AAKBbONXnBdO2rfI+QUza9zl4EO7Qmf0Z/m2W/78MnZvpPoF/8aamqHcwgPG0DUJykKzh+mz0sFf3Hxvt1Ucmgvq2nHn3/ufRnfDacrTNTDsW9B3fXyAAAAAAx2Wr6PePXA92QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdKHj+DixoOcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnBR/AgAA//9vPQ3+") close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x275a, 0x0) ioctl$FITRIM(r0, 0xc0185879, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_START_REQ(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xaaa0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40040c0}, 0x8080) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="31060000000000000000090000000500070500000065e0d5ec02b35caf76"], 0x24}}, 0x0) [ 654.805829][T24836] netlink: 'syz-executor.0': attribute type 11 has an invalid length. 13:17:20 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) [ 654.815102][T24838] loop2: detected capacity change from 0 to 128 13:17:20 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 654.824556][T24840] __nla_validate_parse: 52 callbacks suppressed [ 654.824566][T24840] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'. [ 654.829533][T24838] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 654.838469][T24842] netlink: 'syz-executor.0': attribute type 11 has an invalid length. 13:17:20 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:20 executing program 2: syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYRES64=0x0, @ANYRES16=0x0, @ANYRES8=0x0, @ANYRES8, @ANYRES32, @ANYRES32], 0x1, 0x2cd, &(0x7f00000004c0)="$eJzs3L9PE2EYwPGHUkpbAu1gNJoYnuiiywWqs7ExkBibSJAafyQmB1y16dmSXoOpMaKTq/GPcCCMbCTKP8DipouLG4uJgwzGml7vgEKhBiiH9vtJyD137/vcvS8c5HkvXNfvvX1ayDlGzqxIKKrSIyKyIZKUkPh6vG3IjSOy3Su5PPDj8/k79x/cSmcyY5Oq4+mpKylVHRr+8OxFzOu20i9ryUfr31Pf1k6vnV3/PfUk72je0WKpoqZOl75WzGnb0tm8UzBUJ2zLdCzNFx2r3GgvNdpzdmlurqpmcXYwPle2HEfNYlULVlUrJa2Uq2o+NvNFNQxDB+OCdrKLk5Nm+oDJM0c8GHRIuZw2e0UktqsluxjIgAAAQKB21v+hekl/dPX/0oXVysDd5SGv/l+JtKr/r35pnKup/o+KSMfr/90VUXc5VP2Pk2E4sutQT9Nevf6Pe7+/rtcPl0bcgPofAAAAAAAAAAAAAAAAAAAAAIB/wUatlqjVagl/63/1i0hURPz9oMeJzuDn3922XtwLD4nYb+az89nG1uuwKiK2WDIiCfnl3g+eeuy/eaR1SfloL3j5C/PZXrclnZO8mz8qCUnuzK/Vxm9mxka1oTm/T+Lb81OSkFOt81Mt8yNy6eK2fEMS8mlGSmLLrHtfb+W/HFW9cTuzIz/m9gMAAAAA4H9g6KaW63fD2Ku9kb+5vm75fKCxvh5puT4Py7lwsHMHAAAAAKBbONXnBdO2rfI+QUza9zl4EO7Qmf0Z/m2W/78MnZvpPoF/8aamqHcwgPG0DUJykKzh+mz0sFf3Hxvt1Ucmgvq2nHn3/ufRnfDacrTNTDsW9B3fXyAAAAAAx2Wr6PePXA92QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdKHj+DixoOcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnBR/AgAA//9vPQ3+") close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x275a, 0x0) ioctl$FITRIM(r0, 0xc0185879, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_START_REQ(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xaaa0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40040c0}, 0x8080) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="31060000000000000000090000000500070500000065e0d5ec02b35caf76"], 0x24}}, 0x0) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYRES64=0x0, @ANYRES16=0x0, @ANYRES8=0x0, @ANYRES8, @ANYRES32, @ANYRES32], 0x1, 0x2cd, &(0x7f00000004c0)="$eJzs3L9PE2EYwPGHUkpbAu1gNJoYnuiiywWqs7ExkBibSJAafyQmB1y16dmSXoOpMaKTq/GPcCCMbCTKP8DipouLG4uJgwzGml7vgEKhBiiH9vtJyD137/vcvS8c5HkvXNfvvX1ayDlGzqxIKKrSIyKyIZKUkPh6vG3IjSOy3Su5PPDj8/k79x/cSmcyY5Oq4+mpKylVHRr+8OxFzOu20i9ryUfr31Pf1k6vnV3/PfUk72je0WKpoqZOl75WzGnb0tm8UzBUJ2zLdCzNFx2r3GgvNdpzdmlurqpmcXYwPle2HEfNYlULVlUrJa2Uq2o+NvNFNQxDB+OCdrKLk5Nm+oDJM0c8GHRIuZw2e0UktqsluxjIgAAAQKB21v+hekl/dPX/0oXVysDd5SGv/l+JtKr/r35pnKup/o+KSMfr/90VUXc5VP2Pk2E4sutQT9Nevf6Pe7+/rtcPl0bcgPofAAAAAAAAAAAAAAAAAAAAAIB/wUatlqjVagl/63/1i0hURPz9oMeJzuDn3922XtwLD4nYb+az89nG1uuwKiK2WDIiCfnl3g+eeuy/eaR1SfloL3j5C/PZXrclnZO8mz8qCUnuzK/Vxm9mxka1oTm/T+Lb81OSkFOt81Mt8yNy6eK2fEMS8mlGSmLLrHtfb+W/HFW9cTuzIz/m9gMAAAAA4H9g6KaW63fD2Ku9kb+5vm75fKCxvh5puT4Py7lwsHMHAAAAAKBbONXnBdO2rfI+QUza9zl4EO7Qmf0Z/m2W/78MnZvpPoF/8aamqHcwgPG0DUJykKzh+mz0sFf3Hxvt1Ucmgvq2nHn3/ufRnfDacrTNTDsW9B3fXyAAAAAAx2Wr6PePXA92QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdKHj+DixoOcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnBR/AgAA//9vPQ3+") (async) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x275a, 0x0) (async) ioctl$FITRIM(r0, 0xc0185879, 0x0) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$IEEE802154_START_REQ(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xaaa0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40040c0}, 0x8080) (async) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="31060000000000000000090000000500070500000065e0d5ec02b35caf76"], 0x24}}, 0x0) (async) [ 654.861129][T24844] loop2: detected capacity change from 0 to 128 [ 654.866334][T24846] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'. [ 654.869403][T24844] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. 13:17:20 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) [ 654.877455][T24844] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. 13:17:20 executing program 2: syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYRES64=0x0, @ANYRES16=0x0, @ANYRES8=0x0, @ANYRES8, @ANYRES32, @ANYRES32], 0x1, 0x2cd, &(0x7f00000004c0)="$eJzs3L9PE2EYwPGHUkpbAu1gNJoYnuiiywWqs7ExkBibSJAafyQmB1y16dmSXoOpMaKTq/GPcCCMbCTKP8DipouLG4uJgwzGml7vgEKhBiiH9vtJyD137/vcvS8c5HkvXNfvvX1ayDlGzqxIKKrSIyKyIZKUkPh6vG3IjSOy3Su5PPDj8/k79x/cSmcyY5Oq4+mpKylVHRr+8OxFzOu20i9ryUfr31Pf1k6vnV3/PfUk72je0WKpoqZOl75WzGnb0tm8UzBUJ2zLdCzNFx2r3GgvNdpzdmlurqpmcXYwPle2HEfNYlULVlUrJa2Uq2o+NvNFNQxDB+OCdrKLk5Nm+oDJM0c8GHRIuZw2e0UktqsluxjIgAAAQKB21v+hekl/dPX/0oXVysDd5SGv/l+JtKr/r35pnKup/o+KSMfr/90VUXc5VP2Pk2E4sutQT9Nevf6Pe7+/rtcPl0bcgPofAAAAAAAAAAAAAAAAAAAAAIB/wUatlqjVagl/63/1i0hURPz9oMeJzuDn3922XtwLD4nYb+az89nG1uuwKiK2WDIiCfnl3g+eeuy/eaR1SfloL3j5C/PZXrclnZO8mz8qCUnuzK/Vxm9mxka1oTm/T+Lb81OSkFOt81Mt8yNy6eK2fEMS8mlGSmLLrHtfb+W/HFW9cTuzIz/m9gMAAAAA4H9g6KaW63fD2Ku9kb+5vm75fKCxvh5puT4Py7lwsHMHAAAAAKBbONXnBdO2rfI+QUza9zl4EO7Qmf0Z/m2W/78MnZvpPoF/8aamqHcwgPG0DUJykKzh+mz0sFf3Hxvt1Ucmgvq2nHn3/ufRnfDacrTNTDsW9B3fXyAAAAAAx2Wr6PePXA92QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdKHj+DixoOcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnBR/AgAA//9vPQ3+") close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x275a, 0x0) ioctl$FITRIM(r0, 0xc0185879, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_START_REQ(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xaaa0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40040c0}, 0x8080) (async) sendmsg$IEEE802154_START_REQ(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xaaa0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40040c0}, 0x8080) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="31060000000000000000090000000500070500000065e0d5ec02b35caf76"], 0x24}}, 0x0) [ 654.895076][T24851] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'. 13:17:20 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) [ 654.913081][T24853] loop2: detected capacity change from 0 to 128 13:17:20 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r2 = syz_genetlink_get_family_id$nfc(&(0x7f00000000c0), r0) r3 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r3, 0x114, 0x8, &(0x7f00000000c0), 0x4) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4) sendmsg$NFC_CMD_DEV_DOWN(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)={0x1c, r6, 0xfc342d15a1b00095, 0x0, 0x0, {0x5}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}}, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=0x0) r8 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r8, 0x0, &(0x7f00000000c0)=0x0) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r10) sendmsg$NFC_CMD_DEV_UP(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r11, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r10, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r11, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r13 = syz_genetlink_get_family_id$nfc(&(0x7f0000000580), r4) sendmsg$NFC_CMD_LLC_SET_PARAMS(r12, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x24, r13, 0x5, 0x70bd2c, 0x25dfdbfd, {}, [@NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x371}, @NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x7f8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x40) sendmsg$NFC_CMD_ACTIVATE_TARGET(r10, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r11, 0x1, 0x23, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) r14 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r15 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r14, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r15, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) sendmsg$NLBL_MGMT_C_LISTALL(r14, &(0x7f0000000500)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0x90, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @ipv4={'\x00', '\xff\xff', @private=0xa010102}}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x23}}, @NLBL_MGMT_A_DOMAIN={0x5, 0x1, '\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @empty}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @empty}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_DOMAIN={0x5, 0x1, '\x00'}, @NLBL_MGMT_A_DOMAIN={0xd, 0x1, 'nl802154\x00'}, @NLBL_MGMT_A_CLPDOI={0x8}]}, 0x90}, 0x1, 0x0, 0x0, 0x4044800}, 0x20000000) sendmsg$NFC_CMD_FW_DOWNLOAD(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r6, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@NFC_ATTR_FIRMWARE_NAME={0xfffffffffffffff7, 0x14, 'nfc\x00'}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_FIRMWARE_NAME={0x5, 0x14, '('}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_FIRMWARE_NAME={0xd, 0x14, 'nl802154\x00'}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x44054}, 0x8040) setsockopt$RDS_FREE_MR(r3, 0x114, 0x3, &(0x7f0000000040), 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYRESOCT=r3, @ANYRES16=r1, @ANYRES16=r2], 0x2c}}, 0x200448c4) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000840)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000740)={&(0x7f00000006c0)={0x60, 0x0, 0xa1d218199a573e16, 0x70bd2b, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth1_to_hsr\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @ipv4={'\x00', '\xff\xff', @local}}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @empty}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private1}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}]}, 0x60}}, 0x20000000) [ 654.922727][T24856] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'. [ 654.924560][T24853] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. 13:17:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:20 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:20 executing program 2: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 654.950863][T24863] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 654.961135][T24865] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'. 13:17:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 654.971955][T24867] netlink: 'syz-executor.2': attribute type 11 has an invalid length. 13:17:20 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) r2 = syz_genetlink_get_family_id$nfc(&(0x7f00000000c0), r0) (async) r3 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r3, 0x114, 0x8, &(0x7f00000000c0), 0x4) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4) sendmsg$NFC_CMD_DEV_DOWN(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)={0x1c, r6, 0xfc342d15a1b00095, 0x0, 0x0, {0x5}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}}, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=0x0) (async) r8 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r8, 0x0, &(0x7f00000000c0)=0x0) (async) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r10) sendmsg$NFC_CMD_DEV_UP(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r11, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r10, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r11, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) (async) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r13 = syz_genetlink_get_family_id$nfc(&(0x7f0000000580), r4) sendmsg$NFC_CMD_LLC_SET_PARAMS(r12, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x24, r13, 0x5, 0x70bd2c, 0x25dfdbfd, {}, [@NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x371}, @NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x7f8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x40) sendmsg$NFC_CMD_ACTIVATE_TARGET(r10, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r11, 0x1, 0x23, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) r14 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r15 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r14, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r15, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) (async) sendmsg$NLBL_MGMT_C_LISTALL(r14, &(0x7f0000000500)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0x90, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @ipv4={'\x00', '\xff\xff', @private=0xa010102}}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x23}}, @NLBL_MGMT_A_DOMAIN={0x5, 0x1, '\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @empty}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @empty}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_DOMAIN={0x5, 0x1, '\x00'}, @NLBL_MGMT_A_DOMAIN={0xd, 0x1, 'nl802154\x00'}, @NLBL_MGMT_A_CLPDOI={0x8}]}, 0x90}, 0x1, 0x0, 0x0, 0x4044800}, 0x20000000) (async) sendmsg$NFC_CMD_FW_DOWNLOAD(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r6, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@NFC_ATTR_FIRMWARE_NAME={0xfffffffffffffff7, 0x14, 'nfc\x00'}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_FIRMWARE_NAME={0x5, 0x14, '('}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_FIRMWARE_NAME={0xd, 0x14, 'nl802154\x00'}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x44054}, 0x8040) setsockopt$RDS_FREE_MR(r3, 0x114, 0x3, &(0x7f0000000040), 0x10) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYRESOCT=r3, @ANYRES16=r1, @ANYRES16=r2], 0x2c}}, 0x200448c4) (async) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000840)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000740)={&(0x7f00000006c0)={0x60, 0x0, 0xa1d218199a573e16, 0x70bd2b, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth1_to_hsr\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @ipv4={'\x00', '\xff\xff', @local}}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @empty}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private1}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}]}, 0x60}}, 0x20000000) 13:17:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:20 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:20 executing program 2: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 655.015233][T24877] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'. [ 655.027923][T24880] netlink: 'syz-executor.2': attribute type 11 has an invalid length. 13:17:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:20 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:20 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r2 = syz_genetlink_get_family_id$nfc(&(0x7f00000000c0), r0) r3 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r3, 0x114, 0x8, &(0x7f00000000c0), 0x4) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4) sendmsg$NFC_CMD_DEV_DOWN(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)={0x1c, r6, 0xfc342d15a1b00095, 0x0, 0x0, {0x5}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}}, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) (async) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=0x0) openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (async) r8 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r8, 0x0, &(0x7f00000000c0)=0x0) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r10) sendmsg$NFC_CMD_DEV_UP(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r11, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r10, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r11, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000580), r4) (async) r13 = syz_genetlink_get_family_id$nfc(&(0x7f0000000580), r4) sendmsg$NFC_CMD_LLC_SET_PARAMS(r12, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x24, r13, 0x5, 0x70bd2c, 0x25dfdbfd, {}, [@NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x371}, @NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x7f8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x40) (async) sendmsg$NFC_CMD_LLC_SET_PARAMS(r12, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x24, r13, 0x5, 0x70bd2c, 0x25dfdbfd, {}, [@NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x371}, @NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x7f8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x40) sendmsg$NFC_CMD_ACTIVATE_TARGET(r10, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r11, 0x1, 0x23, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) r14 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r15 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r14, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r15, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) (async) sendmsg$NL802154_CMD_SET_CCA_MODE(r14, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r15, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) sendmsg$NLBL_MGMT_C_LISTALL(r14, &(0x7f0000000500)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0x90, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @ipv4={'\x00', '\xff\xff', @private=0xa010102}}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x23}}, @NLBL_MGMT_A_DOMAIN={0x5, 0x1, '\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @empty}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @empty}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_DOMAIN={0x5, 0x1, '\x00'}, @NLBL_MGMT_A_DOMAIN={0xd, 0x1, 'nl802154\x00'}, @NLBL_MGMT_A_CLPDOI={0x8}]}, 0x90}, 0x1, 0x0, 0x0, 0x4044800}, 0x20000000) sendmsg$NFC_CMD_FW_DOWNLOAD(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r6, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@NFC_ATTR_FIRMWARE_NAME={0xfffffffffffffff7, 0x14, 'nfc\x00'}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_FIRMWARE_NAME={0x5, 0x14, '('}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_FIRMWARE_NAME={0xd, 0x14, 'nl802154\x00'}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x44054}, 0x8040) (async) sendmsg$NFC_CMD_FW_DOWNLOAD(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r6, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@NFC_ATTR_FIRMWARE_NAME={0xfffffffffffffff7, 0x14, 'nfc\x00'}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_FIRMWARE_NAME={0x5, 0x14, '('}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_FIRMWARE_NAME={0xd, 0x14, 'nl802154\x00'}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x44054}, 0x8040) setsockopt$RDS_FREE_MR(r3, 0x114, 0x3, &(0x7f0000000040), 0x10) (async) setsockopt$RDS_FREE_MR(r3, 0x114, 0x3, &(0x7f0000000040), 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYRESOCT=r3, @ANYRES16=r1, @ANYRES16=r2], 0x2c}}, 0x200448c4) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000840)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000740)={&(0x7f00000006c0)={0x60, 0x0, 0xa1d218199a573e16, 0x70bd2b, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth1_to_hsr\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @ipv4={'\x00', '\xff\xff', @local}}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @empty}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private1}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}]}, 0x60}}, 0x20000000) 13:17:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:20 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_KEY(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x800, 0x70bd29, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000800) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r4, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r6, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r3, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r6, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@NL802154_ATTR_SEC_LEVEL={0x1c, 0x2b, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x3}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5, 0x4, 0x1}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5, 0x4, 0x1}]}, @NL802154_ATTR_SEC_LEVEL={0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0xc0}, 0x800) sendmsg$NFNL_MSG_ACCT_NEW(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)={0xac, 0x0, 0x7, 0x5, 0x0, 0x0, {0x1, 0x0, 0xa}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}, @NFACCT_FLAGS={0x8}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x7}, @NFACCT_FILTER={0x24, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x800}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x7}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x9}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x2}]}, @NFACCT_FILTER={0x24, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x2}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x6}, @NFACCT_FILTER_VALUE={0x8}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x2}]}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x6}, @NFACCT_FILTER={0x24, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x1}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0xc9eb}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x2}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}]}]}, 0xac}, 0x1, 0x0, 0x0, 0x1}, 0x4002) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r2) [ 655.067967][T24900] netlink: 'syz-executor.0': attribute type 11 has an invalid length. 