last executing test programs: 3.170201109s ago: executing program 2 (id=1244): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (fail_nth: 3) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) wait4$auto(0x0, 0x0, 0x4, 0x0) 1.877414016s ago: executing program 1 (id=1255): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00082cbd7000fedbdf250300000008000200", @ANYRES32=0x0, @ANYBLOB="060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a000500aaaaaaaaaabb00000a00010000000000000000000a000100bbbbbbbbbbbb0000060006000f00000008000400010000880a0011"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x6004000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x10, 0x2, 0xc) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x23, 0x80805, 0x0) r1 = socket(0x10, 0x2, 0x0) r2 = prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) ioctl$auto(r2, 0x541b, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r3) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000380)={0x44, r4, 0x1, 0x70bd2a, 0x25dffbfb, {}, [@HWSIM_ATTR_RADIO_NAME={0x2d, 0x11, '/P\x13jE\f\xf9r\xf5\xa3\xd2\x84y\xf9*\x9b\"\x1c\xa4l-\x19\xfd\xa4\xf4y\x02\xc2\x96\xfa\x84L\x12\xcd\x83\xf7\x12\xd3\xc4\x1e]'}]}, 0x44}, 0x1, 0x0, 0x0, 0x4008040}, 0x40800) r5 = socket(0xa, 0x801, 0x84) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)={0x14, 0x0, 0x4, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000001bc0), r6) r7 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000004a80), r6) sendmsg$auto_NET_SHAPER_CMD_SET(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x20, r7, 0x1, 0x70bd2a, 0x25dfdbfe, {}, [@NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x946d}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x200000c0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'geneve1\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'wg0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'veth0_to_bond\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_GET(r3, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x3080000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x2c, r7, 0x10, 0x70bd27, 0x25dfdbff, {}, [@NET_SHAPER_A_IFINDEX={0x8, 0x8, r8}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r9}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r10}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x9040) 1.790438066s ago: executing program 0 (id=1256): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r0, 0x301, 0x0) 1.788902107s ago: executing program 3 (id=1257): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket(0x2, 0x2, 0x1) bpf$auto(0x0, &(0x7f0000000000)=@bpf_attr_4={0x1b, r0, 0x10000}, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) bind$auto(r1, &(0x7f00000000c0)=@rc={0x1f, @any, 0x3}, 0x6) io_uring_setup$auto(0x6, 0x0) bpf$auto(0xc, 0xffffffffffffffff, 0x0) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/radio0\x00', 0x200, 0x0) ioctl$auto(r2, 0x40085618, r2) 1.684912852s ago: executing program 3 (id=1258): r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x2b, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$auto_KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0x480, 0x400, 0x9}]}) r3 = fsopen$auto(0x0, 0x1) r4 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000180), r3) sendmsg$auto_IEEE802154_LIST_PHY(r3, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r4, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEST_SHORT_ADDR={0x6, 0xe, 0x62}]}, 0x1c}}, 0x8000) close_range$auto(0x2, 0x8, 0x0) set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="13002cbd7000dddbdf251700000008000300", @ANYRES32=r6], 0x2c}, 0x1, 0x0, 0x0, 0x2400c884}, 0x20040894) ioctl$auto_VHOST_GET_BACKEND_FEATURES(r0, 0x8008af26, &(0x7f00000000c0)=0x5) io_uring_register$auto_IORING_REGISTER_MEM_REGION(r5, 0x22, &(0x7f0000000100)="f476e2d087f1823c70e790f24aeed13972307d200436803b40568f7d0d76f9b2bd7130401fc51b880cbd1ef14d961b", 0x0) ioctl$auto_XFS_IOC_FREESP(r3, 0x4030580b, &(0x7f0000000300)={0x0, 0x6, 0xcc, 0x5f, 0x401, 0x0}) r8 = setfsuid$auto(0xee00) setreuid$auto(r8, 0x0) ioctl$auto_XFS_IOC_EXCHANGE_RANGE(r3, 0x40285881, &(0x7f0000000340)={r3, 0x0, 0xaaeb, 0x5d, 0xdb1, 0x8}) sendmsg$auto_NL802154_CMD_NEW_INTERFACE(r3, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x24b4, 0x0, 0x400, 0x70bd2d, 0x25dfdbfe, {}, [@NL802154_ATTR_MAX_BE={0x5, 0x10, 0x10}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x5}, @NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_EXTENDED_ADDR={0xc, 0x17, 0x224557ef}, @NL802154_ATTR_IFNAME={0x14, 0x4, 'geneve1\x00'}, @NL802154_ATTR_LBT_MODE={0x5, 0x13, 0xfd}, @NL802154_ATTR_SEC_OUT_KEY_ID={0x245d, 0x2b, 0x0, 0x1, [@nested={0x27b, 0x23, 0x0, 0x1, [@generic="acee4cc18fe8e6ad1d210e1cced570302d0473e5a976659494ab09dc6d59fb3895f8c613e1f5cc2098e55b3d43e30193f9b5a68b370f6b3a93a5025164c6", @typed={0xc, 0x8a, 0x0, 0x0, @str='nl80211\x00'}, @typed={0x8, 0x12e, 0x0, 0x0, @pid=r7}, @nested={0x4, 0x7b}, @typed={0x14, 0x102, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @nested={0x4, 0x11c}, @nested={0x4, 0xd6}, @generic="31c648a09697d9548b1de25f1827c970ef1bb63be613b57b613d2bb4ae184a82b4e7666d4452b255ad577e25480cb50cafd7806bccac47af73f1890e17bbd955f201db23fb6e07c52119c602b1dc372233a8d75774424968154f9ab27ff527212fbb4d9f7a83653a147821c87b4ff884aa16f4371e3a510c075d1975c2044f28256967078e80ecf52dc3985f0fd684c685aad2c8d264860693da0f53ba4e34f17e0fc6fa46b3538cb361322f8948a993af12b4e4ad1abad630ea321a03689c20386ab96657c5ca1a7495162a7098be1fab0697795fd4107b7c56d5d9ffeb0e1996", @nested={0xc0, 0xdf, 0x0, 0x1, [@nested={0xb9, 0xef, 0x0, 0x1, [@generic="19d5263a514b3b5dc0433eea0cc36f5dc156c7d54fbf3d8b1bdcde8c2a901662184d9dd408d6cf3f8c0b84dde39427bc1dc187fefd09dc018edf63c219bf9e602cfb80df08356901face8b8a2adbc27a55b7c8adfe5715e02b2182602011d9f52307216a7314adecd99688b8e1f4fb697212d349d866cf4aac2e0a51b90390af2919252dad0c5a25b49386bae72271e63f3a708d04a7c2879efd02a992", @typed={0x8, 0x6e, 0x0, 0x0, @ipv4=@multicast1}, @nested={0x4, 0x111}, @typed={0x8, 0x39, 0x0, 0x0, @u32=0x3}, @nested={0x4, 0x112}]}]}, @typed={0x62, 0xbc, 0x0, 0x0, @binary="4e74a3881cb8f083e69afbb81921b57bad136df84ca1e8f6d950051f2fb5f2e7a5cd636351144dab26801fffd53faba3a9987207462e37ae7d51ab06370620bc8cd2d48a625b9ee0a319b43e922376645e6eb1aacd60193a2153f8fcba9b"}]}, @generic="3d1c3549a8902050773f8ecc5b3cce616e40d77a3c9bdac01dc332534d44c1fb90763a983503541e8b00881ccefaae9e6c3423db0ae95e422741302cea7a745182ac6d0f41861437de896101d410fd93ff549850beadfb0b40d44a5337d6fd7ba57f92d24f01c7b35c5e03a7adcf150fbf66a95b58b6afa96dc8e6856af1cedce6d24d34fada3aa045fb1a02cc4c0918013c520983c581aa08834bd5c7ecfb4959e439f73470513751dc09cde10b94e4aadeb2cf7d93009128a8e15fabbc25c3e0e350eed355d1be625326da48548f5e6224ffdfab0d69ec9fcd49bc5ac190e23f07e6af0db64fdf31a0ecb13147f912281861f866b6f69ab8b38c8185f9ccdfada640f190733286245bef9a5fafe739442574143abbdf44e18492d003d6d05d36846dba2dd8c6742eb93af0bb0f9308ca2a58bcb585b19d4c00562dcc59a425267a7187ef8e55c84cbc8eb0c6a891f49aeff87d84805fd78f34ddfd7dc6315bea02c78e8a3d19db24c32db8efb4b634cb4f855c9d4856b67f39c8782e7a3d3d3ed08da94bdbfffd56759ea5ea23fdd82b14a405b6364a96e3f3cce356f79a88fd1bfb95283134a8e5144b48562a6c4c1057f7ed7000fde0acf8cfef0f14835699bec29337bb3feeddea37ca4658da46d2fcb2265f0482d63248fc9c3fdce83b683e9258dae3a262b3b3af3f897a5a763e7d4bcab1a1af0485bdd7fb1d6cda9e14797d28289700992583c754a7d1b40b3597d91d1df3c36c59dd80c79ac42343e05b448012fb2ba0db03917abdba36989d571842a745958ce803e9156b3db888502a6738b25c21233f0388f643ae5f4df49f113df849c64328f29c8cd7544dcf10cf39a10ea4d0d7171d00383a4c28a09cc17d042965fd379e57167bfdb0af46ab05e7ba60f166e2b607569672dc18a97162ac9793aa1d273f87a2891f5e747f849923e68bcb6d291f44f4a0f3548b9add966cb943243c757d3068821f53a512cba32946ee37b35a3eafa07cbf242442bc43191b4ae665adb7c36fa1bc1434c0192031ad009aa4c8d14c4ac9e948f5ea78ba48151e5c8eabe5fe88762b85c4b35b77747f3a03d801e18e8bb906b251857dc649fabb2828294107e27211cd9595ef8586ac72efb225c07fb7c81b2a228568df3aef8d7ce7cb6e24c0eb3c4e9c75a0830725f9f725c72cd4b51b5d6550e1a1b123ceeea8f7dad7cb850def108e0df43590a1b02bd0ea9f178dfc3bbe8d91f585e4735deee9b25caaed040f0aa95e240a7caaddf0d92bf0d948d28b90b87a7004c29d3f118fb3e20d3422f016023f24e2e99c25e8726ae3cd376831b1530e6f7d17a766eba3fc5dfd42726725b0759ca425f6f65cff6138aae95737d588716151ffc78f45ee32930627cef6fc6263134aec65f64ae3bb23566959c4b9ed60d4bd25e7e34b3087bc9d30a1c183d1f206734f7047530473bf3047dfa198d1d40a5264e57f38e384fab07e9ace8908eb43405a80b5fb17061478d229cbeb146792a2ace6b0f5c5e46ebd1bf6a503668ac4fa3815d330de9a7e1e64496696c5daf2eb4db8c6a9fcaa8404cfd2883803645a1eda4b65ef421d5e9e1f2cdfa41bc3a5cd52ae9473972ac71fde27c05e016eed3a05f66e888fc4b5ed25abbe45a346b63c4c24ef727cc12fdaeeb30f431908a4d83c74fa6134ceb66b0378d15064f7de3520e1e6ec2c9b5d80590ebc7e8164dea81f254b36c2ba1a5e357cbf90c54c3719a84f5cf4939db94f26e608e71c3376480c5fb8f627a439e99d9aab0fa6d4c5c0e27f0f14712242c5df89b8393971f9f8a3b0b2507450ccb03e23f54c1dae89722d939483c881a327b3663246aa9d773499531d329222349b2c3ebff2ccc52e5d5ba5671ba8cfc9831a8e3effac2d87c44fac8055bd9730b886043f9aeede440c10577161dbc499079590cf2b4a2052676a88bc9fabdd390fbed684dabd812ba41995748e198324411131fa743a0b482b7ac59d479958a97fe8fa52e3e3694e282993725554fee976d962fa5abb43cabd62451b1539a896e4f64c185f24babac7a62a1cf23c0b9a3b78f2885f5d582d6ed7d00cb6d7cbb2ea7d95cc4a1076eac21b7c1334e81e650762448668efea56b3c4853f352084760121b177c0618d3738e54b7148a909b16e0c8db1ae4ecbb6ae5c0868827e55f07a2e113a0c47a8ef109f099b554dd24d0e23a549a5c1ba53ae6923ef93e5012c8d7fea3cbab70bef77fc29980b6426285c69233b2155e00f1ac352ef4bd6cc2533ddde472b5f81eaacab32f7b1dd793460594788118df451947c57ab76d59bf5e0e63628a1ff5573b64ce9c09f23a68eb8aa8c608dc501c28625cf908b942dfcf66adc1c0edbccadf4122bba622b0715c5758efdb86da763873dfdc451efd31c4dbf40f8bf35ad2e177629ef17bfbead66b67f841cc47fd994130c1a5f0f9aaaba685896a32202257f1d6c44a4e09feb91123df3ceb8fdb0f0b98905a3f99d0c8ab3208a2aafa526a3d7b4f8bbf74f5e65b431f490c9056574ace0ada6175f74b4e6dedd15a62c00d79043f4951ddbd64a88eb90bc7026510e36eb405e106730828be2360ff2f9d4fcfdc61883319e50537387d159ee2e54fbd7b41fbfaf9d10c6f61532e2f61aa0f19ad366616e199204bc9517809d59798e5d5e836c01aa2a73844f94a6c017677e2711db74f879c3a847197dd23f778a0c09691b53c15741baf76a7f2c52f45f1e2b8cea395a5eb01684a8dcc83b6390fca1928078fa5cbf9bcab529ec96b2b373dfaf5fa01589dbb2de8f6b43e0871598a032c89af4f9ce6b3c3b59429eef23f22a879a33e333dbbbeb63ccd0ae6b2da045bab3ddfc8a1ed38b6520d7370726da832cdf59a1e213e6ecad7b456d796289e9f3c932648e3455b2cc90194a84cd0c9fc9d2e9b1b19beda76e3d3a6dd39bd7a79df9cc60d0c653df5535a0325be86c8b4920287d756f92c7124b25f949ad98823cfb3807a89f7204ea4832e625663a4748fdc8c8610c1c53a7c380adacc9fdf90355e4b75e93c015f7a25f298c6a1998f9b4d13e4eb84e19cdf5566113c5d1a217a5c0752506429284d435de2eef8635a1747f79eab3abde328bd50d620f22701bd8c00580918df5cbd33c4a26103c2e99435ef22ebd19e353c6b7e1e84630cb8a26343b0a69c2e806306b98533e618261d2eb4082b178f89dc81f44607549c1bb122e61df2946980771a89d5b6040cbff1ddee512509462891e8e7f9b8e63d7487ecf2dbd30d326e56db1f39c91d9b2d80a88f011f4ebd437e955992419e019b929e1835c6b03453d12603d9352b843ec41da6b4b62d991d323ee9ee34ba2f690ec19c68a0023b3513cfaca20ed854c7af8f387660e54a3f97b12384c9a131af4ee14273d16f2fb31bd6aacad835940ee9873c08da81caba5b312857a9ba004d958c5386ed143314fdde84f3510c397ba9bd75fc67879ca64ddc2633329c63b5461241d89b0aac0101482f0ae54a9f6d67c46da98844d230d4c7096c3b56e9bb20545081ca2426977f986ce48676e42a6fe1eadffb2b1db66d96fe2236048cb9db49343813da8e277ca1b13a37fa1d5abf46d8c11f6adee74d0ad0b2e5801d24c78173ba5ae1b498b76b440330f6d1337e8935808700e6392284e390834310b7a72ff82bf7c31262e798744bd164367b3ed0c145f185667110ec1cb6b339772f7ca3e65891fee3fb1aa5bf5c4becfcfd5ea8efbda70edd12e97a9732da9d67815ad5c81bbbcc0213312c696065839ddecdda0c5c32bbd61386c2b3d48852bf63abaf94487e18771e146e66d6ee726ea2401d53ba80199557c74d631fcce920093f3a37fff387c641297c3e8c96d700f381d2a8629a604528490c12fb9ab4ead4cbb33a46d589a44c56d75fd00dc4e674f834394c16bbb105ecd5a9994190a86e7667444b3414535af9bb89ed1a996e9401d2e7ef72c1bdb6e4cd77e22c6efbcad6bfaed1e9fec79c2b11ad31b6a879b16aa6a46f8be916e0f42579d8763daf8396b249dc2ca591493fdc1a2776ab793dd66b382343874ceef4dbde8ba06d7fe7ae24eec3da5b05ed8b9ab1d2cabff9790d6af51b61d82785d402af7842896174da4174c2bae97d23ee08b4505075caf829e9d6d76a690f70a89aceaafe671f306ce61fd30c770fb7499a9bf8f00c91838152545a761725b95cfe5c9b911ddb7d73ec85f3bcbb4eb92763ff61e811b0df8867a0a8e53db75df24cf0f82dd8865fe4c44679d1ca1350fee3d6fb312ec3d46bf7cc14d89043ff7d8f3ef98a1e027c015bcb165059c0aed461d90aa57b1c522bec63abc2d0baa1271feebc898e4eb4b653bb82fa1ec2ceff03c85d3ccbcc639f44692726bc3fac53347de89890639a05cb386e83b28096896109f05f6a680f75818235073a6bfee03e0e403bf36554771aa34bfdc1aeb990a6161675cdc82f3e86f60e3eb94252f85c5da752e7d4b0fa71154ffd1660dee12805d07f23ccdffe1fc20bc391129fb8d19937a3712d62281205ceaa8cdbf7192ce6900f34e25e012e2c115872e820a356514f32773c0e2777aaf6495a12406f1c5aa8888e0b3a16539a3d0299ce3823bea6da0f5f931ba540836c64f750f88a5bbd668bbba75429f1208935b7edaa13b2b86f5de0927f83f0404a2d5fbe586de4661d7be8b0529955065b2fe5b187fc378195e3c5744b8c53ec57239921e41d559c85839a81d0875eb655e33f371bdb11ff531217a08826d98b3eb0caf89683b3047bad7f155bde3f074f1a34b86d7c330a4b90f7d8ee76b9ccc6496a8555ba6a1b28e99a9767276f0a160dbb889387089842756198aeeeed68d00cf6556d64a59e044fcc994f679ee0a139040765045af08c1e2ea7538247fbeea154ea527bd2f90fe31caf03dd50355945e77bc0d2f7a886fd7f2c9072ffe2067c6e5063cb65391bff2bf039791c831cde70dfe6430e94ad21ea02e57b9b1655167fbdbc30d80f074fca47ccf57c27fdd57468098358f6bbdd9afc143a49c43cf0457f2734bfabb86bef6413c1e84ab66153091b56ba8ff73b4756243f1f58b3067e9ed8fbeba969a794950cb33d0cc194daf714311e5dca5e09ea66a4ddd898200690360fb21d2081e5fc0c8ff2fe53def4ca7615b2bc8e89bfeb16b7a9556798eae38cdf453dafc6bd49f4daea559fa7041bac75a91694a7385f4dbae2e1f424d08a87a75f65c51e31d537e348049f8c3ca2b8a1d28e26a4a3669f0a900d6453b9aa80c60e5b5fe6762e1ce5147d03290d53ca807a2325034871262e709c331af4a10c76e90e1e54c5ae5b2768fe10cfbec148c0290c8bf3d3ecfaba8e5c70233f4fc10e58df03c0feba00f54d96e9f6391f769dca1fb2787d3c6fdf0b4ac27ab16b812669e8f5e0bff8fd32565b2cafd866128d85fede3fa7fd9b8b7cde940073936837b153088546717c87d94c6b4cd4a6c28792b5a8c94aa03a5d36a961b8f5c3816fee74d986056e1457c5570e400db0b3e8b8116b1114557ffcc04d2ba39d5d285a8bd028774a12747bbdf4755d4a62dfb450eb21653af8d648b7417928c8f82902122eaa3f3918e6ac7138d5236bfc5599a6b287dcbeca0c116e76c55a84c3266ba65e3ba5ca0f34de11ef27a90c1726c3c059fc47bf54a4c6a1eac66dae630e24ab930ccf9abfa8852886a9fea39828150f3b738fed648d3890490b17152c25ee5e2d5c589d134499ab3f85842aa4442c0ed4ed2268423c48e13c483ed08b8b4996da02df177119c0145490b9f6723e78cef0e67", @typed={0x8, 0x69, 0x0, 0x0, @pid=r7}, @generic="059d666cc5e84e2882bfd07ae3e62eb0a90e7aa9699f5730107a5b675248ed620ff56da669a42747219985e2bf24743bf34f56384708d5a853827584776ae7ebcb8b3d2da830b7fdd7e5193d4710", @typed={0x4, 0x81}, @nested={0x4, 0x11f}, @nested={0x1086, 0x88, 0x0, 0x1, [@typed={0x8, 0x48, 0x0, 0x0, @uid=r8}, @nested={0x4, 0x60}, @typed={0x8, 0x128, 0x0, 0x0, @u32=0x200}, @typed={0x24, 0x2e, 0x0, 0x0, @fd=r3}, @generic="750b5e4554592ab0bf57ccbdd5b404daf8a5c577f955af2f92776dd45ac136877d4eb452c864c490c5a8442a5c1d71aabf4f48ebcec44b1682f35d01f739c89214aae88349bfa813eb1ca591272bf70e6b10", @nested={0x4, 0xb7}, @generic="f5beeb948a21fb9d1c28b6262a0254810c39426db87220214e06525e30841e159f63ae03fcdef9abeaaf1811683cd764484e2acb741dc27a15d17bc296292122df7831b8359669c678aa42901f858c348b81a3c2b75e3173d6564a940bc220e055c74d2a8c6d2757c5d475722d55ba2680ce6c0a56a5ac2a25cfad5e57f735e0584ebb44c402776dec4f63a02a0f88f5136b64c027a5a0ae0397466a82a9c0ef40a3fc3ceb89f56557f3aac73a68ab8055bd93b7c5203b8a0dfb788898b780ae8c2d8110656132d8317f852fa6d33109091081df65c41a272376a87d09b32e52bb447248a12d79098dd670422f287c5d8c20276e6c7051785dac58bcd2839f3c930fb15a1f195b2702ad4a1a9e19852d95c705b70c3925bfb49892d505cc006bec8d21dd3d0777bd88bbcb3bac5906dee619469431ad8808269419b868994d52c0b0a072b9d72cb7e7bb3a20e9dd4abaa8c238562d708ab91db1f24a66c8d90ea90ff80ea9a229bdb004ff7a4b099905fa920e5dd9cb2f5d437bb01d9e8df935e7b527fa6f97a37ebe9bcd7629989031bca09f51d2803c972f66bdd7e7079b3c9503678a1cc8f54f3b951a94e93bb7cc5d22da95bd155284cc170aacd2d483ee794781acd46db5e81581af7c2ceba50756439f4dc90df4e7d0a92cc9cbfc2585865ee27e32e160f608aa3ef69d05a6f13005b56b7c941930aeb54c5cf86431cfd2987f6dc3c59b0238b47816918687793439d5285374c88ab97a1b1f755f4f0daae47b577f71feb5855cdcbc32233eab2b3cd60cab02528e407b18cd32e62198f29002c9ddf1559bf34239abdf93905bbdd0c41b66bdf24d12f3f203d110b440799356c278290da7e1d3d71c4dba4ae548ec7cb180cac478c303622fff6a1e3968a8960a3cd376190d5b8c195a76f1418312809b173111b84f3a5e639f4abb70a9ee58d5e83c46b54271f7dc5c743c26bd39c61fe84e3ccba6862a2657091c0d93ab4c6702e56c1759418937018dfa03bde551d7528097dbb8c2df067462cbfd561288634f407be036334957d954f238f0eb1e0a24d38f648e4f14c19f5ef5e6942d42a0f571f97024597d86c4a4e4868c664f448dfe50a8fdb13c11cd123413a7b6493a8a864dfa0a3faac2f2a669591e2cc3e11c9a99212c2ed9e6706075f9ef9d84773a240ce065b0be47f6af43aeb919fe6e3a2f6ab2474cfe0b2e7ecf246b6e2ae334c1e5f5fb5d0e901d563d4a077e4a63fc9ee9c23f73a9dce94e2636736ac9bab9f8884c338f3f0e8805490452af3dc8b7c4db9cae2714f4b2a7c8b1f22485397344e8f9748a5b4840ea046333e144864673f5646634bc5da53682e535b64770c2120cedcfa501762ff00f16a0a20926323143b093095f28c4fac3e2b8e4e0c16ff6ff56768538089f0593889df6645be48cd8aa47f30a315f7490873b58753bd31923cbfaa8e3fefd572a53096fc200b648f6c5882e05505a48925dce0d1323b242e76529ac2e69fc721a8b57460313477f6d1da3370876be172cf0b701abf6c37c91a1cb6a2477eb1651a6ffa409010c5454ba95b10db6ac277e16463887c234d531a267c0629092b5f7045e40977e58fd4b9e6f177d84ef6c64e82f83d6cad5fa546e1f1b30db0027f95172497775bc0c86c8c84c5d71f5aa9e3b9555781ab90c5fcedfe7d2f38843038581b740ebf76591fbed678e2c58f52a7df689a4bcaf531ad7373d500918ef1bcbd2b268c73a878bcff131d500e14e2978bf36ac45f9a94b500c1f23ba9eb63c46f4397ff8f381af4f91d4e9d8525a753d76f6cb4d972a411a1b3ed067a59b9b4ec002785e8a0fe5c95124cf3b071964befe55d7c5e522604f07116607dd554b4f4320e565a44a1e9f2808b3a2cbc870719edfaa5354c25fa351ed8ee1cab0501cdbd60bcfca53e11ff1e02cc4d5e0fde6d44145ff7205c479141338d25a91ae0b7d967d14c0847e2f53a4d130a3c7c89fbaa87b2204a5f755dd1ad96f2b59c68214f365f2646e1c809cf902a03c7621e8eff7c1b199c8eceb79869453213959585594c3b34a23bfa71adef3007158676ef4ac9b74acdc5a8d59fbf7ab83953f31fc41eda05b9816594ae01a39573f258f359b6c21c0c2d3be5f30405d062a537c27fcfe6309d446f9772014d56166672e6b7973f33cdb7a23daec1c2ac257bea81fba7c11c08d8fa74ed79c759d2881d10508723a7196fcb56f539bff2b17300460077c09f628d2f359663a2b01a037033424e2545ba4a09425601152a75f500e68023a8edf2c6ca6975b1eee565b388c755112dee9ed1edbc8d5de291bff3406569741fb4768cb4da71963931aedef7d1890ba3057a7eaa8db820dcda3bd5220e5bdbbc3a271c39a8ce690988757497e83c0e9286ff610e8ebc170eeb78e1d218cf9f8ce05ee83829d873d407b9f509f91dc56f8897bc626677d6e85b5695cc6ae8c2af371f77bcaa5d780e718e77d6eb5d20cc29baf0736757bbc1a61509098d9ac10292d468b9c0bbca23608a465e8d19f17b87069a325e149139d1864ece9e5ab646a58ced7678b6818741fecd5b432c3772c65da64c6e59fe1b564b9f353836dd0adc1fc66eee744537d4d558fef3b0d4c75b24279de127c20d9e13ee72c3db41dd5d50bf331680e3864ad1d9cc604334fd2b9214688e567c3c38af1a9f98eedb09cedcfb770009710e6437fbe325c2d5c271da7b8d25e0e2041e8653d339efef65e7a754712b18f24d995142ff1ff90110f85011414871bc85a48d77425558f90b47b501501c8178545cfb474f162d2f86bd3ca679795d55998d22aaacd360ff0167c07aa19cb38ae124c7e08176e2aaf2e99694d59e47e46ab40df6a92611ac57131b72fa430771cf8918339808f9a5eaaf21a3205239f10c36f61fcba7c955361db3010be03d44a85f580d3e19680201046b35c316382149c0a5f1ed2f62064d2c47c34afa7ffd938f48a4828eff08f907095bbc51e28a259a7a0d1b6ec3971564af93cf0ff27518240486d53a5b0a75ab1502fce1e8539fbbc6bc6bc818045105f48c9956082dc60ec0bc2af0100282233ea8426c39c963bfd73841f3ad8375350f09a1139993922e220697158805252021a096c73c2e1cb39e62297f33a1ef13bf2a8ac70a6091eb58163e977676d79a29a2cddd6a741a14503bacb88a4cd3fd49f170fb1f9687386c2a7c35ef03f48be66af869cd80652d09f9eeed529ed51a05d04da3f7517ce028a5dee534b423467429f1a65a165d386aea4c67988696498769ccf8d60df8b63bf018e97d28ddcdda157783b725affee5246816dc0749208c17e0108e3692c8388ced3a502e3ff81ccb3aa2a641a3a89842221d5ff1abdd6fb31c682c15eaafe0d88a35603f1e2c0ed1e1d3a12c46ae72c3253ff0a1aff2888b8ba3636fa58e79120f87ff9acabeac40fae3541374019df5f451cd1aee91f99d96b6b1719e4918c63bf2c874dea95c9cfad8d59721b60ca4ca6257555285df64c727bac278fe8d6ac26cb430dd812827b8e13336a930f5f7af2d628045b49590a2d74e68d8420043516f9e4cbebe78c72761ed23a51d9c3f546c1544fb9be05786015c0b29c66ff909e7ee6387353b5718cf507cf60a676afb37de300be857c436731ebe73487fba0079871f33c2f000e32a4e6f8b2b60d8d379d88e909e388bb22b1ea84a77ef76ab4ac1cef0efb561a63804f8eaa0cee1b30ee6a7314b6b170e321475cacbec305b2bc33a90dd7090155659385ce0bfbc80538a964cd12d1ab22f28497baebba0ec8d31f1b61b385ba1b3c4bd204b705641719e3cc71281f73b7ae0e7a2bca62084e36ac611e7fdb5ff7930d70c084624350f99edd97e3d1b9ced5dedbb264ce1ef256cccf06788cc46af8b4a7e3fbaf922ea710536c20dc18db10ef94569fd20e7cf3fe4a3746cd80cec90b228bf8a5236fee30371bdb819dab1058f51d7143354dc614a652d3c872eb23f78cec82889684d99dd77365fb61e232ff2685e10a60261aea5da258b2591a0f738c2c3842c728ab65b1c8dc4610c02b0d5a7e745ed0eb28dcd0a770930e57fbb73c55471ce53fde996d8f6bff305ad8971e91346adc6f7b319fda5655cbd684871ae35a63897e3a2597428374d88eb5451ee88e0c895fd8c585426f6949e7954d83860c313c7b8948b223223187c3fea678568d86d90919fce34e3edbc99e1bc94904b0ed83dd4e5069381ab1a2e2b9f2b76ece0d069a53ea809d8402eff3e19949c2df96211dfc71ccf88f3046fba1f20d8e751ca8122753bc3e31308b4d1d4830ad36ff182b4da1e86ad11f38ebe6e2efb3185c6450f63c1acde4aa2f2b04827356e7beea5bc31b3d04491f3aed974a8775c22fae61c8e675eaf6e18a74159c9336e55bfc374f1e45a6fc63dfce019df7ad316d58c00d775098544ebd2e92665e34426aa4924077958eace9f42418ae54a254d8bb6325160cc045dd8c2662a8f7c408e31d59527bef25579abdfdc26bbca2defa6a22f02e62c64392a77d75aef8d5f51b4426e7c1cf69ca2a8cfad11af5027d76e6e8987957ad793d9407128d508444a9b6c7738d1199ffaebfebe6787508c7b69f3f11f85e41421c0608753ec0c26996123e43b8b8926e3024e2787854347dee5ff53d17d2807d4a4c824674f7c594d933c1f6f3c5e55da5e7395c9774fb103f4d4ed8afbf67453017ccf856a374165cac5defd4d4fe9f9e78040ae035d82405b140289322b6900d8a33a23f2e8224555d55721b5396c60ebc9b64a9f33208f3d8ef369a558c747c32a9d92328f05255dd47f145922c1af2face878884d07778b86aa7e6ca69561ed5181ca49ad62aea5c9400fd8a72bca6bfbe25882dd9cf680a3744b01e47d7b1b4cd704e98f4e4a6231588a1f73e0d5352d38bd02d6d33c6076c02b86940fdd88288b20e6f3c1e62b6c4810609c2adaa986d9f311f84ee211831f9126868efcb854372005bd06b5134da65a93be1b51baabb4d94264ecff3f6eb04c9fa27fcb817b92ffcff6166b96ae83def3bf5b1050d4b28bfca854b6ee24cbdd94103c026440302a69b25e9931d9c9f41e8da18e712d0beb0c572811df600486f7158008e92599e53a3156e4523adb2f48bb2e6d6092b25afcea39ecc6784a92e5a84c6515cd9e395572a31201f25911e0427abad68188cc9d7414cb7a6d3830c1277d6491dff51fade6b8f61d37b86e4ea1389910c6d63a3195d05d94c247b76e88053471ad45bb8be1335cc9f59568a571aabb77fb56a68fcc9623c67318cd83a4b8dcb82e439ea046fd7d75847e498471629f1fd9a3607b0c314dac6dcdb8ec74ea03ad0fa1597f627670b7a6aade837bf02acc848af2fa23acad5732409c76f7e735d98206a46691b691419deacd433c45289b3e8d325fe7cd84da10261959db433460c20d878430f2e013655dacf7240b280112a7b78ae63db89d32e94fd832af61eef880e7f722f08945b3ab80002e08925710ad2f2872004ce3a61c5847509fc3359509f1d74627dd18d5d786f14b729ae8bb871589167697f6ff7d551864a57c279606e2f3dee9df91595a7570ab2164f4e28e086d2027140a2fb0fa99a7b2013c4aeac91263eb2622fbe40ce0cae8e10e27f7e4febc7060dbbd6f4ac16cb96dd6059d993594e1f3f8458761f05543e8899096dbdbb7be88f42002eae019e35fe091a3fd0dddbae716fc7d9650084f45ff8f6824370c5907243bf1bcb300f71b77a3996482487e0eeebfbc600067dd2c63024f097b39ce270801c", @typed={0xd, 