 0
[ 1184.861074] unevictable 0
[ 1184.861302] slab_reclaimable 949424
[ 1184.861601] slab_unreclaimable 344528
[ 1184.861934] slab 1293952
[ 1184.862159] workingset_refault_anon 0
[ 1184.862464] workingset_refault_file 1
[ 1184.862773] workingset_activate_anon 0
[ 1184.863110] workingset_activate_file 0
[ 1184.863429] workingset_restore_anon 0
[ 1184.863738] workingset_restore_file 0
[ 1184.864082] workingset_nodereclaim 0
[ 1184.864390] pgdemote_kswapd 0
[ 1184.864658] pgdemote_direct 0
[ 1184.864941] pgdemote_khugepaged 0
[ 1184.865225] pgdemote_proactive 0
[ 1184.865504] pgscan 801
[ 1184.865714] pgsteal 9
[ 1184.865943] pswpin 0
[ 1184.866140] pswpout 0
[ 1184.866342] pgscan_kswapd 0
[ 1184.866581] pgscan_direct 801
[ 1184.866857] pgscan_khugepaged 0
[ 1184.867130] pgscan_proactive 0
[ 1184.867394] pgsteal_kswapd 0
[ 1184.867646] pgsteal_direct 9
[ 1184.867919] pgsteal_khugepaged 0
[ 1184.868199] pgsteal_proactive 0
[ 1184.868468] pgfault 88374
[ 1184.868703] pgmajfault 0
[ 1184.868949] pgrefill 768
[ 1184.869175] pgactivate 3833
[ 1184.869415] pgdeactivate 768
[ 1184.869666] pglazyfree 0
[ 1184.869912] pglazyfreed 0
[ 1184.870144] swpin_zero 0
[ 1184.870365] swpout_zero 0
[ 1184.870594] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8707,uid=0
[ 1184.871831] Memory cgroup out of memory: Killed process 8707 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
[ 1184.876198] netlink: 'syz-executor.7': attribute type 11 has an invalid length.
[ 1184.884669] netlink: 'syz-executor.7': attribute type 11 has an invalid length.
[ 1185.470531] audit: type=1326 audit(1755410152.818:173): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8703 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:56:04 executing program 1:
r0 = memfd_create(&(0x7f0000000080)='(\xc8\xf5\x82j\xca', 0x3)
fcntl$addseals(r0, 0x409, 0x4)
write$binfmt_aout(r0, 0x0, 0x937)
ioctl$EVIOCGID(0xffffffffffffffff, 0x80084502, &(0x7f00000000c0)=""/230)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000040))
ioctl$SG_GET_PACK_ID(0xffffffffffffffff, 0x227c, &(0x7f0000000000))

05:56:04 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x3f00000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:56:04 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x74010000, 0x0)

05:56:04 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0xc, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:56:04 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000540)='./file0/file1\x00', r0, &(0x7f0000000580)='./file0\x00', 0x400)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:56:04 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x9, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

05:56:04 executing program 0:
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
sync_file_range(r1, 0x1ff, 0x1ff, 0x4)
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x2)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f0000000080)={0x7})
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r1, 0x84009422, &(0x7f0000001700)={0x0, 0x0, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, &(0x7f0000001b00)={r2, 0x800, 0x1, [0x81, 0x1, 0x7, 0x3, 0x5], [0xffffffffffff8001, 0x3b4, 0x7, 0x4, 0x5, 0x6, 0x1, 0x1, 0x7, 0x6, 0x1000, 0x800, 0x1f, 0x5, 0x2, 0x8, 0x7, 0x3, 0x6, 0x9, 0x3ff, 0x8, 0xf, 0xe19, 0x1, 0x3f, 0xffffffffffff7eee, 0x4, 0xb9a, 0x6, 0x1b2, 0x200, 0x9, 0x6, 0x5, 0x80000001, 0x100000001, 0x7f, 0x689b, 0x8, 0x1, 0x5, 0x6, 0x6a0, 0x6d, 0x4, 0x95d8, 0x7, 0x100000001, 0x101, 0xffffffffffffff7f, 0x1f, 0x400, 0x4, 0x3, 0x4, 0x1ff, 0x0, 0x5, 0x4, 0xc3, 0x7ff, 0x60000, 0x400, 0x40, 0x4, 0x3, 0x7, 0x80000000, 0x7, 0x3ff, 0x8, 0xfff, 0x5, 0x6, 0x9, 0x3ff, 0x0, 0x2, 0x95a, 0x2, 0xfe5, 0x0, 0x4, 0x9, 0x3, 0x1, 0x3e8c, 0x1ff, 0x4000000000, 0x3ff, 0x5d6a, 0x9, 0x3f, 0x100, 0x8, 0x3, 0x1, 0x800, 0x415, 0x400, 0x7, 0x1f, 0xff, 0x2, 0x3, 0x6, 0xf8, 0x0, 0x2, 0x3, 0x4, 0x9, 0x20, 0x1, 0x5, 0x1be1e3ec, 0x0, 0x5, 0x80, 0x3]})
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000000140)={{0x5, 0x8}, 'port0\x00', 0xd1, 0xa0018, 0x4, 0x4, 0x47, 0x8001, 0xfffffeff, 0x0, 0x4, 0x3})
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r3, &(0x7f0000000040)=""/156, 0x9c, 0x2)
perf_event_open(&(0x7f0000000280)={0x3, 0x80, 0x8, 0x0, 0x81, 0x9, 0x0, 0x42f, 0x10000, 0x4, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1d, 0x4, @perf_config_ext={0x5, 0x7}, 0x440, 0x1f160, 0x8, 0x0, 0x4, 0x3, 0x6f9, 0x0, 0x1, 0x0, 0x6}, 0xffffffffffffffff, 0xffffffffffffffff, r3, 0x0)
ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f0000000300)={0x1, 0x86})
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020120000400008000f8000020004000030000000000000001000000", 0x28}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)}], 0x0, &(0x7f0000000040)=ANY=[])
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x1)

05:56:04 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0xa000000)

[ 1196.867648] audit: type=1326 audit(1755410164.214:174): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8746 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:56:04 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x4000000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:56:04 executing program 1:
syz_emit_ethernet(0x7e, &(0x7f0000000180)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x3, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @parameter_prob={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@lsrr={0x83, 0x23, 0x0, [@multicast1, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, @empty, @remote, @empty, @remote]}, @timestamp={0x44, 0x1c, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2, 0x0]}]}}}}}}}, 0x0)
syz_extract_tcp_res$synack(&(0x7f0000000000), 0x1, 0x0)

05:56:04 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:56:04 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0xa, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

05:56:04 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x10, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[ 1196.977316] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1196.978424] CPU: 0 UID: 0 PID: 8749 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1196.978447] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1196.978458] Call Trace:
[ 1196.978464]  <TASK>
[ 1196.978471]  dump_stack_lvl+0xfa/0x120
[ 1196.978497]  dump_header+0x107/0x950
[ 1196.978525]  oom_kill_process+0x278/0xa00
[ 1196.978550]  out_of_memory+0x34b/0x1690
[ 1196.978578]  ? __pfx_out_of_memory+0x10/0x10
[ 1196.978608]  mem_cgroup_out_of_memory+0x164/0x190
[ 1196.978634]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1196.978664]  ? mark_held_locks+0x49/0x80
[ 1196.978688]  try_charge_memcg+0x81f/0xf30
[ 1196.978716]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1196.978745]  charge_memcg+0x7b/0x290
[ 1196.978765]  __mem_cgroup_charge+0x28/0x90
[ 1196.978788]  do_wp_page+0x58c/0x3240
[ 1196.978821]  ? __pfx_do_wp_page+0x10/0x10
[ 1196.978842]  ? do_raw_spin_lock+0x123/0x260
[ 1196.978863]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1196.978883]  ? ___pte_offset_map+0x176/0x370
[ 1196.978906]  __handle_mm_fault+0xde1/0x3030
[ 1196.978927]  ? reacquire_held_locks+0xd1/0x200
[ 1196.978944]  ? lock_vma_under_rcu+0x11e/0x530
[ 1196.978972]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1196.978994]  ? lock_vma_under_rcu+0x17b/0x530
[ 1196.979031]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1196.979064]  handle_mm_fault+0x2c3/0x900
[ 1196.979085]  ? access_error+0x17d/0x380
[ 1196.979108]  do_user_addr_fault+0x4fa/0xeb0
[ 1196.979132]  exc_page_fault+0xb0/0x180
[ 1196.979151]  asm_exc_page_fault+0x26/0x30
[ 1196.979168] RIP: 0033:0x7ff98baf5d30
[ 1196.979181] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1196.979198] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1196.979212] RAX: 00000000abee663a RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1196.979223] RDX: 0000001b2cf2002c RSI: ffffffff8184c339 RDI: 0000000000000000
[ 1196.979235] RBP: 0000000000000001 R08: 00000000abee663a R09: 0000001b2cf2001c
[ 1196.979245] R10: 000000000000063a R11: 00000000abee663e R12: 0000000000000003
[ 1196.979256] R13: 00007ff98bc4f000 R14: ffffffff8184c339 R15: 00007ff98bc5aff0
[ 1196.979268]  ? perf_copy_attr+0x19/0x920
[ 1196.979301]  ? perf_copy_attr+0x19/0x920
[ 1196.979329]  </TASK>
[ 1197.002224] memory: usage 307200kB, limit 307200kB, failcnt 2979
[ 1197.002905] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
05:56:04 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x8000000000000)

[ 1197.003548] Memory cgroup stats for /syz0:
[ 1197.031101] anon 122880
[ 1197.032629] file 312950784
[ 1197.033301] kernel 1499136
[ 1197.033874] kernel_stack 65536
[ 1197.034367] pagetables 155648
[ 1197.034886] sec_pagetables 0
[ 1197.035366] percpu 64
[ 1197.035744] sock 0
[ 1197.036128] vmalloc 0
[ 1197.036515] shmem 312950784
[ 1197.037005] file_mapped 0
[ 1197.037440] file_dirty 0
[ 1197.037902] file_writeback 0
[ 1197.038376] swapcached 0
[ 1197.038786] inactive_anon 306528256
[ 1197.039378] active_anon 6545408
[ 1197.039944] inactive_file 0
[ 1197.040400] active_file 0
[ 1197.040852] unevictable 0
[ 1197.041283] slab_reclaimable 949424
[ 1197.041794] slab_unreclaimable 344528
[ 1197.042405] slab 1293952
[ 1197.042838] workingset_refault_anon 0
[ 1197.043404] workingset_refault_file 1
[ 1197.044006] workingset_activate_anon 0
[ 1197.044572] workingset_activate_file 0
[ 1197.045167] workingset_restore_anon 0
[ 1197.045731] workingset_restore_file 0
[ 1197.046322] workingset_nodereclaim 0
[ 1197.046905] pgdemote_kswapd 0
[ 1197.047377] pgdemote_direct 0
[ 1197.047873] pgdemote_khugepaged 0
[ 1197.048431] pgdemote_proactive 0
[ 1197.048995] pgscan 801
[ 1197.049404] pgsteal 9
[ 1197.049788] pswpin 0
[ 1197.051942] pswpout 0
05:56:04 executing program 1:
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open$cgroup(&(0x7f0000000080)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x80}, 0x0, 0x1, 0x5}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x1, 0x40, 0x6, 0x8, 0x0, 0x3, 0x140, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x7fff, 0x1, @perf_bp={&(0x7f0000000140), 0xe}, 0x40800, 0x100, 0x8, 0x3, 0x2, 0x8, 0x679c, 0x0, 0x7, 0x0, 0x8}, 0xffffffffffffffff, 0xd, r1, 0x2)
r2 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000940)='ns/cgroup\x00')
ioctl$FIGETBSZ(r2, 0x2, &(0x7f00000019c0))
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f00000006c0)='fdinfo/3\x00')
ioctl$int_in(r1, 0x5452, &(0x7f0000000100)=0x7ff)
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
r4 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r4, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$EXT4_IOC_GET_ES_CACHE(r4, 0xc020662a, &(0x7f0000000700)={0x4, 0xff, 0x5, 0x2, 0x9, [{0x60ee, 0x4, 0x8, '\x00', 0x1e8b}, {0x11, 0x1bc5a0ec, 0x10000}, {0x1f, 0x2, 0xfff, '\x00', 0x2}, {0x4, 0x0, 0x4, '\x00', 0x5}, {0x10, 0x4e0b, 0x6, '\x00', 0x1a80}, {0x1000, 0x6, 0x1, '\x00', 0x104}, {0x7fff, 0x0, 0x9, '\x00', 0x900}, {0x7ff, 0xfffffffffffffffd, 0x3f, '\x00', 0x800}, {0x0, 0x401, 0x2, '\x00', 0x1004}]})
pread64(r3, &(0x7f0000000040)=""/156, 0x9c, 0x2)
writev(r3, &(0x7f0000000640)=[{&(0x7f0000000240)="a5a13595f51b18534fc663bce134e972e84614337d7b8aaa97c1d64c506a2647fe1c893567a4ec43a8a248dc4cbcfd407f5eb92fe1c1e2acd4baf86e28507897b9a7da5f063357faa5b61295e3e239aa22c36fa643ae063fe8a21ae5d95acffbfbeacc4b272784f768552dc9cc63d59983688bccb57bf3b648505a37a8b170a208340de0cb7217a27b9d1e7513d0ab54b53ff2c0bbb581c345a5db8148e65725e7e44ca19e38686095eb28b3299c5b1a0f", 0xb1}, {&(0x7f0000000300)="0600a55cb74f3d3614d5de786d287e85d93dc1209805e9cc941a7486d09871bdf0df10b9028e3a60a1059e07f52f3d656e9a2ccbd803a40631afb57ccddac6e86a9f91", 0x43}, {&(0x7f0000000380)="260222db97b30430f95a9f3f2f086656d275a804f060435fd84e854e2090f1a2688e03b9e38d48f848b200877171e9bea921f735ba4327ba85accd940b5ae0203beea065e78d4af59fea56ce521df67bd68db0917e496b7fd2aa5169e5cfa6d85c2e1524c832f5081a689767f690a463806a83354ba46ee446595b97e97bcf4e8f364f10db3d48149387b9e8533fe03dd9ff70037162e8fcf5de63b07e1ba9556846e94cc50f15209974b41655a73e7eee774c443fb63b10eb83024345f33e7cdcf9d42428207bd983", 0xc9}, {&(0x7f0000000480)="284816eb85d51752295f21977ce41ab1c9b038d9158211893f9d1b26e2ef717bc6d7a8973cb2f3c6a2", 0x29}, {&(0x7f00000004c0)="efead5c98c232d01f2c6ff1c23f80ccd34f4c82763a890247f10b82d2af474235c876f9da339c1cc6f134c2b1010f634233b362bd6e24abf0a5feffb1528727d07a17007743ce0c1cb61d96121d783f11056ddfd20eb37beed0940802441e897afaa41b7185a5f92198533024323eaa114c8c669bd35960a943e62fe97b0790a3c98e322128e527ab0d1d5aa7c49c0f71aaefd47da921d172bdcf34c505a9b024475499c9428fad8ab0250e99b2b09c35cfb11baaa24", 0xb6}, {&(0x7f00000009c0)="4c2823f6e8d385c6dc23bb563e495863c7d21c3f3aa1085c13ab873aad496c45a85caabdac8906a53979dce0709871232e8787f531942f7847573153444d564e2953bdddf4dd0de69da5f23f0c7d841985994bec8ac6f1588d233e2a210f55b51c635b3732e80d113bf46e831af7cd5b94e696a6981df3a935c431be3c3eab98042dc1b2e1a868f2141a46e4d870851fac658d030a57b0e3763c9cd24d4085c7fd108fdeeeb24ad97af56f4e84b55dc00fe5d7342872e2f14fea71c07eb13208c18924638683c3ef9a16e7f9aed8ff9897f8458cdfa8c2bc3c1f5494fb4cfb9ca8078feea30446a4e84308a1bab25805cb42dada9b4f3bed9a439cba8ba3d0655b94ce3306aadb6ead65f78a51fc2eea0071f156ecf1eeed5e441a4cfaa2cac3e7fc1ec0ae1ee762b7aa950209fcd8a295b837e706c11d8e5f21cd1bc0ad72709332f9eadd2e890ddbf8d64cfd9ab69c387619cdf31476829bb4fb9a7d8a6bfc65c9d802289bb2755bd16831699deb4e89408c7bb20c6c0cfa651cb69a067ca372e60ff5c72f99d8c3e68ee1f615532daa8d6d5fcd078a58638fe11e8d70ad381373086fa8c1469ab83fc8c0004f334cc6193387eabce63ea2a25817dea9356e783d10cca94cce6961ed8eaa814a214654ed9a3459bba6fe25c5ecca446ee35e88930d6efe5db0632d44949174bd185d750929677194149c82e563f4d9789f62464c661cc332ffe62e525bf61a1ebc56995ed7f21ea7bfa33516232d205c906c4dfe08a1d0f62d86d18056a89f75529c9892796781a6389660fe8527202027b596e2099283080592d7fcb6f516995874c07dcd24f3a18a851f95a3fa1eb88503c55c6d01a179db53a5570a39e3d6ee33cf810913a330f7c620e20b167ad5e394ab33fe3805b9b2a586d6458d4e0c2aab2bfadc4189f7a7e02ff43ad32f4d637d80686b613cdaee28fd56cfed9b118932d15e5f9236991ad4bef66aeacf55044faf21506670f8cd22331026730fac04c9540ee3a8ea9cf5032e93abcae82ce3257415a07bddc2adba196caac53ac98d8fc4169718c5ae40269fc917e1d2fa84156e04e8181abb6e8f91f134e7a93739af481d818f8ea5244ed0a012daa84d267edfbdc15e75e19759b91c0fd1051ff52864938be74a93b36aa6261452f49b11faa328801d6cc74a20d969a03fda7926f3f870bca5e2bef5a0d673b74198e7ffb4088fb0d4cfce0f37eb1720f4f74ca38574b7b359f28f663a98bfa305dcad9ad530ed41b8318b93af70b5e414125378794de31b05f9234712c653f2063bc07cbddd24e4b970120483d80541376ee6ea9cf499355f76b35c89dcf8f04c78070eeffcaa60872ee90e75a52628d387bba48e903c9d0372dc05c78750c7c17a8c5077b06404abd88374b8eabd75a1df3c5a8eb3e1746d83681a114afa8a3835e802a002cc863fd90c49f966688a173105464b2fa28cd3d401fa1131ea091390dea5b1ed59ea2adb5c0e863c5e4a9424c9937b6c7af21a1a1ce0bc1fa6e65340e87e7ebc71018945fbf7e0ae3ab7890f0cf88704cd90f2b28163cc063c5d79b87adb6d405f8c7fd7e1a424f2326ad160543d9812e081ce7b8e72454e0e44405188b9f0847c5983501f1638baef68427b2f493268a955c35e6a21f3aef5dc04353a090e5b57759e0dffb51f0f7d4808a094353d3bab48d75bfa9824197b0060f0f3e9b0f8619bd6d8520702e0e632d323673add7006bd04b826af2f58b03da3a86b4f4fc28f74a3bc25818b9dcddd15cda4377b718ca68da28064a4ad2490a4ef43badbf61e43b1487190176719e8254abf1bd4ff625fbdd9f4e007f0d052596c3654f66c7f08fccca1232d22575d18bf94a8fac0d101d4c7d1603d19e72832c108ef08910cf5cfdcc8d7f928c96b211dcd784294538ac638852297aac51c89839422668bede5aaae2110f5bd3b2407b0f129248bc1ee1b25fb3075c4050c131e86d31d56d33ff7b012e72b615de0496047b11d830f64a3170389bd5ecf425ddd8c2aed5be8c7c18aa88bfa5c4e35b77d5c2e017e18fc575d039f8c92c6bee0ef9f483eccec7f18a66b32833b3970f7ac93785d67abba8e663f8ca0c284ec0e80bd3d6acab2beef8f4bd520e53dc550f620e59d32dd946ec6043748de90d419d64962159f564516a0a7033da9ee5cfe8bd9dfae752b7dba65a5fa6c105766612d58ae187e60e98da6e86a862e18a3da1510c4e5320a837bd8d168ab7de918d8a4100b585fc47cda583c894afa8e89076f1b96a2ea067a7937f6d922f4b202a0091f6e7a0f1a9364d3817f88ff34dd4d8fcadf510817c1baaba93241dfc74eb4e656a3177d75ecca7834816cd30f9931ddb2013f9748ee5a1390cf06d248b12032dfc56d8f8498a99f0ee338f816595269d6132fbaebdb7942ee749237bac8ed3159c96e600b98d439022792bffd981f352c385b1e4ebafba618b080917f7ac27f6583fcdac02f0bad7d77478f2ac7673ecaf0a5141f751c5ab03f8416c242fb8a002e40f4a87ba16d7c2346c5269975ad0b869dc1e82ea11038cc1db9a94f4cf27489d70f1102560c6ca8db53422b89c867351f1e3c64a1b35517c2376bbc4c4564608674a7ad40a05a5c06795bfee57cdc8b7de405521f5abde0376f8a33784a29f78cc02db7c2eac70e413bddd84c6025f46edc6ed76c58b4896f59528e4983e4c04cd111148d5bced654993ddf0e498e5063e87f4ab39bd8719b54fc415a3accba924b8d17cb22ea8af8d03d69cfeeaa2159c1194bd02ec1a58efd15a0dce68c3d9f1c9f958a9a53e331cd5bc279df5b7e54304f26bdcf6a77ec97cc10b6a5084a8f2f5e456b0e8e4412de71c9da093183060c3e64460e373ad617d187a4f368b74b8ddbe100c5e6ab9bd24b79bf58b801ad59f1ffd9a50c08b60c84078815f649538a4000d40c43bb07562aa1fbe06ad2f183ca9f6896990d6a5f3f51ac4605d2ffd2dd2bf3ed8975fcfffdbbb26d2b02926408157344d8a33a974d74d52fdef12bd32a1bf2c65efa8a26cb89be5229d76db83ee71d68e5341e99a23e05a40f3d72cec6fc7e55c23ab788fc2ca35a48c9f356548cec5ec47a543db215831e54e6af286459a3ef25236b2add03b176d06ea599c5064fc2fc0c7fabd2de73ef5c253174547d1e52ae49a5c2da632fa7c5dd45b7dd594133cc94c3f91c10a8cf8272fbca1c1a9ef151d74bfb31fded69a748e1d71db858fbde95165a9092fbbacf9e138ba4e70355f27033ec7023f17b07977137695523ee3978e3569b39aa19222762b9f1c539dbcd9fc7b3a4a33cb54d5168a1443ca6edbdc34d87d0ec20616367adb2b2d54ce50ee19c9526a68f7636aae71f47fa85a42c0d8bbf41f846b29c6bf73ae0aa82ef681e686130c321e0b67cb21302cb2c2b927bb33375187b33dc01e77eba95f48a10c18761c42b066dd92e5cae3267afd36d85712344497208bbcf3d9a03942d47bbcbf3b03c989260aad2cbb57a84b460d05c92f65d564eda6e5d2fd25088f017d03d485c841f3e99e3ca01a04cc1d6d2dc1da3f75124e7136712ae57cb6bb5100a212e01d82b59371fe65a7b15cfb57762ed2b473d8c37b9243a936eefe9db4386d66553c45f80a5dc28602cd67516c5fb806e488c4d0a7db8a7b411cdf3ef76d26b463e18141905987757b2e0af95a352b93693c45b4945ffdd80c7e6af4a3532cfa2bf50abf652e56a74eb16f9e48420e4f86e1dcb9af82d8238c30048bf6b4fc7e0d7380150ffb449c5e83ab94f8ff81e2bed68b8d8172a0a06f313d6d870e69ad2ddd471f8e606cd84b21d222b8e977b21c6b271710b40d9003ada2655384869846edef7b69d0a4d3346af77d905eaf662412411c77151d5a6f5d16d4a135a5a825e7f1ca878b2db156eba6ef0d64befd7ea9a89c34dd65599c89cca16990d94a59f23f47f2fdd5b6803e4b8ca7a8a5e5fe0175c49ae1dcf0ebfd4b8bfdb9ace17094aee020828c9d359743eabd74f06823832374fddca0d9db5aaf4c8c40fa14348abbcf4d05bfe5f926b0e26bc0b9564634fc0e39b78934173cc7fa0e77b9db56891b1c5f18de0b49e7f3fab28ca482932514c65c5f0f8f518d31a4fd6f453d068920e47a28f9fb9a1182436f8e4321d7b10e21b73261703b6ad74941c2ec0d2d091a56e256992ac4b2fbac495343321a3caf5d25c4eb37f37876a08396f3310486d42e7a8b528f948345fca8146d428c66725aa5309018814f0316741245357920446f27eee04e9a8c0fd98dd8f0e8ef777fb50857a9959cf03aff80197d2509b16a0f79d7c3304cc304c9d831e7eb7eae996fd3bfe1af56c9711ff85467e0f9c78aabcf480e884884489188f372dc4746099c87165589b24e265557c159862065770d032a8ccade97680c6a5e2b298946d92cf5ce20a552afd201e31dd39973c8ea8f70381d20e564382f603d4a6e4f3f4c96be92c214fa3875b8232ff309ced92d2f142ee5125cb8eeadf4a56629c5db69c8cff4943b08695079a08642b7135902ae8b3ea7ecae3654317e7d66554962cdbeb6e02e95993fb79f0f664d6f3724fc147b8c6c29f96316cee291d67a22d13073a152aedebf990f4cb1a4926ab61c7b8245f9dceeac3cd40c05f605041c04bdc5e1c89f5f7fc7f986e7e7861ec626870e15653fe4c76f22f3d8f7cb899030c88ac38777d6ddef28585e6eda2ed96e1a03308893261a5e47017e97ba8bf34ae401b0eca27de55f58f9d72eaba8b449109127b4c7ac65692d33ca16cec83fd901bbea788419449b38d19d4398752bc89edc2acb74b0d39e3c79ba98f3d1aae99d85615d39092e30f025d90d1ebb02fe1f7d194b2007bc4e23333d2388168ce25e1afbc4f8b06cfbf57aeeeec99ab4719ab6ce8fda8d61b95bcc4a69ec88ec0f673c560472bf29762062a93848bcde548f1cd794fb788d9d2a7a2ba3f8e0844beb58638b0bbdb72b08142e37deed0343c5ba9cab4e48f031dc7edb04d66a1bc44e22b4b76a0859837625def203220d265ba02c8af354126b7442ea2b29a04b6583bcc300ad236d3e0fa69acc38d000646f430616070c5a23ebd06cbbb166855bb8bf33c09114652d74bb23c3dd23bc47aa0bf0a12b3cf9e538e6c2c8178b2033fe18e8c14a549ca058bd4d373bd88999d87b83ada8d0dc59551113853f0713b528629c0c7adb7a44be24ce1279fd9925855ccd6fe5719d66d279295be965f10c9aa6837ec4e245d2938b0496b9b87c03ff6145789fc757d5086fc90a1842e19dae9074ef253d3d33cb3eda2df36051c69ee774733568236195809fe3a697ec2afb4daf99a9e5b0f3555daa1eadb7c9a16b0f7758ad5876a5c90cc9946194c86d0c85af30e646b240bb8d051dbbf9c31e62c9615c94183eadb4f49335474c94cae502805b109c83ca0a73a9278a50c5378a0f393f2a9696840cf24871365ba140d81095b4f4b6a56970ad74ff16778300ddfea900af4d4149297ab128c7e9387a1d9bc48ff09b04f37c10ce58d6ddb1b732138e18b601c3cfa421a518c0dc1952149bf30b7486bff4a1a38ffda408653dc868eb2f329529c1563ccc88ae7d387d3746396feddad0f650a9a7c5049daf01adb25b5b1b3a5b73065d91c35ee9817dbfd9e9d981e46280a6a5a3518f341b7079c95bf9aff8cb79bd75c7ddff9e59ef4bf044ad8c639913976e9dbe9ea9960b980488df916623e436828122353aaa17cc66c460090a547c10b7fb833f26165323db1589ce48000e0cf5f6f1a698093a5ac8cdd41bcd8", 0x1000}, {&(0x7f0000000580)="e2cebf2259", 0x5}, {&(0x7f00000005c0)="c977bc3ae29ae44362792080eacb08fed9a44fcd1c1ae982b2a175e49af76fb74bbe3fde4f871e84ba24b69323bc13392a6131908c0c76ef87cb45ad50f941a3a26b7d403067936563bf7f922433563f5142b4c234fc3663efdede8d13078a51ab20a07deaaabc51e6f315439641decfc298c33a7b29e8c79f099b", 0x7b}], 0x8)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r3, 0x80089419, &(0x7f0000000200))