13:17:20 executing program 3: setsockopt$inet_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000000)=@ccm_128={{0x304}, "134358aad74396f0", "880555b279a511bed354b9e4609cee01", "149780b5", "bb251dc34c2f6a21"}, 0x28) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000300)="a3c0f4c00e1c1616106393798c01572a2980a7d7a4e4ecc215de73ca5d9ffc76c9ecce17344197fea79625c214c9f4857c59fdbfcb0c6d3471c9cb7cb9ed6e2099ea9258af83c2d33748f2c9b7372177be621da9bee49121d585b2bf9d7d50c0d3a868925d6595afcf4aa2cfec75a5c6107f117a89725931e494ee5021802825b16143094c732dec42d19d4bde3ed8c61b25dc4b565446c90f4caf8a19773a4a67d983853f162794de73c8acc60f309658d05ffb67ec9be52585526b98be035e5b4a91b9d420cfba9091ced2f9555d64129e43aa1a82f00666b21d0ccf4175d8572bfc721818bda79cd75fcfe332fa6601978856f48469ba4b1c300d194faf61445b3ca571076055ffb549c7072e631ee9c083f9b78c4b5797039469c6dcb1262107bb12a26b6182f5949dcecb628c31eff31537834975932456524884c1f4deea0d0667156e8f324bc44180204b92b0fe1b39dad9668b2091fcb0b4ba91e63e1464aa4d6c758fc30747c3a32688304dbb60f27224ca9c11639299ae4aafa67ded92796c05153dde32606baf43179e53c336ee5d496733bbc488c305ec341482f10f065701169b15533d7e4a64f27d6308b252264283f627440257634f73551c57e4ce6b8de1da0acddf76ccaa77a12719162965a5c79d5b003e0158944b7523252e2dbc680f0261a6ffacdd51d5b6fc6d7fa42ffe2c4975a3d03e3d1264b37981ffb8c0ac1bcff1664631ddfa1fc0d339ce8abda7028097aeb352948e2ef80d69fd03dba48fcfe1477445c6f2cb31649fc61879e5f62445e291829fe80863a1c86fa85f4d8f059bb0e7a282b2a58e04f6477d6af888f5dbb47244c2912b293670f3dc47f7f07d9b8425753db511bc10bebc3b4e325937a5a27b12204322fffa398a7827b3bbc844a88855ae773e3423d6eb524478734aaea8fedc259db238373d558e9ee00c3a6a04b7527a3d0dacd2e50eb8c53c9238719b06fd1cc7b5b2500c7044af8bd832c672e7d143d8f43a669b685f58dee712be9ebb2f984cd39c53895d1f75d9d3b4df2c9d8adf976d12914802798310afd911ad5689c5548b201ed6f005e34626c027e86b7c054c42fb0c4ae0fa20ad4800f476b8b1ca9bfd7d1c1dcb875edd77bc10287c864be9ec920babaca71d5d959536946481140868a3888f9c393092a39ec11c426166d1e26e653850c69de3b64a50b7e1f4bbd16107d35f33ecef7158def591fd394bf0f44912f6f3ed94d34247149f188e3b196738dd1879cfdeba93dc2d3a4049dd82d053eeed4fc1fb71284fed9afbd0d96f6c1d1f31dc5267b308a59672e97efc712f623753763068046b2dcc67b56b0c0c234cc1378f5c253acb563fb85ea923a5f8026eb1ffe3687928ea95590c961cf27f7228f815d4656e1bc5451e0a6a73afeb26608977ba68dc0c8f7867efa37713acef03a04f597a9aacc42c4e2ca0eeb8d2ef28d0281748663c4d052940cfcc79a25f52f1194c88018752ced4ed855c423d24973246302d267bd2bc4f29d41b975f10b739d8680f2c60f73c364142d2e9bf64110833cc385ddc1842925b7f73cb845cf064f01172b9b2a8b096e9beeedb913541a2eaf094f1f2f08ca8e392c779e801b20ff9cf9123a3248f89e4df81074bcbd8a430f3b4d4ded9bfbebcdf31e6e6711c5e96ae0f8a76c300d43d7d837ffe711366ae474bf0a9e35a08b7ab10289a65d32b30be27588107b1f1dcf2201ec8340a7e73de8f7f7271f9bbcb7fec46a4f23cf829269724426c921daeba0e5a27a248134a5a4dd8b9ca6e43fb300825e82364b617159a741777932fb96ae084c07fd5125914950dd21d60324c4967a46a23fb9914d7a3209803c0edfb83a7c0b408fbba50712b6f1345f1890485d22fde90adf451bc0900da5afe5ada086c88aaf158b9b35b79be0671a492c007965e0add3a020d16125e1e0401ae0e61ccb6c691a6d15f10bebabaa71e6948b45aec59ad520c2948ce0bae0218082e2f7bb40cf4ac5fb7172c27b9dab9f40af9e8eaabd35a74dd61865873a0f5012023b014554ba96c243491c6d4c67be1c8f94ee587d2d047539eb9a4ce9e755841039c0471ad5cc719c59269a096a7ca80180c8856a54c844d5198235b9fab3904a802bc9a93e08bba2498c0732f068ded88297a7746d32566b20e557d503d57c2f8a237881f77dbe6801a06a1e3de489bc67604d181b6646f7e4e616412d6bedc6fef60a6d8d4fb7d7c50cb0a2d5ccc8318762632dc01118fb6e046355864fcf47735bd563f1a25afba99158f53c2eefd511c1878ae92a8132ef6268332c0d132afbf684e32ae6219557d4fac232e417ddada6e151882bf1de711450d887c0ceea5f69711f1e0993d566f49dd6b5242dd4ac7dbc4c42e85c8c7448d1ef611fa36dde3a74ebcdb8e4116be6371b532518193ee357145b09a7d97ed446f855d64a0b7d4e01ac874bb37e790ab945a4758ea097d850624bd5696aae8368d301f8baa021f57542e497d78022677fc1a5e6819368ee92db6f17739caaf0e847303440a710828eb8bad826cb1a2b838d858f503d2203c9d5b4ba8990dd89b0d53d5ba3bbce43e38db002a42fffdc1d25dcda13ec8b59453e3d1fd2114a093379d4b0b8691729dc97bef4c6bdc8e9a11a39c5f2dfc9d1de1baf5323b492fb08c22837c58ddd5dd974dc1ebbca83cc844e3650c1b9a53298b49ccc23abc7615526c102ac5249b8e7710d3d3314857258aff118091c0d4d528bfe63155465749a4dcc52c4b4ad271cd1d7ee1e041864afec388d101cd3ced8588bee9a45374dc67736341b24d49b5c617160faa3b51a7eb8deea619fba42e8e6dd59d0406f33eaead63768865be8979b283746dc3d2a21146242a8492ecca2baea327defe5a9a17f21c7e8cc94be334d72215abcb9184d5ff55cc3d59568ffabcd3002126557056ae309af89fd792eafa22646d2c767932b41d55d347443ae484604d7bdb2259607e97d14a41854f27336f8c21bad414c23e2b3993b00ceae39da155fe7a310cea4efb5e58cf34253d5995dbb2554fd1946b6b1e42cee1a75e4eb1306a0b0aa0da1ba2417b0bfafa025f44493f8b878143ae3893423b4bce6a78216389118f8c7deffc05f8c67e2b1442e495ecee5ce69c66cac27d67624a205fc69110d668097dbe95bb80c0368a2033ebd73f22a2200095b5e11b8dbc5ecd49d634f7bc805f2f679adc4b0f92b51f6e0612f4734fd1aa00ef41c04f41834da7374b3cb150f09822405b08683a3a86073de43d9d62cc504a449d117affbc29e4719fac990f00093364f683123970586e770be8b1d1eacb9e061aa47524ddb7a750b80f566204a95140c858f29f98692d01d84fa1521f74bee6b007d92ab30518aba957d1c85987c58236aa9cd8f87690200e07a1326ae44343fe31790bd28188012fe88bf15d246926a6da270d1a825e78f43068ccdcfda7bce10a319f4eddd45d665ee01ebf1e8ebabe25b5d8154a5ac48d3f18aba0301a4e290195e35fe509741fde1b9fe8091fe323a05344fa97e14b823a4c9facede2cbb056d4eac2d4ecf52594b538f48c11c07a06b71b336fa11c077d4ee10b5e40e82b9c20e5ba7405a05c594bbcf3ad6f2d3a8b93c10ea0cc89188dc2fc4eb321f441284555bfc345f0e138b27ac93fb48bf6eb5a2fc6d340f41bdbfe40fb8ef7d97df12740c7dd2e0c7c11dbf07f972f148f8063ff9d8f3b1cbd7be1f8744ace7cc55b44bdca470d55e0d7aa3c6a12903c737a52bd5f8a282e5774e8559e59dd92bf8f002bd2b5499141345d12891815dd3c9d080bf6cca4ed6f5b5f04231242bff9ed1e62f19ee3acf3cf53c22d5b957907228f81c7824d617f2033f4e0fd4ac84d6e329fbcb2ebb0c307712595ef2b79a7f836bb21b97ae526752eec3354743e26f282faa3484912b68e44ec79c7902446bb51ceed21193635b01c367ca3c5a402b6528586ab9005a6190cdb5ffa5a46e0f11a4bf9fd599a8c4bb532595a7832aaa2eedde26e665d99eff6cb790d48dd75025ed075f2af1d2f04dad27b5ff495a683a7b9fd0fa974ebd85c5d706328d4258d83dd6036e44100ef60ad9a808670d5dfc1e64d45c787596fcbd291968b2a852d957f44d184f2937e39778cb4562e4eed7a0ee644fcc8dbf084e85fd1bdd316d1c97184412d5479f30547dd271f2f82b1c2e5c29e1c5dfdc5be64ae75520a17ec8cb7cc1fa0bbfb95227336eb414580e04d4386df2df6b850e98c7ca6808072e9472a164dd2f9b7643adc09d83229aa2004083daabba9ceb1668b109d7a1a184dff9c7d02c13e421e5b21ea2184712e785b9facc17e809516cedc550a5d84cab78e67cfe0701e44bec4ad0b7949834876d57a3003717979a7ea9e3b783e9cd2fee6e875c3b9e998e68ea2b95bd8f93349ec21a462e8d4b1e43ccf5f8c1f6f9b5e9fda289f2cb1f139b968bcb14c537146723e5266d6409a4cab545b0aadc0fc68a0d08719cee0141b6b1a85b38acd53ca83554289c2662a45f903b6403f4d1aa81d40e2263818a3d931807657ab3bc43d12914eb24da96655e385de0d3cafafe5b15f75febadad9debd32ae7cf118655baa57fed9748093a6d18d85c728b4c0d39eacceaf0e856aa0a688e55938400f72151adf5fdf132d1476c3f41fb66fc7b32bfad4e2972a052db6899e525c730837aff03b60aeb50e96e0887c7f9a8b94bef92221f922fea1c80bafda9fd2abf2fc574b19bb913326b6e35a9d36f3f07b7e32f634abe898eea7931ef2b0b6648e54f98a31bfd66f78dcd2086a49801fb58417d942be991e85ce1bb87225312125ede32686b9a4d2cafe14186217f72c458c916c3bab01638b507e05afd33c5862ea45833eee7768cf0be7e428ce90ffcfb29af947f1a7f16a05177462abd5e6d1c2611b508b9b23f00037a2e39e2bd1c9481b73c732f44e98c6037e05647d118e71cbfea53d85144aa5b14fc93aa77646fadaee2883cc07ffcc1d5e42dcf576a23ae284f0ca77e976ef880559a32c4e12d9e49a5b0cb45906335b54eb144e39208999ee98f13f94efc49164fef05d746095ee7b0fdb1caa4a30091774bec51b6ce20180024fefda4e8a5587555a1f459539266d99ebb548986092ed33d0609e1180866fa0ef55b6495433a4bb6ccacfb28df1768df3fd198ed3febd2aeebaae981024c49bc13e2e3454aa70c3d0a9fbd9b454b307f6d7e9918fac2092ac9b40a31a06c26fad257a0a76eeba7eed6f0e5749d3bb46f7d80f4e5eada04001c8c448bcd33e5c30c658d6a6d47700821b7044709c8abb7d3c8c5da968f4532ff29d173c866dd99e738e9b441b5e88b2257a792f415218731d9a2fb5bf37025307fa40c94f1d78ebe9f74df8cfd49e8229101fc07ac4ab29e21bc3a76fff5d05dff18c246a324ca9b61aafeab83a6127c3fe1ed2e90eec53cc1873adf640e1f009c2d00aeced55845caf501cbe8ede9c7385ee0a8ed02f10d45a7bf4133ae18d9a2fb8aa5306cd78ffe35d0f24870cea3f28513d7a5b5238195be4ffded2f618e0d306617d2cd73ca80baf6f5c7b3dc57a4f6d913245bdbdbfdff73f038410967b9bf830006e6f982afea074e94957859d17bed5113b6e584513229e94e16a3551fe6350d4057a1d6750ec216718eac0207d49609516fcf54e4c27f25f479c31a4405e28972343604f078b72c2cb0b4b5c3729a9a8c219da01ffde1949ca31c40b8865bfb280418fdbeda5169ae8059352d7acdbc2970f1fdd54fc656c32807368fbd281dccb50464dd2", 0x1000}, {&(0x7f0000000040)="529d89d6a939a797326540f74ee1b269bd9edf39516fead18e4b716716bd25fcc07b88674fbdaaf91570218c5b7b6e7b006bd41216bfd18f7f9aa7fa4a4903fa6cde0edcac089c45af13", 0x4a}], 0x2) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:20 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:20 executing program 3: setsockopt$inet_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000000)=@ccm_128={{0x304}, "134358aad74396f0", "880555b279a511bed354b9e4609cee01", "149780b5", "bb251dc34c2f6a21"}, 0x28) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000300)="a3c0f4c00e1c1616106393798c01572a2980a7d7a4e4ecc215de73ca5d9ffc76c9ecce17344197fea79625c214c9f4857c59fdbfcb0c6d3471c9cb7cb9ed6e2099ea9258af83c2d33748f2c9b7372177be621da9bee49121d585b2bf9d7d50c0d3a868925d6595afcf4aa2cfec75a5c6107f117a89725931e494ee5021802825b16143094c732dec42d19d4bde3ed8c61b25dc4b565446c90f4caf8a19773a4a67d983853f162794de73c8acc60f309658d05ffb67ec9be52585526b98be035e5b4a91b9d420cfba9091ced2f9555d64129e43aa1a82f00666b21d0ccf4175d8572bfc721818bda79cd75fcfe332fa6601978856f48469ba4b1c300d194faf61445b3ca571076055ffb549c7072e631ee9c083f9b78c4b5797039469c6dcb1262107bb12a26b6182f5949dcecb628c31eff31537834975932456524884c1f4deea0d0667156e8f324bc44180204b92b0fe1b39dad9668b2091fcb0b4ba91e63e1464aa4d6c758fc30747c3a32688304dbb60f27224ca9c11639299ae4aafa67ded92796c05153dde32606baf43179e53c336ee5d496733bbc488c305ec341482f10f065701169b15533d7e4a64f27d6308b252264283f627440257634f73551c57e4ce6b8de1da0acddf76ccaa77a12719162965a5c79d5b003e0158944b7523252e2dbc680f0261a6ffacdd51d5b6fc6d7fa42ffe2c4975a3d03e3d1264b37981ffb8c0ac1bcff1664631ddfa1fc0d339ce8abda7028097aeb352948e2ef80d69fd03dba48fcfe1477445c6f2cb31649fc61879e5f62445e291829fe80863a1c86fa85f4d8f059bb0e7a282b2a58e04f6477d6af888f5dbb47244c2912b293670f3dc47f7f07d9b8425753db511bc10bebc3b4e325937a5a27b12204322fffa398a7827b3bbc844a88855ae773e3423d6eb524478734aaea8fedc259db238373d558e9ee00c3a6a04b7527a3d0dacd2e50eb8c53c9238719b06fd1cc7b5b2500c7044af8bd832c672e7d143d8f43a669b685f58dee712be9ebb2f984cd39c53895d1f75d9d3b4df2c9d8adf976d12914802798310afd911ad5689c5548b201ed6f005e34626c027e86b7c054c42fb0c4ae0fa20ad4800f476b8b1ca9bfd7d1c1dcb875edd77bc10287c864be9ec920babaca71d5d959536946481140868a3888f9c393092a39ec11c426166d1e26e653850c69de3b64a50b7e1f4bbd16107d35f33ecef7158def591fd394bf0f44912f6f3ed94d34247149f188e3b196738dd1879cfdeba93dc2d3a4049dd82d053eeed4fc1fb71284fed9afbd0d96f6c1d1f31dc5267b308a59672e97efc712f623753763068046b2dcc67b56b0c0c234cc1378f5c253acb563fb85ea923a5f8026eb1ffe3687928ea95590c961cf27f7228f815d4656e1bc5451e0a6a73afeb26608977ba68dc0c8f7867efa37713acef03a04f597a9aacc42c4e2ca0eeb8d2ef28d0281748663c4d052940cfcc79a25f52f1194c88018752ced4ed855c423d24973246302d267bd2bc4f29d41b975f10b739d8680f2c60f73c364142d2e9bf64110833cc385ddc1842925b7f73cb845cf064f01172b9b2a8b096e9beeedb913541a2eaf094f1f2f08ca8e392c779e801b20ff9cf9123a3248f89e4df81074bcbd8a430f3b4d4ded9bfbebcdf31e6e6711c5e96ae0f8a76c300d43d7d837ffe711366ae474bf0a9e35a08b7ab10289a65d32b30be27588107b1f1dcf2201ec8340a7e73de8f7f7271f9bbcb7fec46a4f23cf829269724426c921daeba0e5a27a248134a5a4dd8b9ca6e43fb300825e82364b617159a741777932fb96ae084c07fd5125914950dd21d60324c4967a46a23fb9914d7a3209803c0edfb83a7c0b408fbba50712b6f1345f1890485d22fde90adf451bc0900da5afe5ada086c88aaf158b9b35b79be0671a492c007965e0add3a020d16125e1e0401ae0e61ccb6c691a6d15f10bebabaa71e6948b45aec59ad520c2948ce0bae0218082e2f7bb40cf4ac5fb7172c27b9dab9f40af9e8eaabd35a74dd61865873a0f5012023b014554ba96c243491c6d4c67be1c8f94ee587d2d047539eb9a4ce9e755841039c0471ad5cc719c59269a096a7ca80180c8856a54c844d5198235b9fab3904a802bc9a93e08bba2498c0732f068ded88297a7746d32566b20e557d503d57c2f8a237881f77dbe6801a06a1e3de489bc67604d181b6646f7e4e616412d6bedc6fef60a6d8d4fb7d7c50cb0a2d5ccc8318762632dc01118fb6e046355864fcf47735bd563f1a25afba99158f53c2eefd511c1878ae92a8132ef6268332c0d132afbf684e32ae6219557d4fac232e417ddada6e151882bf1de711450d887c0ceea5f69711f1e0993d566f49dd6b5242dd4ac7dbc4c42e85c8c7448d1ef611fa36dde3a74ebcdb8e4116be6371b532518193ee357145b09a7d97ed446f855d64a0b7d4e01ac874bb37e790ab945a4758ea097d850624bd5696aae8368d301f8baa021f57542e497d78022677fc1a5e6819368ee92db6f17739caaf0e847303440a710828eb8bad826cb1a2b838d858f503d2203c9d5b4ba8990dd89b0d53d5ba3bbce43e38db002a42fffdc1d25dcda13ec8b59453e3d1fd2114a093379d4b0b8691729dc97bef4c6bdc8e9a11a39c5f2dfc9d1de1baf5323b492fb08c22837c58ddd5dd974dc1ebbca83cc844e3650c1b9a53298b49ccc23abc7615526c102ac5249b8e7710d3d3314857258aff118091c0d4d528bfe63155465749a4dcc52c4b4ad271cd1d7ee1e041864afec388d101cd3ced8588bee9a45374dc67736341b24d49b5c617160faa3b51a7eb8deea619fba42e8e6dd59d0406f33eaead63768865be8979b283746dc3d2a21146242a8492ecca2baea327defe5a9a17f21c7e8cc94be334d72215abcb9184d5ff55cc3d59568ffabcd3002126557056ae309af89fd792eafa22646d2c767932b41d55d347443ae484604d7bdb2259607e97d14a41854f27336f8c21bad414c23e2b3993b00ceae39da155fe7a310cea4efb5e58cf34253d5995dbb2554fd1946b6b1e42cee1a75e4eb1306a0b0aa0da1ba2417b0bfafa025f44493f8b878143ae3893423b4bce6a78216389118f8c7deffc05f8c67e2b1442e495ecee5ce69c66cac27d67624a205fc69110d668097dbe95bb80c0368a2033ebd73f22a2200095b5e11b8dbc5ecd49d634f7bc805f2f679adc4b0f92b51f6e0612f4734fd1aa00ef41c04f41834da7374b3cb150f09822405b08683a3a86073de43d9d62cc504a449d117affbc29e4719fac990f00093364f683123970586e770be8b1d1eacb9e061aa47524ddb7a750b80f566204a95140c858f29f98692d01d84fa1521f74bee6b007d92ab30518aba957d1c85987c58236aa9cd8f87690200e07a1326ae44343fe31790bd28188012fe88bf15d246926a6da270d1a825e78f43068ccdcfda7bce10a319f4eddd45d665ee01ebf1e8ebabe25b5d8154a5ac48d3f18aba0301a4e290195e35fe509741fde1b9fe8091fe323a05344fa97e14b823a4c9facede2cbb056d4eac2d4ecf52594b538f48c11c07a06b71b336fa11c077d4ee10b5e40e82b9c20e5ba7405a05c594bbcf3ad6f2d3a8b93c10ea0cc89188dc2fc4eb321f441284555bfc345f0e138b27ac93fb48bf6eb5a2fc6d340f41bdbfe40fb8ef7d97df12740c7dd2e0c7c11dbf07f972f148f8063ff9d8f3b1cbd7be1f8744ace7cc55b44bdca470d55e0d7aa3c6a12903c737a52bd5f8a282e5774e8559e59dd92bf8f002bd2b5499141345d12891815dd3c9d080bf6cca4ed6f5b5f04231242bff9ed1e62f19ee3acf3cf53c22d5b957907228f81c7824d617f2033f4e0fd4ac84d6e329fbcb2ebb0c307712595ef2b79a7f836bb21b97ae526752eec3354743e26f282faa3484912b68e44ec79c7902446bb51ceed21193635b01c367ca3c5a402b6528586ab9005a6190cdb5ffa5a46e0f11a4bf9fd599a8c4bb532595a7832aaa2eedde26e665d99eff6cb790d48dd75025ed075f2af1d2f04dad27b5ff495a683a7b9fd0fa974ebd85c5d706328d4258d83dd6036e44100ef60ad9a808670d5dfc1e64d45c787596fcbd291968b2a852d957f44d184f2937e39778cb4562e4eed7a0ee644fcc8dbf084e85fd1bdd316d1c97184412d5479f30547dd271f2f82b1c2e5c29e1c5dfdc5be64ae75520a17ec8cb7cc1fa0bbfb95227336eb414580e04d4386df2df6b850e98c7ca6808072e9472a164dd2f9b7643adc09d83229aa2004083daabba9ceb1668b109d7a1a184dff9c7d02c13e421e5b21ea2184712e785b9facc17e809516cedc550a5d84cab78e67cfe0701e44bec4ad0b7949834876d57a3003717979a7ea9e3b783e9cd2fee6e875c3b9e998e68ea2b95bd8f93349ec21a462e8d4b1e43ccf5f8c1f6f9b5e9fda289f2cb1f139b968bcb14c537146723e5266d6409a4cab545b0aadc0fc68a0d08719cee0141b6b1a85b38acd53ca83554289c2662a45f903b6403f4d1aa81d40e2263818a3d931807657ab3bc43d12914eb24da96655e385de0d3cafafe5b15f75febadad9debd32ae7cf118655baa57fed9748093a6d18d85c728b4c0d39eacceaf0e856aa0a688e55938400f72151adf5fdf132d1476c3f41fb66fc7b32bfad4e2972a052db6899e525c730837aff03b60aeb50e96e0887c7f9a8b94bef92221f922fea1c80bafda9fd2abf2fc574b19bb913326b6e35a9d36f3f07b7e32f634abe898eea7931ef2b0b6648e54f98a31bfd66f78dcd2086a49801fb58417d942be991e85ce1bb87225312125ede32686b9a4d2cafe14186217f72c458c916c3bab01638b507e05afd33c5862ea45833eee7768cf0be7e428ce90ffcfb29af947f1a7f16a05177462abd5e6d1c2611b508b9b23f00037a2e39e2bd1c9481b73c732f44e98c6037e05647d118e71cbfea53d85144aa5b14fc93aa77646fadaee2883cc07ffcc1d5e42dcf576a23ae284f0ca77e976ef880559a32c4e12d9e49a5b0cb45906335b54eb144e39208999ee98f13f94efc49164fef05d746095ee7b0fdb1caa4a30091774bec51b6ce20180024fefda4e8a5587555a1f459539266d99ebb548986092ed33d0609e1180866fa0ef55b6495433a4bb6ccacfb28df1768df3fd198ed3febd2aeebaae981024c49bc13e2e3454aa70c3d0a9fbd9b454b307f6d7e9918fac2092ac9b40a31a06c26fad257a0a76eeba7eed6f0e5749d3bb46f7d80f4e5eada04001c8c448bcd33e5c30c658d6a6d47700821b7044709c8abb7d3c8c5da968f4532ff29d173c866dd99e738e9b441b5e88b2257a792f415218731d9a2fb5bf37025307fa40c94f1d78ebe9f74df8cfd49e8229101fc07ac4ab29e21bc3a76fff5d05dff18c246a324ca9b61aafeab83a6127c3fe1ed2e90eec53cc1873adf640e1f009c2d00aeced55845caf501cbe8ede9c7385ee0a8ed02f10d45a7bf4133ae18d9a2fb8aa5306cd78ffe35d0f24870cea3f28513d7a5b5238195be4ffded2f618e0d306617d2cd73ca80baf6f5c7b3dc57a4f6d913245bdbdbfdff73f038410967b9bf830006e6f982afea074e94957859d17bed5113b6e584513229e94e16a3551fe6350d4057a1d6750ec216718eac0207d49609516fcf54e4c27f25f479c31a4405e28972343604f078b72c2cb0b4b5c3729a9a8c219da01ffde1949ca31c40b8865bfb280418fdbeda5169ae8059352d7acdbc2970f1fdd54fc656c32807368fbd281dccb50464dd2", 0x1000}, {&(0x7f0000000040)="529d89d6a939a797326540f74ee1b269bd9edf39516fead18e4b716716bd25fcc07b88674fbdaaf91570218c5b7b6e7b006bd41216bfd18f7f9aa7fa4a4903fa6cde0edcac089c45af13", 0x4a}], 0x2) (async) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:20 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:20 executing program 3: setsockopt$inet_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000000)=@ccm_128={{0x304}, "134358aad74396f0", "880555b279a511bed354b9e4609cee01", "149780b5", "bb251dc34c2f6a21"}, 0x28) (async) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000300)="a3c0f4c00e1c1616106393798c01572a2980a7d7a4e4ecc215de73ca5d9ffc76c9ecce17344197fea79625c214c9f4857c59fdbfcb0c6d3471c9cb7cb9ed6e2099ea9258af83c2d33748f2c9b7372177be621da9bee49121d585b2bf9d7d50c0d3a868925d6595afcf4aa2cfec75a5c6107f117a89725931e494ee5021802825b16143094c732dec42d19d4bde3ed8c61b25dc4b565446c90f4caf8a19773a4a67d983853f162794de73c8acc60f309658d05ffb67ec9be52585526b98be035e5b4a91b9d420cfba9091ced2f9555d64129e43aa1a82f00666b21d0ccf4175d8572bfc721818bda79cd75fcfe332fa6601978856f48469ba4b1c300d194faf61445b3ca571076055ffb549c7072e631ee9c083f9b78c4b5797039469c6dcb1262107bb12a26b6182f5949dcecb628c31eff31537834975932456524884c1f4deea0d0667156e8f324bc44180204b92b0fe1b39dad9668b2091fcb0b4ba91e63e1464aa4d6c758fc30747c3a32688304dbb60f27224ca9c11639299ae4aafa67ded92796c05153dde32606baf43179e53c336ee5d496733bbc488c305ec341482f10f065701169b15533d7e4a64f27d6308b252264283f627440257634f73551c57e4ce6b8de1da0acddf76ccaa77a12719162965a5c79d5b003e0158944b7523252e2dbc680f0261a6ffacdd51d5b6fc6d7fa42ffe2c4975a3d03e3d1264b37981ffb8c0ac1bcff1664631ddfa1fc0d339ce8abda7028097aeb352948e2ef80d69fd03dba48fcfe1477445c6f2cb31649fc61879e5f62445e291829fe80863a1c86fa85f4d8f059bb0e7a282b2a58e04f6477d6af888f5dbb47244c2912b293670f3dc47f7f07d9b8425753db511bc10bebc3b4e325937a5a27b12204322fffa398a7827b3bbc844a88855ae773e3423d6eb524478734aaea8fedc259db238373d558e9ee00c3a6a04b7527a3d0dacd2e50eb8c53c9238719b06fd1cc7b5b2500c7044af8bd832c672e7d143d8f43a669b685f58dee712be9ebb2f984cd39c53895d1f75d9d3b4df2c9d8adf976d12914802798310afd911ad5689c5548b201ed6f005e34626c027e86b7c054c42fb0c4ae0fa20ad4800f476b8b1ca9bfd7d1c1dcb875edd77bc10287c864be9ec920babaca71d5d959536946481140868a3888f9c393092a39ec11c426166d1e26e653850c69de3b64a50b7e1f4bbd16107d35f33ecef7158def591fd394bf0f44912f6f3ed94d34247149f188e3b196738dd1879cfdeba93dc2d3a4049dd82d053eeed4fc1fb71284fed9afbd0d96f6c1d1f31dc5267b308a59672e97efc712f623753763068046b2dcc67b56b0c0c234cc1378f5c253acb563fb85ea923a5f8026eb1ffe3687928ea95590c961cf27f7228f815d4656e1bc5451e0a6a73afeb26608977ba68dc0c8f7867efa37713acef03a04f597a9aacc42c4e2ca0eeb8d2ef28d0281748663c4d052940cfcc79a25f52f1194c88018752ced4ed855c423d24973246302d267bd2bc4f29d41b975f10b739d8680f2c60f73c364142d2e9bf64110833cc385ddc1842925b7f73cb845cf064f01172b9b2a8b096e9beeedb913541a2eaf094f1f2f08ca8e392c779e801b20ff9cf9123a3248f89e4df81074bcbd8a430f3b4d4ded9bfbebcdf31e6e6711c5e96ae0f8a76c300d43d7d837ffe711366ae474bf0a9e35a08b7ab10289a65d32b30be27588107b1f1dcf2201ec8340a7e73de8f7f7271f9bbcb7fec46a4f23cf829269724426c921daeba0e5a27a248134a5a4dd8b9ca6e43fb300825e82364b617159a741777932fb96ae084c07fd5125914950dd21d60324c4967a46a23fb9914d7a3209803c0edfb83a7c0b408fbba50712b6f1345f1890485d22fde90adf451bc0900da5afe5ada086c88aaf158b9b35b79be0671a492c007965e0add3a020d16125e1e0401ae0e61ccb6c691a6d15f10bebabaa71e6948b45aec59ad520c2948ce0bae0218082e2f7bb40cf4ac5fb7172c27b9dab9f40af9e8eaabd35a74dd61865873a0f5012023b014554ba96c243491c6d4c67be1c8f94ee587d2d047539eb9a4ce9e755841039c0471ad5cc719c59269a096a7ca80180c8856a54c844d5198235b9fab3904a802bc9a93e08bba2498c0732f068ded88297a7746d32566b20e557d503d57c2f8a237881f77dbe6801a06a1e3de489bc67604d181b6646f7e4e616412d6bedc6fef60a6d8d4fb7d7c50cb0a2d5ccc8318762632dc01118fb6e046355864fcf47735bd563f1a25afba99158f53c2eefd511c1878ae92a8132ef6268332c0d132afbf684e32ae6219557d4fac232e417ddada6e151882bf1de711450d887c0ceea5f69711f1e0993d566f49dd6b5242dd4ac7dbc4c42e85c8c7448d1ef611fa36dde3a74ebcdb8e4116be6371b532518193ee357145b09a7d97ed446f855d64a0b7d4e01ac874bb37e790ab945a4758ea097d850624bd5696aae8368d301f8baa021f57542e497d78022677fc1a5e6819368ee92db6f17739caaf0e847303440a710828eb8bad826cb1a2b838d858f503d2203c9d5b4ba8990dd89b0d53d5ba3bbce43e38db002a42fffdc1d25dcda13ec8b59453e3d1fd2114a093379d4b0b8691729dc97bef4c6bdc8e9a11a39c5f2dfc9d1de1baf5323b492fb08c22837c58ddd5dd974dc1ebbca83cc844e3650c1b9a53298b49ccc23abc7615526c102ac5249b8e7710d3d3314857258aff118091c0d4d528bfe63155465749a4dcc52c4b4ad271cd1d7ee1e041864afec388d101cd3ced8588bee9a45374dc67736341b24d49b5c617160faa3b51a7eb8deea619fba42e8e6dd59d0406f33eaead63768865be8979b283746dc3d2a21146242a8492ecca2baea327defe5a9a17f21c7e8cc94be334d72215abcb9184d5ff55cc3d59568ffabcd3002126557056ae309af89fd792