last executing test programs: 6.265522311s ago: executing program 0 (id=3259): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x5, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) read$auto_stats_fops_2(r1, &(0x7f0000000180)=""/170, 0xaa) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) keyctl$auto_KEYCTL_CAPABILITIES(0x1f, 0x3, 0x7, 0x7, 0xbe9) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_MEM_TABLE(r2, 0x4001af84, 0x0) ioctl$auto_VHOST_SET_OWNER(r2, 0xaf01, 0x0) 4.385312449s ago: executing program 0 (id=3272): pwrite64$auto(0xffffffffffffffff, &(0x7f0000000100)='B\x00\x00\x00\x00\x00\x00\x001\x00', 0xe, 0x7) r0 = semctl$auto(0x1, 0x7, 0x2, 0xffffffffffffff7e) r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'netdevsim0\x00', 0x0}) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000380)={0x6c, r1, 0x10, 0x70bd2b, 0x25df5bfc, {}, [@OVS_DP_ATTR_IFINDEX={0x8}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, r0}, @OVS_DP_ATTR_IFINDEX={0x8}, @OVS_DP_ATTR_USER_FEATURES={0x8}, @OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x1}, @OVS_DP_ATTR_IFINDEX={0x8, 0x9, r2}, @OVS_DP_ATTR_NAME={0xd, 0x1, '/dev/sda\x00'}, @OVS_DP_ATTR_NAME={0x6, 0x1, ':\x00'}, @OVS_DP_ATTR_IFINDEX={0x8, 0x9, r2}, @OVS_DP_ATTR_IFINDEX={0x8, 0x9, r2}]}, 0x6c}, 0x1, 0x0, 0x0, 0x24008840}, 0x4000) r3 = socket$nl_generic(0x10, 0x3, 0x10) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x4d}) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r4 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000340), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r4, 0xc004743e, 0x0) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f000001f300), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYRES32=r5], 0x1ac}}, 0x40000) ioctl$auto_PPPIOCSPASS(r4, 0x40107447, &(0x7f00000000c0)={0x4, &(0x7f0000000000)={0x31, 0xff, 0x0, @inferred=r4}}) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000240)={0x6c, 0x0, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@HWSIM_ATTR_RADIO_NAME={0x2d, 0x11, '/P\x13jE\f\xf9r\xf5\xa3\xd2\x84y\xf9*\x9b\"\x1c\xa4l-\x19\xfd\xa4\xf4y\x02\xc2\x96\xfa\x84L\x12\xcd\x83\xf7\x12\xd3\xc4\x1e]'}, @HWSIM_ATTR_PMSR_SUPPORT={0x28, 0x1a, 0x0, 0x1, [@NL80211_PMSR_ATTR_MAX_PEERS={0x8, 0x1, 0x387}, @NL80211_PMSR_ATTR_TYPE_CAPA={0x1c, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_MAX_BURSTS_EXPONENT={0x5, 0x7, 0x9}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_REQ_CIVICLOC={0x4}]}]}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4008040}, 0x40800) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x84) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0x400053, 0x9) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, r6, 0x0) r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r7) ioctl$auto_KVM_CREATE_VM(r6, 0x4040aea0, 0xb00) 4.382089246s ago: executing program 2 (id=3273): openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/loginuid\x00', 0x1a9602, 0x0) exit$auto(0x7) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) statmount$auto(0x0, &(0x7f0000000440)={0xd, 0x1, 0x401bf, 0x7352, 0x34, 0x400000000065f, 0x1ffdb, 0x40007, 0x40000000007f, 0x20000005, 0x8, 0x1, 0x6, 0x2400000004, 0xb4, 0x4, 0x6, 0x2, 0x1, 0xffb, 0xfffffff7, 0xb, 0x1, 0x203, 0x838b, 0x84, 0x6, 0x0, 0x5, 0x3, 0x200, [0x0, 0x5, 0x0, 0x0, 0x1, 0xffffffffffffffff, 0xfffffffffffffffc, 0x0, 0x400, 0x6, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x7, 0x0, 0x81, 0x5, 0x10, 0x0, 0x10, 0x1, 0xfffffffffffffffc, 0xffffffffffffffff, 0x400000000000, 0x0, 0x251, 0x3, 0x0, 0xff80000, 0x8, 0x6, 0xfffffffffffff74c, 0x0, 0x400000000000002, 0x0, 0x0, 0x0, 0x8000000, 0x100009, 0x8, 0x6]}, 0x1fe, 0x8) r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cec15\x00', 0x0, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x7ff, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5404de9641f0000000060c1", "701accf75a926ef3cf001014", "ef5ac4927ad89c5c0400"]}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(r0, r0, 0x3) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x8e40, 0x0) ioctl$auto_SNDCTL_DSP_SETFMT(r1, 0xc0045005, 0x0) ioctl$auto_SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000100)='\x00\x00') ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x2008, 0x0) mmap$auto(0x0, 0x4000002, 0xfffffff7fffffe01, 0x8051, 0x3, 0x0) syz_clone3(&(0x7f0000000100)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) openat$auto_proc_fault_inject_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/make-it-fail\x00', 0x2400, 0x0) 3.876110668s ago: executing program 0 (id=3275): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000040), 0x10400, 0x0) madvise$auto(0x0, 0xfffffffffffeffff, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) (async) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) (async) unshare$auto(0x40000080) waitid$auto_P_PGID(0x2, 0xffffffffffffffff, 0x0, 0x7, 0x0) 3.874612203s ago: executing program 3 (id=3276): unshare$auto(0x40000080) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/ipv6/conf/default/ignore_routes_with_linkdown\x00', 0x42a81, 0x0) (async) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/ipv6/conf/default/ignore_routes_with_linkdown\x00', 0x42a81, 0x0) pwrite64$auto(r0, &(0x7f0000000000)='/proc/sys/net/ipv6/coX\t/all/forwarding\x00', 0x1, 0x2) (async) pwrite64$auto(r0, &(0x7f0000000000)='/proc/sys/net/ipv6/coX\t/all/forwarding\x00', 0x1, 0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x7fffffff, 0xfffffffffffffffc, 0x0, 0x220000000000005, 0xfe0000) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r2, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000002c0)={&(0x7f0000000680)={0xa44, 0x0, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x3ec, 0x1, 0x0, 0x1, [@nested={0x2ba, 0x12b, 0x0, 0x1, [@nested={0x4, 0xe7}, @typed={0x8, 0xc8, 0x0, 0x0, @fd=r1}, @typed={0x1c, 0x51, 0x0, 0x0, @str='/proc/self/smaps_rollup\x00'}, @generic="c21f3130e7e458f98c30ccc23a17ad72bd05c1843fcf6e1e4cbf319901992720cd2705adde74678e98a218d411978d48f3ec7aa8e5c1ccdf57b385ea20750e4a4fc0d2d01d7fcdade41449b2f219af77ce0aa17af44dfb544134d8be5b738db9487535ad5e842fd32b921e0c5e4ecccf21924bccf0981048ab776f4779d2d166228a567f517db305faf7717d3c585e32b989f6a7f5a2f69f171e7e8799c39449450556c49267e88fa6d1c500e11e2db5b641e6d75efa68fc4d281036622edd0f975854", @nested={0x4, 0xa7}, @nested={0x4, 0xb4}, @generic="8349baaaca82affd360e503c5ffb6755e0ef27c598239c595d1706b7ef073dce837ebcfb1fdfb640623a58ab2d41868465e8136f1aadac13584368f89078c823bea671c3d3123d636d62a496b77b8dbde6d2829ad68d7031b59a2583e7b5af386332f69938f34ca103bb3b65160db25a37471b9584ed5b005964358d912223bd439ab8aad8b3de1c3f34c834357d16492acd00efdcd8c10a956afb9e9740278b43723f4d8101f9782504131ca7444dd29bdd11de6866d74afcf86392a0fbadc7a2a9ecefef2424e22566c12a54530e66ef9aee3932f60cc1570140c8927f9985c3a1d64e4d4897df4e993cdf0cb7e27edb27613d850524f3e1be2c", @generic="31ad5f5dc7affc1272b6d7f390f1c6054e0f2349ef39c8af32a152484cd7566dfe65af9e2df070d9277b4907d35cc0c90b0a4e8f54a5705d4cbd4ee91f9f1d582b3a2fcf7308f52f7dbfd29d0b58846cab89c976a10323234e3cdbff6a4a59105b8c4261539ca30bef5625f6253b1242663ff83943e29a770ec719ed843618605df5f6c964d859470d8c3041498d871d53ef807eb2651d96b9a0a07e043753823c47e22b66280faaffc6b873de632d30e23f6054", @typed={0x14, 0x15a, 0x0, 0x0, @ipv6=@empty}]}, @typed={0x14, 0xc6, 0x0, 0x0, @ipv6=@remote}, @generic="2fc55d1ab3bc7e9588e6254b0e7cf37a6c426eb5866f9cbd12b89222f0a21d6edbe2ab3f314d27b72e52c554f932a4a8907a72323be05641aba22b9cb625e1b59b695ecc958790de24cc96bd0d84830eb48865e4af3467fc3fc36591bd5aa5261a0e53a7013b580ef21c41b1be31b508b6a1468a834ef91f3277278b501ea64bd82715942d2efcdc672ed284216b85d220844a2b3cc946c0653b7c6a26ebbf40654c6d2bad14435011eabdb53563c150b870017298b1789fe4c2de0a387e", @generic="66d0993ad90550411296f14186785af926034514bbb3e040231a65c53db67fdbb461ddf6c618dc68467156ed43bfe216f22f5c70dcecae5a2f1bd851d70e83b8800f4fa7085362425392323f9b4f45da6efa264ee93995deb2b3"]}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0xb0, 0x1, 0x0, 0x1, [@generic="69531eafc349552bd16f71a417e700e7bf5cd992748ac930d73362997bf38c72d6c4dcdc04084d4b178ca54a0598c1cf1ff6eada9f45136785f73f7b90cf0c8aa5ac42b3008203653ce00aa33d0669a88f860ef23b8ccd43a2ee4437d9fc975f73dbca032acd92d5ef3b4d301902af1ba685f3344aec8b78c2beea1ab77473cd96039237452615daa95b96c4e7bcaf5341886ede4e5b607a115ba6c10d0d065a2111b609a4da149151122ead"]}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x2fa, 0x1, 0x0, 0x1, [@nested={0x1c0, 0xd8, 0x0, 0x1, [@generic="c696d4256d906ecb0e6d83846d016949a5d600aa871909087f1b617fb53887baceaa30dfb392883d49a451f97fb0aa1e1b10e9c258dd2f26a752c2d145975c3108e57becfe5ea26b76dcc1dd1a4e4a94537c3c748bcd804e9102a9a9359d04e6938a080aae9e58d98a48478583f75b1bc0250ea6ea070361ecfb82e10eb3f26479cbf6db82dc757f62856a5f7501eabae7d23dc1101548ffc5b9142555dffd797e1fb2a8d9ddaec520", @nested={0x4, 0x10}, @generic="320baeccf82f8b141c02cc82607cb12d16d258178348864641f8cf40d9577ccb6b8f77098ca6970400bddff50f56557ce07dd06b9c11384310af78ae5491de700ad53c1b02a0e270b979862bdac1300aee9bae", @typed={0x8, 0x151, 0x0, 0x0, @u32=0x6f7}, @nested={0x4, 0x3d}, @generic="d817b519fad7733eaba277650b28210c825b31fe36b07882e082fc32e27f67b9e9b313cb10b62b2ee8c101ba1182ab99f626a35704ca6f08de1a6b51e55db7d7740097795de7fd86ba647a8a8b0733ba6320d75a05dfd340355d4ef25a66a33f8db420aa02373fe8c51d", @nested={0x4, 0x40}, @generic="e97ea7152ec40c491be4e594c78415607f077104b3702350eabe2955a06e0edf54c6458e782f3614fc170fbb315f229b8e5280739b08b5176c7e083fc6c1", @nested={0x4}]}, @typed={0x8, 0x83, 0x0, 0x0, @u32=0x3}, @generic="c76da87335a2cff0f1db2fa1d27c", @typed={0x4, 0x8d}, @typed={0x59, 0xaa, 0x0, 0x0, @binary="46239349421ea7665d4585b4c77aacb479e4ea725bda07e57a99cdb42e6eaf02359ed46e60ab3975a585bb74bb799359724221a87874d74dff5456526f861ff02e1e64280da0aaa070b3653474596578185729391e"}, @nested={0x41, 0x20, 0x0, 0x1, [@typed={0x6, 0x11c, 0x0, 0x0, @binary="b966"}, @typed={0x8, 0x82, 0x0, 0x0, @fd}, @nested={0x4, 0xf}, @typed={0xc, 0x147, 0x0, 0x0, @u64=0xf}, @typed={0x14, 0x10d, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @typed={0x8, 0x124, 0x0, 0x0, @fd}, @generic="9a"]}, @nested={0x2b, 0x4f, 0x0, 0x1, [@generic="83deb58f8b8c7385959443", @typed={0x14, 0xa3, 0x0, 0x0, @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}}, @typed={0x8, 0x13d, 0x0, 0x0, @u32=0xfffffff8}]}, @generic="66b6c6625627730502ebc523af3f222e00b78d289eb769da1cc9bde9b74f9be49c0b0191cd73cf512f0c4233f6a76a3dd0ddd2022be9e12ee0e5e00732f0a3cf40ffc01dfd80bca319249d5d33073a05"]}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x298, 0x1, 0x0, 0x1, [@typed={0x9a, 0xcd, 0x0, 0x0, @binary="c85a5af2332d82f35c93e080ab9e5acd04409a64bfb5ceb8479b26908f6f694b48a3a7f97d5bbf4bfed1c6e5d4c0b3ae944172f379807411655360cabe9222acb10a595908600a0b348a2d997da564e6f62bedae7a796785178c83a04896036069224bd6c71e19aabbad651acdfca75c2593b8120d03cf14c3a4776153683e059953c2dc966093ab725e3f87c2463b1591ff6fb14ee9"}, @nested={0x1ed, 0x127, 0x0, 0x1, [@generic="a67bbbf6b1b0e6fa5667abd1acda049bdf62cb74507f83565a7c3aa704abfc44f4fe8c6d660bdb911dade16951d27b3e82edb33ba2681d3adc21030a840b41b12e1f7f034f468c41a795288bb4bb39b056f3fec5c29c123480078f5bce4604ab3fb244426fa34b8e50d46460cb3db4bf6b4c85ac2c7ac70b12d804c7c508086f104469b189c913477f4c72f686c6bcaab3e36c91987badd1028f9577296019feda9973c7f04a4809e73af02c214787af68fa25248ece384639e62f19f654b7e81912e9a9a6c847b1d53690b4adfbfb66085efc3f6d69423e075e667cb90eaf244d8ecec31fee24200558041a9ae7120801bc0056", @nested={0x4, 0xcf}, @nested={0x4, 0x130}, @nested={0x4, 0x10}, @typed={0x8, 0xc1, 0x0, 0x0, @u32=0x4}, @typed={0x4, 0x7e}, @generic="2f93617c6be716c555d478d069257270f1162d7b48430fed7c34f400487620bea5f7fcdf51161161235cf5ea8ae64c5157af0746e9f7e5bc141acf0dff585b9b29357170615d0b288ebd7c91ef5f716f764fa9e19ac734f1503f254f9190fb04ea4e8c72b7a4c33d6656fd912ff6afb50c070c6cf5b6b09c25b8e00a73d4f9acbae3d1b8867b3abbddeaee81b86e4fe4e494b4345a91b8779ee8ca3144cc58d6213e81d85755f578c2c7aafb10344e17ffba0dfabd2b0229a5c1a034177fb9e3b22705b625f3401a680bc835e18190f70b491f2fdd7fcca378", @nested={0x4, 0x102}]}, @typed={0x8, 0x70, 0x0, 0x0, @uid}]}]}, 0xa44}, 0x1, 0x0, 0x0, 0x4000080}, 0x0) socket(0x2c, 0x1, 0x0) (async) socket(0x2c, 0x1, 0x0) listen$auto(0x3, 0x81) (async) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) r3 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) (async) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYRES8=r3, @ANYRES16, @ANYBLOB="000000000000000000000010fa2e0f0be0c5f3c315ae5dc610c18c19edbdc0009fb5b97975fac6f30e9926bd78b10a0329dd90727197a0c8d22505c3c0b61a9c5f78cf706d41a52780fd317de69d92a02b10f87e5b816c65e8f83b4153e2fcefbe68783c4905d3c6cdc899e018b111d3222d108d113728260b15b6871ed214ae640d36a8ddfb79371ce9facf0725017160637d6cdba1b95b6e054a0f5b1ab8e861da269f8997c734a7c40e66a92d042527a47607b1666d6bafe0168e5e164eccdd4d1a44dcbb105143c564c56a4e40b143358ccaf00841c0df82bfef966a84d7bf937597d2bfd426ab2f3842785e690a305ac85659b3724b099a3722b37745876bdc2fd8939e1a622b080f24135f96426dd69a17a03859bd83f9acf1eaad720eaffd384c992b253d950635df3c2ca2f45fce31ac54b11bfe0a307865b0661352946afe32aa2266059d93f0db35f9e5bbbe3bf8e7c0915928cf577141cefa984d155d80963548da01f1f479e6ff3265690cff2e1af1321ba9a43cf185d62fd988f09b40b7f9a370f6624e2c5283a93a3838baa34a38fc70605f176571035004578cfda147ea561f9993c4f8b086fa1517d3868fac79a551666ed92174adb3a1a9a5c9b7dd"], 0x14}}, 0x24048004) madvise$auto(0x0, 0x7, 0x6) (async) madvise$auto(0x0, 0x7, 0x6) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x1, 0x0) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) r5 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) madvise$auto(0x0, 0xffffffffffff0001, 0x15) read$auto_proc_pid_maps_operations_internal(r5, &(0x7f00000020c0)=""/4093, 0xffd) (async) read$auto_proc_pid_maps_operations_internal(r5, &(0x7f00000020c0)=""/4093, 0xffd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x3, 0x5, 0x4, 0x0) setsockopt$auto(0x3, 0x0, 0xf, 0x0, 0xb) ioctl$auto_SNDCTL_TMR_SELECT(r2, 0x40045408, &(0x7f0000000040)="1ae1290db26580114fe630b3162adb5627145b8869a315ac85d7ac8512da537a67d4612d493a2f36e2a9b728c6a6") openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8401, 0x0) 3.4096717s ago: executing program 2 (id=3277): r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/manager\x00', 0x240001, 0x0) read$auto(r0, 0x0, 0xb4d3) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'batadv0\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_GET_TRANSTABLE_GLOBAL(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="edff29bd0100fddbdf25070000000800170001000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40010}, 0x4c080) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x7}, 0x2) r3 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20881, 0x0) ioctl$auto_EVIOCGRAB(r3, 0x40044590, &(0x7f0000000000)=0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r4 = open(0x0, 0x261c2, 0x84) close_range$auto(0x2, 0x8000, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) r6 = socket(0x23, 0x2, 0x657) socket$nl_generic(0x10, 0x3, 0x10) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000280)={'wg0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r8, r7, 0x4, 0x401, r6, @relative_id=0x13, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r4, 0x0, 0x3}, 0xc) bpf$auto(0x2, &(0x7f0000000500)=@bpf_attr_11={0x5, 0x8000000000000001, 0x9, 0x5, 0xf870e9f, 0x7, 0x8}, 0x9) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x8000ffff}, 0x1) 3.183767508s ago: executing program 2 (id=3278): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/SecurityFlags\x00', 0x48041, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/vxlan/parameters/udp_port\x00', 0x2400, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x6, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x1}, 0x2, 0x0) mmap$auto(0x0, 0x7, 0xe2, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = open(0x0, 0x22240, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) statx$auto(r1, 0x0, 0x1003, 0x4005, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) setsockopt$auto(0x3, 0x1, 0x1d, 0x0, 0x9) process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xffffffff}, 0x1, &(0x7f0000000280)={&(0x7f00000001c0)="a72fbcba7fadcff14c149155c3c7c4dbc1f3e4dafbd59ec5f73906cc76980446a8341052c23a26e653677f5d0f997b20e7d79e3b1630e94f46aca4d6416aa960", 0xfffffffb}, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/manager\x00', 0x82a02, 0x0) openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/events/vmalloc/free_vmap_area_noflush/filter\x00', 0x2, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) read$auto(r0, 0x0, 0x20) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3) 3.13635993s ago: executing program 3 (id=3279): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sda\x00', 0x84100, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) lseek$auto(r1, 0xfffffffffffffffe, 0x3) r2 = socket(0xf, 0x3, 0x2) r3 = syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_NCSI_CMD_SET_CHANNEL_MASK(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010029bd7000fddbdf2506000000080007000800000004000600040006000800030009000000080004000600000004000600d2a6f16e48cf616f91555635f531efe893d499813345f8014c0737123bfe348ff5c243d298fb3c2a47c791f25b55551f6adf40347b821746b9cd1874f815bfb15212b41a78ca9d509ccf1bd529e6440b61bdab1ba2b3cf605a2e2f044e25859c8bde3cb57584a22f8ddf582c23a15fe51b17aeda766a8318908e1830d5413558d30ec19f8dccaf0a3f6f8b7bad5d058f3657cfd4005ad1f7cb941c1bb78a9984872b"], 0x38}, 0x1, 0x0, 0x0, 0x48800}, 0x20000004) sendmsg$auto_NCSI_CMD_CLEAR_INTERFACE(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, r3, 0x8, 0x70bd2c, 0x25dfdbfd, {}, [@NCSI_ATTR_PACKAGE_MASK={0x8, 0x7, 0x1}, @NCSI_ATTR_CHANNEL_ID={0x8, 0x4, 0x3}, @NCSI_ATTR_MULTI_FLAG={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0xc000}, 0x8000) getsockopt$auto_SO_TIMESTAMP_OLD(r2, 0x2, 0x1d, &(0x7f0000000180)='NCSI\x00', &(0x7f0000000340)) r4 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) splice$auto(r4, 0x0, r4, 0x0, 0x0, 0x2) ioctl$auto_IOC_PR_RELEASE(r0, 0x801070cf, 0x0) 3.085403157s ago: executing program 1 (id=3280): r0 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) shmctl$auto_SHM_LOCK(0x7, 0xb, &(0x7f0000000240)={{0xfff, 0xee00, 0x0, 0x8001, 0x7, 0x9, 0xb45}, 0x400000, 0x3, 0xffffffffffffff01, 0x7ff, @inferred=0x0, @inferred, 0x3, 0x0, &(0x7f0000000080)="3b43f12eb77c6ec34ce15ece1c04dec34ba1fb92ca338c1793af46f05756b7fc98a852ff51", &(0x7f00000000c0)="a20d42b5399179f78f8c07b9bdf1109ff6e14f6ba6b78d52269e5aaa44f37bc92ecb6c03d48ba3519513ebb6a81de8a9b8d9a9911c0a7715c24d4775348e2af6c9db8d13c0ba0525adb472661f4f51838cee7c43bfd035321b08c0c6a4048bc5cb4cf709c7120b05a50b87f0271baaf2"}) r4 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/block/nbd4/sched/write2_next_rq\x00', 0x6000, 0x0) r5 = setfsuid$auto(0xee00) setreuid$auto(r5, 0x0) sendmsg$auto_OVS_FLOW_CMD_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)={0x17dc, r0, 0x1, 0x70bd25, 0x25dfdc02, {}, [@OVS_FLOW_ATTR_UFID_FLAGS={0x8, 0xa, 0x4}, @OVS_FLOW_ATTR_KEY={0x10, 0x1, 0x0, 0x1, [@nested={0xc, 0x10, 0x0, 0x1, [@typed={0x8, 0x20, 0x0, 0x0, @ipv4=@private=0xa010101}]}]}, @OVS_FLOW_ATTR_KEY={0x17af, 0x1, 0x0, 0x1, [@nested={0x1424, 0x134, 0x0, 0x1, [@nested={0x141b, 0x88, 0x0, 0x1, [@typed={0x8, 0x2c, 0x0, 0x0, @fd=r1}, @generic="ffcae99dc0f691520efee3d43ab7bc85b98cd148bb91f2e950570ab27a299b6a7cb0fca68f047be229ee3ddf958fe3d87dfae4fe1d472878e5253355a26c8cd0e05aef3a4fdfcc04ee9c86", @nested={0x121, 0xa6, 0x0, 0x1, [@typed={0x14, 0x66, 0x0, 0x0, @ipv6=@local}, @nested={0x4, 0x1e}, @generic="3faa9674783d74f9212eb66580dfe53d4314eea030f54a29ae16339d79b6aa441e6f70778d6fc4472345b166de1c7d6f391faa71a2caff38db76f6696614431a6fcb56f412fe0d1ebd5c37f254bf504dd8a2923e3c4261b15efe2713b84f618be297f9a666610320d33438fe90ec07c75e46eac16264f715b93395c02e72c9b47a71790cd32379ac148e83540482b57a8184fd7acfe59947d13448ebe54e154b9638e62d68e34ea6d247518e8447d27a4b717788c016f89cce446d57c8ffa4cc654ef4dfee288819cd5ba4b500d02d931506076547c6778cf5b79666b5210c83d750355e3b1c9f110b8408e943", @typed={0x14, 0x106, 0x0, 0x0, @ipv6=@mcast2}, @nested={0x4, 0x141}]}, @nested={0x205, 0x86, 0x0, 0x1, [@typed={0x14, 0x144, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @loopback}}, @generic="5be14381eac79aa47eede97bd9835fca137937ecc68435da78d943167c43a8b726a501bbe9ef0642477ade", @typed={0xbe, 0x46, 0x0, 0x0, @binary="81f38148f5fbe7d2602b32d7f876d7437d8f9850bebe2cdbb2a9ad2c769a56e0532add54985d3338a7fb697f7e7be1d42d508183bcb46d33684ff08bdcb4ed90a4e810e4e16a2a18e788e5813d777dd3e82e9e6b3a81c11e4213491f8e2d31d44e8df8eed89233bc40b46b06588e40b8c549951a7dddeb4d1d1193823eaf414599da3e2a4db14ed6f1ad405dcade1483f1e94faa22500048d9dd96a35e9206cc171ce5a8145dae8126b7a1d422a6bcfdde0cdd4d7d04b842404a"}, @nested={0x4, 0x7d}, @generic="e0bedd2f1d13c5bbced1b0dc7f1165aac00f85d864209e72176f812baaf6ecbb30f4014e430ebc83cccb743aa51d77bffeaac25bd542d134b989ce6ca295efae16e24f157d4d9fbe379537962cdd1c89d9490b95f08dedc2ad07c1354c9c9ff9ccf3dddc79725dc363fdff09fffe38dfd7e076e8e1f61848c04dd9b1c66b", @nested={0x4, 0x117}, @generic="7a98e7e4a8512fcc3473103564e0e7232263e77d588dbd1edc15eb3ed999f597b4556e9e9c19bcb28279c407948ab00fc6ca26220692b4c3fa135cc228c881346f387e75a5b5c362983d7f889150b8e39680afddf4ec174e9e916757209d1dc57ac386e6427a6fbca1aa722c", @typed={0x8, 0x7, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0x8, 0x5a, 0x0, 0x0, @fd=r4}]}, @nested={0x72, 0x3e, 0x0, 0x1, [@generic="9553d2bad461e67c0102ecd85d5eb5d42a912e12cc032e851360da2f8497aee59e33b959c187be600ac410a5396f7bd73e878b21006016d6e6937713b6f14ca1d9e040a7c125a4399bc1cf7d2b2970f680b777312c7b60f420bc4a31898aa1623ab6ad5ff20798ac70df5b7f95ad"]}, @nested={0x1c, 0x13, 0x0, 0x1, [@typed={0x8, 0x73, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}, @nested={0x4, 0x137}, @typed={0x8, 0x99, 0x0, 0x0, @pid=r3}, @nested={0x4, 