[ 1197.053450] pgscan_kswapd 0
[ 1197.053943] pgscan_direct 801
[ 1197.054406] pgscan_khugepaged 0
[ 1197.054930] pgscan_proactive 0
[ 1197.055403] pgsteal_kswapd 0
[ 1197.055883] pgsteal_direct 9
[ 1197.056329] pgsteal_khugepaged 0
[ 1197.056860] pgsteal_proactive 0
[ 1197.057343] pgfault 88419
[ 1197.057756] pgmajfault 0
[ 1197.058180] pgrefill 768
[ 1197.058588] pgactivate 3833
[ 1197.059055] pgdeactivate 768
[ 1197.059525] pglazyfree 0
[ 1197.059993] pglazyfreed 0
[ 1197.060405] swpin_zero 0
[ 1197.060846] swpout_zero 0
[ 1197.061253] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8749,uid=0
[ 1197.063427] Memory cgroup out of memory: Killed process 8749 (syz-executor.0) total-vm:93420kB, anon-rss:276kB, file-rss:35584kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
05:56:04 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002880), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002840)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB='\x00\x00', @ANYRES32=r1, @ANYBLOB="0a00340002020202020200000600660000000000"], 0x30}}, 0x0)

05:56:04 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x7fffffffffffffff, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:56:04 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0xb, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

[ 1197.349695] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1197.351254] CPU: 1 UID: 0 PID: 8781 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1197.351286] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1197.351300] Call Trace:
[ 1197.351308]  <TASK>
[ 1197.351317]  dump_stack_lvl+0xfa/0x120
[ 1197.351349]  dump_header+0x107/0x950
[ 1197.351386]  oom_kill_process+0x278/0xa00
[ 1197.351420]  out_of_memory+0x34b/0x1690
[ 1197.351458]  ? __pfx_out_of_memory+0x10/0x10
[ 1197.351500]  mem_cgroup_out_of_memory+0x164/0x190
[ 1197.351535]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1197.351579]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1197.351620]  try_charge_memcg+0x81f/0xf30
[ 1197.351677]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1197.351717]  ? get_mem_cgroup_from_objcg+0xf8/0x430
[ 1197.351746]  obj_cgroup_charge_account+0xa8/0x6e0
[ 1197.351781]  __memcg_slab_post_alloc_hook+0x33c/0x9d0
[ 1197.351825]  ? __create_object+0x59/0x80
[ 1197.351854]  kmem_cache_alloc_lru_noprof+0x328/0x3c0
[ 1197.351888]  ? sock_alloc_inode+0x27/0x1d0
[ 1197.351924]  sock_alloc_inode+0x27/0x1d0
[ 1197.351951]  ? __pfx_sock_alloc_inode+0x10/0x10
[ 1197.351977]  alloc_inode+0x67/0x250
[ 1197.352002]  sock_alloc+0x40/0x270
[ 1197.352030]  __sock_create+0xc1/0x810
[ 1197.352068]  __sys_socket+0x145/0x260
[ 1197.352100]  ? __pfx___sys_socket+0x10/0x10
[ 1197.352144]  __x64_sys_socket+0x73/0xb0
[ 1197.352176]  do_syscall_64+0xbf/0x360
[ 1197.352205]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1197.352228] RIP: 0033:0x7ff98bb47b19
[ 1197.352246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1197.352268] RSP: 002b:00007ff9890bd188 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 1197.352290] RAX: ffffffffffffffda RBX: 00007ff98bc5af60 RCX: 00007ff98bb47b19
[ 1197.352306] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[ 1197.352319] RBP: 00007ff98bba1f6d R08: 0000000000000000 R09: 0000000000000000
[ 1197.352334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1197.352347] R13: 00007ffc54e3909f R14: 00007ff9890bd300 R15: 0000000000022000
[ 1197.352381]  </TASK>
[ 1197.381985] memory: usage 307200kB, limit 307200kB, failcnt 3005
[ 1197.382929] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1197.383848] Memory cgroup stats for /syz0:
[ 1197.407327] anon 106496
[ 1197.408707] file 312950784
[ 1197.409371] kernel 1515520
[ 1197.409857] kernel_stack 65536
[ 1197.410333] pagetables 151552
[ 1197.410802] sec_pagetables 0
[ 1197.411318] percpu 128
[ 1197.411713] sock 0
[ 1197.412338] vmalloc 0
[ 1197.412739] shmem 312950784
[ 1197.413535] file_mapped 0
[ 1197.414195] file_dirty 0
[ 1197.414603] file_writeback 0
[ 1197.415121] swapcached 0
[ 1197.415525] inactive_anon 306462720
[ 1197.416095] active_anon 6545408
[ 1197.416581] inactive_file 0
[ 1197.417061] active_file 0
[ 1197.417486] unevictable 0
[ 1197.417937] slab_reclaimable 949040
[ 1197.418471] slab_unreclaimable 363896
[ 1197.419099] slab 1312936
[ 1197.419501] workingset_refault_anon 0
[ 1197.420089] workingset_refault_file 1
[ 1197.420659] workingset_activate_anon 0
[ 1197.421311] workingset_activate_file 0
[ 1197.421952] workingset_restore_anon 0
[ 1197.422523] workingset_restore_file 0
[ 1197.423136] workingset_nodereclaim 0
[ 1197.423698] pgdemote_kswapd 0
[ 1197.424206] pgdemote_direct 0
[ 1197.424696] pgdemote_khugepaged 0
[ 1197.425264] pgdemote_proactive 0
[ 1197.425792] pgscan 801
[ 1197.426218] pgsteal 9
[ 1197.426579] pswpin 0
[ 1197.426989] pswpout 0
[ 1197.427361] pgscan_kswapd 0
[ 1197.427863] pgscan_direct 801
[ 1197.428340] pgscan_khugepaged 0
[ 1197.428894] pgscan_proactive 0
[ 1197.429387] pgsteal_kswapd 0
[ 1197.429907] pgsteal_direct 9
[ 1197.430364] pgsteal_khugepaged 0
[ 1197.430929] pgsteal_proactive 0
[ 1197.431415] pgfault 88457
[ 1197.431892] pgmajfault 0
[ 1197.432299] pgrefill 768
[ 1197.432713] pgactivate 3833
[ 1197.433208] pgdeactivate 768
[ 1197.433676] pglazyfree 0
[ 1197.434141] pglazyfreed 0
[ 1197.434559] swpin_zero 0
[ 1197.435068] swpout_zero 0
[ 1197.435488] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8780,uid=0
[ 1197.437999] Memory cgroup out of memory: Killed process 8780 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[ 1197.455598] socket: no more sockets
[ 1197.683520] audit: type=1326 audit(1755410165.031:175): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8746 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:56:13 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x10000000000000)

05:56:13 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x11, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:56:13 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x8000000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:56:13 executing program 1:
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open$cgroup(&(0x7f0000000080)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x80}, 0x0, 0x1, 0x5}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x1, 0x40, 0x6, 0x8, 0x0, 0x3, 0x140, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x7fff, 0x1, @perf_bp={&(0x7f0000000140), 0xe}, 0x40800, 0x100, 0x8, 0x3, 0x2, 0x8, 0x679c, 0x0, 0x7, 0x0, 0x8}, 0xffffffffffffffff, 0xd, r1, 0x2)
r2 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000940)='ns/cgroup\x00')
ioctl$FIGETBSZ(r2, 0x2, &(0x7f00000019c0))
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f00000006c0)='fdinfo/3\x00')
ioctl$int_in(r1, 0x5452, &(0x7f0000000100)=0x7ff)
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
r4 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r4, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$EXT4_IOC_GET_ES_CACHE(r4, 0xc020662a, &(0x7f0000000700)={0x4, 0xff, 0x5, 0x2, 0x9, [{0x60ee, 0x4, 0x8, '\x00', 0x1e8b}, {0x11, 0x1bc5a0ec, 0x10000}, {0x1f, 0x2, 0xfff, '\x00', 0x2}, {0x4, 0x0, 0x4, '\x00', 0x5}, {0x10, 0x4e0b, 0x6, '\x00', 0x1a80}, {0x1000, 0x6, 0x1, '\x00', 0x104}, {0x7fff, 0x0, 0x9, '\x00', 0x900}, {0x7ff, 0xfffffffffffffffd, 0x3f, '\x00', 0x800}, {0x0, 0x401, 0x2, '\x00', 0x1004}]})
pread64(r3, &(0x7f0000000040)=""/156, 0x9c, 0x2)
writev(r3, &(0x7f0000000640)=[{&(0x7f0000000240)="a5a13595f51b18534fc663bce134e972e84614337d7b8aaa97c1d64c506a2647fe1c893567a4ec43a8a248dc4cbcfd407f5eb92fe1c1e2acd4baf86e28507897b9a7da5f063357faa5b61295e3e239aa22c36fa643ae063fe8a21ae5d95acffbfbeacc4b272784f768552dc9cc63d59983688bccb57bf3b648505a37a8b170a208340de0cb7217a27b9d1e7513d0ab54b53ff2c0bbb581c345a5db8148e65725e7e44ca19e38686095eb28b3299c5b1a0f", 0xb1}, {&(0x7f0000000300)="0600a55cb74f3d3614d5de786d287e85d93dc1209805e9cc941a7486d09871bdf0df10b9028e3a60a1059e07f52f3d656e9a2ccbd803a40631afb57ccddac6e86a9f91", 0x43}, {&(0x7f0000000380)="260222db97b30430f95a9f3f2f086656d275a804f060435fd84e854e2090f1a2688e03b9e38d48f848b200877171e9bea921f735ba4327ba85accd940b5ae0203beea065e78d4af59fea56ce521df67bd68db0917e496b7fd2aa5169e5cfa6d85c2e1524c832f5081a689767f690a463806a83354ba46ee446595b97e97bcf4e8f364f10db3d48149387b9e8533fe03dd9ff70037162e8fcf5de63b07e1ba9556846e94cc50f15209974b41655a73e7eee774c443fb63b10eb83024345f33e7cdcf9d42428207bd983", 0xc9}, {&(0x7f0000000480)="284816eb85d51752295f21977ce41ab1c9b038d9158211893f9d1b26e2ef717bc6d7a8973cb2f3c6a2", 0x29}, {&(0x7f00000004c0)="efead5c98c232d01f2c6ff1c23f80ccd34f4c82763a890247f10b82d2af474235c876f9da339c1cc6f134c2b1010f634233b362bd6e24abf0a5feffb1528727d07a17007743ce0c1cb61d96121d783f11056ddfd20eb37beed0940802441e897afaa41b7185a5f92198533024323eaa114c8c669bd35960a943e62fe97b0790a3c98e322128e527ab0d1d5aa7c49c0f71aaefd47da921d172bdcf34c505a9b024475499c9428fad8ab0250e99b2b09c35cfb11baaa24", 0xb6}, {&(0x7f00000009c0)="4c2823f6e8d385c6dc23bb563e495863c7d21c3f3aa1085c13ab873aad496c45a85caabdac8906a53979dce0709871232e8787f531942f7847573153444d564e2953bdddf4dd0de69da5f23f0c7d841985994bec8ac6f1588d233e2a210f55b51c635b3732e80d113bf46e831af7cd5b94e696a6981df3a935c431be3c3eab98042dc1b2e1a868f2141a46e4d870851fac658d030a57b0e3763c9cd24d4085c7fd108fdeeeb24ad97af56f4e84b55dc00fe5d7342872e2f14fea71c07eb13208c18924638683c3ef9a16e7f9aed8ff9897f8458cdfa8c2bc3c1f5494fb4cfb9ca8078feea30446a4e84308a1bab25805cb42dada9b4f3bed9a439cba8ba3d0655b94ce3306aadb6ead65f78a51fc2eea0071f156ecf1eeed5e441a4cfaa2cac3e7fc1ec0ae1ee762b7aa950209fcd8a295b837e706c11d8e5f21cd1bc0ad72709332f9eadd2e890ddbf8d64cfd9ab69c387619cdf31476829bb4fb9a7d8a6bfc65c9d802289bb2755bd16831699deb4e89408c7bb20c6c0cfa651cb69a067ca372e60ff5c72f99d8c3e68ee1f615532daa8d6d5fcd078a58638fe11e8d70ad381373086fa8c1469ab83fc8c0004f334cc6193387eabce63ea2a25817dea9356e783d10cca94cce6961ed8eaa814a214654ed9a3459bba6fe25c5ecca446ee35e88930d6efe5db0632d44949174bd185d750929677194149c82e563f4d9789f62464c661cc332ffe62e525bf61a1ebc56995ed7f21ea7bfa33516232d205c906c4dfe08a1d0f62d86d18056a89f75529c9892796781a6389660fe8527202027b596e2099283080592d7fcb6f516995874c07dcd24f3a18a851f95a3fa1eb88503c55c6d01a179db53a5570a39e3d6ee33cf810913a330f7c620e20b167ad5e394ab33fe3805b9b2a586d6458d4e0c2aab2bfadc4189f7a7e02ff43ad32f4d637d80686b613cdaee28fd56cfed9b118932d15e5f9236991ad4bef66aeacf55044faf21506670f8cd22331026730fac04c9540ee3a8ea9cf5032e93abcae82ce3257415a07bddc2adba196caac53ac98d8fc4169718c5ae40269fc917e1d2fa84156e04e8181abb6e8f91f134e7a93739af481d818f8ea5244ed0a012daa84d267edfbdc15e75e19759b91c0fd1051ff52864938be74a93b36aa6261452f49b11faa328801d6cc74a20d969a03fda7926f3f870bca5e2bef5a0d673b74198e7ffb4088fb0d4cfce0f37eb1720f4f74ca38574b7b359f28f663a98bfa305dcad9ad530ed41b8318b93af70b5e414125378794de31b05f9234712c653f2063bc07cbddd24e4b970120483d80541376ee6ea9cf499355f76b35c89dcf8f04c78070eeffcaa60872ee90e75a52628d387bba48e903c9d0372dc05c78750c7c17a8c5077b06404abd88374b8eabd75a1df3c5a8eb3e1746d83681a114afa8a3835e802a002cc863fd90c49f966688a173105464b2fa28cd3d401fa1131ea091390dea5b1ed59ea2adb5c0e863c5e4a9424c9937b6c7af21a1a1ce0bc1fa6e65340e87e7ebc71018945fbf7e0ae3ab7890f0cf88704cd90f2b28163cc063c5d79b87adb6d405f8c7fd7e1a424f2326ad160543d9812e081ce7b8e72454e0e44405188b9f0847c5983501f1638baef68427b2f493268a955c35e6a21f3aef5dc04353a090e5b57759e0dffb51f0f7d4808a094353d3bab48d75bfa9824197b0060f0f3e9b0f8619bd6d8520702e0e632d323673add7006bd04b826af2f58b03da3a86b4f4fc28f74a3bc25818b9dcddd15cda4377b718ca68da28064a4ad2490a4ef43badbf61e43b1487190176719e8254abf1bd4ff625fbdd9f4e007f0d052596c3654f66c7f08fccca1232d22575d18bf94a8fac0d101d4c7d1603d19e72832c108ef08910cf5cfdcc8d7f928c96b211dcd784294538ac638852297aac51c89839422668bede5aaae2110f5bd3b2407b0f129248bc1ee1b25fb3075c4050c131e86d31d56d33ff7b012e72b615de0496047b11d830f64a3170389bd5ecf425ddd8c2aed5be8c7c18aa88bfa5c4e35b77d5c2e017e18fc575d039f8c92c6bee0ef9f483eccec7f18a66b32833b3970f7ac93785d67abba8e663f8ca0c284ec0e80bd3d6acab2beef8f4bd520e53dc550f620e59d32dd946ec6043748de90d419d64962159f564516a0a7033da9ee5cfe8bd9dfae752b7dba65a5fa6c105766612d58ae187e60e98da6e86a862e18a3da1510c4e5320a837bd8d168ab7de918d8a4100b585fc47cda583c894afa8e89076f1b96a2ea067a7937f6d922f4b202a0091f6e7a0f1a9364d3817f88ff34dd4d8fcadf510817c1baaba93241dfc74eb4e656a3177d75ecca7834816cd30f9931ddb2013f9748ee5a1390cf06d248b12032dfc56d8f8498a99f0ee338f816595269d6132fbaebdb7942ee749237bac8ed3159c96e600b98d439022792bffd981f352c385b1e4ebafba618b080917f7ac27f6583fcdac02f0bad7d77478f2ac7673ecaf0a5141f751c5ab03f8416c242fb8a002e40f4a87ba16d7c2346c5269975ad0b869dc1e82ea11038cc1db9a94f4cf27489d70f1102560c6ca8db53422b89c867351f1e3c64a1b35517c2376bbc4c4564608674a7ad40a05a5c06795bfee57cdc8b7de405521f5abde0376f8a33784a29f78cc02db7c2eac70e413bddd84c6025f46edc6ed76c58b4896f59528e4983e4c04cd111148d5bced654993ddf0e498e5063e87f4ab39bd8719b54fc415a3accba924b8d17cb22ea8af8d03d69cfeeaa2159c1194bd02ec1a58efd15a0dce68c3d9f1c9f958a9a53e331cd5bc279df5b7e54304f26bdcf6a77ec97cc10b6a5084a8f2f5e456b0e8e4412de71c9da093183060c3e64460e373ad617d187a4f368b74b8ddbe100c5e6ab9bd24b79bf58b801ad59f1ffd9a50c08b60c84078815f649538a4000d40c43bb07562aa1fbe06ad2f183ca9f6896990d6a5f3f51ac4605d2ffd2dd2bf3ed8975fcfffdbbb26d2b02926408157344d8a33a974d74d52fdef12bd32a1bf2c65efa8a26cb89be5229d76db83ee71d68e5341e99a23e05a40f3d72cec6fc7e55c23ab788fc2ca35a48c9f356548cec5ec47a543db215831e54e6af286459a3ef25236b2add03b176d06ea599c5064fc2fc0c7fabd2de73ef5c253174547d1e52ae49a5c2da632fa7c5dd45b7dd594133cc94c3f91c10a8cf8272fbca1c1a9ef151d74bfb31fded69a748e1d71db858fbde95165a9092fbbacf9e138ba4e70355f27033ec7023f17b07977137695523ee3978e3569b39aa19222762b9f1c539dbcd9fc7b3a4a33cb54d5168a1443ca6edbdc34d87d0ec20616367adb2b2d54ce50ee19c9526a68f7636aae71f47fa85a42c0d8bbf41f846b29c6bf73ae0aa82ef681e686130c321e0b67cb21302cb2c2b927bb33375187b33dc01e77eba95f48a10c18761c42b066dd92e5cae3267afd36d85712344497208bbcf3d9a03942d47bbcbf3b03c989260aad2cbb57a84b460d05c92f65d564eda6e5d2fd25088f017d03d485c841f3e99e3ca01a04cc1d6d2dc1da3f75124e7136712ae57cb6bb5100a212e01d82b59371fe65a7b15cfb57762ed2b473d8c37b9243a936eefe9db4386d66553c45f80a5dc28602cd67516c5fb806e488c4d0a7db8a7b411cdf3ef76d26b463e18141905987757b2e0af95a352b93693c45b4945ffdd80c7e6af4a3532cfa2bf50abf652e56a74eb16f9e48420e4f86e1dcb9af82d8238c30048bf6b4fc7e0d7380150ffb449c5e83ab94f8ff81e2bed68b8d8172a0a06f313d6d870e69ad2ddd471f8e606cd84b21d222b8e977b21c6b271710b40d9003ada2655384869846edef7b69d0a4d3346af77d905eaf662412411c77151d5a6f5d16d4a135a5a825e7f1ca878b2db156eba6ef0d64befd7ea9a89c34dd65599c89cca16990d94a59f23f47f2fdd5b6803e4b8ca7a8a5e5fe0175c49ae1dcf0ebfd4b8bfdb9ace17094aee020828c9d359743eabd74f06823832374fddca0d9db5aaf4c8c40fa14348abbcf4d05bfe5f926b0e26bc0b9564634fc0e39b78934173cc7fa0e77b9db56891b1c5f18de0b49e7f3fab28ca482932514c65c5f0f8f518d31a4fd6f453d068920e47a28f9fb9a1182436f8e4321d7b10e21b73261703b6ad74941c2ec0d2d091a56e256992ac4b2fbac495343321a3caf5d25c4eb37f37876a08396f3310486d42e7a8b528f948345fca8146d428c66725aa5309018814f0316741245357920446f27eee04e9a8c0fd98dd8f0e8ef777fb50857a9959cf03aff80197d2509b16a0f79d7c3304cc304c9d831e7eb7eae996fd3bfe1af56c9711ff85467e0f9c78aabcf480e884884489188f372dc4746099c87165589b24e265557c159862065770d032a8ccade97680c6a5e2b298946d92cf5ce20a552afd201e31dd39973c8ea8f70381d20e564382f603d4a6e4f3f4c96be92c214fa3875b8232ff309ced92d2f142ee5125cb8eeadf4a56629c5db69c8cff4943b08695079a08642b7135902ae8b3ea7ecae3654317e7d66554962cdbeb6e02e95993fb79f0f664d6f3724fc147b8c6c29f96316cee291d67a22d13073a152aedebf990f4cb1a4926ab61c7b8245f9dceeac3cd40c05f605041c04bdc5e1c89f5f7fc7f986e7e7861ec626870e15653fe4c76f22f3d8f7cb899030c88ac38777d6ddef28585e6eda2ed96e1a03308893261a5e47017e97ba8bf34ae401b0eca27de55f58f9d72eaba8b449109127b4c7ac65692d33ca16cec83fd901bbea788419449b38d19d4398752bc89edc2acb74b0d39e3c79ba98f3d1aae99d85615d39092e30f025d90d1ebb02fe1f7d194b2007bc4e23333d2388168ce25e1afbc4f8b06cfbf57aeeeec99ab4719ab6ce8fda8d61b95bcc4a69ec88ec0f673c560472bf29762062a93848bcde548f1cd794fb788d9d2a7a2ba3f8e0844beb58638b0bbdb72b08142e37deed0343c5ba9cab4e48f031dc7edb04d66a1bc44e22b4b76a0859837625def203220d265ba02c8af354126b7442ea2b29a04b6583bcc300ad236d3e0fa69acc38d000646f430616070c5a23ebd06cbbb166855bb8bf33c09114652d74bb23c3dd23bc47aa0bf0a12b3cf9e538e6c2c8178b2033fe18e8c14a549ca058bd4d373bd88999d87b83ada8d0dc59551113853f0713b528629c0c7adb7a44be24ce1279fd9925855ccd6fe5719d66d279295be965f10c9aa6837ec4e245d2938b0496b9b87c03ff6145789fc757d5086fc90a1842e19dae9074ef253d3d33cb3eda2df36051c69ee774733568236195809fe3a697ec2afb4daf99a9e5b0f3555daa1eadb7c9a16b0f7758ad5876a5c90cc9946194c86d0c85af30e646b240bb8d051dbbf9c31e62c9615c94183eadb4f49335474c94cae502805b109c83ca0a73a9278a50c5378a0f393f2a9696840cf24871365ba140d81095b4f4b6a56970ad74ff16778300ddfea900af4d4149297ab128c7e9387a1d9bc48ff09b04f37c10ce58d6ddb1b732138e18b601c3cfa421a518c0dc1952149bf30b7486bff4a1a38ffda408653dc868eb2f329529c1563ccc88ae7d387d3746396feddad0f650a9a7c5049daf01adb25b5b1b3a5b73065d91c35ee9817dbfd9e9d981e46280a6a5a3518f341b7079c95bf9aff8cb79bd75c7ddff9e59ef4bf044ad8c639913976e9dbe9ea9960b980488df916623e436828122353aaa17cc66c460090a547c10b7fb833f26165323db1589ce48000e0cf5f6f1a698093a5ac8cdd41bcd8", 0x1000}, {&(0x7f0000000580)="e2cebf2259", 0x5}, {&(0x7f00000005c0)="c977bc3ae29ae44362792080eacb08fed9a44fcd1c1ae982b2a175e49af76fb74bbe3fde4f871e84ba24b69323bc13392a6131908c0c76ef87cb45ad50f941a3a26b7d403067936563bf7f922433563f5142b4c234fc3663efdede8d13078a51ab20a07deaaabc51e6f315439641decfc298c33a7b29e8c79f099b", 0x7b}], 0x8)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r3, 0x80089419, &(0x7f0000000200))