eafa22646d2c767932b41d55d347443ae484604d7bdb2259607e97d14a41854f27336f8c21bad414c23e2b3993b00ceae39da155fe7a310cea4efb5e58cf34253d5995dbb2554fd1946b6b1e42cee1a75e4eb1306a0b0aa0da1ba2417b0bfafa025f44493f8b878143ae3893423b4bce6a78216389118f8c7deffc05f8c67e2b1442e495ecee5ce69c66cac27d67624a205fc69110d668097dbe95bb80c0368a2033ebd73f22a2200095b5e11b8dbc5ecd49d634f7bc805f2f679adc4b0f92b51f6e0612f4734fd1aa00ef41c04f41834da7374b3cb150f09822405b08683a3a86073de43d9d62cc504a449d117affbc29e4719fac990f00093364f683123970586e770be8b1d1eacb9e061aa47524ddb7a750b80f566204a95140c858f29f98692d01d84fa1521f74bee6b007d92ab30518aba957d1c85987c58236aa9cd8f87690200e07a1326ae44343fe31790bd28188012fe88bf15d246926a6da270d1a825e78f43068ccdcfda7bce10a319f4eddd45d665ee01ebf1e8ebabe25b5d8154a5ac48d3f18aba0301a4e290195e35fe509741fde1b9fe8091fe323a05344fa97e14b823a4c9facede2cbb056d4eac2d4ecf52594b538f48c11c07a06b71b336fa11c077d4ee10b5e40e82b9c20e5ba7405a05c594bbcf3ad6f2d3a8b93c10ea0cc89188dc2fc4eb321f441284555bfc345f0e138b27ac93fb48bf6eb5a2fc6d340f41bdbfe40fb8ef7d97df12740c7dd2e0c7c11dbf07f972f148f8063ff9d8f3b1cbd7be1f8744ace7cc55b44bdca470d55e0d7aa3c6a12903c737a52bd5f8a282e5774e8559e59dd92bf8f002bd2b5499141345d12891815dd3c9d080bf6cca4ed6f5b5f04231242bff9ed1e62f19ee3acf3cf53c22d5b957907228f81c7824d617f2033f4e0fd4ac84d6e329fbcb2ebb0c307712595ef2b79a7f836bb21b97ae526752eec3354743e26f282faa3484912b68e44ec79c7902446bb51ceed21193635b01c367ca3c5a402b6528586ab9005a6190cdb5ffa5a46e0f11a4bf9fd599a8c4bb532595a7832aaa2eedde26e665d99eff6cb790d48dd75025ed075f2af1d2f04dad27b5ff495a683a7b9fd0fa974ebd85c5d706328d4258d83dd6036e44100ef60ad9a808670d5dfc1e64d45c787596fcbd291968b2a852d957f44d184f2937e39778cb4562e4eed7a0ee644fcc8dbf084e85fd1bdd316d1c97184412d5479f30547dd271f2f82b1c2e5c29e1c5dfdc5be64ae75520a17ec8cb7cc1fa0bbfb95227336eb414580e04d4386df2df6b850e98c7ca6808072e9472a164dd2f9b7643adc09d83229aa2004083daabba9ceb1668b109d7a1a184dff9c7d02c13e421e5b21ea2184712e785b9facc17e809516cedc550a5d84cab78e67cfe0701e44bec4ad0b7949834876d57a3003717979a7ea9e3b783e9cd2fee6e875c3b9e998e68ea2b95bd8f93349ec21a462e8d4b1e43ccf5f8c1f6f9b5e9fda289f2cb1f139b968bcb14c537146723e5266d6409a4cab545b0aadc0fc68a0d08719cee0141b6b1a85b38acd53ca83554289c2662a45f903b6403f4d1aa81d40e2263818a3d931807657ab3bc43d12914eb24da96655e385de0d3cafafe5b15f75febadad9debd32ae7cf118655baa57fed9748093a6d18d85c728b4c0d39eacceaf0e856aa0a688e55938400f72151adf5fdf132d1476c3f41fb66fc7b32bfad4e2972a052db6899e525c730837aff03b60aeb50e96e0887c7f9a8b94bef92221f922fea1c80bafda9fd2abf2fc574b19bb913326b6e35a9d36f3f07b7e32f634abe898eea7931ef2b0b6648e54f98a31bfd66f78dcd2086a49801fb58417d942be991e85ce1bb87225312125ede32686b9a4d2cafe14186217f72c458c916c3bab01638b507e05afd33c5862ea45833eee7768cf0be7e428ce90ffcfb29af947f1a7f16a05177462abd5e6d1c2611b508b9b23f00037a2e39e2bd1c9481b73c732f44e98c6037e05647d118e71cbfea53d85144aa5b14fc93aa77646fadaee2883cc07ffcc1d5e42dcf576a23ae284f0ca77e976ef880559a32c4e12d9e49a5b0cb45906335b54eb144e39208999ee98f13f94efc49164fef05d746095ee7b0fdb1caa4a30091774bec51b6ce20180024fefda4e8a5587555a1f459539266d99ebb548986092ed33d0609e1180866fa0ef55b6495433a4bb6ccacfb28df1768df3fd198ed3febd2aeebaae981024c49bc13e2e3454aa70c3d0a9fbd9b454b307f6d7e9918fac2092ac9b40a31a06c26fad257a0a76eeba7eed6f0e5749d3bb46f7d80f4e5eada04001c8c448bcd33e5c30c658d6a6d47700821b7044709c8abb7d3c8c5da968f4532ff29d173c866dd99e738e9b441b5e88b2257a792f415218731d9a2fb5bf37025307fa40c94f1d78ebe9f74df8cfd49e8229101fc07ac4ab29e21bc3a76fff5d05dff18c246a324ca9b61aafeab83a6127c3fe1ed2e90eec53cc1873adf640e1f009c2d00aeced55845caf501cbe8ede9c7385ee0a8ed02f10d45a7bf4133ae18d9a2fb8aa5306cd78ffe35d0f24870cea3f28513d7a5b5238195be4ffded2f618e0d306617d2cd73ca80baf6f5c7b3dc57a4f6d913245bdbdbfdff73f038410967b9bf830006e6f982afea074e94957859d17bed5113b6e584513229e94e16a3551fe6350d4057a1d6750ec216718eac0207d49609516fcf54e4c27f25f479c31a4405e28972343604f078b72c2cb0b4b5c3729a9a8c219da01ffde1949ca31c40b8865bfb280418fdbeda5169ae8059352d7acdbc2970f1fdd54fc656c32807368fbd281dccb50464dd2", 0x1000}, {&(0x7f0000000040)="529d89d6a939a797326540f74ee1b269bd9edf39516fead18e4b716716bd25fcc07b88674fbdaaf91570218c5b7b6e7b006bd41216bfd18f7f9aa7fa4a4903fa6cde0edcac089c45af13", 0x4a}], 0x2) (async) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:20 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:20 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c00010062"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:20 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_CHANNEL(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r3, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_PAGE={0x5, 0x7, 0xf}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x34}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan1\x00'}) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000200)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_CHANNEL(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r7, 0x100, 0x0, 0x3, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0xf}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x14}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x34}}, 0x0) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x34, r1, 0x400, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x34}}, 0x0) r9 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r9, 0x402, 0x29) sendmsg$RDMA_NLDEV_CMD_PORT_GET(r9, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, 0x1405, 0x1, 0x70bd29, 0x25dfdbfe, "", [{{0x8, 0x1, 0x2}, {0x8}}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x8090) 13:17:20 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) sendmsg$NL802154_CMD_DEL_SEC_KEY(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000780)={0x47c, r3, 0x8, 0x70bd2d, 0x25dfdbfd, {}, [@NL802154_ATTR_SEC_KEY={0x90, 0x2e, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "fe8e176110d7e13905f235957cd0c5bf"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "c545448164275e8b89adc8f5b842cdaa"}, @NL802154_KEY_ATTR_ID={0x1c, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x1}]}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "b34cd01cd05f507b62a70e91919a706623017e4cf3e3bf8d8f87fad2cf8515f4"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "83de3867ad256457fc10f4cd500e14deb4b9aeecd165a677fa4a209f91af2c37"}]}, @NL802154_ATTR_SEC_KEY={0x204, 0x2e, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x81}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "02dd5a01d135390b1086ff3e998e3acd"}, @NL802154_KEY_ATTR_ID={0xac, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x1}, @NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x3c, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa1}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}]}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x1c, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6}]}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x4}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x2c, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xffffffffffff0103}}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}]}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x80000001}]}, @NL802154_KEY_ATTR_ID={0x20, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x3}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xf6}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}]}, @NL802154_KEY_ATTR_ID={0x60, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x2}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x8000000000000001}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x8}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x1}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x3}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x200}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x9}]}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "9efc4d631b1e0ed7d6e6f4aa76ca1182b1b829e3b553bbefe170381839709848"}, @NL802154_KEY_ATTR_ID={0x14, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_INDEX={0x5}]}, @NL802154_KEY_ATTR_ID={0x50, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x34, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xffff}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}, @NL802154_DEV_ADDR_ATTR_MODE={0x8}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}]}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x7}]}, @NL802154_KEY_ATTR_ID={0xc, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x5}]}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "5f3e066bd03cad9f4cc4a4ba8705b9f321cbf88e5cfc55ddf82ec24ec5acfd16"}]}, @NL802154_ATTR_SEC_KEY={0x4c, 0x2e, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "f4599d4c80fa887fa0178662975b696f70c4fa475af3d04c85370c38892010e6"}, @NL802154_KEY_ATTR_ID={0x24, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x800}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x6}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x1}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0xff}]}]}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000001}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_KEY={0x84, 0x2e, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "93a3e9bf4a94863aa1002438ebf0f4a9"}, @NL802154_KEY_ATTR_ID={0x24, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}]}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "50cf9049015fc0ada4741708e1e0ea0f2cbc91c8a36fcbe1d471bca40a09dd3b"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "3c9fad3f49a9bba8ea2600ae03b26b245d9945781f38b9cff1c4e6ec872a743d"}]}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SEC_KEY={0xcc, 0x2e, 0x0, 0x1, [@NL802154_KEY_ATTR_ID={0x64, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x2c, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}, @NL802154_DEV_ADDR_ATTR_MODE={0x8}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa1}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}]}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xcb73}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x4b}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x4}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0xffffffff}]}, @NL802154_KEY_ATTR_ID={0x64, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xc5}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x1}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_IMPLICIT={0xc, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}]}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x4}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x34, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0302}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0xffff}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}]}]}]}]}, 0x47c}}, 0x4008800) 13:17:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:20 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_CHANNEL(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r3, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_PAGE={0x5, 0x7, 0xf}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x34}}, 0x0) (async) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan1\x00'}) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000200)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_CHANNEL(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r7, 0x100, 0x0, 0x3, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0xf}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x14}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x34}}, 0x0) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x34, r1, 0x400, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x34}}, 0x0) r9 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r9, 0x402, 0x29) sendmsg$RDMA_NLDEV_CMD_PORT_GET(r9, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, 0x1405, 0x1, 0x70bd29, 0x25dfdbfe, "", [{{0x8, 0x1, 0x2}, {0x8}}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x8090) 13:17:20 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c00010062"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:20 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c00010062"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:20 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_CHANNEL(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r3, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_PAGE={0x5, 0x7, 0xf}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x34}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan1\x00'}) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000200)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_CHANNEL(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r7, 0x100, 0x0, 0x3, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0xf}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x14}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x34}}, 0x0) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x34, r1, 0x400, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x34}}, 0x0) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x34, r1, 0x400, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x34}}, 0x0) r9 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r9, 0x402, 0x29) sendmsg$RDMA_NLDEV_CMD_PORT_GET(r9, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, 0x1405, 0x1, 0x70bd29, 0x25dfdbfe, "", [{{0x8, 0x1, 0x2}, {0x8}}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x8090) (async) sendmsg$RDMA_NLDEV_CMD_PORT_GET(r9, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, 0x1405, 0x1, 0x70bd29, 0x25dfdbfe, "", [{{0x8, 0x1, 0x2}, {0x8}}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x8090) 13:17:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:20 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:20 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c00010062"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:20 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) (rerun: 32) 13:17:20 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x29) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r5, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:20 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c00010062726964"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:20 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:20 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x29) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r5, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:20 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x64, r5, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x1}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x4}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x2}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x1}]}, 0x64}}, 0x40040000) 13:17:20 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c00010062726964"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:20 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) (async) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) (async) sendmsg$NL802154_CMD_SET_CCA_MODE(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x64, r5, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x1}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x4}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x2}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x1}]}, 0x64}}, 0x40040000) 13:17:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:20 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) (async) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) (rerun: 32) sendmsg$NL802154_CMD_SET_CCA_MODE(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x64, r5, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x1}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x4}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x2}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x1}]}, 0x64}}, 0x40040000) 13:17:20 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c00010062726964"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:20 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x29) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r5, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x58}}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:20 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c0001006272696467"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:20 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x200, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24008090}, 0x20000000) 13:17:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x58}}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x200, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24008090}, 0x20000000) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x58}}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x29) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r5, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c0001006272696467"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) (async) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x200, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24008090}, 0x20000000) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000040)={'wpan3\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000080)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_SET_LBT_MODE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x3c, r3, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_LBT_MODE={0x5}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44800}, 0x800) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:21 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x29) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r5, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c0001006272696467"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x29) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r5, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) (async) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000040)={'wpan3\x00', 0x0}) (async) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000080)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_SET_LBT_MODE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x3c, r3, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_LBT_MODE={0x5}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44800}, 0x800) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x29) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r5, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000040)={'wpan3\x00'}) (async) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000040)={'wpan3\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000080)={'wpan3\x00'}) (async) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000080)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_SET_LBT_MODE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x3c, r3, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_LBT_MODE={0x5}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44800}, 0x800) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x29) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x29) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc000800"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc000800"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x29) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc000800"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000200)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_CHANNEL(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r7, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0xf}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x34}}, 0x0) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r9, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x64, 0x0, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_CIPSOV4_A_MLSCATLST={0x50, 0xc, 0x0, 0x1, [{0x4c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x67a0581f}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6edf6fa8}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8382}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x911d53d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8679}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x26140ac7}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x9ad}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4fef73ef}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3bac2785}]}]}]}, 0x64}, 0x1, 0x0, 0x0, 0xc0}, 0x20000000) r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000640), r6) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x3c, r10, 0x200, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1b}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x19}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0xd}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000014}, 0x0) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000400)={0x1d0, r4, 0x4, 0x70bd29, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_SEC_DEVKEY={0x1c, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0202}}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}]}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_SEC_DEVKEY={0xa0, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x8000}]}, @NL802154_DEVKEY_ATTR_ID={0x44, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xff}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xffff}]}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x4}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x6}]}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x7}, @NL802154_DEVKEY_ATTR_ID={0x24, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x3f}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x8000}]}, @NL802154_ATTR_SEC_DEVKEY={0xc8, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0x40, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x6}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xa5}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x1}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x9}]}, @NL802154_DEVKEY_ATTR_ID={0x4c, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x1ef}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x4}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x34, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa3}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa2}]}]}, @NL802154_DEVKEY_ATTR_ID={0x38, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x20, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}]}, @NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x7}]}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x1d0}, 