0x113}]}, @generic="65db96803fe9535a5e79e5c9de748232340637c5ef092eaa11f25edc56d76520c7dcbda081ba3c098d14e1493f7769c7d72870f3b66f0757f178471a14d71f3b32633533161840b22f5ea8a3172e15f159e39fbb13578bfc14acb2fc27301e2a3f7cb8baf7e5cf3a2b820f44f08ff8424a537db64e0f396a26327f6f909c75c6d7e19247bfb23517ed1b46cae7e2bb227375186c4e1ae6c538e4a2e45e1ca5c0fc5e2a804f231ac71b2976d770d1c87f2949d8f7714cda3c0f9072f57b754c0d836f09d48504412d5b9399c26d3b9121cbd4acb76a8d9a0b097c6afe4cd5fc740632c351d632826dffa06b0419d1e0a1034b6dbd6f5ed4bf5a01a439620d1cefbd1fa26d0d9af176915edf5df7cbc8449d7bc7d559d9deeb0eb3e78366f83035b4aeca3e597ab93d71db1881e2e98b281adb3880c8493c7178c69256eff43acc6014a8f9850627ebed7127240e01ee6dd9c4ca8c54b336062cf2e58ee5919dd1920455cbfe704a6cc76ec4db21015e20a9b5b0c1a82a8136db17f7a8993474386392e69bbe5d27d41c9de8c488ffb8bc1562e34dd9f0bbdd1ebc10ce23db5c91e4e10b6b3f08ee48abb5e6a5d1367a0376d088bbaf62f01df6a13cd7b19f565f2e0ee70bb1cb0e61fa6f9b360620aebb885aae915fa605a143327a2d3a81f1836e6cad8cf7124ebfaf43172bcec90025e5fdb37bc9085ffdcdf3c1274e4a5a6b426585236bce51db5707718495e1a2c94b8ae371629e568b4260ee3d74a638d98d57e64b7066ab7b7e2d89d49ee4e61a38b9ac4bf95b37d39b28311b58d50de4d425d376ad1b29a42ecd804e43127de65d98bd6203d87523e3cd10652e34c2544970450a76a70e947f11bcc40268c4d2d8caca45d52d1a5b5e254a1bb2862225fc6755317be5330f4abc61361f02fc4b61d3859c0ac5b4184d63b8fd9ba73aeb1f4b95f96519a2eb3bc65f28fc38cdb675849d1ec3ca0403f45eb20dd5ef60ba802e8a80a17e9d1b9f05e52d66aae2a0b2abc4361bea3634937adf2cd27ce7869d1ba26d4495bef2bc8afc620ff6a364f886d9fca6ded787a4522776487489fc840f7d039ee3cf7b2744ca31f916ca83b51a5df770450b606cc9fcecf9e1ef2539555e6876a3cbb21fdc235c7806c803ad390e51d80b72b5f7e92bd5aa9a59ec4dfc0a827e7bc83673062c4bec3977103041e243d482da84a5d307e25b60023b05ff06cafdf44e0681c22a0830f67960d010459fe354931d47679522bc339d7981a20823bf8f6a8b3777a62d043eaf3c0034e71e7bb756acd5dd13502a5acf5c6009cc0aa232b1a28a7487c6fe891413afe9d7eaad9b1fcede215445ba9a0a5fbaca4f9b8e0e37cb72b839d30f340f0a6f30ef33ab23b4783396ae7e62dbe245339946829342bf52d27c3e672b8a38fde980687b5e0072dcafcd58203e6b88884603f218049526833c8af7f8adc27800cd0dcb2d658e01c61c631b7cd15076f8919d260fc27ea606d008ff030da89d7780e7e6be0f7b440fe499095ede6a8936705bc5066327ca22f90f15fa9faac03eea0177d48bdd79952a342e7b9647a5b976b5654e12265d328b17579dc4fe2a4ec5e97168695380916770009faf69d006b8b75cb5058fd0124ad03b3307a24ed5322dee027ef76206b36992ff0211238462d4aa953aa45c847a552b5763a8402cf51d6ccfe31855946f9bdab6fbc1de5e83f5f44d92bb2f9fe09ae557ad7e6de22a841025c8a86a95f1bdd3ec5a31590b71c5616b18de32ff3494cccd815e264319b8355148485b0cb58a79d90e657657487f79ce9401ebaea20ff654580b22fd0ce321b6e309991be1ee97cde80e7cf82e588d6dab02aaa1cc01918226b3f129a356d341faf8b33a80af34d27ff42e3a9222552b54ce6e019ae1fb185482cf81bd49576ce53bae6f7420855d6e29a7444e670416b85b59a0daf566289160cb5bd4d4add6931d86c9fb8803507fb32463a32452e70b35069f6d8bcd79a5786c7d3fc70834c07744c7fc75a6e6cd608f9bd23db06d7e462ed50de0b47f397a2253c545177f1715290257823887b766e4462cfbe869c4311ed75799a30aac7422ae6ec994d7a225d8770675bca18a4bf7ee8532a8d0b43333a10c98ead82b096e5a4059e3dc236e8b08dc47e5f72750bb864ce5c3d884faeae5803c517763237926401f69276ab4d0c9cff754b0ee636bdcc85c7eafc41ad40bd41ac2a701f718ec281e8b3991607bde377a80f35d09f924c2ead96783b94a86b6be175f5db7f117bbfb9db42bc7ab1dcff2013a84dc0a1585af615c020cbeebf96b193320e62974511a9469a5b9217504f672377808585df8fae370543a2356d1fb8c10f91c2aa44b8ae362625044ea3877e9abe42faeddd905cd6b5c8b9a3dd6116f45918d9f799c49113b4bf8dc590a3c5b4bc7df3399092b9329a57547b419af1ffc86e1b5aa2f9e6352bd44c38648573953737c7ada65cb7e9a677238224842a8c344d821291c743527c7163ae70b9f98edea4f8dd12eeaee1e817ff3055e089e49a0687db0a4b8b5a6f0d98f59805af24c384181fc1b356cfbe29a53b064b54e022f5b459561d88147582fb0c6c8a7061cd85a038ab18a89a318c460af7304470152834c12ddf73b22afdfc500102f9825c5d30f399635ca32b516754d2dc5475945a6da16f9a76645659b279fda913801419dde58ccdf88406c505aed77967899eb6a31fbb3cc3bdd680874a40606ce0b052757bdc7a1b53730d051dfcc348f3d2db3b16c263171b3a70afa0e5e5c6fde6f38d1eee1a15fc996a499b74e7164edab923a076db60127462b3f433c1d009eb0aa4558ce81856f87c3e3301115d1dfcbe0fabaa16d003f12ab393498ef287624d474f366cce1b36ef5ec47c8c01ed1670da3531646690633aa824b87969056b085afaaac8d2279d80fb1e6f324659fc15bf0f0c5af0c0f20bb115a252156d84d264acbc809a9357b8cd1bd5eb280322647b543e39567ad12a3cc3cf759fc6f520d0a99f8a1d0bf1c99c5463c62a7fb493ef95059005c34e786e04544827535bdb083a27277562a5f3aa6fbba9c3839f95a890676581819a1e72e9267f78ad6a2e58ef3e58d34bf96b38e2a631d652cc3f63f13b96556e0fedbee20d1cd6e141a37c9361b888d73bf65f6f47a788f8fc498ad2309760b0483b7199daec1a9ddf504ef3301502656616a82113fc82df9bbdb4f91e3b1e3e7bfccae1ca8fac1b50e79bdd3bf6fd95ccbace90f450835b903c34d113c78082dab4b4ef683240be5b09aa6ac7eaa6f0e7b7a5f9bfaa6931638652fde480fdfdfbe9b96fa3e2c77d91c3c3556bb4449748159dd5a9ccee59bb16e50673ffd31704bb574dc5cf69f6a81b418e42dd2b3e82c06a82a4596a29dd8cfbeaf52ad47c099abf345a12faee03dca3b1585c6fb3fce3a3645fa9384a4910246e47bf3bfaf5910006fa3c0b91194fde43b9000fb30dd0197a296aff9dc5aeef76bea21afe49e5cb49f5afb432affd230d64883980cf774291be51827b3baf44dc2dd82cdf30fe705d085b27ad02da2f07a0291b77755dda59134275a95472700a3003c2e8f5ed60f89170dd433201398163398e914b810ab7a503738ee69bfe6e40431238167c5ba476bb4e6a4f2d5b22fb29c429fd144029d68e812b778eba2146380d1b63abbbd9cb8fa4543c07dbefe60cd7f66a2a1cca70f0f0b42ba17f6d7c3bb845c1fba8d7649c544096f2562b73421b19f6638fc3c9c7ac7067824082f2a97d9e693ae512fc1d5ec532287796a3c74271fd04b92e66a07cf703b2eba00c592d51cfae0955c66516bd2cbdcce0eee24283a3b2bcd5e2123f3e0594a40c8d0f8ad0ed4a93e8ffb931f4be96488f00dbbe1cb7d63a3f00101f78c68f9228ad6a4b77f92d8ba6e9d5b4ee4643e97bf3a34ac2d2eb5e3bf6dbeec732ab7a967d21baa585f83700c88befdfd7ad51ae53034fcc543ed0072a67d39982a6026527b8979e8f0a7317c48be4c532632f6026c92a5e3e75dba34bffb44aa3ca0f9bba6bda1c557ebe2b15e11c508bc671ea4648ad63321bdccfc64e6f3011f0f0fa1b044b53e3251bd74a2d1c51abc77eab6479d174f0808cad37e7e7f48cdbd369f2f3c4e5deab52f8060a86078a11ed186d99aa65560f34a4cd654ec24b85166c27a1b53e5bb6645d113e2e0ecac708476450f065675d83b312a4bec1c411c440d0b209474f0b0072955c18e7494722f6e9b83e1da147cd483259e30f71ba813da9d547c7b7771a94520afe13457a30ea750d2e386bac81db5012200e0e7aa2212b3fae4063d2f24878026d081700ff23a67ce4b8759f72506bc829a57ec72410507df189a22f78c5a6de9a7396b5b376fd51395715d19c317956f72064874f5d4843a86b4caec2d40e739cb724d2d1afb4c5d35f6a2fc7c17d8b9a60c2fbc0a1ee1931a35093046e30a39191415b826423999596e4fdecb0eacdabf2ed9a35cefe76a1f7e15c25036886523711d7fece93b71dc20a2ed5397687360d86444323407ab50e1101e8f03471c98ada27650c78ff981f687870e55e01f259b03a3484831c96b2511034e84f76e555c42a3d3782ebdbffbadedeca4a41dc806999ca159067469748966ac965911f1527f9413504ec5744cc60a58144cf0201c6211a4d43925eede664f2483076df4ccbdb5b81136dc3520310a8e46ab730629cbb1d8c23215dd20319886219adbcd84bc74624ec0e8ab96fec5e88d5c647610328ee50e138d93274917876073e354d745df3430083067b46aaeab9bfed3adf629f694ed16f6b6957a130905d5d5b621e249a23b53dd585e220aa2ec6043d244753c0aa1ccb3814915805b14cdf82ee660d0a5c8828c4d06dccff71031cc105f12163b93a6dd36330b859eb2a92d7b1c4083e897bfdedf719edc1bf4e93b1eb7bdb118000b4538b44745fbb026a539e113ee5a8fe54919732edcd6cd0376b62219784203b57c1aaab1dc6d4d4c04956a256a237bf4accaca68d3b383eb4636a9a4e5568e6ba2ab30b30cdb6cf62ddccd8de688eae3407c64b6a2814fcff48a36e801c2c431cb5125d03934e30739e89b9bfb20734613eff29c061babbfcad3e92cd04e00a33c642207a80a093d3d99cdb4413635e0f7134df067cd898374c43b8167f2e72aed37a5e48e352cc1cf551e061c31fcbc627e0f8ca019c5886f2da293244ea91a6b787a55ae650fd6087d3d9fadabdfb56124df62d897f08340ff765a56a42902084118f2090fde49fd3f5d8d2d1287f0dcd4d92f889c776b4f3aaad84ba2c92bd913e9a1e4c0262e0350336fe3f4519964b387931353a78be6d413846fdd42fa05c82e357f125e3326e8d4a206617e74919dbc980473d6c0adddfaae589f2a27448ddae9f7d6faa083f3d820f4ace687ec9832b7c161bc8b1bc8df71d52fb9b44e658d67052778bd2450ccd9bc7af181f1c7fe12bcddd800d04081373d5526e7af887858499c75bdb01d527d40209dc518892a2c5fbc57f95d59fcdf5915705bcfd57a9c15ead4f6774081f03a7928c35f0d69b072d5e09fc8f921cfdedf63119a82b0a712c1b4a156f4ea17f5730f92c60176403e3bc1744c19afcb84bbbf6c48896ef6ea390ad4d71744568e86ad5a6abdabc69ea50eb2f7f46854211a297ea6724eec388e714d22711df47a86f5a6833736f344d1216a0047c66f7985c0051baec807ee27219fb9cc34e4293760cf470ba4fd2c8f442b4386faebdd99085babc5a94137b71c043cc91d7d96f05e", @typed={0x8, 0x33, 0x0, 0x0, @pid=r3}]}, @nested={0x4, 0x68}]}, @typed={0x4, 0x10e}, @nested={0x101, 0x52, 0x0, 0x1, [@typed={0x8, 0x7a, 0x0, 0x0, @uid=r5}, @generic="d489255fd5f2d3ed84daaa9e00ecd51c2e687ea653f665aa329e721ccb372af41901a4870a30c4a808b7cf42e50e71d6648fb8008dbeed83a0e626387062b1cb12f9e59e9002615294f174890b0a06465fe8030e288929441cb79d0f0a1acdf7dae18297d168757257a1e19c29ac3b0ecf69982242cd0487e1dcb0a18cb43b4ecb6bd0c6554325208ca7998a1b65487446a560bc0d19b2784a7f47fb0eddbbaae728e79211e5332a094b2d557f25679b607c2b166c26fa4dd9ca5832a75056289c17e923a5fc0d88509100ba59c6dc9b86c93fb7994ac7224542e8bb52bd4d54c76acb8970e8651cd56ca44f60", @typed={0x8, 0xb7, 0x0, 0x0, @uid=r2}]}, @nested={0x126, 0x90, 0x0, 0x1, [@typed={0x4, 0xbf}, @nested={0x4, 0x72}, @nested={0x4, 0x27}, @generic="89ffab8856dcf5c2d2f06ff45d6ec0528761975fbf2e631adbc9942df38a2d330abefcbdec33fdcf203314fd40ec97bad84192a82d3f05514a4152776b5a030231c5b8dcdb43b61fcee3a8c6a2dfb021be2afa48dadf0df959", @nested={0x4, 0x13d}, @nested={0x4, 0x12a}, @generic="4c14ffdeb8ce4142f326952c77dec725693ca0665b6a60e62c9d17a34c396c4235e702df891fa348daf1da30fa78bce6e046ca4526738c21bb347f9d72698949d261fc49f04e17", @generic="c2fe7ff40fc9ea40f027bce5173257afb02c0da64ecc62e83016c936b036397d542f4ef4586fcfe5ff371334ec060dbc5b0a4b08ea2d2e274abbaf25f4d3acb2eb1ef3eff146ce9612a7cf21ac496fe480546e7135c1b8793e787a147da683636e2cb60bda0e79ed193a", @nested={0x4, 0x7a}]}, @nested={0x82, 0x148, 0x0, 0x1, [@generic="de38ab9c663b8ffcdc9ba5c378fe9bacfb491d388b8188f444058ca41ec82f1b911387b3cf0be78991e5582a2e5613ad724728de5515c499bbb2eda775197a88020dd9031e871246a339c041a90cc0fc191f763441a9c3951cc12b37e49f68b830802bf5442c0b7d2b841be2b0e524e177726643239f279eeb6b7617bed0"]}, @typed={0x7a, 0x39, 0x0, 0x0, @binary="49efa610b9bb02068a275313b37b6d78a79a19eb25587571778c733d5729d2d7e1f0b48076248dcacc938dd86f6eedd0fcd82d35e3a98d5bc1b0d7bba43ce45445a8f29b799caa8bd579bf91a0a7dea4d3dbcf089480e6dd585344a9ab9a0d91a137740897fbadebe85b216b28c9290a99815fa2b810"}, @generic="3cb1670604373f37bb14ee52860a73a5a33e847399bdc6a64323fd4584da01830e780fd8e1659b1d875e0285a2f6a57af2a136c82c3331fa1c58549324e9d0269978b030c54036c5db2733344b47a90ca2661de1c33dd6"]}]}, 0x17dc}, 0x1, 0x0, 0x0, 0x1398a0584259c607}, 0x800) 2.843613948s ago: executing program 1 (id=3281): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd7\x00', 0x80000, 0x0) (async) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/ip_vs_app\x00', 0x100, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) pread64$auto(r1, 0x0, 0x40000000f428, 0x4) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) (async) sendfile$auto(r0, r0, &(0x7f0000000080)=0x7, 0x3) prctl$auto(0x39, 0x1, 0x4, 0x5, 0x7) (async) sendmsg$auto_NBD_CMD_CONNECT(r2, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010025bd7000fddbdf2503000000040007800c00020005000000000000000800010007"], 0x2c}, 0x1, 0x0, 0x0, 0x20004080}, 0x8880) (async) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) listmount$auto(&(0x7f0000000080)={0x20, @raw, 0xffffffffffffffff, 0xfffffffffffffff7}, 0x0, 0xb22, 0x1) (async) bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@tipc=@name={0x1e, 0x2, 0x2, {{0x0, 0x1}}}, 0x66) (async) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x6, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x9000, 0x8002, 0x2) mprotect$auto(0x0, 0x806121, 0x6) (async) socket(0x2, 0x3, 0xa) (async) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001b80), r4) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/zswap/parameters/enabled\x00', 0x62, 0x0) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f0000001e00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x220000c1}, 0xc0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (async) epoll_ctl$auto(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) 2.843086581s ago: executing program 3 (id=3282): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x43, 0x0) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) write$auto(r0, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00', 0x5) socket(0x2, 0x3, 0x2) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) read$auto(r1, 0x0, 0x1f40) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) 2.724069926s ago: executing program 2 (id=3283): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) (async) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f0000000100)={0x62, 0x0, 0x210000, 0x7fffffff, 0xfffffffffffffffe, 0xfffffffffffffff7, 0x80000000, 0x2000000000000e8, 0x1000000000, 0x4, 0x0, 0x8}) r0 = socket(0xf, 0x1, 0x8084) r1 = getpid() socket(0xa, 0x1, 0x84) (async) socket(0xa, 0x1, 0x84) listen$auto(0x3, 0x81) accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff) shutdown$auto(0x200000003, 0x1) process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) (async) process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) setsockopt$auto(r0, 0x10000000084, 0x9, 0x0, 0x9c) 2.679473533s ago: executing program 1 (id=3284): pwrite64$auto(0xffffffffffffffff, &(0x7f0000000100)='B\x00\x00\x00\x00\x00\x00\x001\x00', 0xe, 0x7) r0 = semctl$auto(0x1, 0x7, 0x2, 0xffffffffffffff7e) r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'netdevsim0\x00', 0x0}) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000380)={0x6c, r1, 0x10, 0x70bd2b, 0x25df5bfc, {}, [@OVS_DP_ATTR_IFINDEX={0x8}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, r0}, @OVS_DP_ATTR_IFINDEX={0x8}, @OVS_DP_ATTR_USER_FEATURES={0x8}, @OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x1}, @OVS_DP_ATTR_IFINDEX={0x8, 0x9, r2}, @OVS_DP_ATTR_NAME={0xd, 0x1, '/dev/sda\x00'}, @OVS_DP_ATTR_NAME={0x6, 0x1, ':\x00'}, @OVS_DP_ATTR_IFINDEX={0x8, 0x9, r2}, @OVS_DP_ATTR_IFINDEX={0x8, 0x9, r2}]}, 0x6c}, 0x1, 0x0, 0x0, 0x24008840}, 0x4000) r3 = socket$nl_generic(0x10, 0x3, 0x10) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x4d}) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r4 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000340), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r4, 0xc004743e, 0x0) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f000001f300), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYRES32=r5], 0x1ac}}, 0x40000) ioctl$auto_PPPIOCSPASS(r4, 0x40107447, &(0x7f00000000c0)={0x4, &(0x7f0000000000)={0x31, 0xff, 0x0, @inferred=r4}}) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000240)={0x68, 0x0, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@HWSIM_ATTR_RADIO_NAME={0x2d, 0x11, '/P\x13jE\f\xf9r\xf5\xa3\xd2\x84y\xf9*\x9b\"\x1c\xa4l-\x19\xfd\xa4\xf4y\x02\xc2\x96\xfa\x84L\x12\xcd\x83\xf7\x12\xd3\xc4\x1e]'}, @HWSIM_ATTR_PMSR_SUPPORT={0x24, 0x1a, 0x0, 0x1, [@NL80211_PMSR_ATTR_MAX_PEERS={0x8, 0x1, 0x387}, @NL80211_PMSR_ATTR_TYPE_CAPA={0x18, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_MAX_BURSTS_EXPONENT={0x5, 0x7, 0x9}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_REQ_CIVICLOC={0x4}]}]}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x4008040}, 0x40800) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x84) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0x400053, 0x9) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, r6, 0x0) r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r7) ioctl$auto_KVM_CREATE_VM(r6, 0x4040aea0, 0xb00) 2.361374356s ago: executing program 3 (id=3285): r0 = socket(0xa, 0x5, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop13\x00', 0x60742, 0x0) (async) write$auto(r0, &(0x7f0000000040)='\xff\xff\xf2\x00', 0x107ffffffc) mmap$auto(0x76dc, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) (async) timer_create$auto(0x0, 0x0, 0x0) (async) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x17) (async) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) r2 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f0000001a00), 0x801, 0x0) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) (async) mmap$auto(0x7, 0x2020006, 0x400000000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/neigh/veth1_macvtap/locktime\x00', 0x103142, 0x0) (async) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/sctp/udp_port\x00', 0x202, 0x0) sendfile$auto(r4, r3, 0x0, 0x6) io_uring_register$auto(0x2, 0x11, 0x0, 0x83) madvise$auto(0x0, 0xffffffffffff0005, 0x17) set_mempolicy_home_node$auto(0x0, 0x200fffd, 0x5, 0x0) (async) getsockopt$auto(0xffffffffffffffff, 0x11b, 0x8, 0x0, 0x0) setuid$auto(0x0) (async) write$auto_nvmf_dev_fops_fabrics(r2, 0x0, 0x0) r5 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) (async) r6 = socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_NEW_MPATH(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="3c00f300", @ANYBLOB="01002dbd7000fedbdf251700000028003880240000801e0094007a450fc0c03f8e7b5826b5d627c084be296233ebd5170fd0f3b20000"], 0x3c}, 0x1, 0x0, 0x0, 0x4404}, 0x0) (async) io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83) (async) sendmsg$auto_NL80211_CMD_LEAVE_OCB(r5, 0x0, 0x40000) 1.719693584s ago: executing program 0 (id=3286): r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x8800) sendmsg$auto_TCP_METRICS_CMD_GET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)={0x24, 0x0, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@TCP_METRICS_ATTR_ADDR_IPV4={0x8, 0x1, @rand_addr=0x64010101}, @TCP_METRICS_ATTR_ADDR_IPV4={0x8, 0x1, @multicast1}]}, 0x24}, 0x1, 0x0, 0x0, 0x14}, 0x0) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4002, 0x4}, 0x77, 0xfffffffc, 0x0, 0x62bd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/v4l-subdev0\x00', 0x0, 0x0) ioctl$auto(0xc8, 0x400454d0, r1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) arch_prctl$auto(0x5005, 0x9) ioctl$auto(0x3, 0xc0585605, r1) ioctl$auto(r1, 0x400454cc, 0x6f) r2 = bpf$auto(0x16, 0xffffffffffffffff, 0x0) bpf$auto_BPF_MAP_LOOKUP_BATCH(0x18, &(0x7f0000000240)=@bpf_attr_11={0x9, 0x5, 0x5, 0x0, 0x9, 0x7, 0x6, r2}, 0x3) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x0, 0x8, 0x70bd29, 0x25dfdbfd, {}, [@HWSIM_ATTR_RADIO_NAME={0xb, 0x11, '.&$}\\$]'}, @HWSIM_ATTR_REG_CUSTOM_REG={0x8, 0xc, 0x7}, @HWSIM_ATTR_TX_INFO={0x4}, @HWSIM_ATTR_COOKIE={0xc, 0x8, 0xc}]}, 0x38}, 0x1, 0x0, 0x0, 0x24044800}, 0x900) 1.526270955s ago: executing program 1 (id=3287): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) r0 = socket(0x8, 0x801, 0x18) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/SecurityFlags\x00', 0x48041, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/vxlan/parameters/udp_port\x00', 0x2400, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) write$auto(0xffffffffffffffff, &(0x7f0000000180)='7k\x00\x00\x00\x00X\xb9\x0e\x11\xfb\x00\x00\x00\x00&!\x8f-\xfb\xea=\xc0\\\xec\xe7D\xe5V\xf1b\xa0\x9a\xa1\x88\xb4\x96\xf5\\\xad4\t\xca\x03\xe4\x15\v]\x00'/58, 0x82) close_range$auto(r1, r2, 0x4) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="020026bd7000fedbdf25030000000810030003020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a00010000000000000000000600070001000000060007000600000008000300"], 0x68}, 0x1, 0x0, 0x0, 0x44014}, 0x40090) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x6, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x9}, 0x1}, 0x2, 0x0) mmap$auto(0x0, 0x7, 0xe2, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r3 = open(0x0, 0x22240, 0x0) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, 0x0, 0x56) statx$auto(r3, 0x0, 0x1003, 0x4005, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) setsockopt$auto(0x3, 0x1, 0x1d, 0x0, 0x9) r4 = getpid() process_vm_readv$auto(r4, &(0x7f0000000000)={0x0, 0xffffffff}, 0x1, 0x0, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/manager\x00', 0x82a02, 0x0) openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/events/vmalloc/free_vmap_area_noflush/filter\x00', 0x2, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) 1.435089038s ago: executing program 2 (id=3288): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYRES8=0x0], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x14004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) close_range$auto(0x2, 0x8, 0x0) r1 = io_uring_setup$auto(0x7, 0x0) socket(0x2, 0x1, 0x0) socket(0x21, 0x3, 0xf) r2 = epoll_create$auto(0x2) epoll_pwait2$auto(r2, 0x0, 0x9, 0x0, 0x0, 0x8) r3 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(0x5, 0x1, r3, 0x0) epoll_ctl$auto_EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000000)={0x7cc4, 0x7f}) r4 = socket(0x2, 0x0, 0x88) setsockopt$auto(r4, 0x0, 0x20, 0x0, 0x8) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x24008080}, 0x20000800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f00000003c0)={&(0x7f0000000040), 0x9}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x4040891}, 0x4000480) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000229bd70001cdddf250200"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="c9bb755341976d4eb6b5169fe014990be2890cc69f5a9ca705ed76456d963f37a272118e0e8e640557d09582b184585c1980572778f958ca7a293456ec6abdc381087a00ec6f6929c3e250212e0229d6faf8f826f39b942cac0e29c75d94e91f3e060fd2e03156cb79d4781c078c17ec2dacada43cc159194b5d60f2b2c90f5d61c4fce71326197fa771359b6fa6b645"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="19"], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x20100, 0x0) socket(0x2, 0x801, 0x106) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/0000:00:04.0/revision\x00', 0x8a080, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 1.167662685s ago: executing program 1 (id=3289): r0 = socket(0x29, 0x800, 0x0) r1 = socket(0x1d, 0x3, 0x1) setsockopt$auto(r1, 0x65, 0x1, 0x0, 0x4) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)) r3 = fcntl$auto(r2, 0x402, 0x2) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x40302, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0x1e, 0x2, 0x0) mmap$auto(0x0, 0x6, 0x80dc, 0xeb1, 0x401, 0x8006) sendmsg$auto_TCP_METRICS_CMD_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="e2003600", @ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x25, 0x5, 0x2) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) io_uring_setup$auto(0x946, 0x0) select$auto(0x10, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x4, 0xd3e, 0x1, 0x948b, 0x3, 0x800295f4da0a, 0x2, 0x3, 0x62, 0x80000001, 0x50a7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7f, 0xd, 0x1, 0x948f, 0x1005, 0x206, 0x7, 0xfffffffffffffff6, 0x7, 0x9, 0x79d, 0x6, 0x100000000000000, 0xfffffffffffffffe, 0xf]}, 0x0) open(0x0, 0x161342, 0x130) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(r3, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_vdpa(0x0, 0xffffffffffffffff) connect$auto(0x3, 0x0, 0x55) close_range$auto(0x2, 0x8, 0x0) 1.098544601s ago: executing program 0 (id=3290): ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000000)={{0x2, 0x8000, 0x2007fd, 0xfff7fffe, 0xfffff7fa}, "0dd7fd5899fb68000000000000000300"}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_PAUSE(0xffffffffffffffff, 0x54a3, 0x0) 1.051456975s ago: executing program 3 (id=3291): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/SecurityFlags\x00', 0x48041, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/vxlan/parameters/udp_port\x00', 0x2400, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x6, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x1}, 0x2, 0x0) mmap$auto(0x0, 0x7, 0xe2, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = open(0x0, 0x22240, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) statx$auto(r1, 0x0, 0x1003, 0x4005, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) setsockopt$auto(0x3, 0x1, 0x1d, 0x0, 0x9) process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xffffffff}, 0x1, &(0x7f0000000280)={&(0x7f00000001c0)="a72fbcba7fadcff14c149155c3c7c4dbc1f3e4dafbd59ec5f73906cc76980446a8341052c23a26e653677f5d0f997b20e7d79e3b1630e94f46aca4d6416aa960", 0xfffffffb}, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/manager\x00', 0x82a02, 0x0) openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/events/vmalloc/free_vmap_area_noflush/filter\x00', 0x2, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) read$auto(r0, 0x0, 0x20) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3) 651.633702ms ago: executing program 0 (id=3292): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/batman_adv/parameters/routing_algo\x00', 0x8182, 0x0) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) getrlimit$auto(0x3, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/suspend_stats/failed_freeze\x00', 0x123000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)=""/48, 0x30) fdatasync$auto(r0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) shutdown$auto(0x200000003, 0x2) socket(0x15, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_BLKZEROOUT(r2, 0x127f, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x1102, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x8000000000000000, 0x15) r3 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r3, 0xffffffffffdffe00, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 576.161903ms ago: executing program 3 (id=3293): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x43, 0x0) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) write$auto(r0, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00', 0x5) rseq$auto(&(0x7f00000004c0)={0x12, 0x401, 0x3, 0x6, 0xfffffeff, 0x2}, 0x8002, 0x0, 0x8) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) read$auto(r1, 0x0, 0x1f40) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) 292.781599ms ago: executing program 2 (id=3294): mmap$auto(0x0, 0x400008, 0x6, 0x209b72, 0x2, 0x1000000008000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_freeze_timeout\x00', 0x8242, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0x11, 0x80000, 0x9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) fspick$auto(0xffffffffffffffff, 0x0, 0x9) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) open(0x0, 0x161342, 0x130) r1 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0) pread64$auto(r1, 0x0, 0x101, 0x103) read$auto_mon_fops_text_t_mon_text(r1, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) write$auto(r0, 0x0, 0x100000a3d7) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2062, 0x0) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000840)=ANY=[@ANYRESDEC=0x0, @ANYRESOCT=0x0, @ANYRESOCT, @ANYRES32=0x0, @ANYRESDEC, @ANYRES32=0x0, @ANYBLOB, @ANYRESOCT=r0, @ANYRESOCT, @ANYRES16, @ANYRES64=r2, @ANYRES16], 0xb4}}, 0x20000054) write$auto(r2, 0x0, 0xff) madvise$auto(0x0, 0x8, 0x15) unshare$auto(0x40000080) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/net/rt_cache\x00', 0x2000, 0x0) openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000400), 0x181040, 0x0) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r3, &(0x7f0000001bc0)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb133", 