0x149, 0x0, 0x0, @str='\b\x00\x00\x00J\\4\xe1\x80'}]}, @typed={0x8, 0xbd, 0x0, 0x0, @fd=r3}, @generic="481ab40f6338d8cfdf3945a1da3d1c35cd4222ff7f6004b328ff98a0dea106d254eeda6eb67850007a260e097e820f6aa2c0d15f1e4b36ba72d5de6db18e5f0d7d7afb871c0f39bd2b9f316a92381034a2be0b93f95d0419b00b40a8a9ed7b839c414894ee54f09a5b81522a3eea5e7a35c40a19e7d8ed9a52d300eaeac614d5791de726334df4f8d3c178fef5ec23b1d4a506c51308658997db9d5c87ea044b294addbb0bc9e419c18a2f416c6cbd592de3b4fa95ea3dc2e554cb0f3454af4156a69130cc994972e5dbc6f06de4a2931187c4471f78d4", @generic="fee497e046e3b8d6b84a707464ad8eb2a39a085db34d06c0"]}]}, 0x24b4}, 0x1, 0x0, 0x0, 0x24000080}, 0x0) 1.651804952s ago: executing program 2 (id=1259): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="10010000", @ANYRES16=r0, @ANYBLOB="000226bd7000fddbdf251300000022000f00b434a40b6bf44a3333f5308dc9ed5cee8a84a909642b0cefbfa49ac6ed580000050060008000000014001b80040003000400020005000100080000000400e200b600f300a2431f8fe7d60e97c0b3eee014bd11ee77b81dc9c6f97fc3eb104491580087980754fc111ee7475f1aa4c50833458b7961f50ffeaa3f5e8e4a7abab7cf99f01718eb355b4f237dcd3278c9b7b1280f780b39c7f99d306f7f5df8f0a7ce48f9557e8c44592c695126dc329ee8b9e2f327582458e4ea2f141f16b0c314c4709936462d8e9425348c0396c57dff849c8a9a1ff47699475923031c82c6a4f0e6956bc9df334be1a6d2b425afe67d991e23b8e78c0000"], 0x110}, 0x1, 0x0, 0x0, 0x4048015}, 0x804) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0x2, 0x10004000eb1, 0xffffffffffffffff, 0x8000008000) socketpair$auto(0x1e, 0x5, 0x3, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = open(0x0, 0x22240, 0x155) sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE_EXT(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x14, 0x0, 0x4, 0x70bd28, 0x25dfdbfb, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x20000095) sendmsg$auto_KSMBD_EVENT_HEARTBEAT_REQUEST(r2, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x14, 0x0, 0x100, 0x70bd28, 0x25dfdbfc, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x20000000) r3 = socket(0xa, 0x1, 0x84) uname$auto(0x0) bind$auto(r3, &(0x7f0000000040)=@in={0x2, 0x3, @private=0xa010100}, 0x6a) r4 = socket(0x2, 0x801, 0x84) getsockopt$auto(r4, 0x6, 0x2, 0x0, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x64, 0x0, 0x1c) setitimer$auto(0x4, &(0x7f0000000000)={{0x1ff, 0x10001}, {0x200000000004, 0x6}}, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00') r5 = bpf$auto(0x12, &(0x7f0000000000)=@info={0x2800, 0x1ff, 0x2}, 0xcf) setsockopt$auto_SO_ATTACH_REUSEPORT_EBPF(r1, 0x1, 0x34, &(0x7f0000000380)=',\x00', 0x4c67) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000200), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x100, 0x0) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x121000, 0x0) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/dummy0/statistics/tx_errors\x00', 0x0, 0x0) r9 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/device_info\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r9, &(0x7f0000001080)=""/244, 0xf4) read$auto(r8, 0x0, 0x20) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'wlan1\x00'}) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r5, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000001d40)={0x24, r6, 0x200, 0x70bd2a, 0x25dfdc02, {}, [@ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x4}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x10000}]}, 0x24}, 0x1, 0x0, 0x0, 0x44890}, 0x4004001) 1.598369707s ago: executing program 0 (id=1260): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f00000000c0)={0x2}) socket(0xa, 0x801, 0x84) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x7, @local}, 0x55) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x1e, 0x0, 0x8) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x22, 0x3, 0x100) sysfs$auto(0x2, 0x4c, 0x0) fsopen$auto(0x0, 0x1) socket(0x2, 0x5, 0x0) r1 = socket(0x10, 0x2, 0x0) setsockopt$auto(r1, 0x104000000000010e, 0x1, 0x0, 0x16) writev$auto(0xffffffffffffffff, &(0x7f0000005ec0)={&(0x7f0000000040)="d96b631fc825b238c10d3bde692b7889ce4ae98369c86727de86b06c974e044d658523809399", 0x5}, 0x9) bind$auto(0xffffffffffffffff, &(0x7f0000000000)=@l2tp={0x2, 0x0, @multicast2, 0x3}, 0x68) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/dri/vkms/Writeback-1/edid_override\x00', 0x301e00, 0x0) ioctl$auto(0x3, 0x4030ae7b, 0xffffffffffffffff) 1.030823445s ago: executing program 1 (id=1261): r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffff5fdffe00, &(0x7f0000000400)=';') 961.842203ms ago: executing program 3 (id=1262): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/014/001\x00', 0x60000, 0x0) ioctl$auto(r0, 0x5522, 0xf15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(r1, 0x5522, 0xf15) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/net/eql/statistics/tx_carrier_errors\x00', 0x800, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000000)=""/45, 0x2d) ioctl$auto_FS_IOC_ZERO_RANGE(r2, 0x40305839, 0x200) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram2/partscan\x00', 0x80200, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000004300)=""/108, 0x6c) sendmsg$auto_NL80211_CMD_SET_HW_TIMESTAMP(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, 0x0, 0x400, 0x70bd2b, 0x25dfdbfb, {}, [@NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0xdc}, @NL80211_ATTR_EPCS={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000804}, 0x8000) 948.605559ms ago: executing program 0 (id=1263): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x18, 0x3, 0x2) sendmmsg$auto(0x3, 0x0, 0x2, 0x0) 858.372682ms ago: executing program 1 (id=1264): r0 = socket(0x2, 0x1, 0x106) setsockopt$auto(r0, 0xa, 0x6, &(0x7f0000000180)='\b\x00\x00\x00\xe4\x15\rq\tW\x9d=\x1e\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe7\x9b\xdd\x1cp\x19\xa0\x9dHN\xb4\x7f\x7f\xa0\xeaI\xa1\x0f/\xfc\x8e\xf9\xa6x\xa0\xdeo\t\x826Xe(\x0e\xffr\r\x8d\xefh\xdbG\x8b\xde\xfd$\'\a ]\x91YP\x94\xd0\xd0\x02\x10\xb1_z\xa2Ql\x8c\x91\xca4\x118\xcd\xc3\x97\xdaJ:\x1e\xe5f\xcaq\xdf`\x01;\xf9{D2\xc9WV)\xa3JH\xf5\xf9\x16\xac\xa4\x155\x80\x01I\xd9\xa5\xd0\xf1\xbd\xa0\xa4\xa5q\xc6F\x940\x00\xf8\xef\xa4\xfd\xd2z\xf5\x91z<\x9f\xf0\x8f/\x81\x84\xed J&\x8f\xd9\xab-\xf8\xd0\xd3\xcea\x91pM0\xcd\x18\xb4\xe0u\x99\b', 0x6237) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000040), r0) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/nr3/queues/rx-0/rps_flow_cnt\x00', 0x200, 0x0) read$auto(r2, 0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x20040, 0x0) openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/options/markers\x00', 0x42, 0x0) writev$auto(0x4, &(0x7f0000000080)={0x0, 0x8}, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x1, 0x2) sendmsg$auto_NBD_CMD_DISCONNECT(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r1, 0x800, 0x70bd29, 0x25dfdbfc, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x5}]}, 0x20}}, 0x4) 858.196404ms ago: executing program 2 (id=1265): mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/xfs/stats/stats_clear\x00', 0x121e81, 0x0) getpid() gettid() getpid() openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, 0x0, 0x402081, 0x0) r0 = open(&(0x7f0000000100)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0xd7) r1 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x3b) socket(0x3b, 0x800, 0xfede76c) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) r2 = socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x2, 0x801, 0x106) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r3 = socket(0xa, 0x2, 0x0) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) r4 = socket(0xa, 0x2, 0x88) close_range$auto(0x0, 0xfffffffffffff000, 0x400002) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r4, @new_prog_fd=r3, 0x4, @old_map_fd=r2}, 0xa3) bpf$auto(0x3, &(0x7f0000000040)=@query={@target_ifindex, 0x10004, 0x7, 0x9, 0x7f, @prog_cnt=0x42c, 0x0, 0x80000005, 0xf, 0xb, 0x5}, 0x4) ioctl$auto_UBI_IOCATT(0xffffffffffffffff, 0x40186f40, &(0x7f0000000000)={0xffffffff, 0xfffffffd, 0xfffffffe, 0x8490, 0x4, 0x1}) getsockopt$auto_SO_BSDCOMPAT(r1, 0x1020007, 0xe, &(0x7f0000000180)='\x9cV\xcc\x9cl\"', &(0x7f0000000140)=0x7fff) read$auto(r0, 0x0, 0x1) 801.604221ms ago: executing program 3 (id=1266): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/apparmor/parameters/lock_policy\x00', 0x82, 0x0) mmap$auto(0x1f, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) 743.762185ms ago: executing program 0 (id=1267): close_range$auto(0x2, 0x8, 0x0) (async) r0 = socket(0xa, 0x3, 0x3c) socket$nl_generic(0x10, 0x3, 0x10) (async) mq_timedreceive$auto(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000005c0)={0x9, 0xffffffffffffffff}) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async) bind$auto(r0, &(0x7f00000001c0)=@qipcrtr={0x2a, 0x4, 0x7ffe}, 0x4) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) futex$auto(0x0, 0x9, 0x3e, 0x0, 0x0, 0x0) (async) ioctl$auto(r2, 0x2, 0x9) (async) ioctl$auto(r2, 0x400c4d00, r2) (async) epoll_create$auto(0x3e) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) (async) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_GET_MSRS(r1, 0x4188aea7, &(0x7f0000000140)={0xb, 0x0, [{0x8, 0x4005c3, 0xfc}, {0xffff, 0x2, 0x697}, {0x101, 0x6, 0x16f92900}, {0x2, 0x9, 0x2}, {0x996, 0x10001, 0x21}, {0x7, 0x80, 0x100000000000}, {0x1, 0x9, 0x8}]}) 694.29698ms ago: executing program 1 (id=1268): mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev3\x00', 0x169000, 0x0) ioctl$auto(r0, 0x5646, r0) 693.76008ms ago: executing program 3 (id=1269): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000000)='//\xf2\x00', 0x80000000) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) inotify_init1$auto(0x3000000000000) socket$nl_generic(0x11, 0x3, 0x10) socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x2, 0x2, 0x1) bpf$auto(0x0, &(0x7f0000000000)=@bpf_attr_4={0x16, r1, 0xf23, r1}, 0x10) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x3}, 0x8) bpf$auto(0x1, &(0x7f0000000080)=@bpf_attr_3={0x5, 0x0, 0x2, 0x5c, 0x4, 0x9, 0x80, 0xe4, 0xfffff800, "0566c8ee7c78a925488276d7697a12bd", 0x0, 0x2, 0xffffffffffffffff, 0x7, 0x9, 0x4, 0x7, 0x10001, 0x0, 0x8001, @attach_prog_fd, 0x7e, 0x4, 0x1, 0x5, 0x3}, 0x5) mmap$auto(0x200000000000, 0x810004, 0x40000000000ffb, 0x8000000008011, 0x3, 0x8000) 580.740865ms ago: executing program 2 (id=1270): socket(0x1d, 0x2, 0x7) getpeername$auto(0x3, 0x0, 0x0) r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/scsi/sg/devices\x00', 0x410180, 0x0) openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000140), 0x183103, 0x0) pread64$auto(r0, 0x0, 0xf42c, 0x400) r1 = gettid() rt_sigqueueinfo$auto(r1, 0xe, &(0x7f0000000000)={@siginfo_0_0={0x76bb, 0x3, 0x4, @_sigfault={0x0}}}) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev1\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) ioctl$auto(0x3, 0xc040564a, 0x38) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/ip_forward\x00', 0x2002, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/kernel/threads-max\x00', 0x20202, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/icmp/ratemask\x00', 0xa0202, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/devices/virtual/block/nbd5/queue/io_poll\x00', 0x182b02, 0x0) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) sendfile$auto(r4, r5, 0x0, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x41555856, 0x3f, 0x2008, 0x0, 0x0) r6 = socket(0xa, 0x3, 0x3a) ioctl$auto(r6, 0x890b, 0x1) sendfile$auto(r2, r3, 0x0, 0x4) 515.378871ms ago: executing program 0 (id=1271): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/tty/tty33/dev\x00', 0xd0200, 0x0) r0 = socket(0x2, 0x2, 0x1) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_4={0x1f, r0, 0x10000}, 0x10) 390.369467ms ago: executing program 1 (id=1272): r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffff5fdffe00, 0x0) 390.035677ms ago: executing program 0 (id=1273): r0 = openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_score_adj\x00', 0x80000, 0x0) (async) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0xffffffffffffffff, 0x28000) (async) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x2440, 0x0) syz_clone3(&(0x7f0000000080)={0x11, 0x0, 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0}}, 0x58) (async) read$auto(r1, 0x0, 0x20) (async) select$auto(0x9, 0x0, 0x0, &(0x7f0000000040)={[0xfffffffffffffffd, 0x800000000000, 0xa, 0x40007fff, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x20000000000003, 0x8000400, 0x7, 0x7, 0x2, 0x93, 0x400000001, 0x1000000000000002]}, 0x0) (async) open_by_handle_at$auto(r0, &(0x7f0000000180)={0x54, 0x101, "36a3a6e8ea4374338b5ae01bdf11400cdd818223e29e61d25ebd18cd9ffc396a0eb3d73512d72903e95fd6d8dcc17c003dd49a4ca6c260cce0e17dd2d41a119351b48ee4936921c5231be2e00afea5ccdaddd6aa"}, 0x9) (async) socket(0x29, 0x2, 0x0) (async) mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, 0xffffffffffffffff, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) modify_ldt$auto(0x1, 0x0, 0x10) r2 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) io_uring_setup$auto(0x2008, 0x0) (async) ioctl$auto_dvb_demux_fops_dmxdev(r2, 0x403c6f2b, 0x0) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) (async) statmount$auto(&(0x7f0000000000)={0x7e, @raw=0x400, 0x80000024, 0x7fff, 0x4}, 0x0, 0x7ffffffff001, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0xa, 0x0) (async) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) (async) futex$auto(&(0x7f0000000080)=0x2948, 0x0, 0x2948, 0x0, 0x0, 0x5) (async) futex$auto(&(0x7f0000000080)=0x3, 0x3, 0x1f, 0x0, &(0x7f0000000100)=0x4, 0x440a48d3) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) (async) setsockopt$auto(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x8004) (async) unshare$auto(0x40000080) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/virtual/block/nbd12/queue/write_cache\x00', 0x80002, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) r3 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x1a1000, 0x0) ioctl$auto_PROCMAP_QUERY(r3, 0xc0686611, &(0x7f0000000080)={0x67, 0x0, 0x7fff, 0x5, 0x80000000003, 0xfffbffffffffff80, 0x80000001, 0xff, 0x6, 0x7, 0xfbfffffe, 0x5, 0x2, 0x7, 0x80000005}) 335.308804ms ago: executing program 1 (id=1274): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/apparmor/parameters/lock_policy\x00', 0x82, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (fail_nth: 4) write$auto(0x3, 0x0, 0xfffffdef) 301.329165ms ago: executing program 2 (id=1275): openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyqf\x00', 0x400082, 0x0) r0 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000600), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0x1c, r0, 0x9, 0x70bd2c, 0x25dfdbfb, {}, [@IOAM6_ATTR_NS_ID={0x6, 0x1, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x808) r2 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x1000001, 0x4000000000df, 0x7b5, 0x401, 0x1003) mmap$auto(0x0, 0x1, 0xdf, 0xeb1, 0x403, 0x20008000) r3 = set_tid_address$auto(0x0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) r4 = syz_open_procfs$namespace(r3, &(0x7f0000000080)) mmap$auto(0x0, 0x8000, 0xdf, 0xeb1, 0x401, 0x8000) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/nmi_watchdog\x00', 0x101000, 0x0) read$auto(r5, 0x0, 0x1ff) getdents64$auto(r4, 0x0, 0x18) getsockopt$auto(r2, 0x1, 0x2, 0x0, 0x0) 18.390489ms ago: executing program 2 (id=1276): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) prctl$auto(0x34, 0x17, 0x0, 0x0, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty42\x00', 0x40741, 0x0) mmap$auto(0x0, 0x20009, 0x2000000e0, 0xeb1, 0x40000000000a5, 0x8000) mknod$auto(0x0, 0xea3, 0x2) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) ioctl$auto(0x3, 0x402c542d, r0) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/oom_adj\x00', 0x0, 0x0) mmap$auto(0x0, 0xf92e, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f00000000c0)={0x0, 0xffffffff}, 0x6) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/asound/card1/cable#0\x00', 0x8f3b7a51b80ebd01, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000003b80)='/dev/snd/pcmC0D0c\x00', 0x8100, 0x0) arch_prctl$auto(0x5003, 0x5) r2 = socket(0x11, 0x2, 0x0) capset$auto(0x0, &(0x7f0000000000)={0x1, 0xa, 0x8}) sendmmsg$auto(r2, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={0x0, 0x49}, 0x4, &(0x7f00000000c0), 0x5, 0x1000}, 0x5}, 0x2, 0x100fe) arch_prctl$auto(0x5002, 0x1) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/loop10/power/autosuspend_delay_ms\x00', 0x182b02, 0x0) waitid$auto_P_PGID(0x2, 0xffffffffffffffff, &(0x7f0000000340)={@siginfo_0_0={0xfffff801, 0x2, 0x8000, @_sigsys={&(0x7f0000000240)="b089237097b88e40064c533331bb0ef0f3871bb6271d7c7ebbe31d346d27fcd831cda35f211ad5adaa038e646c925d67cb31086631f969ce129b0382463779415e39b70fdf797cdb0eca20afbf1e054a9d1bf9b9fa44a34ce03f43ec9f1a78f74d9ccfca985bd58f840af3597c60703d4620907775a0081ef431f8be10d6c7e35ff52ec27aa3d1eadd29fe6529475538b872e0ee7197cf928e9dff0c41514b651f787dcf714aff7f2ec83d8412b0ad30a25b00075552903ebc130811936d5bd79f1741067769d3a50baa767782d8d0426cfc", 0x9, 0x2}}}, 0x3fb, &(0x7f00000003c0)={{0x228e, 0x1000000007}, {0xc, 0x4}, 0xc4, 0x5, 0x7f, 0xffffffffff000002, 0x200000000000009, 0x5, 0x101, 0x100000000006, 0xa511, 0x100, 0x1, 0x6, 0xbdf6, 0x819b}) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/bond0/bonding/arp_all_targets\x00', 0x140b02, 0x0) sendfile$auto(r4, r4, 0x0, 0x7ffffffffffffffc) open(&(0x7f0000000140)='./cgroup\x00', 0x2040, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x15, r3, 0x200000008000) memfd_create$auto(0x0, 0x9) write$auto(0x3, 0x0, 0xfffffdef) 0s ago: executing program 3 (id=1277): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/misc/hw_random/rng_available\x00', 0x22000, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/firmware/acpi/interrupts/ff_slp_btn\x00', 0x8522, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xa0102, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:04.0/remove\x00', 0x2801, 0x0) write$auto(r0, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92\x90|l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00'/507, 0x1098c7) io_uring_setup$auto(0x7, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000b00), r1) sendmsg$auto_GTP_CMD_ECHOREQ(r1, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000140)={0x34, r2, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@GTPA_PEER_ADDRESS={0x8}, @GTPA_MS_ADDRESS={0x8}, @GTPA_VERSION={0x8, 0x2, 0x7}, @GTPA_LINK={0x8, 0x1, 0x3}]}, 0x34}, 0x1, 0x0, 