05:56:13 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x10, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

05:56:13 executing program 0:
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open$cgroup(&(0x7f0000000080)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x80}, 0x0, 0x1, 0x5}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x1, 0x40, 0x6, 0x8, 0x0, 0x3, 0x140, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x7fff, 0x1, @perf_bp={&(0x7f0000000140), 0xe}, 0x40800, 0x100, 0x8, 0x3, 0x2, 0x8, 0x679c, 0x0, 0x7, 0x0, 0x8}, 0xffffffffffffffff, 0xd, r1, 0x2)
r2 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000940)='ns/cgroup\x00')
ioctl$FIGETBSZ(r2, 0x2, &(0x7f00000019c0))
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f00000006c0)='fdinfo/3\x00')
ioctl$int_in(r1, 0x5452, &(0x7f0000000100)=0x7ff)
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
r4 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r4, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$EXT4_IOC_GET_ES_CACHE(r4, 0xc020662a, &(0x7f0000000700)={0x4, 0xff, 0x5, 0x2, 0x9, [{0x60ee, 0x4, 0x8, '\x00', 0x1e8b}, {0x11, 0x1bc5a0ec, 0x10000}, {0x1f, 0x2, 0xfff, '\x00', 0x2}, {0x4, 0x0, 0x4, '\x00', 0x5}, {0x10, 0x4e0b, 0x6, '\x00', 0x1a80}, {0x1000, 0x6, 0x1, '\x00', 0x104}, {0x7fff, 0x0, 0x9, '\x00', 0x900}, {0x7ff, 0xfffffffffffffffd, 0x3f, '\x00', 0x800}, {0x0, 0x401, 0x2, '\x00', 0x1004}]})
pread64(r3, &(0x7f0000000040)=""/156, 0x9c, 0x2)
writev(r3, &(0x7f0000000640)=[{&(0x7f0000000240)="a5a13595f51b18534fc663bce134e972e84614337d7b8aaa97c1d64c506a2647fe1c893567a4ec43a8a248dc4cbcfd407f5eb92fe1c1e2acd4baf86e28507897b9a7da5f063357faa5b61295e3e239aa22c36fa643ae063fe8a21ae5d95acffbfbeacc4b272784f768552dc9cc63d59983688bccb57bf3b648505a37a8b170a208340de0cb7217a27b9d1e7513d0ab54b53ff2c0bbb581c345a5db8148e65725e7e44ca19e38686095eb28b3299c5b1a0f", 0xb1}, {&(0x7f0000000300)="0600a55cb74f3d3614d5de786d287e85d93dc1209805e9cc941a7486d09871bdf0df10b9028e3a60a1059e07f52f3d656e9a2ccbd803a40631afb57ccddac6e86a9f91", 0x43}, {&(0x7f0000000380)="260222db97b30430f95a9f3f2f086656d275a804f060435fd84e854e2090f1a2688e03b9e38d48f848b200877171e9bea921f735ba4327ba85accd940b5ae0203beea065e78d4af59fea56ce521df67bd68db0917e496b7fd2aa5169e5cfa6d85c2e1524c832f5081a689767f690a463806a83354ba46ee446595b97e97bcf4e8f364f10db3d48149387b9e8533fe03dd9ff70037162e8fcf5de63b07e1ba9556846e94cc50f15209974b41655a73e7eee774c443fb63b10eb83024345f33e7cdcf9d42428207bd983", 0xc9}, {&(0x7f0000000480)="284816eb85d51752295f21977ce41ab1c9b038d9158211893f9d1b26e2ef717bc6d7a8973cb2f3c6a2", 0x29}, {&(0x7f00000004c0)="efead5c98c232d01f2c6ff1c23f80ccd34f4c82763a890247f10b82d2af474235c876f9da339c1cc6f134c2b1010f634233b362bd6e24abf0a5feffb1528727d07a17007743ce0c1cb61d96121d783f11056ddfd20eb37beed0940802441e897afaa41b7185a5f92198533024323eaa114c8c669bd35960a943e62fe97b0790a3c98e322128e527ab0d1d5aa7c49c0f71aaefd47da921d172bdcf34c505a9b024475499c9428fad8ab0250e99b2b09c35cfb11baaa24", 0xb6}, {&(0x7f00000009c0)="4c2823f6e8d385c6dc23bb563e495863c7d21c3f3aa1085c13ab873aad496c45a85caabdac8906a53979dce0709871232e8787f531942f7847573153444d564e2953bdddf4dd0de69da5f23f0c7d841985994bec8ac6f1588d233e2a210f55b51c635b3732e80d113bf46e831af7cd5b94e696a6981df3a935c431be3c3eab98042dc1b2e1a868f2141a46e4d870851fac658d030a57b0e3763c9cd24d4085c7fd108fdeeeb24ad97af56f4e84b55dc00fe5d7342872e2f14fea71c07eb13208c18924638683c3ef9a16e7f9aed8ff9897f8458cdfa8c2bc3c1f5494fb4cfb9ca8078feea30446a4e84308a1bab25805cb42dada9b4f3bed9a439cba8ba3d0655b94ce3306aadb6ead65f78a51fc2eea0071f156ecf1eeed5e441a4cfaa2cac3e7fc1ec0ae1ee762b7aa950209fcd8a295b837e706c11d8e5f21cd1bc0ad72709332f9eadd2e890ddbf8d64cfd9ab69c387619cdf31476829bb4fb9a7d8a6bfc65c9d802289bb2755bd16831699deb4e89408c7bb20c6c0cfa651cb69a067ca372e60ff5c72f99d8c3e68ee1f615532daa8d6d5fcd078a58638fe11e8d70ad381373086fa8c1469ab83fc8c0004f334cc6193387eabce63ea2a25817dea9356e783d10cca94cce6961ed8eaa814a214654ed9a3459bba6fe25c5ecca446ee35e88930d6efe5db0632d44949174bd185d750929677194149c82e563f4d9789f62464c661cc332ffe62e525bf61a1ebc56995ed7f21ea7bfa33516232d205c906c4dfe08a1d0f62d86d18056a89f75529c9892796781a6389660fe8527202027b596e2099283080592d7fcb6f516995874c07dcd24f3a18a851f95a3fa1eb88503c55c6d01a179db53a5570a39e3d6ee33cf810913a330f7c620e20b167ad5e394ab33fe3805b9b2a586d6458d4e0c2aab2bfadc4189f7a7e02ff43ad32f4d637d80686b613cdaee28fd56cfed9b118932d15e5f9236991ad4bef66aeacf55044faf21506670f8cd22331026730fac04c9540ee3a8ea9cf5032e93abcae82ce3257415a07bddc2adba196caac53ac98d8fc4169718c5ae40269fc917e1d2fa84156e04e8181abb6e8f91f134e7a93739af481d818f8ea5244ed0a012daa84d267edfbdc15e75e19759b91c0fd1051ff52864938be74a93b36aa6261452f49b11faa328801d6cc74a20d969a03fda7926f3f870bca5e2bef5a0d673b74198e7ffb4088fb0d4cfce0f37eb1720f4f74ca38574b7b359f28f663a98bfa305dcad9ad530ed41b8318b93af70b5e414125378794de31b05f9234712c653f2063bc07cbddd24e4b970120483d80541376ee6ea9cf499355f76b35c89dcf8f04c78070eeffcaa60872ee90e75a52628d387bba48e903c9d0372dc05c78750c7c17a8c5077b06404abd88374b8eabd75a1df3c5a8eb3e1746d83681a114afa8a3835e802a002cc863fd90c49f966688a173105464b2fa28cd3d401fa1131ea091390dea5b1ed59ea2adb5c0e863c5e4a9424c9937b6c7af21a1a1ce0bc1fa6e65340e87e7ebc71018945fbf7e0ae3ab7890f0cf88704cd90f2b28163cc063c5d79b87adb6d405f8c7fd7e1a424f2326ad160543d9812e081ce7b8e72454e0e44405188b9f0847c5983501f1638baef68427b2f493268a955c35e6a21f3aef5dc04353a090e5b57759e0dffb51f0f7d4808a094353d3bab48d75bfa9824197b0060f0f3e9b0f8619bd6d8520702e0e632d323673add7006bd04b826af2f58b03da3a86b4f4fc28f74a3bc25818b9dcddd15cda4377b718ca68da28064a4ad2490a4ef43badbf61e43b1487190176719e8254abf1bd4ff625fbdd9f4e007f0d052596c3654f66c7f08fccca1232d22575d18bf94a8fac0d101d4c7d1603d19e72832c108ef08910cf5cfdcc8d7f928c96b211dcd784294538ac638852297aac51c89839422668bede5aaae2110f5bd3b2407b0f129248bc1ee1b25fb3075c4050c131e86d31d56d33ff7b012e72b615de0496047b11d830f64a3170389bd5ecf425ddd8c2aed5be8c7c18aa88bfa5c4e35b77d5c2e017e18fc575d039f8c92c6bee0ef9f483eccec7f18a66b32833b3970f7ac93785d67abba8e663f8ca0c284ec0e80bd3d6acab2beef8f4bd520e53dc550f620e59d32dd946ec6043748de90d419d64962159f564516a0a7033da9ee5cfe8bd9dfae752b7dba65a5fa6c105766612d58ae187e60e98da6e86a862e18a3da1510c4e5320a837bd8d168ab7de918d8a4100b585fc47cda583c894afa8e89076f1b96a2ea067a7937f6d922f4b202a0091f6e7a0f1a9364d3817f88ff34dd4d8fcadf510817c1baaba93241dfc74eb4e656a3177d75ecca7834816cd30f9931ddb2013f9748ee5a1390cf06d248b12032dfc56d8f8498a99f0ee338f816595269d6132fbaebdb7942ee749237bac8ed3159c96e600b98d439022792bffd981f352c385b1e4ebafba618b080917f7ac27f6583fcdac02f0bad7d77478f2ac7673ecaf0a5141f751c5ab03f8416c242fb8a002e40f4a87ba16d7c2346c5269975ad0b869dc1e82ea11038cc1db9a94f4cf27489d70f1102560c6ca8db53422b89c867351f1e3c64a1b35517c2376bbc4c4564608674a7ad40a05a5c06795bfee57cdc8b7de405521f5abde0376f8a33784a29f78cc02db7c2eac70e413bddd84c6025f46edc6ed76c58b4896f59528e4983e4c04cd111148d5bced654993ddf0e498e5063e87f4ab39bd8719b54fc415a3accba924b8d17cb22ea8af8d03d69cfeeaa2159c1194bd02ec1a58efd15a0dce68c3d9f1c9f958a9a53e331cd5bc279df5b7e54304f26bdcf6a77ec97cc10b6a5084a8f2f5e456b0e8e4412de71c9da093183060c3e64460e373ad617d187a4f368b74b8ddbe100c5e6ab9bd24b79bf58b801ad59f1ffd9a50c08b60c84078815f649538a4000d40c43bb07562aa1fbe06ad2f183ca9f6896990d6a5f3f51ac4605d2ffd2dd2bf3ed8975fcfffdbbb26d2b02926408157344d8a33a974d74d52fdef12bd32a1bf2c65efa8a26cb89be5229d76db83ee71d68e5341e99a23e05a40f3d72cec6fc7e55c23ab788fc2ca35a48c9f356548cec5ec47a543db215831e54e6af286459a3ef25236b2add03b176d06ea599c5064fc2fc0c7fabd2de73ef5c253174547d1e52ae49a5c2da632fa7c5dd45b7dd594133cc94c3f91c10a8cf8272fbca1c1a9ef151d74bfb31fded69a748e1d71db858fbde95165a9092fbbacf9e138ba4e70355f27033ec7023f17b07977137695523ee3978e3569b39aa19222762b9f1c539dbcd9fc7b3a4a33cb54d5168a1443ca6edbdc34d87d0ec20616367adb2b2d54ce50ee19c9526a68f7636aae71f47fa85a42c0d8bbf41f846b29c6bf73ae0aa82ef681e686130c321e0b67cb21302cb2c2b927bb33375187b33dc01e77eba95f48a10c18761c42b066dd92e5cae3267afd36d85712344497208bbcf3d9a03942d47bbcbf3b03c989260aad2cbb57a84b460d05c92f65d564eda6e5d2fd25088f017d03d485c841f3e99e3ca01a04cc1d6d2dc1da3f75124e7136712ae57cb6bb5100a212e01d82b59371fe65a7b15cfb57762ed2b473d8c37b9243a936eefe9db4386d66553c45f80a5dc28602cd67516c5fb806e488c4d0a7db8a7b411cdf3ef76d26b463e18141905987757b2e0af95a352b93693c45b4945ffdd80c7e6af4a3532cfa2bf50abf652e56a74eb16f9e48420e4f86e1dcb9af82d8238c30048bf6b4fc7e0d7380150ffb449c5e83ab94f8ff81e2bed68b8d8172a0a06f313d6d870e69ad2ddd471f8e606cd84b21d222b8e977b21c6b271710b40d9003ada2655384869846edef7b69d0a4d3346af77d905eaf662412411c77151d5a6f5d16d4a135a5a825e7f1ca878b2db156eba6ef0d64befd7ea9a89c34dd65599c89cca16990d94a59f23f47f2fdd5b6803e4b8ca7a8a5e5fe0175c49ae1dcf0ebfd4b8bfdb9ace17094aee020828c9d359743eabd74f06823832374fddca0d9db5aaf4c8c40fa14348abbcf4d05bfe5f926b0e26bc0b9564634fc0e39b78934173cc7fa0e77b9db56891b1c5f18de0b49e7f3fab28ca482932514c65c5f0f8f518d31a4fd6f453d068920e47a28f9fb9a1182436f8e4321d7b10e21b73261703b6ad74941c2ec0d2d091a56e256992ac4b2fbac495343321a3caf5d25c4eb37f37876a08396f3310486d42e7a8b528f948345fca8146d428c66725aa5309018814f0316741245357920446f27eee04e9a8c0fd98dd8f0e8ef777fb50857a9959cf03aff80197d2509b16a0f79d7c3304cc304c9d831e7eb7eae996fd3bfe1af56c9711ff85467e0f9c78aabcf480e884884489188f372dc4746099c87165589b24e265557c159862065770d032a8ccade97680c6a5e2b298946d92cf5ce20a552afd201e31dd39973c8ea8f70381d20e564382f603d4a6e4f3f4c96be92c214fa3875b8232ff309ced92d2f142ee5125cb8eeadf4a56629c5db69c8cff4943b08695079a08642b7135902ae8b3ea7ecae3654317e7d66554962cdbeb6e02e95993fb79f0f664d6f3724fc147b8c6c29f96316cee291d67a22d13073a152aedebf990f4cb1a4926ab61c7b8245f9dceeac3cd40c05f605041c04bdc5e1c89f5f7fc7f986e7e7861ec626870e15653fe4c76f22f3d8f7cb899030c88ac38777d6ddef28585e6eda2ed96e1a03308893261a5e47017e97ba8bf34ae401b0eca27de55f58f9d72eaba8b449109127b4c7ac65692d33ca16cec83fd901bbea788419449b38d19d4398752bc89edc2acb74b0d39e3c79ba98f3d1aae99d85615d39092e30f025d90d1ebb02fe1f7d194b2007bc4e23333d2388168ce25e1afbc4f8b06cfbf57aeeeec99ab4719ab6ce8fda8d61b95bcc4a69ec88ec0f673c560472bf29762062a93848bcde548f1cd794fb788d9d2a7a2ba3f8e0844beb58638b0bbdb72b08142e37deed0343c5ba9cab4e48f031dc7edb04d66a1bc44e22b4b76a0859837625def203220d265ba02c8af354126b7442ea2b29a04b6583bcc300ad236d3e0fa69acc38d000646f430616070c5a23ebd06cbbb166855bb8bf33c09114652d74bb23c3dd23bc47aa0bf0a12b3cf9e538e6c2c8178b2033fe18e8c14a549ca058bd4d373bd88999d87b83ada8d0dc59551113853f0713b528629c0c7adb7a44be24ce1279fd9925855ccd6fe5719d66d279295be965f10c9aa6837ec4e245d2938b0496b9b87c03ff6145789fc757d5086fc90a1842e19dae9074ef253d3d33cb3eda2df36051c69ee774733568236195809fe3a697ec2afb4daf99a9e5b0f3555daa1eadb7c9a16b0f7758ad5876a5c90cc9946194c86d0c85af30e646b240bb8d051dbbf9c31e62c9615c94183eadb4f49335474c94cae502805b109c83ca0a73a9278a50c5378a0f393f2a9696840cf24871365ba140d81095b4f4b6a56970ad74ff16778300ddfea900af4d4149297ab128c7e9387a1d9bc48ff09b04f37c10ce58d6ddb1b732138e18b601c3cfa421a518c0dc1952149bf30b7486bff4a1a38ffda408653dc868eb2f329529c1563ccc88ae7d387d3746396feddad0f650a9a7c5049daf01adb25b5b1b3a5b73065d91c35ee9817dbfd9e9d981e46280a6a5a3518f341b7079c95bf9aff8cb79bd75c7ddff9e59ef4bf044ad8c639913976e9dbe9ea9960b980488df916623e436828122353aaa17cc66c460090a547c10b7fb833f26165323db1589ce48000e0cf5f6f1a698093a5ac8cdd41bcd8", 0x1000}, {&(0x7f0000000580)="e2cebf2259", 0x5}, {&(0x7f00000005c0)="c977bc3ae29ae44362792080eacb08fed9a44fcd1c1ae982b2a175e49af76fb74bbe3fde4f871e84ba24b69323bc13392a6131908c0c76ef87cb45ad50f941a3a26b7d403067936563bf7f922433563f5142b4c234fc3663efdede8d13078a51ab20a07deaaabc51e6f315439641decfc298c33a7b29e8c79f099b", 0x7b}], 0x8)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r3, 0x80089419, &(0x7f0000000200))