0x930) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, &(0x7f0000001480)='/proc/thread-self/gid_map\x00', 0x0, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x20c002, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptytf\x00', 0x109401, 0x0) 0s ago: executing program 1 (id=3295): pwrite64$auto(0xffffffffffffffff, &(0x7f0000000100)='B\x00\x00\x00\x00\x00\x00\x001\x00', 0xe, 0x7) r0 = semctl$auto(0x1, 0x7, 0x2, 0xffffffffffffff7e) r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'netdevsim0\x00', 0x0}) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000380)={0x6c, r1, 0x10, 0x70bd2b, 0x25df5bfc, {}, [@OVS_DP_ATTR_IFINDEX={0x8}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, r0}, @OVS_DP_ATTR_IFINDEX={0x8}, @OVS_DP_ATTR_USER_FEATURES={0x8}, @OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x1}, @OVS_DP_ATTR_IFINDEX={0x8, 0x9, r2}, @OVS_DP_ATTR_NAME={0xd, 0x1, '/dev/sda\x00'}, @OVS_DP_ATTR_NAME={0x6, 0x1, ':\x00'}, @OVS_DP_ATTR_IFINDEX={0x8, 0x9, r2}, @OVS_DP_ATTR_IFINDEX={0x8, 0x9, r2}]}, 0x6c}, 0x1, 0x0, 0x0, 0x24008840}, 0x4000) r3 = socket$nl_generic(0x10, 0x3, 0x10) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x4d}) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r4 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000340), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r4, 0xc004743e, 0x0) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f000001f300), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYRES32=r5], 0x1ac}}, 0x40000) ioctl$auto_PPPIOCSPASS(r4, 0x40107447, &(0x7f00000000c0)={0x4, &(0x7f0000000000)={0x31, 0xff, 0x0, @inferred=r4}}) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000240)={0x68, 0x0, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@HWSIM_ATTR_RADIO_NAME={0x2d, 0x11, '/P\x13jE\f\xf9r\xf5\xa3\xd2\x84y\xf9*\x9b\"\x1c\xa4l-\x19\xfd\xa4\xf4y\x02\xc2\x96\xfa\x84L\x12\xcd\x83\xf7\x12\xd3\xc4\x1e]'}, @HWSIM_ATTR_PMSR_SUPPORT={0x24, 0x1a, 0x0, 0x1, [@NL80211_PMSR_ATTR_MAX_PEERS={0x8, 0x1, 0x387}, @NL80211_PMSR_ATTR_TYPE_CAPA={0x18, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_MAX_BURSTS_EXPONENT={0x5, 0x7, 0x9}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_REQ_CIVICLOC={0x4}]}]}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x4008040}, 0x40800) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x84) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0x400053, 0x9) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, r6, 0x0) r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r7) ioctl$auto_KVM_CREATE_VM(r6, 0x4040aea0, 0xb00) kernel console output (not intermixed with test programs): T5830] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 107.292568][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.312092][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.376699][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.397342][ T5826] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.408340][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.415826][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.444696][ T58] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.451949][ T58] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.481683][ T58] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.488904][ T58] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.500031][ T58] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.507184][ T58] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.541591][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.626277][ T5823] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.664566][ T58] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.671953][ T58] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.696746][ T3509] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.704020][ T3509] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.756857][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.863198][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.906190][ T1114] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.913509][ T1114] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.949363][ T5825] Bluetooth: hci0: command tx timeout [ 107.959240][ T51] Bluetooth: hci2: command tx timeout [ 107.974532][ T1114] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.981793][ T1114] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.030212][ T51] Bluetooth: hci3: command tx timeout [ 108.039454][ T51] Bluetooth: hci1: command tx timeout [ 108.247900][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.327788][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.454358][ T5831] veth0_vlan: entered promiscuous mode [ 108.464969][ T5826] veth0_vlan: entered promiscuous mode [ 108.501811][ T5826] veth1_vlan: entered promiscuous mode [ 108.514229][ T5831] veth1_vlan: entered promiscuous mode [ 108.545060][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.624910][ T5826] veth0_macvtap: entered promiscuous mode [ 108.635982][ T5831] veth0_macvtap: entered promiscuous mode [ 108.648462][ T5826] veth1_macvtap: entered promiscuous mode [ 108.661022][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.675218][ T5831] veth1_macvtap: entered promiscuous mode [ 108.721128][ T5823] veth0_vlan: entered promiscuous mode [ 108.752680][ T5823] veth1_vlan: entered promiscuous mode [ 108.764881][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.790382][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.807583][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.831613][ T1089] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.842108][ T1089] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.859494][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.889416][ T49] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.906080][ T5830] veth0_vlan: entered promiscuous mode [ 108.918905][ T49] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.932666][ T5830] veth1_vlan: entered promiscuous mode [ 109.000600][ T49] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.009978][ T49] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.023373][ T5823] veth0_macvtap: entered promiscuous mode [ 109.034534][ T5823] veth1_macvtap: entered promiscuous mode [ 109.047169][ T49] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.057807][ T49] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.107043][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.164925][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.224457][ T1114] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.235899][ T1114] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.251900][ T1089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.274358][ T1114] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.279609][ T1089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.289372][ T1114] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.302167][ T5830] veth0_macvtap: entered promiscuous mode [ 109.323847][ T5830] veth1_macvtap: entered promiscuous mode [ 109.338405][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.347031][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.392039][ T1114] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.411592][ T1114] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.484750][ T1089] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.494224][ T1089] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.524502][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.535005][ T5826] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 109.559969][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.600667][ T1114] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.615029][ T1114] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.649420][ T1114] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.661175][ T1114] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.673467][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.699196][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.889945][ T1114] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.900286][ T1114] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.015257][ T1089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.030101][ T51] Bluetooth: hci2: command tx timeout [ 110.032847][ T5825] Bluetooth: hci0: command tx timeout [ 110.066245][ T1089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.110407][ T5825] Bluetooth: hci1: command tx timeout [ 110.111725][ T51] Bluetooth: hci3: command tx timeout [ 110.129042][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 110.129458][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 110.214289][ T5915] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1'. [ 110.254924][ T1114] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.271640][ T5908] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 110.283424][ T1114] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.291489][ T5915] bridge_slave_1: left allmulticast mode [ 110.309146][ T5915] bridge_slave_1: left promiscuous mode [ 110.334645][ T5915] bridge0: port 2(bridge_slave_1) entered disabled state [ 110.369331][ T5912] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 110.412946][ T5915] bridge_slave_0: left allmulticast mode [ 110.429263][ T5915] bridge_slave_0: left promiscuous mode [ 110.435332][ T5915] bridge0: port 1(bridge_slave_0) entered disabled state [ 110.509585][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 110.569918][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 110.682167][ T5915] Zero length message leads to an empty skb [ 110.926209][ T5922] debugfs: '!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' already exists in 'ieee80211' [ 111.273523][ T5931] debugfs: '!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' already exists in 'ieee80211' [ 112.053954][ T5934] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 112.119392][ T51] Bluetooth: hci0: command tx timeout [ 112.124879][ T51] Bluetooth: hci2: command tx timeout [ 112.189317][ T51] Bluetooth: hci1: command tx timeout [ 112.194803][ T51] Bluetooth: hci3: command tx timeout [ 112.291407][ T5940] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 112.317188][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 112.326328][ T5941] netlink: 186 bytes leftover after parsing attributes in process `syz.2.7'. [ 112.371855][ T5940] CPU: 1 UID: 0 PID: 5940 Comm: syz.1.9 Not tainted syzkaller #0 PREEMPT(full) [ 112.371900][ T5940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 112.371928][ T5940] Call Trace: [ 112.371939][ T5940] [ 112.371952][ T5940] dump_stack_lvl+0x100/0x190 [ 112.372017][ T5940] sysfs_warn_dup.cold+0x1c/0x28 [ 112.372063][ T5940] sysfs_do_create_link_sd+0x113/0x140 [ 112.372111][ T5940] sysfs_create_link+0x61/0xc0 [ 112.372155][ T5940] device_add+0x675/0x1950 [ 112.372199][ T5940] ? __pfx_device_add+0x10/0x10 [ 112.372231][ T5940] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 112.372279][ T5940] ? ieee80211_set_bitrate_flags+0x41b/0x6b0 [ 112.372339][ T5940] wiphy_register+0x1e5b/0x2d30 [ 112.372371][ T5940] ? __rtnl_unlock+0xb9/0xf0 [ 112.372402][ T5940] ? netdev_run_todo+0x7d0/0x12c0 [ 112.372464][ T5940] ? __pfx_wiphy_register+0x10/0x10 [ 112.372489][ T5940] ? __asan_memset+0x23/0x50 [ 112.372527][ T5940] ? minstrel_ht_alloc+0x5e6/0x7f0 [ 112.372561][ T5940] ieee80211_register_hw+0x2cfd/0x4140 [ 112.372599][ T5940] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 112.372622][ T5940] ? __pfx___debug_object_init+0x10/0x10 [ 112.372666][ T5940] ? find_held_lock+0x2b/0x80 [ 112.372697][ T5940] ? net_generic+0xea/0x2a0 [ 112.372723][ T5940] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 112.372757][ T5940] ? __hrtimer_setup+0x178/0x280 [ 112.372784][ T5940] mac80211_hwsim_new_radio+0x2847/0x57d0 [ 112.372838][ T5940] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 112.372879][ T5940] hwsim_new_radio_nl+0xc1f/0x1340 [ 112.372913][ T5940] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 112.372953][ T5940] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 112.372987][ T5940] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 112.373020][ T5940] genl_family_rcv_msg_doit+0x214/0x300 [ 112.373049][ T5940] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 112.373075][ T5940] ? genl_get_cmd+0x3ef/0x720 [ 112.373105][ T5940] ? bpf_lsm_capable+0x9/0x10 [ 112.373136][ T5940] ? security_capable+0x80/0x260 [ 112.373173][ T5940] ? ns_capable+0xd2/0xf0 [ 112.373208][ T5940] genl_rcv_msg+0x560/0x800 [ 112.373236][ T5940] ? __pfx_genl_rcv_msg+0x10/0x10 [ 112.373262][ T5940] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 112.373304][ T5940] netlink_rcv_skb+0x159/0x420 [ 112.373343][ T5940] ? __pfx_genl_rcv_msg+0x10/0x10 [ 112.373369][ T5940] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 112.373420][ T5940] ? netlink_deliver_tap+0x1ae/0xcc0 [ 112.373460][ T5940] genl_rcv+0x28/0x40 [ 112.373481][ T5940] netlink_unicast+0x5aa/0x870 [ 112.373523][ T5940] ? __pfx_netlink_unicast+0x10/0x10 [ 112.373560][ T5940] ? __pfx___might_resched+0x10/0x10 [ 112.373587][ T5940] ? __lock_acquire+0x4a5/0x2630 [ 112.373619][ T5940] netlink_sendmsg+0x8b0/0xda0 [ 112.373661][ T5940] ? __pfx_netlink_sendmsg+0x10/0x10 [ 112.373698][ T5940] ? __import_iovec+0x1d2/0x640 [ 112.373729][ T5940] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 112.373771][ T5940] ____sys_sendmsg+0xa54/0xc30 [ 112.373799][ T5940] ? __pfx_____sys_sendmsg+0x10/0x10 [ 112.373831][ T5940] ? __pfx_futex_wake_mark+0x10/0x10 [ 112.373864][ T5940] ___sys_sendmsg+0x190/0x1e0 [ 112.373893][ T5940] ? __pfx____sys_sendmsg+0x10/0x10 [ 112.373955][ T5940] __sys_sendmsg+0x170/0x220 [ 112.373998][ T5940] ? __pfx___sys_sendmsg+0x10/0x10 [ 112.374033][ T5940] ? __x64_sys_futex+0x34f/0x4d0 [ 112.374074][ T5940] do_syscall_64+0x106/0xf80 [ 112.374109][ T5940] ? clear_bhb_loop+0x40/0x90 [ 112.374138][ T5940] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 112.374162][ T5940] RIP: 0033:0x7f14c459bf79 [ 112.374189][ T5940] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 112.374212][ T5940] RSP: 002b:00007f14c5412028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 112.374235][ T5940] RAX: ffffffffffffffda RBX: 00007f14c4815fa0 RCX: 00007f14c459bf79 [ 112.374250][ T5940] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 112.374265][ T5940] RBP: 00007f14c46327e0 R08: 0000000000000000 R09: 0000000000000000 [ 112.374279][ T5940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 112.374293][ T5940] R13: 00007f14c4816038 R14: 00007f14c4815fa0 R15: 00007ffe78c15988 [ 112.374324][ T5940] [ 112.530475][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 112.886786][ T5945] vivid-007: ================= START STATUS ================= [ 112.943291][ T5945] vivid-007: Generate PTS: true [ 112.993423][ T5945] vivid-007: Generate SCR: true [ 113.009954][ T5945] tpg source WxH: 320x240 (Y'CbCr) [ 113.035381][ T5945] tpg field: 1 [ 113.051453][ T5945] tpg crop: (0,0)/320x240 [ 113.081046][ T5945] tpg compose: (0,0)/320x240 [ 113.107338][ T5945] tpg colorspace: 8 [ 113.127625][ T5945] tpg transfer function: 0/0 [ 113.137173][ T5945] tpg Y'CbCr encoding: 0/0 [ 113.205089][ T5945] tpg quantization: 0/0 [ 113.245629][ T5945] tpg RGB range: 0/2 [ 113.275914][ T5945] vivid-007: ================== END STATUS ================== [ 113.295259][ T5948] FAULT_INJECTION: forcing a failure. [ 113.295259][ T5948] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 113.312856][ T5950] FAULT_INJECTION: forcing a failure. [ 113.312856][ T5950] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 113.327513][ T5950] CPU: 0 UID: 0 PID: 5950 Comm: syz.0.11 Not tainted syzkaller #0 PREEMPT(full) [ 113.327545][ T5950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 113.327558][ T5950] Call Trace: [ 113.327566][ T5950] [ 113.327575][ T5950] dump_stack_lvl+0x100/0x190 [ 113.327612][ T5950] should_fail_ex.cold+0x5/0xa [ 113.327638][ T5950] _copy_from_user+0x2e/0xd0 [ 113.327664][ T5950] copy_mount_options+0x76/0x190 [ 113.327701][ T5950] __x64_sys_mount+0x1ab/0x310 [ 113.327739][ T5950] ? __pfx___x64_sys_mount+0x10/0x10 [ 113.327777][ T5950] do_syscall_64+0x106/0xf80 [ 113.327812][ T5950] ? clear_bhb_loop+0x40/0x90 [ 113.327840][ T5950] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.327864][ T5950] RIP: 0033:0x7f74b219bf79 [ 113.327882][ T5950] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 113.327904][ T5950] RSP: 002b:00007f74b308f028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 113.327926][ T5950] RAX: ffffffffffffffda RBX: 00007f74b2415fa0 RCX: 00007f74b219bf79 [ 113.327941][ T5950] RDX: 0000200000000240 RSI: 0000000000000000 RDI: 0000200000000180 [ 113.327956][ T5950] RBP: 00007f74b22327e0 R08: 0000200000000280 R09: 0000000000000000 [ 113.327972][ T5950] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 113.327986][ T5950] R13: 00007f74b2416038 R14: 00007f74b2415fa0 R15: 00007ffcd4499f68 [ 113.328016][ T5950] [ 113.539243][ T5948] CPU: 0 UID: 0 PID: 5948 Comm: syz.3.10 Not tainted syzkaller #0 PREEMPT(full) [ 113.539288][ T5948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 113.539306][ T5948] Call Trace: [ 113.539316][ T5948] [ 113.539328][ T5948] dump_stack_lvl+0x100/0x190 [ 113.539378][ T5948] should_fail_ex.cold+0x5/0xa [ 113.539413][ T5948] _copy_from_iter+0x1f4/0x1690 [ 113.539453][ T5948] ? __asan_memset+0x23/0x50 [ 113.539505][ T5948] ? __pfx__copy_from_iter+0x10/0x10 [ 113.539543][ T5948] ? __pfx___alloc_skb+0x10/0x10 [ 113.539599][ T5948] ? netlink_autobind.isra.0+0x219/0x370 [ 113.539654][ T5948] ? __sanitizer_cov_trace_pc+0xb/0x70 [ 113.539709][ T5948] netlink_sendmsg+0x808/0xda0 [ 113.539768][ T5948] ? __pfx_netlink_sendmsg+0x10/0x10 [ 113.539824][ T5948] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 113.539881][ T5948] __sys_sendto+0x4aa/0x520 [ 113.539928][ T5948] ? __pfx___sys_sendto+0x10/0x10 [ 113.540004][ T5948] ? xfd_validate_state+0x129/0x190 [ 113.540052][ T5948] __x64_sys_sendto+0xe0/0x1c0 [ 113.540093][ T5948] ? do_syscall_64+0x95/0xf80 [ 113.540141][ T5948] ? lockdep_hardirqs_on+0x78/0x100 [ 113.540188][ T5948] do_syscall_64+0x106/0xf80 [ 113.540233][ T5948] ? clear_bhb_loop+0x40/0x90 [ 113.540272][ T5948] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.540305][ T5948] RIP: 0033:0x7f6b7fb5c84e [ 113.540330][ T5948] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 113.540361][ T5948] RSP: 002b:00007f6b80a19e88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 113.540393][ T5948] RAX: ffffffffffffffda RBX: 00007f6b80a1b6c0 RCX: 00007f6b7fb5c84e [ 113.540414][ T5948] RDX: 0000000000000020 RSI: 00007f6b80a1a000 RDI: 0000000000000006 [ 113.540434][ T5948] RBP: 0000000000000000 R08: 00007f6b80a19f04 R09: 000000000000000c [ 113.540454][ T5948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 113.540474][ T5948] R13: 00007f6b80a19f58 R14: 00007f6b80a1a000 R15: 0000000000000000 [ 113.540516][ T5948] [ 113.870077][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 114.029295][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 114.081479][ T5958] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 114.130708][ T5958] CPU: 0 UID: 0 PID: 5958 Comm: syz.1.12 Not tainted syzkaller #0 PREEMPT(full) [ 114.130754][ T5958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 114.130774][ T5958] Call Trace: [ 114.130792][ T5958] [ 114.130806][ T5958] dump_stack_lvl+0x100/0x190 [ 114.130858][ T5958] sysfs_warn_dup.cold+0x1c/0x28 [ 114.130903][ T5958] sysfs_do_create_link_sd+0x113/0x140 [ 114.130951][ T5958] sysfs_create_link+0x61/0xc0 [ 114.130994][ T5958] device_add+0x675/0x1950 [ 114.131031][ T5958] ? __pfx_device_add+0x10/0x10 [ 114.131063][ T5958] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 114.131111][ T5958] ? ieee80211_set_bitrate_flags+0x41b/0x6b0 [ 114.131170][ T5958] wiphy_register+0x1e5b/0x2d30 [ 114.131200][ T5958] ? __rtnl_unlock+0xb9/0xf0 [ 114.131230][ T5958] ? netdev_run_todo+0x7d0/0x12c0 [ 114.131290][ T5958] ? __pfx_wiphy_register+0x10/0x10 [ 114.131325][ T5958] ? __asan_memset+0x23/0x50 [ 114.131376][ T5958] ? minstrel_ht_alloc+0x5e6/0x7f0 [ 114.131426][ T5958] ieee80211_register_hw+0x2cfd/0x4140 [ 114.131480][ T5958] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 114.131514][ T5958] ? __pfx___debug_object_init+0x10/0x10 [ 114.131573][ T5958] ? find_held_lock+0x2b/0x80 [ 114.131618][ T5958] ? net_generic+0xea/0x2a0 [ 114.131651][ T5958] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 114.131697][ T5958] ? __hrtimer_setup+0x178/0x280 [ 114.131736][ T5958] mac80211_hwsim_new_radio+0x2847/0x57d0 [ 114.131816][ T5958] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 114.131876][ T5958] hwsim_new_radio_nl+0xc1f/0x1340 [ 114.131925][ T5958] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 114.131982][ T5958] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 114.132029][ T5958] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 114.132082][ T5958] genl_family_rcv_msg_doit+0x214/0x300 [ 114.132123][ T5958] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 114.132158][ T5958] ? genl_get_cmd+0x3ef/0x720 [ 114.132201][ T5958] ? bpf_lsm_capable+0x9/0x10 [ 114.132244][ T5958] ? security_capable+0x80/0x260 [ 114.132289][ T5958] ? ns_capable+0xd2/0xf0 [ 114.132331][ T5958] genl_rcv_msg+0x560/0x800 [ 114.132364][ T5958] ? __pfx_genl_rcv_msg+0x10/0x10 [ 114.132395][ T5958] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 114.132444][ T5958] netlink_rcv_skb+0x159/0x420 [ 114.132490][ T5958] ? __pfx_genl_rcv_msg+0x10/0x10 [ 114.132521][ T5958] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 114.132581][ T5958] ? netlink_deliver_tap+0x1ae/0xcc0 [ 114.132629][ T5958] genl_rcv+0x28/0x40 [ 114.132653][ T5958] netlink_unicast+0x5aa/0x870 [ 114.132703][ T5958] ? __pfx_netlink_unicast+0x10/0x10 [ 114.132746][ T5958] ? __pfx___might_resched+0x10/0x10 [ 114.132779][ T5958] ? __lock_acquire+0x4a5/0x2630 [ 114.132824][ T5958] netlink_sendmsg+0x8b0/0xda0 [ 114.132876][ T5958] ? __pfx_netlink_sendmsg+0x10/0x10 [ 114.132919][ T5958] ? __import_iovec+0x1d2/0x640 [ 114.132954][ T5958] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 114.133003][ T5958] ____sys_sendmsg+0xa54/0xc30 [ 114.133037][ T5958] ? __pfx_____sys_sendmsg+0x10/0x10 [ 114.133073][ T5958] ? kasan_quarantine_put+0x104/0x240 [ 114.133100][ T5958] ? lockdep_hardirqs_on+0x78/0x100 [ 114.133148][ T5958] ___sys_sendmsg+0x190/0x1e0 [ 114.133182][ T5958] ? __pfx____sys_sendmsg+0x10/0x10 [ 114.133214][ T5958] ? tomoyo_path_number_perm+0x188/0x580 [ 114.133283][ T5958] __sys_sendmsg+0x170/0x220 [ 114.133326][ T5958] ? __pfx___sys_sendmsg+0x10/0x10 [ 114.133366][ T5958] ? rcu_is_watching+0x12/0xc0 [ 114.133410][ T5958] ? kcov_ioctl+0x16a/0x720 [ 114.133446][ T5958] ? fput+0x79/0x100 [ 114.133485][ T5958] do_syscall_64+0x106/0xf80 [ 114.133526][ T5958] ? clear_bhb_loop+0x40/0x90 [ 114.133562][ T5958] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.133589][ T5958] RIP: 0033:0x7f14c459bf79 [ 114.133614][ T5958] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 114.133641][ T5958] RSP: 002b:00007f14c53d0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 114.133667][ T5958] RAX: ffffffffffffffda RBX: 00007f14c4816180 RCX: 00007f14c459bf79 [ 114.133686][ T5958] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 114.133704][ T5958] RBP: 00007f14c46327e0 R08: 0000000000000000 R09: 0000000000000000 [ 114.133721][ T5958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 114.133738][ T5958] R13: 00007f14c4816218 R14: 00007f14c4816180 R15: 00007ffe78c15988 [ 114.133774][ T5958] [ 115.021028][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 115.799173][ T0] NOHZ tick-stop error: local softirq work is pending, handler #242!!! [ 115.852371][ T5968] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 115.921150][ T5968] CPU: 1 UID: 0 PID: 5968 Comm: syz.2.15 Not tainted syzkaller #0 PREEMPT(full) [ 115.921193][ T5968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 115.921212][ T5968] Call Trace: [ 115.921223][ T5968] [ 115.921234][ T5968] dump_stack_lvl+0x100/0x190 [ 115.921279][ T5968] sysfs_warn_dup.cold+0x1c/0x28 [ 115.921319][ T5968] sysfs_do_create_link_sd+0x113/0x140 [ 115.921359][ T5968] sysfs_create_link+0x61/0xc0 [ 