0x0, 0x90}, 0x80) r3 = socket(0xa, 0x5, 0x84) getsockopt$auto(r3, 0x84, 0x1f, 0x0, &(0x7f0000000080)=0x49b) kernel console output (not intermixed with test programs): ][T10871] __kmalloc_cache_node_noprof+0x75/0x7a0 [ 446.307528][T10871] ? sched_setaffinity+0x265/0x400 [ 446.307566][T10871] ? sched_setaffinity+0x265/0x400 [ 446.307594][T10871] sched_setaffinity+0x265/0x400 [ 446.307623][T10871] ? __pfx_sched_setaffinity+0x10/0x10 [ 446.307656][T10871] ? _copy_from_user+0x59/0xd0 [ 446.307700][T10871] __x64_sys_sched_setaffinity+0x116/0x140 [ 446.307729][T10871] ? xfd_validate_state+0x61/0x180 [ 446.307764][T10871] ? __pfx___x64_sys_sched_setaffinity+0x10/0x10 [ 446.307794][T10871] ? rcu_is_watching+0x12/0xc0 [ 446.307818][T10871] do_syscall_64+0xcd/0xfa0 [ 446.307854][T10871] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.307881][T10871] RIP: 0033:0x7fb06e18f749 [ 446.307903][T10871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 446.307929][T10871] RSP: 002b:00007fb06f045038 EFLAGS: 00000246 ORIG_RAX: 00000000000000cb [ 446.307955][T10871] RAX: ffffffffffffffda RBX: 00007fb06e3e5fa0 RCX: 00007fb06e18f749 [ 446.307972][T10871] RDX: 00002000000000c0 RSI: 000000000000cf4d RDI: 0000000000000000 [ 446.307988][T10871] RBP: 00007fb06e213f91 R08: 0000000000000000 R09: 0000000000000000 [ 446.308004][T10871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 446.308020][T10871] R13: 00007fb06e3e6038 R14: 00007fb06e3e5fa0 R15: 00007ffdce0c51f8 [ 446.308091][T10871] [ 446.578723][T10873] netlink: 'syz.3.902': attribute type 11 has an invalid length. [ 448.096914][T10896] netlink: 'syz.0.906': attribute type 17 has an invalid length. [ 448.150899][T10896] netlink: 326 bytes leftover after parsing attributes in process `syz.0.906'. [ 448.924134][T10906] netlink: 'syz.2.908': attribute type 17 has an invalid length. [ 448.937382][T10906] netlink: 326 bytes leftover after parsing attributes in process `syz.2.908'. [ 449.284073][T10918] netlink: 'syz.3.910': attribute type 11 has an invalid length. [ 449.305289][T10918] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 449.348634][T10918] CPU: 0 UID: 0 PID: 10918 Comm: syz.3.910 Not tainted syzkaller #0 PREEMPT(full) [ 449.348669][T10918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 449.348684][T10918] Call Trace: [ 449.348694][T10918] [ 449.348704][T10918] dump_stack_lvl+0x16c/0x1f0 [ 449.348740][T10918] sysfs_warn_dup+0x7f/0xa0 [ 449.348771][T10918] sysfs_do_create_link_sd+0x124/0x140 [ 449.348805][T10918] sysfs_create_link+0x61/0xc0 [ 449.348834][T10918] device_add+0x62c/0x1aa0 [ 449.348862][T10918] ? __pfx_device_add+0x10/0x10 [ 449.348883][T10918] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 449.348926][T10918] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 449.348963][T10918] wiphy_register+0x1eb0/0x2b20 [ 449.348994][T10918] ? netdev_run_todo+0x864/0x1320 [ 449.349031][T10918] ? __pfx_wiphy_register+0x10/0x10 [ 449.349084][T10918] ieee80211_register_hw+0x253d/0x4120 [ 449.349131][T10918] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 449.349165][T10918] ? __pfx___debug_object_init+0x10/0x10 [ 449.349201][T10918] ? find_held_lock+0x2b/0x80 [ 449.349227][T10918] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 449.349265][T10918] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 449.349296][T10918] ? __hrtimer_setup+0x176/0x280 [ 449.349335][T10918] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 449.349385][T10918] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 449.349414][T10918] ? __asan_memcpy+0x3c/0x60 [ 449.349445][T10918] hwsim_new_radio_nl+0xba2/0x1330 [ 449.349475][T10918] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 449.349593][T10918] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 449.349628][T10918] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 449.349669][T10918] genl_family_rcv_msg_doit+0x209/0x2f0 [ 449.349706][T10918] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 449.349750][T10918] ? bpf_lsm_capable+0x9/0x10 [ 449.349779][T10918] ? security_capable+0x7e/0x260 [ 449.349815][T10918] ? ns_capable+0xd7/0x110 [ 449.349844][T10918] genl_rcv_msg+0x55c/0x800 [ 449.349882][T10918] ? __pfx_genl_rcv_msg+0x10/0x10 [ 449.349911][T10918] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 449.349952][T10918] netlink_rcv_skb+0x158/0x420 [ 449.349979][T10918] ? __pfx_genl_rcv_msg+0x10/0x10 [ 449.350009][T10918] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 449.350062][T10918] genl_rcv+0x28/0x40 [ 449.350087][T10918] netlink_unicast+0x5aa/0x870 [ 449.350118][T10918] ? __pfx_netlink_unicast+0x10/0x10 [ 449.350143][T10918] ? __pfx___might_resched+0x10/0x10 [ 449.350181][T10918] netlink_sendmsg+0x8c8/0xdd0 [ 449.350215][T10918] ? __pfx_netlink_sendmsg+0x10/0x10 [ 449.350245][T10918] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 449.350282][T10918] ____sys_sendmsg+0xa98/0xc70 [ 449.350311][T10918] ? copy_msghdr_from_user+0x10a/0x160 [ 449.350332][T10918] ? __pfx_____sys_sendmsg+0x10/0x10 [ 449.350359][T10918] ? trace_sched_exit_tp+0xd1/0x120 [ 449.350411][T10918] ___sys_sendmsg+0x134/0x1d0 [ 449.350439][T10918] ? __pfx____sys_sendmsg+0x10/0x10 [ 449.350503][T10918] ? __sys_sendmsg+0x11d/0x220 [ 449.350542][T10918] __sys_sendmsg+0x16d/0x220 [ 449.350567][T10918] ? __pfx___sys_sendmsg+0x10/0x10 [ 449.350592][T10918] ? __x64_sys_futex+0x1e0/0x4c0 [ 449.350650][T10918] do_syscall_64+0xcd/0xfa0 [ 449.350683][T10918] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.350706][T10918] RIP: 0033:0x7f292b38f749 [ 449.350728][T10918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 449.350750][T10918] RSP: 002b:00007f292c15d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 449.350774][T10918] RAX: ffffffffffffffda RBX: 00007f292b5e5fa0 RCX: 00007f292b38f749 [ 449.350791][T10918] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 449.350806][T10918] RBP: 00007f292b413f91 R08: 0000000000000000 R09: 0000000000000000 [ 449.350821][T10918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 449.350835][T10918] R13: 00007f292b5e6038 R14: 00007f292b5e5fa0 R15: 00007ffce50f7cb8 [ 449.350871][T10918] [ 450.016677][T10923] netlink: 'syz.2.911': attribute type 11 has an invalid length. [ 450.056895][T10923] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 450.181600][T10923] CPU: 1 UID: 0 PID: 10923 Comm: syz.2.911 Not tainted syzkaller #0 PREEMPT(full) [ 450.181628][T10923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 450.181643][T10923] Call Trace: [ 450.181649][T10923] [ 450.181656][T10923] dump_stack_lvl+0x16c/0x1f0 [ 450.181680][T10923] sysfs_warn_dup+0x7f/0xa0 [ 450.181699][T10923] sysfs_do_create_link_sd+0x124/0x140 [ 450.181723][T10923] sysfs_create_link+0x61/0xc0 [ 450.181741][T10923] device_add+0x62c/0x1aa0 [ 450.181757][T10923] ? __pfx_device_add+0x10/0x10 [ 450.181769][T10923] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 450.181795][T10923] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 450.181817][T10923] wiphy_register+0x1eb0/0x2b20 [ 450.181836][T10923] ? netdev_run_todo+0x864/0x1320 [ 450.181858][T10923] ? __pfx_wiphy_register+0x10/0x10 [ 450.181888][T10923] ieee80211_register_hw+0x253d/0x4120 [ 450.181916][T10923] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 450.181937][T10923] ? __pfx___debug_object_init+0x10/0x10 [ 450.181958][T10923] ? find_held_lock+0x2b/0x80 [ 450.181974][T10923] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 450.181997][T10923] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 450.182016][T10923] ? __hrtimer_setup+0x176/0x280 [ 450.182039][T10923] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 450.182067][T10923] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 450.182084][T10923] ? __asan_memcpy+0x3c/0x60 [ 450.182102][T10923] hwsim_new_radio_nl+0xba2/0x1330 [ 450.182119][T10923] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 450.182141][T10923] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 450.182160][T10923] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 450.182183][T10923] genl_family_rcv_msg_doit+0x209/0x2f0 [ 450.182203][T10923] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 450.182227][T10923] ? bpf_lsm_capable+0x9/0x10 [ 450.182245][T10923] ? security_capable+0x7e/0x260 [ 450.182266][T10923] ? ns_capable+0xd7/0x110 [ 450.182282][T10923] genl_rcv_msg+0x55c/0x800 [ 450.182302][T10923] ? __pfx_genl_rcv_msg+0x10/0x10 [ 450.182320][T10923] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 450.182343][T10923] netlink_rcv_skb+0x158/0x420 [ 450.182358][T10923] ? __pfx_genl_rcv_msg+0x10/0x10 [ 450.182376][T10923] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 450.182400][T10923] ? netlink_deliver_tap+0x1ae/0xd30 [ 450.182417][T10923] genl_rcv+0x28/0x40 [ 450.182432][T10923] netlink_unicast+0x5aa/0x870 [ 450.182468][T10923] ? __pfx_netlink_unicast+0x10/0x10 [ 450.182673][T10923] ? __pfx___might_resched+0x10/0x10 [ 450.182699][T10923] netlink_sendmsg+0x8c8/0xdd0 [ 450.182720][T10923] ? __pfx_netlink_sendmsg+0x10/0x10 [ 450.182743][T10923] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 450.182775][T10923] ____sys_sendmsg+0xa98/0xc70 [ 450.182796][T10923] ? copy_msghdr_from_user+0x10a/0x160 [ 450.182811][T10923] ? __pfx_____sys_sendmsg+0x10/0x10 [ 450.182844][T10923] ? __pfx_futex_wake_mark+0x10/0x10 [ 450.182870][T10923] ___sys_sendmsg+0x134/0x1d0 [ 450.182882][T10923] ? find_held_lock+0x2b/0x80 [ 450.182898][T10923] ? __pfx____sys_sendmsg+0x10/0x10 [ 450.182911][T10923] ? __lock_acquire+0x622/0x1c90 [ 450.182955][T10923] __sys_sendmsg+0x16d/0x220 [ 450.182970][T10923] ? __pfx___sys_sendmsg+0x10/0x10 [ 450.182984][T10923] ? __x64_sys_futex+0x1e0/0x4c0 [ 450.183015][T10923] do_syscall_64+0xcd/0xfa0 [ 450.183035][T10923] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 450.183050][T10923] RIP: 0033:0x7f62bfd8f749 [ 450.183064][T10923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 450.183077][T10923] RSP: 002b:00007f62c0b65038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 450.183092][T10923] RAX: ffffffffffffffda RBX: 00007f62bffe5fa0 RCX: 00007f62bfd8f749 [ 450.183102][T10923] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 450.183111][T10923] RBP: 00007f62bfe13f91 R08: 0000000000000000 R09: 0000000000000000 [ 450.183119][T10923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 450.183128][T10923] R13: 00007f62bffe6038 R14: 00007f62bffe5fa0 R15: 00007ffedee782d8 [ 450.183149][T10923] [ 451.964119][T10949] netlink: 'syz.1.917': attribute type 11 has an invalid length. [ 452.085740][T10949] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 452.134800][T10949] CPU: 0 UID: 0 PID: 10949 Comm: syz.1.917 Not tainted syzkaller #0 PREEMPT(full) [ 452.134832][T10949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 452.134846][T10949] Call Trace: [ 452.134853][T10949] [ 452.134862][T10949] dump_stack_lvl+0x16c/0x1f0 [ 452.134895][T10949] sysfs_warn_dup+0x7f/0xa0 [ 452.134923][T10949] sysfs_do_create_link_sd+0x124/0x140 [ 452.134949][T10949] sysfs_create_link+0x61/0xc0 [ 452.134975][T10949] device_add+0x62c/0x1aa0 [ 452.134999][T10949] ? __pfx_device_add+0x10/0x10 [ 452.135019][T10949] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 452.135059][T10949] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 452.135099][T10949] wiphy_register+0x1eb0/0x2b20 [ 452.135130][T10949] ? netdev_run_todo+0x864/0x1320 [ 452.135168][T10949] ? __pfx_wiphy_register+0x10/0x10 [ 452.135223][T10949] ieee80211_register_hw+0x253d/0x4120 [ 452.135273][T10949] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 452.135308][T10949] ? __pfx___debug_object_init+0x10/0x10 [ 452.135360][T10949] ? find_held_lock+0x2b/0x80 [ 452.135388][T10949] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 452.135426][T10949] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 452.135459][T10949] ? __hrtimer_setup+0x176/0x280 [ 452.135495][T10949] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 452.135543][T10949] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 452.135673][T10949] ? __asan_memcpy+0x3c/0x60 [ 452.135717][T10949] hwsim_new_radio_nl+0xba2/0x1330 [ 452.135753][T10949] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 452.135791][T10949] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 452.135827][T10949] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 452.135867][T10949] genl_family_rcv_msg_doit+0x209/0x2f0 [ 452.135904][T10949] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 452.135952][T10949] ? bpf_lsm_capable+0x9/0x10 [ 452.135986][T10949] ? security_capable+0x7e/0x260 [ 452.136025][T10949] ? ns_capable+0xd7/0x110 [ 452.136055][T10949] genl_rcv_msg+0x55c/0x800 [ 452.136092][T10949] ? __pfx_genl_rcv_msg+0x10/0x10 [ 452.136123][T10949] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 452.136165][T10949] netlink_rcv_skb+0x158/0x420 [ 452.136193][T10949] ? __pfx_genl_rcv_msg+0x10/0x10 [ 452.136227][T10949] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 452.136271][T10949] ? netlink_deliver_tap+0x1ae/0xd30 [ 452.136303][T10949] genl_rcv+0x28/0x40 [ 452.136343][T10949] netlink_unicast+0x5aa/0x870 [ 452.136377][T10949] ? __pfx_netlink_unicast+0x10/0x10 [ 452.136405][T10949] ? __pfx___might_resched+0x10/0x10 [ 452.136443][T10949] netlink_sendmsg+0x8c8/0xdd0 [ 452.136477][T10949] ? __pfx_netlink_sendmsg+0x10/0x10 [ 452.136510][T10949] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 452.136555][T10949] ____sys_sendmsg+0xa98/0xc70 [ 452.136591][T10949] ? copy_msghdr_from_user+0x10a/0x160 [ 452.136618][T10949] ? __pfx_____sys_sendmsg+0x10/0x10 [ 452.136660][T10949] ? __pfx_futex_wake_mark+0x10/0x10 [ 452.136705][T10949] ___sys_sendmsg+0x134/0x1d0 [ 452.136732][T10949] ? __pfx____sys_sendmsg+0x10/0x10 [ 452.136754][T10949] ? __lock_acquire+0x622/0x1c90 [ 452.136842][T10949] __sys_sendmsg+0x16d/0x220 [ 452.136870][T10949] ? __pfx___sys_sendmsg+0x10/0x10 [ 452.136895][T10949] ? __x64_sys_futex+0x1e0/0x4c0 [ 452.136953][T10949] do_syscall_64+0xcd/0xfa0 [ 452.136988][T10949] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 452.137015][T10949] RIP: 0033:0x7fb06e18f749 [ 452.137036][T10949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 452.137061][T10949] RSP: 002b:00007fb06f045038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 452.137087][T10949] RAX: ffffffffffffffda RBX: 00007fb06e3e5fa0 RCX: 00007fb06e18f749 [ 452.137105][T10949] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 452.137120][T10949] RBP: 00007fb06e213f91 R08: 0000000000000000 R09: 0000000000000000 [ 452.137136][T10949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 452.137151][T10949] R13: 00007fb06e3e6038 R14: 00007fb06e3e5fa0 R15: 00007ffdce0c51f8 [ 452.137191][T10949] [ 452.676632][T10956] netlink: 'syz.3.919': attribute type 11 has an invalid length. [ 452.704410][T10956] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 452.718257][T10956] CPU: 0 UID: 0 PID: 10956 Comm: syz.3.919 Not tainted syzkaller #0 PREEMPT(full) [ 452.718300][T10956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 452.718314][T10956] Call Trace: [ 452.718322][T10956] [ 452.718331][T10956] dump_stack_lvl+0x16c/0x1f0 [ 452.718368][T10956] sysfs_warn_dup+0x7f/0xa0 [ 452.718398][T10956] sysfs_do_create_link_sd+0x124/0x140 [ 452.718432][T10956] sysfs_create_link+0x61/0xc0 [ 452.718465][T10956] device_add+0x62c/0x1aa0 [ 452.718491][T10956] ? __pfx_device_add+0x10/0x10 [ 452.718511][T10956] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 452.718552][T10956] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 452.718592][T10956] wiphy_register+0x1eb0/0x2b20 [ 452.718625][T10956] ? netdev_run_todo+0x864/0x1320 [ 452.718665][T10956] ? __pfx_wiphy_register+0x10/0x10 [ 452.718722][T10956] ieee80211_register_hw+0x253d/0x4120 [ 452.718774][T10956] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 452.718809][T10956] ? __pfx___debug_object_init+0x10/0x10 [ 452.718848][T10956] ? find_held_lock+0x2b/0x80 [ 452.718871][T10956] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 452.718909][T10956] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 452.718942][T10956] ? __hrtimer_setup+0x176/0x280 [ 452.718982][T10956] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 452.719033][T10956] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 452.719064][T10956] ? __asan_memcpy+0x3c/0x60 [ 452.719113][T10956] hwsim_new_radio_nl+0xba2/0x1330 [ 452.719146][T10956] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 452.719186][T10956] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 452.719217][T10956] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 452.719258][T10956] genl_family_rcv_msg_doit+0x209/0x2f0 [ 452.719301][T10956] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 452.719346][T10956] ? bpf_lsm_capable+0x9/0x10 [ 452.719378][T10956] ? security_capable+0x7e/0x260 [ 452.719414][T10956] ? ns_capable+0xd7/0x110 [ 452.719444][T10956] genl_rcv_msg+0x55c/0x800 [ 452.719479][T10956] ? __pfx_genl_rcv_msg+0x10/0x10 [ 452.719511][T10956] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 452.719553][T10956] netlink_rcv_skb+0x158/0x420 [ 452.719582][T10956] ? __pfx_genl_rcv_msg+0x10/0x10 [ 452.719614][T10956] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 452.719655][T10956] ? netlink_deliver_tap+0x1ae/0xd30 [ 452.719688][T10956] genl_rcv+0x28/0x40 [ 452.719714][T10956] netlink_unicast+0x5aa/0x870 [ 452.719747][T10956] ? __pfx_netlink_unicast+0x10/0x10 [ 452.719774][T10956] ? __pfx___might_resched+0x10/0x10 [ 452.719814][T10956] netlink_sendmsg+0x8c8/0xdd0 [ 452.719848][T10956] ? __pfx_netlink_sendmsg+0x10/0x10 [ 452.719881][T10956] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 452.719924][T10956] ____sys_sendmsg+0xa98/0xc70 [ 452.719958][T10956] ? copy_msghdr_from_user+0x10a/0x160 [ 452.719983][T10956] ? __pfx_____sys_sendmsg+0x10/0x10 [ 452.720025][T10956] ? __pfx_futex_wake_mark+0x10/0x10 [ 452.720068][T10956] ___sys_sendmsg+0x134/0x1d0 [ 452.720096][T10956] ? __pfx____sys_sendmsg+0x10/0x10 [ 452.720116][T10956] ? __lock_acquire+0x622/0x1c90 [ 452.720197][T10956] __sys_sendmsg+0x16d/0x220 [ 452.720224][T10956] ? __pfx___sys_sendmsg+0x10/0x10 [ 452.720250][T10956] ? __x64_sys_futex+0x1e0/0x4c0 [ 452.720314][T10956] do_syscall_64+0xcd/0xfa0 [ 452.720349][T10956] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 452.720376][T10956] RIP: 0033:0x7f292b38f749 [ 452.720397][T10956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 452.720421][T10956] RSP: 002b:00007f292c15d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 452.720454][T10956] RAX: ffffffffffffffda RBX: 00007f292b5e5fa0 RCX: 00007f292b38f749 [ 452.720472][T10956] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 452.720488][T10956] RBP: 00007f292b413f91 R08: 0000000000000000 R09: 0000000000000000 [ 452.720502][T10956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 452.720516][T10956] R13: 00007f292b5e6038 R14: 00007f292b5e5fa0 R15: 00007ffce50f7cb8 [ 452.720554][T10956] [ 455.329989][T10992] netlink: 'syz.0.926': attribute type 17 has an invalid length. [ 455.337770][T10992] netlink: 326 bytes leftover after parsing attributes in process `syz.0.926'. [ 455.757669][T10991] netlink: 'syz.2.925': attribute type 17 has an invalid length. [ 455.800831][T10991] netlink: 326 bytes leftover after parsing attributes in process `syz.2.925'. [ 456.677166][T11012] netlink: 'syz.2.930': attribute type 11 has an invalid length. [ 456.779737][T11012] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 456.807414][T11012] CPU: 0 UID: 0 PID: 11012 Comm: syz.2.930 Not tainted syzkaller #0 PREEMPT(full) [ 456.807450][T11012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 456.807466][T11012] Call Trace: [ 456.807475][T11012] [ 456.807486][T11012] dump_stack_lvl+0x16c/0x1f0 [ 456.807525][T11012] sysfs_warn_dup+0x7f/0xa0 [ 456.807558][T11012] sysfs_do_create_link_sd+0x124/0x140 [ 456.807594][T11012] sysfs_create_link+0x61/0xc0 [ 456.807627][T11012] device_add+0x62c/0x1aa0 [ 456.807656][T11012] ? __pfx_device_add+0x10/0x10 [ 456.807677][T11012] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 456.807721][T11012] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 456.807760][T11012] wiphy_register+0x1eb0/0x2b20 [ 456.807795][T11012] ? netdev_run_todo+0x864/0x1320 [ 456.807835][T11012] ? __pfx_wiphy_register+0x10/0x10 [ 456.807891][T11012] ieee80211_register_hw+0x253d/0x4120 [ 456.807954][T11012] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 456.807992][T11012] ? __pfx___debug_object_init+0x10/0x10 [ 456.808034][T11012] ? find_held_lock+0x2b/0x80 [ 456.808061][T11012] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 456.808099][T11012] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 456.808129][T11012] ? __hrtimer_setup+0x176/0x280 [ 456.808168][T11012] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 