0x1, 0x0, 0x0, 0x20008001}, 0x20008080) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000740)=ANY=[@ANYBLOB="2c003427b9f4cfb666c641dae280d3a9980000", @ANYRES16=r1, @ANYBLOB="3106000000000000000009000000050007000000000005000800000000000800010000000000"], 0x2c}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x29) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc000800050004000000"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) (async) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r0) (async) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000200)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_CHANNEL(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r7, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0xf}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x34}}, 0x0) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r7, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0xf}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x34}}, 0x0) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r9, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x64, 0x0, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_CIPSOV4_A_MLSCATLST={0x50, 0xc, 0x0, 0x1, [{0x4c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x67a0581f}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6edf6fa8}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8382}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x911d53d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8679}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x26140ac7}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x9ad}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4fef73ef}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3bac2785}]}]}]}, 0x64}, 0x1, 0x0, 0x0, 0xc0}, 0x20000000) r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000640), r6) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x3c, r10, 0x200, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1b}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x19}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0xd}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000014}, 0x0) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000400)={0x1d0, r4, 0x4, 0x70bd29, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_SEC_DEVKEY={0x1c, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0202}}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}]}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_SEC_DEVKEY={0xa0, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x8000}]}, @NL802154_DEVKEY_ATTR_ID={0x44, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xff}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xffff}]}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x4}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x6}]}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x7}, @NL802154_DEVKEY_ATTR_ID={0x24, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x3f}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x8000}]}, @NL802154_ATTR_SEC_DEVKEY={0xc8, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0x40, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x6}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xa5}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x1}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x9}]}, @NL802154_DEVKEY_ATTR_ID={0x4c, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x1ef}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x4}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x34, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa3}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa2}]}]}, @NL802154_DEVKEY_ATTR_ID={0x38, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x20, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}]}, @NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x7}]}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x1d0}, 0x1, 0x0, 0x0, 0x20008001}, 0x20008080) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000740)=ANY=[@ANYBLOB="2c003427b9f4cfb666c641dae280d3a9980000", @ANYRES16=r1, @ANYBLOB="3106000000000000000009000000050007000000000005000800000000000800010000000000"], 0x2c}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x29) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) 13:17:21 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000200)={'wpan0\x00'}) (async) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000200)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_CHANNEL(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r7, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0xf}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x34}}, 0x0) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r9, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x64, 0x0, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_CIPSOV4_A_MLSCATLST={0x50, 0xc, 0x0, 0x1, [{0x4c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x67a0581f}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6edf6fa8}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8382}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x911d53d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8679}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x26140ac7}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x9ad}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4fef73ef}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3bac2785}]}]}]}, 0x64}, 0x1, 0x0, 0x0, 0xc0}, 0x20000000) r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000640), r6) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x3c, r10, 0x200, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1b}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x19}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0xd}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000014}, 0x0) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x3c, r10, 0x200, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1b}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x19}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0xd}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000014}, 0x0) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000400)={0x1d0, r4, 0x4, 0x70bd29, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_SEC_DEVKEY={0x1c, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0202}}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}]}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_SEC_DEVKEY={0xa0, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x8000}]}, @NL802154_DEVKEY_ATTR_ID={0x44, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xff}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xffff}]}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x4}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x6}]}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x7}, @NL802154_DEVKEY_ATTR_ID={0x24, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x3f}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x8000}]}, @NL802154_ATTR_SEC_DEVKEY={0xc8, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0x40, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x6}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xa5}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x1}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x9}]}, @NL802154_DEVKEY_ATTR_ID={0x4c, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x1ef}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x4}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x34, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa3}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa2}]}]}, @NL802154_DEVKEY_ATTR_ID={0x38, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x20, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}]}, @NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x7}]}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x1d0}, 0x1, 0x0, 0x0, 0x20008001}, 0x20008080) (async) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000400)={0x1d0, r4, 0x4, 0x70bd29, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_SEC_DEVKEY={0x1c, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0202}}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}]}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_SEC_DEVKEY={0xa0, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x8000}]}, @NL802154_DEVKEY_ATTR_ID={0x44, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xff}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xffff}]}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x4}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x6}]}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x7}, @NL802154_DEVKEY_ATTR_ID={0x24, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x3f}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x8000}]}, @NL802154_ATTR_SEC_DEVKEY={0xc8, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0x40, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x6}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xa5}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x1}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x9}]}, @NL802154_DEVKEY_ATTR_ID={0x4c, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x1ef}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x4}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x34, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa3}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa2}]}]}, @NL802154_DEVKEY_ATTR_ID={0x38, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x20, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}]}, @NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x7}]}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x1d0}, 0x1, 0x0, 0x0, 0x20008001}, 0x20008080) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000740)=ANY=[@ANYBLOB="2c003427b9f4cfb666c641dae280d3a9980000", @ANYRES16=r1, @ANYBLOB="3106000000000000000009000000050007000000000005000800000000000800010000000000"], 0x2c}}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc000800050004000000"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x29) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc000800050004000000"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x29) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc000800050004000000140004"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x29) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) 13:17:21 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) open(&(0x7f0000000280)='.\x00', 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc000800050004000000140004"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) [ 655.985119][T25142] validate_nla: 94 callbacks suppressed [ 655.985130][T25142] netlink: 'syz-executor.1': attribute type 23 has an invalid length. 13:17:21 executing program 2: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc000800050004000000140004"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 656.016595][T25148] netlink: 'syz-executor.1': attribute type 23 has an invalid length. 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc00080005000400000014000400"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 2: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400ee", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) [ 656.044703][T25156] netlink: 'syz-executor.1': attribute type 23 has an invalid length. 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc00080005000400000014000400"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400ee", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000980), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000009c0)=0x0) r6 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r6, 0x0, &(0x7f00000000c0)=0x0) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r8) sendmsg$NFC_CMD_DEV_UP(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r9, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r9, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r8, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r9, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000ac0)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x445200}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a00)={0x54, r4, 0x300, 0x70bd2d, 0x25dfdbff, {}, [@NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x1}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0xffffffffffffffff}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x7}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0xffffffffffffffff}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0xffffffffffffffff}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x20008005) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="38f80000", @ANYRES16=r1, @ANYBLOB="3106000000000000000000000500080000000000080001000e000000feffffffffffffff0000"], 0x2c}}, 0x0) r10 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)={0x5cc, r10, 0x2, 0x70bd2a, 0x25dfdbfd, {}, [@TIPC_NLA_SOCK={0xe0, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x100}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x48000000}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x85c5}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x10000}, @TIPC_NLA_SOCK_CON={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1000}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1f}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7ff}, @TIPC_NLA_SOCK_CON={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xfffffffa}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x80000000}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x80000001}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x81}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_FLAG={0x8}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1}]}, @TIPC_NLA_BEARER={0x70, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x3, @private1={0xfc, 0x1, '\x00', 0x1}, 0xfffffffb}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x100, @mcast2, 0x7}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3f}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x4}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x80000001}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}, @TIPC_NLA_SOCK={0x60, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x80000001}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9476}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfffffffe}]}]}, @TIPC_NLA_NODE={0x124, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0xba, 0x3, "b25433b440ee17851c0c6f0ac14f6f50a890b9001b1730e5e8f303a47491d860d36b491adac83e0776ae4e4468932293540a65c67450ce18027605016ae6a5dcad6642006c4a5e075a1ef652eeac7dcbe6be90095bf59e619cd1ed95768ad3d62eec0102c9fab1aed243eaf70955620e2e645be6b2c74a4233f4ba4cd2c21b43034148577dbc7ac560c7414d7dbfcbe7464d33c50cfe1eae597e736e88e6219d661efcc5bfe0526465c5a3a1ae40c38d4f97006c6d26"}, @TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "ccf9db09f9645d1f82158323dbc24875948738c8"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xfffffffa}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x7fff}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_LINK={0x54, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9f3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_BEARER={0x3c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x400, @private1, 0x9}}}}]}, @TIPC_NLA_SOCK={0x48, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x8000}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x100}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xa4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_SOCK_CON={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xc8d0}]}, @TIPC_NLA_LINK={0x84, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}]}]}, @TIPC_NLA_NODE={0x154, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0x39, 0x3, "fff80ed9ef23c23c015079727f552e3086694575fcdd609aa782066ed2f9cb011df4c8be59fb116a85144d18662c038b08c03ca1bb"}, @TIPC_NLA_NODE_ID={0xcd, 0x3, "031eb83660b0e40027699e3ca89cda23f261485a3fc7d9971442883729ecd9048a81fe77d300ca19a41f7122de69f0de505f0493aecf42c4a66985c0fa19bc5ee38fc439600bcda8c4a37f3f1527285372225de0226137662f5e779b64a69b41ec826f9d491caeda9ca47309431d4998643f03f6794d685736240bc1a383c253b1ae903bd59c62d83dc556419f61c65b166345d54967263a56cce5ccaf11e2de3f18a1bc9c84fb5bd5bc0455d33506b83ec458430281f07d8d439bd7feace2e881fbd3edc9b662e7f7"}, @TIPC_NLA_NODE_KEY={0x42, 0x4, {'gcm(aes)\x00', 0x1a, "cf945f4d66f8891cd9d592cd147e0e92141f4fca0ccac8caef44"}}]}, @TIPC_NLA_NET={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9}]}]}, 0x5cc}, 0x1, 0x0, 0x0, 0x8020}, 0x24040080) r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000900), r0) r12 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r12, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), r11) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc00080005000400000014000400"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 656.074560][T25163] netlink: 'syz-executor.1': attribute type 23 has an invalid length. 13:17:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400ee", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 656.104748][T25174] netlink: 'syz-executor.1': attribute type 23 has an invalid length. 13:17:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) 13:17:21 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) (async) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000980), r0) (async) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000009c0)=0x0) (async) r6 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r6, 0x0, &(0x7f00000000c0)=0x0) (async) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r8) sendmsg$NFC_CMD_DEV_UP(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r9, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}]}, 0x1c}}, 0x0) (async) sendmsg$NFC_CMD_START_POLL(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r9, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) (async) sendmsg$NFC_CMD_ACTIVATE_TARGET(r8, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r9, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000ac0)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x445200}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a00)={0x54, r4, 0x300, 0x70bd2d, 0x25dfdbff, {}, [@NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x1}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0xffffffffffffffff}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x7}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0xffffffffffffffff}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0xffffffffffffffff}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x20008005) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="38f80000", @ANYRES16=r1, @ANYBLOB="3106000000000000000000000500080000000000080001000e000000feffffffffffffff0000"], 0x2c}}, 0x0) (async) r10 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)={0x5cc, r10, 0x2, 0x70bd2a, 0x25dfdbfd, {}, [@TIPC_NLA_SOCK={0xe0, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x100}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x48000000}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x85c5}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x10000}, @TIPC_NLA_SOCK_CON={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1000}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1f}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7ff}, @TIPC_NLA_SOCK_CON={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xfffffffa}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x80000000}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x80000001}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x81}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_FLAG={0x8}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1}]}, @TIPC_NLA_BEARER={0x70, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x3, @private1={0xfc, 0x1, '\x00', 0x1}, 0xfffffffb}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x100, @mcast2, 0x7}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3f}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x4}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x80000001}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}, @TIPC_NLA_SOCK={0x60, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x80000001}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9476}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfffffffe}]}]}, @TIPC_NLA_NODE={0x124, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0xba, 0x3, "b25433b440ee17851c0c6f0ac14f6f50a890b9001b1730e5e8f303a47491d860d36b491adac83e0776ae4e4468932293540a65c67450ce18027605016ae6a5dcad6642006c4a5e075a1ef652eeac7dcbe6be90095bf59e619cd1ed95768ad3d62eec0102c9fab1aed243eaf70955620e2e645be6b2c74a4233f4ba4cd2c21b43034148577dbc7ac560c7414d7dbfcbe7464d33c50cfe1eae597e736e88e6219d661efcc5bfe0526465c5a3a1ae40c38d4f97006c6d26"}, @TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "ccf9db09f9645d1f82158323dbc24875948738c8"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xfffffffa}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x7fff}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_LINK={0x54, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9f3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_BEARER={0x3c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x400, @private1, 0x9}}}}]}, @TIPC_NLA_SOCK={0x48, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x8000}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x100}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xa4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_SOCK_CON={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xc8d0}]}, @TIPC_NLA_LINK={0x84, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}]}]}, @TIPC_NLA_NODE={0x154, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0x39, 0x3, "fff80ed9ef23c23c015079727f552e3086694575fcdd609aa782066ed2f9cb011df4c8be59fb116a85144d18662c038b08c03ca1bb"}, @TIPC_NLA_NODE_ID={0xcd, 0x3, "031eb83660b0e40027699e3ca89cda23f261485a3fc7d9971442883729ecd9048a81fe77d300ca19a41f7122de69f0de505f0493aecf42c4a66985c0fa19bc5ee38fc439600bcda8c4a37f3f1527285372225de0226137662f5e779b64a69b41ec826f9d491caeda9ca47309431d4998643f03f6794d685736240bc1a383c253b1ae903bd59c62d83dc556419f61c65b166345d54967263a56cce5ccaf11e2de3f18a1bc9c84fb5bd5bc0455d33506b83ec458430281f07d8d439bd7feace2e881fbd3edc9b662e7f7"}, @TIPC_NLA_NODE_KEY={0x42, 0x4, {'gcm(aes)\x00', 0x1a, "cf945f4d66f8891cd9d592cd147e0e92141f4fca0ccac8caef44"}}]}, @TIPC_NLA_NET={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9}]}]}, 0x5cc}, 0x1, 0x0, 0x0, 0x8020}, 0x24040080) r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000900), r0) r12 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r12, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), r11) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffff", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) [ 656.133350][T25184] netlink: 'syz-executor.1': attribute type 23 has an invalid length. 