05:56:13 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x7fc00000, 0x0)

05:56:13 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

[ 1206.653927] audit: type=1326 audit(1755410174.001:176): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8792 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:56:14 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x8cffffff00000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:56:14 executing program 1:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:56:14 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x14, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:56:14 executing program 1:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:56:14 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:56:14 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x300, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

05:56:14 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x100000000000000)

[ 1206.826848] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1206.828411] CPU: 1 UID: 0 PID: 8790 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1206.828440] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1206.828453] Call Trace:
[ 1206.828462]  <TASK>
[ 1206.828471]  dump_stack_lvl+0xfa/0x120
[ 1206.828503]  dump_header+0x107/0x950
[ 1206.828538]  oom_kill_process+0x278/0xa00
[ 1206.828571]  out_of_memory+0x34b/0x1690
[ 1206.828609]  ? __pfx_out_of_memory+0x10/0x10
[ 1206.828649]  mem_cgroup_out_of_memory+0x164/0x190
[ 1206.828682]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1206.828723]  ? mark_held_locks+0x49/0x80
[ 1206.828754]  try_charge_memcg+0x81f/0xf30
[ 1206.828791]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1206.828836]  charge_memcg+0x7b/0x290
[ 1206.828863]  __mem_cgroup_charge+0x28/0x90
[ 1206.828893]  do_wp_page+0x58c/0x3240
[ 1206.828931]  ? __pfx_do_wp_page+0x10/0x10
[ 1206.828959]  ? do_raw_spin_lock+0x123/0x260
[ 1206.828986]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1206.829013]  ? ___pte_offset_map+0x176/0x370
[ 1206.829043]  __handle_mm_fault+0xde1/0x3030
[ 1206.829070]  ? reacquire_held_locks+0xd1/0x200
[ 1206.829091]  ? lock_vma_under_rcu+0x11e/0x530
[ 1206.829128]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1206.829159]  ? lock_vma_under_rcu+0x17b/0x530
[ 1206.829207]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1206.829250]  handle_mm_fault+0x2c3/0x900
[ 1206.829278]  ? access_error+0x17d/0x380
[ 1206.829307]  do_user_addr_fault+0x4fa/0xeb0
[ 1206.829340]  exc_page_fault+0xb0/0x180
[ 1206.829364]  asm_exc_page_fault+0x26/0x30
[ 1206.829386] RIP: 0033:0x7ff98baf5d30
[ 1206.829404] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1206.829426] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1206.829444] RAX: 00000000abee663a RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1206.829460] RDX: 0000001b2cf2002c RSI: ffffffff8184c339 RDI: 0000000000000000
[ 1206.829474] RBP: 0000000000000001 R08: 00000000abee663a R09: 0000001b2cf2001c
[ 1206.829487] R10: 000000000000063a R11: 00000000abee663e R12: 0000000000000003
[ 1206.829500] R13: 00007ff98bc4f000 R14: ffffffff8184c339 R15: 00007ff98bc5aff0
[ 1206.829516]  ? perf_copy_attr+0x19/0x920
[ 1206.829570]  ? perf_copy_attr+0x19/0x920
[ 1206.829608]  </TASK>
[ 1206.862745] memory: usage 307200kB, limit 307200kB, failcnt 3065
[ 1206.863717] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1206.864688] Memory cgroup stats for /syz0:
[ 1206.864883] anon 53248
[ 1206.866007] file 312950784
[ 1206.866456] kernel 1232896
[ 1206.866932] kernel_stack 0
[ 1206.867380] pagetables 12288
[ 1206.867884] sec_pagetables 0
[ 1206.868367] percpu 0
[ 1206.868738] sock 0
[ 1206.869111] vmalloc 0
[ 1206.869497] shmem 312950784
[ 1206.869991] file_mapped 0
[ 1206.870426] file_dirty 0
[ 1206.870874] file_writeback 0
[ 1206.871355] swapcached 0
[ 1206.871772] inactive_anon 306458624
[ 1206.872385] active_anon 6545408
[ 1206.872956] inactive_file 0
[ 1206.873431] active_file 0
[ 1206.873915] unevictable 0
[ 1206.874351] slab_reclaimable 945200
[ 1206.874922] slab_unreclaimable 290640
[ 1206.875514] slab 1235840
[ 1206.875982] workingset_refault_anon 0
[ 1206.876588] workingset_refault_file 1
[ 1206.877193] workingset_activate_anon 0
[ 1206.877781] workingset_activate_file 0
[ 1206.878385] workingset_restore_anon 0
[ 1206.878984] workingset_restore_file 0
[ 1206.879549] workingset_nodereclaim 0
[ 1206.880146] pgdemote_kswapd 0
[ 1206.880645] pgdemote_direct 0
[ 1206.881159] pgdemote_khugepaged 0
[ 1206.881707] pgdemote_proactive 0
[ 1206.882255] pgscan 801
[ 1206.882650] pgsteal 9
[ 1206.883061] pswpin 0
[ 1206.883435] pswpout 0
[ 1206.883845] pgscan_kswapd 0
[ 1206.884297] pgscan_direct 801
[ 1206.884764] pgscan_khugepaged 0
[ 1206.885294] pgscan_proactive 0
[ 1206.885805] pgsteal_kswapd 0
[ 1206.886559] pgsteal_direct 9
[ 1206.887396] pgsteal_khugepaged 0
[ 1206.887998] pgsteal_proactive 0
[ 1206.888514] pgfault 88462
[ 1206.888986] pgmajfault 0
[ 1206.889409] pgrefill 768
[ 1206.889873] pgactivate 3833
[ 1206.890313] pgdeactivate 768
[ 1206.890766] pglazyfree 0
[ 1206.891199] pglazyfreed 0
[ 1206.891615] swpin_zero 0
[ 1206.892044] swpout_zero 0
[ 1206.892462] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8790,uid=0
[ 1206.894596] Memory cgroup out of memory: Killed process 8790 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
[ 1207.486516] audit: type=1326 audit(1755410174.834:177): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8792 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:56:25 executing program 1:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:56:25 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0x97ffffff00000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:56:25 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x7ff00000, 0x0)

05:56:25 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x500, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

05:56:25 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x200000000000000)

05:56:25 executing program 0:
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open$cgroup(&(0x7f0000000080)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x80}, 0x0, 0x1, 0x5}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x1, 0x40, 0x6, 0x8, 0x0, 0x3, 0x140, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x7fff, 0x1, @perf_bp={&(0x7f0000000140), 0xe}, 0x40800, 0x100, 0x8, 0x3, 0x2, 0x8, 0x679c, 0x0, 0x7, 0x0, 0x8}, 0xffffffffffffffff, 0xd, r1, 0x2)
r2 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000940)='ns/cgroup\x00')
ioctl$FIGETBSZ(r2, 0x2, &(0x7f00000019c0))
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f00000006c0)='fdinfo/3\x00')
ioctl$int_in(r1, 0x5452, &(0x7f0000000100)=0x7ff)
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
r4 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r4, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$EXT4_IOC_GET_ES_CACHE(r4, 0xc020662a, &(0x7f0000000700)={0x4, 0xff, 0x5, 0x2, 0x9, [{0x60ee, 0x4, 0x8, '\x00', 0x1e8b}, {0x11, 0x1bc5a0ec, 0x10000}, {0x1f, 0x2, 0xfff, '\x00', 0x2}, {0x4, 0x0, 0x4, '\x00', 0x5}, {0x10, 0x4e0b, 0x6, '\x00', 0x1a80}, {0x1000, 0x6, 0x1, '\x00', 0x104}, {0x7fff, 0x0, 0x9, '\x00', 0x900}, {0x7ff, 0xfffffffffffffffd, 0x3f, '\x00', 0x800}, {0x0, 0x401, 0x2, '\x00', 0x1004}]})
pread64(r3, &(0x7f0000000040)=""/156, 0x9c, 0x2)
writev(r3, &(0x7f0000000640)=[{&(0x7f0000000240)="a5a13595f51b18534fc663bce134e972e84614337d7b8aaa97c1d64c506a2647fe1c893567a4ec43a8a248dc4cbcfd407f5eb92fe1c1e2acd4baf86e28507897b9a7da5f063357faa5b61295e3e239aa22c36fa643ae063fe8a21ae5d95acffbfbeacc4b272784f768552dc9cc63d59983688bccb57bf3b648505a37a8b170a208340de0cb7217a27b9d1e7513d0ab54b53ff2c0bbb581c345a5db8148e65725e7e44ca19e38686095eb28b3299c5b1a0f", 0xb1}, {&(0x7f0000000300)="0600a55cb74f3d3614d5de786d287e85d93dc1209805e9cc941a7486d09871bdf0df10b9028e3a60a1059e07f52f3d656e9a2ccbd803a40631afb57ccddac6e86a9f91", 0x43}, {&(0x7f0000000380)="260222db97b30430f95a9f3f2f086656d275a804f060435fd84e854e2090f1a2688e03b9e38d48f848b200877171e9bea921f735ba4327ba85accd940b5ae0203beea065e78d4af59fea56ce521df67bd68db0917e496b7fd2aa5169e5cfa6d85c2e1524c832f5081a689767f690a463806a83354ba46ee446595b97e97bcf4e8f364f10db3d48149387b9e8533fe03dd9ff70037162e8fcf5de63b07e1ba9556846e94cc50f15209974b41655a73e7eee774c443fb63b10eb83024345f33e7cdcf9d42428207bd983", 0xc9}, {&(0x7f0000000480)="284816eb85d51752295f21977ce41ab1c9b038d9158211893f9d1b26e2ef717bc6d7a8973cb2f3c6a2", 0x29}, {&(0x7f00000004c0)="efead5c98c232d01f2c6ff1c23f80ccd34f4c82763a890247f10b82d2af474235c876f9da339c1cc6f134c2b1010f634233b362bd6e24abf0a5feffb1528727d07a17007743ce0c1cb61d96121d783f11056ddfd20eb37beed0940802441e897afaa41b7185a5f92198533024323eaa114c8c669bd35960a943e62fe97b0790a3c98e322128e527ab0d1d5aa7c49c0f71aaefd47da921d172bdcf34c505a9b024475499c9428fad8ab0250e99b2b09c35cfb11baaa24", 0xb6}, {&(0x7f00000009c0)="4c2823f6e8d385c6dc23bb563e495863c7d21c3f3aa1085c13ab873aad496c45a85caabdac8906a53979dce0709871232e8787f531942f7847573153444d564e2953bdddf4dd0de69da5f23f0c7d841985994bec8ac6f1588d233e2a210f55b51c635b3732e80d113bf46e831af7cd5b94e696a6981df3a935c431be3c3eab98042dc1b2e1a868f2141a46e4d870851fac658d030a57b0e3763c9cd24d4085c7fd108fdeeeb24ad97af56f4e84b55dc00fe5d7342872e2f14fea71c07eb13208c18924638683c3ef9a16e7f9aed8ff9897f8458cdfa8c2bc3c1f5494fb4cfb9ca8078feea30446a4e84308a1bab25805cb42dada9b4f3bed9a439cba8ba3d0655b94ce3306aadb6ead65f78a51fc2eea0071f156ecf1eeed5e441a4cfaa2cac3e7fc1ec0ae1ee762b7aa950209fcd8a295b837e706c11d8e5f21cd1bc0ad72709332f9eadd2e890ddbf8d64cfd9ab69c387619cdf31476829bb4fb9a7d8a6bfc65c9d802289bb2755bd16831699deb4e89408c7bb20c6c0cfa651cb69a067ca372e60ff5c72f99d8c3e68ee1f615532daa8d6d5fcd078a58638fe11e8d70ad381373086fa8c1469ab83fc8c0004f334cc6193387eabce63ea2a25817dea9356e783d10cca94cce6961ed8eaa814a214654ed9a3459bba6fe25c5ecca446ee35e88930d6efe5db0632d44949174bd185d750929677194149c82e563f4d9789f62464c661cc332ffe62e525bf61a1ebc56995ed7f21ea7bfa33516232d205c906c4dfe08a1d0f62d86d18056a89f75529c9892796781a6389660fe8527202027b596e2099283080592d7fcb6f516995874c07dcd24f3a18a851f95a3fa1eb88503c55c6d01a179db53a5570a39e3d6ee33cf810913a330f7c620e20b167ad5e394ab33fe3805b9b2a586d6458d4e0c2aab2bfadc4189f7a7e02ff43ad32f4d637d80686b613cdaee28fd56cfed9b118932d15e5f9236991ad4bef66aeacf55044faf21506670f8cd22331026730fac04c9540ee3a8ea9cf5032e93abcae82ce3257415a07bddc2adba196caac53ac98d8fc4169718c5ae40269fc917e1d2fa84156e04e8181abb6e8f91f134e7a93739af481d818f8ea5244ed0a012daa84d267edfbdc15e75e19759b91c0fd1051ff52864938be74a93b36aa6261452f49b11faa328801d6cc74a20d969a03fda7926f3f870bca5e2bef5a0d673b74198e7ffb4088fb0d4cfce0f37eb1720f4f74ca38574b7b359f28f663a98bfa305dcad9ad530ed41b8318b93af70b5e414125378794de31b05f9234712c653f2063bc07cbddd24e4b970120483d80541376ee6ea9cf499355f76b35c89dcf8f04c78070eeffcaa60872ee90e75a52628d387bba48e903c9d0372dc05c78750c7c17a8c5077b06404abd88374b8eabd75a1df3c5a8eb3e1746d83681a114afa8a3835e802a002cc863fd90c49f966688a173105464b2fa28cd3d401fa1131ea091390dea5b1ed59ea2adb5c0e863c5e4a9424c9937b6c7af21a1a1ce0bc1fa6e65340e87e7ebc71018945fbf7e0ae3ab7890f0cf88704cd90f2b28163cc063c5d79b87adb6d405f8c7fd7e1a424f2326ad160543d9812e081ce7b8e72454e0e44405188b9f0847c5983501f1638baef68427b2f493268a955c35e6a21f3aef5dc04353a090e5b57759e0dffb51f0f7d4808a094353d3bab48d75bfa9824197b0060f0f3e9b0f8619bd6d8520702e0e632d323673add7006bd04b826af2f58b03da3a86b4f4fc28f74a3bc25818b9dcddd15cda4377b718ca68da28064a4ad2490a4ef43badbf61e43b1487190176719e8254abf1bd4ff625fbdd9f4e007f0d052596c3654f66c7f08fccca1232d22575d18bf94a8fac0d101d4c7d1603d19e72832c108ef08910cf5cfdcc8d7f928c96b211dcd784294538ac638852297aac51c89839422668bede5aaae2110f5bd3b2407b0f129248bc1ee1b25fb3075c4050c131e86d31d56d33ff7b012e72b615de0496047b11d830f64a3170389bd5ecf425ddd8c2aed5be8c7c18aa88bfa5c4e35b77d5c2e017e18fc575d039f8c92c6bee0ef9f483eccec7f18a66b32833b3970f7ac93785d67abba8e663f8ca0c284ec0e80bd3d6acab2beef8f4bd520e53dc550f620e59d32dd946ec6043748de90d419d64962159f564516a0a7033da9ee5cfe8bd9dfae752b7dba65a5fa6c105766612d58ae187e60e98da6e86a862e18a3da1510c4e5320a837bd8d168ab7de918d8a4100b585fc47cda583c894afa8e89076f1b96a2ea067a7937f6d922f4b202a0091f6e7a0f1a9364d3817f88ff34dd4d8fcadf510817c1baaba93241dfc74eb4e656a3177d75ecca7834816cd30f9931ddb2013f9748ee5a1390cf06d248b12032dfc56d8f8498a99f0ee338f816595269d6132fbaebdb7942ee749237bac8ed3159c96e600b98d439022792bffd981f352c385b1e4ebafba618b080917f7ac27f6583fcdac02f0bad7d77478f2ac7673ecaf0a5141f751c5ab03f8416c242fb8a002e40f4a87ba16d7c2346c5269975ad0b869dc1e82ea11038cc1db9a94f4cf27489d70f1102560c6ca8db53422b89c867351f1e3c64a1b35517c2376bbc4c4564608674a7ad40a05a5c06795bfee57cdc8b7de405521f5abde0376f8a33784a29f78cc02db7c2eac70e413bddd84c6025f46edc6ed76c58b4896f59528e4983e4c04cd111148d5bced654993ddf0e498e5063e87f4ab39bd8719b54fc415a3accba924b8d17cb22ea8af8d03d69cfeeaa2159c1194bd02ec1a58efd15a0dce68c3d9f1c9f958a9a53e331cd5bc279df5b7e54304f26bdcf6a77ec97cc10b6a5084a8f2f5e456b0e8e4412de71c9da093183060c3e64460e373ad617d187a4f368b74b8ddbe100c5e6ab9bd24b79bf58b801ad59f1ffd9a50c08b60c84078815f649538a4000d40c43bb07562aa1fbe06ad2f183ca9f6896990d6a5f3f51ac4605d2ffd2dd2bf3ed8975fcfffdbbb26d2b02926408157344d8a33a974d74d52fdef12bd32a1bf2c65efa8a26cb89be5229d76db83ee71d68e5341e99a23e05a40f3d72cec6fc7e55c23ab788fc2ca35a48c9f356548cec5ec47a543db215831e54e6af286459a3ef25236b2add03b176d06ea599c5064fc2fc0c7fabd2de73ef5c253174547d1e52ae49a5c2da632fa7c5dd45b7dd594133cc94c3f91c10a8cf8272fbca1c1a9ef151d74bfb31fded69a748e1d71db858fbde95165a9092fbbacf9e138ba4e70355f27033ec7023f17b07977137695523ee3978e3569b39aa19222762b9f1c539dbcd9fc7b3a4a33cb54d5168a1443ca6edbdc34d87d0ec20616367adb2b2d54ce50ee19c9526a68f7636aae71f47fa85a42c0d8bbf41f846b29c6bf73ae0aa82ef681e686130c321e0b67cb21302cb2c2b927bb33375187b33dc01e77eba95f48a10c18761c42b066dd92e5cae3267afd36d85712344497208bbcf3d9a03942d47bbcbf3b03c989260aad2cbb57a84b460d05c92f65d564eda6e5d2fd25088f017d03d485c841f3e99e3ca01a04cc1d6d2dc1da3f75124e7136712ae57cb6bb5100a212e01d82b59371fe65a7b15cfb57762ed2b473d8c37b9243a936eefe9db4386d66553c45f80a5dc28602cd67516c5fb806e488c4d0a7db8a7b411cdf3ef76d26b463e18141905987757b2e0af95a352b93693c45b4945ffdd80c7e6af4a3532cfa2bf50abf652e56a74eb16f9e48420e4f86e1dcb9af82d8238c30048bf6b4fc7e0d7380150ffb449c5e83ab94f8ff81e2bed68b8d8172a0a06f313d6d870e69ad2ddd471f8e606cd84b21d222b8e977b21c6b271710b40d9003ada2655384869846edef7b69d0a4d3346af77d905eaf662412411c77151d5a6f5d16d4a135a5a825e7f1ca878b2db156eba6ef0d64befd7ea9a89c34dd65599c89cca16990d94a59f23f47f2fdd5b6803e4b8ca7a8a5e5fe0175c49ae1dcf0ebfd4b8bfdb9ace17094aee020828c9d359743eabd74f06823832374fddca0d9db5aaf4c8c40fa14348abbcf4d05bfe5f926b0e26bc0b9564634fc0e39b78934173cc7fa0e77b9db56891b1c5f18de0b49e7f3fab28ca482932514c65c5f0f8f518d31a4fd6f453d068920e47a28f9fb9a1182436f8e4321d7b10e21b73261703b6ad74941c2ec0d2d091a56e256992ac4b2fbac495343321a3caf5d25c4eb37f37876a08396f3310486d42e7a8b528f948345fca8146d428c66725aa5309018814f0316741245357920446f27eee04e9a8c0fd98dd8f0e8ef777fb50857a9959cf03aff80197d2509b16a0f79d7c3304cc304c9d831e7eb7eae996fd3bfe1af56c9711ff85467e0f9c78aabcf480e884884489188f372dc4746099c87165589b24e265557c159862065770d032a8ccade97680c6a5e2b298946d92cf5ce20a552afd201e31dd39973c8ea8f70381d20e564382f603d4a6e4f3f4c96be92c214fa3875b8232ff309ced92d2f142ee5125cb8eeadf4a56629c5db69c8cff4943b08695079a08642b7135902ae8b3ea7ecae3654317e7d66554962cdbeb6e02e95993fb79f0f664d6f3724fc147b8c6c29f96316cee291d67a22d13073a152aedebf990f4cb1a4926ab61c7b8245f9dceeac3cd40c05f605041c04bdc5e1c89f5f7fc7f986e7e7861ec626870e15653fe4c76f22f3d8f7cb899030c88ac38777d6ddef28585e6eda2ed96e1a03308893261a5e47017e97ba8bf34ae401b0eca27de55f58f9d72eaba8b449109127b4c7ac65692d33ca16cec83fd901bbea788419449b38d19d4398752bc89edc2acb74b0d39e3c79ba98f3d1aae99d85615d39092e30f025d90d1ebb02fe1f7d194b2007bc4e23333d2388168ce25e1afbc4f8b06cfbf57aeeeec99ab4719ab6ce8fda8d61b95bcc4a69ec88ec0f673c560472bf29762062a93848bcde548f1cd794fb788d9d2a7a2ba3f8e0844beb58638b0bbdb72b08142e37deed0343c5ba9cab4e48f031dc7edb04d66a1bc44e22b4b76a0859837625def203220d265ba02c8af354126b7442ea2b29a04b6583bcc300ad236d3e0fa69acc38d000646f430616070c5a23ebd06cbbb166855bb8bf33c09114652d74bb23c3dd23bc47aa0bf0a12b3cf9e538e6c2c8178b2033fe18e8c14a549ca058bd4d373bd88999d87b83ada8d0dc59551113853f0713b528629c0c7adb7a44be24ce1279fd9925855ccd6fe5719d66d279295be965f10c9aa6837ec4e245d2938b0496b9b87c03ff6145789fc757d5086fc90a1842e19dae9074ef253d3d33cb3eda2df36051c69ee774733568236195809fe3a697ec2afb4daf99a9e5b0f3555daa1eadb7c9a16b0f7758ad5876a5c90cc9946194c86d0c85af30e646b240bb8d051dbbf9c31e62c9615c94183eadb4f49335474c94cae502805b109c83ca0a73a9278a50c5378a0f393f2a9696840cf24871365ba140d81095b4f4b6a56970ad74ff16778300ddfea900af4d4149297ab128c7e9387a1d9bc48ff09b04f37c10ce58d6ddb1b732138e18b601c3cfa421a518c0dc1952149bf30b7486bff4a1a38ffda408653dc868eb2f329529c1563ccc88ae7d387d3746396feddad0f650a9a7c5049daf01adb25b5b1b3a5b73065d91c35ee9817dbfd9e9d981e46280a6a5a3518f341b7079c95bf9aff8cb79bd75c7ddff9e59ef4bf044ad8c639913976e9dbe9ea9960b980488df916623e436828122353aaa17cc66c460090a547c10b7fb833f26165323db1589ce48000e0cf5f6f1a698093a5ac8cdd41bcd8", 0x1000}, {&(0x7f0000000580)="e2cebf2259", 0x5}, {&(0x7f00000005c0)="c977bc3ae29ae44362792080eacb08fed9a44fcd1c1ae982b2a175e49af76fb74bbe3fde4f871e84ba24b69323bc13392a6131908c0c76ef87cb45ad50f941a3a26b7d403067936563bf7f922433563f5142b4c234fc3663efdede8d13078a51ab20a07deaaabc51e6f315439641decfc298c33a7b29e8c79f099b", 0x7b}], 0x8)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r3, 0x80089419, &(0x7f0000000200))