456.808218][T11012] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 456.808251][T11012] ? __asan_memcpy+0x3c/0x60 [ 456.808283][T11012] hwsim_new_radio_nl+0xba2/0x1330 [ 456.808316][T11012] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 456.808357][T11012] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 456.808393][T11012] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 456.808435][T11012] genl_family_rcv_msg_doit+0x209/0x2f0 [ 456.808469][T11012] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 456.808508][T11012] ? bpf_lsm_capable+0x9/0x10 [ 456.808537][T11012] ? security_capable+0x7e/0x260 [ 456.808574][T11012] ? ns_capable+0xd7/0x110 [ 456.808605][T11012] genl_rcv_msg+0x55c/0x800 [ 456.808641][T11012] ? __pfx_genl_rcv_msg+0x10/0x10 [ 456.808674][T11012] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 456.808717][T11012] netlink_rcv_skb+0x158/0x420 [ 456.808745][T11012] ? __pfx_genl_rcv_msg+0x10/0x10 [ 456.808778][T11012] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 456.808823][T11012] ? netlink_deliver_tap+0x1ae/0xd30 [ 456.808856][T11012] genl_rcv+0x28/0x40 [ 456.808884][T11012] netlink_unicast+0x5aa/0x870 [ 456.808927][T11012] ? __pfx_netlink_unicast+0x10/0x10 [ 456.808956][T11012] ? __pfx___might_resched+0x10/0x10 [ 456.808998][T11012] netlink_sendmsg+0x8c8/0xdd0 [ 456.809034][T11012] ? __pfx_netlink_sendmsg+0x10/0x10 [ 456.809069][T11012] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 456.809113][T11012] ____sys_sendmsg+0xa98/0xc70 [ 456.809149][T11012] ? copy_msghdr_from_user+0x10a/0x160 [ 456.809175][T11012] ? __pfx_____sys_sendmsg+0x10/0x10 [ 456.809215][T11012] ? __pfx_futex_wake_mark+0x10/0x10 [ 456.809260][T11012] ___sys_sendmsg+0x134/0x1d0 [ 456.809283][T11012] ? find_held_lock+0x2b/0x80 [ 456.809312][T11012] ? __pfx____sys_sendmsg+0x10/0x10 [ 456.809335][T11012] ? __lock_acquire+0x622/0x1c90 [ 456.809416][T11012] __sys_sendmsg+0x16d/0x220 [ 456.809444][T11012] ? __pfx___sys_sendmsg+0x10/0x10 [ 456.809470][T11012] ? __x64_sys_futex+0x1e0/0x4c0 [ 456.809528][T11012] do_syscall_64+0xcd/0xfa0 [ 456.809563][T11012] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 456.809589][T11012] RIP: 0033:0x7f62bfd8f749 [ 456.809610][T11012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 456.809633][T11012] RSP: 002b:00007f62c0b65038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 456.809658][T11012] RAX: ffffffffffffffda RBX: 00007f62bffe5fa0 RCX: 00007f62bfd8f749 [ 456.809676][T11012] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 456.809692][T11012] RBP: 00007f62bfe13f91 R08: 0000000000000000 R09: 0000000000000000 [ 456.809708][T11012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 456.809724][T11012] R13: 00007f62bffe6038 R14: 00007f62bffe5fa0 R15: 00007ffedee782d8 [ 456.809763][T11012] [ 457.417014][T11026] netlink: 'syz.1.934': attribute type 11 has an invalid length. [ 457.477097][T11026] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 457.495860][T11026] CPU: 1 UID: 0 PID: 11026 Comm: syz.1.934 Not tainted syzkaller #0 PREEMPT(full) [ 457.495884][T11026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 457.495894][T11026] Call Trace: [ 457.495899][T11026] [ 457.495905][T11026] dump_stack_lvl+0x16c/0x1f0 [ 457.495928][T11026] sysfs_warn_dup+0x7f/0xa0 [ 457.495948][T11026] sysfs_do_create_link_sd+0x124/0x140 [ 457.495969][T11026] sysfs_create_link+0x61/0xc0 [ 457.495989][T11026] device_add+0x62c/0x1aa0 [ 457.496005][T11026] ? __pfx_device_add+0x10/0x10 [ 457.496016][T11026] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 457.496041][T11026] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 457.496063][T11026] wiphy_register+0x1eb0/0x2b20 [ 457.496082][T11026] ? netdev_run_todo+0x864/0x1320 [ 457.496104][T11026] ? __pfx_wiphy_register+0x10/0x10 [ 457.496134][T11026] ieee80211_register_hw+0x253d/0x4120 [ 457.496163][T11026] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 457.496183][T11026] ? __pfx___debug_object_init+0x10/0x10 [ 457.496205][T11026] ? find_held_lock+0x2b/0x80 [ 457.496227][T11026] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 457.496251][T11026] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 457.496272][T11026] ? __hrtimer_setup+0x176/0x280 [ 457.496296][T11026] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 457.496324][T11026] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 457.496341][T11026] ? __asan_memcpy+0x3c/0x60 [ 457.496360][T11026] hwsim_new_radio_nl+0xba2/0x1330 [ 457.496377][T11026] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 457.496399][T11026] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 457.496418][T11026] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 457.496441][T11026] genl_family_rcv_msg_doit+0x209/0x2f0 [ 457.496460][T11026] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 457.496485][T11026] ? bpf_lsm_capable+0x9/0x10 [ 457.496503][T11026] ? security_capable+0x7e/0x260 [ 457.496523][T11026] ? ns_capable+0xd7/0x110 [ 457.496540][T11026] genl_rcv_msg+0x55c/0x800 [ 457.496567][T11026] ? __pfx_genl_rcv_msg+0x10/0x10 [ 457.496586][T11026] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 457.496610][T11026] netlink_rcv_skb+0x158/0x420 [ 457.496626][T11026] ? __pfx_genl_rcv_msg+0x10/0x10 [ 457.496645][T11026] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 457.496669][T11026] ? netlink_deliver_tap+0x1ae/0xd30 [ 457.496688][T11026] genl_rcv+0x28/0x40 [ 457.496704][T11026] netlink_unicast+0x5aa/0x870 [ 457.496722][T11026] ? __pfx_netlink_unicast+0x10/0x10 [ 457.496737][T11026] ? __pfx___might_resched+0x10/0x10 [ 457.496759][T11026] netlink_sendmsg+0x8c8/0xdd0 [ 457.496777][T11026] ? __pfx_netlink_sendmsg+0x10/0x10 [ 457.496795][T11026] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 457.496819][T11026] ____sys_sendmsg+0xa98/0xc70 [ 457.496838][T11026] ? copy_msghdr_from_user+0x10a/0x160 [ 457.496852][T11026] ? __pfx_____sys_sendmsg+0x10/0x10 [ 457.496875][T11026] ? __pfx_futex_wake_mark+0x10/0x10 [ 457.496900][T11026] ___sys_sendmsg+0x134/0x1d0 [ 457.496916][T11026] ? __pfx____sys_sendmsg+0x10/0x10 [ 457.496928][T11026] ? __lock_acquire+0x622/0x1c90 [ 457.496974][T11026] __sys_sendmsg+0x16d/0x220 [ 457.496989][T11026] ? __pfx___sys_sendmsg+0x10/0x10 [ 457.497003][T11026] ? __x64_sys_futex+0x1e0/0x4c0 [ 457.497034][T11026] do_syscall_64+0xcd/0xfa0 [ 457.497054][T11026] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 457.497068][T11026] RIP: 0033:0x7fb06e18f749 [ 457.497081][T11026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 457.497095][T11026] RSP: 002b:00007fb06f045038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 457.497109][T11026] RAX: ffffffffffffffda RBX: 00007fb06e3e5fa0 RCX: 00007fb06e18f749 [ 457.497118][T11026] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 457.497127][T11026] RBP: 00007fb06e213f91 R08: 0000000000000000 R09: 0000000000000000 [ 457.497135][T11026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 457.497144][T11026] R13: 00007fb06e3e6038 R14: 00007fb06e3e5fa0 R15: 00007ffdce0c51f8 [ 457.497165][T11026] [ 459.580430][T11051] netlink: 'syz.3.935': attribute type 33 has an invalid length. [ 460.244723][T11066] netlink: 'syz.0.941': attribute type 11 has an invalid length. [ 460.257313][T11066] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 460.275351][T11066] CPU: 1 UID: 0 PID: 11066 Comm: syz.0.941 Not tainted syzkaller #0 PREEMPT(full) [ 460.275386][T11066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 460.275402][T11066] Call Trace: [ 460.275411][T11066] [ 460.275421][T11066] dump_stack_lvl+0x16c/0x1f0 [ 460.275460][T11066] sysfs_warn_dup+0x7f/0xa0 [ 460.275491][T11066] sysfs_do_create_link_sd+0x124/0x140 [ 460.275528][T11066] sysfs_create_link+0x61/0xc0 [ 460.275560][T11066] device_add+0x62c/0x1aa0 [ 460.275589][T11066] ? __pfx_device_add+0x10/0x10 [ 460.275611][T11066] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 460.275653][T11066] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 460.275693][T11066] wiphy_register+0x1eb0/0x2b20 [ 460.275727][T11066] ? netdev_run_todo+0x864/0x1320 [ 460.275766][T11066] ? __pfx_wiphy_register+0x10/0x10 [ 460.275821][T11066] ieee80211_register_hw+0x253d/0x4120 [ 460.275871][T11066] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 460.275906][T11066] ? __pfx___debug_object_init+0x10/0x10 [ 460.275944][T11066] ? find_held_lock+0x2b/0x80 [ 460.275972][T11066] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 460.276021][T11066] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 460.276057][T11066] ? __hrtimer_setup+0x176/0x280 [ 460.276100][T11066] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 460.276153][T11066] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 460.276184][T11066] ? __asan_memcpy+0x3c/0x60 [ 460.276217][T11066] hwsim_new_radio_nl+0xba2/0x1330 [ 460.276249][T11066] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 460.276289][T11066] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 460.276323][T11066] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 460.276365][T11066] genl_family_rcv_msg_doit+0x209/0x2f0 [ 460.276400][T11066] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 460.276445][T11066] ? bpf_lsm_capable+0x9/0x10 [ 460.276477][T11066] ? security_capable+0x7e/0x260 [ 460.276513][T11066] ? ns_capable+0xd7/0x110 [ 460.276544][T11066] genl_rcv_msg+0x55c/0x800 [ 460.276579][T11066] ? __pfx_genl_rcv_msg+0x10/0x10 [ 460.276612][T11066] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 460.276654][T11066] netlink_rcv_skb+0x158/0x420 [ 460.276682][T11066] ? __pfx_genl_rcv_msg+0x10/0x10 [ 460.276715][T11066] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 460.276759][T11066] ? netlink_deliver_tap+0x1ae/0xd30 [ 460.276792][T11066] genl_rcv+0x28/0x40 [ 460.276817][T11066] netlink_unicast+0x5aa/0x870 [ 460.276850][T11066] ? __pfx_netlink_unicast+0x10/0x10 [ 460.276877][T11066] ? __pfx___might_resched+0x10/0x10 [ 460.276917][T11066] netlink_sendmsg+0x8c8/0xdd0 [ 460.276953][T11066] ? __pfx_netlink_sendmsg+0x10/0x10 [ 460.276986][T11066] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 460.277036][T11066] ____sys_sendmsg+0xa98/0xc70 [ 460.277072][T11066] ? copy_msghdr_from_user+0x10a/0x160 [ 460.277099][T11066] ? __pfx_____sys_sendmsg+0x10/0x10 [ 460.277140][T11066] ? __pfx_futex_wake_mark+0x10/0x10 [ 460.277185][T11066] ___sys_sendmsg+0x134/0x1d0 [ 460.277213][T11066] ? __pfx____sys_sendmsg+0x10/0x10 [ 460.277236][T11066] ? __lock_acquire+0x622/0x1c90 [ 460.277319][T11066] __sys_sendmsg+0x16d/0x220 [ 460.277346][T11066] ? __pfx___sys_sendmsg+0x10/0x10 [ 460.277370][T11066] ? __x64_sys_futex+0x1e0/0x4c0 [ 460.277427][T11066] do_syscall_64+0xcd/0xfa0 [ 460.277461][T11066] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.277487][T11066] RIP: 0033:0x7f30ee18f749 [ 460.277508][T11066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 460.277532][T11066] RSP: 002b:00007f30ef017038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 460.277557][T11066] RAX: ffffffffffffffda RBX: 00007f30ee3e5fa0 RCX: 00007f30ee18f749 [ 460.277575][T11066] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 460.277590][T11066] RBP: 00007f30ee213f91 R08: 0000000000000000 R09: 0000000000000000 [ 460.277606][T11066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 460.277621][T11066] R13: 00007f30ee3e6038 R14: 00007f30ee3e5fa0 R15: 00007ffed6cfe378 [ 460.277661][T11066] [ 464.484570][T11104] netlink: 'syz.2.950': attribute type 11 has an invalid length. [ 464.524493][T11104] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 464.536776][T11104] CPU: 0 UID: 0 PID: 11104 Comm: syz.2.950 Not tainted syzkaller #0 PREEMPT(full) [ 464.536824][T11104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 464.536839][T11104] Call Trace: [ 464.536848][T11104] [ 464.536859][T11104] dump_stack_lvl+0x16c/0x1f0 [ 464.536895][T11104] sysfs_warn_dup+0x7f/0xa0 [ 464.536927][T11104] sysfs_do_create_link_sd+0x124/0x140 [ 464.536962][T11104] sysfs_create_link+0x61/0xc0 [ 464.536993][T11104] device_add+0x62c/0x1aa0 [ 464.537021][T11104] ? __pfx_device_add+0x10/0x10 [ 464.537043][T11104] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 464.537088][T11104] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 464.537128][T11104] wiphy_register+0x1eb0/0x2b20 [ 464.537162][T11104] ? netdev_run_todo+0x864/0x1320 [ 464.537211][T11104] ? __pfx_wiphy_register+0x10/0x10 [ 464.537276][T11104] ieee80211_register_hw+0x253d/0x4120 [ 464.537408][T11104] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 464.537446][T11104] ? __pfx___debug_object_init+0x10/0x10 [ 464.537486][T11104] ? find_held_lock+0x2b/0x80 [ 464.537516][T11104] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 464.537560][T11104] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 464.537592][T11104] ? __hrtimer_setup+0x176/0x280 [ 464.537633][T11104] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 464.537685][T11104] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 464.537717][T11104] ? __asan_memcpy+0x3c/0x60 [ 464.537750][T11104] hwsim_new_radio_nl+0xba2/0x1330 [ 464.537784][T11104] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 464.537825][T11104] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 464.537860][T11104] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 464.537903][T11104] genl_family_rcv_msg_doit+0x209/0x2f0 [ 464.537938][T11104] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 464.537985][T11104] ? bpf_lsm_capable+0x9/0x10 [ 464.538017][T11104] ? security_capable+0x7e/0x260 [ 464.538054][T11104] ? ns_capable+0xd7/0x110 [ 464.538085][T11104] genl_rcv_msg+0x55c/0x800 [ 464.538121][T11104] ? __pfx_genl_rcv_msg+0x10/0x10 [ 464.538162][T11104] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 464.538223][T11104] netlink_rcv_skb+0x158/0x420 [ 464.538253][T11104] ? __pfx_genl_rcv_msg+0x10/0x10 [ 464.538287][T11104] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 464.538340][T11104] ? netlink_deliver_tap+0x1ae/0xd30 [ 464.538375][T11104] genl_rcv+0x28/0x40 [ 464.538404][T11104] netlink_unicast+0x5aa/0x870 [ 464.538444][T11104] ? __pfx_netlink_unicast+0x10/0x10 [ 464.538468][T11104] ? __pfx___might_resched+0x10/0x10 [ 464.538501][T11104] netlink_sendmsg+0x8c8/0xdd0 [ 464.538531][T11104] ? __pfx_netlink_sendmsg+0x10/0x10 [ 464.538559][T11104] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 464.538597][T11104] ____sys_sendmsg+0xa98/0xc70 [ 464.538628][T11104] ? copy_msghdr_from_user+0x10a/0x160 [ 464.538649][T11104] ? __pfx_____sys_sendmsg+0x10/0x10 [ 464.538673][T11104] ? __pfx_futex_wake_mark+0x10/0x10 [ 464.538700][T11104] ___sys_sendmsg+0x134/0x1d0 [ 464.538717][T11104] ? __pfx____sys_sendmsg+0x10/0x10 [ 464.538730][T11104] ? __lock_acquire+0x622/0x1c90 [ 464.538775][T11104] __sys_sendmsg+0x16d/0x220 [ 464.538789][T11104] ? __pfx___sys_sendmsg+0x10/0x10 [ 464.538803][T11104] ? __x64_sys_futex+0x1e0/0x4c0 [ 464.538835][T11104] do_syscall_64+0xcd/0xfa0 [ 464.538854][T11104] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 464.538869][T11104] RIP: 0033:0x7f62bfd8f749 [ 464.538882][T11104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 464.538896][T11104] RSP: 002b:00007f62c0b65038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 464.538910][T11104] RAX: ffffffffffffffda RBX: 00007f62bffe5fa0 RCX: 00007f62bfd8f749 [ 464.538919][T11104] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 464.538928][T11104] RBP: 00007f62bfe13f91 R08: 0000000000000000 R09: 0000000000000000 [ 464.538936][T11104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 464.538945][T11104] R13: 00007f62bffe6038 R14: 00007f62bffe5fa0 R15: 00007ffedee782d8 [ 464.538967][T11104] [ 466.094596][T11126] netlink: 'syz.3.956': attribute type 11 has an invalid length. [ 466.230873][T11126] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 466.458852][T11126] CPU: 0 UID: 0 PID: 11126 Comm: syz.3.956 Not tainted syzkaller #0 PREEMPT(full) [ 466.458889][T11126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 466.458905][T11126] Call Trace: [ 466.458914][T11126] [ 466.458925][T11126] dump_stack_lvl+0x16c/0x1f0 [ 466.458962][T11126] sysfs_warn_dup+0x7f/0xa0 [ 466.458995][T11126] sysfs_do_create_link_sd+0x124/0x140 [ 466.459030][T11126] sysfs_create_link+0x61/0xc0 [ 466.459062][T11126] device_add+0x62c/0x1aa0 [ 466.459089][T11126] ? __pfx_device_add+0x10/0x10 [ 466.459110][T11126] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 466.459154][T11126] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 466.459191][T11126] wiphy_register+0x1eb0/0x2b20 [ 466.459225][T11126] ? netdev_run_todo+0x864/0x1320 [ 466.459265][T11126] ? __pfx_wiphy_register+0x10/0x10 [ 466.459320][T11126] ieee80211_register_hw+0x253d/0x4120 [ 466.459370][T11126] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 466.459407][T11126] ? __pfx___debug_object_init+0x10/0x10 [ 466.459456][T11126] ? find_held_lock+0x2b/0x80 [ 466.459485][T11126] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 466.459528][T11126] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 466.459563][T11126] ? __hrtimer_setup+0x176/0x280 [ 466.459604][T11126] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 466.459656][T11126] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 466.459688][T11126] ? __asan_memcpy+0x3c/0x60 [ 466.459721][T11126] hwsim_new_radio_nl+0xba2/0x1330 [ 466.459753][T11126] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 466.459794][T11126] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 466.459828][T11126] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 466.459870][T11126] genl_family_rcv_msg_doit+0x209/0x2f0 [ 466.459904][T11126] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 466.459950][T11126] ? bpf_lsm_capable+0x9/0x10 [ 466.459981][T11126] ? security_capable+0x7e/0x260 [ 466.460017][T11126] ? ns_capable+0xd7/0x110 [ 466.460049][T11126] genl_rcv_msg+0x55c/0x800 [ 466.460085][T11126] ? __pfx_genl_rcv_msg+0x10/0x10 [ 466.460118][T11126] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 466.460160][T11126] netlink_rcv_skb+0x158/0x420 [ 466.460187][T11126] ? __pfx_genl_rcv_msg+0x10/0x10 [ 466.460221][T11126] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 466.460271][T11126] ? netlink_deliver_tap+0x1ae/0xd30 [ 466.460303][T11126] genl_rcv+0x28/0x40 [ 466.460330][T11126] netlink_unicast+0x5aa/0x870 [ 466.460364][T11126] ? __pfx_netlink_unicast+0x10/0x10 [ 466.460408][T11126] netlink_sendmsg+0x8c8/0xdd0 [ 466.460451][T11126] ? __pfx_netlink_sendmsg+0x10/0x10 [ 466.460485][T11126] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 466.460531][T11126] ____sys_sendmsg+0xa98/0xc70 [ 466.460566][T11126] ? copy_msghdr_from_user+0x10a/0x160 [ 466.460593][T11126] ? __pfx_____sys_sendmsg+0x10/0x10 [ 466.460635][T11126] ? __pfx_futex_wake_mark+0x10/0x10 [ 466.460680][T11126] ___sys_sendmsg+0x134/0x1d0 [ 466.460709][T11126] ? __pfx____sys_sendmsg+0x10/0x10 [ 466.460731][T11126] ? __lock_acquire+0x622/0x1c90 [ 466.460814][T11126] __sys_sendmsg+0x16d/0x220 [ 466.460841][T11126] ? __pfx___sys_sendmsg+0x10/0x10 [ 466.460866][T11126] ? __x64_sys_futex+0x1e0/0x4c0 [ 466.460923][T11126] do_syscall_64+0xcd/0xfa0 [ 466.460957][T11126] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 466.460984][T11126] RIP: 0033:0x7f292b38f749 [ 466.461005][T11126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 466.461030][T11126] RSP: 002b:00007f292c15d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 466.461055][T11126] RAX: ffffffffffffffda RBX: 00007f292b5e5fa0 RCX: 00007f292b38f749 [ 466.461072][T11126] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 466.461089][T11126] RBP: 00007f292b413f91 R08: 0000000000000000 R09: 0000000000000000 [ 466.461105][T11126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 466.461121][T11126] R13: 00007f292b5e6038 R14: 00007f292b5e5fa0 R15: 00007ffce50f7cb8 [ 466.461161][T11126] [ 470.966718][T11194] netlink: 'syz.2.972': attribute type 11 has an invalid length. [ 470.977651][T11194] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 470.991907][T11194] CPU: 0 UID: 0 PID: 11194 Comm: syz.2.972 Not tainted syzkaller #0 PREEMPT(full) [ 470.991943][T11194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 470.991959][T11194] Call Trace: [ 470.991967][T11194] [ 470.991976][T11194] dump_stack_lvl+0x16c/0x1f0 [ 470.992014][T11194] sysfs_warn_dup+0x7f/0xa0 [ 470.992047][T11194] sysfs_do_create_link_sd+0x124/0x140 [ 470.992093][T11194] sysfs_create_link+0x61/0xc0 [ 470.992126][T11194] device_add+0x62c/0x1aa0 [ 470.992152][T11194] ? __pfx_device_add+0x10/0x10 [ 470.992173][T11194] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 470.992217][T11194] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 470.992255][T11194] wiphy_register+0x1eb0/0x2b20 [ 470.992292][T11194] ? netdev_run_todo+0x864/0x1320 [ 470.992329][T11194] ? __pfx_wiphy_register+0x10/0x10 [ 