13:17:21 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000980), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000009c0)=0x0) r6 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r6, 0x0, &(0x7f00000000c0)=0x0) (async) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r8) sendmsg$NFC_CMD_DEV_UP(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r9, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r9, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) (async, rerun: 64) sendmsg$NFC_CMD_ACTIVATE_TARGET(r8, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r9, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) (async, rerun: 64) sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000ac0)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x445200}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a00)={0x54, r4, 0x300, 0x70bd2d, 0x25dfdbff, {}, [@NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x1}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0xffffffffffffffff}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x7}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0xffffffffffffffff}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0xffffffffffffffff}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x20008005) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="38f80000", @ANYRES16=r1, @ANYBLOB="3106000000000000000000000500080000000000080001000e000000feffffffffffffff0000"], 0x2c}}, 0x0) (async, rerun: 32) r10 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff) (rerun: 32) sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)={0x5cc, r10, 0x2, 0x70bd2a, 0x25dfdbfd, {}, [@TIPC_NLA_SOCK={0xe0, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x100}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x48000000}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x85c5}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x10000}, @TIPC_NLA_SOCK_CON={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1000}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1f}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7ff}, @TIPC_NLA_SOCK_CON={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xfffffffa}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x80000000}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x80000001}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x81}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_FLAG={0x8}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1}]}, @TIPC_NLA_BEARER={0x70, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x3, @private1={0xfc, 0x1, '\x00', 0x1}, 0xfffffffb}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x100, @mcast2, 0x7}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3f}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x4}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x80000001}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}, @TIPC_NLA_SOCK={0x60, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x80000001}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9476}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfffffffe}]}]}, @TIPC_NLA_NODE={0x124, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0xba, 0x3, "b25433b440ee17851c0c6f0ac14f6f50a890b9001b1730e5e8f303a47491d860d36b491adac83e0776ae4e4468932293540a65c67450ce18027605016ae6a5dcad6642006c4a5e075a1ef652eeac7dcbe6be90095bf59e619cd1ed95768ad3d62eec0102c9fab1aed243eaf70955620e2e645be6b2c74a4233f4ba4cd2c21b43034148577dbc7ac560c7414d7dbfcbe7464d33c50cfe1eae597e736e88e6219d661efcc5bfe0526465c5a3a1ae40c38d4f97006c6d26"}, @TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "ccf9db09f9645d1f82158323dbc24875948738c8"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xfffffffa}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x7fff}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_LINK={0x54, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9f3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_BEARER={0x3c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x400, @private1, 0x9}}}}]}, @TIPC_NLA_SOCK={0x48, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x8000}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x100}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xa4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_SOCK_CON={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xc8d0}]}, @TIPC_NLA_LINK={0x84, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}]}]}, @TIPC_NLA_NODE={0x154, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0x39, 0x3, "fff80ed9ef23c23c015079727f552e3086694575fcdd609aa782066ed2f9cb011df4c8be59fb116a85144d18662c038b08c03ca1bb"}, @TIPC_NLA_NODE_ID={0xcd, 0x3, "031eb83660b0e40027699e3ca89cda23f261485a3fc7d9971442883729ecd9048a81fe77d300ca19a41f7122de69f0de505f0493aecf42c4a66985c0fa19bc5ee38fc439600bcda8c4a37f3f1527285372225de0226137662f5e779b64a69b41ec826f9d491caeda9ca47309431d4998643f03f6794d685736240bc1a383c253b1ae903bd59c62d83dc556419f61c65b166345d54967263a56cce5ccaf11e2de3f18a1bc9c84fb5bd5bc0455d33506b83ec458430281f07d8d439bd7feace2e881fbd3edc9b662e7f7"}, @TIPC_NLA_NODE_KEY={0x42, 0x4, {'gcm(aes)\x00', 0x1a, "cf945f4d66f8891cd9d592cd147e0e92141f4fca0ccac8caef44"}}]}, @TIPC_NLA_NET={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9}]}]}, 0x5cc}, 0x1, 0x0, 0x0, 0x8020}, 0x24040080) (async) r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000900), r0) (async, rerun: 64) r12 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) (rerun: 64) sendmsg$NL802154_CMD_SET_CCA_MODE(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r12, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) (async, rerun: 32) syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), r11) (rerun: 32) 13:17:21 executing program 2: socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffff", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 2: socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) [ 656.169049][T25199] netlink: 'syz-executor.1': attribute type 23 has an invalid length. 13:17:21 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r2 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000000c0), 0x4) setsockopt$RDS_FREE_MR(r2, 0x114, 0x3, &(0x7f0000000040), 0x10) r3 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r3, 0x114, 0x8, &(0x7f00000000c0), 0x4) setsockopt$RDS_FREE_MR(r3, 0x114, 0x3, &(0x7f0000000040), 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYRESOCT=r1, @ANYRESOCT=r3, @ANYBLOB="3106000000000000000009000000050007000000000005000800000000000800010000000000"], 0x2c}}, 0x4040000) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffff", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 2: socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) 13:17:21 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r2 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000000c0), 0x4) setsockopt$RDS_FREE_MR(r2, 0x114, 0x3, &(0x7f0000000040), 0x10) r3 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r3, 0x114, 0x8, &(0x7f00000000c0), 0x4) setsockopt$RDS_FREE_MR(r3, 0x114, 0x3, &(0x7f0000000040), 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYRESOCT=r1, @ANYRESOCT=r3, @ANYBLOB="3106000000000000000009000000050007000000000005000800000000000800010000000000"], 0x2c}}, 0x4040000) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) socket$rds(0x15, 0x5, 0x0) (async) setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000000c0), 0x4) (async) setsockopt$RDS_FREE_MR(r2, 0x114, 0x3, &(0x7f0000000040), 0x10) (async) socket$rds(0x15, 0x5, 0x0) (async) setsockopt$SO_RDS_TRANSPORT(r3, 0x114, 0x8, &(0x7f00000000c0), 0x4) (async) setsockopt$RDS_FREE_MR(r3, 0x114, 0x3, &(0x7f0000000040), 0x10) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYRESOCT=r1, @ANYRESOCT=r3, @ANYBLOB="3106000000000000000009000000050007000000000005000800000000000800010000000000"], 0x2c}}, 0x4040000) (async) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 656.206270][T25212] netlink: 'syz-executor.1': attribute type 23 has an invalid length. 13:17:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, 0x0, 0x0) 13:17:21 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r2 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000000c0), 0x4) setsockopt$RDS_FREE_MR(r2, 0x114, 0x3, &(0x7f0000000040), 0x10) r3 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r3, 0x114, 0x8, &(0x7f00000000c0), 0x4) setsockopt$RDS_FREE_MR(r3, 0x114, 0x3, &(0x7f0000000040), 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYRESOCT=r1, @ANYRESOCT=r3, @ANYBLOB="3106000000000000000009000000050007000000000005000800000000000800010000000000"], 0x2c}}, 0x4040000) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) socket$rds(0x15, 0x5, 0x0) (async) setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000000c0), 0x4) (async) setsockopt$RDS_FREE_MR(r2, 0x114, 0x3, &(0x7f0000000040), 0x10) (async) socket$rds(0x15, 0x5, 0x0) (async) setsockopt$SO_RDS_TRANSPORT(r3, 0x114, 0x8, &(0x7f00000000c0), 0x4) (async) setsockopt$RDS_FREE_MR(r3, 0x114, 0x3, &(0x7f0000000040), 0x10) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYRESOCT=r1, @ANYRESOCT=r3, @ANYBLOB="3106000000000000000009000000050007000000000005000800000000000800010000000000"], 0x2c}}, 0x4040000) (async) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff00", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, 0x0, 0x0) [ 656.239529][T25228] netlink: 'syz-executor.1': attribute type 23 has an invalid length. 13:17:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, 0x0, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff00", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0) [ 656.269823][T25241] netlink: 'syz-executor.1': attribute type 23 has an invalid length. 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff00", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB, @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB, @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff0000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x58}}, 0x0) 13:17:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x58}}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB, @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff0000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x58}}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff0000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32], 0x58}}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32], 0x58}}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:21 executing program 1: socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32], 0x58}}, 0x0) 13:17:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB], 0x58}}, 0x0) 13:17:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff0007000000", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 1: socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB], 0x58}}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff0007000000", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB], 0x58}}, 0x0) 13:17:22 executing program 1: socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465"], 0x58}}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff0007000000", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB='\b'], 0x58}}, 0x0) 13:17:22 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, 0x0, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff00070000000800", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB='\b'], 0x58}}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff00070000000800", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, 0x0, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB='\b'], 0x58}}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff00070000000800", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d0000000014000600"], 0x58}}, 0x0) 13:17:22 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, 0x0, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff0007000000080003", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB='\b'], 0x58}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB='\b'], 0x58}}, 0x0) 13:17:22 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0xba01}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff0007000000080003", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB='\b'], 0x58}}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff0007000000080003", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0xba01}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000"], 0x58}}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r1, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r2, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r3, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x12}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000200)=0x0) r5 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f00000000c0)=0x0) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r7) sendmsg$NFC_CMD_DEV_UP(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r8, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r6}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r8, 0x1, 0x123, 0x233, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r6}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffb7}]}, 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r7, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r8, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r6}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) r9 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r9, 0x0, &(0x7f00000000c0)=0x0) r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r12 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r11) sendmsg$NFC_CMD_DEV_UP(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r12, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r10}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="010023010000340200000600000008cff97cdc409dac2df56ccd43564f3ec3000100", @ANYRES32=r10, @ANYBLOB="08000300ffffffff"], 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r11, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r12, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r10}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) r13 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r13, 0x0, &(0x7f00000000c0)=0x0) r15 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r16 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r15) sendmsg$NFC_CMD_DEV_UP(r15, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r16, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r14}]}, 0x1c}}, 0x0) syz_io_uring_setup(0x75df, &(0x7f0000000500)={0x0, 0x37b0, 0x10, 0x2, 0x8d}, &(0x7f0000000580), &(0x7f00000005c0)) sendmsg$NFC_CMD_START_POLL(r15, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r16, @ANYBLOB="010023010000360200000600000008000100", @ANYRES32=r14, @ANYBLOB="08000300ffffffff"], 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r15, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000600)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r16, @ANYBLOB="010023010000340200051c00000008000100db84066e11628f6f58127fa157678e223645873d95cbe45ce935c72498d6b9ce48b586f5d2d2aa607c2c0c2d74dde8dd2427c513cef7fc00f70d8780691da1327a3f66f05432e2903be5df7e2a17571d1e4e883a4b81f91f8f9dc1ec72e444ad0982137886aa", @ANYRES32=r14, @ANYBLOB="08000400000000000800030001000000"], 0x2c}}, 0x0) sendmsg$NFC_CMD_DEV_DOWN(r0, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x5c, 0x0, 0x104, 0x70bd2b, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r4}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r6}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r10}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r14}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x5c}, 0x1, 0x0, 0x0, 0x11}, 0xc080) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000"], 0x58}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000"], 0x58}}, 0x0) 13:17:22 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0xba01}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r1, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r1, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400"], 0x58}}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r1, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r2, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) (async, rerun: 32) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (rerun: 32) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r3, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x12}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) (async) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000200)=0x0) r5 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f00000000c0)=0x0) (async, rerun: 64) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64) r8 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r7) sendmsg$NFC_CMD_DEV_UP(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r8, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r6}]}, 0x1c}}, 0x0) (async) sendmsg$NFC_CMD_START_POLL(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r8, 0x1, 0x123, 0x233, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r6}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffb7}]}, 0x24}}, 0x0) (async) sendmsg$NFC_CMD_ACTIVATE_TARGET(r7, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r8, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r6}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) r9 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r9, 0x0, &(0x7f00000000c0)=0x0) (async) r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r12 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r11) sendmsg$NFC_CMD_DEV_UP(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r12, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r10}]}, 0x1c}}, 0x0) (async) sendmsg$NFC_CMD_START_POLL(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="010023010000340200000600000008cff97cdc409dac2df56ccd43564f3ec3000100", @ANYRES32=r10, @ANYBLOB="08000300ffffffff"], 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r11, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r12, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r10}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) (async) r13 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r13, 0x0, &(0x7f00000000c0)=0x0) (async, rerun: 64) r15 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64) r16 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r15) sendmsg$NFC_CMD_DEV_UP(r15, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r16, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r14}]}, 0x1c}}, 0x0) (async) syz_io_uring_setup(0x75df, &(0x7f0000000500)={0x0, 0x37b0, 0x10, 0x2, 0x8d}, &(0x7f0000000580), &(0x7f00000005c0)) sendmsg$NFC_CMD_START_POLL(r15, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r16, @ANYBLOB="010023010000360200000600000008000100", @ANYRES32=r14, @ANYBLOB="08000300ffffffff"], 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r15, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000600)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r16, @ANYBLOB="010023010000340200051c00000008000100db84066e11628f6f58127fa157678e223645873d95cbe45ce935c72498d6b9ce48b586f5d2d2aa607c2c0c2d74dde8dd2427c513cef7fc00f70d8780691da1327a3f66f05432e2903be5df7e2a17571d1e4e883a4b81f91f8f9dc1ec72e444ad0982137886aa", @ANYRES32=r14, @ANYBLOB="08000400000000000800030001000000"], 0x2c}}, 0x0) (async) sendmsg$NFC_CMD_DEV_DOWN(r0, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x5c, 0x0, 0x104, 