115.921395][ T5968] device_add+0x675/0x1950 [ 115.921427][ T5968] ? __pfx_device_add+0x10/0x10 [ 115.921451][ T5968] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 115.921491][ T5968] ? ieee80211_set_bitrate_flags+0x41b/0x6b0 [ 115.921541][ T5968] wiphy_register+0x1e5b/0x2d30 [ 115.921567][ T5968] ? __rtnl_unlock+0xb9/0xf0 [ 115.921593][ T5968] ? netdev_run_todo+0x7d0/0x12c0 [ 115.921643][ T5968] ? __pfx_wiphy_register+0x10/0x10 [ 115.921680][ T5968] ? __asan_memset+0x23/0x50 [ 115.921725][ T5968] ? minstrel_ht_alloc+0x5e6/0x7f0 [ 115.921770][ T5968] ieee80211_register_hw+0x2cfd/0x4140 [ 115.921816][ T5968] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 115.921844][ T5968] ? __pfx___debug_object_init+0x10/0x10 [ 115.921896][ T5968] ? find_held_lock+0x2b/0x80 [ 115.921932][ T5968] ? net_generic+0xea/0x2a0 [ 115.921960][ T5968] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 115.921999][ T5968] ? __hrtimer_setup+0x178/0x280 [ 115.922032][ T5968] mac80211_hwsim_new_radio+0x2847/0x57d0 [ 115.922092][ T5968] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 115.922140][ T5968] hwsim_new_radio_nl+0xc1f/0x1340 [ 115.922181][ T5968] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 115.922228][ T5968] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 115.922261][ T5968] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 115.922299][ T5968] genl_family_rcv_msg_doit+0x214/0x300 [ 115.922333][ T5968] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 115.922363][ T5968] ? genl_get_cmd+0x3ef/0x720 [ 115.922398][ T5968] ? bpf_lsm_capable+0x9/0x10 [ 115.922436][ T5968] ? security_capable+0x80/0x260 [ 115.922479][ T5968] ? ns_capable+0xd2/0xf0 [ 115.922521][ T5968] genl_rcv_msg+0x560/0x800 [ 115.922554][ T5968] ? __pfx_genl_rcv_msg+0x10/0x10 [ 115.922584][ T5968] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 115.922633][ T5968] netlink_rcv_skb+0x159/0x420 [ 115.922688][ T5968] ? __pfx_genl_rcv_msg+0x10/0x10 [ 115.922719][ T5968] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 115.922780][ T5968] ? netlink_deliver_tap+0x1ae/0xcc0 [ 115.922829][ T5968] genl_rcv+0x28/0x40 [ 115.922853][ T5968] netlink_unicast+0x5aa/0x870 [ 115.922902][ T5968] ? __pfx_netlink_unicast+0x10/0x10 [ 115.922945][ T5968] ? __pfx___might_resched+0x10/0x10 [ 115.922978][ T5968] ? __lock_acquire+0x4a5/0x2630 [ 115.923015][ T5968] netlink_sendmsg+0x8b0/0xda0 [ 115.923065][ T5968] ? __pfx_netlink_sendmsg+0x10/0x10 [ 115.923108][ T5968] ? __import_iovec+0x1d2/0x640 [ 115.923143][ T5968] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 115.923197][ T5968] ____sys_sendmsg+0xa54/0xc30 [ 115.923232][ T5968] ? __pfx_____sys_sendmsg+0x10/0x10 [ 115.923269][ T5968] ? kasan_quarantine_put+0x104/0x240 [ 115.923298][ T5968] ? lockdep_hardirqs_on+0x78/0x100 [ 115.923346][ T5968] ___sys_sendmsg+0x190/0x1e0 [ 115.923380][ T5968] ? __pfx____sys_sendmsg+0x10/0x10 [ 115.923413][ T5968] ? tomoyo_path_number_perm+0x188/0x580 [ 115.923482][ T5968] __sys_sendmsg+0x170/0x220 [ 115.923524][ T5968] ? __pfx___sys_sendmsg+0x10/0x10 [ 115.923564][ T5968] ? rcu_is_watching+0x12/0xc0 [ 115.923608][ T5968] ? kcov_ioctl+0x16a/0x720 [ 115.923643][ T5968] ? fput+0x79/0x100 [ 115.923691][ T5968] do_syscall_64+0x106/0xf80 [ 115.923734][ T5968] ? clear_bhb_loop+0x40/0x90 [ 115.923768][ T5968] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 115.923795][ T5968] RIP: 0033:0x7f496179bf79 [ 115.923818][ T5968] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 115.923845][ T5968] RSP: 002b:00007f495f9f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 115.923873][ T5968] RAX: ffffffffffffffda RBX: 00007f4961a16180 RCX: 00007f496179bf79 [ 115.923891][ T5968] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 115.923909][ T5968] RBP: 00007f49618327e0 R08: 0000000000000000 R09: 0000000000000000 [ 115.923926][ T5968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 115.923943][ T5968] R13: 00007f4961a16218 R14: 00007f4961a16180 R15: 00007ffff1305238 [ 115.923989][ T5968] [ 117.676928][ T6003] netlink: 28 bytes leftover after parsing attributes in process `syz.0.20'. [ 117.872992][ T6000] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 118.088991][ T6000] CPU: 0 UID: 0 PID: 6000 Comm: syz.1.21 Not tainted syzkaller #0 PREEMPT(full) [ 118.089024][ T6000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 118.089038][ T6000] Call Trace: [ 118.089045][ T6000] [ 118.089054][ T6000] dump_stack_lvl+0x100/0x190 [ 118.089092][ T6000] sysfs_warn_dup.cold+0x1c/0x28 [ 118.089126][ T6000] sysfs_do_create_link_sd+0x113/0x140 [ 118.089168][ T6000] sysfs_create_link+0x61/0xc0 [ 118.089199][ T6000] device_add+0x675/0x1950 [ 118.089226][ T6000] ? __pfx_device_add+0x10/0x10 [ 118.089247][ T6000] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 118.089312][ T6000] ? ieee80211_set_bitrate_flags+0x41b/0x6b0 [ 118.089355][ T6000] wiphy_register+0x1e5b/0x2d30 [ 118.089377][ T6000] ? __rtnl_unlock+0xb9/0xf0 [ 118.089399][ T6000] ? netdev_run_todo+0x7d0/0x12c0 [ 118.089441][ T6000] ? __pfx_wiphy_register+0x10/0x10 [ 118.089465][ T6000] ? __asan_memset+0x23/0x50 [ 118.089504][ T6000] ? minstrel_ht_alloc+0x5e6/0x7f0 [ 118.089538][ T6000] ieee80211_register_hw+0x2cfd/0x4140 [ 118.089575][ T6000] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 118.089599][ T6000] ? __pfx___debug_object_init+0x10/0x10 [ 118.089642][ T6000] ? find_held_lock+0x2b/0x80 [ 118.089673][ T6000] ? net_generic+0xea/0x2a0 [ 118.089697][ T6000] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 118.089730][ T6000] ? __hrtimer_setup+0x178/0x280 [ 118.089757][ T6000] mac80211_hwsim_new_radio+0x2847/0x57d0 [ 118.089807][ T6000] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 118.089855][ T6000] hwsim_new_radio_nl+0xc1f/0x1340 [ 118.089890][ T6000] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 118.089932][ T6000] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 118.089959][ T6000] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 118.089992][ T6000] genl_family_rcv_msg_doit+0x214/0x300 [ 118.090021][ T6000] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 118.090047][ T6000] ? genl_get_cmd+0x3ef/0x720 [ 118.090076][ T6000] ? bpf_lsm_capable+0x9/0x10 [ 118.090107][ T6000] ? security_capable+0x80/0x260 [ 118.090143][ T6000] ? ns_capable+0xd2/0xf0 [ 118.090185][ T6000] genl_rcv_msg+0x560/0x800 [ 118.090214][ T6000] ? __pfx_genl_rcv_msg+0x10/0x10 [ 118.090240][ T6000] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 118.090281][ T6000] netlink_rcv_skb+0x159/0x420 [ 118.090321][ T6000] ? __pfx_genl_rcv_msg+0x10/0x10 [ 118.090347][ T6000] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 118.090397][ T6000] ? netlink_deliver_tap+0x1ae/0xcc0 [ 118.090437][ T6000] genl_rcv+0x28/0x40 [ 118.090458][ T6000] netlink_unicast+0x5aa/0x870 [ 118.090500][ T6000] ? __pfx_netlink_unicast+0x10/0x10 [ 118.090536][ T6000] ? __pfx___might_resched+0x10/0x10 [ 118.090563][ T6000] ? __lock_acquire+0x4a5/0x2630 [ 118.090594][ T6000] netlink_sendmsg+0x8b0/0xda0 [ 118.090637][ T6000] ? __pfx_netlink_sendmsg+0x10/0x10 [ 118.090673][ T6000] ? __import_iovec+0x1d2/0x640 [ 118.090702][ T6000] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 118.090742][ T6000] ____sys_sendmsg+0xa54/0xc30 [ 118.090771][ T6000] ? __pfx_____sys_sendmsg+0x10/0x10 [ 118.090803][ T6000] ? __pfx_futex_wake_mark+0x10/0x10 [ 118.090836][ T6000] ___sys_sendmsg+0x190/0x1e0 [ 118.090864][ T6000] ? __pfx____sys_sendmsg+0x10/0x10 [ 118.090927][ T6000] __sys_sendmsg+0x170/0x220 [ 118.090962][ T6000] ? __pfx___sys_sendmsg+0x10/0x10 [ 118.090996][ T6000] ? __x64_sys_futex+0x34f/0x4d0 [ 118.091036][ T6000] do_syscall_64+0x106/0xf80 [ 118.091078][ T6000] ? clear_bhb_loop+0x40/0x90 [ 118.091108][ T6000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.091132][ T6000] RIP: 0033:0x7f14c459bf79 [ 118.091157][ T6000] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 118.091180][ T6000] RSP: 002b:00007f14c5412028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 118.091202][ T6000] RAX: ffffffffffffffda RBX: 00007f14c4815fa0 RCX: 00007f14c459bf79 [ 118.091218][ T6000] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 118.091232][ T6000] RBP: 00007f14c46327e0 R08: 0000000000000000 R09: 0000000000000000 [ 118.091247][ T6000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 118.091261][ T6000] R13: 00007f14c4816038 R14: 00007f14c4815fa0 R15: 00007ffe78c15988 [ 118.091292][ T6000] [ 119.131177][ T6003] macvlan1: entered promiscuous mode [ 119.157218][ T6003] macvlan1: entered allmulticast mode [ 119.168703][ T6003] veth1_vlan: entered allmulticast mode [ 119.210122][ T6006] zswap: compressor not available [ 120.530845][ T6030] FAULT_INJECTION: forcing a failure. [ 120.530845][ T6030] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 120.582603][ T6030] CPU: 1 UID: 0 PID: 6030 Comm: syz.1.26 Not tainted syzkaller #0 PREEMPT(full) [ 120.582634][ T6030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 120.582651][ T6030] Call Trace: [ 120.582659][ T6030] [ 120.582667][ T6030] dump_stack_lvl+0x100/0x190 [ 120.582715][ T6030] should_fail_ex.cold+0x5/0xa [ 120.582741][ T6030] _copy_from_iter+0x1f4/0x1690 [ 120.582773][ T6030] ? __pfx__copy_from_iter+0x10/0x10 [ 120.582801][ T6030] ? rcu_is_watching+0x12/0xc0 [ 120.582830][ T6030] ? trace_kmalloc+0x83/0xb0 [ 120.582856][ T6030] ? __kmalloc_noprof+0x320/0x850 [ 120.582883][ T6030] kernfs_fop_write_iter+0x186/0x5f0 [ 120.582926][ T6030] vfs_write+0x6ac/0x1070 [ 120.582950][ T6030] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 120.582990][ T6030] ? __pfx_vfs_write+0x10/0x10 [ 120.583031][ T6030] ksys_write+0x12a/0x250 [ 120.583054][ T6030] ? __pfx_ksys_write+0x10/0x10 [ 120.583085][ T6030] do_syscall_64+0x106/0xf80 [ 120.583120][ T6030] ? clear_bhb_loop+0x40/0x90 [ 120.583155][ T6030] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.583179][ T6030] RIP: 0033:0x7f14c459bf79 [ 120.583206][ T6030] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 120.583227][ T6030] RSP: 002b:00007f14c5412028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 120.583250][ T6030] RAX: ffffffffffffffda RBX: 00007f14c4815fa0 RCX: 00007f14c459bf79 [ 120.583264][ T6030] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 120.583277][ T6030] RBP: 00007f14c5412090 R08: 0000000000000000 R09: 0000000000000000 [ 120.583291][ T6030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 120.583303][ T6030] R13: 00007f14c4816038 R14: 00007f14c4815fa0 R15: 00007ffe78c15988 [ 120.583333][ T6030] [ 121.069831][ T51] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 143.331467][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.338048][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 166.537319][ T5825] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 166.562725][ T5825] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 166.570987][ T5825] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 166.582414][ T5825] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 166.600981][ T5825] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 167.231128][ T49] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.540950][ T49] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.823625][ T49] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.887280][ T8911] chnl_net:caif_netlink_parms(): no params data found [ 168.057136][ T49] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.516194][ T8911] bridge0: port 1(bridge_slave_0) entered blocking state [ 168.540807][ T8911] bridge0: port 1(bridge_slave_0) entered disabled state [ 168.548101][ T8911] bridge_slave_0: entered allmulticast mode [ 168.588332][ T8911] bridge_slave_0: entered promiscuous mode [ 168.669924][ T5825] Bluetooth: hci4: command tx timeout [ 168.680631][ T8911] bridge0: port 2(bridge_slave_1) entered blocking state [ 168.687857][ T8911] bridge0: port 2(bridge_slave_1) entered disabled state [ 168.710301][ T8911] bridge_slave_1: entered allmulticast mode [ 168.732587][ T8911] bridge_slave_1: entered promiscuous mode [ 168.852235][ T49] bridge_slave_1: left allmulticast mode [ 168.858667][ T49] bridge_slave_1: left promiscuous mode [ 168.884968][ T49] bridge0: port 2(bridge_slave_1) entered disabled state [ 168.921396][ T49] bridge_slave_0: left allmulticast mode [ 168.927186][ T49] bridge_slave_0: left promiscuous mode [ 168.939593][ T49] bridge0: port 1(bridge_slave_0) entered disabled state [ 169.573373][ T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 169.606245][ T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 169.646480][ T49] bond0 (unregistering): Released all slaves [ 169.720258][ T8911] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 169.766497][ T8911] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 169.980530][ T8911] team0: Port device team_slave_0 added [ 170.001238][ T8911] team0: Port device team_slave_1 added [ 170.242919][ T8911] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 170.266006][ T8911] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 170.342681][ T8911] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 170.367431][ T8911] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 170.398622][ T8911] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 170.468599][ T8911] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 170.748579][ T5825] Bluetooth: hci4: command tx timeout [ 170.804822][ T8911] hsr_slave_0: entered promiscuous mode [ 170.840612][ T8911] hsr_slave_1: entered promiscuous mode [ 170.847891][ T8911] debugfs: 'hsr0' already exists in 'hsr' [ 170.898603][ T8911] Cannot create hsr debugfs directory [ 171.064212][ T49] hsr_slave_0: left promiscuous mode [ 171.095472][ T49] hsr_slave_1: left promiscuous mode [ 171.109671][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 171.117170][ T49] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 171.152470][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 171.183423][ T49] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 171.239468][ T49] veth1_macvtap: left promiscuous mode [ 171.259545][ T49] veth0_macvtap: left promiscuous mode [ 171.265366][ T49] veth1_vlan: left promiscuous mode [ 171.301952][ T49] veth0_vlan: left promiscuous mode [ 172.141127][ T49] team0 (unregistering): Port device team_slave_1 removed [ 172.225672][ T49] team0 (unregistering): Port device team_slave_0 removed [ 172.830216][ T5825] Bluetooth: hci4: command tx timeout [ 173.920826][ T8911] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 173.981809][ T8911] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 174.005385][ T8911] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 174.058083][ T8911] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 174.396577][ T8911] 8021q: adding VLAN 0 to HW filter on device bond0 [ 174.460450][ T8911] 8021q: adding VLAN 0 to HW filter on device team0 [ 174.513866][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.521138][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 174.557519][ T1148] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.564792][ T1148] bridge0: port 2(bridge_slave_1) entered forwarding state [ 174.911303][ T5825] Bluetooth: hci4: command tx timeout [ 175.262782][ T8911] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 175.407281][ T8911] veth0_vlan: entered promiscuous mode [ 175.472887][ T8911] veth1_vlan: entered promiscuous mode [ 175.589860][ T8911] veth0_macvtap: entered promiscuous mode [ 175.614616][ T8911] veth1_macvtap: entered promiscuous mode [ 175.674484][ T8911] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 175.716440][ T8911] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 175.765542][ T58] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.805625][ T49] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.829503][ T49] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.881590][ T49] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.138214][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 176.177432][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 176.345160][ T3509] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 176.389024][ T3509] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 177.367654][ T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 177.376650][ T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 177.386655][ T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 177.395768][ T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 177.403566][ T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 178.806142][ T49] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.186170][ T49] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.469761][ T5825] Bluetooth: hci1: command tx timeout [ 179.487346][ T49] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.631283][ T9423] chnl_net:caif_netlink_parms(): no params data found [ 179.828992][ T49] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.705020][ T9423] bridge0: port 1(bridge_slave_0) entered blocking state [ 180.725621][ T9423] bridge0: port 1(bridge_slave_0) entered disabled state [ 180.747753][ T9423] bridge_slave_0: entered allmulticast mode [ 180.824250][ T9423] bridge_slave_0: entered promiscuous mode [ 180.970804][ T9423] bridge0: port 2(bridge_slave_1) entered blocking state [ 180.978028][ T9423] bridge0: port 2(bridge_slave_1) entered disabled state [ 181.018872][ T9423] bridge_slave_1: entered allmulticast mode [ 181.049856][ T9423] bridge_slave_1: entered promiscuous mode [ 181.423766][ T9423] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 181.488855][ T49] bridge_slave_1: left allmulticast mode [ 181.494708][ T49] bridge_slave_1: left promiscuous mode [ 181.505472][ T49] bridge0: port 2(bridge_slave_1) entered disabled state [ 181.549083][ T5825] Bluetooth: hci1: command tx timeout [ 181.656226][ T49] bridge_slave_0: left allmulticast mode [ 181.688649][ T49] bridge_slave_0: left promiscuous mode [ 181.722515][ T49] bridge0: port 1(bridge_slave_0) entered disabled state [ 182.740211][ T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 182.796199][ T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 182.853168][ T49] bond0 (unregistering): Released all slaves [ 183.271728][ T9423] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 183.519371][ T9423] team0: Port device team_slave_0 added [ 183.528422][ T9423] team0: Port device team_slave_1 added [ 183.629428][ T5825] Bluetooth: hci1: command tx timeout [ 183.958986][ T9423] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 184.017113][ T9423] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 184.111078][ T9423] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 184.161319][ T9423] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 184.176582][ T9423] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 184.257751][ T9423] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 184.808967][ T49] hsr_slave_0: left promiscuous mode [ 184.838858][ T49] hsr_slave_1: left promiscuous mode [ 184.876548][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 184.908539][ T49] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 184.960307][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 184.979375][ T49] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 185.042555][ T49] veth1_macvtap: left promiscuous mode [ 185.048137][ T49] veth0_macvtap: left promiscuous mode [ 185.098327][ T49] veth1_vlan: left promiscuous mode [ 185.137556][ T49] veth0_vlan: left promiscuous mode [ 185.376664][ T9687] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2827'. [ 185.712555][ T5825] Bluetooth: hci1: command tx timeout [ 186.656348][ T49] team0 (unregistering): Port device team_slave_1 removed [ 186.797402][ T49] team0 (unregistering): Port device team_slave_0 removed [ 187.853353][ T9423] hsr_slave_0: entered promiscuous mode [ 187.873109][ T9423] hsr_slave_1: entered promiscuous mode [ 187.893305][ T9423] debugfs: 'hsr0' already exists in 'hsr' [ 187.920386][ T9423] Cannot create hsr debugfs directory [ 190.756571][ T9859] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 190.844575][ T9423] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 190.932019][ T9423] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 191.064429][ T9423] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 191.141960][ T9423] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 192.175520][ T9423] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.307598][ T9423] 8021q: adding VLAN 0 to HW filter on device team0 [ 192.383244][ T1148] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.390548][ T1148] bridge0: port 1(bridge_slave_0) entered forwarding state [ 192.484890][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.492188][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 194.055884][ T9423] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 194.337616][ T9423] veth0_vlan: entered promiscuous mode [ 194.395613][ T9423] veth1_vlan: entered promiscuous mode [ 194.545444][ T9423] veth0_macvtap: entered promiscuous mode [ 194.622268][ T9423] veth1_macvtap: entered promiscuous mode [ 194.754181][ T9423] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 194.853581][ T9423] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 194.904588][ T9484] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 194.947157][ T9484] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.096639][ T9484] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.122848][ T9484] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.612043][ T9485] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 195.668625][ T9485] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 195.928796][ T5825] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18 [ 196.057771][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 196.136063][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 196.583133][T10017] netlink: 'syz.2.2670': attribute type 12 has an invalid length. [ 197.186323][ T5833] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 197.198344][ T5833] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 197.231569][ T5833] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 197.251625][ T5833] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 197.268073][ T5833] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 197.942720][T10034] zram: Removed device: zram0 [ 197.948952][ T51] Bluetooth: hci4: command 0x2016 tx timeout [ 198.572584][T10053] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3043'. [ 198.626941][T10059] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3043'. [ 199.031693][T10069] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3049'. [ 199.084023][T10071] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3049'. [ 199.275644][ T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.388625][ T5825] Bluetooth: hci3: command tx timeout [ 199.724843][ T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.775739][T10083] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 199.996141][T10023] chnl_net:caif_netlink_parms(): no params data found [ 200.029748][ T5825] Bluetooth: hci4: command 0x2016 tx timeout [ 200.119139][ T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.169706][T10092] loop6: detected capacity change from 0 to 8192 [ 200.366824][ T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.836614][T10023] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.870874][T10023] bridge0: port 1(bridge_slave_0) entered disabled state [ 200.878207][T10023] bridge_slave_0: entered allmulticast mode [ 200.925543][T10023] bridge_slave_0: entered promiscuous mode [ 201.030341][T10023] bridge0: port 2(bridge_slave_1) entered blocking state [ 201.037643][T10023] bridge0: port 2(bridge_slave_1) entered disabled state [ 201.089087][T10023] bridge_slave_1: entered allmulticast mode [ 201.114768][T10023] bridge_slave_1: entered promiscuous mode [ 201.163617][T10112] debugfs: '!