470.992384][T11194] ieee80211_register_hw+0x253d/0x4120 [ 470.992434][T11194] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 470.992471][T11194] ? __pfx___debug_object_init+0x10/0x10 [ 470.992510][T11194] ? find_held_lock+0x2b/0x80 [ 470.992537][T11194] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 470.992578][T11194] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 470.992613][T11194] ? __hrtimer_setup+0x176/0x280 [ 470.992652][T11194] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 470.992703][T11194] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 470.992734][T11194] ? __asan_memcpy+0x3c/0x60 [ 470.992765][T11194] hwsim_new_radio_nl+0xba2/0x1330 [ 470.992796][T11194] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 470.992836][T11194] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 470.992870][T11194] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 470.992911][T11194] genl_family_rcv_msg_doit+0x209/0x2f0 [ 470.992946][T11194] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 470.992991][T11194] ? bpf_lsm_capable+0x9/0x10 [ 470.993021][T11194] ? security_capable+0x7e/0x260 [ 470.993057][T11194] ? ns_capable+0xd7/0x110 [ 470.993096][T11194] genl_rcv_msg+0x55c/0x800 [ 470.993133][T11194] ? __pfx_genl_rcv_msg+0x10/0x10 [ 470.993168][T11194] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 470.993216][T11194] netlink_rcv_skb+0x158/0x420 [ 470.993246][T11194] ? __pfx_genl_rcv_msg+0x10/0x10 [ 470.993282][T11194] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 470.993325][T11194] ? netlink_deliver_tap+0x1ae/0xd30 [ 470.993357][T11194] genl_rcv+0x28/0x40 [ 470.993384][T11194] netlink_unicast+0x5aa/0x870 [ 470.993417][T11194] ? __pfx_netlink_unicast+0x10/0x10 [ 470.993444][T11194] ? __pfx___might_resched+0x10/0x10 [ 470.993483][T11194] netlink_sendmsg+0x8c8/0xdd0 [ 470.993518][T11194] ? __pfx_netlink_sendmsg+0x10/0x10 [ 470.993551][T11194] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 470.993596][T11194] ____sys_sendmsg+0xa98/0xc70 [ 470.993625][T11194] ? copy_msghdr_from_user+0x10a/0x160 [ 470.993650][T11194] ? __pfx_____sys_sendmsg+0x10/0x10 [ 470.993692][T11194] ? __pfx_futex_wake_mark+0x10/0x10 [ 470.993737][T11194] ___sys_sendmsg+0x134/0x1d0 [ 470.993766][T11194] ? __pfx____sys_sendmsg+0x10/0x10 [ 470.993790][T11194] ? __lock_acquire+0x622/0x1c90 [ 470.993864][T11194] __sys_sendmsg+0x16d/0x220 [ 470.993888][T11194] ? __pfx___sys_sendmsg+0x10/0x10 [ 470.993914][T11194] ? __x64_sys_futex+0x1e0/0x4c0 [ 470.993973][T11194] do_syscall_64+0xcd/0xfa0 [ 470.994007][T11194] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 470.994031][T11194] RIP: 0033:0x7f62bfd8f749 [ 470.994053][T11194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 470.994116][T11194] RSP: 002b:00007f62c0b65038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 470.994141][T11194] RAX: ffffffffffffffda RBX: 00007f62bffe5fa0 RCX: 00007f62bfd8f749 [ 470.994158][T11194] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 470.994173][T11194] RBP: 00007f62bfe13f91 R08: 0000000000000000 R09: 0000000000000000 [ 470.994188][T11194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 470.994203][T11194] R13: 00007f62bffe6038 R14: 00007f62bffe5fa0 R15: 00007ffedee782d8 [ 470.994237][T11194] [ 473.925578][T11246] netlink: 'syz.3.983': attribute type 11 has an invalid length. [ 473.950927][T11246] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 473.978640][T11246] CPU: 1 UID: 0 PID: 11246 Comm: syz.3.983 Not tainted syzkaller #0 PREEMPT(full) [ 473.978678][T11246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 473.978693][T11246] Call Trace: [ 473.978701][T11246] [ 473.978712][T11246] dump_stack_lvl+0x16c/0x1f0 [ 473.978750][T11246] sysfs_warn_dup+0x7f/0xa0 [ 473.978782][T11246] sysfs_do_create_link_sd+0x124/0x140 [ 473.978817][T11246] sysfs_create_link+0x61/0xc0 [ 473.978849][T11246] device_add+0x62c/0x1aa0 [ 473.978887][T11246] ? __pfx_device_add+0x10/0x10 [ 473.978909][T11246] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 473.978952][T11246] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 473.978989][T11246] wiphy_register+0x1eb0/0x2b20 [ 473.979021][T11246] ? netdev_run_todo+0x864/0x1320 [ 473.979058][T11246] ? __pfx_wiphy_register+0x10/0x10 [ 473.979109][T11246] ieee80211_register_hw+0x253d/0x4120 [ 473.979157][T11246] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 473.979189][T11246] ? __pfx___debug_object_init+0x10/0x10 [ 473.979225][T11246] ? find_held_lock+0x2b/0x80 [ 473.979251][T11246] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 473.979289][T11246] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 473.979321][T11246] ? __hrtimer_setup+0x176/0x280 [ 473.979359][T11246] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 473.979408][T11246] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 473.979437][T11246] ? __asan_memcpy+0x3c/0x60 [ 473.979468][T11246] hwsim_new_radio_nl+0xba2/0x1330 [ 473.979498][T11246] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 473.979535][T11246] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 473.979566][T11246] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 473.979605][T11246] genl_family_rcv_msg_doit+0x209/0x2f0 [ 473.979638][T11246] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 473.979682][T11246] ? bpf_lsm_capable+0x9/0x10 [ 473.979712][T11246] ? security_capable+0x7e/0x260 [ 473.979746][T11246] ? ns_capable+0xd7/0x110 [ 473.979775][T11246] genl_rcv_msg+0x55c/0x800 [ 473.979808][T11246] ? __pfx_genl_rcv_msg+0x10/0x10 [ 473.979840][T11246] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 473.979888][T11246] netlink_rcv_skb+0x158/0x420 [ 473.979916][T11246] ? __pfx_genl_rcv_msg+0x10/0x10 [ 473.979949][T11246] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 473.979994][T11246] ? netlink_deliver_tap+0x1ae/0xd30 [ 473.980026][T11246] genl_rcv+0x28/0x40 [ 473.980053][T11246] netlink_unicast+0x5aa/0x870 [ 473.980084][T11246] ? __pfx_netlink_unicast+0x10/0x10 [ 473.980110][T11246] ? __pfx___might_resched+0x10/0x10 [ 473.980147][T11246] netlink_sendmsg+0x8c8/0xdd0 [ 473.980180][T11246] ? __pfx_netlink_sendmsg+0x10/0x10 [ 473.980212][T11246] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 473.980253][T11246] ____sys_sendmsg+0xa98/0xc70 [ 473.980285][T11246] ? copy_msghdr_from_user+0x10a/0x160 [ 473.980310][T11246] ? __pfx_____sys_sendmsg+0x10/0x10 [ 473.980351][T11246] ? __pfx_futex_wake_mark+0x10/0x10 [ 473.980392][T11246] ___sys_sendmsg+0x134/0x1d0 [ 473.980421][T11246] ? __pfx____sys_sendmsg+0x10/0x10 [ 473.980442][T11246] ? __lock_acquire+0x622/0x1c90 [ 473.980522][T11246] __sys_sendmsg+0x16d/0x220 [ 473.980547][T11246] ? __pfx___sys_sendmsg+0x10/0x10 [ 473.980572][T11246] ? __x64_sys_futex+0x1e0/0x4c0 [ 473.980626][T11246] do_syscall_64+0xcd/0xfa0 [ 473.980659][T11246] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 473.980684][T11246] RIP: 0033:0x7f292b38f749 [ 473.980706][T11246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 473.980729][T11246] RSP: 002b:00007f292c15d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 473.980754][T11246] RAX: ffffffffffffffda RBX: 00007f292b5e5fa0 RCX: 00007f292b38f749 [ 473.980770][T11246] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 473.980786][T11246] RBP: 00007f292b413f91 R08: 0000000000000000 R09: 0000000000000000 [ 473.980800][T11246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 473.980814][T11246] R13: 00007f292b5e6038 R14: 00007f292b5e5fa0 R15: 00007ffce50f7cb8 [ 473.980850][T11246] [ 476.430969][T11278] netlink: 'syz.0.989': attribute type 11 has an invalid length. [ 476.525534][T11278] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 476.538327][T11278] CPU: 0 UID: 0 PID: 11278 Comm: syz.0.989 Not tainted syzkaller #0 PREEMPT(full) [ 476.538362][T11278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 476.538378][T11278] Call Trace: [ 476.538387][T11278] [ 476.538397][T11278] dump_stack_lvl+0x16c/0x1f0 [ 476.538446][T11278] sysfs_warn_dup+0x7f/0xa0 [ 476.538476][T11278] sysfs_do_create_link_sd+0x124/0x140 [ 476.538507][T11278] sysfs_create_link+0x61/0xc0 [ 476.538536][T11278] device_add+0x62c/0x1aa0 [ 476.538562][T11278] ? __pfx_device_add+0x10/0x10 [ 476.538582][T11278] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 476.538621][T11278] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 476.538659][T11278] wiphy_register+0x1eb0/0x2b20 [ 476.538692][T11278] ? netdev_run_todo+0x864/0x1320 [ 476.538732][T11278] ? __pfx_wiphy_register+0x10/0x10 [ 476.538788][T11278] ieee80211_register_hw+0x253d/0x4120 [ 476.538846][T11278] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 476.538882][T11278] ? __pfx___debug_object_init+0x10/0x10 [ 476.538923][T11278] ? find_held_lock+0x2b/0x80 [ 476.538950][T11278] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 476.538991][T11278] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 476.539026][T11278] ? __hrtimer_setup+0x176/0x280 [ 476.539067][T11278] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 476.539118][T11278] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 476.539149][T11278] ? __asan_memcpy+0x3c/0x60 [ 476.539182][T11278] hwsim_new_radio_nl+0xba2/0x1330 [ 476.539214][T11278] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 476.539254][T11278] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 476.539288][T11278] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 476.539329][T11278] genl_family_rcv_msg_doit+0x209/0x2f0 [ 476.539364][T11278] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 476.539410][T11278] ? bpf_lsm_capable+0x9/0x10 [ 476.539506][T11278] ? security_capable+0x7e/0x260 [ 476.539547][T11278] ? ns_capable+0xd7/0x110 [ 476.539580][T11278] genl_rcv_msg+0x55c/0x800 [ 476.539618][T11278] ? __pfx_genl_rcv_msg+0x10/0x10 [ 476.539661][T11278] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 476.539703][T11278] netlink_rcv_skb+0x158/0x420 [ 476.539731][T11278] ? __pfx_genl_rcv_msg+0x10/0x10 [ 476.539765][T11278] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 476.539810][T11278] ? netlink_deliver_tap+0x1ae/0xd30 [ 476.539843][T11278] genl_rcv+0x28/0x40 [ 476.539869][T11278] netlink_unicast+0x5aa/0x870 [ 476.539903][T11278] ? __pfx_netlink_unicast+0x10/0x10 [ 476.539928][T11278] ? __pfx___might_resched+0x10/0x10 [ 476.539968][T11278] netlink_sendmsg+0x8c8/0xdd0 [ 476.540003][T11278] ? __pfx_netlink_sendmsg+0x10/0x10 [ 476.540036][T11278] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 476.540078][T11278] ____sys_sendmsg+0xa98/0xc70 [ 476.540112][T11278] ? copy_msghdr_from_user+0x10a/0x160 [ 476.540138][T11278] ? __pfx_____sys_sendmsg+0x10/0x10 [ 476.540179][T11278] ? __pfx_futex_wake_mark+0x10/0x10 [ 476.540223][T11278] ___sys_sendmsg+0x134/0x1d0 [ 476.540252][T11278] ? __pfx____sys_sendmsg+0x10/0x10 [ 476.540274][T11278] ? __lock_acquire+0x622/0x1c90 [ 476.540357][T11278] __sys_sendmsg+0x16d/0x220 [ 476.540384][T11278] ? __pfx___sys_sendmsg+0x10/0x10 [ 476.540410][T11278] ? __x64_sys_futex+0x1e0/0x4c0 [ 476.540473][T11278] do_syscall_64+0xcd/0xfa0 [ 476.540508][T11278] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 476.540535][T11278] RIP: 0033:0x7f30ee18f749 [ 476.540556][T11278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 476.540579][T11278] RSP: 002b:00007f30ef017038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 476.540604][T11278] RAX: ffffffffffffffda RBX: 00007f30ee3e5fa0 RCX: 00007f30ee18f749 [ 476.540621][T11278] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 476.540637][T11278] RBP: 00007f30ee213f91 R08: 0000000000000000 R09: 0000000000000000 [ 476.540653][T11278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 476.540668][T11278] R13: 00007f30ee3e6038 R14: 00007f30ee3e5fa0 R15: 00007ffed6cfe378 [ 476.540713][T11278] [ 479.718007][T11331] netlink: 'syz.0.1000': attribute type 11 has an invalid length. [ 479.743032][T11331] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 479.764323][T11331] CPU: 1 UID: 0 PID: 11331 Comm: syz.0.1000 Not tainted syzkaller #0 PREEMPT(full) [ 479.764360][T11331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 479.764375][T11331] Call Trace: [ 479.764384][T11331] [ 479.764405][T11331] dump_stack_lvl+0x16c/0x1f0 [ 479.764443][T11331] sysfs_warn_dup+0x7f/0xa0 [ 479.764475][T11331] sysfs_do_create_link_sd+0x124/0x140 [ 479.764511][T11331] sysfs_create_link+0x61/0xc0 [ 479.764540][T11331] device_add+0x62c/0x1aa0 [ 479.764568][T11331] ? __pfx_device_add+0x10/0x10 [ 479.764589][T11331] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 479.764633][T11331] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 479.764671][T11331] wiphy_register+0x1eb0/0x2b20 [ 479.764703][T11331] ? netdev_run_todo+0x864/0x1320 [ 479.764741][T11331] ? __pfx_wiphy_register+0x10/0x10 [ 479.764792][T11331] ieee80211_register_hw+0x253d/0x4120 [ 479.764840][T11331] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 479.764874][T11331] ? __pfx___debug_object_init+0x10/0x10 [ 479.764911][T11331] ? find_held_lock+0x2b/0x80 [ 479.764938][T11331] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 479.764978][T11331] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 479.765010][T11331] ? __hrtimer_setup+0x176/0x280 [ 479.765047][T11331] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 479.765098][T11331] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 479.765128][T11331] ? __asan_memcpy+0x3c/0x60 [ 479.765160][T11331] hwsim_new_radio_nl+0xba2/0x1330 [ 479.765189][T11331] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 479.765229][T11331] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 479.765262][T11331] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 479.765308][T11331] genl_family_rcv_msg_doit+0x209/0x2f0 [ 479.765342][T11331] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 479.765394][T11331] ? bpf_lsm_capable+0x9/0x10 [ 479.765428][T11331] ? security_capable+0x7e/0x260 [ 479.765464][T11331] ? ns_capable+0xd7/0x110 [ 479.765493][T11331] genl_rcv_msg+0x55c/0x800 [ 479.765527][T11331] ? __pfx_genl_rcv_msg+0x10/0x10 [ 479.765559][T11331] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 479.765598][T11331] netlink_rcv_skb+0x158/0x420 [ 479.765625][T11331] ? __pfx_genl_rcv_msg+0x10/0x10 [ 479.765659][T11331] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 479.765701][T11331] ? netlink_deliver_tap+0x1ae/0xd30 [ 479.765732][T11331] genl_rcv+0x28/0x40 [ 479.765756][T11331] netlink_unicast+0x5aa/0x870 [ 479.765788][T11331] ? __pfx_netlink_unicast+0x10/0x10 [ 479.765813][T11331] ? __pfx___might_resched+0x10/0x10 [ 479.765851][T11331] netlink_sendmsg+0x8c8/0xdd0 [ 479.765883][T11331] ? __pfx_netlink_sendmsg+0x10/0x10 [ 479.765915][T11331] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 479.765960][T11331] ____sys_sendmsg+0xa98/0xc70 [ 479.765992][T11331] ? copy_msghdr_from_user+0x10a/0x160 [ 479.766016][T11331] ? __pfx_____sys_sendmsg+0x10/0x10 [ 479.766055][T11331] ? __pfx_futex_wake_mark+0x10/0x10 [ 479.766099][T11331] ___sys_sendmsg+0x134/0x1d0 [ 479.766122][T11331] ? find_held_lock+0x2b/0x80 [ 479.766148][T11331] ? __pfx____sys_sendmsg+0x10/0x10 [ 479.766169][T11331] ? __lock_acquire+0x622/0x1c90 [ 479.766250][T11331] __sys_sendmsg+0x16d/0x220 [ 479.766277][T11331] ? __pfx___sys_sendmsg+0x10/0x10 [ 479.766300][T11331] ? __x64_sys_futex+0x1e0/0x4c0 [ 479.766355][T11331] do_syscall_64+0xcd/0xfa0 [ 479.766396][T11331] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 479.766423][T11331] RIP: 0033:0x7f30ee18f749 [ 479.766443][T11331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 479.766469][T11331] RSP: 002b:00007f30ef017038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 479.766493][T11331] RAX: ffffffffffffffda RBX: 00007f30ee3e5fa0 RCX: 00007f30ee18f749 [ 479.766510][T11331] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 479.766526][T11331] RBP: 00007f30ee213f91 R08: 0000000000000000 R09: 0000000000000000 [ 479.766541][T11331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 479.766555][T11331] R13: 00007f30ee3e6038 R14: 00007f30ee3e5fa0 R15: 00007ffed6cfe378 [ 479.766591][T11331] [ 482.504684][T11359] netlink: 318 bytes leftover after parsing attributes in process `syz.3.1007'. [ 488.492626][T11470] netlink: 'syz.3.1032': attribute type 33 has an invalid length. [ 488.560849][T11480] FAULT_INJECTION: forcing a failure. [ 488.560849][T11480] name failslab, interval 1, probability 0, space 0, times 0 [ 488.598627][T11480] CPU: 1 UID: 0 PID: 11480 Comm: syz.0.1035 Not tainted syzkaller #0 PREEMPT(full) [ 488.598665][T11480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 488.598681][T11480] Call Trace: [ 488.598690][T11480] [ 488.598701][T11480] dump_stack_lvl+0x16c/0x1f0 [ 488.598739][T11480] should_fail_ex+0x512/0x640 [ 488.598786][T11480] ? __kmalloc_cache_noprof+0x5f/0x780 [ 488.598816][T11480] should_failslab+0xc2/0x120 [ 488.598854][T11480] __kmalloc_cache_noprof+0x72/0x780 [ 488.598880][T11480] ? __lock_acquire+0xb8a/0x1c90 [ 488.598912][T11480] ? tty_open+0x13e/0xf90 [ 488.598948][T11480] ? tty_open+0x13e/0xf90 [ 488.598975][T11480] ? nonseekable_open+0xd/0x50 [ 488.598999][T11480] ? __pfx_tty_open+0x10/0x10 [ 488.599026][T11480] tty_open+0x13e/0xf90 [ 488.599063][T11480] ? __pfx_tty_open+0x10/0x10 [ 488.599093][T11480] ? chrdev_open+0x10b/0x6a0 [ 488.599128][T11480] ? __pfx_tty_open+0x10/0x10 [ 488.599158][T11480] chrdev_open+0x234/0x6a0 [ 488.599187][T11480] ? __pfx_apparmor_file_open+0x10/0x10 [ 488.599225][T11480] ? __pfx_chrdev_open+0x10/0x10 [ 488.599257][T11480] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 488.599293][T11480] do_dentry_open+0x982/0x1530 [ 488.599323][T11480] ? __pfx_chrdev_open+0x10/0x10 [ 488.599361][T11480] vfs_open+0x82/0x3f0 [ 488.599401][T11480] path_openat+0x1de4/0x2cb0 [ 488.599442][T11480] ? __pfx_path_openat+0x10/0x10 [ 488.599473][T11480] ? __lock_acquire+0xb8a/0x1c90 [ 488.599510][T11480] do_filp_open+0x20b/0x470 [ 488.599538][T11480] ? __pfx_do_filp_open+0x10/0x10 [ 488.599607][T11480] ? alloc_fd+0x471/0x7d0 [ 488.599646][T11480] do_sys_openat2+0x11b/0x1d0 [ 488.599684][T11480] ? __pfx_do_sys_openat2+0x10/0x10 [ 488.599744][T11480] __x64_sys_openat+0x174/0x210 [ 488.599788][T11480] ? __pfx___x64_sys_openat+0x10/0x10 [ 488.599842][T11480] do_syscall_64+0xcd/0xfa0 [ 488.599877][T11480] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 488.599902][T11480] RIP: 0033:0x7f30ee18f749 [ 488.599924][T11480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 488.599948][T11480] RSP: 002b:00007f30ef017038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 488.599974][T11480] RAX: ffffffffffffffda RBX: 00007f30ee3e5fa0 RCX: 00007f30ee18f749 [ 488.599992][T11480] RDX: 0000000000004000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 488.600009][T11480] RBP: 00007f30ee213f91 R08: 0000000000000000 R09: 0000000000000000 [ 488.600033][T11480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 488.600054][T11480] R13: 00007f30ee3e6038 R14: 00007f30ee3e5fa0 R15: 00007ffed6cfe378 [ 488.600092][T11480] [ 491.014935][T11510] FAULT_INJECTION: forcing a failure. [ 491.014935][T11510] name failslab, interval 1, probability 0, space 0, times 0 [ 491.038680][T11510] CPU: 1 UID: 0 PID: 11510 Comm: syz.1.1044 Not tainted syzkaller #0 PREEMPT(full) [ 491.038719][T11510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 491.038735][T11510] Call Trace: [ 491.038744][T11510] [ 491.038754][T11510] dump_stack_lvl+0x16c/0x1f0 [ 491.038792][T11510] should_fail_ex+0x512/0x640 [ 491.038829][T11510] ? __kmalloc_cache_noprof+0x5f/0x780 [ 491.038859][T11510] should_failslab+0xc2/0x120 [ 491.038892][T11510] __kmalloc_cache_noprof+0x72/0x780 [ 491.038916][T11510] ? __lock_acquire+0xb8a/0x1c90 [ 491.038947][T11510] ? tty_open+0x13e/0xf90 [ 491.038981][T11510] ? tty_open+0x13e/0xf90 [ 491.039008][T11510] ? nonseekable_open+0xd/0x50 [ 491.039033][T11510] ? __pfx_tty_open+0x10/0x10 [ 491.039060][T11510] tty_open+0x13e/0xf90 [ 491.039097][T11510] ? __pfx_tty_open+0x10/0x10 [ 491.039126][T11510] ? chrdev_open+0x10b/0x6a0 [ 491.039161][T11510] ? __pfx_tty_open+0x10/0x10 [ 491.039190][T11510] chrdev_open+0x234/0x6a0 [ 491.039218][T11510] ? __pfx_apparmor_file_open+0x10/0x10 [ 491.039255][T11510] ? __pfx_chrdev_open+0x10/0x10 [ 491.039286][T11510] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 491.039339][T11510] do_dentry_open+0x982/0x1530 [ 491.039369][T11510] ? __pfx_chrdev_open+0x10/0x10 [ 491.039408][T11510] vfs_open+0x82/0x3f0 [ 491.039449][T11510] path_openat+0x1de4/0x2cb0 [ 491.039489][T11510] ? __pfx_path_openat+0x10/0x10 [ 491.039519][T11510] ? __lock_acquire+0xb8a/0x1c90 [ 491.039555][T11510] do_filp_open+0x20b/0x470 [ 491.039583][T11510] ? __pfx_do_filp_open+0x10/0x10 [ 491.039638][T11510] ? alloc_fd+0x471/0x7d0 [ 491.039673][T11510] do_sys_openat2+0x11b/0x1d0 [ 491.039709][T11510] ? __pfx_do_sys_openat2+0x10/0x10 [ 