0x70bd2b, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r4}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r6}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r10}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r14}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x5c}, 0x1, 0x0, 0x0, 0x11}, 0xc080) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400"], 0x58}}, 0x0) 13:17:22 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={0x0}, 0x1, 0xba01}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r1, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400"], 0x58}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r1, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={0x0}, 0x1, 0xba01}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400"], 0x58}}, 0x0) 13:17:22 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={0x0}, 0x1, 0xba01}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400"], 0x58}}, 0x0) 13:17:22 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r2, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) (async) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r3, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x12}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) (async) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000200)=0x0) (async) r5 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f00000000c0)=0x0) (async) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r7) sendmsg$NFC_CMD_DEV_UP(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r8, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r6}]}, 0x1c}}, 0x0) (async) sendmsg$NFC_CMD_START_POLL(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r8, 0x1, 0x123, 0x233, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r6}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffb7}]}, 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r7, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r8, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r6}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) (async) r9 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r9, 0x0, &(0x7f00000000c0)=0x0) (async) r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r12 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r11) sendmsg$NFC_CMD_DEV_UP(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r12, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r10}]}, 0x1c}}, 0x0) (async) sendmsg$NFC_CMD_START_POLL(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="010023010000340200000600000008cff97cdc409dac2df56ccd43564f3ec3000100", @ANYRES32=r10, @ANYBLOB="08000300ffffffff"], 0x24}}, 0x0) (async) sendmsg$NFC_CMD_ACTIVATE_TARGET(r11, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r12, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r10}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) r13 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r13, 0x0, &(0x7f00000000c0)=0x0) (async) r15 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r16 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r15) sendmsg$NFC_CMD_DEV_UP(r15, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r16, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r14}]}, 0x1c}}, 0x0) (async) syz_io_uring_setup(0x75df, &(0x7f0000000500)={0x0, 0x37b0, 0x10, 0x2, 0x8d}, &(0x7f0000000580), &(0x7f00000005c0)) (async) sendmsg$NFC_CMD_START_POLL(r15, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r16, @ANYBLOB="010023010000360200000600000008000100", @ANYRES32=r14, @ANYBLOB="08000300ffffffff"], 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r15, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000600)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r16, @ANYBLOB="010023010000340200051c00000008000100db84066e11628f6f58127fa157678e223645873d95cbe45ce935c72498d6b9ce48b586f5d2d2aa607c2c0c2d74dde8dd2427c513cef7fc00f70d8780691da1327a3f66f05432e2903be5df7e2a17571d1e4e883a4b81f91f8f9dc1ec72e444ad0982137886aa", @ANYRES32=r14, @ANYBLOB="08000400000000000800030001000000"], 0x2c}}, 0x0) sendmsg$NFC_CMD_DEV_DOWN(r0, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x5c, 0x0, 0x104, 0x70bd2b, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r4}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r6}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r10}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r14}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x5c}, 0x1, 0x0, 0x0, 0x11}, 0xc080) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400"], 0x58}}, 0x0) 13:17:22 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x400, 0x0, 0x1, {}, [@NL802154_ATTR_PAGE={0x5, 0x7, 0x10}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:22 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:22 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x400, 0x0, 0x1, {}, [@NL802154_ATTR_PAGE={0x5, 0x7, 0x10}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x400, 0x0, 0x1, {}, [@NL802154_ATTR_PAGE={0x5, 0x7, 0x10}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) (async) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:22 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x400, 0x0, 0x1, {}, [@NL802154_ATTR_PAGE={0x5, 0x7, 0x10}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:22 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_CHANNEL={0x5, 0x8, 0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:22 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_CHANNEL={0x5, 0x8, 0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:22 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB, @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:22 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_CHANNEL={0x5, 0x8, 0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_CHANNEL={0x5, 0x8, 0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB, @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:22 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:22 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r3, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x845}, 0x4844) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000d0000000c0006000100000001000000"], 0x20}}, 0x0) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r4, 0x8, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0xff}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB, @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:22 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) (async) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r3, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x845}, 0x4844) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000d0000000c0006000100000001000000"], 0x20}}, 0x0) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r4, 0x8, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0xff}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:22 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) (async) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r3, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x845}, 0x4844) (async) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000d0000000c0006000100000001000000"], 0x20}}, 0x0) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r4, 0x8, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0xff}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:22 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x20, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}}, 0x20}, 0x1, 0xba01}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff0007000000", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:22 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000140), r0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r2, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r3, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x30, r2, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_LEVEL={0x14, 0x2b, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x1}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x9}]}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x22000000}, 0x888) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000200)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_CHANNEL(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r7, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0xf}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x34}}, 0x0) r9 = getpid() sched_setscheduler(r9, 0x1, &(0x7f0000000240)=0x1) sched_setaffinity(r9, 0x8, &(0x7f00000002c0)=0x81) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400a01f4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x50, r4, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_PID={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_PID={0x8, 0x1c, r9}]}, 0x50}, 0x1, 0x0, 0x0, 0x400c1}, 0x24048000) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="2c4a42f000400093997ac5598852e88a8884abd6", @ANYRES16=r4, @ANYBLOB="3106000000000000000009000000050007000000000005000800000000000800010000000000"], 0x2c}}, 0x0) 13:17:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff0007000000", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:22 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x20, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}}, 0x20}, 0x1, 0xba01}, 0x0) 13:17:22 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x20, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}}, 0x20}, 0x1, 0xba01}, 0x0) 13:17:23 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x34, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0xba01}, 0x0) 13:17:23 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000140), r0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r2, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r1) (async) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r3, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x30, r2, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_LEVEL={0x14, 0x2b, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x1}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x9}]}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x22000000}, 0x888) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000200)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_CHANNEL(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r7, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0xf}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x34}}, 0x0) r9 = getpid() sched_setscheduler(r9, 0x1, &(0x7f0000000240)=0x1) (async) sched_setscheduler(r9, 0x1, &(0x7f0000000240)=0x1) sched_setaffinity(r9, 0x8, &(0x7f00000002c0)=0x81) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400a01f4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x50, r4, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_PID={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_PID={0x8, 0x1c, r9}]}, 0x50}, 0x1, 0x0, 0x0, 0x400c1}, 0x24048000) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="2c4a42f000400093997ac5598852e88a8884abd6", @ANYRES16=r4, @ANYBLOB="3106000000000000000009000000050007000000000005000800000000000800010000000000"], 0x2c}}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff0007000000", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff00070000000800", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x34, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0xba01}, 0x0) 13:17:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff00070000000800", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff00070000000800", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x34, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0xba01}, 0x0) 13:17:23 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000140), r0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r2, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r3, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x30, r2, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_LEVEL={0x14, 0x2b, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x1}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x9}]}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x22000000}, 0x888) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000200)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_CHANNEL(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r7, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0xf}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x34}}, 0x0) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r7, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0xf}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x34}}, 0x0) r9 = getpid() sched_setscheduler(r9, 0x1, &(0x7f0000000240)=0x1) (async) sched_setscheduler(r9, 0x1, &(0x7f0000000240)=0x1) sched_setaffinity(r9, 0x8, &(0x7f00000002c0)=0x81) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400a01f4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x50, r4, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_PID={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_PID={0x8, 0x1c, r9}]}, 0x50}, 0x1, 0x0, 0x0, 0x400c1}, 0x24048000) (async) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400a01f4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x50, r4, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_PID={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_PID={0x8, 0x1c, r9}]}, 0x50}, 0x1, 0x0, 0x0, 0x400c1}, 0x24048000) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="2c4a42f000400093997ac5598852e88a8884abd6", @ANYRES16=r4, @ANYBLOB="3106000000000000000009000000050007000000000005000800000000000800010000000000"], 0x2c}}, 0x0) 13:17:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff0007000000080003", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff0007000000080003", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000140), r0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r2, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r3, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x30, r2, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_LEVEL={0x14, 0x2b, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x1}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x9}]}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x22000000}, 0x888) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000200)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_CHANNEL(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r7, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0xf}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x34}}, 0x0) r9 = getpid() sched_setscheduler(r9, 0x1, &(0x7f0000000240)=0x1) sched_setaffinity(r9, 0x8, &(0x7f00000002c0)=0x81) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400a01f4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x50, r4, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_PID={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_PID={0x8, 0x1c, r9}]}, 0x50}, 0x1, 0x0, 0x0, 0x400c1}, 0x24048000) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="2c4a42f000400093997ac5598852e88a8884abd6", @ANYRES16=r4, @ANYBLOB="3106000000000000000009000000050007000000000005000800000000000800010000000000"], 0x2c}}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff0007000000080003", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, 0x0) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x20, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}}, 0x20}, 0x1, 0xba01}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, 0x0) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, 0x0) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:23 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=0x0) r4 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6) sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_DOWN(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r2, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x8000) r9 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r9, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=0x0) r4 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6) sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_DOWN(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r2, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x8000) r9 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r9, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) (async) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) (async) openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (async) ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)) (async) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6) (async) sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}]}, 0x1c}}, 0x0) (async) sendmsg$NFC_CMD_START_POLL(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) (async) sendmsg$NFC_CMD_ACTIVATE_TARGET(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) (async) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)) (async) sendmsg$NFC_CMD_DEV_DOWN(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r2, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x8000) (async) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r9, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) (async) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) (async) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=0x0) openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (async) r4 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6) sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)) (async) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_DOWN(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r2, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x8000) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) r9 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r9, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:23 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=0x0) r4 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6) sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_DOWN(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r2, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x8000) r9 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r9, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:23 executing program 3: r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x29) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x4) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 3: r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x29) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x4) (async) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x4) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 3: r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x29) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x4) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) open(&(0x7f0000000280)='.