05:56:25 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:56:25 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x15, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

[ 1217.734538] audit: type=1326 audit(1755410185.081:178): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8826 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
[ 1217.808589] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1217.809495] CPU: 0 UID: 0 PID: 8832 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1217.809513] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1217.809522] Call Trace:
[ 1217.809527]  <TASK>
[ 1217.809532]  dump_stack_lvl+0xfa/0x120
[ 1217.809553]  dump_header+0x107/0x950
[ 1217.809574]  oom_kill_process+0x278/0xa00
[ 1217.809593]  out_of_memory+0x34b/0x1690
[ 1217.809614]  ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 1217.809634]  ? __pfx_out_of_memory+0x10/0x10
[ 1217.809658]  mem_cgroup_out_of_memory+0x164/0x190
[ 1217.809678]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1217.809702]  ? mark_held_locks+0x49/0x80
[ 1217.809720]  try_charge_memcg+0x81f/0xf30
[ 1217.809742]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1217.809765]  charge_memcg+0x7b/0x290
[ 1217.809780]  __mem_cgroup_charge+0x28/0x90
[ 1217.809798]  do_wp_page+0x58c/0x3240
[ 1217.809825]  ? __pfx_do_wp_page+0x10/0x10
[ 1217.809841]  ? do_raw_spin_lock+0x123/0x260
[ 1217.809857]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1217.809873]  ? ___pte_offset_map+0x176/0x370
[ 1217.809890]  __handle_mm_fault+0xde1/0x3030
[ 1217.809911]  ? reacquire_held_locks+0xd1/0x200
[ 1217.809924]  ? lock_vma_under_rcu+0x11e/0x530
[ 1217.809946]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1217.809964]  ? lock_vma_under_rcu+0x17b/0x530
[ 1217.809996]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1217.810025]  handle_mm_fault+0x2c3/0x900
[ 1217.810053]  ? access_error+0x17d/0x380
[ 1217.810071]  do_user_addr_fault+0x4fa/0xeb0
[ 1217.810092]  exc_page_fault+0xb0/0x180
[ 1217.810110]  asm_exc_page_fault+0x26/0x30
[ 1217.810123] RIP: 0033:0x7ff98baf5d30
[ 1217.810134] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1217.810149] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1217.810163] RAX: 00000000abee663a RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1217.810172] RDX: 0000001b2cf2002c RSI: ffffffff8184c339 RDI: 0000000000000000
[ 1217.810180] RBP: 0000000000000001 R08: 00000000abee663a R09: 0000001b2cf2001c
[ 1217.810188] R10: 000000000000063a R11: 00000000abee663e R12: 0000000000000003
[ 1217.810196] R13: 00007ff98bc4f000 R14: ffffffff8184c339 R15: 00007ff98bc5aff0
[ 1217.810205]  ? perf_copy_attr+0x19/0x920
[ 1217.810233]  ? perf_copy_attr+0x19/0x920
[ 1217.810255]  </TASK>
[ 1217.828684] memory: usage 307200kB, limit 307200kB, failcnt 3102
[ 1217.829373] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
05:56:25 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xbfffffffffffffff, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[ 1217.830045] Memory cgroup stats for /syz0:
[ 1217.843191] anon 122880
[ 1217.844462] file 312950784
[ 1217.844988] kernel 1499136
[ 1217.845479] kernel_stack 65536
[ 1217.846092] pagetables 155648
[ 1217.846648] sec_pagetables 0
[ 1217.847193] percpu 64
[ 1217.847608] sock 0
[ 1217.848031] vmalloc 0
[ 1217.848452] shmem 312950784
[ 1217.848975] file_mapped 0
[ 1217.849453] file_dirty 0
[ 1217.849933] file_writeback 0
[ 1217.850469] swapcached 0
[ 1217.850953] inactive_anon 306515968
[ 1217.851565] active_anon 6545408
[ 1217.852164] inactive_file 0
[ 1217.852667] active_file 0
[ 1217.853162] unevictable 0
[ 1217.853635] slab_reclaimable 949424
[ 1217.854276] slab_unreclaimable 344528
[ 1217.854936] slab 1293952
[ 1217.855397] workingset_refault_anon 0
[ 1217.856053] workingset_refault_file 1
[ 1217.856679] workingset_activate_anon 0
[ 1217.857362] workingset_activate_file 0
[ 1217.858031] workingset_restore_anon 0
[ 1217.858680] workingset_restore_file 0
[ 1217.859341] workingset_nodereclaim 0
[ 1217.859991] pgdemote_kswapd 0
[ 1217.860519] pgdemote_direct 0
[ 1217.861093] pgdemote_khugepaged 0
[ 1217.861696] pgdemote_proactive 0
[ 1217.862333] pgscan 801
[ 1217.862780] pgsteal 9
[ 1217.863245] pswpin 0
[ 1217.863665] pswpout 0
[ 1217.864120] pgscan_kswapd 0
[ 1217.864621] pgscan_direct 801
[ 1217.865192] pgscan_khugepaged 0
[ 1217.865752] pgscan_proactive 0
[ 1217.866336] pgsteal_kswapd 0
[ 1217.866891] pgsteal_direct 9
[ 1217.867415] pgsteal_khugepaged 0
[ 1217.868020] pgsteal_proactive 0
[ 1217.868593] pgfault 88547
[ 1217.869097] pgmajfault 0
[ 1217.869563] pgrefill 768
[ 1217.870082] pgactivate 3833
[ 1217.870588] pgdeactivate 768
[ 1217.871143] pglazyfree 0
[ 1217.871619] pglazyfreed 0
[ 1217.872176] swpin_zero 0
[ 1217.872644] swpout_zero 0
[ 1217.873163] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8832,uid=0
[ 1217.876091] Memory cgroup out of memory: Killed process 8832 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
05:56:25 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:56:25 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x300000000000000)

05:56:25 executing program 1:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:56:25 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xc118000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:56:25 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x600, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

05:56:25 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

[ 1218.566597] audit: type=1326 audit(1755410185.914:179): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8826 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:56:36 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x7ffc0000, 0x0)

05:56:36 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:56:36 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x700, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

05:56:36 executing program 3:
syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:56:36 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xd00c000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:56:36 executing program 0:
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open$cgroup(&(0x7f0000000080)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x80}, 0x0, 0x1, 0x5}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x1, 0x40, 0x6, 0x8, 0x0, 0x3, 0x140, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x7fff, 0x1, @perf_bp={&(0x7f0000000140), 0xe}, 0x40800, 0x100, 0x8, 0x3, 0x2, 0x8, 0x679c, 0x0, 0x7, 0x0, 0x8}, 0xffffffffffffffff, 0xd, r1, 0x2)
r2 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000940)='ns/cgroup\x00')
ioctl$FIGETBSZ(r2, 0x2, &(0x7f00000019c0))
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f00000006c0)='fdinfo/3\x00')
ioctl$int_in(r1, 0x5452, &(0x7f0000000100)=0x7ff)
r3 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
r4 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r4, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$EXT4_IOC_GET_ES_CACHE(r4, 0xc020662a, &(0x7f0000000700)={0x4, 0xff, 0x5, 0x2, 0x9, [{0x60ee, 0x4, 0x8, '\x00', 0x1e8b}, {0x11, 0x1bc5a0ec, 0x10000}, {0x1f, 0x2, 0xfff, '\x00', 0x2}, {0x4, 0x0, 0x4, '\x00', 0x5}, {0x10, 0x4e0b, 0x6, '\x00', 0x1a80}, {0x1000, 0x6, 0x1, '\x00', 0x104}, {0x7fff, 0x0, 0x9, '\x00', 0x900}, {0x7ff, 0xfffffffffffffffd, 0x3f, '\x00', 0x800}, {0x0, 0x401, 0x2, '\x00', 0x1004}]})
pread64(r3, &(0x7f0000000040)=""/156, 0x9c, 0x2)
writev(r3, &(0x7f0000000640)=[{&(0x7f0000000240)="a5a13595f51b18534fc663bce134e972e84614337d7b8aaa97c1d64c506a2647fe1c893567a4ec43a8a248dc4cbcfd407f5eb92fe1c1e2acd4baf86e28507897b9a7da5f063357faa5b61295e3e239aa22c36fa643ae063fe8a21ae5d95acffbfbeacc4b272784f768552dc9cc63d59983688bccb57bf3b648505a37a8b170a208340de0cb7217a27b9d1e7513d0ab54b53ff2c0bbb581c345a5db8148e65725e7e44ca19e38686095eb28b3299c5b1a0f", 0xb1}, {&(0x7f0000000300)="0600a55cb74f3d3614d5de786d287e85d93dc1209805e9cc941a7486d09871bdf0df10b9028e3a60a1059e07f52f3d656e9a2ccbd803a40631afb57ccddac6e86a9f91", 0x43}, {&(0x7f0000000380)="260222db97b30430f95a9f3f2f086656d275a804f060435fd84e854e2090f1a2688e03b9e38d48f848b200877171e9bea921f735ba4327ba85accd940b5ae0203beea065e78d4af59fea56ce521df67bd68db0917e496b7fd2aa5169e5cfa6d85c2e1524c832f5081a689767f690a463806a83354ba46ee446595b97e97bcf4e8f364f10db3d48149387b9e8533fe03dd9ff70037162e8fcf5de63b07e1ba9556846e94cc50f15209974b41655a73e7eee774c443fb63b10eb83024345f33e7cdcf9d42428207bd983", 0xc9}, {&(0x7f0000000480)="284816eb85d51752295f21977ce41ab1c9b038d9158211893f9d1b26e2ef717bc6d7a8973cb2f3c6a2", 0x29}, {&(0x7f00000004c0)="efead5c98c232d01f2c6ff1c23f80ccd34f4c82763a890247f10b82d2af474235c876f9da339c1cc6f134c2b1010f634233b362bd6e24abf0a5feffb1528727d07a17007743ce0c1cb61d96121d783f11056ddfd20eb37beed0940802441e897afaa41b7185a5f92198533024323eaa114c8c669bd35960a943e62fe97b0790a3c98e322128e527ab0d1d5aa7c49c0f71aaefd47da921d172bdcf34c505a9b024475499c9428fad8ab0250e99b2b09c35cfb11baaa24", 0xb6}, {&(0x7f00000009c0)="4c2823f6e8d385c6dc23bb563e495863c7d21c3f3aa1085c13ab873aad496c45a85caabdac8906a53979dce0709871232e8787f531942f7847573153444d564e2953bdddf4dd0de69da5f23f0c7d841985994bec8ac6f1588d233e2a210f55b51c635b3732e80d113bf46e831af7cd5b94e696a6981df3a935c431be3c3eab98042dc1b2e1a868f2141a46e4d870851fac658d030a57b0e3763c9cd24d4085c7fd108fdeeeb24ad97af56f4e84b55dc00fe5d7342872e2f14fea71c07eb13208c18924638683c3ef9a16e7f9aed8ff9897f8458cdfa8c2bc3c1f5494fb4cfb9ca8078feea30446a4e84308a1bab25805cb42dada9b4f3bed9a439cba8ba3d0655b94ce3306aadb6ead65f78a51fc2eea0071f156ecf1eeed5e441a4cfaa2cac3e7fc1ec0ae1ee762b7aa950209fcd8a295b837e706c11d8e5f21cd1bc0ad72709332f9eadd2e890ddbf8d64cfd9ab69c387619cdf31476829bb4fb9a7d8a6bfc65c9d802289bb2755bd16831699deb4e89408c7bb20c6c0cfa651cb69a067ca372e60ff5c72f99d8c3e68ee1f615532daa8d6d5fcd078a58638fe11e8d70ad381373086fa8c1469ab83fc8c0004f334cc6193387eabce63ea2a25817dea9356e783d10cca94cce6961ed8eaa814a214654ed9a3459bba6fe25c5ecca446ee35e88930d6efe5db0632d44949174bd185d750929677194149c82e563f4d9789f62464c661cc332ffe62e525bf61a1ebc56995ed7f21ea7bfa33516232d205c906c4dfe08a1d0f62d86d18056a89f75529c9892796781a6389660fe8527202027b596e2099283080592d7fcb6f516995874c07dcd24f3a18a851f95a3fa1eb88503c55c6d01a179db53a5570a39e3d6ee33cf810913a330f7c620e20b167ad5e394ab33fe3805b9b2a586d6458d4e0c2aab2bfadc4189f7a7e02ff43ad32f4d637d80686b613cdaee28fd56cfed9b118932d15e5f9236991ad4bef66aeacf55044faf21506670f8cd22331026730fac04c9540ee3a8ea9cf5032e93abcae82ce3257415a07bddc2adba196caac53ac98d8fc4169718c5ae40269fc917e1d2fa84156e04e8181abb6e8f91f134e7a93739af481d818f8ea5244ed0a012daa84d267edfbdc15e75e19759b91c0fd1051ff52864938be74a93b36aa6261452f49b11faa328801d6cc74a20d969a03fda7926f3f870bca5e2bef5a0d673b74198e7ffb4088fb0d4cfce0f37eb1720f4f74ca38574b7b359f28f663a98bfa305dcad9ad530ed41b8318b93af70b5e414125378794de31b05f9234712c653f2063bc07cbddd24e4b970120483d80541376ee6ea9cf499355f76b35c89dcf8f04c78070eeffcaa60872ee90e75a52628d387bba48e903c9d0372dc05c78750c7c17a8c5077b06404abd88374b8eabd75a1df3c5a8eb3e1746d83681a114afa8a3835e802a002cc863fd90c49f966688a173105464b2fa28cd3d401fa1131ea091390dea5b1ed59ea2adb5c0e863c5e4a9424c9937b6c7af21a1a1ce0bc1fa6e65340e87e7ebc71018945fbf7e0ae3ab7890f0cf88704cd90f2b28163cc063c5d79b87adb6d405f8c7fd7e1a424f2326ad160543d9812e081ce7b8e72454e0e44405188b9f0847c5983501f1638baef68427b2f493268a955c35e6a21f3aef5dc04353a090e5b57759e0dffb51f0f7d4808a094353d3bab48d75bfa9824197b0060f0f3e9b0f8619bd6d8520702e0e632d323673add7006bd04b826af2f58b03da3a86b4f4fc28f74a3bc25818b9dcddd15cda4377b718ca68da28064a4ad2490a4ef43badbf61e43b1487190176719e8254abf1bd4ff625fbdd9f4e007f0d052596c3654f66c7f08fccca1232d22575d18bf94a8fac0d101d4c7d1603d19e72832c108ef08910cf5cfdcc8d7f928c96b211dcd784294538ac638852297aac51c89839422668bede5aaae2110f5bd3b2407b0f129248bc1ee1b25fb3075c4050c131e86d31d56d33ff7b012e72b615de0496047b11d830f64a3170389bd5ecf425ddd8c2aed5be8c7c18aa88bfa5c4e35b77d5c2e017e18fc575d039f8c92c6bee0ef9f483eccec7f18a66b32833b3970f7ac93785d67abba8e663f8ca0c284ec0e80bd3d6acab2beef8f4bd520e53dc550f620e59d32dd946ec6043748de90d419d64962159f564516a0a7033da9ee5cfe8bd9dfae752b7dba65a5fa6c105766612d58ae187e60e98da6e86a862e18a3da1510c4e5320a837bd8d168ab7de918d8a4100b585fc47cda583c894afa8e89076f1b96a2ea067a7937f6d922f4b202a0091f6e7a0f1a9364d3817f88ff34dd4d8fcadf510817c1baaba93241dfc74eb4e656a3177d75ecca7834816cd30f9931ddb2013f9748ee5a1390cf06d248b12032dfc56d8f8498a99f0ee338f816595269d6132fbaebdb7942ee749237bac8ed3159c96e600b98d439022792bffd981f352c385b1e4ebafba618b080917f7ac27f6583fcdac02f0bad7d77478f2ac7673ecaf0a5141f751c5ab03f8416c242fb8a002e40f4a87ba16d7c2346c5269975ad0b869dc1e82ea11038cc1db9a94f4cf27489d70f1102560c6ca8db53422b89c867351f1e3c64a1b35517c2376bbc4c4564608674a7ad40a05a5c06795bfee57cdc8b7de405521f5abde0376f8a33784a29f78cc02db7c2eac70e413bddd84c6025f46edc6ed76c58b4896f59528e4983e4c04cd111148d5bced654993ddf0e498e5063e87f4ab39bd8719b54fc415a3accba924b8d17cb22ea8af8d03d69cfeeaa2159c1194bd02ec1a58efd15a0dce68c3d9f1c9f958a9a53e331cd5bc279df5b7e54304f26bdcf6a77ec97cc10b6a5084a8f2f5e456b0e8e4412de71c9da093183060c3e64460e373ad617d187a4f368b74b8ddbe100c5e6ab9bd24b79bf58b801ad59f1ffd9a50c08b60c84078815f649538a4000d40c43bb07562aa1fbe06ad2f183ca9f6896990d6a5f3f51ac4605d2ffd2dd2bf3ed8975fcfffdbbb26d2b02926408157344d8a33a974d74d52fdef12bd32a1bf2c65efa8a26cb89be5229d76db83ee71d68e5341e99a23e05a40f3d72cec6fc7e55c23ab788fc2ca35a48c9f356548cec5ec47a543db215831e54e6af286459a3ef25236b2add03b176d06ea599c5064fc2fc0c7fabd2de73ef5c253174547d1e52ae49a5c2da632fa7c5dd45b7dd594133cc94c3f91c10a8cf8272fbca1c1a9ef151d74bfb31fded69a748e1d71db858fbde95165a9092fbbacf9e138ba4e70355f27033ec7023f17b07977137695523ee3978e3569b39aa19222762b9f1c539dbcd9fc7b3a4a33cb54d5168a1443ca6edbdc34d87d0ec20616367adb2b2d54ce50ee19c9526a68f7636aae71f47fa85a42c0d8bbf41f846b29c6bf73ae0aa82ef681e686130c321e0b67cb21302cb2c2b927bb33375187b33dc01e77eba95f48a10c18761c42b066dd92e5cae3267afd36d85712344497208bbcf3d9a03942d47bbcbf3b03c989260aad2cbb57a84b460d05c92f65d564eda6e5d2fd25088f017d03d485c841f3e99e3ca01a04cc1d6d2dc1da3f75124e7136712ae57cb6bb5100a212e01d82b59371fe65a7b15cfb57762ed2b473d8c37b9243a936eefe9db4386d66553c45f80a5dc28602cd67516c5fb806e488c4d0a7db8a7b411cdf3ef76d26b463e18141905987757b2e0af95a352b93693c45b4945ffdd80c7e6af4a3532cfa2bf50abf652e56a74eb16f9e48420e4f86e1dcb9af82d8238c30048bf6b4fc7e0d7380150ffb449c5e83ab94f8ff81e2bed68b8d8172a0a06f313d6d870e69ad2ddd471f8e606cd84b21d222b8e977b21c6b271710b40d9003ada2655384869846edef7b69d0a4d3346af77d905eaf662412411c77151d5a6f5d16d4a135a5a825e7f1ca878b2db156eba6ef0d64befd7ea9a89c34dd65599c89cca16990d94a59f23f47f2fdd5b6803e4b8ca7a8a5e5fe0175c49ae1dcf0ebfd4b8bfdb9ace17094aee020828c9d359743eabd74f06823832374fddca0d9db5aaf4c8c40fa14348abbcf4d05bfe5f926b0e26bc0b9564634fc0e39b78934173cc7fa0e77b9db56891b1c5f18de0b49e7f3fab28ca482932514c65c5f0f8f518d31a4fd6f453d068920e47a28f9fb9a1182436f8e4321d7b10e21b73261703b6ad74941c2ec0d2d091a56e256992ac4b2fbac495343321a3caf5d25c4eb37f37876a08396f3310486d42e7a8b528f948345fca8146d428c66725aa5309018814f0316741245357920446f27eee04e9a8c0fd98dd8f0e8ef777fb50857a9959cf03aff80197d2509b16a0f79d7c3304cc304c9d831e7eb7eae996fd3bfe1af56c9711ff85467e0f9c78aabcf480e884884489188f372dc4746099c87165589b24e265557c159862065770d032a8ccade97680c6a5e2b298946d92cf5ce20a552afd201e31dd39973c8ea8f70381d20e564382f603d4a6e4f3f4c96be92c214fa3875b8232ff309ced92d2f142ee5125cb8eeadf4a56629c5db69c8cff4943b08695079a08642b7135902ae8b3ea7ecae3654317e7d66554962cdbeb6e02e95993fb79f0f664d6f3724fc147b8c6c29f96316cee291d67a22d13073a152aedebf990f4cb1a4926ab61c7b8245f9dceeac3cd40c05f605041c04bdc5e1c89f5f7fc7f986e7e7861ec626870e15653fe4c76f22f3d8f7cb899030c88ac38777d6ddef28585e6eda2ed96e1a03308893261a5e47017e97ba8bf34ae401b0eca27de55f58f9d72eaba8b449109127b4c7ac65692d33ca16cec83fd901bbea788419449b38d19d4398752bc89edc2acb74b0d39e3c79ba98f3d1aae99d85615d39092e30f025d90d1ebb02fe1f7d194b2007bc4e23333d2388168ce25e1afbc4f8b06cfbf57aeeeec99ab4719ab6ce8fda8d61b95bcc4a69ec88ec0f673c560472bf29762062a93848bcde548f1cd794fb788d9d2a7a2ba3f8e0844beb58638b0bbdb72b08142e37deed0343c5ba9cab4e48f031dc7edb04d66a1bc44e22b4b76a0859837625def203220d265ba02c8af354126b7442ea2b29a04b6583bcc300ad236d3e0fa69acc38d000646f430616070c5a23ebd06cbbb166855bb8bf33c09114652d74bb23c3dd23bc47aa0bf0a12b3cf9e538e6c2c8178b2033fe18e8c14a549ca058bd4d373bd88999d87b83ada8d0dc59551113853f0713b528629c0c7adb7a44be24ce1279fd9925855ccd6fe5719d66d279295be965f10c9aa6837ec4e245d2938b0496b9b87c03ff6145789fc757d5086fc90a1842e19dae9074ef253d3d33cb3eda2df36051c69ee774733568236195809fe3a697ec2afb4daf99a9e5b0f3555daa1eadb7c9a16b0f7758ad5876a5c90cc9946194c86d0c85af30e646b240bb8d051dbbf9c31e62c9615c94183eadb4f49335474c94cae502805b109c83ca0a73a9278a50c5378a0f393f2a9696840cf24871365ba140d81095b4f4b6a56970ad74ff16778300ddfea900af4d4149297ab128c7e9387a1d9bc48ff09b04f37c10ce58d6ddb1b732138e18b601c3cfa421a518c0dc1952149bf30b7486bff4a1a38ffda408653dc868eb2f329529c1563ccc88ae7d387d3746396feddad0f650a9a7c5049daf01adb25b5b1b3a5b73065d91c35ee9817dbfd9e9d981e46280a6a5a3518f341b7079c95bf9aff8cb79bd75c7ddff9e59ef4bf044ad8c639913976e9dbe9ea9960b980488df916623e436828122353aaa17cc66c460090a547c10b7fb833f26165323db1589ce48000e0cf5f6f1a698093a5ac8cdd41bcd8", 0x1000}, {&(0x7f0000000580)="e2cebf2259", 0x5}, {&(0x7f00000005c0)="c977bc3ae29ae44362792080eacb08fed9a44fcd1c1ae982b2a175e49af76fb74bbe3fde4f871e84ba24b69323bc13392a6131908c0c76ef87cb45ad50f941a3a26b7d403067936563bf7f922433563f5142b4c234fc3663efdede8d13078a51ab20a07deaaabc51e6f315439641decfc298c33a7b29e8c79f099b", 0x7b}], 0x8)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r3, 0x80089419, &(0x7f0000000200))