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' already exists in 'ieee80211' [ 201.468885][ T51] Bluetooth: hci3: command tx timeout [ 201.677975][T10023] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 201.736201][T10023] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 202.693446][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 202.751567][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 202.772338][ T13] bond0 (unregistering): Released all slaves [ 202.893714][T10023] team0: Port device team_slave_0 added [ 202.955779][T10023] team0: Port device team_slave_1 added [ 203.376205][T10023] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 203.414760][T10023] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 203.504621][T10023] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 203.539000][T10023] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 203.546201][T10023] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 203.578688][ T51] Bluetooth: hci3: command tx timeout [ 203.617754][T10023] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 204.234164][ T13] hsr_slave_0: left promiscuous mode [ 204.251162][ T13] hsr_slave_1: left promiscuous mode [ 204.260384][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 204.272344][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 204.290101][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 204.308230][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 204.339103][ T13] veth1_macvtap: left promiscuous mode [ 204.344671][ T13] veth0_macvtap: left promiscuous mode [ 204.366864][ T13] veth1_vlan: left allmulticast mode [ 204.378810][ T13] veth1_vlan: left promiscuous mode [ 204.387684][ T13] veth0_vlan: left promiscuous mode [ 204.753621][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 204.760135][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 204.802989][ T13] team0 (unregistering): Port device team_slave_1 removed [ 204.834086][ T13] team0 (unregistering): Port device team_slave_0 removed [ 204.996015][T10023] hsr_slave_0: entered promiscuous mode [ 205.003228][T10023] hsr_slave_1: entered promiscuous mode [ 205.012919][T10023] debugfs: 'hsr0' already exists in 'hsr' [ 205.019411][T10023] Cannot create hsr debugfs directory [ 205.369754][T10177] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3099'. [ 205.630526][ T51] Bluetooth: hci3: command tx timeout [ 206.174243][T10023] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 206.257763][T10023] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 206.308164][T10023] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 206.332558][T10023] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 206.536247][T10023] 8021q: adding VLAN 0 to HW filter on device bond0 [ 206.572568][T10023] 8021q: adding VLAN 0 to HW filter on device team0 [ 206.612354][ T9469] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.619609][ T9469] bridge0: port 1(bridge_slave_0) entered forwarding state [ 206.640440][ T9469] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.647720][ T9469] bridge0: port 2(bridge_slave_1) entered forwarding state [ 207.247387][T10023] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 207.550906][T10023] veth0_vlan: entered promiscuous mode [ 207.615336][T10023] veth1_vlan: entered promiscuous mode [ 207.884616][T10023] veth0_macvtap: entered promiscuous mode [ 207.936247][T10023] veth1_macvtap: entered promiscuous mode [ 208.053832][T10023] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 208.166532][T10023] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 208.233912][ T3509] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 208.289649][ T3509] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 208.300559][T10260] zswap: compressor û not available [ 208.401487][ T3509] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 208.429874][ T3509] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.041318][ T3509] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 209.058659][ T3509] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 209.653945][ T3509] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 209.701228][ T3509] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 210.060607][T10310] debugfs: '!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' already exists in 'ieee80211' [ 210.294513][ T5825] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 210.303402][ T5825] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 210.315138][ T5825] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 210.323761][ T5825] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 210.337058][ T5825] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 210.734225][T10317] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 211.555955][ T3509] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 211.837364][ T3509] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.150416][ T3509] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.363082][ T3509] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.379808][T10340] nvme_fabrics: unknown parameter or missing value '10' in ctrl creation request [ 212.442006][ T5825] Bluetooth: hci0: command tx timeout [ 212.562796][T10313] chnl_net:caif_netlink_parms(): no params data found [ 212.977625][T10354] netlink: zone id is out of range [ 213.016014][T10354] netlink: zone id is out of range [ 213.076640][T10354] netlink: set zone limit has 8 unknown bytes [ 213.222119][T10313] bridge0: port 1(bridge_slave_0) entered blocking state [ 213.238679][T10313] bridge0: port 1(bridge_slave_0) entered disabled state [ 213.248948][T10313] bridge_slave_0: entered allmulticast mode [ 213.291820][T10313] bridge_slave_0: entered promiscuous mode [ 213.320041][T10313] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.327245][T10313] bridge0: port 2(bridge_slave_1) entered disabled state [ 213.353660][T10313] bridge_slave_1: entered allmulticast mode [ 213.374055][T10358] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 213.388302][T10313] bridge_slave_1: entered promiscuous mode [ 213.427285][ T3509] bridge_slave_1: left allmulticast mode [ 213.435828][ T3509] bridge_slave_1: left promiscuous mode [ 213.448832][ T3509] bridge0: port 2(bridge_slave_1) entered disabled state [ 213.469754][ T3509] bridge_slave_0: left allmulticast mode [ 213.475493][ T3509] bridge_slave_0: left promiscuous mode [ 213.482070][ T3509] bridge0: port 1(bridge_slave_0) entered disabled state [ 213.540074][T10356] FAULT_INJECTION: forcing a failure. [ 213.540074][T10356] name failslab, interval 1, probability 0, space 0, times 1 [ 213.553008][T10356] CPU: 1 UID: 0 PID: 10356 Comm: syz.2.3158 Not tainted syzkaller #0 PREEMPT(full) [ 213.553056][T10356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 213.553081][T10356] Call Trace: [ 213.553091][T10356] [ 213.553110][T10356] dump_stack_lvl+0x100/0x190 [ 213.553163][T10356] should_fail_ex.cold+0x5/0xa [ 213.553198][T10356] ? lsm_blob_alloc+0x68/0x90 [ 213.553239][T10356] should_failslab+0xc2/0x120 [ 213.553279][T10356] __kmalloc_noprof+0xe0/0x850 [ 213.553320][T10356] lsm_blob_alloc+0x68/0x90 [ 213.553363][T10356] security_prepare_creds+0x2d/0x290 [ 213.553407][T10356] prepare_creds+0x5d6/0x950 [ 213.553453][T10356] set_current_groups+0x15/0xd0 [ 213.553490][T10356] __do_sys_setgroups+0x3e2/0x4f0 [ 213.553534][T10356] do_syscall_64+0x106/0xf80 [ 213.553582][T10356] ? clear_bhb_loop+0x40/0x90 [ 213.553625][T10356] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.553658][T10356] RIP: 0033:0x7ff19399bf79 [ 213.553685][T10356] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 213.553708][T10356] RSP: 002b:00007ff1947f5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000074 [ 213.553730][T10356] RAX: ffffffffffffffda RBX: 00007ff193c15fa0 RCX: 00007ff19399bf79 [ 213.553745][T10356] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000008 [ 213.553759][T10356] RBP: 00007ff193a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 213.553773][T10356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 213.553787][T10356] R13: 00007ff193c16038 R14: 00007ff193c15fa0 R15: 00007ffc7e272768 [ 213.553822][T10356] [ 214.023443][T10371] hub 1-0:1.0: USB hub found [ 214.045021][T10371] hub 1-0:1.0: 1 port detected [ 214.137169][T10367] zswap: compressor û not available [ 214.170101][T10369] hub 1-0:1.0: USB hub found [ 214.193418][T10369] hub 1-0:1.0: 1 port detected [ 214.508755][ T5825] Bluetooth: hci0: command tx timeout [ 214.530843][ T3509] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 214.563914][T10381] syz.2.3161 uses obsolete (PF_INET,SOCK_PACKET) [ 214.573390][ T3509] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 214.584068][ T3509] bond0 (unregistering): Released all slaves [ 214.607757][T10381] FAULT_INJECTION: forcing a failure. [ 214.607757][T10381] name failslab, interval 1, probability 0, space 0, times 0 [ 214.623873][T10381] CPU: 1 UID: 0 PID: 10381 Comm: syz.2.3161 Not tainted syzkaller #0 PREEMPT(full) [ 214.623930][T10381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 214.623950][T10381] Call Trace: [ 214.623962][T10381] [ 214.623974][T10381] dump_stack_lvl+0x100/0x190 [ 214.624028][T10381] should_fail_ex.cold+0x5/0xa [ 214.624066][T10381] should_failslab+0xc2/0x120 [ 214.624106][T10381] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 214.624138][T10381] ? mas_alloc_nodes+0x280/0x390 [ 214.624189][T10381] mas_alloc_nodes+0x280/0x390 [ 214.624237][T10381] mas_preallocate+0x39c/0xf10 [ 214.624297][T10381] ? __pfx_mas_preallocate+0x10/0x10 [ 214.624364][T10381] ? __pfx_mt_find+0x10/0x10 [ 214.624400][T10381] vma_link+0x12c/0x750 [ 214.624457][T10381] ? __pfx_vma_link+0x10/0x10 [ 214.624533][T10381] insert_vm_struct+0xf4/0x2d0 [ 214.624572][T10381] create_init_stack_vma+0x2e1/0x700 [ 214.624615][T10381] alloc_bprm+0x405/0x710 [ 214.624695][T10381] do_execveat_common.isra.0+0x19c/0x580 [ 214.624752][T10381] ? do_getname+0x191/0x390 [ 214.624800][T10381] __x64_sys_execve+0x93/0xd0 [ 214.624833][T10381] do_syscall_64+0x106/0xf80 [ 214.624879][T10381] ? clear_bhb_loop+0x40/0x90 [ 214.624928][T10381] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 214.624962][T10381] RIP: 0033:0x7ff19399bf79 [ 214.624988][T10381] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 214.625021][T10381] RSP: 002b:00007ff1947f5028 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 214.625053][T10381] RAX: ffffffffffffffda RBX: 00007ff193c15fa0 RCX: 00007ff19399bf79 [ 214.625076][T10381] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 214.625103][T10381] RBP: 00007ff193a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 214.625123][T10381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 214.625148][T10381] R13: 00007ff193c16038 R14: 00007ff193c15fa0 R15: 00007ffc7e272768 [ 214.625193][T10381] [ 215.185579][T10313] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 215.220778][T10313] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 215.579984][T10313] team0: Port device team_slave_0 added [ 215.757396][T10313] team0: Port device team_slave_1 added [ 215.943673][T10313] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 215.964939][T10313] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 216.025828][T10313] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 216.066454][T10313] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 216.148582][T10313] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 216.220957][T10313] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 216.590709][ T5825] Bluetooth: hci0: command tx timeout [ 216.718672][ T3509] hsr_slave_0: left promiscuous mode [ 216.748848][ T3509] hsr_slave_1: left promiscuous mode [ 216.755451][ T3509] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 216.784095][ T3509] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 216.859614][ T3509] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 216.926691][ T3509] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 216.972110][ T3509] veth1_macvtap: left promiscuous mode [ 216.977671][ T3509] veth0_macvtap: left promiscuous mode [ 217.016357][ T3509] veth1_vlan: left promiscuous mode [ 217.028576][ T3509] veth0_vlan: left promiscuous mode [ 217.778010][ T3509] team0 (unregistering): Port device team_slave_1 removed [ 217.810532][ T3509] team0 (unregistering): Port device team_slave_0 removed [ 217.824058][T10431] ======================================================= [ 217.824058][T10431] WARNING: The mand mount option has been deprecated and [ 217.824058][T10431] and is ignored by this kernel. Remove the mand [ 217.824058][T10431] option from the mount to silence this warning. [ 217.824058][T10431] ======================================================= [ 218.256588][T10313] hsr_slave_0: entered promiscuous mode [ 218.265550][T10313] hsr_slave_1: entered promiscuous mode [ 218.668704][ T5825] Bluetooth: hci0: command tx timeout [ 219.892538][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 219.901285][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 219.908218][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 219.915920][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 219.923788][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 219.931439][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 219.938205][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 219.946544][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 219.953547][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 219.965967][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 219.972833][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 219.980445][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 219.987133][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 219.994850][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.001627][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.009253][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.017125][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.024834][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.035164][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.046499][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.054087][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.061752][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.068563][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.076012][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.082753][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.091644][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.098810][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.106366][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.118781][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.126248][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.133049][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.140569][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.147929][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.155431][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.162239][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.172617][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.179407][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.186861][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.193695][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.201231][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.207949][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.215541][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.222352][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.229862][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.238131][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.246024][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.253071][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.260626][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.267363][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.274987][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.284363][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.292415][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.299406][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.306855][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.318688][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.326166][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.332974][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.340884][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.349955][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.357415][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.364266][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.371770][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.378413][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.385922][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.392590][ T5825] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 220.400030][ T5825] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 220.803721][T10458] zswap: compressor not available [ 221.120357][T10473] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 221.154143][T10473] CPU: 0 UID: 0 PID: 10473 Comm: syz.1.3173 Not tainted syzkaller #0 PREEMPT(full) [ 221.154201][T10473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 221.154221][T10473] Call Trace: [ 221.154232][T10473] [ 221.154251][T10473] dump_stack_lvl+0x100/0x190 [ 221.154305][T10473] sysfs_warn_dup.cold+0x1c/0x28 [ 221.154352][T10473] sysfs_do_create_link_sd+0x113/0x140 [ 221.154399][T10473] sysfs_create_link+0x61/0xc0 [ 221.154443][T10473] device_add+0x675/0x1950 [ 221.154480][T10473] ? __pfx_device_add+0x10/0x10 [ 221.154511][T10473] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 221.154559][T10473] ? ieee80211_set_bitrate_flags+0x41b/0x6b0 [ 221.154617][T10473] wiphy_register+0x1e5b/0x2d30 [ 221.154648][T10473] ? __rtnl_unlock+0xb9/0xf0 [ 221.154679][T10473] ? netdev_run_todo+0x7d0/0x12c0 [ 221.154742][T10473] ? __pfx_wiphy_register+0x10/0x10 [ 221.154777][T10473] ? __asan_memset+0x23/0x50 [ 221.154828][T10473] ? minstrel_ht_alloc+0x5e6/0x7f0 [ 221.154877][T10473] ieee80211_register_hw+0x2cfd/0x4140 [ 221.154931][T10473] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 221.154964][T10473] ? __pfx___debug_object_init+0x10/0x10 [ 221.155024][T10473] ? find_held_lock+0x2b/0x80 [ 221.155066][T10473] ? net_generic+0xea/0x2a0 [ 221.155100][T10473] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 221.155145][T10473] ? __hrtimer_setup+0x178/0x280 [ 221.155184][T10473] mac80211_hwsim_new_radio+0x2847/0x57d0 [ 221.155264][T10473] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 221.155323][T10473] hwsim_new_radio_nl+0xc1f/0x1340 [ 221.155370][T10473] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 221.155428][T10473] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 221.155465][T10473] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 221.155512][T10473] genl_family_rcv_msg_doit+0x214/0x300 [ 221.155552][T10473] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 221.155587][T10473] ? genl_get_cmd+0x3ef/0x720 [ 221.155630][T10473] ? bpf_lsm_capable+0x9/0x10 [ 221.155673][T10473] ? security_capable+0x80/0x260 [ 221.155722][T10473] ? ns_capable+0xd2/0xf0 [ 221.155771][T10473] genl_rcv_msg+0x560/0x800 [ 221.155810][T10473] ? __pfx_genl_rcv_msg+0x10/0x10 [ 221.155847][T10473] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 221.155905][T10473] netlink_rcv_skb+0x159/0x420 [ 221.155958][T10473] ? __pfx_genl_rcv_msg+0x10/0x10 [ 221.155995][T10473] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 221.156066][T10473] ? netlink_deliver_tap+0x1ae/0xcc0 [ 221.156123][T10473] genl_rcv+0x28/0x40 [ 221.156152][T10473] netlink_unicast+0x5aa/0x870 [ 221.156210][T10473] ? __pfx_netlink_unicast+0x10/0x10 [ 221.156266][T10473] ? __pfx___might_resched+0x10/0x10 [ 221.156303][T10473] ? __lock_acquire+0x4a5/0x2630 [ 221.156347][T10473] netlink_sendmsg+0x8b0/0xda0 [ 221.156408][T10473] ? __pfx_netlink_sendmsg+0x10/0x10 [ 221.156459][T10473] ? __import_iovec+0x1d2/0x640 [ 221.156501][T10473] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 221.156558][T10473] ____sys_sendmsg+0xa54/0xc30 [ 221.156599][T10473] ? __pfx_____sys_sendmsg+0x10/0x10 [ 221.156643][T10473] ? __pfx_futex_wake_mark+0x10/0x10 [ 221.156690][T10473] ___sys_sendmsg+0x190/0x1e0 [ 221.156730][T10473] ? __pfx____sys_sendmsg+0x10/0x10 [ 221.156822][T10473] __sys_sendmsg+0x170/0x220 [ 221.156871][T10473] ? __pfx___sys_sendmsg+0x10/0x10 [ 221.156917][T10473] ? __x64_sys_futex+0x34f/0x4d0 [ 221.156976][T10473] do_syscall_64+0x106/0xf80 [ 221.157024][T10473] ? clear_bhb_loop+0x40/0x90 [ 221.157064][T10473] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.157098][T10473] RIP: 0033:0x7fe7f0f9bf79 [ 221.157126][T10473] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 221.157158][T10473] RSP: 002b:00007fe7f1dd4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 221.157190][T10473] RAX: ffffffffffffffda RBX: 00007fe7f1215fa0 RCX: 00007fe7f0f9bf79 [ 221.157211][T10473] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 221.157231][T10473] RBP: 00007fe7f10327e0 R08: 0000000000000000 R09: 0000000000000000 [ 221.157256][T10473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 221.157276][T10473] R13: 00007fe7f1216038 R14: 00007fe7f1215fa0 R15: 00007ffd7c31cf68 [ 221.157321][T10473] [ 222.688164][T10499] FAULT_INJECTION: forcing a failure. [ 222.688164][T10499] name fail_futex, interval 1, probability 0, space 0, times 1 [ 222.721441][T10499] CPU: 0 UID: 0 PID: 10499 Comm: syz.1.3175 Not tainted syzkaller #0 PREEMPT(full) [ 222.721487][T10499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 222.721506][T10499] Call Trace: [ 222.721515][T10499] [ 222.721527][T10499] dump_stack_lvl+0x100/0x190 [ 222.721575][T10499] should_fail_ex.cold+0x5/0xa [ 222.721608][T10499] get_futex_key+0x106f/0x1620 [ 222.721661][T10499] ? __pfx_get_futex_key+0x10/0x10 [ 222.721706][T10499] ? lock_acquire+0x17c/0x330 [ 222.721749][T10499] futex_wake+0xea/0x530 [ 222.721788][T10499] ? __pfx_futex_wake+0x10/0x10 [ 222.721825][T10499] ? exit_mm_release+0x19/0x30 [ 222.721868][T10499] do_futex+0x32b/0x350 [ 222.721899][T10499] ? __pfx_do_futex+0x10/0x10 [ 222.721926][T10499] ? __might_fault+0xc5/0x140 [ 222.721965][T10499] mm_release+0x24a/0x2f0 [ 222.722012][T10499] do_exit+0x675/0x2a30 [ 222.722061][T10499] ? __pfx_do_exit+0x10/0x10 [ 222.722095][T10499] ? do_raw_spin_lock+0x128/0x260 [ 222.722131][T10499] ? find_held_lock+0x2b/0x80 [ 222.722170][T10499] ? get_signal+0x7e0/0x21e0 [ 222.722220][T10499] do_group_exit+0xd5/0x2a0 [ 222.722258][T10499] get_signal+0x1ec7/0x21e0 [ 222.722310][T10499] ? __might_fault+0x111/0x140 [ 222.722337][T10499] ? find_held_lock+0x2b/0x80 [ 222.722382][T10499] ? __pfx_get_signal+0x10/0x10 [ 222.722430][T10499] ? do_futex+0x192/0x350 [ 222.722465][T10499] arch_do_signal_or_restart+0x91/0x770 [ 222.722495][T10499] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 222.722549][T10499] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 222.722593][T10499] ? __pfx___x64_sys_futex+0x10/0x10 [ 222.722633][T10499] exit_to_user_mode_loop+0x86/0x4a0 [ 222.722665][T10499] ? rcu_is_watching+0x12/0xc0 [ 222.722712][T10499] do_syscall_64+0x668/0xf80 [ 222.722757][T10499] ? clear_bhb_loop+0x40/0x90 [ 222.722796][T10499] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 222.722827][T10499] RIP: 0033:0x7fe7f0f9bf79 [ 222.722852][T10499] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 222.722882][T10499] RSP: 002b:00007fe7f1db30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 222.722911][T10499] RAX: fffffffffffffe00 RBX: 00007fe7f1216098 RCX: 00007fe7f0f9bf79 [ 222.722931][T10499] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe7f1216098 [ 222.722950][T10499] RBP: 00007fe7f1216090 R08: 0000000000000000 R09: 0000000000000000 [ 222.722968][T10499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 222.722986][T10499] R13: 00007fe7f1216128 R14: 00007ffd7c31ce80 R15: 00007ffd7c31cf68 [ 222.723035][T10499] [ 223.104128][T10313] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 223.153491][T10313] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 223.252274][T10313] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 223.265416][T10313] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 223.599488][T10313] 8021q: adding VLAN 0 to HW filter on device bond0 [ 223.706103][T10313] 8021q: adding VLAN 0 to HW filter on device team0 [ 223.765618][ T1148] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.772789][ T1148] bridge0: port 1(bridge_slave_0) entered forwarding state [ 223.832167][ T1148] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.832321][ T1148] bridge0: port 2(bridge_slave_1) entered forwarding state [ 224.057001][T10313] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 224.701361][T10534] FAULT_INJECTION: forcing a failure. [ 224.701361][T10534] name failslab, interval 1, probability 0, space 0, times 0 [ 224.714234][T10534] CPU: 0 UID: 0 PID: 10534 Comm: syz.0.3179 Not tainted syzkaller #0 PREEMPT(full) [ 224.714266][T10534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 224.714280][T10534] Call Trace: [ 224.714288][T10534] [ 224.714297][T10534] dump_stack_lvl+0x100/0x190 [ 224.714335][T10534] should_fail_ex.cold+0x5/0xa [ 224.714361][T10534] ? lsm_blob_alloc+0x68/0x90 [ 224.714396][T10534] should_failslab+0xc2/0x120 [ 224.714425][T10534] __kmalloc_noprof+0xe0/0x850 [ 224.714454][T10534] lsm_blob_alloc+0x68/0x90 [ 224.714486][T10534] security_prepare_creds+0x2d/0x290 [ 224.714518][T10534] prepare_creds+0x5d6/0x950 [ 224.714550][T10534] set_current_groups+0x15/0xd0 [ 224.714577][T10534] __do_sys_setgroups+0x3e2/0x4f0 [ 224.714635][T10534] do_syscall_64+0x106/0xf80 [ 224.714672][T10534] ? clear_bhb_loop+0x40/0x90 [ 224.714701][T10534] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 224.714725][T10534] RIP: 0033:0x7ffbc079bf79 [ 224.714745][T10534] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 224.714767][T10534] RSP: 002b:00007ffbc165a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000074 [ 224.714790][T10534] RAX: ffffffffffffffda RBX: 00007ffbc0a15fa0 RCX: 00007ffbc079bf79 [ 224.714805][T10534] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000008 [ 224.714819][T10534] RBP: 00007ffbc08327e0 R08: 0000000000000000 R09: 0000000000000000 [ 224.714833][T10534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 224.714847][T10534] R13: 00007ffbc0a16038 R14: 00007ffbc0a15fa0 R15: 00007ffea082d3d8 [ 224.714877][T10534] [ 225.216821][T10313] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 225.426723][T10313] veth0_vlan: entered promiscuous mode [ 225.841156][T10313] veth1_vlan: entered promiscuous mode [ 225.873221][T10564] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 225.899335][T10564] CPU: 1 UID: 0 PID: 10564 Comm: syz.1.3182 Not tainted syzkaller #0 PREEMPT(full) [ 225.899380][T10564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 225.899399][T10564] Call Trace: [ 225.899410][T10564] [ 225.899437][T10564] dump_stack_lvl+0x100/0x190 [ 225.899491][T10564] sysfs_warn_dup.cold+0x1c/0x28 [ 225.899538][T10564] sysfs_do_create_link_sd+0x113/0x140 [ 225.899594][T10564] sysfs_create_link+0x61/0xc0 [ 225.899635][T10564] device_add+0x675/0x1950 [ 225.899672][T10564] ? __pfx_device_add+0x10/0x10 [ 225.899703][T10564] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 225.899750][T10564] ? ieee80211_set_bitrate_flags+0x41b/0x6b0 [ 225.899809][T10564] wiphy_register+0x1e5b/0x2d30 [ 225.899842][T10564] ? __rtnl_unlock+0xb9/0xf0 [ 225.899875][T10564] ? netdev_run_todo+0x7d0/0x12c0 [ 225.899937][T10564] ? __pfx_wiphy_register+0x10/0x10 [ 225.899972][T10564] ? __asan_memset+0x23/0x50 [ 225.900024][T10564] ? minstrel_ht_alloc+0x5e6/0x7f0 [ 225.900073][T10564] ieee80211_register_hw+0x2cfd/0x4140 [ 225.900128][T10564] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 225.900161][T10564] ? __pfx___debug_object_init+0x10/0x10 [ 225.900223][T10564] ? find_held_lock+0x2b/0x80 [ 225.900265][T10564] ? net_generic+0xea/0x2a0 [ 225.900300][T10564] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 225.900347][T10564] ? __hrtimer_setup+0x178/0x280 [ 225.900386][T10564] mac80211_hwsim_new_radio+0x2847/0x57d0 [ 225.900468][T10564] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 225.900525][T10564] hwsim_new_radio_nl+0xc1f/0x1340 [ 225.900575][T10564] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 225.900638][T10564] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 225.900678][T10564] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 225.900728][T10564] genl_family_rcv_msg_doit+0x214/0x300 [ 225.900769][T10564] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 225.900803][T10564] ? genl_get_cmd+0x3ef/0x720 [ 225.900846][T10564] ? bpf_lsm_capable+0x9/0x10 [ 225.900888][T10564] ? security_capable+0x80/0x260 [ 225.900939][T10564] ? ns_capable+0xd2/0xf0 [ 225.900988][T10564] genl_rcv_msg+0x560/0x800 [ 225.901028][T10564] ? __pfx_genl_rcv_msg+0x10/0x10 [ 225.901064][T10564] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 225.901125][T10564] netlink_rcv_skb+0x159/0x420 [ 225.901177][T10564] ? __pfx_genl_rcv_msg+0x10/0x10 [ 225.901213][T10564] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 225.901280][T10564] ? netlink_deliver_tap+0x1ae/0xcc0 [ 225.901335][T10564] genl_rcv+0x28/0x40 [ 225.901363][T10564] netlink_unicast+0x5aa/0x870 [ 225.901431][T10564] ? __pfx_netlink_unicast+0x10/0x10 [ 225.901483][T10564] ? __pfx___might_resched+0x10/0x10 [ 225.901520][T10564] ? __lock_acquire+0x4a5/0x2630 [ 225.901564][T10564] netlink_sendmsg+0x8b0/0xda0 [ 225.901622][T10564] ? __pfx_netlink_sendmsg+0x10/0x10 [ 225.901669][T10564] ? __import_iovec+0x1d2/0x640 [ 225.901709][T10564] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 225.901765][T10564] ____sys_sendmsg+0xa54/0xc30 [ 225.901805][T10564] ? __pfx_____sys_sendmsg+0x10/0x10 [ 225.901849][T10564] ? kasan_quarantine_put+0x104/0x240 [ 225.901882][T10564] ? lockdep_hardirqs_on+0x78/0x100 [ 225.901939][T10564] ___sys_sendmsg+0x190/0x1e0 [ 225.901981][T10564] ? __pfx____sys_sendmsg+0x10/0x10 [ 225.902019][T10564] ? tomoyo_path_number_perm+0x188/0x580 [ 225.902104][T10564] __sys_sendmsg+0x170/0x220 [ 225.902154][T10564] ? __pfx___sys_sendmsg+0x10/0x10 [ 225.902199][T10564] ? rcu_is_watching+0x12/0xc0 [ 225.902253][T10564] ? kcov_ioctl+0x16a/0x720 [ 225.902294][T10564] ? fput+0x79/0x100 [ 225.902342][T10564] do_syscall_64+0x106/0xf80 [ 225.902390][T10564] ? clear_bhb_loop+0x40/0x90 [ 225.902440][T10564] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.902474][T10564] RIP: 0033:0x7fe7f0f9bf79 [ 225.902502][T10564] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 225.902535][T10564] RSP: 002b:00007fe7f1d92028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 225.902567][T10564] RAX: ffffffffffffffda RBX: 00007fe7f1216180 RCX: 00007fe7f0f9bf79 [ 225.902587][T10564] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 225.902608][T10564] RBP: 00007fe7f10327e0 R08: 0000000000000000 R09: 0000000000000000 [ 225.902628][T10564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 225.902647][T10564] R13: 00007fe7f1216218 R14: 00007fe7f1216180 R15: 00007ffd7c31cf68 [ 225.902692][T10564] [ 226.443464][T10313] veth0_macvtap: entered promiscuous mode [ 226.491580][T10313] veth1_macvtap: entered promiscuous mode [ 226.497393][T10573] nvme_fabrics: unknown parameter or missing value '10' in ctrl creation request [ 226.521918][T10313] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 226.549910][T10313] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 226.645517][ T9469] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.688597][ T9469] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.728582][ T9469] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.728673][ T9469] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.517762][T10581] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 227.524867][T10581] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 227.538196][T10581] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 227.550120][T10581] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 227.558400][T10581] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 227.567287][T10581] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 227.581139][T10581] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 227.587516][T10581] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 227.598171][T10581] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 227.609069][T10581] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 227.615223][T10581] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 227.626047][T10581] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 227.706734][ T9485] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 227.735665][ T9485] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 227.803898][ T1148] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 227.827326][ T1148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 227.986329][T10605] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 228.057149][T10605] CPU: 1 UID: 0 PID: 10605 Comm: syz.2.3191 Not tainted syzkaller #0 PREEMPT(full) [ 228.057197][T10605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 228.057217][T10605] Call Trace: [ 228.057227][T10605] [ 228.057240][T10605] dump_stack_lvl+0x100/0x190 [ 228.057304][T10605] sysfs_warn_dup.cold+0x1c/0x28 [ 228.057350][T10605] sysfs_do_create_link_sd+0x113/0x140 [ 228.057397][T10605] sysfs_create_link+0x61/0xc0 [ 228.057439][T10605] device_add+0x675/0x1950 [ 228.057476][T10605] ? __pfx_device_add+0x10/0x10 [ 228.057505][T10605] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 228.057552][T10605] ? ieee80211_set_bitrate_flags+0x41b/0x6b0 [ 228.057611][T10605] wiphy_register+0x1e5b/0x2d30 [ 228.057641][T10605] ? __rtnl_unlock+0xb9/0xf0 [ 228.057671][T10605] ? netdev_run_todo+0x7d0/0x12c0 [ 228.057731][T10605] ? __pfx_wiphy_register+0x10/0x10 [ 228.057766][T10605] ? __asan_memset+0x23/0x50 [ 228.057824][T10605] ? minstrel_ht_alloc+0x5e6/0x7f0 [ 228.057873][T10605] ieee80211_register_hw+0x2cfd/0x4140 [ 228.057927][T10605] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 228.057960][T10605] ? __pfx___debug_object_init+0x10/0x10 [ 228.058021][T10605] ? find_held_lock+0x2b/0x80 [ 228.058063][T10605] ? net_generic+0xea/0x2a0 [ 228.058096][T10605] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 228.058143][T10605] ? __hrtimer_setup+0x178/0x280 [ 228.058182][T10605] mac80211_hwsim_new_radio+0x2847/0x57d0 [ 228.058260][T10605] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 228.058319][T10605] hwsim_new_radio_nl+0xc1f/0x1340 [ 228.058367][T10605] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 228.058424][T10605] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 228.058463][T10605] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 228.058506][T10605] genl_family_rcv_msg_doit+0x214/0x300 [ 228.058545][T10605] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 228.058579][T10605] ? genl_get_cmd+0x3ef/0x720 [ 228.058619][T10605] ? bpf_lsm_capable+0x9/0x10 [ 228.058660][T10605] ? security_capable+0x80/0x260 [ 228.058709][T10605] ? ns_capable+0xd2/0xf0 [ 228.058745][T10605] genl_rcv_msg+0x560/0x800 [ 228.058774][T10605] ? __pfx_genl_rcv_msg+0x10/0x10 [ 228.058800][T10605] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 228.058842][T10605] netlink_rcv_skb+0x159/0x420 [ 228.058881][T10605] ? __pfx_genl_rcv_msg+0x10/0x10 [ 228.058907][T10605] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 228.059007][T10605] ? netlink_deliver_tap+0x1ae/0xcc0 [ 228.059062][T10605] genl_rcv+0x28/0x40 [ 228.059094][T10605] netlink_unicast+0x5aa/0x870 [ 228.059136][T10605] ? __pfx_netlink_unicast+0x10/0x10 [ 228.059173][T10605] ? __pfx___might_resched+0x10/0x10 [ 228.059201][T10605] ? __lock_acquire+0x4a5/0x2630 [ 228.059232][T10605] netlink_sendmsg+0x8b0/0xda0 [ 228.059282][T10605] ? __pfx_netlink_sendmsg+0x10/0x10 [ 228.059319][T10605] ? __import_iovec+0x1d2/0x640 [ 228.059349][T10605] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 228.059390][T10605] ____sys_sendmsg+0xa54/0xc30 [ 228.059419][T10605] ? __pfx_____sys_sendmsg+0x10/0x10 [ 228.059450][T10605] ? __pfx_futex_wake_mark+0x10/0x10 [ 228.059484][T10605] ___sys_sendmsg+0x190/0x1e0 [ 228.059512][T10605] ? __pfx____sys_sendmsg+0x10/0x10 [ 228.059575][T10605] __sys_sendmsg+0x170/0x220 [ 228.059611][T10605] ? __pfx___sys_sendmsg+0x10/0x10 [ 228.059645][T10605] ? __x64_sys_futex+0x34f/0x4d0 [ 228.059685][T10605] do_syscall_64+0x106/0xf80 [ 228.059720][T10605] ? clear_bhb_loop+0x40/0x90 [ 228.059750][T10605] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 228.059774][T10605] RIP: 0033:0x7ff19399bf79 [ 228.059794][T10605] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 228.059816][T10605] RSP: 002b:00007ff1947f5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 228.059838][T10605] RAX: ffffffffffffffda RBX: 00007ff193c15fa0 RCX: 00007ff19399bf79 [ 228.059854][T10605] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 228.059868][T10605] RBP: 00007ff193a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 228.059882][T10605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 228.059896][T10605] R13: 00007ff193c16038 R14: 00007ff193c15fa0 R15: 00007ffc7e272768 [ 228.059927][T10605] [ 228.908901][T10623] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3194'. [ 228.999998][ T51] Bluetooth: hci4: command 0x2016 tx timeout [ 229.638397][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 229.644630][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 229.658699][ T5825] Bluetooth: hci1: command 0x0c1a tx timeout [ 229.706394][T10637] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 230.018941][T10642] debugfs: '!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' already exists in 'ieee80211' [ 230.939890][T10660] netlink: 338 bytes leftover after parsing attributes in process `syz.0.3200'. [ 231.053908][T10660] net veth1_virt_wifi virt_wifi0: entered promiscuous mode [ 231.070213][ T5833] Bluetooth: hci4: command 0x2016 tx timeout [ 231.709497][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout [ 231.712367][ T5825] Bluetooth: hci0: command 0x0c1a tx timeout [ 231.716148][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 232.079011][T10679] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 232.108853][T10679] CPU: 0 UID: 0 PID: 10679 Comm: syz.2.3203 Not tainted syzkaller #0 PREEMPT(full) [ 232.108898][T10679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 232.108919][T10679] Call Trace: [ 232.108930][T10679] [ 232.108942][T10679] dump_stack_lvl+0x100/0x190 [ 232.108994][T10679] sysfs_warn_dup.cold+0x1c/0x28 [ 232.109040][T10679] sysfs_do_create_link_sd+0x113/0x140 [ 232.109086][T10679] sysfs_create_link+0x61/0xc0 [ 232.109128][T10679] device_add+0x675/0x1950 [ 232.109164][T10679] ? __pfx_device_add+0x10/0x10 [ 232.109195][T10679] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 232.109242][T10679] ? ieee80211_set_bitrate_flags+0x41b/0x6b0 [ 232.109299][T10679] wiphy_register+0x1e5b/0x2d30 [ 232.109329][T10679] ? __rtnl_unlock+0xb9/0xf0 [ 232.109361][T10679] ? netdev_run_todo+0x7d0/0x12c0 [ 232.109417][T10679] ? __pfx_wiphy_register+0x10/0x10 [ 232.109450][T10679] ? __asan_memset+0x23/0x50 [ 232.109500][T10679] ? minstrel_ht_alloc+0x5e6/0x7f0 [ 232.109548][T10679] ieee80211_register_hw+0x2cfd/0x4140 [ 232.109604][T10679] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 232.109637][T10679] ? __pfx___debug_object_init+0x10/0x10 [ 232.109698][T10679] ? find_held_lock+0x2b/0x80 [ 232.109741][T10679] ? net_generic+0xea/0x2a0 [ 232.109789][T10679] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 232.109838][T10679] ? __hrtimer_setup+0x178/0x280 [ 232.109879][T10679] mac80211_hwsim_new_radio+0x2847/0x57d0 [ 232.109951][T10679] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 232.110011][T10679] hwsim_new_radio_nl+0xc1f/0x1340 [ 232.110061][T10679] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 232.110118][T10679] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 232.110157][T10679] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 232.110203][T10679] genl_family_rcv_msg_doit+0x214/0x300 [ 232.110245][T10679] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 232.110281][T10679] ? genl_get_cmd+0x3ef/0x720 [ 232.110323][T10679] ? bpf_lsm_capable+0x9/0x10 [ 232.110366][T10679] ? security_capable+0x80/0x260 [ 232.110417][T10679] ? ns_capable+0xd2/0xf0 [ 232.110466][T10679] genl_rcv_msg+0x560/0x800 [ 232.110507][T10679] ? __pfx_genl_rcv_msg+0x10/0x10 [ 232.110544][T10679] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 232.110603][T10679] netlink_rcv_skb+0x159/0x420 [ 232.110657][T10679] ? __pfx_genl_rcv_msg+0x10/0x10 [ 232.110695][T10679] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 232.110774][T10679] ? netlink_deliver_tap+0x1ae/0xcc0 [ 232.110839][T10679] genl_rcv+0x28/0x40 [ 232.110869][T10679] netlink_unicast+0x5aa/0x870 [ 232.110929][T10679] ? __pfx_netlink_unicast+0x10/0x10 [ 232.110981][T10679] ? __pfx___might_resched+0x10/0x10 [ 232.111021][T10679] ? __lock_acquire+0x4a5/0x2630 [ 232.111066][T10679] netlink_sendmsg+0x8b0/0xda0 [ 232.111128][T10679] ? __pfx_netlink_sendmsg+0x10/0x10 [ 232.111177][T10679] ? __import_iovec+0x1d2/0x640 [ 232.111218][T10679] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 232.111276][T10679] ____sys_sendmsg+0xa54/0xc30 [ 232.111316][T10679] ? __pfx_____sys_sendmsg+0x10/0x10 [ 232.111362][T10679] ? __pfx_futex_wake_mark+0x10/0x10 [ 232.111410][T10679] ___sys_sendmsg+0x190/0x1e0 [ 232.111451][T10679] ? __pfx____sys_sendmsg+0x10/0x10 [ 232.111542][T10679] __sys_sendmsg+0x170/0x220 [ 232.111594][T10679] ? __pfx___sys_sendmsg+0x10/0x10 [ 232.111641][T10679] ? __x64_sys_futex+0x34f/0x4d0 [ 232.111699][T10679] do_syscall_64+0x106/0xf80 [ 232.111750][T10679] ? clear_bhb_loop+0x40/0x90 [ 232.111801][T10679] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.111835][T10679] RIP: 0033:0x7ff19399bf79 [ 232.111864][T10679] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 232.111896][T10679] RSP: 002b:00007ff1947f5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 232.111929][T10679] RAX: ffffffffffffffda RBX: 00007ff193c15fa0 RCX: 00007ff19399bf79 [ 232.111951][T10679] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 232.111972][T10679] RBP: 00007ff193a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 232.111992][T10679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 232.112012][T10679] R13: 00007ff193c16038 R14: 00007ff193c15fa0 R15: 00007ffc7e272768 [ 232.112058][T10679] [ 233.149847][ T5825] Bluetooth: hci4: command 0x2016 tx timeout [ 233.692722][T10695] netlink: 'syz.1.3208': attribute type 11 has an invalid length. [ 233.789363][ T5825] Bluetooth: hci3: command 0x0c1a tx timeout [ 233.795754][ T5825] Bluetooth: hci0: command 0x0c1a tx timeout [ 233.802663][ T5825] Bluetooth: hci1: command 0x0c1a tx timeout [ 235.661617][T10720] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 235.679025][T10720] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 235.685138][T10720] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 235.709276][T10720] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 236.222913][T10732] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 236.269846][T10732] CPU: 0 UID: 0 PID: 10732 Comm: syz.0.3215 Not tainted syzkaller #0 PREEMPT(full) [ 236.269894][T10732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 236.269913][T10732] Call Trace: [ 236.269923][T10732] [ 236.269936][T10732] dump_stack_lvl+0x100/0x190 [ 236.269989][T10732] sysfs_warn_dup.cold+0x1c/0x28 [ 236.270035][T10732] sysfs_do_create_link_sd+0x113/0x140 [ 236.270082][T10732] sysfs_create_link+0x61/0xc0 [ 236.270122][T10732] device_add+0x675/0x1950 [ 236.270159][T10732] ? __pfx_device_add+0x10/0x10 [ 236.270189][T10732] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 236.270235][T10732] ? ieee80211_set_bitrate_flags+0x41b/0x6b0 [ 236.270287][T10732] wiphy_register+0x1e5b/0x2d30 [ 236.270310][T10732] ? __rtnl_unlock+0xb9/0xf0 [ 236.270333][T10732] ? netdev_run_todo+0x7d0/0x12c0 [ 236.270376][T10732] ? __pfx_wiphy_register+0x10/0x10 [ 236.270400][T10732] ? __asan_memset+0x23/0x50 [ 236.270438][T10732] ? minstrel_ht_alloc+0x5e6/0x7f0 [ 236.270472][T10732] ieee80211_register_hw+0x2cfd/0x4140 [ 236.270510][T10732] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 236.270534][T10732] ? __pfx___debug_object_init+0x10/0x10 [ 236.270584][T10732] ? find_held_lock+0x2b/0x80 [ 236.270616][T10732] ? net_generic+0xea/0x2a0 [ 236.270641][T10732] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 236.270674][T10732] ? __hrtimer_setup+0x178/0x280 [ 236.270702][T10732] mac80211_hwsim_new_radio+0x2847/0x57d0 [ 236.270756][T10732] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 236.270798][T10732] hwsim_new_radio_nl+0xc1f/0x1340 [ 236.270832][T10732] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 236.270873][T10732] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 236.270900][T10732] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 236.270933][T10732] genl_family_rcv_msg_doit+0x214/0x300 [ 236.270961][T10732] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 236.270987][T10732] ? genl_get_cmd+0x3ef/0x720 [ 236.271016][T10732] ? bpf_lsm_capable+0x9/0x10 [ 236.271047][T10732] ? security_capable+0x80/0x260 [ 236.271084][T10732] ? ns_capable+0xd2/0xf0 [ 236.271120][T10732] genl_rcv_msg+0x560/0x800 [ 236.271148][T10732] ? __pfx_genl_rcv_msg+0x10/0x10 [ 236.271173][T10732] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 236.271215][T10732] netlink_rcv_skb+0x159/0x420 [ 236.271254][T10732] ? __pfx_genl_rcv_msg+0x10/0x10 [ 236.271280][T10732] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 236.271334][T10732] ? netlink_deliver_tap+0x1ae/0xcc0 [ 236.271375][T10732] genl_rcv+0x28/0x40 [ 236.271396][T10732] netlink_unicast+0x5aa/0x870 [ 236.271438][T10732] ? __pfx_netlink_unicast+0x10/0x10 [ 236.271474][T10732] ? __pfx___might_resched+0x10/0x10 [ 236.271502][T10732] ? __lock_acquire+0x4a5/0x2630 [ 236.271533][T10732] netlink_sendmsg+0x8b0/0xda0 [ 236.271582][T10732] ? __pfx_netlink_sendmsg+0x10/0x10 [ 236.271619][T10732] ? __import_iovec+0x1d2/0x640 [ 236.271647][T10732] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 236.271689][T10732] ____sys_sendmsg+0xa54/0xc30 [ 236.271718][T10732] ? __pfx_____sys_sendmsg+0x10/0x10 [ 236.271749][T10732] ? try_to_wake_up+0x644/0x1a80 [ 236.271788][T10732] ___sys_sendmsg+0x190/0x1e0 [ 236.271817][T10732] ? __pfx____sys_sendmsg+0x10/0x10 [ 236.271844][T10732] ? futex_private_hash_put+0x107/0x1c0 [ 236.271915][T10732] __sys_sendmsg+0x170/0x220 [ 236.271951][T10732] ? __pfx___sys_sendmsg+0x10/0x10 [ 236.271985][T10732] ? __x64_sys_futex+0x34f/0x4d0 [ 236.272026][T10732] do_syscall_64+0x106/0xf80 [ 236.272062][T10732] ? clear_bhb_loop+0x40/0x90 [ 236.272091][T10732] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.272116][T10732] RIP: 0033:0x7ffbc079bf79 [ 236.272136][T10732] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 236.272158][T10732] RSP: 002b:00007ffbc1639028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 236.272181][T10732] RAX: ffffffffffffffda RBX: 00007ffbc0a16090 RCX: 00007ffbc079bf79 [ 236.272196][T10732] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 236.272211][T10732] RBP: 00007ffbc08327e0 R08: 0000000000000000 R09: 0000000000000000 [ 236.272225][T10732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 236.272239][T10732] R13: 00007ffbc0a16128 R14: 00007ffbc0a16090 R15: 00007ffea082d3d8 [ 236.272270][T10732] [ 237.402365][T10742] smpboot: CPU 1 is now offline [ 237.702026][ T5833] Bluetooth: hci1: command 0x0c1a tx timeout [ 237.709979][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout [ 237.716076][ T5833] Bluetooth: hci4: command 0x2016 tx timeout [ 237.789231][ T5833] Bluetooth: hci0: command 0x0c1a tx timeout [ 238.351091][T10760] ubi0: attaching mtd0 [ 238.452862][T10760] ubi0: scanning is finished [ 238.457556][T10760] ubi0: empty MTD device detected [ 238.528990][T10751] zram: Added device: zram0 [ 238.569254][T10756] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 238.664776][T10751] FAULT_INJECTION: forcing a failure. [ 238.664776][T10751] name failslab, interval 1, probability 0, space 0, times 0 [ 238.763299][T10751] CPU: 0 UID: 0 PID: 10751 Comm: syz.0.3219 Not tainted syzkaller #0 PREEMPT(full) [ 238.763339][T10751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 238.763354][T10751] Call Trace: [ 238.763361][T10751] [ 238.763373][T10751] dump_stack_lvl+0x100/0x190 [ 238.763410][T10751] should_fail_ex.cold+0x5/0xa [ 238.763435][T10751] should_failslab+0xc2/0x120 [ 238.763463][T10751] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 