491.039759][T11510] __x64_sys_openat+0x174/0x210 [ 491.039796][T11510] ? __pfx___x64_sys_openat+0x10/0x10 [ 491.039847][T11510] do_syscall_64+0xcd/0xfa0 [ 491.039880][T11510] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 491.039905][T11510] RIP: 0033:0x7fb06e18f749 [ 491.039926][T11510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 491.039950][T11510] RSP: 002b:00007fb06f045038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 491.039975][T11510] RAX: ffffffffffffffda RBX: 00007fb06e3e5fa0 RCX: 00007fb06e18f749 [ 491.039993][T11510] RDX: 0000000000004000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 491.040011][T11510] RBP: 00007fb06e213f91 R08: 0000000000000000 R09: 0000000000000000 [ 491.040027][T11510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 491.040042][T11510] R13: 00007fb06e3e6038 R14: 00007fb06e3e5fa0 R15: 00007ffdce0c51f8 [ 491.040080][T11510] [ 502.170296][T11689] FAULT_INJECTION: forcing a failure. [ 502.170296][T11689] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 502.196426][T11689] CPU: 1 UID: 0 PID: 11689 Comm: syz.0.1104 Not tainted syzkaller #0 PREEMPT(full) [ 502.196459][T11689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 502.196473][T11689] Call Trace: [ 502.196481][T11689] [ 502.196491][T11689] dump_stack_lvl+0x16c/0x1f0 [ 502.196523][T11689] should_fail_ex+0x512/0x640 [ 502.196563][T11689] _copy_from_user+0x2e/0xd0 [ 502.196596][T11689] copy_msghdr_from_user+0x98/0x160 [ 502.196620][T11689] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 502.196649][T11689] ? __pfx__kstrtoull+0x10/0x10 [ 502.196681][T11689] ___sys_sendmsg+0xfe/0x1d0 [ 502.196707][T11689] ? __pfx____sys_sendmsg+0x10/0x10 [ 502.196747][T11689] ? find_held_lock+0x2b/0x80 [ 502.196794][T11689] __sys_sendmmsg+0x200/0x420 [ 502.196823][T11689] ? __pfx___sys_sendmmsg+0x10/0x10 [ 502.196859][T11689] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 502.196903][T11689] ? fput+0x9b/0xd0 [ 502.196932][T11689] ? ksys_write+0x1ac/0x250 [ 502.196956][T11689] ? __pfx_ksys_write+0x10/0x10 [ 502.196988][T11689] __x64_sys_sendmmsg+0x9c/0x100 [ 502.197011][T11689] ? lockdep_hardirqs_on+0x7c/0x110 [ 502.197040][T11689] do_syscall_64+0xcd/0xfa0 [ 502.197071][T11689] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 502.197095][T11689] RIP: 0033:0x7f30ee18f749 [ 502.197114][T11689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 502.197135][T11689] RSP: 002b:00007f30ef017038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 502.197159][T11689] RAX: ffffffffffffffda RBX: 00007f30ee3e5fa0 RCX: 00007f30ee18f749 [ 502.197175][T11689] RDX: 0000000000000002 RSI: 00002000000001c0 RDI: 0000000000000003 [ 502.197190][T11689] RBP: 00007f30ef017090 R08: 0000000000000000 R09: 0000000000000000 [ 502.197205][T11689] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001 [ 502.197220][T11689] R13: 00007f30ee3e6038 R14: 00007f30ee3e5fa0 R15: 00007ffed6cfe378 [ 502.197254][T11689] [ 502.393086][ C1] vkms_vblank_simulate: vblank timer overrun [ 502.483111][T11687] : entered promiscuous mode [ 502.581716][T11701] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1103'. [ 502.906619][T11710] syz.1.1108 (11710): /proc/11709/oom_adj is deprecated, please use /proc/11709/oom_score_adj instead. [ 502.977320][T11712] FAULT_INJECTION: forcing a failure. [ 502.977320][T11712] name failslab, interval 1, probability 0, space 0, times 0 [ 503.016634][T11712] CPU: 1 UID: 0 PID: 11712 Comm: syz.0.1109 Not tainted syzkaller #0 PREEMPT(full) [ 503.016668][T11712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 503.016682][T11712] Call Trace: [ 503.016691][T11712] [ 503.016701][T11712] dump_stack_lvl+0x16c/0x1f0 [ 503.016734][T11712] should_fail_ex+0x512/0x640 [ 503.016768][T11712] ? __kmalloc_noprof+0xca/0x880 [ 503.016807][T11712] should_failslab+0xc2/0x120 [ 503.016840][T11712] __kmalloc_noprof+0xdd/0x880 [ 503.016875][T11712] ? iovec_from_user+0x108/0x140 [ 503.016905][T11712] ? iovec_from_user+0x108/0x140 [ 503.016925][T11712] iovec_from_user+0x108/0x140 [ 503.016953][T11712] __import_iovec+0x88/0x650 [ 503.016979][T11712] ? find_held_lock+0x2b/0x80 [ 503.017007][T11712] import_iovec+0x86/0xb0 [ 503.017035][T11712] vfs_writev+0x19b/0xde0 [ 503.017061][T11712] ? __pfx___might_resched+0x10/0x10 [ 503.017094][T11712] ? __pfx_vfs_writev+0x10/0x10 [ 503.017116][T11712] ? __mutex_lock+0x1c5/0x1060 [ 503.017157][T11712] ? __pfx___mutex_lock+0x10/0x10 [ 503.017199][T11712] ? __fget_files+0x20e/0x3c0 [ 503.017221][T11712] ? __fget_files+0x130/0x3c0 [ 503.017255][T11712] ? do_writev+0x132/0x340 [ 503.017276][T11712] do_writev+0x132/0x340 [ 503.017301][T11712] ? __pfx_do_writev+0x10/0x10 [ 503.017336][T11712] do_syscall_64+0xcd/0xfa0 [ 503.017367][T11712] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 503.017399][T11712] RIP: 0033:0x7f30ee18f749 [ 503.017419][T11712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 503.017441][T11712] RSP: 002b:00007f30ef017038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 503.017465][T11712] RAX: ffffffffffffffda RBX: 00007f30ee3e5fa0 RCX: 00007f30ee18f749 [ 503.017480][T11712] RDX: 00000000000001ff RSI: 0000200000000040 RDI: 0000000000000003 [ 503.017495][T11712] RBP: 00007f30ef017090 R08: 0000000000000000 R09: 0000000000000000 [ 503.017509][T11712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 503.017522][T11712] R13: 00007f30ee3e6038 R14: 00007f30ee3e5fa0 R15: 00007ffed6cfe378 [ 503.017555][T11712] [ 503.228321][ C1] vkms_vblank_simulate: vblank timer overrun [ 503.541575][T11721] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1112'. [ 503.590056][ T1170] : left promiscuous mode [ 503.659934][T11728] FAULT_INJECTION: forcing a failure. [ 503.659934][T11728] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 503.710967][T11728] CPU: 0 UID: 0 PID: 11728 Comm: syz.3.1114 Not tainted syzkaller #0 PREEMPT(full) [ 503.711002][T11728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 503.711016][T11728] Call Trace: [ 503.711023][T11728] [ 503.711031][T11728] dump_stack_lvl+0x16c/0x1f0 [ 503.711061][T11728] should_fail_ex+0x512/0x640 [ 503.711097][T11728] should_fail_alloc_page+0xe7/0x130 [ 503.711127][T11728] prepare_alloc_pages+0x3c2/0x610 [ 503.711159][T11728] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 503.711191][T11728] ? find_held_lock+0x2b/0x80 [ 503.711213][T11728] ? is_bpf_text_address+0x8a/0x1a0 [ 503.711242][T11728] ? bpf_ksym_find+0x124/0x1c0 [ 503.711264][T11728] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 503.711284][T11728] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 503.711312][T11728] ? kernel_text_address+0x8d/0x100 [ 503.711331][T11728] ? __kernel_text_address+0xd/0x40 [ 503.711367][T11728] ? __lock_acquire+0x622/0x1c90 [ 503.711395][T11728] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 503.711430][T11728] ? policy_nodemask+0xea/0x4e0 [ 503.711460][T11728] alloc_pages_mpol+0x1fb/0x550 [ 503.711488][T11728] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 503.711524][T11728] folio_alloc_mpol_noprof+0x36/0x2f0 [ 503.711556][T11728] vma_alloc_folio_noprof+0xed/0x1e0 [ 503.711586][T11728] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 503.711626][T11728] do_pte_missing+0x2202/0x3ba0 [ 503.711658][T11728] ? find_held_lock+0x2b/0x80 [ 503.711687][T11728] __handle_mm_fault+0x1556/0x2aa0 [ 503.711727][T11728] ? __pfx___handle_mm_fault+0x10/0x10 [ 503.711761][T11728] ? lock_vma_under_rcu+0x176/0x530 [ 503.711802][T11728] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 503.711841][T11728] handle_mm_fault+0x589/0xd10 [ 503.711872][T11728] ? __pkru_allows_pkey+0x21/0xb0 [ 503.711906][T11728] do_user_addr_fault+0x60c/0x1370 [ 503.711929][T11728] ? rcu_is_watching+0x12/0xc0 [ 503.711954][T11728] exc_page_fault+0x64/0xc0 [ 503.711979][T11728] asm_exc_page_fault+0x26/0x30 [ 503.711999][T11728] RIP: 0033:0x7f292b25a65b [ 503.712015][T11728] Code: 00 00 00 48 8d 3d dd 5a 19 00 48 89 c1 31 c0 e8 2b 39 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d 11 5b 19 00 48 89 34 24 48 8b 14 24 48 8b [ 503.712034][T11728] RSP: 002b:00007f292c15bfb0 EFLAGS: 00010202 [ 503.712051][T11728] RAX: 0000000000000000 RBX: 00007f292b5e5fa0 RCX: 0000000000000000 [ 503.712064][T11728] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000000 [ 503.712076][T11728] RBP: 00007f292c15d090 R08: 0000000000000000 R09: 0000000000000000 [ 503.712088][T11728] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000001 [ 503.712101][T11728] R13: 00007f292b5e6038 R14: 00007f292b5e5fa0 R15: 00007ffce50f7cb8 [ 503.712131][T11728] [ 503.712326][T11728] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 505.018374][T11756] program syz.0.1120 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 505.219790][T11759] FAULT_INJECTION: forcing a failure. [ 505.219790][T11759] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 505.314906][T11759] CPU: 1 UID: 0 PID: 11759 Comm: syz.1.1119 Not tainted syzkaller #0 PREEMPT(full) [ 505.314939][T11759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 505.314953][T11759] Call Trace: [ 505.314961][T11759] [ 505.314971][T11759] dump_stack_lvl+0x16c/0x1f0 [ 505.315020][T11759] should_fail_ex+0x512/0x640 [ 505.315062][T11759] _copy_to_user+0x32/0xd0 [ 505.315088][T11759] simple_read_from_buffer+0xcb/0x170 [ 505.315128][T11759] proc_fail_nth_read+0x197/0x240 [ 505.315155][T11759] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 505.315193][T11759] ? rw_verify_area+0xcf/0x6c0 [ 505.315217][T11759] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 505.315244][T11759] vfs_read+0x1e4/0xcf0 [ 505.315276][T11759] ? __pfx___mutex_lock+0x10/0x10 [ 505.315308][T11759] ? __pfx_vfs_read+0x10/0x10 [ 505.315345][T11759] ? __fget_files+0x20e/0x3c0 [ 505.315381][T11759] ksys_read+0x12a/0x250 [ 505.315407][T11759] ? __pfx_ksys_read+0x10/0x10 [ 505.315430][T11759] ? syscall_user_dispatch+0x78/0x140 [ 505.315464][T11759] do_syscall_64+0xcd/0xfa0 [ 505.315496][T11759] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 505.315521][T11759] RIP: 0033:0x7fb06e18e15c [ 505.315540][T11759] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 505.315562][T11759] RSP: 002b:00007fb06f003030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 505.315585][T11759] RAX: ffffffffffffffda RBX: 00007fb06e3e6180 RCX: 00007fb06e18e15c [ 505.315602][T11759] RDX: 000000000000000f RSI: 00007fb06f0030a0 RDI: 0000000000000003 [ 505.315617][T11759] RBP: 00007fb06f003090 R08: 0000000000000000 R09: 0000000000000000 [ 505.315632][T11759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 505.315645][T11759] R13: 00007fb06e3e6218 R14: 00007fb06e3e6180 R15: 00007ffdce0c51f8 [ 505.315681][T11759] [ 505.502439][ C1] vkms_vblank_simulate: vblank timer overrun [ 505.722568][T11765] FAULT_INJECTION: forcing a failure. [ 505.722568][T11765] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 505.750578][T11765] CPU: 0 UID: 0 PID: 11765 Comm: syz.1.1122 Not tainted syzkaller #0 PREEMPT(full) [ 505.750613][T11765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 505.750627][T11765] Call Trace: [ 505.750635][T11765] [ 505.750645][T11765] dump_stack_lvl+0x16c/0x1f0 [ 505.750679][T11765] should_fail_ex+0x512/0x640 [ 505.750718][T11765] _copy_from_user+0x2e/0xd0 [ 505.750754][T11765] __sys_bpf+0x248/0x4980 [ 505.750785][T11765] ? __pfx___sys_bpf+0x10/0x10 [ 505.750808][T11765] ? find_held_lock+0x2b/0x80 [ 505.750842][T11765] ? find_held_lock+0x2b/0x80 [ 505.750874][T11765] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 505.750925][T11765] ? fput+0x9b/0xd0 [ 505.750956][T11765] ? ksys_write+0x1ac/0x250 [ 505.750981][T11765] ? __pfx_ksys_write+0x10/0x10 [ 505.751014][T11765] __x64_sys_bpf+0x78/0xc0 [ 505.751038][T11765] ? lockdep_hardirqs_on+0x7c/0x110 [ 505.751066][T11765] do_syscall_64+0xcd/0xfa0 [ 505.751097][T11765] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 505.751117][T11765] RIP: 0033:0x7fb06e18f749 [ 505.751136][T11765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 505.751163][T11765] RSP: 002b:00007fb06f045038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 505.751184][T11765] RAX: ffffffffffffffda RBX: 00007fb06e3e5fa0 RCX: 00007fb06e18f749 [ 505.751197][T11765] RDX: 000000000000000c RSI: 00002000000001c0 RDI: 0000000000000002 [ 505.751208][T11765] RBP: 00007fb06f045090 R08: 0000000000000000 R09: 0000000000000000 [ 505.751216][T11765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 505.751224][T11765] R13: 00007fb06e3e6038 R14: 00007fb06e3e5fa0 R15: 00007ffdce0c51f8 [ 505.751244][T11765] [ 506.073533][T11777] mmap: syz.1.1124 (11777) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 506.841735][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.848124][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 507.923078][T11822] syz.1.1141 uses obsolete (PF_INET,SOCK_PACKET) [ 508.433753][T11841] FAULT_INJECTION: forcing a failure. [ 508.433753][T11841] name failslab, interval 1, probability 0, space 0, times 0 [ 508.460833][T11841] CPU: 1 UID: 0 PID: 11841 Comm: syz.1.1146 Not tainted syzkaller #0 PREEMPT(full) [ 508.460868][T11841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 508.460880][T11841] Call Trace: [ 508.460888][T11841] [ 508.460897][T11841] dump_stack_lvl+0x16c/0x1f0 [ 508.460928][T11841] should_fail_ex+0x512/0x640 [ 508.460959][T11841] ? fs_reclaim_acquire+0xae/0x150 [ 508.460987][T11841] should_failslab+0xc2/0x120 [ 508.461013][T11841] __kmalloc_noprof+0xdd/0x880 [ 508.461046][T11841] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 508.461079][T11841] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 508.461105][T11841] tomoyo_realpath_from_path+0xc2/0x6e0 [ 508.461132][T11841] ? tomoyo_profile+0x47/0x60 [ 508.461164][T11841] tomoyo_path_number_perm+0x245/0x580 [ 508.461203][T11841] ? tomoyo_path_number_perm+0x237/0x580 [ 508.461238][T11841] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 508.461272][T11841] ? find_held_lock+0x2b/0x80 [ 508.461327][T11841] ? find_held_lock+0x2b/0x80 [ 508.461348][T11841] ? hook_file_ioctl_common+0x145/0x410 [ 508.461378][T11841] ? __fget_files+0x20e/0x3c0 [ 508.461406][T11841] security_file_ioctl+0x9b/0x240 [ 508.461431][T11841] __x64_sys_ioctl+0xb7/0x210 [ 508.461466][T11841] do_syscall_64+0xcd/0xfa0 [ 508.461497][T11841] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 508.461521][T11841] RIP: 0033:0x7fb06e18f749 [ 508.461541][T11841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 508.461560][T11841] RSP: 002b:00007fb06f045038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 508.461581][T11841] RAX: ffffffffffffffda RBX: 00007fb06e3e5fa0 RCX: 00007fb06e18f749 [ 508.461596][T11841] RDX: 0000000000000015 RSI: 000000004020ae46 RDI: 0000000000000015 [ 508.461610][T11841] RBP: 00007fb06f045090 R08: 0000000000000000 R09: 0000000000000000 [ 508.461624][T11841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 508.461638][T11841] R13: 00007fb06e3e6038 R14: 00007fb06e3e5fa0 R15: 00007ffdce0c51f8 [ 508.461675][T11841] [ 508.461817][T11841] ERROR: Out of memory at tomoyo_realpath_from_path. [ 508.937405][T11837] Invalid ELF header magic: != ELF [ 509.060373][T11837] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1145'. [ 509.605020][T11864] FAULT_INJECTION: forcing a failure. [ 509.605020][T11864] name failslab, interval 1, probability 0, space 0, times 0 [ 509.610722][T11860] FAULT_INJECTION: forcing a failure. [ 509.610722][T11860] name fail_futex, interval 1, probability 0, space 0, times 1 [ 509.638566][T11864] CPU: 1 UID: 0 PID: 11864 Comm: syz.3.1151 Not tainted syzkaller #0 PREEMPT(full) [ 509.638601][T11864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 509.638615][T11864] Call Trace: [ 509.638623][T11864] [ 509.638633][T11864] dump_stack_lvl+0x16c/0x1f0 [ 509.638667][T11864] should_fail_ex+0x512/0x640 [ 509.638702][T11864] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 509.638732][T11864] should_failslab+0xc2/0x120 [ 509.638765][T11864] kmem_cache_alloc_noprof+0x75/0x6e0 [ 509.638790][T11864] ? vm_area_dup+0x27/0x8d0 [ 509.638819][T11864] ? vm_area_dup+0x27/0x8d0 [ 509.638840][T11864] vm_area_dup+0x27/0x8d0 [ 509.638865][T11864] __split_vma+0x18e/0x1070 [ 509.638893][T11864] ? __pfx___split_vma+0x10/0x10 [ 509.638915][T11864] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 509.638964][T11864] vms_gather_munmap_vmas+0x3aa/0x1340 [ 509.638996][T11864] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 509.639025][T11864] ? mas_walk+0x6f5/0x980 [ 509.639063][T11864] __mmap_region+0x434/0x27a0 [ 509.639094][T11864] ? __pfx___mmap_region+0x10/0x10 [ 509.639127][T11864] ? find_held_lock+0x2b/0x80 [ 509.639175][T11864] ? kernel_text_address+0x8d/0x100 [ 509.639199][T11864] ? __kernel_text_address+0xd/0x40 [ 509.639220][T11864] ? unwind_get_return_address+0x59/0xa0 [ 509.639248][T11864] ? arch_stack_walk+0xa6/0x100 [ 509.639279][T11864] ? __lock_acquire+0x622/0x1c90 [ 509.639372][T11864] mmap_region+0x32b/0x3f0 [ 509.639403][T11864] do_mmap+0xa3e/0x1210 [ 509.639439][T11864] ? __pfx_do_mmap+0x10/0x10 [ 509.639469][T11864] ? __pfx_down_write_killable+0x10/0x10 [ 509.639510][T11864] vm_mmap_pgoff+0x29e/0x470 [ 509.639548][T11864] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 509.639586][T11864] ? __fget_files+0x20e/0x3c0 [ 509.639619][T11864] ksys_mmap_pgoff+0x32c/0x5c0 [ 509.639649][T11864] ? __pfx_ksys_write+0x10/0x10 [ 509.639680][T11864] __x64_sys_mmap+0x125/0x190 [ 509.639719][T11864] do_syscall_64+0xcd/0xfa0 [ 509.639751][T11864] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 509.639776][T11864] RIP: 0033:0x7f292b38f749 [ 509.639797][T11864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 509.639819][T11864] RSP: 002b:00007f29295f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 509.639842][T11864] RAX: ffffffffffffffda RBX: 00007f292b5e6090 RCX: 00007f292b38f749 [ 509.639859][T11864] RDX: 0040000000000ffb RSI: 0000000000810004 RDI: 0000200000000000 [ 509.639874][T11864] RBP: 00007f29295f6090 R08: 0000000000000003 R09: 0000000000008000 [ 509.639889][T11864] R10: 0008000000008011 R11: 0000000000000246 R12: 0000000000000001 [ 509.639904][T11864] R13: 00007f292b5e6128 R14: 00007f292b5e6090 R15: 00007ffce50f7cb8 [ 509.639940][T11864] [ 509.978120][T11860] CPU: 1 UID: 0 PID: 11860 Comm: syz.0.1150 Not tainted syzkaller #0 PREEMPT(full) [ 509.978147][T11860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 509.978158][T11860] Call Trace: [ 509.978165][T11860] [ 509.978172][T11860] dump_stack_lvl+0x16c/0x1f0 [ 509.978200][T11860] should_fail_ex+0x512/0x640 [ 509.978232][T11860] get_futex_key+0x1d0/0x1560 [ 509.978260][T11860] ? __pfx_get_futex_key+0x10/0x10 [ 509.978295][T11860] futex_wake+0xea/0x530 [ 509.978329][T11860] ? rcu_is_watching+0x12/0xc0 [ 509.978350][T11860] ? __pfx_futex_wake+0x10/0x10 [ 509.978381][T11860] ? kmem_cache_free+0x2d4/0x6c0 [ 509.978402][T11860] ? putname+0x154/0x1a0 [ 509.978441][T11860] do_futex+0x1e3/0x350 [ 509.978469][T11860] ? __pfx_do_futex+0x10/0x10 [ 509.978508][T11860] __x64_sys_futex+0x1e0/0x4c0 [ 509.978538][T11860] ? __x64_sys_openat+0x174/0x210 [ 509.978570][T11860] ? __pfx___x64_sys_futex+0x10/0x10 [ 509.978612][T11860] do_syscall_64+0xcd/0xfa0 [ 509.978644][T11860] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 509.978668][T11860] RIP: 0033:0x7f30ee18f749 [ 509.978688][T11860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 509.978708][T11860] RSP: 002b:00007f30ef0170e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 509.978728][T11860] RAX: ffffffffffffffda RBX: 00007f30ee3e5fa8 RCX: 00007f30ee18f749 [ 509.978742][T11860] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f30ee3e5fac [ 509.978754][T11860] RBP: 00007f30ee3e5fa0 R08: 00007f30ef018000 R09: 0000000000000000 [ 509.978766][T11860] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 509.978788][T11860] R13: 00007f30ee3e6038 R14: 00007ffed6cfe290 R15: 00007ffed6cfe378 [ 509.978817][T11860] [ 510.482710][T11868] FAULT_INJECTION: forcing a failure. [ 510.482710][T11868] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 510.495964][T11868] CPU: 0 UID: 0 PID: 11868 Comm: syz.3.1153 Not tainted syzkaller #0 PREEMPT(full) [ 510.495999][T11868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 510.496014][T11868] Call Trace: [ 510.496022][T11868] [ 510.496032][T11868] dump_stack_lvl+0x16c/0x1f0 [ 510.496071][T11868] should_fail_ex+0x512/0x640 [ 510.496111][T11868] _copy_from_user+0x2e/0xd0 [ 510.496190][T11868] copy_msghdr_from_user+0x98/0x160 [ 510.496217][T11868] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 510.496253][T11868] ? __pfx__kstrtoull+0x10/0x10 [ 510.496289][T11868] ___sys_sendmsg+0xfe/0x1d0 [ 510.496319][T11868] ? __pfx____sys_sendmsg+0x10/0x10 [ 510.496360][T11868] ? find_held_lock+0x2b/0x80 [ 510.496412][T11868] __sys_sendmmsg+0x200/0x420 [ 510.496446][T11868] ? __pfx___sys_sendmmsg+0x10/0x10 [ 