05:56:36 executing program 1:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:56:36 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x400000000000000)

05:56:36 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xee06040000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:56:36 executing program 3:
syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

[ 1228.894062] audit: type=1326 audit(1755410196.239:180): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8874 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:56:36 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xef06040000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:56:36 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x25}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x6}]}, 0x24}}, 0x0)

05:56:36 executing program 3:
syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:56:36 executing program 1:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

[ 1228.991016] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1228.992604] CPU: 1 UID: 0 PID: 8866 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1228.992634] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1228.992647] Call Trace:
[ 1228.992655]  <TASK>
[ 1228.992664]  dump_stack_lvl+0xfa/0x120
[ 1228.992695]  dump_header+0x107/0x950
[ 1228.992731]  oom_kill_process+0x278/0xa00
[ 1228.992763]  out_of_memory+0x34b/0x1690
[ 1228.992800]  ? __pfx_out_of_memory+0x10/0x10
[ 1228.992848]  mem_cgroup_out_of_memory+0x164/0x190
[ 1228.992880]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1228.992921]  ? mark_held_locks+0x49/0x80
[ 1228.992952]  try_charge_memcg+0x81f/0xf30
[ 1228.992989]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1228.993027]  charge_memcg+0x7b/0x290
[ 1228.993054]  __mem_cgroup_charge+0x28/0x90
[ 1228.993084]  do_wp_page+0x58c/0x3240
[ 1228.993122]  ? __pfx_do_wp_page+0x10/0x10
[ 1228.993149]  ? do_raw_spin_lock+0x123/0x260
[ 1228.993177]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1228.993204]  ? ___pte_offset_map+0x176/0x370
[ 1228.993234]  __handle_mm_fault+0xde1/0x3030
[ 1228.993262]  ? reacquire_held_locks+0xd1/0x200
[ 1228.993283]  ? lock_vma_under_rcu+0x11e/0x530
[ 1228.993320]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1228.993350]  ? lock_vma_under_rcu+0x17b/0x530
[ 1228.993398]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1228.993441]  handle_mm_fault+0x2c3/0x900
[ 1228.993469]  ? access_error+0x17d/0x380
[ 1228.993499]  do_user_addr_fault+0x4fa/0xeb0
[ 1228.993532]  exc_page_fault+0xb0/0x180
[ 1228.993555]  asm_exc_page_fault+0x26/0x30
[ 1228.993577] RIP: 0033:0x7ff98baf5d30
[ 1228.993595] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1228.993616] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1228.993634] RAX: 00000000abee663a RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1228.993648] RDX: 0000001b2cf2002c RSI: ffffffff8184c339 RDI: 0000000000000000
[ 1228.993663] RBP: 0000000000000001 R08: 00000000abee663a R09: 0000001b2cf2001c
[ 1228.993677] R10: 000000000000063a R11: 00000000abee663e R12: 0000000000000003
[ 1228.993691] R13: 00007ff98bc4f000 R14: ffffffff8184c339 R15: 00007ff98bc5aff0
[ 1228.993707]  ? perf_copy_attr+0x19/0x920
[ 1228.993749]  ? perf_copy_attr+0x19/0x920
[ 1228.993787]  </TASK>
[ 1229.025211] memory: usage 307200kB, limit 307200kB, failcnt 3124
[ 1229.026176] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
05:56:36 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x2, 0xb, 0x6}]}, 0x24}}, 0x0)

05:56:36 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x810, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

[ 1229.027126] Memory cgroup stats for /syz0:
[ 1229.039759] anon 122880
[ 1229.041037] file 312950784
[ 1229.041460] kernel 1499136
[ 1229.041915] kernel_stack 65536
[ 1229.042418] pagetables 155648
[ 1229.042957] sec_pagetables 0
[ 1229.043415] percpu 64
[ 1229.043779] sock 0
[ 1229.044136] vmalloc 0
[ 1229.044498] shmem 312950784
[ 1229.044957] file_mapped 0
[ 1229.045366] file_dirty 0
[ 1229.045764] file_writeback 0
[ 1229.046239] swapcached 0
[ 1229.046683] inactive_anon 306528256
[ 1229.047274] active_anon 6545408
[ 1229.047802] inactive_file 0
[ 1229.048273] active_file 0
[ 1229.048685] unevictable 0
[ 1229.049137] slab_reclaimable 949424
[ 1229.049674] slab_unreclaimable 344528
[ 1229.050270] slab 1293952
[ 1229.050685] workingset_refault_anon 0
[ 1229.051274] workingset_refault_file 1
[ 1229.051879] workingset_activate_anon 0
[ 1229.052463] workingset_activate_file 0
[ 1229.053094] workingset_restore_anon 0
[ 1229.053655] workingset_restore_file 0
[ 1229.054239] workingset_nodereclaim 0
[ 1229.054848] pgdemote_kswapd 0
[ 1229.055313] pgdemote_direct 0
[ 1229.055786] pgdemote_khugepaged 0
[ 1229.056326] pgdemote_proactive 0
[ 1229.056848] pgscan 801
[ 1229.057227] pgsteal 9
[ 1229.057614] pswpin 0
[ 1229.058022] pswpout 0
[ 1229.058394] pgscan_kswapd 0
[ 1229.058882] pgscan_direct 801
[ 1229.059348] pgscan_khugepaged 0
[ 1229.059858] pgscan_proactive 0
[ 1229.060337] pgsteal_kswapd 0
[ 1229.060780] pgsteal_direct 9
[ 1229.061260] pgsteal_khugepaged 0
[ 1229.061757] pgsteal_proactive 0
[ 1229.062290] pgfault 88592
[ 1229.062720] pgmajfault 0
[ 1229.063152] pgrefill 768
[ 1229.063555] pgactivate 3833
[ 1229.064019] pgdeactivate 768
[ 1229.064471] pglazyfree 0
[ 1229.064898] pglazyfreed 0
[ 1229.065309] swpin_zero 0
[ 1229.065706] swpout_zero 0
[ 1229.066141] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8866,uid=0
[ 1229.066804] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 1229.068370] Memory cgroup out of memory: Killed process 8866 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
[ 1229.088010] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 1229.719680] audit: type=1326 audit(1755410197.067:181): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8874 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:56:45 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x900, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

05:56:45 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xf500000000000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:56:45 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x500000000000000)

05:56:45 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x7fff0000, 0x0)

05:56:45 executing program 3:
mknodat$loop(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:56:45 executing program 1:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:56:45 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000280)=@req3={0x1000, 0x1, 0x400, 0x4}, 0x1c)
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/142, 0x8e, 0x2)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r3=>r1, {0x1a}}, './file1\x00'})
ioctl$BTRFS_IOC_RESIZE(r2, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}})
r4 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r4, &(0x7f0000000040)=""/156, 0x9c, 0x2)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r5=>r0}, './file0\x00'})
splice(r4, &(0x7f0000000000)=0x7ff, r5, &(0x7f00000000c0)=0x1, 0x9, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)

05:56:45 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x3, 0xb, 0x6}]}, 0x24}}, 0x0)

[ 1238.341035] audit: type=1326 audit(1755410205.688:182): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8910 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
[ 1238.365444] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.7'.
05:56:45 executing program 1:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

[ 1238.382849] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.7'.
05:56:45 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0xa00, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

[ 1238.424354] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1238.425165] CPU: 0 UID: 0 PID: 8916 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1238.425182] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1238.425190] Call Trace:
[ 1238.425195]  <TASK>
[ 1238.425200]  dump_stack_lvl+0xfa/0x120
[ 1238.425219]  dump_header+0x107/0x950
[ 1238.425239]  oom_kill_process+0x278/0xa00
[ 1238.425257]  out_of_memory+0x34b/0x1690
[ 1238.425278]  ? __pfx_out_of_memory+0x10/0x10
[ 1238.425300]  mem_cgroup_out_of_memory+0x164/0x190
[ 1238.425318]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1238.425340]  ? mark_held_locks+0x49/0x80
[ 1238.425357]  try_charge_memcg+0x81f/0xf30
[ 1238.425378]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1238.425399]  charge_memcg+0x7b/0x290
[ 1238.425413]  __mem_cgroup_charge+0x28/0x90
[ 1238.425429]  do_wp_page+0x58c/0x3240
[ 1238.425450]  ? __pfx_do_wp_page+0x10/0x10
[ 1238.425465]  ? do_raw_spin_lock+0x123/0x260
[ 1238.425481]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1238.425495]  ? ___pte_offset_map+0x176/0x370
[ 1238.425512]  __handle_mm_fault+0xde1/0x3030
[ 1238.425526]  ? reacquire_held_locks+0xd1/0x200
[ 1238.425538]  ? lock_vma_under_rcu+0x11e/0x530
[ 1238.425558]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1238.425575]  ? lock_vma_under_rcu+0x17b/0x530
[ 1238.425601]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1238.425626]  handle_mm_fault+0x2c3/0x900
[ 1238.425641]  ? access_error+0x17d/0x380
[ 1238.425658]  do_user_addr_fault+0x4fa/0xeb0
[ 1238.425676]  exc_page_fault+0xb0/0x180
[ 1238.425689]  asm_exc_page_fault+0x26/0x30
[ 1238.425701] RIP: 0033:0x7ff98baf5d30
[ 1238.425712] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1238.425723] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1238.425733] RAX: 0000000070753fca RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1238.425742] RDX: 0000001b2cf20030 RSI: ffffffff83bbcc3c RDI: 0000000000000000
[ 1238.425749] RBP: 0000000000000001 R08: 0000000070753fca R09: 0000001b2cf2001c
[ 1238.425757] R10: 0000000000001fca R11: 0000000070753fce R12: 0000000000000004
[ 1238.425764] R13: 00007ff98bc4f000 R14: ffffffff83bbcc3c R15: 00007ff98bc5aff0
[ 1238.425773]  ? __sock_create+0x2c/0x810
[ 1238.425795]  ? __sock_create+0x2c/0x810
[ 1238.425817]  </TASK>
[ 1238.442992] memory: usage 307200kB, limit 307200kB, failcnt 3144
[ 1238.443498] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1238.444145] Memory cgroup stats for /syz0:
[ 1238.444239] anon 86016
[ 1238.444790] file 312950784
[ 1238.445171] kernel 1433600
[ 1238.445412] kernel_stack 32768
[ 1238.445679] pagetables 139264
[ 1238.446084] sec_pagetables 0
[ 1238.446333] percpu 64
[ 1238.446539] sock 0
[ 1238.446726] vmalloc 0
[ 1238.447758] shmem 312950784
[ 1238.448170] file_mapped 0
[ 1238.448405] file_dirty 0
[ 1238.448625] file_writeback 0
[ 1238.448979] swapcached 0
[ 1238.449199] inactive_anon 306470912
[ 1238.449497] active_anon 6545408
[ 1238.449762] inactive_file 0
[ 1238.450054] active_file 0
[ 1238.450284] unevictable 0
[ 1238.450515] slab_reclaimable 951856
[ 1238.450824] slab_unreclaimable 326872
[ 1238.451141] slab 1278728
[ 1238.451368] workingset_refault_anon 0
[ 1238.451680] workingset_refault_file 1
[ 1238.452008] workingset_activate_anon 0
[ 1238.452328] workingset_activate_file 0
[ 1238.452643] workingset_restore_anon 0
[ 1238.452969] workingset_restore_file 0
[ 1238.453282] workingset_nodereclaim 0
[ 1238.453584] pgdemote_kswapd 0
[ 1238.453856] pgdemote_direct 0
[ 1238.454112] pgdemote_khugepaged 0
[ 1238.454399] pgdemote_proactive 0
[ 1238.454671] pgscan 801
[ 1238.454901] pgsteal 9
[ 1238.455114] pswpin 0
[ 1238.455310] pswpout 0
[ 1238.455511] pgscan_kswapd 0
[ 1238.455756] pgscan_direct 801
[ 1238.456034] pgscan_khugepaged 0
[ 1238.456307] pgscan_proactive 0
[ 1238.456570] pgsteal_kswapd 0
[ 1238.456838] pgsteal_direct 9
[ 1238.457092] pgsteal_khugepaged 0
[ 1238.457373] pgsteal_proactive 0
[ 1238.457643] pgfault 88625
[ 1238.457892] pgmajfault 0
[ 1238.458120] pgrefill 768
[ 1238.458341] pgactivate 3833
[ 1238.458583] pgdeactivate 768
[ 1238.458848] pglazyfree 0
[ 1238.459082] pglazyfreed 0
[ 1238.459312] swpin_zero 0
[ 1238.459533] swpout_zero 0
[ 1238.459761] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8916,uid=0
[ 1238.460975] Memory cgroup out of memory: Killed process 8916 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
05:56:45 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x8, 0xb, 0x6}]}, 0x24}}, 0x0)

05:56:45 executing program 3:
mknodat$loop(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:56:45 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xf6ffffff00000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:56:45 executing program 1:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:56:45 executing program 0:
seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, &(0x7f0000000080))
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="014344303031", 0x6, 0x8000}], 0x0, &(0x7f0000000040))

05:56:45 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x600000000000000)

[ 1238.547349] netlink: 'syz-executor.7': attribute type 11 has an invalid length.
[ 1238.563131] netlink: 'syz-executor.7': attribute type 11 has an invalid length.
05:56:45 executing program 1:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
name_to_handle_at(r0, &(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)=@nfs={0x90, 0x24, {0x3, 0x4, 0x3, 0x80, "b502c921b2a59f1c42aa85f4b7a134b0428feb5cf90cbd967e38249ba2a03cc2e3ded453084f5dc4d76e54314eaf775aeba90eb75273faadc342ee16c8f091b0d9678575314d7d5536b8dbf3d4b0d5f690f7566b8b4e068e62587abde97e6f3b142584ed7d7d3e389471ae487319e418cc2b0f402067370bbde2c90571718404"}}, &(0x7f00000006c0), 0x400)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