238.763490][T10751] ? taskstats_exit+0x650/0xbd0 [ 238.763532][T10751] taskstats_exit+0x650/0xbd0 [ 238.763561][T10751] ? __pfx_acct_update_integrals+0x10/0x10 [ 238.763592][T10751] ? __pfx_taskstats_exit+0x10/0x10 [ 238.763623][T10751] ? rcu_read_lock_any_held+0x6a/0xa0 [ 238.763654][T10751] ? exit_signals+0x395/0xaf0 [ 238.763690][T10751] do_exit+0x5ca/0x2a30 [ 238.763720][T10751] ? __pfx_do_exit+0x10/0x10 [ 238.763744][T10751] ? do_raw_spin_lock+0x128/0x260 [ 238.763770][T10751] ? find_held_lock+0x2b/0x80 [ 238.763799][T10751] ? get_signal+0x7e0/0x21e0 [ 238.763834][T10751] do_group_exit+0xd5/0x2a0 [ 238.763868][T10751] get_signal+0x1ec7/0x21e0 [ 238.763912][T10751] ? __pfx_get_signal+0x10/0x10 [ 238.763947][T10751] ? do_futex+0x192/0x350 [ 238.763972][T10751] arch_do_signal_or_restart+0x91/0x770 [ 238.763995][T10751] ? __do_sys_close_range+0x230/0x740 [ 238.764021][T10751] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 238.764058][T10751] ? __pfx___x64_sys_futex+0x10/0x10 [ 238.764087][T10751] exit_to_user_mode_loop+0x86/0x4a0 [ 238.764109][T10751] ? rcu_is_watching+0x12/0xc0 [ 238.764138][T10751] do_syscall_64+0x668/0xf80 [ 238.764172][T10751] ? clear_bhb_loop+0x40/0x90 [ 238.764199][T10751] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.764221][T10751] RIP: 0033:0x7ffbc079bf79 [ 238.764239][T10751] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 238.764260][T10751] RSP: 002b:00007ffbc165a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 238.764282][T10751] RAX: fffffffffffffe00 RBX: 00007ffbc0a15fa8 RCX: 00007ffbc079bf79 [ 238.764296][T10751] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ffbc0a15fa8 [ 238.764310][T10751] RBP: 00007ffbc0a15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 238.764323][T10751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 238.764336][T10751] R13: 00007ffbc0a16038 R14: 00007ffea082d2f0 R15: 00007ffea082d3d8 [ 238.764365][T10751] [ 240.134152][T10760] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 240.227489][T10760] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 240.298610][T10760] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 240.378542][T10760] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 240.511335][T10760] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 240.608579][T10760] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 240.719735][T10760] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 969987022 [ 240.849493][T10760] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 240.950498][T10787] ubi0: background thread "ubi_bgt0d" started, PID 10787 [ 241.452505][T10809] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 241.529386][T10809] CPU: 0 UID: 0 PID: 10809 Comm: syz.1.3227 Not tainted syzkaller #0 PREEMPT(full) [ 241.529419][T10809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 241.529433][T10809] Call Trace: [ 241.529441][T10809] [ 241.529449][T10809] dump_stack_lvl+0x100/0x190 [ 241.529488][T10809] sysfs_warn_dup.cold+0x1c/0x28 [ 241.529522][T10809] sysfs_do_create_link_sd+0x113/0x140 [ 241.529555][T10809] sysfs_create_link+0x61/0xc0 [ 241.529586][T10809] device_add+0x675/0x1950 [ 241.529612][T10809] ? __pfx_device_add+0x10/0x10 [ 241.529633][T10809] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 241.529667][T10809] ? ieee80211_set_bitrate_flags+0x41b/0x6b0 [ 241.529710][T10809] wiphy_register+0x1e5b/0x2d30 [ 241.529741][T10809] ? __rtnl_unlock+0xb9/0xf0 [ 241.529763][T10809] ? netdev_run_todo+0x7d0/0x12c0 [ 241.529806][T10809] ? __pfx_wiphy_register+0x10/0x10 [ 241.529830][T10809] ? __asan_memset+0x23/0x50 [ 241.529869][T10809] ? minstrel_ht_alloc+0x5e6/0x7f0 [ 241.529903][T10809] ieee80211_register_hw+0x2cfd/0x4140 [ 241.529941][T10809] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 241.529965][T10809] ? __pfx___debug_object_init+0x10/0x10 [ 241.530009][T10809] ? find_held_lock+0x2b/0x80 [ 241.530040][T10809] ? net_generic+0xea/0x2a0 [ 241.530064][T10809] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 241.530098][T10809] ? __hrtimer_setup+0x178/0x280 [ 241.530126][T10809] mac80211_hwsim_new_radio+0x2847/0x57d0 [ 241.530177][T10809] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 241.530219][T10809] hwsim_new_radio_nl+0xc1f/0x1340 [ 241.530253][T10809] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 241.530294][T10809] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 241.530322][T10809] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 241.530354][T10809] genl_family_rcv_msg_doit+0x214/0x300 [ 241.530383][T10809] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 241.530409][T10809] ? genl_get_cmd+0x3ef/0x720 [ 241.530439][T10809] ? bpf_lsm_capable+0x9/0x10 [ 241.530470][T10809] ? security_capable+0x80/0x260 [ 241.530506][T10809] ? ns_capable+0xd2/0xf0 [ 241.530541][T10809] genl_rcv_msg+0x560/0x800 [ 241.530571][T10809] ? __pfx_genl_rcv_msg+0x10/0x10 [ 241.530599][T10809] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 241.530641][T10809] netlink_rcv_skb+0x159/0x420 [ 241.530680][T10809] ? __pfx_genl_rcv_msg+0x10/0x10 [ 241.530706][T10809] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 241.530764][T10809] ? netlink_deliver_tap+0x1ae/0xcc0 [ 241.530804][T10809] genl_rcv+0x28/0x40 [ 241.530825][T10809] netlink_unicast+0x5aa/0x870 [ 241.530868][T10809] ? __pfx_netlink_unicast+0x10/0x10 [ 241.530906][T10809] ? __pfx___might_resched+0x10/0x10 [ 241.530933][T10809] ? __lock_acquire+0x4a5/0x2630 [ 241.530964][T10809] netlink_sendmsg+0x8b0/0xda0 [ 241.531007][T10809] ? __pfx_netlink_sendmsg+0x10/0x10 [ 241.531044][T10809] ? __import_iovec+0x1d2/0x640 [ 241.531072][T10809] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 241.531116][T10809] ____sys_sendmsg+0xa54/0xc30 [ 241.531145][T10809] ? __pfx_____sys_sendmsg+0x10/0x10 [ 241.531177][T10809] ? __pfx_futex_wake_mark+0x10/0x10 [ 241.531210][T10809] ___sys_sendmsg+0x190/0x1e0 [ 241.531238][T10809] ? __pfx____sys_sendmsg+0x10/0x10 [ 241.531301][T10809] __sys_sendmsg+0x170/0x220 [ 241.531339][T10809] ? __pfx___sys_sendmsg+0x10/0x10 [ 241.531373][T10809] ? __x64_sys_futex+0x34f/0x4d0 [ 241.531414][T10809] do_syscall_64+0x106/0xf80 [ 241.531449][T10809] ? clear_bhb_loop+0x40/0x90 [ 241.531478][T10809] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.531502][T10809] RIP: 0033:0x7fe7f0f9bf79 [ 241.531522][T10809] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 241.531544][T10809] RSP: 002b:00007fe7f1dd4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 241.531567][T10809] RAX: ffffffffffffffda RBX: 00007fe7f1215fa0 RCX: 00007fe7f0f9bf79 [ 241.531582][T10809] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 241.531597][T10809] RBP: 00007fe7f10327e0 R08: 0000000000000000 R09: 0000000000000000 [ 241.531611][T10809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 241.531625][T10809] R13: 00007fe7f1216038 R14: 00007fe7f1215fa0 R15: 00007ffd7c31cf68 [ 241.531656][T10809] [ 242.488103][T10826] wlan1: mtu less than device minimum [ 242.840129][T10836] bond0: invalid ARP target specified [ 243.982009][T10845] [U] [ 244.552245][T10872] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 244.597873][T10872] CPU: 0 UID: 0 PID: 10872 Comm: syz.1.3239 Not tainted syzkaller #0 PREEMPT(full) [ 244.597906][T10872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 244.597932][T10872] Call Trace: [ 244.597940][T10872] [ 244.597949][T10872] dump_stack_lvl+0x100/0x190 [ 244.597988][T10872] sysfs_warn_dup.cold+0x1c/0x28 [ 244.598021][T10872] sysfs_do_create_link_sd+0x113/0x140 [ 244.598056][T10872] sysfs_create_link+0x61/0xc0 [ 244.598090][T10872] device_add+0x675/0x1950 [ 244.598116][T10872] ? __pfx_device_add+0x10/0x10 [ 244.598137][T10872] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 244.598174][T10872] ? ieee80211_set_bitrate_flags+0x41b/0x6b0 [ 244.598215][T10872] wiphy_register+0x1e5b/0x2d30 [ 244.598238][T10872] ? __rtnl_unlock+0xb9/0xf0 [ 244.598260][T10872] ? netdev_run_todo+0x7d0/0x12c0 [ 244.598303][T10872] ? __pfx_wiphy_register+0x10/0x10 [ 244.598327][T10872] ? __asan_memset+0x23/0x50 [ 244.598368][T10872] ? minstrel_ht_alloc+0x5e6/0x7f0 [ 244.598401][T10872] ieee80211_register_hw+0x2cfd/0x4140 [ 244.598443][T10872] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 244.598474][T10872] ? __pfx___debug_object_init+0x10/0x10 [ 244.598518][T10872] ? find_held_lock+0x2b/0x80 [ 244.598550][T10872] ? net_generic+0xea/0x2a0 [ 244.598574][T10872] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 244.598608][T10872] ? __hrtimer_setup+0x178/0x280 [ 244.598635][T10872] mac80211_hwsim_new_radio+0x2847/0x57d0 [ 244.598686][T10872] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 244.598727][T10872] hwsim_new_radio_nl+0xc1f/0x1340 [ 244.598761][T10872] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 244.598802][T10872] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 244.598832][T10872] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 244.598865][T10872] genl_family_rcv_msg_doit+0x214/0x300 [ 244.598894][T10872] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 244.598919][T10872] ? genl_get_cmd+0x3ef/0x720 [ 244.598948][T10872] ? bpf_lsm_capable+0x9/0x10 [ 244.598979][T10872] ? security_capable+0x80/0x260 [ 244.599015][T10872] ? ns_capable+0xd2/0xf0 [ 244.599050][T10872] genl_rcv_msg+0x560/0x800 [ 244.599078][T10872] ? __pfx_genl_rcv_msg+0x10/0x10 [ 244.599104][T10872] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 244.599146][T10872] netlink_rcv_skb+0x159/0x420 [ 244.599184][T10872] ? __pfx_genl_rcv_msg+0x10/0x10 [ 244.599210][T10872] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 244.599260][T10872] ? netlink_deliver_tap+0x1ae/0xcc0 [ 244.599300][T10872] genl_rcv+0x28/0x40 [ 244.599321][T10872] netlink_unicast+0x5aa/0x870 [ 244.599363][T10872] ? __pfx_netlink_unicast+0x10/0x10 [ 244.599400][T10872] ? __pfx___might_resched+0x10/0x10 [ 244.599427][T10872] ? __lock_acquire+0x4a5/0x2630 [ 244.599465][T10872] netlink_sendmsg+0x8b0/0xda0 [ 244.599509][T10872] ? __pfx_netlink_sendmsg+0x10/0x10 [ 244.599545][T10872] ? __import_iovec+0x1d2/0x640 [ 244.599574][T10872] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 244.599615][T10872] ____sys_sendmsg+0xa54/0xc30 [ 244.599644][T10872] ? __pfx_____sys_sendmsg+0x10/0x10 [ 244.599676][T10872] ? __pfx_futex_wake_mark+0x10/0x10 [ 244.599709][T10872] ___sys_sendmsg+0x190/0x1e0 [ 244.599738][T10872] ? __pfx____sys_sendmsg+0x10/0x10 [ 244.599801][T10872] __sys_sendmsg+0x170/0x220 [ 244.599837][T10872] ? __pfx___sys_sendmsg+0x10/0x10 [ 244.599871][T10872] ? __x64_sys_futex+0x34f/0x4d0 [ 244.599912][T10872] do_syscall_64+0x106/0xf80 [ 244.599947][T10872] ? clear_bhb_loop+0x40/0x90 [ 244.599977][T10872] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.600002][T10872] RIP: 0033:0x7fe7f0f9bf79 [ 244.600022][T10872] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 244.600047][T10872] RSP: 002b:00007fe7f1dd4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 244.600069][T10872] RAX: ffffffffffffffda RBX: 00007fe7f1215fa0 RCX: 00007fe7f0f9bf79 [ 244.600085][T10872] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 244.600100][T10872] RBP: 00007fe7f10327e0 R08: 0000000000000000 R09: 0000000000000000 [ 244.600115][T10872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 244.600129][T10872] R13: 00007fe7f1216038 R14: 00007fe7f1215fa0 R15: 00007ffd7c31cf68 [ 244.600160][T10872] [ 245.640410][T10874] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 245.684558][T10874] CPU: 0 UID: 0 PID: 10874 Comm: syz.3.3240 Not tainted syzkaller #0 PREEMPT(full) [ 245.684593][T10874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 245.684607][T10874] Call Trace: [ 245.684616][T10874] [ 245.684625][T10874] dump_stack_lvl+0x100/0x190 [ 245.684664][T10874] sysfs_warn_dup.cold+0x1c/0x28 [ 245.684699][T10874] sysfs_do_create_link_sd+0x113/0x140 [ 245.684732][T10874] sysfs_create_link+0x61/0xc0 [ 245.684763][T10874] device_add+0x675/0x1950 [ 245.684789][T10874] ? __pfx_device_add+0x10/0x10 [ 245.684810][T10874] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 245.684844][T10874] ? ieee80211_set_bitrate_flags+0x41b/0x6b0 [ 245.684887][T10874] wiphy_register+0x1e5b/0x2d30 [ 245.684910][T10874] ? __rtnl_unlock+0xb9/0xf0 [ 245.684931][T10874] ? netdev_run_todo+0x7d0/0x12c0 [ 245.684975][T10874] ? __pfx_wiphy_register+0x10/0x10 [ 245.684999][T10874] ? __asan_memset+0x23/0x50 [ 245.685037][T10874] ? minstrel_ht_alloc+0x5e6/0x7f0 [ 245.685071][T10874] ieee80211_register_hw+0x2cfd/0x4140 [ 245.685109][T10874] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 245.685133][T10874] ? __pfx___debug_object_init+0x10/0x10 [ 245.685177][T10874] ? find_held_lock+0x2b/0x80 [ 245.685208][T10874] ? net_generic+0xea/0x2a0 [ 245.685232][T10874] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 245.685265][T10874] ? __hrtimer_setup+0x178/0x280 [ 245.685301][T10874] mac80211_hwsim_new_radio+0x2847/0x57d0 [ 245.685358][T10874] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 245.685400][T10874] hwsim_new_radio_nl+0xc1f/0x1340 [ 245.685435][T10874] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 245.685475][T10874] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 245.685503][T10874] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 245.685536][T10874] genl_family_rcv_msg_doit+0x214/0x300 [ 245.685568][T10874] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 245.685593][T10874] ? genl_get_cmd+0x3ef/0x720 [ 245.685623][T10874] ? bpf_lsm_capable+0x9/0x10 [ 245.685654][T10874] ? security_capable+0x80/0x260 [ 245.685691][T10874] ? ns_capable+0xd2/0xf0 [ 245.685727][T10874] genl_rcv_msg+0x560/0x800 [ 245.685755][T10874] ? __pfx_genl_rcv_msg+0x10/0x10 [ 245.685781][T10874] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 245.685823][T10874] netlink_rcv_skb+0x159/0x420 [ 245.685861][T10874] ? __pfx_genl_rcv_msg+0x10/0x10 [ 245.685888][T10874] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 245.685938][T10874] ? netlink_deliver_tap+0x1ae/0xcc0 [ 245.685979][T10874] genl_rcv+0x28/0x40 [ 245.686000][T10874] netlink_unicast+0x5aa/0x870 [ 245.686042][T10874] ? __pfx_netlink_unicast+0x10/0x10 [ 245.686079][T10874] ? __pfx___might_resched+0x10/0x10 [ 245.686106][T10874] ? __lock_acquire+0x4a5/0x2630 [ 245.686137][T10874] netlink_sendmsg+0x8b0/0xda0 [ 245.686180][T10874] ? __pfx_netlink_sendmsg+0x10/0x10 [ 245.686217][T10874] ? __import_iovec+0x1d2/0x640 [ 245.686245][T10874] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 245.686286][T10874] ____sys_sendmsg+0xa54/0xc30 [ 245.686322][T10874] ? __pfx_____sys_sendmsg+0x10/0x10 [ 245.686353][T10874] ? try_to_wake_up+0x644/0x1a80 [ 245.686392][T10874] ___sys_sendmsg+0x190/0x1e0 [ 245.686422][T10874] ? __pfx____sys_sendmsg+0x10/0x10 [ 245.686450][T10874] ? futex_private_hash_put+0x107/0x1c0 [ 245.686521][T10874] __sys_sendmsg+0x170/0x220 [ 245.686558][T10874] ? __pfx___sys_sendmsg+0x10/0x10 [ 245.686593][T10874] ? __x64_sys_futex+0x34f/0x4d0 [ 245.686633][T10874] do_syscall_64+0x106/0xf80 [ 245.686668][T10874] ? clear_bhb_loop+0x40/0x90 [ 245.686698][T10874] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 245.686722][T10874] RIP: 0033:0x7fda5ed9bf79 [ 245.686742][T10874] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 245.686766][T10874] RSP: 002b:00007fda5fc7a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 245.686788][T10874] RAX: ffffffffffffffda RBX: 00007fda5f015fa0 RCX: 00007fda5ed9bf79 [ 245.686804][T10874] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000004 [ 245.686819][T10874] RBP: 00007fda5ee327e0 R08: 0000000000000000 R09: 0000000000000000 [ 245.686833][T10874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 245.686848][T10874] R13: 00007fda5f016038 R14: 00007fda5f015fa0 R15: 00007fffa4f4c9f8 [ 245.686879][T10874] [ 246.529518][T10894] HfR: entered promiscuous mode [ 246.537567][T10894] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3244'. [ 246.546741][T10894] HfR: left promiscuous mode [ 247.528705][T10908] can: request_module (can-proto-4) failed. [ 248.724270][T10942] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 248.758645][T10942] CPU: 0 UID: 0 PID: 10942 Comm: syz.1.3253 Not tainted syzkaller #0 PREEMPT(full) [ 248.758679][T10942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 248.758694][T10942] Call Trace: [ 248.758701][T10942] [ 248.758710][T10942] dump_stack_lvl+0x100/0x190 [ 248.758749][T10942] sysfs_warn_dup.cold+0x1c/0x28 [ 248.758783][T10942] sysfs_do_create_link_sd+0x113/0x140 [ 248.758817][T10942] sysfs_create_link+0x61/0xc0 [ 248.758848][T10942] device_add+0x675/0x1950 [ 248.758874][T10942] ? __pfx_device_add+0x10/0x10 [ 248.758896][T10942] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 248.758930][T10942] ? ieee80211_set_bitrate_flags+0x41b/0x6b0 [ 248.758983][T10942] wiphy_register+0x1e5b/0x2d30 [ 248.759007][T10942] ? __rtnl_unlock+0xb9/0xf0 [ 248.759042][T10942] ? netdev_run_todo+0x7d0/0x12c0 [ 248.759084][T10942] ? __pfx_wiphy_register+0x10/0x10 [ 248.759107][T10942] ? __asan_memset+0x23/0x50 [ 248.759144][T10942] ? minstrel_ht_alloc+0x5e6/0x7f0 [ 248.759176][T10942] ieee80211_register_hw+0x2cfd/0x4140 [ 248.759213][T10942] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 248.759236][T10942] ? __pfx___debug_object_init+0x10/0x10 [ 248.759278][T10942] ? find_held_lock+0x2b/0x80 [ 248.759308][T10942] ? net_generic+0xea/0x2a0 [ 248.759331][T10942] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 248.759363][T10942] ? __hrtimer_setup+0x178/0x280 [ 248.759391][T10942] mac80211_hwsim_new_radio+0x2847/0x57d0 [ 248.759440][T10942] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 248.759480][T10942] hwsim_new_radio_nl+0xc1f/0x1340 [ 248.759513][T10942] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 248.759561][T10942] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 248.759588][T10942] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 248.759620][T10942] genl_family_rcv_msg_doit+0x214/0x300 [ 248.759668][T10942] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 248.759694][T10942] ? genl_get_cmd+0x3ef/0x720 [ 248.759725][T10942] ? bpf_lsm_capable+0x9/0x10 [ 248.759756][T10942] ? security_capable+0x80/0x260 [ 248.759793][T10942] ? ns_capable+0xd2/0xf0 [ 248.759829][T10942] genl_rcv_msg+0x560/0x800 [ 248.759857][T10942] ? __pfx_genl_rcv_msg+0x10/0x10 [ 248.759883][T10942] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 248.759925][T10942] netlink_rcv_skb+0x159/0x420 [ 248.759971][T10942] ? __pfx_genl_rcv_msg+0x10/0x10 [ 248.759999][T10942] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 248.760050][T10942] ? netlink_deliver_tap+0x1ae/0xcc0 [ 248.760091][T10942] genl_rcv+0x28/0x40 [ 248.760112][T10942] netlink_unicast+0x5aa/0x870 [ 248.760164][T10942] ? __pfx_netlink_unicast+0x10/0x10 [ 248.760202][T10942] ? __pfx___might_resched+0x10/0x10 [ 248.760231][T10942] ? __lock_acquire+0x4a5/0x2630 [ 248.760262][T10942] netlink_sendmsg+0x8b0/0xda0 [ 248.760306][T10942] ? __pfx_netlink_sendmsg+0x10/0x10 [ 248.760342][T10942] ? __import_iovec+0x1d2/0x640 [ 248.760371][T10942] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 248.760412][T10942] ____sys_sendmsg+0xa54/0xc30 [ 248.760441][T10942] ? __pfx_____sys_sendmsg+0x10/0x10 [ 248.760471][T10942] ? try_to_wake_up+0x644/0x1a80 [ 248.760510][T10942] ___sys_sendmsg+0x190/0x1e0 [ 248.760539][T10942] ? __pfx____sys_sendmsg+0x10/0x10 [ 248.760566][T10942] ? futex_private_hash_put+0x107/0x1c0 [ 248.760636][T10942] __sys_sendmsg+0x170/0x220 [ 248.760671][T10942] ? __pfx___sys_sendmsg+0x10/0x10 [ 248.760705][T10942] ? __x64_sys_futex+0x34f/0x4d0 [ 248.760745][T10942] do_syscall_64+0x106/0xf80 [ 248.760780][T10942] ? clear_bhb_loop+0x40/0x90 [ 248.760810][T10942] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.760833][T10942] RIP: 0033:0x7fe7f0f9bf79 [ 248.760853][T10942] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 248.760875][T10942] RSP: 002b:00007fe7f1db3028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 248.760897][T10942] RAX: ffffffffffffffda RBX: 00007fe7f1216090 RCX: 00007fe7f0f9bf79 [ 248.760912][T10942] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 248.760927][T10942] RBP: 00007fe7f10327e0 R08: 0000000000000000 R09: 0000000000000000 [ 248.760972][T10942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 248.760987][T10942] R13: 00007fe7f1216128 R14: 00007fe7f1216090 R15: 00007ffd7c31cf68 [ 248.761018][T10942] [ 250.578027][T10958] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 250.990031][ T5833] Bluetooth: hci4: unexpected event for opcode 0x7c89 [ 251.002285][T10975] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3261'. [ 251.164100][ T5833] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260 [ 251.164143][ T5833] Bluetooth: hci4: unexpected subevent 0x0d length: 725 > 260 [ 251.188888][ T5833] Bluetooth: hci4: Unknown advertising packet type: 0x7f [ 251.188954][ T5833] Bluetooth: hci4: adv larger than maximum supported [ 251.197145][ T5833] Bluetooth: hci4: Unknown advertising packet type: 0x74 [ 251.204018][ T5833] Bluetooth: hci4: adv larger than maximum supported [ 251.217144][ T5833] Bluetooth: hci4: Malformed LE Event: 0x0d [ 252.390246][ T22] IRQ fixup: irq 33 move in progress, old vector 47 [ 252.404879][T11005] smpboot: CPU 1 is now offline [ 252.532334][T11006] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 254.095211][T11054] openvswitch: netlink: Key type 308 is out of range max 32 [ 254.121017][T11053] sd 0:0:1:0: PR command failed: 1026 [ 254.126613][T11053] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 254.133554][T11053] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 254.538542][T11060] smpboot: CPU 1 is now offline [ 254.578113][T11060] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 255.446258][T11085] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3286'. [ 256.651962][T11110] batman_adv: Routing algorithm '' is not supported [ 257.116293][T11112] smpboot: CPU 1 is now offline [ 257.141775][T11115] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 257.190261][T11108] ------------[ cut here ]------------ [ 257.191447][T11108] [ 257.191456][T11108] ====================================================== [ 257.191467][T11108] WARNING: possible circular locking dependency detected [ 257.191478][T11108] syzkaller #0 Not tainted [ 257.191491][T11108] ------------------------------------------------------ [ 257.191501][T11108] syz.0.3292/11108 is trying to acquire lock: [ 257.191516][T11108] ffffffff8e4f31e0 (console_owner){-.-.}-{0:0}, at: console_lock_spinning_enable+0x61/0x80 [ 257.191598][T11108] [ 257.191598][T11108] but task is already holding lock: [ 257.191607][T11108] ffff8880b843b0e0 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x88/0x140 [ 257.191680][T11108] [ 257.191680][T11108] which lock already depends on the new lock. [ 257.191680][T11108] [ 257.191689][T11108] [ 257.191689][T11108] the existing dependency chain (in reverse order) is: [ 257.191699][T11108] [ 257.191699][T11108] -> #5 (&rq->__lock){-.-.}-{2:2}: [ 257.191739][T11108] _raw_spin_lock_nested+0x31/0x40 [ 257.191775][T11108] raw_spin_rq_lock_nested+0x2c/0x140 [ 257.191814][T11108] _task_rq_lock+0xcf/0x490 [ 257.191853][T11108] cgroup_move_task+0x81/0x2b0 [ 257.191900][T11108] css_set_move_task+0x285/0x600 [ 257.191937][T11108] cgroup_post_fork+0x202/0x9b0 [ 257.191973][T11108] copy_process+0x5f26/0x79b0 [ 257.191998][T11108] kernel_clone+0xfc/0x930 [ 257.192029][T11108] user_mode_thread+0xcc/0x110 [ 257.192054][T11108] rest_init+0x21/0x260 [ 257.192082][T11108] start_kernel+0x47a/0x480 [ 257.192119][T11108] x86_64_start_reservations+0x24/0x30 [ 257.192160][T11108] x86_64_start_kernel+0x122/0x130 [ 257.192200][T11108] common_startup_64+0x13e/0x148 [ 257.192242][T11108] [ 257.192242][T11108] -> #4 (&p->pi_lock){-.-.}-{2:2}: [ 257.192278][T11108] _raw_spin_lock_irqsave+0x3a/0x60 [ 257.192314][T11108] try_to_wake_up+0xb2/0x1a80 [ 257.192351][T11108] create_worker+0x33a/0x740 [ 257.192378][T11108] workqueue_init+0x768/0x930 [ 257.192408][T11108] kernel_init_freeable+0x3d4/0x790 [ 257.192447][T11108] kernel_init+0x1f/0x1e0 [ 257.192475][T11108] ret_from_fork+0x754/0xd80 [ 257.192508][T11108] ret_from_fork_asm+0x1a/0x30 [ 257.192534][T11108] [ 257.192534][T11108] -> #3 (&pool->lock){-.-.