510.496483][T11868] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 510.496533][T11868] ? fput+0x9b/0xd0 [ 510.496565][T11868] ? ksys_write+0x1ac/0x250 [ 510.496590][T11868] ? __pfx_ksys_write+0x10/0x10 [ 510.496623][T11868] __x64_sys_sendmmsg+0x9c/0x100 [ 510.496647][T11868] ? lockdep_hardirqs_on+0x7c/0x110 [ 510.496716][T11868] do_syscall_64+0xcd/0xfa0 [ 510.496758][T11868] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 510.496787][T11868] RIP: 0033:0x7f292b38f749 [ 510.496806][T11868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 510.496829][T11868] RSP: 002b:00007f292c15d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 510.496856][T11868] RAX: ffffffffffffffda RBX: 00007f292b5e5fa0 RCX: 00007f292b38f749 [ 510.496872][T11868] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000003 [ 510.496886][T11868] RBP: 00007f292c15d090 R08: 0000000000000000 R09: 0000000000000000 [ 510.496901][T11868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 510.496919][T11868] R13: 00007f292b5e6038 R14: 00007f292b5e5fa0 R15: 00007ffce50f7cb8 [ 510.496954][T11868] [ 511.191434][T11882] FAULT_INJECTION: forcing a failure. [ 511.191434][T11882] name failslab, interval 1, probability 0, space 0, times 0 [ 511.215044][T11882] CPU: 1 UID: 0 PID: 11882 Comm: syz.3.1158 Not tainted syzkaller #0 PREEMPT(full) [ 511.215078][T11882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 511.215092][T11882] Call Trace: [ 511.215101][T11882] [ 511.215112][T11882] dump_stack_lvl+0x16c/0x1f0 [ 511.215146][T11882] should_fail_ex+0x512/0x640 [ 511.215182][T11882] ? fs_reclaim_acquire+0xae/0x150 [ 511.215216][T11882] should_failslab+0xc2/0x120 [ 511.215250][T11882] __kmalloc_noprof+0xdd/0x880 [ 511.215289][T11882] ? tomoyo_encode2+0x100/0x3e0 [ 511.215331][T11882] ? tomoyo_encode2+0x100/0x3e0 [ 511.215358][T11882] tomoyo_encode2+0x100/0x3e0 [ 511.215389][T11882] tomoyo_encode+0x29/0x50 [ 511.215416][T11882] tomoyo_realpath_from_path+0x18f/0x6e0 [ 511.215455][T11882] tomoyo_path_number_perm+0x245/0x580 [ 511.215492][T11882] ? tomoyo_path_number_perm+0x237/0x580 [ 511.215532][T11882] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 511.215571][T11882] ? find_held_lock+0x2b/0x80 [ 511.215630][T11882] ? find_held_lock+0x2b/0x80 [ 511.215655][T11882] ? hook_file_ioctl_common+0x145/0x410 [ 511.215689][T11882] ? __fget_files+0x20e/0x3c0 [ 511.215720][T11882] security_file_ioctl+0x9b/0x240 [ 511.215747][T11882] __x64_sys_ioctl+0xb7/0x210 [ 511.215785][T11882] do_syscall_64+0xcd/0xfa0 [ 511.215817][T11882] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 511.215843][T11882] RIP: 0033:0x7f292b38f749 [ 511.215863][T11882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 511.215885][T11882] RSP: 002b:00007f292c15d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 511.215908][T11882] RAX: ffffffffffffffda RBX: 00007f292b5e5fa0 RCX: 00007f292b38f749 [ 511.215925][T11882] RDX: 0000000000000000 RSI: 0000000000004c08 RDI: 0000000000000003 [ 511.215939][T11882] RBP: 00007f292c15d090 R08: 0000000000000000 R09: 0000000000000000 [ 511.215954][T11882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 511.215968][T11882] R13: 00007f292b5e6038 R14: 00007f292b5e5fa0 R15: 00007ffce50f7cb8 [ 511.216004][T11882] [ 511.216036][T11882] ERROR: Out of memory at tomoyo_realpath_from_path. [ 511.533071][T11884] FAULT_INJECTION: forcing a failure. [ 511.533071][T11884] name fail_futex, interval 1, probability 0, space 0, times 0 [ 511.546228][T11884] CPU: 1 UID: 0 PID: 11884 Comm: syz.1.1157 Not tainted syzkaller #0 PREEMPT(full) [ 511.546265][T11884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 511.546281][T11884] Call Trace: [ 511.546289][T11884] [ 511.546300][T11884] dump_stack_lvl+0x16c/0x1f0 [ 511.546337][T11884] should_fail_ex+0x512/0x640 [ 511.546380][T11884] should_fail_futex+0x4c/0x60 [ 511.546415][T11884] futex_lock_pi_atomic+0x101/0xd50 [ 511.546460][T11884] futex_lock_pi+0x23f/0x7c0 [ 511.546503][T11884] ? __pfx_futex_lock_pi+0x10/0x10 [ 511.546539][T11884] ? __futex_wait+0x24b/0x2f0 [ 511.546566][T11884] ? lockdep_hardirqs_on+0x7c/0x110 [ 511.546620][T11884] ? futex_private_hash_put+0xd5/0x190 [ 511.546657][T11884] ? __pfx_futex_wake_mark+0x10/0x10 [ 511.546707][T11884] ? ksys_write+0x190/0x250 [ 511.546742][T11884] do_futex+0x11a/0x350 [ 511.546783][T11884] ? __pfx_do_futex+0x10/0x10 [ 511.546829][T11884] __x64_sys_futex+0x1e0/0x4c0 [ 511.546866][T11884] ? fput+0x9b/0xd0 [ 511.546899][T11884] ? __pfx___x64_sys_futex+0x10/0x10 [ 511.546934][T11884] ? xfd_validate_state+0x61/0x180 [ 511.546968][T11884] ? __pfx_ksys_write+0x10/0x10 [ 511.547008][T11884] do_syscall_64+0xcd/0xfa0 [ 511.547040][T11884] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 511.547065][T11884] RIP: 0033:0x7fb06e18f749 [ 511.547086][T11884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 511.547110][T11884] RSP: 002b:00007fb06f045038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 511.547133][T11884] RAX: ffffffffffffffda RBX: 00007fb06e3e5fa0 RCX: 00007fb06e18f749 [ 511.547150][T11884] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 511.547165][T11884] RBP: 00007fb06e213f91 R08: 0000000000000000 R09: 000000008000fff5 [ 511.547181][T11884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 511.547197][T11884] R13: 00007fb06e3e6038 R14: 00007fb06e3e5fa0 R15: 00007ffdce0c51f8 [ 511.547235][T11884] [ 511.969404][ T30] audit: type=1800 audit(4294967331.450:2): pid=11888 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1160" name="features" dev="configfs" ino=37501 res=0 errno=0 [ 512.381882][T11899] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1162'. [ 512.557998][T11899] netlink: 93 bytes leftover after parsing attributes in process `syz.2.1162'. [ 513.049842][T11910] netlink: 'syz.1.1165': attribute type 10 has an invalid length. [ 513.159990][T11912] FAULT_INJECTION: forcing a failure. [ 513.159990][T11912] name failslab, interval 1, probability 0, space 0, times 0 [ 513.188825][T11912] CPU: 0 UID: 0 PID: 11912 Comm: syz.2.1166 Not tainted syzkaller #0 PREEMPT(full) [ 513.188858][T11912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 513.188872][T11912] Call Trace: [ 513.188880][T11912] [ 513.188889][T11912] dump_stack_lvl+0x16c/0x1f0 [ 513.188922][T11912] should_fail_ex+0x512/0x640 [ 513.188955][T11912] ? fs_reclaim_acquire+0xae/0x150 [ 513.188989][T11912] should_failslab+0xc2/0x120 [ 513.189021][T11912] __kmalloc_noprof+0xdd/0x880 [ 513.189056][T11912] ? tomoyo_encode2+0x100/0x3e0 [ 513.189088][T11912] ? tomoyo_encode2+0x100/0x3e0 [ 513.189113][T11912] tomoyo_encode2+0x100/0x3e0 [ 513.189142][T11912] tomoyo_encode+0x29/0x50 [ 513.189167][T11912] tomoyo_realpath_from_path+0x18f/0x6e0 [ 513.189205][T11912] tomoyo_path_number_perm+0x245/0x580 [ 513.189239][T11912] ? tomoyo_path_number_perm+0x237/0x580 [ 513.189279][T11912] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 513.189317][T11912] ? find_held_lock+0x2b/0x80 [ 513.189376][T11912] ? find_held_lock+0x2b/0x80 [ 513.189400][T11912] ? hook_file_ioctl_common+0x145/0x410 [ 513.189433][T11912] ? __fget_files+0x20e/0x3c0 [ 513.189464][T11912] security_file_ioctl+0x9b/0x240 [ 513.189491][T11912] __x64_sys_ioctl+0xb7/0x210 [ 513.189528][T11912] do_syscall_64+0xcd/0xfa0 [ 513.189560][T11912] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 513.189584][T11912] RIP: 0033:0x7f62bfd8f749 [ 513.189604][T11912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 513.189632][T11912] RSP: 002b:00007f62c0b65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 513.189656][T11912] RAX: ffffffffffffffda RBX: 00007f62bffe5fa0 RCX: 00007f62bfd8f749 [ 513.189672][T11912] RDX: 0000000000000003 RSI: 0000000040085618 RDI: 0000000000000003 [ 513.189686][T11912] RBP: 00007f62c0b65090 R08: 0000000000000000 R09: 0000000000000000 [ 513.189701][T11912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 513.189715][T11912] R13: 00007f62bffe6038 R14: 00007f62bffe5fa0 R15: 00007ffedee782d8 [ 513.189752][T11912] [ 513.189773][T11912] ERROR: Out of memory at tomoyo_realpath_from_path. [ 513.225349][T11916] FAULT_INJECTION: forcing a failure. [ 513.225349][T11916] name failslab, interval 1, probability 0, space 0, times 0 [ 513.429519][T11916] CPU: 1 UID: 0 PID: 11916 Comm: syz.0.1168 Not tainted syzkaller #0 PREEMPT(full) [ 513.429551][T11916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 513.429565][T11916] Call Trace: [ 513.429573][T11916] [ 513.429582][T11916] dump_stack_lvl+0x16c/0x1f0 [ 513.429616][T11916] should_fail_ex+0x512/0x640 [ 513.429650][T11916] ? fs_reclaim_acquire+0xae/0x150 [ 513.429682][T11916] should_failslab+0xc2/0x120 [ 513.429713][T11916] __kmalloc_noprof+0xdd/0x880 [ 513.429748][T11916] ? tomoyo_encode2+0x100/0x3e0 [ 513.429780][T11916] ? tomoyo_encode2+0x100/0x3e0 [ 513.429804][T11916] tomoyo_encode2+0x100/0x3e0 [ 513.429836][T11916] tomoyo_encode+0x29/0x50 [ 513.429871][T11916] tomoyo_realpath_from_path+0x18f/0x6e0 [ 513.429908][T11916] tomoyo_path_number_perm+0x245/0x580 [ 513.429944][T11916] ? tomoyo_path_number_perm+0x237/0x580 [ 513.429984][T11916] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 513.430022][T11916] ? find_held_lock+0x2b/0x80 [ 513.430080][T11916] ? find_held_lock+0x2b/0x80 [ 513.430104][T11916] ? hook_file_ioctl_common+0x145/0x410 [ 513.430138][T11916] ? __fget_files+0x20e/0x3c0 [ 513.430170][T11916] security_file_ioctl+0x9b/0x240 [ 513.430196][T11916] __x64_sys_ioctl+0xb7/0x210 [ 513.430233][T11916] do_syscall_64+0xcd/0xfa0 [ 513.430265][T11916] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 513.430290][T11916] RIP: 0033:0x7f30ee18f749 [ 513.430310][T11916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 513.430332][T11916] RSP: 002b:00007f30ef017038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 513.430355][T11916] RAX: ffffffffffffffda RBX: 00007f30ee3e5fa0 RCX: 00007f30ee18f749 [ 513.430372][T11916] RDX: 0000000000000003 RSI: 00000000c040564a RDI: 0000000000000003 [ 513.430387][T11916] RBP: 00007f30ef017090 R08: 0000000000000000 R09: 0000000000000000 [ 513.430401][T11916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 513.430416][T11916] R13: 00007f30ee3e6038 R14: 00007f30ee3e5fa0 R15: 00007ffed6cfe378 [ 513.430451][T11916] [ 513.430573][T11916] ERROR: Out of memory at tomoyo_realpath_from_path. [ 514.118621][T11936] netlink: 'syz.2.1175': attribute type 12 has an invalid length. [ 514.218177][T11935] mkiss: ax0: crc mode is auto. [ 515.573152][T11970] FAULT_INJECTION: forcing a failure. [ 515.573152][T11970] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 515.586910][T11970] CPU: 1 UID: 0 PID: 11970 Comm: syz.0.1185 Not tainted syzkaller #0 PREEMPT(full) [ 515.586944][T11970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 515.586958][T11970] Call Trace: [ 515.586966][T11970] [ 515.586976][T11970] dump_stack_lvl+0x16c/0x1f0 [ 515.587010][T11970] should_fail_ex+0x512/0x640 [ 515.587050][T11970] _copy_to_user+0x32/0xd0 [ 515.587075][T11970] simple_read_from_buffer+0xcb/0x170 [ 515.587115][T11970] proc_fail_nth_read+0x197/0x240 [ 515.587143][T11970] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 515.587173][T11970] ? rw_verify_area+0xcf/0x6c0 [ 515.587196][T11970] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 515.587223][T11970] vfs_read+0x1e4/0xcf0 [ 515.587249][T11970] ? __pfx_sock_write_iter+0x10/0x10 [ 515.587285][T11970] ? __pfx_vfs_read+0x10/0x10 [ 515.587314][T11970] ? __pfx_do_sys_openat2+0x10/0x10 [ 515.587365][T11970] ksys_read+0x12a/0x250 [ 515.587390][T11970] ? __pfx_ksys_read+0x10/0x10 [ 515.587427][T11970] do_syscall_64+0xcd/0xfa0 [ 515.587459][T11970] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 515.587483][T11970] RIP: 0033:0x7f30ee18e15c [ 515.587504][T11970] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 515.587527][T11970] RSP: 002b:00007f30ef017030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 515.587550][T11970] RAX: ffffffffffffffda RBX: 00007f30ee3e5fa0 RCX: 00007f30ee18e15c [ 515.587566][T11970] RDX: 000000000000000f RSI: 00007f30ef0170a0 RDI: 0000000000000008 [ 515.587581][T11970] RBP: 00007f30ef017090 R08: 0000000000000000 R09: 0000000000000000 [ 515.587603][T11970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 515.587617][T11970] R13: 00007f30ee3e6038 R14: 00007f30ee3e5fa0 R15: 00007ffed6cfe378 [ 515.587653][T11970] [ 515.838678][T11968] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1182'. [ 516.961121][ C1] sd 0:0:1:0: [sda] tag#7515 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 516.971671][ C1] sd 0:0:1:0: [sda] tag#7515 CDB: Read(6) 08 00 00 00 10 00 00 00 00 00 00 00 [ 517.151887][T12001] __vm_enough_memory: pid: 12001, comm: syz.2.1192, bytes: 8589938688 not enough memory for the allocation [ 519.203226][T12020] netlink: 'syz.1.1197': attribute type 33 has an invalid length. [ 519.564312][T12043] FAULT_INJECTION: forcing a failure. [ 519.564312][T12043] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 519.611040][T12043] CPU: 0 UID: 0 PID: 12043 Comm: syz.2.1205 Not tainted syzkaller #0 PREEMPT(full) [ 519.611075][T12043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 519.611090][T12043] Call Trace: [ 519.611098][T12043] [ 519.611116][T12043] dump_stack_lvl+0x16c/0x1f0 [ 519.611150][T12043] should_fail_ex+0x512/0x640 [ 519.611190][T12043] should_fail_alloc_page+0xe7/0x130 [ 519.611224][T12043] prepare_alloc_pages+0x3c2/0x610 [ 519.611255][T12043] ? find_held_lock+0x2b/0x80 [ 519.611283][T12043] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 519.611312][T12043] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 519.611342][T12043] ? is_bpf_text_address+0x94/0x1a0 [ 519.611375][T12043] ? kernel_text_address+0x8d/0x100 [ 519.611399][T12043] ? __kernel_text_address+0xd/0x40 [ 519.611420][T12043] ? unwind_get_return_address+0x59/0xa0 [ 519.611446][T12043] ? arch_stack_walk+0xa6/0x100 [ 519.611474][T12043] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 519.611504][T12043] ? __lock_acquire+0x622/0x1c90 [ 519.611543][T12043] ? stack_depot_save_flags+0x29/0x9c0 [ 519.611581][T12043] ? look_up_lock_class+0x59/0x150 [ 519.611610][T12043] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 519.611650][T12043] ? policy_nodemask+0xea/0x4e0 [ 519.611685][T12043] alloc_pages_mpol+0x1fb/0x550 [ 519.611718][T12043] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 519.611760][T12043] alloc_pages_noprof+0x131/0x390 [ 519.611792][T12043] __pmd_alloc+0x3b/0x8b0 [ 519.611828][T12043] __handle_mm_fault+0xada/0x2aa0 [ 519.611868][T12043] ? mt_find+0x3e2/0xa20 [ 519.611900][T12043] ? __pfx___handle_mm_fault+0x10/0x10 [ 519.611933][T12043] ? __pfx_mt_find+0x10/0x10 [ 519.611984][T12043] ? find_vma+0xbf/0x140 [ 519.612010][T12043] ? __pfx_find_vma+0x10/0x10 [ 519.612042][T12043] handle_mm_fault+0x589/0xd10 [ 519.612079][T12043] ? __pkru_allows_pkey+0x21/0xb0 [ 519.612122][T12043] do_user_addr_fault+0x7a6/0x1370 [ 519.612149][T12043] ? rcu_is_watching+0x12/0xc0 [ 519.612179][T12043] exc_page_fault+0x64/0xc0 [ 519.612208][T12043] asm_exc_page_fault+0x26/0x30 [ 519.612231][T12043] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 519.612266][T12043] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 4d 3c 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 519.612288][T12043] RSP: 0018:ffffc9000e0179e8 EFLAGS: 00050206 [ 519.612308][T12043] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000038 [ 519.612323][T12043] RDX: fffff52001c02f4e RSI: 0000000000000000 RDI: ffffc9000e017a38 [ 519.612338][T12043] RBP: 0000000000000038 R08: 0000000000000001 R09: fffff52001c02f4d [ 519.612353][T12043] R10: ffffc9000e017a6f R11: 0000000000000001 R12: 0000000000000000 [ 519.612368][T12043] R13: ffffc9000e017a38 R14: ffffc9000e017b30 R15: ffffc9000e017a38 [ 519.612404][T12043] _copy_from_user+0x98/0xd0 [ 519.612441][T12043] copy_msghdr_from_user+0x98/0x160 [ 519.612467][T12043] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 519.612499][T12043] ? __pfx__kstrtoull+0x10/0x10 [ 519.612534][T12043] ___sys_sendmsg+0xfe/0x1d0 [ 519.612560][T12043] ? __pfx____sys_sendmsg+0x10/0x10 [ 519.612603][T12043] ? find_held_lock+0x2b/0x80 [ 519.612652][T12043] __sys_sendmmsg+0x200/0x420 [ 519.612681][T12043] ? __pfx___sys_sendmmsg+0x10/0x10 [ 519.612718][T12043] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 519.612764][T12043] ? fput+0x9b/0xd0 [ 519.612795][T12043] ? ksys_write+0x1ac/0x250 [ 519.612820][T12043] ? __pfx_ksys_write+0x10/0x10 [ 519.612853][T12043] __x64_sys_sendmmsg+0x9c/0x100 [ 519.612877][T12043] ? lockdep_hardirqs_on+0x7c/0x110 [ 519.612905][T12043] do_syscall_64+0xcd/0xfa0 [ 519.612936][T12043] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 519.612959][T12043] RIP: 0033:0x7f62bfd8f749 [ 519.612978][T12043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 519.612999][T12043] RSP: 002b:00007f62c0b65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 519.613020][T12043] RAX: ffffffffffffffda RBX: 00007f62bffe5fa0 RCX: 00007f62bfd8f749 [ 519.613036][T12043] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000003 [ 519.613050][T12043] RBP: 00007f62c0b65090 R08: 0000000000000000 R09: 0000000000000000 [ 519.613065][T12043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 519.613079][T12043] R13: 00007f62bffe6038 R14: 00007f62bffe5fa0 R15: 00007ffedee782d8 [ 519.613120][T12043] [ 520.476101][T12050] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 520.544846][T12037] netlink: 'syz.3.1203': attribute type 33 has an invalid length. [ 520.825489][T12053] syz.0.1208(12053): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 521.426483][T12072] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1214'. [ 522.022333][T12078] FAULT_INJECTION: forcing a failure. [ 522.022333][T12078] name failslab, interval 1, probability 0, space 0, times 0 [ 522.063964][T12078] CPU: 1 UID: 0 PID: 12078 Comm: syz.3.1215 Not tainted syzkaller #0 PREEMPT(full) [ 522.064003][T12078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 522.064019][T12078] Call Trace: [ 522.064029][T12078] [ 522.064039][T12078] dump_stack_lvl+0x16c/0x1f0 [ 522.064079][T12078] should_fail_ex+0x512/0x640 [ 522.064117][T12078] ? __kmalloc_noprof+0xca/0x880 [ 522.064161][T12078] should_failslab+0xc2/0x120 [ 522.064194][T12078] __kmalloc_noprof+0xdd/0x880 [ 522.064234][T12078] ? acpi_ns_get_normalized_pathname+0x95/0x250 [ 522.064272][T12078] ? acpi_ns_get_normalized_pathname+0x95/0x250 [ 522.064302][T12078] acpi_ns_get_normalized_pathname+0x95/0x250 [ 522.064339][T12078] acpi_ex_start_trace_method+0x30/0x4f0 [ 522.064375][T12078] acpi_ds_begin_method_execution+0x60/0xc20 [ 522.064417][T12078] acpi_ds_call_control_method+0x1cc/0xab0 [ 522.064458][T12078] acpi_ps_parse_aml+0xab3/0x1170 [ 522.064504][T12078] acpi_ps_execute_method+0x5c4/0xe90 [ 522.064539][T12078] acpi_ns_evaluate+0x98c/0x16d0 [ 522.064577][T12078] acpi_evaluate_object+0x4ca/0xdf0 [ 522.064621][T12078] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 522.064657][T12078] ? __mutex_trylock_common+0xe9/0x250 [ 522.064699][T12078] acpi_evaluate_integer+0xdd/0x200 [ 522.064729][T12078] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 522.064776][T12078] ? __pfx_status_show+0x10/0x10 [ 522.064808][T12078] status_show+0xa0/0x120 [ 522.064841][T12078] ? __pfx_status_show+0x10/0x10 [ 522.064885][T12078] dev_attr_show+0x56/0xe0 [ 522.064923][T12078] ? __pfx_dev_attr_show+0x10/0x10 [ 522.064966][T12078] sysfs_kf_seq_show+0x216/0x3e0 [ 522.065008][T12078] seq_read_iter+0x50e/0x12d0 [ 522.065066][T12078] kernfs_fop_read_iter+0x46c/0x610 [ 522.065093][T12078] ? rw_verify_area+0xcf/0x6c0 [ 522.065122][T12078] vfs_read+0x8bf/0xcf0 [ 522.065156][T12078] ? __pfx___mutex_lock+0x10/0x10 [ 522.065187][T12078] ? __pfx_vfs_read+0x10/0x10 [ 522.065240][T12078] ksys_read+0x12a/0x250 [ 522.065267][T12078] ? __pfx_ksys_read+0x10/0x10 [ 522.065306][T12078] do_syscall_64+0xcd/0xfa0 [ 522.065339][T12078] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 522.065364][T12078] RIP: 0033:0x7f292b38f749 [ 522.065385][T12078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 522.065408][T12078] RSP: 002b:00007f292c15d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 522.065434][T12078] RAX: ffffffffffffffda RBX: 00007f292b5e5fa0 RCX: 00007f292b38f749 [ 522.065451][T12078] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000006 [ 522.065467][T12078] RBP: 00007f292b413f91 R08: 0000000000000000 R09: 0000000000000000 [ 522.065483][T12078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 522.065498][T12078] R13: 00007f292b5e6038 R14: 00007f292b5e5fa0 R15: 00007ffce50f7cb8 [ 522.065536][T12078] [ 522.068055][T12078] ACPI Error: Could not allocate 10 bytes (20250807/nsnames-308) [ 522.509563][T12085] netlink: 'syz.2.1217': attribute type 33 has an invalid length. [ 522.599628][T12086] capability: warning: `syz.0.1216' uses 32-bit capabilities (legacy support in use) [ 522.618973][T12091] netlink: 78 