[ 1238.583882] syz-executor.0 invoked oom-killer: gfp_mask=0x440dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO|__GFP_COMP), order=0, oom_score_adj=1000
[ 1238.585040] CPU: 0 UID: 0 PID: 8935 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1238.585056] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1238.585064] Call Trace:
[ 1238.585069]  <TASK>
[ 1238.585074]  dump_stack_lvl+0xfa/0x120
[ 1238.585094]  dump_header+0x107/0x950
[ 1238.585114]  oom_kill_process+0x278/0xa00
[ 1238.585132]  out_of_memory+0x34b/0x1690
[ 1238.585153]  ? __pfx_out_of_memory+0x10/0x10
[ 1238.585176]  mem_cgroup_out_of_memory+0x164/0x190
[ 1238.585195]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1238.585218]  ? mark_held_locks+0x49/0x80
[ 1238.585235]  try_charge_memcg+0x81f/0xf30
[ 1238.585257]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1238.585274]  ? get_mem_cgroup_from_objcg+0xf8/0x430
[ 1238.585290]  __memcg_kmem_charge_page+0x135/0x400
[ 1238.585309]  __alloc_frozen_pages_noprof+0x33b/0x1f10
[ 1238.585332]  ? should_fail_alloc_page+0xe8/0x110
[ 1238.585355]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1238.585383]  ? perf_trace_lock_acquire+0xc9/0x700
[ 1238.585397]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1238.585414]  ? policy_nodemask+0xeb/0x4e0
[ 1238.585431]  alloc_pages_mpol+0xed/0x340
[ 1238.585446]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1238.585464]  ? mtree_range_walk+0x74a/0xb90
[ 1238.585479]  alloc_pages_noprof+0xa1/0x380
[ 1238.585496]  __pmd_alloc+0x3b/0x980
[ 1238.585514]  __handle_mm_fault+0xcae/0x3030
[ 1238.585531]  ? __pfx_mt_find+0x10/0x10
[ 1238.585546]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1238.585573]  ? find_vma+0xbf/0x140
[ 1238.585585]  ? __pfx_find_vma+0x10/0x10
[ 1238.585601]  handle_mm_fault+0x2c3/0x900
[ 1238.585617]  ? access_error+0x17d/0x380
[ 1238.585631]  ? lock_mm_and_find_vma+0xaa/0x6f0
[ 1238.585645]  do_user_addr_fault+0x395/0xeb0
[ 1238.585663]  exc_page_fault+0xb0/0x180
[ 1238.585678]  asm_exc_page_fault+0x26/0x30
[ 1238.585690] RIP: 0010:rep_movs_alternative+0x11/0x90
[ 1238.585710] Code: e9 a4 99 03 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 6d 99 03 00 66 66 2e 0f
[ 1238.585722] RSP: 0018:ffff88804813fdb8 EFLAGS: 00050206
[ 1238.585733] RAX: 0000000000000050 RBX: 0000000000000006 RCX: 0000000000000006
[ 1238.585741] RDX: ffffed1009027fcf RSI: ffff88804813fe78 RDI: 0000000020000080
[ 1238.585749] RBP: 0000000020000080 R08: 0000000000000000 R09: ffffed1009027fcf
[ 1238.585757] R10: 0000000000000005 R11: 0000000000000001 R12: ffff88804813fe78
[ 1238.585765] R13: 0000000020000086 R14: 00007ffffffff000 R15: 0000000000000000
[ 1238.585784]  _copy_to_user+0xbe/0xd0
[ 1238.585798]  do_seccomp+0x759/0x25e0
[ 1238.585816]  ? rcu_read_unlock+0x2d/0xb0
[ 1238.585828]  ? lock_release+0xc8/0x290
[ 1238.585842]  ? __pfx_do_seccomp+0x10/0x10
[ 1238.585855]  ? find_held_lock+0x2b/0x80
[ 1238.585871]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1238.585890]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1238.585909]  ? lock_release+0xc8/0x290
[ 1238.585920]  ? access_error+0x17d/0x380
[ 1238.585942]  do_syscall_64+0xbf/0x360
[ 1238.585957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1238.585969] RIP: 0033:0x7ff98bb47b19
[ 1238.585979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1238.585991] RSP: 002b:00007ff9890bd188 EFLAGS: 00000246 ORIG_RAX: 000000000000013d
[ 1238.586002] RAX: ffffffffffffffda RBX: 00007ff98bc5af60 RCX: 00007ff98bb47b19
[ 1238.586010] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000003
[ 1238.586018] RBP: 00007ff98bba1f6d R08: 0000000000000000 R09: 0000000000000000
[ 1238.586025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1238.586033] R13: 00007ffc54e3909f R14: 00007ff9890bd300 R15: 0000000000022000
[ 1238.586051]  </TASK>
[ 1238.614849] memory: usage 307200kB, limit 307200kB, failcnt 3167
[ 1238.615371] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1238.616026] Memory cgroup stats for /syz0:
[ 1238.656958] anon 106496
[ 1238.657588] file 312950784
[ 1238.657883] kernel 1515520
[ 1238.658125] kernel_stack 65536
[ 1238.658384] pagetables 151552
[ 1238.658645] sec_pagetables 0
[ 1238.658916] percpu 128
[ 1238.659144] sock 0
[ 1238.659329] vmalloc 0
[ 1238.659534] shmem 312950784
[ 1238.659773] file_mapped 0
[ 1238.660020] file_dirty 0
[ 1238.660250] file_writeback 0
[ 1238.660505] swapcached 0
[ 1238.660731] inactive_anon 306511872
[ 1238.661049] active_anon 6545408
[ 1238.661328] inactive_file 0
[ 1238.661574] active_file 0
[ 1238.661823] unevictable 0
[ 1238.662059] slab_reclaimable 949040
[ 1238.662361] slab_unreclaimable 363896
[ 1238.662676] slab 1312936
[ 1238.662929] workingset_refault_anon 0
[ 1238.663238] workingset_refault_file 1
[ 1238.663554] workingset_activate_anon 0
[ 1238.663877] workingset_activate_file 0
[ 1238.664203] workingset_restore_anon 0
[ 1238.664520] workingset_restore_file 0
[ 1238.664839] workingset_nodereclaim 0
[ 1238.665150] pgdemote_kswapd 0
[ 1238.665410] pgdemote_direct 0
[ 1238.665671] pgdemote_khugepaged 0
[ 1238.665975] pgdemote_proactive 0
[ 1238.666248] pgscan 801
[ 1238.666456] pgsteal 9
[ 1238.666664] pswpin 0
[ 1238.666877] pswpout 0
[ 1238.667085] pgscan_kswapd 0
[ 1238.667327] pgscan_direct 801
[ 1238.667580] pgscan_khugepaged 0
[ 1238.667860] pgscan_proactive 0
[ 1238.668125] pgsteal_kswapd 0
[ 1238.668369] pgsteal_direct 9
[ 1238.668612] pgsteal_khugepaged 0
[ 1238.668904] pgsteal_proactive 0
[ 1238.669179] pgfault 88679
[ 1238.669409] pgmajfault 0
[ 1238.669627] pgrefill 768
[ 1238.669861] pgactivate 3833
[ 1238.670100] pgdeactivate 768
[ 1238.670343] pglazyfree 0
[ 1238.670565] pglazyfreed 0
[ 1238.670799] swpin_zero 0
[ 1238.671074] swpout_zero 0
[ 1238.671296] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8933,uid=0
[ 1238.672463] Memory cgroup out of memory: Killed process 8933 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35644kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[ 1239.170920] audit: type=1326 audit(1755410206.518:183): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8910 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:56:56 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x700000000000000)

05:56:56 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x8f030000, 0x0)

05:56:56 executing program 1:
r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:56:56 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0xa, 0xb, 0x6}]}, 0x24}}, 0x0)

05:56:56 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xf9fdffff00000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:56:56 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={&(0x7f0000000080), 0x1}, 0x50, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
write(r2, &(0x7f0000000900)='^', 0x1)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0xfdef)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x88002, 0x0)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(r4, 0xf50f, 0x0)
sendfile(r0, r1, 0x0, 0xfdef)
creat(0x0, 0x0)

05:56:56 executing program 3:
mknodat$loop(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:56:56 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0xb00, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

[ 1249.406984] audit: type=1326 audit(1755410216.754:184): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8956 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:56:56 executing program 1:
syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

[ 1249.418330] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 1249.422005] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1249.422788] CPU: 0 UID: 0 PID: 8950 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1249.422809] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1249.422817] Call Trace:
[ 1249.422821]  <TASK>
[ 1249.422827]  dump_stack_lvl+0xfa/0x120
[ 1249.422846]  dump_header+0x107/0x950
[ 1249.422866]  oom_kill_process+0x278/0xa00
[ 1249.422885]  out_of_memory+0x34b/0x1690
[ 1249.422905]  ? __pfx_out_of_memory+0x10/0x10
[ 1249.422928]  mem_cgroup_out_of_memory+0x164/0x190
[ 1249.422947]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1249.422969]  ? mark_held_locks+0x49/0x80
[ 1249.422986]  try_charge_memcg+0x81f/0xf30
[ 1249.423007]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1249.423028]  charge_memcg+0x7b/0x290
[ 1249.423043]  __mem_cgroup_charge+0x28/0x90
[ 1249.423059]  do_wp_page+0x58c/0x3240
[ 1249.423080]  ? __pfx_do_wp_page+0x10/0x10
[ 1249.423095]  ? do_raw_spin_lock+0x123/0x260
[ 1249.423110]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1249.423124]  ? ___pte_offset_map+0x176/0x370
[ 1249.423141]  __handle_mm_fault+0xde1/0x3030
[ 1249.423156]  ? reacquire_held_locks+0xd1/0x200
[ 1249.423168]  ? lock_vma_under_rcu+0x11e/0x530
[ 1249.423189]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1249.423205]  ? lock_vma_under_rcu+0x17b/0x530
[ 1249.423231]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1249.423255]  handle_mm_fault+0x2c3/0x900
[ 1249.423270]  ? access_error+0x17d/0x380
[ 1249.423287]  do_user_addr_fault+0x4fa/0xeb0
[ 1249.423304]  exc_page_fault+0xb0/0x180
[ 1249.423318]  asm_exc_page_fault+0x26/0x30
[ 1249.423331] RIP: 0033:0x7ff98baf5d30
[ 1249.423341] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1249.423352] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1249.423363] RAX: 00000000b679e0c2 RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1249.423371] RDX: 0000001b2cf20034 RSI: ffffffff819bd515 RDI: 0000000000000000
[ 1249.423379] RBP: 0000000000000001 R08: 00000000b679e0c2 R09: 0000001b2cf2001c
[ 1249.423386] R10: 00000000000000c2 R11: 00000000b679e0c6 R12: 0000000000000005
[ 1249.423393] R13: 00007ff98bc4f000 R14: ffffffff819bd515 R15: 00007ff98bc5aff0
[ 1249.423410]  ? __might_fault+0x75/0x190
[ 1249.423427]  ? __might_fault+0x75/0x190
[ 1249.423440]  </TASK>
[ 1249.440417] memory: usage 307200kB, limit 307200kB, failcnt 3231
[ 1249.441010] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
05:56:56 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xfbffffff00000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[ 1249.441495] Memory cgroup stats for /syz0:
[ 1249.443858] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 1249.445603] anon 122880
[ 1249.445866] file 312950784
[ 1249.446098] kernel 1499136
[ 1249.446324] kernel_stack 65536
[ 1249.446605] pagetables 155648
[ 1249.447139] sec_pagetables 0
[ 1249.447388] percpu 64
[ 1249.447717] sock 0
[ 1249.447990] vmalloc 0
[ 1249.448194] shmem 312950784
[ 1249.448431] file_mapped 0
[ 1249.448650] file_dirty 0
[ 1249.448889] file_writeback 0
[ 1249.449133] swapcached 0
[ 1249.449348] inactive_anon 306528256
[ 1249.449634] active_anon 6545408
[ 1249.449919] inactive_file 0
[ 1249.450155] active_file 0
[ 1249.450379] unevictable 0
[ 1249.450601] slab_reclaimable 949040
[ 1249.450941] slab_unreclaimable 344072
[ 1249.451249] slab 1293112
[ 1249.451477] workingset_refault_anon 0
[ 1249.451776] workingset_refault_file 1
[ 1249.452101] workingset_activate_anon 0
[ 1249.452407] workingset_activate_file 0
[ 1249.452712] workingset_restore_anon 0
[ 1249.453033] workingset_restore_file 0
[ 1249.453333] workingset_nodereclaim 0
[ 1249.453626] pgdemote_kswapd 0
[ 1249.453896] pgdemote_direct 0
[ 1249.454150] pgdemote_khugepaged 0
[ 1249.454425] pgdemote_proactive 0
[ 1249.454691] pgscan 801
[ 1249.454913] pgsteal 9
[ 1249.455113] pswpin 0
[ 1249.455304] pswpout 0
[ 1249.455508] pgscan_kswapd 0
[ 1249.455742] pgscan_direct 801
[ 1249.456015] pgscan_khugepaged 0
[ 1249.456283] pgscan_proactive 0
[ 1249.456539] pgsteal_kswapd 0
[ 1249.456781] pgsteal_direct 9
[ 1249.457044] pgsteal_khugepaged 0
[ 1249.457314] pgsteal_proactive 0
[ 1249.457573] pgfault 88726
[ 1249.457795] pgmajfault 0
[ 1249.458029] pgrefill 768
[ 1249.458248] pgactivate 3833
[ 1249.458482] pgdeactivate 768
[ 1249.458724] pglazyfree 0
[ 1249.458960] pglazyfreed 0
[ 1249.459184] swpin_zero 0
[ 1249.459398] swpout_zero 0
[ 1249.459629] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8950,uid=0
[ 1249.460791] Memory cgroup out of memory: Killed process 8950 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
05:56:56 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020370000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000002000028020000028400001be3", 0x66, 0x400}], 0x0, &(0x7f0000012c00))
mount(&(0x7f0000000040)=@sr0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='aufs\x00', 0x90440, 0x0)

05:56:56 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x1008, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

05:56:56 executing program 3:
r0 = syz_mount_image$tmpfs(0x0, &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:56:56 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0xa00000000000000)

05:56:56 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xc, 0x6}]}, 0x24}}, 0x0)

[ 1249.679377] syz-executor.0 invoked oom-killer: gfp_mask=0x402dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO|__GFP_NOWARN), order=2, oom_score_adj=1000
[ 1249.681289] CPU: 0 UID: 0 PID: 8975 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1249.681319] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1249.681332] Call Trace:
[ 1249.681341]  <TASK>
[ 1249.681350]  dump_stack_lvl+0xfa/0x120
[ 1249.681381]  dump_header+0x107/0x950
[ 1249.681418]  oom_kill_process+0x278/0xa00
[ 1249.681451]  out_of_memory+0x34b/0x1690
[ 1249.681489]  ? __pfx_out_of_memory+0x10/0x10
[ 1249.681530]  mem_cgroup_out_of_memory+0x164/0x190
[ 1249.681564]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1249.681605]  ? mark_held_locks+0x49/0x80
[ 1249.681639]  try_charge_memcg+0x81f/0xf30
[ 1249.681677]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1249.681708]  ? get_mem_cgroup_from_objcg+0xf8/0x430
[ 1249.681737]  obj_cgroup_charge_account+0xa8/0x6e0
[ 1249.681772]  __memcg_slab_post_alloc_hook+0x33c/0x9d0
[ 1249.681814]  ? __create_object+0x59/0x80
[ 1249.681842]  __kvmalloc_node_noprof+0x4eb/0x590
[ 1249.681872]  ? futex_hash_allocate+0x108/0x10a0
[ 1249.681907]  ? find_held_lock+0x2b/0x80
[ 1249.681937]  ? futex_hash_allocate+0x2d4/0x10a0
[ 1249.681977]  ? futex_hash_allocate+0x2d4/0x10a0
[ 1249.682009]  futex_hash_allocate+0x2d4/0x10a0
[ 1249.682043]  ? do_raw_spin_lock+0x123/0x260
[ 1249.682071]  ? __pfx_futex_hash_allocate+0x10/0x10
[ 1249.682106]  ? lock_acquire+0x15e/0x2f0
[ 1249.682128]  ? futex_hash_allocate_default+0x63/0x5b0
[ 1249.682152]  ? find_held_lock+0x2b/0x80
[ 1249.682181]  ? futex_hash_allocate_default+0x2a1/0x5b0
[ 1249.682205]  ? lock_release+0xc8/0x290
[ 1249.682225]  ? lock_is_held_type+0x9e/0x120
[ 1249.682253]  futex_hash_allocate_default+0x319/0x5b0
[ 1249.682279]  copy_process+0x41f2/0x73e0
[ 1249.682319]  ? __pfx_copy_process+0x10/0x10
[ 1249.682346]  ? __pfx_do_wp_page+0x10/0x10
[ 1249.682384]  kernel_clone+0xea/0x7f0
[ 1249.682409]  ? __pfx_kernel_clone+0x10/0x10
[ 1249.682433]  ? perf_trace_lock+0xb5/0x5d0
[ 1249.682455]  ? __lock_acquire+0x694/0x1b70
[ 1249.682482]  ? __pfx_perf_trace_lock+0x10/0x10
[ 1249.682504]  ? __pfx_css_rstat_updated+0x10/0x10
[ 1249.682540]  __do_sys_clone+0xce/0x120
[ 1249.682561]  ? __pfx___do_sys_clone+0x10/0x10
[ 1249.682582]  ? rcu_read_unlock+0x2d/0xb0
[ 1249.682634]  do_syscall_64+0xbf/0x360
[ 1249.682662]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1249.682686] RIP: 0033:0x7ff98bb48f41
[ 1249.682703] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 1249.682725] RSP: 002b:00007ffc54e38fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1249.682748] RAX: ffffffffffffffda RBX: 00007ff9890bd700 RCX: 00007ff98bb48f41
[ 1249.682763] RDX: 00007ff9890bd9d0 RSI: 00007ff9890bd2f0 RDI: 00000000003d0f00
[ 1249.682777] RBP: 00007ffc54e39220 R08: 00007ff9890bd700 R09: 00007ff9890bd700
[ 1249.682791] R10: 00007ff9890bd9d0 R11: 0000000000000206 R12: 00007ffc54e3909e
[ 1249.682805] R13: 00007ffc54e3909f R14: 00007ff9890bd300 R15: 0000000000022000
[ 1249.682839]  </TASK>
[ 1249.723118] memory: usage 307196kB, limit 307200kB, failcnt 3257
[ 1249.724196] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1249.725110] Memory cgroup stats for /syz0:
[ 1249.775501] anon 106496
[ 1249.776764] file 312950784
[ 1249.777243] kernel 1511424
[ 1249.777676] kernel_stack 65536
[ 1249.778180] pagetables 155648
[ 1249.778648] sec_pagetables 0
[ 1249.779135] percpu 128
[ 1249.779527] sock 0
[ 1249.779891] vmalloc 0
[ 1249.780256] shmem 312950784
[ 1249.780698] file_mapped 0
[ 1249.781147] file_dirty 0
[ 1249.781546] file_writeback 0
[ 1249.782029] swapcached 0
[ 1249.782434] inactive_anon 306511872
[ 1249.783003] active_anon 6545408
[ 1249.783493] inactive_file 0
[ 1249.783954] active_file 0
[ 1249.784364] unevictable 0
[ 1249.784773] slab_reclaimable 949040
[ 1249.785342] slab_unreclaimable 356080
[ 1249.785938] slab 1305120
[ 1249.786336] workingset_refault_anon 0
[ 1249.786919] workingset_refault_file 1
[ 1249.787476] workingset_activate_anon 0
[ 1249.788074] workingset_activate_file 0
[ 1249.788637] workingset_restore_anon 0
[ 1249.789220] workingset_restore_file 0
[ 1249.789774] workingset_nodereclaim 0
[ 1249.790342] pgdemote_kswapd 0
[ 1249.790801] pgdemote_direct 0
[ 1249.791320] pgdemote_khugepaged 0
[ 1249.792063] pgdemote_proactive 0
[ 1249.792563] pgscan 801
[ 1249.793287] pgsteal 9
[ 1249.793653] pswpin 0
[ 1249.794386] pswpout 0
[ 1249.794758] pgscan_kswapd 0
[ 1249.795248] pgscan_direct 801
[ 1249.795722] pgscan_khugepaged 0
[ 1249.796243] pgscan_proactive 0
[ 1249.796717] pgsteal_kswapd 0
[ 1249.797195] pgsteal_direct 9
[ 1249.797645] pgsteal_khugepaged 0
[ 1249.798173] pgsteal_proactive 0
[ 1249.798665] pgfault 88764
[ 1249.799108] pgmajfault 0
[ 1249.799513] pgrefill 768
[ 1249.799947] pgactivate 3833
[ 1249.800376] pgdeactivate 768
[ 1249.800861] pglazyfree 0
[ 1249.801259] pglazyfreed 0
[ 1249.801662] swpin_zero 0
[ 1249.802102] swpout_zero 0
[ 1249.802510] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8975,uid=0
[ 1249.804635] Memory cgroup out of memory: Killed process 8975 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000
[ 1249.837470] 
[ 1249.837754] =====================================
[ 1249.838449] WARNING: bad unlock balance detected!
[ 1249.839150] 6.17.0-rc1-next-20250815 #1 Not tainted
[ 1249.839881] -------------------------------------
[ 1249.840586] syz-executor.0/8975 is trying to release lock (&sighand->siglock) at:
[ 1249.841683] [<ffffffff81395549>] copy_process+0x5f89/0x73e0
[ 1249.842513] but there are no more locks to release!
[ 1249.843226] 
[ 1249.843226] other info that might help us debug this:
[ 1249.844159] 1 lock held by syz-executor.0/8975:
[ 1249.844821]  #0: ffffffff85c5c510 (cgroup_threadgroup_rwsem){++++}-{0:0}, at: copy_process+0x418a/0x73e0
[ 1249.846202] 
[ 1249.846202] stack backtrace:
[ 1249.846857] CPU: 0 UID: 0 PID: 8975 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1249.846886] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1249.846899] Call Trace:
[ 1249.846907]  <TASK>
[ 1249.846916]  dump_stack_lvl+0xca/0x120
[ 1249.846941]  ? copy_process+0x5f89/0x73e0
[ 1249.846960]  print_unlock_imbalance_bug+0x118/0x130
[ 1249.846997]  ? copy_process+0x5f89/0x73e0
[ 1249.847016]  lock_release+0x208/0x290
[ 1249.847041]  _raw_spin_unlock+0x16/0x40
[ 1249.847073]  copy_process+0x5f89/0x73e0
[ 1249.847102]  ? __pfx_copy_process+0x10/0x10
[ 1249.847125]  ? __pfx_do_wp_page+0x10/0x10
[ 1249.847157]  kernel_clone+0xea/0x7f0
[ 1249.847179]  ? __pfx_kernel_clone+0x10/0x10
[ 1249.847201]  ? perf_trace_lock+0xb5/0x5d0
[ 1249.847223]  ? __lock_acquire+0x694/0x1b70
[ 1249.847247]  ? __pfx_perf_trace_lock+0x10/0x10
[ 1249.847268]  ? __pfx_css_rstat_updated+0x10/0x10
[ 1249.847300]  __do_sys_clone+0xce/0x120
[ 1249.847319]  ? __pfx___do_sys_clone+0x10/0x10
[ 1249.847339]  ? rcu_read_unlock+0x2d/0xb0
[ 1249.847375]  do_syscall_64+0xbf/0x360
[ 1249.847401]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1249.847434] RIP: 0033:0x7ff98bb48f41
[ 1249.847450] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 1249.847472] RSP: 002b:00007ffc54e38fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1249.847492] RAX: ffffffffffffffda RBX: 00007ff9890bd700 RCX: 00007ff98bb48f41
[ 1249.847507] RDX: 00007ff9890bd9d0 RSI: 00007ff9890bd2f0 RDI: 00000000003d0f00
[ 1249.847522] RBP: 00007ffc54e39220 R08: 00007ff9890bd700 R09: 00007ff9890bd700
[ 1249.847536] R10: 00007ff9890bd9d0 R11: 0000000000000206 R12: 00007ffc54e3909e
[ 1249.847551] R13: 00007ffc54e3909f R14: 00007ff9890bd300 R15: 0000000000022000
[ 1249.847574]  </TASK>
[ 1249.876075] BUG: sleeping function called from invalid context at kernel/nsproxy.c:233
[ 1249.876099] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 8975, name: syz-executor.0
[ 1249.876122] preempt_count: 7ffffffe, expected: 0
[ 1249.876135] RCU nest depth: 0, expected: 0
[ 1249.876147] INFO: lockdep is turned off.
[ 1249.876159] CPU: 0 UID: 0 PID: 8975 Comm: syz-executor.0 Not tainted 6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1249.876190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1249.876205] Call Trace:
[ 1249.876212]  <TASK>
[ 1249.876222]  dump_stack_lvl+0xfa/0x120
[ 1249.876251]  __might_resched+0x2f3/0x510
[ 1249.876294]  switch_task_namespaces+0x2d/0x100
[ 1249.876330]  copy_process+0x2756/0x73e0
[ 1249.876361]  ? __pfx_copy_process+0x10/0x10
[ 1249.876393]  ? __pfx_do_wp_page+0x10/0x10
[ 1249.876427]  kernel_clone+0xea/0x7f0
[ 1249.876451]  ? __pfx_kernel_clone+0x10/0x10
[ 1249.876477]  ? perf_trace_lock+0xb5/0x5d0
[ 1249.876500]  ? __lock_acquire+0x694/0x1b70
[ 1249.876527]  ? __pfx_perf_trace_lock+0x10/0x10
[ 1249.876553]  ? __pfx_css_rstat_updated+0x10/0x10
[ 1249.876588]  __do_sys_clone+0xce/0x120
[ 1249.876611]  ? __pfx___do_sys_clone+0x10/0x10
[ 1249.876634]  ? rcu_read_unlock+0x2d/0xb0
[ 1249.876673]  do_syscall_64+0xbf/0x360
[ 1249.876703]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1249.876727] RIP: 0033:0x7ff98bb48f41
[ 1249.876745] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 1249.876768] RSP: 002b:00007ffc54e38fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1249.876791] RAX: ffffffffffffffda RBX: 00007ff9890bd700 RCX: 00007ff98bb48f41
[ 1249.876815] RDX: 00007ff9890bd9d0 RSI: 00007ff9890bd2f0 RDI: 00000000003d0f00
[ 1249.876831] RBP: 00007ffc54e39220 R08: 00007ff9890bd700 R09: 00007ff9890bd700
[ 1249.876847] R10: 00007ff9890bd9d0 R11: 0000000000000206 R12: 00007ffc54e3909e
[ 1249.876862] R13: 00007ffc54e3909f R14: 00007ff9890bd300 R15: 0000000000022000
[ 1249.876888]  </TASK>
[ 1249.876960] BUG: scheduling while atomic: syz-executor.0/8975/0x7fffffff
[ 1249.876980] INFO: lockdep is turned off.
[ 1249.876987] Modules linked in:
[ 1249.877006] CPU: 0 UID: 0 PID: 8975 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1249.877042] Tainted: [W]=WARN
[ 1249.877050] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1249.877064] Call Trace:
[ 1249.877071]  <TASK>
[ 1249.877080]  dump_stack_lvl+0xfa/0x120
[ 1249.877106]  __schedule_bug+0xb9/0x100
[ 1249.877128]  __schedule+0x24f3/0x3590
[ 1249.877171]  ? __pfx___do_sys_clone+0x10/0x10
[ 1249.877193]  ? __pfx___schedule+0x10/0x10
[ 1249.877232]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1249.877271]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1249.877313]  schedule+0xdb/0x390
[ 1249.877349]  exit_to_user_mode_loop+0x69/0x100
[ 1249.877388]  do_syscall_64+0x2f7/0x360
[ 1249.877416]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1249.877440] RIP: 0033:0x7ff98bb48f41
[ 1249.877457] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
[ 1249.877481] RSP: 002b:00007ffc54e38fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1249.877503] RAX: fffffffffffffff4 RBX: 00007ff9890bd700 RCX: 00007ff98bb48f41
[ 1249.877520] RDX: 00007ff9890bd9d0 RSI: 00007ff9890bd2f0 RDI: 00000000003d0f00
[ 1249.877536] RBP: 00007ffc54e39220 R08: 00007ff9890bd700 R09: 00007ff9890bd700
[ 1249.877552] R10: 00007ff9890bd9d0 R11: 0000000000000206 R12: 00007ffc54e3909e
[ 1249.877568] R13: 00007ffc54e3909f R14: 00007ff9890bd300 R15: 0000000000022000
[ 1249.877594]  </TASK>
[ 1250.233562] audit: type=1326 audit(1755410217.581:185): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8956 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:57:05 executing program 3:
r0 = syz_mount_image$tmpfs(0x0, &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:57:05 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x15, 0x0, 0x0, 0xffffffff}, {0x6}]})
openat$vcsu(0xffffffffffffff9c, 0x0, 0xa3020000, 0x0)