\x00', 0x0, 0x0) (async) fcntl$notify(r0, 0x402, 0x29) (async) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x4) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) (async) 13:17:23 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=0x0) r4 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6) sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_DOWN(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r2, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x8000) r9 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r9, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) sendmsg$NL80211_CMD_CONNECT(r3, 0x0, 0x0) 13:17:23 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="42af6a97", @ANYRES16=r1, @ANYBLOB="3106000000000000000009000000050007000000000005000800000000000800010000000000"], 0x2c}}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="42af6a97", @ANYRES16=r1, @ANYBLOB="3106000000000000000009000000050007000000000005000800000000000800010000000000"], 0x2c}}, 0x0) 13:17:23 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=0x0) r4 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6) sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_DOWN(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r2, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x8000) r9 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r9, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) sendmsg$NL80211_CMD_CONNECT(r3, 0x0, 0x0) 13:17:23 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="42af6a97", @ANYRES16=r1, @ANYBLOB="3106000000000000000009000000050007000000000005000800000000000800010000000000"], 0x2c}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="42af6a97", @ANYRES16=r1, @ANYBLOB="3106000000000000000009000000050007000000000005000800000000000800010000000000"], 0x2c}}, 0x0) (async) 13:17:23 executing program 2: r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x29) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x4) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 3: r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000000c0), 0x4) setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000000040), 0x10) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) quotactl_fd$Q_GETQUOTA(r0, 0xffffffff80000702, r2, &(0x7f0000000140)) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYRES16=r2], 0x2c}}, 0x0) 13:17:23 executing program 2: r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x29) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x4) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) sendmsg$NL80211_CMD_CONNECT(r3, 0x0, 0x0) 13:17:23 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=0x0) r4 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6) sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_DOWN(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r2, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x8000) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 3: r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000000c0), 0x4) setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000000040), 0x10) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) quotactl_fd$Q_GETQUOTA(r0, 0xffffffff80000702, r2, &(0x7f0000000140)) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYRES16=r2], 0x2c}}, 0x0) socket$rds(0x15, 0x5, 0x0) (async) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000000c0), 0x4) (async) setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000000040), 0x10) (async) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) (async) quotactl_fd$Q_GETQUOTA(r0, 0xffffffff80000702, r2, &(0x7f0000000140)) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYRES16=r2], 0x2c}}, 0x0) (async) 13:17:23 executing program 2: r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x29) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x4) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 3: r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000000c0), 0x4) (async) setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000000040), 0x10) (async) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) quotactl_fd$Q_GETQUOTA(r0, 0xffffffff80000702, r2, &(0x7f0000000140)) (async) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYRES16=r2], 0x2c}}, 0x0) 13:17:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) 13:17:23 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=0x0) r4 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6) sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_DOWN(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r2, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x8000) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) sendmsg$NL80211_CMD_CONNECT(r3, 0x0, 0x0) 13:17:23 executing program 2: r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x29) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x4) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 2: r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x29) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x4) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=0x0) r4 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6) sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_DOWN(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r2, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x8000) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 2: r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x29) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x4) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 2: r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x29) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x4) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) 13:17:23 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) 13:17:23 executing program 2: r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x29) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x4) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) r1 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3) sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r4, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r4, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r3, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r4, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)) r5 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r5, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 2: r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x29) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x4) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) 13:17:23 executing program 2: r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x29) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) r1 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3) sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r4, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r4, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r3, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r4, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) r5 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r5, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=0x0) r4 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6) sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_DOWN(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r2, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x8000) r9 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r9, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 2: open(&(0x7f0000000280)='.\x00', 0x0, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:23 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) r1 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3) sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r4, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r4, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) r5 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r5, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=0x0) r4 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6) sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_DOWN(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r2, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x8000) r9 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r9, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) r1 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3) sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r4, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}]}, 0x1c}}, 0x0) r5 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r5, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=0x0) r4 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6) sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_DOWN(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r2, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x8000) r9 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r9, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 2: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) r1 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r3, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 2: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 2: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) r1 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0) 13:17:24 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=0x0) r4 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6) sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_DOWN(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r2, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x8000) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, 0x0, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) r1 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, 0x0, 0x0) 13:17:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:24 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=0x0) r4 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6) sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r7, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_DOWN(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r2, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x8000) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, 0x0, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) r1 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) 13:17:24 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) r1 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3) sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r4, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r4, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r3, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r4, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) r1 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3) sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r4, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r4, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r3, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r4, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) 13:17:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0) 13:17:24 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) r1 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3) sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r4, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r4, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0) 13:17:24 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) r1 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3) sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r4, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}]}, 0x1c}}, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x0, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:24 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) r1 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2) 13:17:24 executing program 1: r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 1: r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x0, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:24 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) r1 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 13:17:24 executing program 1: r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x0, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x0, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) r1 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x0, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) r1 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)) 13:17:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x0, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:24 executing program 1: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}]}, 0x24}}, 0x0) 13:17:24 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}]}, 0x24}}, 0x0) 13:17:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:24 executing program 1: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}]}, 0x24}}, 0x0) 13:17:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:24 executing program 1: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, 0x0, 0x0) 13:17:24 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, 0x0, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, 0x0, 0x0) 13:17:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:24 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) 13:17:24 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) 13:17:24 executing program 3: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) 13:17:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}]}, 0x3c}}, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) r1 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)) 13:17:24 executing program 3: openat$nci(0xffffff9c, 0x0, 0x2, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0) 13:17:24 executing program 3: openat$nci(0xffffff9c, 0x0, 0x2, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) r1 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)) 13:17:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}]}, 0x3c}}, 0x0) 13:17:24 executing program 3: openat$nci(0xffffff9c, 0x0, 0x2, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) r1 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}]}, 0x3c}}, 0x0) 13:17:24 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) 13:17:24 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) r1 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) 13:17:24 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:24 executing program 2: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) 13:17:25 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:25 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x0, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:25 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params]}, 0x3c}}, 0x0) 13:17:25 executing program 2: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) 13:17:25 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x0, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:25 executing program 2: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) 13:17:25 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params]}, 0x3c}}, 0x0) 13:17:25 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x0, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:25 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r3, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x845}, 0x4844) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000d0000000c0006000100000001000000"], 0x20}}, 0x0) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r4, 0x8, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0xff}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:25 executing program 2: openat$nci(0xffffff9c, 0x0, 0x2, 0x0) 13:17:25 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}]}, 0x24}}, 0x0) 13:17:25 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params]}, 0x3c}}, 0x0) 13:17:25 executing program 2: openat$nci(0xffffff9c, 0x0, 0x2, 0x0) 13:17:25 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:25 executing program 2: openat$nci(0xffffff9c, 0x0, 0x2, 0x0) 13:17:25 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}]}, 0x24}}, 0x0) 13:17:25 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}]}, 0x24}}, 0x0) 13:17:25 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYBLOB="0800051d00000000140006"], 0x58}}, 0x0) 13:17:25 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:25 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}]}, 0x24}}, 0x0) 13:17:25 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400"], 0x58}}, 0x0) 13:17:25 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400"], 0x58}}, 0x0) 13:17:25 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x3c}}, 0x0) [ 659.680030][T26118] nla_validate_range_unsigned: 79 callbacks suppressed 13:17:25 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 659.680040][T26118] netlink: 'syz-executor.0': attribute type 11 has an invalid length. 13:17:25 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0xba01}, 0x0) 13:17:25 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff0000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:25 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x3c}}, 0x0) [ 659.730531][T26126] netlink: 'syz-executor.0': attribute type 11 has an invalid length. 13:17:25 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:25 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x3c}}, 0x0) 13:17:25 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x3c}}, 0x0) 13:17:25 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x3c}}, 0x0) 13:17:25 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x3c}}, 0x0) [ 659.765512][T26130] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 659.772091][T26133] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 659.773389][T26136] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 659.773941][T26135] netlink: 'syz-executor.2': attribute type 11 has an invalid length. 13:17:25 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB, @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:25 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff00", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:25 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff00", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:25 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x38, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x38}}, 0x0) [ 659.858375][T26141] __nla_validate_parse: 126 callbacks suppressed [ 659.858386][T26141] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 659.865005][T26143] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. 13:17:25 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff00", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) [ 659.880391][T26145] netlink: 'syz-executor.0': attribute type 11 has an invalid length. 13:17:25 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 659.896344][T26147] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. 13:17:25 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffff", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:25 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x38, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x38}}, 0x0) 13:17:25 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) [ 659.929999][T26152] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 659.930679][T26153] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'. 13:17:25 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r3, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000980), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000009c0)=0x0) r6 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r6, 0x0, &(0x7f00000000c0)=0x0) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r8) sendmsg$NFC_CMD_DEV_UP(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r9, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_START_POLL(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r9, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r8, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r9, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000ac0)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x445200}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a00)={0x54, r4, 0x300, 0x70bd2d, 0x25dfdbff, {}, [@NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x1}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0xffffffffffffffff}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x7}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0xffffffffffffffff}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0xffffffffffffffff}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x20008005) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="38f80000", @ANYRES16=r1, @ANYBLOB="3106000000000000000000000500080000000000080001000e000000feffffffffffffff0000"], 0x2c}}, 0x0) r10 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)={0x5cc, r10, 0x2, 0x70bd2a, 0x25dfdbfd, {}, [@TIPC_NLA_SOCK={0xe0, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x100}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x48000000}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x85c5}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x10000}, @TIPC_NLA_SOCK_CON={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1000}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1f}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7ff}, @TIPC_NLA_SOCK_CON={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xfffffffa}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x80000000}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x80000001}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x81}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_FLAG={0x8}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1}]}, @TIPC_NLA_BEARER={0x70, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x3, @private1={0xfc, 0x1, '\x00', 0x1}, 0xfffffffb}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x100, @mcast2, 0x7}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3f}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x4}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x80000001}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}, @TIPC_NLA_SOCK={0x60, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x80000001}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9476}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfffffffe}]}]}, @TIPC_NLA_NODE={0x124, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0xba, 0x3, "b25433b440ee17851c0c6f0ac14f6f50a890b9001b1730e5e8f303a47491d860d36b491adac83e0776ae4e4468932293540a65c67450ce18027605016ae6a5dcad6642006c4a5e075a1ef652eeac7dcbe6be90095bf59e619cd1ed95768ad3d62eec0102c9fab1aed243eaf70955620e2e645be6b2c74a4233f4ba4cd2c21b43034148577dbc7ac560c7414d7dbfcbe7464d33c50cfe1eae597e736e88e6219d661efcc5bfe0526465c5a3a1ae40c38d4f97006c6d26"}, @TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "ccf9db09f9645d1f82158323dbc24875948738c8"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xfffffffa}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x7fff}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_LINK={0x54, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9f3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_BEARER={0x3c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x400, @private1, 0x9}}}}]}, @TIPC_NLA_SOCK={0x48, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x8000}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x100}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xa4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_SOCK_CON={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xc8d0}]}, @TIPC_NLA_LINK={0x84, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}]}]}, @TIPC_NLA_NODE={0x154, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0x39, 0x3, "fff80ed9ef23c23c015079727f552e3086694575fcdd609aa782066ed2f9cb011df4c8be59fb116a85144d18662c038b08c03ca1bb"}, @TIPC_NLA_NODE_ID={0xcd, 0x3, "031eb83660b0e40027699e3ca89cda23f261485a3fc7d9971442883729ecd9048a81fe77d300ca19a41f7122de69f0de505f0493aecf42c4a66985c0fa19bc5ee38fc439600bcda8c4a37f3f1527285372225de0226137662f5e779b64a69b41ec826f9d491caeda9ca47309431d4998643f03f6794d685736240bc1a383c253b1ae903bd59c62d83dc556419f61c65b166345d54967263a56cce5ccaf11e2de3f18a1bc9c84fb5bd5bc0455d33506b83ec458430281f07d8d439bd7feace2e881fbd3edc9b662e7f7"}, @TIPC_NLA_NODE_KEY={0x42, 0x4, {'gcm(aes)\x00', 0x1a, "cf945f4d66f8891cd9d592cd147e0e92141f4fca0ccac8caef44"}}]}, @TIPC_NLA_NET={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9}]}]}, 0x5cc}, 0x1, 0x0, 0x0, 0x8020}, 0x24040080) r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000900), r0) r12 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r12, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), r11) 13:17:25 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:25 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x38, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x38}}, 0x0) 13:17:25 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 660.003192][T26163] netlink: 'syz-executor.0': attribute type 11 has an invalid length. 