bytes leftover after parsing attributes in process `syz.1.1218'. [ 522.826091][T12081] ubi0: attaching mtd0 [ 522.846882][T12081] ubi0: scanning is finished [ 522.874868][T12081] ubi0: empty MTD device detected [ 523.568580][T12081] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 523.678488][T12081] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 523.752105][T12081] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 523.808499][T12081] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 523.864169][T12081] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 523.912365][T12081] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 523.948856][T12081] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2422004231 [ 523.984631][T12081] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 524.016437][T12101] ubi0: background thread "ubi_bgt0d" started, PID 12101 [ 524.321847][T12110] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 524.360399][T12121] netlink: 'syz.0.1228': attribute type 11 has an invalid length. [ 524.653423][T12115] netlink: 'syz.3.1227': attribute type 33 has an invalid length. [ 524.793243][T12143] FAULT_INJECTION: forcing a failure. [ 524.793243][T12143] name failslab, interval 1, probability 0, space 0, times 0 [ 524.810378][T12143] CPU: 1 UID: 0 PID: 12143 Comm: syz.0.1235 Not tainted syzkaller #0 PREEMPT(full) [ 524.810412][T12143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 524.810425][T12143] Call Trace: [ 524.810433][T12143] [ 524.810442][T12143] dump_stack_lvl+0x16c/0x1f0 [ 524.810476][T12143] should_fail_ex+0x512/0x640 [ 524.810511][T12143] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 524.810540][T12143] should_failslab+0xc2/0x120 [ 524.810572][T12143] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 524.810594][T12143] ? __pfx___might_resched+0x10/0x10 [ 524.810621][T12143] ? sock_alloc_inode+0x25/0x1c0 [ 524.810661][T12143] ? __pfx_sock_alloc_inode+0x10/0x10 [ 524.810687][T12143] ? sock_alloc_inode+0x25/0x1c0 [ 524.810713][T12143] sock_alloc_inode+0x25/0x1c0 [ 524.810739][T12143] alloc_inode+0x64/0x240 [ 524.810771][T12143] sock_alloc+0x40/0x280 [ 524.810798][T12143] __sock_create+0xc1/0x8d0 [ 524.810834][T12143] __sys_socket+0x14d/0x260 [ 524.810866][T12143] ? __pfx___sys_socket+0x10/0x10 [ 524.810895][T12143] ? ksys_write+0x1ac/0x250 [ 524.810924][T12143] ? __pfx_ksys_write+0x10/0x10 [ 524.810957][T12143] __x64_sys_socket+0x72/0xb0 [ 524.810986][T12143] ? lockdep_hardirqs_on+0x7c/0x110 [ 524.811015][T12143] do_syscall_64+0xcd/0xfa0 [ 524.811045][T12143] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 524.811070][T12143] RIP: 0033:0x7f30ee18f749 [ 524.811090][T12143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 524.811111][T12143] RSP: 002b:00007f30ef017038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 524.811134][T12143] RAX: ffffffffffffffda RBX: 00007f30ee3e5fa0 RCX: 00007f30ee18f749 [ 524.811150][T12143] RDX: 0000000000000001 RSI: 0000000000000003 RDI: 0000000000000023 [ 524.811165][T12143] RBP: 00007f30ef017090 R08: 0000000000000000 R09: 0000000000000000 [ 524.811179][T12143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 524.811192][T12143] R13: 00007f30ee3e6038 R14: 00007f30ee3e5fa0 R15: 00007ffed6cfe378 [ 524.811227][T12143] [ 524.811457][T12143] socket: no more sockets [ 524.828992][T12139] bond0: invalid ARP target specified [ 524.939522][T12145] FAULT_INJECTION: forcing a failure. [ 524.939522][T12145] name failslab, interval 1, probability 0, space 0, times 0 [ 525.051935][T12145] CPU: 1 UID: 0 PID: 12145 Comm: syz.3.1236 Not tainted syzkaller #0 PREEMPT(full) [ 525.051967][T12145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 525.051981][T12145] Call Trace: [ 525.051989][T12145] [ 525.051998][T12145] dump_stack_lvl+0x16c/0x1f0 [ 525.052030][T12145] should_fail_ex+0x512/0x640 [ 525.052062][T12145] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 525.052091][T12145] should_failslab+0xc2/0x120 [ 525.052122][T12145] kmem_cache_alloc_noprof+0x75/0x6e0 [ 525.052147][T12145] ? ptlock_alloc+0x1f/0x70 [ 525.052188][T12145] ? ptlock_alloc+0x1f/0x70 [ 525.052217][T12145] ptlock_alloc+0x1f/0x70 [ 525.052249][T12145] pte_alloc_one+0x84/0x350 [ 525.052276][T12145] __pte_alloc+0x6d/0x380 [ 525.052304][T12145] ? __pfx___pte_alloc+0x10/0x10 [ 525.052336][T12145] do_pte_missing+0x282c/0x3ba0 [ 525.052382][T12145] __handle_mm_fault+0x1556/0x2aa0 [ 525.052424][T12145] ? __pfx___handle_mm_fault+0x10/0x10 [ 525.052458][T12145] ? folio_mark_accessed+0xc1/0xc00 [ 525.052485][T12145] ? __pfx_folio_mark_accessed+0x10/0x10 [ 525.052510][T12145] ? find_held_lock+0x2b/0x80 [ 525.052553][T12145] handle_mm_fault+0x589/0xd10 [ 525.052595][T12145] __get_user_pages+0x54e/0x3530 [ 525.052645][T12145] ? look_up_lock_class+0x59/0x150 [ 525.052672][T12145] ? __kmalloc_noprof+0x32f/0x880 [ 525.052708][T12145] ? __pfx___get_user_pages+0x10/0x10 [ 525.052748][T12145] __gup_longterm_locked+0xa92/0x17e0 [ 525.052791][T12145] ? __pfx___gup_longterm_locked+0x10/0x10 [ 525.052841][T12145] pin_user_pages_remote+0xed/0x140 [ 525.052876][T12145] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 525.052907][T12145] ? mm_access+0x22d/0x2e0 [ 525.052945][T12145] process_vm_rw_core.constprop.0+0x41b/0x970 [ 525.052987][T12145] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 525.053015][T12145] ? import_ubuf+0x1b6/0x220 [ 525.053066][T12145] ? iovec_from_user+0xbb/0x140 [ 525.053091][T12145] process_vm_rw+0x216/0x2c0 [ 525.053118][T12145] ? __pfx_process_vm_rw+0x10/0x10 [ 525.053153][T12145] ? ksys_write+0x190/0x250 [ 525.053212][T12145] ? ksys_write+0x1ac/0x250 [ 525.053235][T12145] ? __pfx_ksys_write+0x10/0x10 [ 525.053262][T12145] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 525.053289][T12145] ? do_syscall_64+0x91/0xfa0 [ 525.053315][T12145] ? lockdep_hardirqs_on+0x7c/0x110 [ 525.053341][T12145] do_syscall_64+0xcd/0xfa0 [ 525.053368][T12145] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 525.053391][T12145] RIP: 0033:0x7f292b38f749 [ 525.053410][T12145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 525.053431][T12145] RSP: 002b:00007f292c15d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 525.053453][T12145] RAX: ffffffffffffffda RBX: 00007f292b5e5fa0 RCX: 00007f292b38f749 [ 525.053467][T12145] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000520 [ 525.053497][T12145] RBP: 00007f292c15d090 R08: 0000000000000006 R09: 0000000000000000 [ 525.053511][T12145] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000001 [ 525.053525][T12145] R13: 00007f292b5e6038 R14: 00007f292b5e5fa0 R15: 00007ffce50f7cb8 [ 525.053557][T12145] [ 525.365891][ C1] vkms_vblank_simulate: vblank timer overrun [ 525.381795][T12142] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(3949489671.1640467884.2367287987), cmd(5) [ 525.972312][T12160] FAULT_INJECTION: forcing a failure. [ 525.972312][T12160] name failslab, interval 1, probability 0, space 0, times 0 [ 526.018492][T12160] CPU: 0 UID: 0 PID: 12160 Comm: syz.1.1242 Not tainted syzkaller #0 PREEMPT(full) [ 526.018526][T12160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 526.018540][T12160] Call Trace: [ 526.018549][T12160] [ 526.018557][T12160] dump_stack_lvl+0x16c/0x1f0 [ 526.018588][T12160] should_fail_ex+0x512/0x640 [ 526.018621][T12160] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 526.018650][T12160] should_failslab+0xc2/0x120 [ 526.018682][T12160] kmem_cache_alloc_noprof+0x75/0x6e0 [ 526.018706][T12160] ? alloc_empty_file+0x55/0x1e0 [ 526.018745][T12160] ? alloc_empty_file+0x55/0x1e0 [ 526.018775][T12160] alloc_empty_file+0x55/0x1e0 [ 526.018816][T12160] path_openat+0xda/0x2cb0 [ 526.018855][T12160] ? __pfx_path_openat+0x10/0x10 [ 526.018884][T12160] ? __lock_acquire+0xb8a/0x1c90 [ 526.018920][T12160] do_filp_open+0x20b/0x470 [ 526.018948][T12160] ? __pfx_do_filp_open+0x10/0x10 [ 526.018999][T12160] ? alloc_fd+0x471/0x7d0 [ 526.019035][T12160] do_sys_openat2+0x11b/0x1d0 [ 526.019068][T12160] ? __pfx_do_sys_openat2+0x10/0x10 [ 526.019106][T12160] ? __fget_files+0x20e/0x3c0 [ 526.019137][T12160] __x64_sys_openat+0x174/0x210 [ 526.019171][T12160] ? __pfx___x64_sys_openat+0x10/0x10 [ 526.019204][T12160] ? ksys_write+0x1ac/0x250 [ 526.019244][T12160] do_syscall_64+0xcd/0xfa0 [ 526.019275][T12160] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 526.019299][T12160] RIP: 0033:0x7fb06e18f749 [ 526.019320][T12160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 526.019343][T12160] RSP: 002b:00007fb06f045038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 526.019367][T12160] RAX: ffffffffffffffda RBX: 00007fb06e3e5fa0 RCX: 00007fb06e18f749 [ 526.019383][T12160] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 526.019399][T12160] RBP: 00007fb06f045090 R08: 0000000000000000 R09: 0000000000000000 [ 526.019414][T12160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 526.019428][T12160] R13: 00007fb06e3e6038 R14: 00007fb06e3e5fa0 R15: 00007ffdce0c51f8 [ 526.019464][T12160] [ 527.673820][T12206] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 527.699436][T12206] CPU: 0 UID: 0 PID: 12206 Comm: syz.1.1255 Not tainted syzkaller #0 PREEMPT(full) [ 527.699482][T12206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 527.699498][T12206] Call Trace: [ 527.699507][T12206] [ 527.699517][T12206] dump_stack_lvl+0x16c/0x1f0 [ 527.699555][T12206] sysfs_warn_dup+0x7f/0xa0 [ 527.699587][T12206] sysfs_do_create_link_sd+0x124/0x140 [ 527.699621][T12206] sysfs_create_link+0x61/0xc0 [ 527.699655][T12206] device_add+0x62c/0x1aa0 [ 527.699683][T12206] ? __pfx_device_add+0x10/0x10 [ 527.699705][T12206] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 527.699748][T12206] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 527.699787][T12206] wiphy_register+0x1eb0/0x2b20 [ 527.699821][T12206] ? netdev_run_todo+0x864/0x1320 [ 527.699860][T12206] ? __pfx_wiphy_register+0x10/0x10 [ 527.699919][T12206] ieee80211_register_hw+0x253d/0x4120 [ 527.699970][T12206] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 527.700006][T12206] ? __pfx___debug_object_init+0x10/0x10 [ 527.700044][T12206] ? find_held_lock+0x2b/0x80 [ 527.700072][T12206] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 527.700113][T12206] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 527.700146][T12206] ? __hrtimer_setup+0x176/0x280 [ 527.700186][T12206] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 527.700237][T12206] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 527.700267][T12206] ? __asan_memcpy+0x3c/0x60 [ 527.700298][T12206] hwsim_new_radio_nl+0xba2/0x1330 [ 527.700330][T12206] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 527.700369][T12206] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 527.700403][T12206] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 527.700444][T12206] genl_family_rcv_msg_doit+0x209/0x2f0 [ 527.700487][T12206] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 527.700534][T12206] ? bpf_lsm_capable+0x9/0x10 [ 527.700566][T12206] ? security_capable+0x7e/0x260 [ 527.700601][T12206] ? ns_capable+0xd7/0x110 [ 527.700632][T12206] genl_rcv_msg+0x55c/0x800 [ 527.700666][T12206] ? __pfx_genl_rcv_msg+0x10/0x10 [ 527.700698][T12206] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 527.700734][T12206] netlink_rcv_skb+0x158/0x420 [ 527.700762][T12206] ? __pfx_genl_rcv_msg+0x10/0x10 [ 527.700793][T12206] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 527.700838][T12206] ? netlink_deliver_tap+0x1ae/0xd30 [ 527.700870][T12206] genl_rcv+0x28/0x40 [ 527.700897][T12206] netlink_unicast+0x5aa/0x870 [ 527.700931][T12206] ? __pfx_netlink_unicast+0x10/0x10 [ 527.700956][T12206] ? __pfx___might_resched+0x10/0x10 [ 527.700997][T12206] netlink_sendmsg+0x8c8/0xdd0 [ 527.701029][T12206] ? __pfx_netlink_sendmsg+0x10/0x10 [ 527.701059][T12206] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 527.701099][T12206] ____sys_sendmsg+0xa98/0xc70 [ 527.701130][T12206] ? copy_msghdr_from_user+0x10a/0x160 [ 527.701153][T12206] ? __pfx_____sys_sendmsg+0x10/0x10 [ 527.701192][T12206] ? __pfx_futex_wake_mark+0x10/0x10 [ 527.701233][T12206] ___sys_sendmsg+0x134/0x1d0 [ 527.701260][T12206] ? __pfx____sys_sendmsg+0x10/0x10 [ 527.701284][T12206] ? futex_private_hash_put+0xd5/0x190 [ 527.701346][T12206] ? do_futex+0x122/0x350 [ 527.701384][T12206] __sys_sendmsg+0x16d/0x220 [ 527.701409][T12206] ? __pfx___sys_sendmsg+0x10/0x10 [ 527.701432][T12206] ? __x64_sys_futex+0x1e0/0x4c0 [ 527.701497][T12206] do_syscall_64+0xcd/0xfa0 [ 527.701534][T12206] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 527.701558][T12206] RIP: 0033:0x7fb06e18f749 [ 527.701581][T12206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 527.701607][T12206] RSP: 002b:00007fb06f024038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 527.701633][T12206] RAX: ffffffffffffffda RBX: 00007fb06e3e6090 RCX: 00007fb06e18f749 [ 527.701649][T12206] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000000 [ 527.701664][T12206] RBP: 00007fb06e213f91 R08: 0000000000000000 R09: 0000000000000000 [ 527.701679][T12206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 527.701694][T12206] R13: 00007fb06e3e6128 R14: 00007fb06e3e6090 R15: 00007ffdce0c51f8 [ 527.701730][T12206] [ 528.236722][T12210] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1258'. [ 528.640935][T12234] Debayer B: ================= START STATUS ================= [ 528.688627][T12234] Debayer B: Debayer Mean Window Size: 3 [ 528.708885][T12234] Debayer B: ================== END STATUS ================== [ 528.778827][ T30] audit: type=1800 audit(4294985692.383:3): pid=12239 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1270" name="dummy_udc" dev="gadgetfs" ino=7385 res=0 errno=0 [ 528.996766][T12247] FAULT_INJECTION: forcing a failure. [ 528.996766][T12247] name failslab, interval 1, probability 0, space 0, times 0 [ 529.062264][T12247] CPU: 0 UID: 0 PID: 12247 Comm: syz.1.1274 Not tainted syzkaller #0 PREEMPT(full) [ 529.062298][T12247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 529.062313][T12247] Call Trace: [ 529.062320][T12247] [ 529.062330][T12247] dump_stack_lvl+0x16c/0x1f0 [ 529.062367][T12247] should_fail_ex+0x512/0x640 [ 529.062401][T12247] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 529.062430][T12247] should_failslab+0xc2/0x120 [ 529.062462][T12247] kmem_cache_alloc_noprof+0x75/0x6e0 [ 529.062488][T12247] ? __pmd_alloc+0xbf/0x8b0 [ 529.062526][T12247] ? __pmd_alloc+0xbf/0x8b0 [ 529.062554][T12247] __pmd_alloc+0xbf/0x8b0 [ 529.062590][T12247] ? find_held_lock+0x2b/0x80 [ 529.062630][T12247] __handle_mm_fault+0xada/0x2aa0 [ 529.062677][T12247] ? __pfx___handle_mm_fault+0x10/0x10 [ 529.062745][T12247] handle_mm_fault+0x589/0xd10 [ 529.062789][T12247] __get_user_pages+0x54e/0x3530 [ 529.062838][T12247] ? __pfx___get_user_pages+0x10/0x10 [ 529.062882][T12247] populate_vma_page_range+0x267/0x3f0 [ 529.062918][T12247] ? __pfx_populate_vma_page_range+0x10/0x10 [ 529.062951][T12247] ? __pfx_find_vma_intersection+0x10/0x10 [ 529.062984][T12247] ? do_mmap+0x69c/0x1210 [ 529.063018][T12247] __mm_populate+0x1d8/0x380 [ 529.063053][T12247] ? __pfx___mm_populate+0x10/0x10 [ 529.063090][T12247] ? up_write+0x1b2/0x520 [ 529.063128][T12247] vm_mmap_pgoff+0x37f/0x470 [ 529.063164][T12247] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 529.063199][T12247] ? __fget_files+0x20e/0x3c0 [ 529.063235][T12247] ksys_mmap_pgoff+0x7d/0x5c0 [ 529.063265][T12247] ? __pfx_ksys_write+0x10/0x10 [ 529.063297][T12247] __x64_sys_mmap+0x125/0x190 [ 529.063337][T12247] do_syscall_64+0xcd/0xfa0 [ 529.063370][T12247] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 529.063394][T12247] RIP: 0033:0x7fb06e18f749 [ 529.063414][T12247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 529.063437][T12247] RSP: 002b:00007fb06f045038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 529.063461][T12247] RAX: ffffffffffffffda RBX: 00007fb06e3e5fa0 RCX: 00007fb06e18f749 [ 529.063478][T12247] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 529.063492][T12247] RBP: 00007fb06f045090 R08: 0000000000000002 R09: 0000000000008000 [ 529.063507][T12247] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000001 [ 529.063522][T12247] R13: 00007fb06e3e6038 R14: 00007fb06e3e5fa0 R15: 00007ffdce0c51f8 [ 529.063559][T12247] [ 529.381132][T12248] kernel tried to execute NX-protected page - exploit attempt? (uid: 0) [ 529.389498][T12248] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 529.397320][T12248] #PF: supervisor instruction fetch in kernel mode [ 529.403829][T12248] #PF: error_code(0x0011) - permissions violation [ 529.410255][T12248] PGD 800000007608b067 P4D 800000007608b067 PUD 765c1067 PMD 800000007d4008e7 [ 529.419244][T12248] Oops: Oops: 0011 [#1] SMP KASAN PTI [ 529.424646][T12248] CPU: 1 UID: 0 PID: 12248 Comm: syz.0.1273 Not tainted syzkaller #0 PREEMPT(full) [ 529.434027][T12248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 529.444091][T12248] RIP: 0010:0x0 [ 529.447558][T12248] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 529.454917][T12248] RSP: 0018:ffffc9000b1279a0 EFLAGS: 00010293 [ 529.460985][T12248] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff81f3b27e [ 529.469048][T12248] RDX: ffff88802e6c9e40 RSI: ffffea0001454c40 RDI: ffff88807cfad6c0 [ 529.477013][T12248] RBP: ffffea0001454c40 R08: 0000000000000007 R09: 0000000000000000 [ 529.484977][T12248] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff92001624f35 [ 529.492942][T12248] R13: ffff88807cfad6c0 R14: 0000000000000000 R15: dffffc0000000000 [ 529.500910][T12248] FS: 00007f30ef0176c0(0000) GS:ffff888124b0d000(0000) knlGS:0000000000000000 [ 529.509861][T12248] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 529.516448][T12248] CR2: ffffffffffffffd6 CR3: 0000000029890000 CR4: 00000000003526f0 [ 529.524413][T12248] Call Trace: [ 529.527770][T12248] [ 529.530691][T12248] filemap_read_folio+0xc8/0x2a0 [ 529.535630][T12248] ? __pfx_filemap_read_folio+0x10/0x10 [ 529.541343][T12248] ? __filemap_get_folio+0x32b/0xc30 [ 529.546635][T12248] ? down_read+0x13d/0x480 [ 529.551104][T12248] do_read_cache_folio+0x263/0x5c0 [ 529.556218][T12248] freader_get_folio+0x337/0x930 [ 529.561157][T12248] freader_fetch+0xc2/0x5e0 [ 529.565659][T12248] ? query_matching_vma+0x345/0x7d0 [ 529.570860][T12248] __build_id_parse.isra.0+0xec/0x7a0 [ 529.576229][T12248] ? query_matching_vma+0x48e/0x7d0 [ 529.581440][T12248] ? __pfx___build_id_parse.isra.0+0x10/0x10 [ 529.587426][T12248] do_procmap_query+0xb0e/0x1080 [ 529.592373][T12248] ? __pfx_do_procmap_query+0x10/0x10 [ 529.597745][T12248] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 529.603736][T12248] ? do_vfs_ioctl+0x128/0x14f0 [ 529.608516][T12248] ? __fget_files+0x20e/0x3c0 [ 529.613191][T12248] procfs_procmap_ioctl+0x9d/0xe0 [ 529.618215][T12248] ? __pfx_procfs_procmap_ioctl+0x10/0x10 [ 529.623938][T12248] __x64_sys_ioctl+0x18e/0x210 [ 529.628709][T12248] do_syscall_64+0xcd/0xfa0 [ 529.633221][T12248] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 529.639164][T12248] RIP: 0033:0x7f30ee18f749 [ 529.643586][T12248] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 529.663190][T12248] RSP: 002b:00007f30ef017038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 529.671651][T12248] RAX: ffffffffffffffda RBX: 00007f30ee3e5fa0 RCX: 00007f30ee18f749 [ 529.679617][T12248] RDX: 0000200000000080 RSI: 00000000c0686611 RDI: 0000000000000002 [ 529.687590][T12248] RBP: 00007f30ee213f91 R08: 0000000000000000 R09: 0000000000000000 [ 529.695577][T12248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 529.703740][T12248] R13: 00007f30ee3e6038 R14: 00007f30ee3e5fa0 R15: 00007ffed6cfe378 [ 529.711737][T12248] [ 529.714756][T12248] Modules linked in: [ 529.718832][T12248] CR2: 0000000000000000 [ 529.722985][T12248] ---[ end trace 0000000000000000 ]--- [ 529.728429][T12248] RIP: 0010:0x0 [ 529.731888][T12248] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 529.739241][T12248] RSP: 0018:ffffc9000b1279a0 EFLAGS: 00010293 [ 529.745328][T12248] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff81f3b27e [ 529.753336][T12248] RDX: ffff88802e6c9e40 RSI: ffffea0001454c40 RDI: ffff88807cfad6c0 [ 529.761321][T12248] RBP: ffffea0001454c40 R08: 0000000000000007 R09: 0000000000000000 [ 529.769332][T12248] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff92001624f35 [ 529.777323][T12248] R13: ffff88807cfad6c0 R14: 0000000000000000 R15: dffffc0000000000 [ 529.785325][T12248] FS: 00007f30ef0176c0(0000) GS:ffff888124b0d000(0000) knlGS:0000000000000000 [ 529.794292][T12248] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 529.800879][T12248] CR2: ffffffffffffffd6 CR3: 0000000029890000 CR4: 00000000003526f0 [ 529.808854][T12248] Kernel panic - not syncing: Fatal exception [ 529.815044][T12248] Kernel Offset: disabled [ 529.819354][T12248] Rebooting in 86400 seconds..