05:57:05 executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0xa, 0xb, 0x6}]}, 0x24}}, 0x0)

05:57:05 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x1020, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

05:57:05 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x2}]}, 0x24}}, 0x0)

05:57:05 executing program 5:
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_SPACE_INFO(r0, 0xc0109414, &(0x7f00000009c0)={0x9ea, 0x5, ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r1, &(0x7f0000000040)=""/156, 0x9c, 0x0)

05:57:05 executing program 1:
syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:57:05 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xfdfdffff00000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[ 1258.588642] audit: type=1326 audit(1755410225.933:186): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8992 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0
05:57:05 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x3}]}, 0x24}}, 0x0)

[ 1258.637648] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1258.639189] CPU: 0 UID: 0 PID: 8994 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1258.639225] Tainted: [W]=WARN
[ 1258.639233] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1258.639245] Call Trace:
[ 1258.639253]  <TASK>
[ 1258.639261]  dump_stack_lvl+0xfa/0x120
[ 1258.639291]  dump_header+0x107/0x950
[ 1258.639322]  oom_kill_process+0x278/0xa00
[ 1258.639351]  out_of_memory+0x34b/0x1690
[ 1258.639381]  ? __pfx_perf_trace_lock_acquire+0x10/0x10
[ 1258.639408]  ? __pfx_out_of_memory+0x10/0x10
[ 1258.639442]  mem_cgroup_out_of_memory+0x164/0x190
05:57:05 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xfdffffff00000000, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

[ 1258.639474]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1258.639511]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1258.639547]  try_charge_memcg+0x81f/0xf30
[ 1258.639579]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1258.639611]  charge_memcg+0x7b/0x290
[ 1258.639636]  __mem_cgroup_charge+0x28/0x90
05:57:06 executing program 1:
syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

[ 1258.639665]  do_wp_page+0x58c/0x3240
[ 1258.639694]  ? lock_acquire+0xc5/0x2f0
[ 1258.639715]  ? lock_acquire+0x18c/0x2f0
[ 1258.639736]  ? __pfx_do_wp_page+0x10/0x10
[ 1258.639762]  ? do_raw_spin_lock+0x123/0x260
[ 1258.639800]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1258.639832]  ? ___pte_offset_map+0x176/0x370
[ 1258.639857]  __handle_mm_fault+0xde1/0x3030
[ 1258.639885]  ? vma_start_read+0x25e/0x8e0
[ 1258.639917]  ? vma_start_read+0x304/0x8e0
[ 1258.639949]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1258.639986]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1258.640024]  handle_mm_fault+0x2c3/0x900
[ 1258.640051]  ? access_error+0x17d/0x380
[ 1258.640078]  do_user_addr_fault+0x4fa/0xeb0
[ 1258.640106]  exc_page_fault+0xb0/0x180
[ 1258.640127]  asm_exc_page_fault+0x26/0x30
[ 1258.640149] RIP: 0033:0x7ff98baf5d30
[ 1258.640166] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6
[ 1258.640187] RSP: 002b:00007ffc54e39030 EFLAGS: 00010246
[ 1258.640205] RAX: 00000000349f186e RBX: 00007ff98b8bf008 RCX: 0000001b2cf20000
[ 1258.640220] RDX: 0000001b2cf20040 RSI: ffffffff81b3ad10 RDI: 0000000000000000
[ 1258.640234] RBP: 0000000000000001 R08: 00000000349f186e R09: 0000001b2cf2001c
[ 1258.640248] R10: 000000000000186e R11: 00000000349f1872 R12: 0000000000000008
[ 1258.640262] R13: 00007ff98bc4f000 R14: ffffffff81b3ad10 R15: 00007ff98bc5aff0
[ 1258.640277]  ? build_open_flags+0x130/0x760
[ 1258.640306]  ? build_open_flags+0x130/0x760
[ 1258.640332]  </TASK>
[ 1258.674896] memory: usage 307200kB, limit 307200kB, failcnt 3295
[ 1258.676610] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1258.677767] Memory cgroup stats for /syz0:
[ 1258.686504] anon 131072
[ 1258.687970] file 312950784
[ 1258.688411] kernel 1490944
[ 1258.689007] kernel_stack 65536
[ 1258.689652] pagetables 147456
[ 1258.690651] sec_pagetables 0
[ 1258.691526] percpu 64
[ 1258.692323] sock 0
[ 1258.692779] vmalloc 0
[ 1258.693638] shmem 312950784
[ 1258.694589] file_mapped 0
[ 1258.695483] file_dirty 0
[ 1258.696346] file_writeback 0
[ 1258.697209] swapcached 0
[ 1258.697753] inactive_anon 306520064
[ 1258.698708] active_anon 6545408
[ 1258.699655] inactive_file 0
[ 1258.700558] active_file 0
[ 1258.701363] unevictable 0
[ 1258.702154] slab_reclaimable 947448
[ 1258.703117] slab_unreclaimable 344256
[ 1258.704326] slab 1291704
[ 1258.705137] workingset_refault_anon 0
[ 1258.705793] workingset_refault_file 1
[ 1258.706530] workingset_activate_anon 0
[ 1258.707315] workingset_activate_file 0
[ 1258.708081] workingset_restore_anon 0
[ 1258.708656] workingset_restore_file 0
[ 1258.709420] workingset_nodereclaim 0
[ 1258.710109] pgdemote_kswapd 0
[ 1258.710581] pgdemote_direct 0
[ 1258.711182] pgdemote_khugepaged 0
[ 1258.711684] pgdemote_proactive 0
[ 1258.712315] pgscan 801
[ 1258.712689] pgsteal 9
[ 1258.713226] pswpin 0
[ 1258.713579] pswpout 0
[ 1258.714085] pgscan_kswapd 0
[ 1258.714511] pgscan_direct 801
[ 1258.715106] pgscan_khugepaged 0
[ 1258.715583] pgscan_proactive 0
[ 1258.716207] pgsteal_kswapd 0
[ 1258.716652] pgsteal_direct 9
[ 1258.717235] pgsteal_khugepaged 0
[ 1258.717724] pgsteal_proactive 0
[ 1258.718340] pgfault 88813
[ 1258.718747] pgmajfault 0
[ 1258.719277] pgrefill 768
[ 1258.719672] pgactivate 3833
[ 1258.720246] pgdeactivate 768
[ 1258.720694] pglazyfree 0
[ 1258.721225] pglazyfreed 0
[ 1258.721631] swpin_zero 0
[ 1258.722160] swpout_zero 0
[ 1258.722569] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8994,uid=0
[ 1258.725033] Memory cgroup out of memory: Killed process 8994 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
05:57:06 executing program 3:
r0 = syz_mount_image$tmpfs(0x0, &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[])
mknodat$loop(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x1)
setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="f289a84f31010000438c00"/23], 0x15, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

05:57:06 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x2000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

05:57:06 executing program 2:
syz_mount_image$vfat(&(0x7f0000001a00), &(0x7f0000001a40)='./file1\x00', 0xfeffffffffffffff, 0x0, &(0x7f0000001ec0), 0x0, &(0x7f0000001fc0)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}]})

05:57:06 executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0xa, 0xb, 0x6}]}, 0x24}}, 0x0)

05:57:06 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r0, &(0x7f0000000040)=""/156, 0x9c, 0x0)
r1 = getpid()
kcmp$KCMP_EPOLL_TFD(r1, r1, 0x7, 0xffffffffffffffff, &(0x7f00000000c0))
r2 = syz_open_procfs(0x0, &(0x7f0000000980)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000040)=""/156, 0x9c, 0x2)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x1f, 0x3f, 0x3, 0x6, 0x0, 0x1f800000, 0x20204, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x8000, 0x0, @perf_config_ext={0x40, 0x9}, 0x100, 0xc0, 0x15, 0x0, 0x3, 0x0, 0x9, 0x0, 0xfffffffe}, r1, 0xb, r2, 0x1)

05:57:06 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x8}]}, 0x24}}, 0x0)

[ 1258.963367] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1258.964798] CPU: 0 UID: 0 PID: 9028 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc1-next-20250815 #1 PREEMPT(voluntary) 
[ 1258.964842] Tainted: [W]=WARN
[ 1258.964849] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1258.964863] Call Trace:
[ 1258.964871]  <TASK>
[ 1258.964880]  dump_stack_lvl+0xfa/0x120
[ 1258.964910]  dump_header+0x107/0x950
[ 1258.964943]  oom_kill_process+0x278/0xa00
[ 1258.964973]  out_of_memory+0x34b/0x1690
[ 1258.965005]  ? __pfx_perf_trace_lock_acquire+0x10/0x10
[ 1258.965033]  ? __pfx_out_of_memory+0x10/0x10
[ 1258.965068]  mem_cgroup_out_of_memory+0x164/0x190
[ 1258.965101]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1258.965139]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1258.965177]  try_charge_memcg+0x81f/0xf30
[ 1258.965210]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1258.965239]  ? get_mem_cgroup_from_objcg+0xf8/0x430
[ 1258.965265]  obj_cgroup_charge_account+0xa8/0x6e0
[ 1258.965297]  __memcg_slab_post_alloc_hook+0x33c/0x9d0
[ 1258.965329]  ? __create_object+0x59/0x80
[ 1258.965355]  kmem_cache_alloc_lru_noprof+0x328/0x3c0
[ 1258.965386]  ? lock_acquire+0x18c/0x2f0
[ 1258.965409]  ? alloc_inode+0x181/0x250
[ 1258.965435]  alloc_inode+0x181/0x250
[ 1258.965457]  path_from_stashed+0x1b2/0x660
[ 1258.965488]  ? do_raw_spin_unlock+0x53/0x220
[ 1258.965519]  ns_get_path+0x60/0x90
[ 1258.965545]  proc_ns_get_link+0x10e/0x210
[ 1258.965580]  ? __pfx_proc_ns_get_link+0x10/0x10
[ 1258.965620]  ? __pfx_proc_ns_get_link+0x10/0x10
[ 1258.965654]  step_into+0x186b/0x2030
[ 1258.965686]  ? __pfx_step_into+0x10/0x10
[ 1258.965714]  ? __pfx___up_read+0x10/0x10
[ 1258.965740]  ? __d_lookup+0x73/0x490
[ 1258.965763]  ? lock_release+0x1c7/0x290
[ 1258.965788]  path_openat+0x4a3/0x2880
[ 1258.965826]  ? __pfx_path_openat+0x10/0x10
[ 1258.965857]  ? perf_trace_lock_acquire+0xc9/0x700
[ 1258.965883]  ? __pfx_perf_trace_lock_acquire+0x10/0x10
[ 1258.965910]  do_filp_open+0x1e8/0x450
[ 1258.965941]  ? __pfx_do_filp_open+0x10/0x10
[ 1258.965972]  ? lock_acquire+0x18c/0x2f0
[ 1258.966002]  ? lock_release+0x1c7/0x290
[ 1258.966028]  ? alloc_fd+0x2c1/0x560
[ 1258.966061]  do_sys_openat2+0x104/0x1b0
[ 1258.966086]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1258.966113]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1258.966152]  __x64_sys_openat+0x142/0x200
[ 1258.966178]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1258.966211]  do_syscall_64+0xbf/0x360
[ 1258.966238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1258.966262] RIP: 0033:0x7ff98bafaa04
[ 1258.966279] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1258.966302] RSP: 002b:00007ff9890bd0b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1258.966325] RAX: ffffffffffffffda RBX: 00007ff98bc5af60 RCX: 00007ff98bafaa04
[ 1258.966341] RDX: 0000000000000000 RSI: 00007ff98bba0f82 RDI: 00000000ffffff9c
[ 1258.966355] RBP: 00007ff98bba0f82 R08: 0000000000000000 R09: 0000000000000000
[ 1258.966370] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1258.966384] R13: 00007ffc54e3909f R14: 00007ff9890bd300 R15: 0000000000022000
[ 1258.966409]  </TASK>
[ 1259.008419] memory: usage 307200kB, limit 307200kB, failcnt 3317
[ 1259.009430] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1259.010440] Memory cgroup stats for /syz0:
[ 1259.013277] anon 106496
[ 1259.014433] file 312950784
[ 1259.014931] kernel 1515520
[ 1259.015395] kernel_stack 65536
[ 1259.015956] pagetables 151552
[ 1259.016475] sec_pagetables 0
[ 1259.017009] percpu 128
[ 1259.017429] sock 0
[ 1259.017793] vmalloc 0
[ 1259.018226] shmem 312950784
[ 1259.018701] file_mapped 0
[ 1259.019209] file_dirty 0
[ 1259.019650] file_writeback 0
[ 1259.020192] swapcached 0
[ 1259.020638] inactive_anon 306475008
[ 1259.021266] active_anon 6545408
[ 1259.021800] inactive_file 0
[ 1259.022323] active_file 0
[ 1259.022773] unevictable 0
[ 1259.023253] slab_reclaimable 950768
[ 1259.023877] slab_unreclaimable 364352
[ 1259.024493] slab 1315120
[ 1259.024963] workingset_refault_anon 0
[ 1259.025581] workingset_refault_file 1
[ 1259.026260] workingset_activate_anon 0
[ 1259.026936] workingset_activate_file 0
[ 1259.027559] workingset_restore_anon 0
[ 1259.028208] workingset_restore_file 0
[ 1259.028848] workingset_nodereclaim 0
[ 1259.029448] pgdemote_kswapd 0
[ 1259.029990] pgdemote_direct 0
[ 1259.030500] pgdemote_khugepaged 0
[ 1259.031090] pgdemote_proactive 0
[ 1259.031638] pgscan 801
[ 1259.032182] pgsteal 9
[ 1259.032586] pswpin 0
[ 1259.033006] pswpout 0
[ 1259.033412] pgscan_kswapd 0
[ 1259.033921] pgscan_direct 801
[ 1259.034434] pgscan_khugepaged 0
[ 1259.034992] pgscan_proactive 0
[ 1259.035511] pgsteal_kswapd 0
[ 1259.036047] pgsteal_direct 9
[ 1259.036544] pgsteal_khugepaged 0
[ 1259.037122] pgsteal_proactive 0
[ 1259.037658] pgfault 88851
[ 1259.038150] pgmajfault 0
[ 1259.038591] pgrefill 768
[ 1259.039058] pgactivate 3833
[ 1259.039536] pgdeactivate 768
[ 1259.040070] pglazyfree 0
[ 1259.040525] pglazyfreed 0
[ 1259.041052] swpin_zero 0
[ 1259.041521] swpout_zero 0
[ 1259.042063] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9023,uid=0
[ 1259.044445] Memory cgroup out of memory: Killed process 9023 (syz-executor.0) total-vm:93420kB, anon-rss:300kB, file-rss:35512kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[ 1259.412570] audit: type=1326 audit(1755410226.760:187): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8992 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c12e7b19 code=0x0

VM DIAGNOSIS:
05:56:57  Registers:
info registers vcpu 0
RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828d2ee5 RDI=ffffffff8871d020 RBP=ffffffff8871cfe0 RSP=ffff88806ce08a08
R8 =0000000000000000 R9 =ffffed1001538046 R10=0000000000000031 R11=0000000069727020
R12=0000000000000031 R13=0000000000000010 R14=ffffffff8871cfe0 R15=ffffffff828d2ed0
RIP=ffffffff828d2f3d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000555564a77400 00000000 00000000
GS =0000 ffff8880e55e4000 00000000 00000000
LDT=0000 fffffe5a00000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000555571ef7c58 CR3=0000000016125000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=ffff8880e56e4000 RBX=0000000000000001 RCX=ffffffff84ba1147 RDX=ffffed100d9e630b
RSI=0000000000000004 RDI=ffffffff814c3484 RBP=dffffc0000000000 RSP=ffff888009717e58
R8 =0000000000000000 R9 =ffffed100d9e630a R10=ffff88806cf31853 R11=1ffff1100d9e6f7b
R12=ffffffff86439650 R13=1ffff110012e2fd2 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff84b9fe7e RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e56e4000 00000000 00000000
LDT=0000 fffffe2400000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ff372febfa0 CR3=000000000fb2e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=7465677261742e79636e656772656d65
XMM02=ffffffffffffffffffffff0f0e0d0c0b XMM03=00000000000000510065636900656300
XMM04=40404040404040404040404040404040 XMM05=5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a
XMM06=20202020202020202020202020202020 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000ffff00000000
XMM10=00000000000000000000200000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000