}-{2:2}: [ 257.192569][T11108] _raw_spin_lock+0x2e/0x40 [ 257.192602][T11108] __queue_work+0x270/0x10f0 [ 257.192633][T11108] queue_work_on+0x1a9/0x1e0 [ 257.192664][T11108] rpm_suspend+0xe90/0x1160 [ 257.192702][T11108] rpm_idle+0x5e8/0x760 [ 257.192743][T11108] __pm_runtime_idle+0xba/0x1a0 [ 257.192781][T11108] __device_attach+0x37e/0x4d0 [ 257.192820][T11108] device_initial_probe+0xaf/0xd0 [ 257.192860][T11108] bus_probe_device+0x64/0x160 [ 257.192893][T11108] device_add+0x11d9/0x1950 [ 257.192915][T11108] serial_base_port_add+0x227/0x2b0 [ 257.192957][T11108] serial_core_register_port+0x13c/0x17a0 [ 257.192996][T11108] serial8250_register_8250_port+0x155a/0x2260 [ 257.193033][T11108] serial_pnp_probe+0x436/0x930 [ 257.193059][T11108] pnp_device_probe+0x2b3/0x4a0 [ 257.193100][T11108] really_probe+0x241/0xa60 [ 257.193136][T11108] __driver_probe_device+0x1de/0x400 [ 257.193174][T11108] driver_probe_device+0x4c/0x1b0 [ 257.193213][T11108] __driver_attach+0x2f4/0x6a0 [ 257.193251][T11108] bus_for_each_dev+0x13e/0x1d0 [ 257.193280][T11108] bus_add_driver+0x305/0x5b0 [ 257.193313][T11108] driver_register+0x1e2/0x360 [ 257.193356][T11108] serial8250_init+0xcc/0x1b0 [ 257.193384][T11108] do_one_initcall+0x11d/0x690 [ 257.193408][T11108] kernel_init_freeable+0x6e5/0x790 [ 257.193445][T11108] kernel_init+0x1f/0x1e0 [ 257.193473][T11108] ret_from_fork+0x754/0xd80 [ 257.193507][T11108] ret_from_fork_asm+0x1a/0x30 [ 257.193532][T11108] [ 257.193532][T11108] -> #2 (&dev->power.lock){-.-.}-{3:3}: [ 257.193568][T11108] _raw_spin_lock_irqsave+0x3a/0x60 [ 257.193604][T11108] __pm_runtime_resume+0xa9/0x170 [ 257.193644][T11108] __uart_start+0x1b0/0x510 [ 257.193670][T11108] uart_write+0x211/0xb20 [ 257.193703][T11108] n_tty_write+0x44f/0x12d0 [ 257.193745][T11108] file_tty_write.isra.0+0x4d2/0x890 [ 257.193780][T11108] redirected_tty_write+0xd4/0x120 [ 257.193814][T11108] vfs_write+0x6ac/0x1070 [ 257.193839][T11108] ksys_write+0x12a/0x250 [ 257.193864][T11108] do_syscall_64+0x106/0xf80 [ 257.193904][T11108] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.193932][T11108] [ 257.193932][T11108] -> #1 (&port_lock_key){-.-.}-{3:3}: [ 257.193967][T11108] _raw_spin_lock_irqsave+0x3a/0x60 [ 257.194004][T11108] serial8250_console_write+0x17e/0x1900 [ 257.194053][T11108] console_flush_one_record+0x790/0xe50 [ 257.194089][T11108] console_unlock+0x103/0x260 [ 257.194122][T11108] vprintk_emit+0x407/0x6b0 [ 257.194158][T11108] _printk+0xcf/0x110 [ 257.194181][T11108] register_console.cold+0xc0/0x248 [ 257.194209][T11108] univ8250_console_init+0x6f/0x80 [ 257.194237][T11108] console_init+0x371/0x520 [ 257.194261][T11108] start_kernel+0x300/0x480 [ 257.194298][T11108] x86_64_start_reservations+0x24/0x30 [ 257.194339][T11108] x86_64_start_kernel+0x122/0x130 [ 257.194378][T11108] common_startup_64+0x13e/0x148 [ 257.194424][T11108] [ 257.194424][T11108] -> #0 (console_owner){-.-.}-{0:0}: [ 257.194460][T11108] __lock_acquire+0x14b8/0x2630 [ 257.194485][T11108] lock_acquire+0x17c/0x330 [ 257.194509][T11108] console_lock_spinning_enable+0x72/0x80 [ 257.194544][T11108] console_flush_one_record+0x739/0xe50 [ 257.194580][T11108] console_unlock+0x103/0x260 [ 257.194614][T11108] vprintk_emit+0x407/0x6b0 [ 257.194650][T11108] _printk+0xcf/0x110 [ 257.194673][T11108] __report_bug.cold+0x15/0x137 [ 257.194707][T11108] report_bug+0xb2/0x220 [ 257.194742][T11108] handle_bug+0x166/0x2a0 [ 257.194765][T11108] exc_invalid_op+0x17/0x50 [ 257.194789][T11108] asm_exc_invalid_op+0x1a/0x20 [ 257.194815][T11108] update_rq_clock+0x40a/0xd20 [ 257.194855][T11108] __schedule+0x1b4e/0x6000 [ 257.194891][T11108] preempt_schedule_common+0x42/0xc0 [ 257.194930][T11108] preempt_schedule_thunk+0x16/0x30 [ 257.194960][T11108] __local_bh_enable_ip+0xff/0x120 [ 257.195004][T11108] scomp_acomp_comp_decomp+0x741/0xc40 [ 257.195045][T11108] crypto_acomp_decompress+0x14c/0x520 [ 257.195077][T11108] zswap_decompress+0x4b8/0xac0 [ 257.195115][T11108] zswap_load+0x253/0x7e0 [ 257.195159][T11108] swap_read_folio+0x5c3/0x2830 [ 257.195201][T11108] swap_cluster_readahead+0x6db/0x770 [ 257.195246][T11108] swapin_readahead+0x14b/0x12e0 [ 257.195289][T11108] do_swap_page+0x9ba/0x6810 [ 257.195329][T11108] __handle_mm_fault+0x18b9/0x2b50 [ 257.195370][T11108] handle_mm_fault+0x36d/0xa20 [ 257.195412][T11108] do_user_addr_fault+0x5a3/0x12f0 [ 257.195450][T11108] exc_page_fault+0x6f/0xd0 [ 257.195498][T11108] asm_exc_page_fault+0x26/0x30 [ 257.195524][T11108] [ 257.195524][T11108] other info that might help us debug this: [ 257.195524][T11108] [ 257.195533][T11108] Chain exists of: [ 257.195533][T11108] console_owner --> &p->pi_lock --> &rq->__lock [ 257.195533][T11108] [ 257.195572][T11108] Possible unsafe locking scenario: [ 257.195572][T11108] [ 257.195580][T11108] CPU0 CPU1 [ 257.195588][T11108] ---- ---- [ 257.195595][T11108] lock(&rq->__lock); [ 257.195611][T11108] lock(&p->pi_lock); [ 257.195629][T11108] lock(&rq->__lock); [ 257.195646][T11108] lock(console_owner); [ 257.195663][T11108] [ 257.195663][T11108] *** DEADLOCK *** [ 257.195663][T11108] [ 257.195669][T11108] 6 locks held by syz.0.3292/11108: [ 257.195685][T11108] #0: ffff888029736e48 (vm_lock){++++}-{0:0}, at: lock_vma_under_rcu+0x11d/0x5a0 [ 257.195766][T11108] #1: ffffe8ffffc26990 (&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex){+.+.}-{4:4}, at: zswap_decompress+0x13c/0xac0 [ 257.195844][T11108] #2: ffff88813fe4a938 (zspage->lock){.+.+}-{0:0}, at: zswap_decompress+0x1d6/0xac0 [ 257.195918][T11108] #3: ffff8880b843b0e0 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x88/0x140 [ 257.195995][T11108] #4: ffffffff8e5d3620 (console_lock){+.+.}-{0:0}, at: _printk+0xcf/0x110 [ 257.196062][T11108] #5: ffffffff8e5d3698 (console_srcu){....}-{0:0}, at: console_flush_one_record+0xfd/0xe50 [ 257.196137][T11108] [ 257.196137][T11108] stack backtrace: [ 257.196149][T11108] CPU: 0 UID: 0 PID: 11108 Comm: syz.0.3292 Not tainted syzkaller #0 PREEMPT(full) [ 257.196182][T11108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 257.196200][T11108] Call Trace: [ 257.196209][T11108] [ 257.196219][T11108] dump_stack_lvl+0x100/0x190 [ 257.196258][T11108] print_circular_bug.cold+0x178/0x1c7 [ 257.196306][T11108] check_noncircular+0x146/0x160 [ 257.196355][T11108] __lock_acquire+0x14b8/0x2630 [ 257.196397][T11108] lock_acquire+0x17c/0x330 [ 257.196423][T11108] ? console_lock_spinning_enable+0x61/0x80 [ 257.196460][T11108] ? console_lock_spinning_enable+0x4a/0x80 [ 257.196500][T11108] console_lock_spinning_enable+0x72/0x80 [ 257.196536][T11108] ? console_lock_spinning_enable+0x61/0x80 [ 257.196571][T11108] console_flush_one_record+0x739/0xe50 [ 257.196613][T11108] ? __pfx_console_flush_one_record+0x10/0x10 [ 257.196656][T11108] ? is_printk_cpu_sync_owner+0x32/0x40 [ 257.196711][T11108] console_unlock+0x103/0x260 [ 257.196747][T11108] ? __pfx_console_unlock+0x10/0x10 [ 257.196786][T11108] ? do_raw_spin_unlock+0x145/0x1e0 [ 257.196821][T11108] ? _printk+0xcf/0x110 [ 257.196848][T11108] vprintk_emit+0x407/0x6b0 [ 257.196886][T11108] ? __pfx_vprintk_emit+0x10/0x10 [ 257.196925][T11108] ? find_held_lock+0x2b/0x80 [ 257.196966][T11108] _printk+0xcf/0x110 [ 257.196991][T11108] ? __pfx__printk+0x10/0x10 [ 257.197023][T11108] ? kernel_text_address+0x8d/0x100 [ 257.197058][T11108] ? __kernel_text_address+0xd/0x30 [ 257.197091][T11108] ? unwind_get_return_address+0x59/0xa0 [ 257.197135][T11108] ? arch_stack_walk+0xa6/0xf0 [ 257.197174][T11108] ? __report_bug.cold+0x5/0x137 [ 257.197210][T11108] ? __report_bug+0x377/0x3d0 [ 257.197248][T11108] __report_bug.cold+0x15/0x137 [ 257.197283][T11108] ? update_rq_clock+0x40a/0xd20 [ 257.197325][T11108] ? __pfx___report_bug+0x10/0x10 [ 257.197362][T11108] ? stack_trace_save+0x8e/0xc0 [ 257.197401][T11108] ? __pfx_stack_trace_save+0x10/0x10 [ 257.197440][T11108] ? stack_depot_save_flags+0x27/0x9d0 [ 257.197478][T11108] ? update_rq_clock+0x40a/0xd20 [ 257.197519][T11108] report_bug+0xb2/0x220 [ 257.197555][T11108] ? update_rq_clock+0x40a/0xd20 [ 257.197595][T11108] handle_bug+0x166/0x2a0 [ 257.197621][T11108] exc_invalid_op+0x17/0x50 [ 257.197647][T11108] asm_exc_invalid_op+0x1a/0x20 [ 257.197674][T11108] RIP: 0010:update_rq_clock+0x40a/0xd20 [ 257.197716][T11108] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc a8 04 0f 84 df fc ff ff 90 0f 0b 90 e9 d6 fc ff ff 90 <0f> 0b 90 e9 92 fc ff ff 4c 8d 83 40 0b 00 00 48 b8 00 00 00 00 00 [ 257.197745][T11108] RSP: 0000:ffffc9000e31f140 EFLAGS: 00010046 [ 257.197767][T11108] RAX: 0000000000000000 RBX: ffff8880b853b080 RCX: 0000000000000001 [ 257.197785][T11108] RDX: 0000000000000046 RSI: ffffffff8dc43ac0 RDI: ffffffff8bfa9120 [ 257.197804][T11108] RBP: ffffc9000e31f2e8 R08: 0000000000000001 R09: 0000000000000001 [ 257.197821][T11108] R10: ffffffff90b872d7 R11: 0000000000000000 R12: ffffffff90b8a5d4 [ 257.197840][T11108] R13: ffff8880b853beb0 R14: ffff88801ea99e40 R15: ffff8880b853b080 [ 257.197871][T11108] __schedule+0x1b4e/0x6000 [ 257.197909][T11108] ? sw842_decompress+0x2d6/0xc90 [ 257.197949][T11108] ? __pfx___schedule+0x10/0x10 [ 257.197988][T11108] ? do_raw_spin_lock+0x128/0x260 [ 257.198105][T11108] ? preempt_schedule_thunk+0x16/0x30 [ 257.198144][T11108] preempt_schedule_common+0x42/0xc0 [ 257.198185][T11108] preempt_schedule_thunk+0x16/0x30 [ 257.198220][T11108] ? scomp_acomp_comp_decomp+0x741/0xc40 [ 257.198255][T11108] __local_bh_enable_ip+0xff/0x120 [ 257.198300][T11108] scomp_acomp_comp_decomp+0x741/0xc40 [ 257.198337][T11108] ? find_held_lock+0x2b/0x80 [ 257.198375][T11108] ? __pfx_scomp_acomp_comp_decomp+0x10/0x10 [ 257.198417][T11108] crypto_acomp_decompress+0x14c/0x520 [ 257.198449][T11108] ? __asan_memset+0x23/0x50 [ 257.198494][T11108] zswap_decompress+0x4b8/0xac0 [ 257.198534][T11108] ? __pfx_zswap_decompress+0x10/0x10 [ 257.198575][T11108] ? __pfx_xa_load+0x10/0x10 [ 257.198603][T11108] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 257.198636][T11108] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 257.198677][T11108] zswap_load+0x253/0x7e0 [ 257.198717][T11108] swap_read_folio+0x5c3/0x2830 [ 257.198762][T11108] ? __pfx_swap_read_folio+0x10/0x10 [ 257.198803][T11108] ? mlock_drain_local+0x254/0x4e0 [ 257.198829][T11108] ? mlock_drain_local+0x254/0x4e0 [ 257.198862][T11108] swap_cluster_readahead+0x6db/0x770 [ 257.198908][T11108] ? __schedule+0x1035/0x6000 [ 257.198948][T11108] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 257.198995][T11108] ? __lock_acquire+0x4a5/0x2630 [ 257.199029][T11108] ? __lock_acquire+0x4a5/0x2630 [ 257.199062][T11108] ? get_vma_policy+0x23f/0x3b0 [ 257.199100][T11108] swapin_readahead+0x14b/0x12e0 [ 257.199151][T11108] ? __pfx_swapin_readahead+0x10/0x10 [ 257.199202][T11108] ? find_held_lock+0x2b/0x80 [ 257.199241][T11108] ? swap_cache_get_folio+0x272/0x920 [ 257.199287][T11108] ? swap_cache_get_folio+0x272/0x920 [ 257.199329][T11108] ? swap_cache_get_folio+0x1f/0x920 [ 257.199372][T11108] ? swap_cache_get_folio+0x2a2/0x920 [ 257.199417][T11108] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 257.199459][T11108] ? __pfx_get_swap_device+0x10/0x10 [ 257.199495][T11108] ? do_swap_page+0x9ba/0x6810 [ 257.199535][T11108] do_swap_page+0x9ba/0x6810 [ 257.199581][T11108] ? __lock_acquire+0x4a5/0x2630 [ 257.199612][T11108] ? __pfx_do_swap_page+0x10/0x10 [ 257.199656][T11108] ? __pfx_default_wake_function+0x10/0x10 [ 257.199702][T11108] ? rcu_is_watching+0x12/0xc0 [ 257.199736][T11108] ? __pte_offset_map+0x179/0x310 [ 257.199771][T11108] __handle_mm_fault+0x18b9/0x2b50 [ 257.199819][T11108] ? reacquire_held_locks+0xce/0x1e0 [ 257.199847][T11108] ? __pfx___handle_mm_fault+0x10/0x10 [ 257.199893][T11108] ? lock_vma_under_rcu+0x17c/0x5a0 [ 257.199947][T11108] handle_mm_fault+0x36d/0xa20 [ 257.199993][T11108] do_user_addr_fault+0x5a3/0x12f0 [ 257.200060][T11108] exc_page_fault+0x6f/0xd0 [ 257.200100][T11108] asm_exc_page_fault+0x26/0x30 [ 257.200127][T11108] RIP: 0033:0x7ffbc065073f [ 257.200149][T11108] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 41 89 fb 44 8d 56 04 4c 8d 0d d2 18 3b 00 89 f0 4c 8d 05 c9 f8 3a 00 89 c2 81 e2 ff 1f 00 00 <49> 8b 0c d1 48 39 f1 74 28 48 85 c9 74 29 45 38 1c 10 75 23 83 c0 [ 257.200178][T11108] RSP: 002b:00007ffea082d418 EFLAGS: 00010206 [ 257.200200][T11108] RAX: 00000000849c1203 RBX: ffffffff849c1203 RCX: 0000000000000005 [ 257.200218][T11108] RDX: 0000000000001203 RSI: ffffffff849c1203 RDI: 000000000000001d [ 257.200236][T11108] RBP: 0000000000000000 R08: 00007ffbc0a00000 R09: 00007ffbc0a02000 [ 257.200254][T11108] R10: 00000000849c1207 R11: 000000000000001d R12: 00007ffbc0a16218 [ 257.200273][T11108] R13: 0000000000000008 R14: ffffffff849c1189 R15: 00007ffbc1545720 [ 257.200293][T11108] ? security_mmap_file+0x369/0x9b0 [ 257.200327][T11108] ? security_mmap_file+0x3e3/0x9b0 [ 257.200361][T11108] ? security_mmap_file+0x3e3/0x9b0 [ 257.200396][T11108] [ 258.693115][T11108] debug_locks && !(lock_is_held(&(__rq_lockp(rq))->dep_map) != 0) [ 258.693149][T11108] WARNING: kernel/sched/sched.h:1600 at update_rq_clock+0x40a/0xd20, CPU#0: syz.0.3292/11108 [ 258.711359][T11108] Modules linked in: [ 258.715292][T11108] CPU: 0 UID: 0 PID: 11108 Comm: syz.0.3292 Not tainted syzkaller #0 PREEMPT(full) [ 258.724695][T11108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 258.734778][T11108] RIP: 0010:update_rq_clock+0x40a/0xd20 [ 258.740377][T11108] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc a8 04 0f 84 df fc ff ff 90 0f 0b 90 e9 d6 fc ff ff 90 <0f> 0b 90 e9 92 fc ff ff 4c 8d 83 40 0b 00 00 48 b8 00 00 00 00 00 [ 258.760156][T11108] RSP: 0000:ffffc9000e31f140 EFLAGS: 00010046 [ 258.766266][T11108] RAX: 0000000000000000 RBX: ffff8880b853b080 RCX: 0000000000000001 [ 258.774267][T11108] RDX: 0000000000000046 RSI: ffffffff8dc43ac0 RDI: ffffffff8bfa9120 [ 258.782425][T11108] RBP: ffffc9000e31f2e8 R08: 0000000000000001 R09: 0000000000000001 [ 258.790444][T11108] R10: ffffffff90b872d7 R11: 0000000000000000 R12: ffffffff90b8a5d4 [ 258.798997][T11108] R13: ffff8880b853beb0 R14: ffff88801ea99e40 R15: ffff8880b853b080 [ 258.807053][T11108] FS: 00005555853d7500(0000) GS:ffff8881245a5000(0000) knlGS:0000000000000000 [ 258.816036][T11108] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 258.822654][T11108] CR2: 00007ffbc0a0b018 CR3: 0000000035acc000 CR4: 00000000003526f0 [ 258.830659][T11108] Call Trace: [ 258.833971][T11108] [ 258.836939][T11108] __schedule+0x1b4e/0x6000 [ 258.841500][T11108] ? sw842_decompress+0x2d6/0xc90 [ 258.846579][T11108] ? __pfx___schedule+0x10/0x10 [ 258.851476][T11108] ? do_raw_spin_lock+0x128/0x260 [ 258.856713][T11108] ? preempt_schedule_thunk+0x16/0x30 [ 258.862129][T11108] preempt_schedule_common+0x42/0xc0 [ 258.867470][T11108] preempt_schedule_thunk+0x16/0x30 [ 258.872798][T11108] ? scomp_acomp_comp_decomp+0x741/0xc40 [ 258.878495][T11108] __local_bh_enable_ip+0xff/0x120 [ 258.883667][T11108] scomp_acomp_comp_decomp+0x741/0xc40 [ 258.889198][T11108] ? find_held_lock+0x2b/0x80 [ 258.893923][T11108] ? __pfx_scomp_acomp_comp_decomp+0x10/0x10 [ 258.899972][T11108] crypto_acomp_decompress+0x14c/0x520 [ 258.905476][T11108] ? __asan_memset+0x23/0x50 [ 258.910228][T11108] zswap_decompress+0x4b8/0xac0 [ 258.915134][T11108] ? __pfx_zswap_decompress+0x10/0x10 [ 258.920557][T11108] ? __pfx_xa_load+0x10/0x10 [ 258.925187][T11108] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 258.931573][T11108] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 258.937526][T11108] zswap_load+0x253/0x7e0 [ 258.942004][T11108] swap_read_folio+0x5c3/0x2830 [ 258.946918][T11108] ? __pfx_swap_read_folio+0x10/0x10 [ 258.952311][T11108] ? mlock_drain_local+0x254/0x4e0 [ 258.957578][T11108] ? mlock_drain_local+0x254/0x4e0 [ 258.962736][T11108] swap_cluster_readahead+0x6db/0x770 [ 258.968169][T11108] ? __schedule+0x1035/0x6000 [ 258.972900][T11108] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 258.978855][T11108] ? __lock_acquire+0x4a5/0x2630 [ 258.983844][T11108] ? __lock_acquire+0x4a5/0x2630 [ 258.988944][T11108] ? get_vma_policy+0x23f/0x3b0 [ 258.993845][T11108] swapin_readahead+0x14b/0x12e0 [ 258.999482][T11108] ? __pfx_swapin_readahead+0x10/0x10 [ 259.004922][T11108] ? find_held_lock+0x2b/0x80 [ 259.009669][T11108] ? swap_cache_get_folio+0x272/0x920 [ 259.015359][T11108] ? swap_cache_get_folio+0x272/0x920 [ 259.020877][T11108] ? swap_cache_get_folio+0x1f/0x920 [ 259.026229][T11108] ? swap_cache_get_folio+0x2a2/0x920 [ 259.031662][T11108] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 259.037433][T11108] ? __pfx_get_swap_device+0x10/0x10 [ 259.042762][T11108] ? do_swap_page+0x9ba/0x6810 [ 259.047576][T11108] do_swap_page+0x9ba/0x6810 [ 259.052220][T11108] ? __lock_acquire+0x4a5/0x2630 [ 259.057195][T11108] ? __pfx_do_swap_page+0x10/0x10 [ 259.062272][T11108] ? __pfx_default_wake_function+0x10/0x10 [ 259.068148][T11108] ? rcu_is_watching+0x12/0xc0 [ 259.072953][T11108] ? __pte_offset_map+0x179/0x310 [ 259.078113][T11108] __handle_mm_fault+0x18b9/0x2b50 [ 259.083372][T11108] ? reacquire_held_locks+0xce/0x1e0 [ 259.088702][T11108] ? __pfx___handle_mm_fault+0x10/0x10 [ 259.094218][T11108] ? lock_vma_under_rcu+0x17c/0x5a0 [ 259.099478][T11108] handle_mm_fault+0x36d/0xa20 [ 259.104301][T11108] do_user_addr_fault+0x5a3/0x12f0 [ 259.109472][T11108] exc_page_fault+0x6f/0xd0 [ 259.114028][T11108] asm_exc_page_fault+0x26/0x30 [ 259.118931][T11108] RIP: 0033:0x7ffbc065073f [ 259.123385][T11108] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 41 89 fb 44 8d 56 04 4c 8d 0d d2 18 3b 00 89 f0 4c 8d 05 c9 f8 3a 00 89 c2 81 e2 ff 1f 00 00 <49> 8b 0c d1 48 39 f1 74 28 48 85 c9 74 29 45 38 1c 10 75 23 83 c0 [ 259.143120][T11108] RSP: 002b:00007ffea082d418 EFLAGS: 00010206 [ 259.149231][T11108] RAX: 00000000849c1203 RBX: ffffffff849c1203 RCX: 0000000000000005 [ 259.157327][T11108] RDX: 0000000000001203 RSI: ffffffff849c1203 RDI: 000000000000001d [ 259.165332][T11108] RBP: 0000000000000000 R08: 00007ffbc0a00000 R09: 00007ffbc0a02000 [ 259.173426][T11108] R10: 00000000849c1207 R11: 000000000000001d R12: 00007ffbc0a16218 [ 259.181441][T11108] R13: 0000000000000008 R14: ffffffff849c1189 R15: 00007ffbc1545720 [ 259.189710][T11108] ? security_mmap_file+0x369/0x9b0 [ 259.194950][T11108] ? security_mmap_file+0x3e3/0x9b0 [ 259.200194][T11108] ? security_mmap_file+0x3e3/0x9b0 [ 259.205448][T11108] [ 259.208510][T11108] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 259.215911][T11108] CPU: 0 UID: 0 PID: 11108 Comm: syz.0.3292 Not tainted syzkaller #0 PREEMPT(full) [ 259.225320][T11108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 259.235409][T11108] Call Trace: [ 259.238729][T11108] [ 259.241688][T11108] dump_stack_lvl+0x100/0x190 [ 259.246418][T11108] vpanic+0x20d/0x630 [ 259.250440][T11108] panic+0xd1/0xd1 [ 259.254214][T11108] ? __pfx_panic+0x10/0x10 [ 259.258681][T11108] ? check_panic_on_warn+0x1f/0x90 [ 259.263865][T11108] check_panic_on_warn.cold+0x19/0x34 [ 259.269298][T11108] ? update_rq_clock+0x40a/0xd20 [ 259.274339][T11108] __warn.cold+0x191/0x2f8 [ 259.278805][T11108] __report_bug+0x296/0x3d0 [ 259.283361][T11108] ? update_rq_clock+0x40a/0xd20 [ 259.288356][T11108] ? __pfx___report_bug+0x10/0x10 [ 259.293450][T11108] ? stack_trace_save+0x8e/0xc0 [ 259.298351][T11108] ? __pfx_stack_trace_save+0x10/0x10 [ 259.303776][T11108] ? stack_depot_save_flags+0x27/0x9d0 [ 259.309287][T11108] ? update_rq_clock+0x40a/0xd20 [ 259.314277][T11108] report_bug+0xb2/0x220 [ 259.318564][T11108] ? update_rq_clock+0x40a/0xd20 [ 259.323549][T11108] handle_bug+0x166/0x2a0 [ 259.327911][T11108] exc_invalid_op+0x17/0x50 [ 259.332450][T11108] asm_exc_invalid_op+0x1a/0x20 [ 259.337341][T11108] RIP: 0010:update_rq_clock+0x40a/0xd20 [ 259.342943][T11108] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc a8 04 0f 84 df fc ff ff 90 0f 0b 90 e9 d6 fc ff ff 90 <0f> 0b 90 e9 92 fc ff ff 4c 8d 83 40 0b 00 00 48 b8 00 00 00 00 00 [ 259.362592][T11108] RSP: 0000:ffffc9000e31f140 EFLAGS: 00010046 [ 259.368695][T11108] RAX: 0000000000000000 RBX: ffff8880b853b080 RCX: 0000000000000001 [ 259.376695][T11108] RDX: 0000000000000046 RSI: ffffffff8dc43ac0 RDI: ffffffff8bfa9120 [ 259.384699][T11108] RBP: ffffc9000e31f2e8 R08: 0000000000000001 R09: 0000000000000001 [ 259.392740][T11108] R10: ffffffff90b872d7 R11: 0000000000000000 R12: ffffffff90b8a5d4 [ 259.400749][T11108] R13: ffff8880b853beb0 R14: ffff88801ea99e40 R15: ffff8880b853b080 [ 259.408775][T11108] __schedule+0x1b4e/0x6000 [ 259.413362][T11108] ? sw842_decompress+0x2d6/0xc90 [ 259.418435][T11108] ? __pfx___schedule+0x10/0x10 [ 259.423355][T11108] ? do_raw_spin_lock+0x128/0x260 [ 259.428430][T11108] ? preempt_schedule_thunk+0x16/0x30 [ 259.433844][T11108] preempt_schedule_common+0x42/0xc0 [ 259.439187][T11108] preempt_schedule_thunk+0x16/0x30 [ 259.444432][T11108] ? scomp_acomp_comp_decomp+0x741/0xc40 [ 259.450113][T11108] __local_bh_enable_ip+0xff/0x120 [ 259.455285][T11108] scomp_acomp_comp_decomp+0x741/0xc40 [ 259.460793][T11108] ? find_held_lock+0x2b/0x80 [ 259.465527][T11108] ? __pfx_scomp_acomp_comp_decomp+0x10/0x10 [ 259.471554][T11108] crypto_acomp_decompress+0x14c/0x520 [ 259.477055][T11108] ? __asan_memset+0x23/0x50 [ 259.481701][T11108] zswap_decompress+0x4b8/0xac0 [ 259.486605][T11108] ? __pfx_zswap_decompress+0x10/0x10 [ 259.492032][T11108] ? __pfx_xa_load+0x10/0x10 [ 259.496694][T11108] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 259.502653][T11108] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 259.508593][T11108] zswap_load+0x253/0x7e0 [ 259.512974][T11108] swap_read_folio+0x5c3/0x2830 [ 259.517884][T11108] ? __pfx_swap_read_folio+0x10/0x10 [ 259.523223][T11108] ? mlock_drain_local+0x254/0x4e0 [ 259.528368][T11108] ? mlock_drain_local+0x254/0x4e0 [ 259.533546][T11108] swap_cluster_readahead+0x6db/0x770 [ 259.538970][T11108] ? __schedule+0x1035/0x6000 [ 259.543702][T11108] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 259.549658][T11108] ? __lock_acquire+0x4a5/0x2630 [ 259.554631][T11108] ? __lock_acquire+0x4a5/0x2630 [ 259.559613][T11108] ? get_vma_policy+0x23f/0x3b0 [ 259.564509][T11108] swapin_readahead+0x14b/0x12e0 [ 259.569511][T11108] ? __pfx_swapin_readahead+0x10/0x10 [ 259.574935][T11108] ? find_held_lock+0x2b/0x80 [ 259.579660][T11108] ? swap_cache_get_folio+0x272/0x920 [ 259.585086][T11108] ? swap_cache_get_folio+0x272/0x920 [ 259.590509][T11108] ? swap_cache_get_folio+0x1f/0x920 [ 259.595849][T11108] ? swap_cache_get_folio+0x2a2/0x920 [ 259.601275][T11108] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 259.607045][T11108] ? __pfx_get_swap_device+0x10/0x10 [ 259.612378][T11108] ? do_swap_page+0x9ba/0x6810 [ 259.617206][T11108] do_swap_page+0x9ba/0x6810 [ 259.621851][T11108] ? __lock_acquire+0x4a5/0x2630 [ 259.626832][T11108] ? __pfx_do_swap_page+0x10/0x10 [ 259.631910][T11108] ? __pfx_default_wake_function+0x10/0x10 [ 259.637774][T11108] ? rcu_is_watching+0x12/0xc0 [ 259.642585][T11108] ? __pte_offset_map+0x179/0x310 [ 259.647657][T11108] __handle_mm_fault+0x18b9/0x2b50 [ 259.652833][T11108] ? reacquire_held_locks+0xce/0x1e0 [ 259.658161][T11108] ? __pfx___handle_mm_fault+0x10/0x10 [ 259.663681][T11108] ? lock_vma_under_rcu+0x17c/0x5a0 [ 259.668947][T11108] handle_mm_fault+0x36d/0xa20 [ 259.673775][T11108] do_user_addr_fault+0x5a3/0x12f0 [ 259.678950][T11108] exc_page_fault+0x6f/0xd0 [ 259.683500][T11108] asm_exc_page_fault+0x26/0x30 [ 259.688390][T11108] RIP: 0033:0x7ffbc065073f [ 259.692836][T11108] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 41 89 fb 44 8d 56 04 4c 8d 0d d2 18 3b 00 89 f0 4c 8d 05 c9 f8 3a 00 89 c2 81 e2 ff 1f 00 00 <49> 8b 0c d1 48 39 f1 74 28 48 85 c9 74 29 45 38 1c 10 75 23 83 c0 [ 259.712484][T11108] RSP: 002b:00007ffea082d418 EFLAGS: 00010206 [ 259.718590][T11108] RAX: 00000000849c1203 RBX: ffffffff849c1203 RCX: 0000000000000005 [ 259.726596][T11108] RDX: 0000000000001203 RSI: ffffffff849c1203 RDI: 000000000000001d [ 259.734686][T11108] RBP: 0000000000000000 R08: 00007ffbc0a00000 R09: 00007ffbc0a02000 [ 259.742695][T11108] R10: 00000000849c1207 R11: 000000000000001d R12: 00007ffbc0a16218 [ 259.750696][T11108] R13: 0000000000000008 R14: ffffffff849c1189 R15: 00007ffbc1545720 [ 259.758701][T11108] ? security_mmap_file+0x369/0x9b0 [ 259.763946][T11108] ? security_mmap_file+0x3e3/0x9b0 [ 259.769184][T11108] ? security_mmap_file+0x3e3/0x9b0 [ 259.774437][T11108] [ 259.777989][T11108] Kernel Offset: disabled [ 259.782349][T11108] Rebooting in 86400 seconds..