13:17:25 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x38, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x38}}, 0x0) 13:17:25 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c00010062"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:25 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:25 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) [ 660.045035][T26170] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 660.053423][T26169] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. 13:17:25 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x38, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x38}}, 0x0) 13:17:25 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x29) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r6, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:25 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NLBL_CIPSOV4_C_ADD(r3, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f00000002c0)={0x1b0, r4, 0x300, 0x70bd2c, 0x25dfdbfd, {}, [@NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_TAGLST={0xc, 0x4, 0x0, 0x1, [{0x5}]}, @NLBL_CIPSOV4_A_TAGLST={0x14, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x2}, {0x5}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x1}, @NLBL_CIPSOV4_A_MLSCATLST={0x18, 0xc, 0x0, 0x1, [{0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x50e8a6d0}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xbcd7}]}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x5c, 0xc, 0x0, 0x1, [{0x44, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc97a}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x15ef798}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x172e61ff}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc518}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5e95}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x79359cfb}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x447d}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x8397b40}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7360}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7a995d8c}]}]}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x7}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x5}, {0x5}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_MLSCATLST={0xc4, 0xc, 0x0, 0x1, [{0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4150ebe}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x89a4}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2ceeb880}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x87a2}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xed65}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x18ad}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x600edc87}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xa0d3}]}, {0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4eac18db}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x39b}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x74db}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2fca26ae}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2c9fa3d6}]}, {0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x608d63b6}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf9d0}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6200c5fe}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x21789576}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x30e3}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2232e54a}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x415a}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1ad05845}]}]}]}, 0x1b0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4000) sendmsg$NL802154_CMD_SET_CCA_MODE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x20, r2, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r2, 0x1, 0x70bd2c, 0x0, {}, [@NL802154_ATTR_PAGE={0x5, 0x7, 0x1c}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x48a0) 13:17:25 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x29) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000003c0)={'wlan0\x00'}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r6, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:25 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x29) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000003c0)={'wlan0\x00'}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r6, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:25 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x38, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x38}}, 0x0) 13:17:25 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x38, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x38}}, 0x0) 13:17:25 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x38, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x38}}, 0x0) 13:17:25 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x29) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000003c0)={'wlan0\x00'}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r6, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:25 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), r0) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, r2, 0x200, 0x70bd27, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x7}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x6}]}, 0x44}, 0x1, 0x0, 0x0, 0x44}, 0x40800) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:25 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x29) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000003c0)={'wlan0\x00'}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:25 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), r0) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, r2, 0x200, 0x70bd27, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x7}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x6}]}, 0x44}, 0x1, 0x0, 0x0, 0x44}, 0x40800) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:25 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) 13:17:25 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), r0) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, r2, 0x200, 0x70bd27, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x7}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x6}]}, 0x44}, 0x1, 0x0, 0x0, 0x44}, 0x40800) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:25 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), r0) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:25 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, 0x0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:26 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, 0x0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:26 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x1) sendmsg$nl_route(r3, &(0x7f0000000680)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)=@bridge_delvlan={0x7c, 0x71, 0x600, 0x70bd2a, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x20, 0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_MCAST_ROUTER={0x5, 0x6, 0x1f}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xf}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x2, 0x4}}}, @BRIDGE_VLANDB_ENTRY={0x10, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_TUNNEL_INFO={0xc, 0x4, 0x0, 0x1, @BRIDGE_VLANDB_TINFO_ID={0x8, 0x1, 0x8558}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_MCAST_ROUTER={0x5, 0x6, 0x5}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4000014}, 0x1) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x0, 0x0, {0x7, r4}, [@MDBA_SET_ENTRY={0x20, 0x1, {r4, 0x0, 0x0, 0x0, {@in6_addr=@private1, 0x86dd}}}]}, 0x38}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc01cf509, &(0x7f00000000c0)={r1, 0x0, 0x0, 0xb3}) sendmsg$nl_route_sched(r5, &(0x7f0000000400)={&(0x7f0000000180), 0xc, &(0x7f00000003c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="980000003100000225bd7000fcdbdf2500000000340001000c00050008000300000000800c00080008000300241a00000c001d0008000100627066000c00060008000300000200001c0001000c00150008000300010000800c00000800030000020000340001000c001c0008000300800000000c001d0008000300001000000c00000008000300080000000c000000080003000700000000"], 0x98}, 0x1, 0x0, 0x0, 0x2400c844}, 0x4000) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r7, @ANYBLOB="cd48556d689f2a54010000000000000000000d0000000c0006000100000001000000"], 0x20}}, 0x0) 13:17:26 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x1) sendmsg$nl_route(r3, &(0x7f0000000680)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)=@bridge_delvlan={0x7c, 0x71, 0x600, 0x70bd2a, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x20, 0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_MCAST_ROUTER={0x5, 0x6, 0x1f}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xf}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x2, 0x4}}}, @BRIDGE_VLANDB_ENTRY={0x10, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_TUNNEL_INFO={0xc, 0x4, 0x0, 0x1, @BRIDGE_VLANDB_TINFO_ID={0x8, 0x1, 0x8558}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_MCAST_ROUTER={0x5, 0x6, 0x5}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4000014}, 0x1) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_PROTOCOL={0x6, 0x17}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x0, 0x0, {0x7, r4}, [@MDBA_SET_ENTRY={0x20, 0x1, {r4, 0x0, 0x0, 0x0, {@in6_addr=@private1, 0x86dd}}}]}, 0x38}}, 0x0) 13:17:26 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631}, 0x14}}, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x29) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000003c0)={'wlan0\x00'}) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 660.498488][T26216] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. 13:17:26 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, 0x0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 660.527710][T26223] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. 13:17:26 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), r0) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:26 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x631, 0x7000000, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:26 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), r0) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:26 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), r0) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:26 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) readv(r0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/97, 0x4}], 0x1) ioctl$RTC_RD_TIME(r0, 0x80247009, &(0x7f0000000080)) 13:17:26 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x631, 0x6, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:26 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {0x0, 0x6}}}, 0xfd53}}, 0x0) sendmsg$TIPC_CMD_SET_LINK_TOL(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x68, r1, 0x2, 0x70bd2d, 0x25dfdbfb, {{}, {}, {0x4c, 0x18, {0x3ff, @link='broadcast-link\x00'}}}, ["", "", "", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x1}, 0x20000005) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$RTC_EPOCH_SET(r2, 0x4004700e, 0x5) r3 = accept4$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs, &(0x7f0000000140)=0x6e, 0x0) fcntl$setpipe(r3, 0x407, 0x9) readv(r2, &(0x7f0000000180)=[{&(0x7f0000000000)=""/97, 0x4}], 0x1) ioctl$RTC_WKALM_SET(r2, 0x4028700f, &(0x7f0000000080)={0x1, 0x1, {0x0, 0x14, 0x13, 0x1f, 0x6, 0x7fffffff, 0x5, 0x21}}) 13:17:26 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), r0) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:26 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) readv(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/97, 0xb3}], 0x1) r1 = fsmount(0xffffffffffffffff, 0x1, 0x7) ioctl$RTC_IRQP_READ(r1, 0x8004700b, &(0x7f0000000080)) ioctl$RTC_AIE_OFF(r0, 0x7002) 13:17:26 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) readv(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/97, 0xb3}], 0x1) r1 = fsmount(0xffffffffffffffff, 0x1, 0x7) ioctl$RTC_IRQP_READ(r1, 0x8004700b, &(0x7f0000000080)) ioctl$RTC_AIE_OFF(r0, 0x7002) 13:17:26 executing program 1: ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r0}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:26 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) readv(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/97, 0xb3}], 0x1) r1 = fsmount(0xffffffffffffffff, 0x1, 0x7) ioctl$RTC_IRQP_READ(r1, 0x8004700b, &(0x7f0000000080)) ioctl$RTC_AIE_OFF(r0, 0x7002) 13:17:27 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x300, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:27 executing program 1: ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r0}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:27 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {0x0, 0x6}}}, 0xfd53}}, 0x0) sendmsg$TIPC_CMD_SET_LINK_TOL(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x68, r1, 0x2, 0x70bd2d, 0x25dfdbfb, {{}, {}, {0x4c, 0x18, {0x3ff, @link='broadcast-link\x00'}}}, ["", "", "", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x1}, 0x20000005) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$RTC_EPOCH_SET(r2, 0x4004700e, 0x5) r3 = accept4$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs, &(0x7f0000000140)=0x6e, 0x0) fcntl$setpipe(r3, 0x407, 0x9) readv(r2, &(0x7f0000000180)=[{&(0x7f0000000000)=""/97, 0x4}], 0x1) ioctl$RTC_WKALM_SET(r2, 0x4028700f, &(0x7f0000000080)={0x1, 0x1, {0x0, 0x14, 0x13, 0x1f, 0x6, 0x7fffffff, 0x5, 0x21}}) 13:17:27 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xf, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x2c}}, 0x0) 13:17:27 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xf, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:27 executing program 1: ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r0}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:27 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) (fail_nth: 1) 13:17:27 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) (fail_nth: 1) 13:17:27 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), r0) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 661.509217][T26263] FAULT_INJECTION: forcing a failure. [ 661.509217][T26263] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 661.509763][T26267] FAULT_INJECTION: forcing a failure. [ 661.509763][T26267] name fail_usercopy, interval 1, probability 0, space 0, times 0 13:17:27 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), r0) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 661.521175][T26267] CPU: 2 PID: 26267 Comm: syz-executor.2 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 661.526018][T26267] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 661.530627][T26267] Call Trace: [ 661.532210][T26267] [ 661.533399][T26267] dump_stack_lvl+0x125/0x1b0 [ 661.535366][T26267] should_fail_ex+0x496/0x5b0 [ 661.537306][T26267] _copy_from_user+0x30/0xf0 [ 661.539154][T26267] get_compat_msghdr+0xa8/0x170 [ 661.541025][T26267] ? __get_compat_msghdr+0x4d0/0x4d0 [ 661.542990][T26267] ? kstrtouint+0xde/0x130 [ 661.545005][T26267] ? rcu_is_watching+0x12/0xb0 [ 661.547233][T26267] ___sys_sendmsg+0x1ac/0x1d0 [ 661.549433][T26267] ? do_recvmmsg+0x740/0x740 [ 661.551592][T26267] ? rcu_is_watching+0x12/0xb0 [ 661.553700][T26267] ? proc_task_getattr+0x240/0x240 [ 661.555616][T26267] ? ksys_write+0x214/0x250 [ 661.557350][T26267] ? __fget_light+0xe6/0x260 [ 661.559163][T26267] __sys_sendmsg+0x117/0x1e0 [ 661.560903][T26267] ? __sys_sendmsg_sock+0x30/0x30 [ 661.563062][T26267] ? rcu_is_watching+0x12/0xb0 [ 661.564946][T26267] __do_fast_syscall_32+0x61/0xe0 [ 661.566960][T26267] do_fast_syscall_32+0x33/0x70 [ 661.568882][T26267] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 661.571217][T26267] RIP: 0023:0xf7f2a579 [ 661.572762][T26267] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 661.580357][T26267] RSP: 002b:00000000f7f255ac EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 661.583622][T26267] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200002c0 [ 661.586787][T26267] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 661.590071][T26267] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 661.593714][T26267] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 661.597381][T26267] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 661.601045][T26267] [ 661.602424][T26263] CPU: 0 PID: 26263 Comm: syz-executor.3 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 661.606112][T26263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 661.609829][T26263] Call Trace: [ 661.611067][T26263] [ 661.612205][T26263] dump_stack_lvl+0x125/0x1b0 [ 661.613966][T26263] should_fail_ex+0x496/0x5b0 [ 661.615719][T26263] _copy_from_user+0x30/0xf0 [ 661.617505][T26263] get_compat_msghdr+0xa8/0x170 [ 661.619797][T26263] ? __get_compat_msghdr+0x4d0/0x4d0 [ 661.622292][T26263] ? kstrtouint+0xde/0x130 [ 661.624358][T26263] ? rcu_is_watching+0x12/0xb0 [ 661.626581][T26263] ___sys_sendmsg+0x1ac/0x1d0 [ 661.628702][T26263] ? do_recvmmsg+0x740/0x740 [ 661.630599][T26263] ? rcu_is_watching+0x12/0xb0 [ 661.632438][T26263] ? proc_task_getattr+0x240/0x240 [ 661.634298][T26263] ? ksys_write+0x214/0x250 [ 661.635976][T26263] ? __fget_light+0xe6/0x260 [ 661.637692][T26263] __sys_sendmsg+0x117/0x1e0 [ 661.639400][T26263] ? __sys_sendmsg_sock+0x30/0x30 [ 661.641280][T26263] ? rcu_is_watching+0x12/0xb0 [ 661.643074][T26263] __do_fast_syscall_32+0x61/0xe0 [ 661.644918][T26263] do_fast_syscall_32+0x33/0x70 [ 661.646694][T26263] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 661.649006][T26263] RIP: 0023:0xf7ff5579 [ 661.650507][T26263] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 661.657581][T26263] RSP: 002b:00000000f7ff05ac EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 661.660742][T26263] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200001c0 [ 661.663608][T26263] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 661.666514][T26263] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 661.669438][T26263] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 661.672351][T26263] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 661.675268][T26263] 13:17:27 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 1) 13:17:27 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), r0) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:27 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) (fail_nth: 2) 13:17:27 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) (fail_nth: 2) [ 662.301033][T26276] FAULT_INJECTION: forcing a failure. [ 662.301033][T26276] name failslab, interval 1, probability 0, space 0, times 0 13:17:27 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, 0x0) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), r0) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 662.306403][T26276] CPU: 3 PID: 26276 Comm: syz-executor.2 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 662.308363][T26278] FAULT_INJECTION: forcing a failure. [ 662.308363][T26278] name failslab, interval 1, probability 0, space 0, times 0 [ 662.310437][T26275] FAULT_INJECTION: forcing a failure. [ 662.310437][T26275] name failslab, interval 1, probability 0, space 0, times 0 [ 662.310930][T26276] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 662.310940][T26276] Call Trace: [ 662.310944][T26276] [ 662.310949][T26276] dump_stack_lvl+0x125/0x1b0 [ 662.310969][T26276] should_fail_ex+0x496/0x5b0 [ 662.330283][T26276] should_failslab+0x9/0x20 [ 662.332073][T26276] kmem_cache_alloc_node+0x389/0x3f0 [ 662.334024][T26276] ? __alloc_skb+0x287/0x330 13:17:27 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, 0x0) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), r0) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:27 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, 0x0) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), r0) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 662.335750][T26276] __alloc_skb+0x287/0x330 [ 662.337700][T26276] ? __napi_build_skb+0x50/0x50 [ 662.339506][T26276] ? __netlink_dump_start+0x910/0x9c0 [ 662.341567][T26276] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 662.343867][T26276] ? apparmor_socket_getpeersec_dgram+0x9/0x10 [ 662.346237][T26276] netlink_sendmsg+0x9c6/0xe40 [ 662.348065][T26276] ? netlink_unicast+0x810/0x810 [ 662.350008][T26276] ? __might_fault+0xe5/0x190 [ 662.351812][T26276] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 662.353788][T26276] ? netlink_unicast+0x810/0x810 [ 662.355625][T26276] sock_sendmsg+0xd9/0x180 [ 662.357549][T26276] ____sys_sendmsg+0x6ac/0x940 [ 662.359698][T26276] ? kernel_sendmsg+0x50/0x50 [ 662.361460][T26276] ? get_compat_msghdr+0x11b/0x170 [ 662.363333][T26276] ? rcu_is_watching+0x12/0xb0 [ 662.365259][T26276] ___sys_sendmsg+0x135/0x1d0 [ 662.367112][T26276] ? do_recvmmsg+0x740/0x740 [ 662.368825][T26276] ? rcu_is_watching+0x12/0xb0 [ 662.370579][T26276] ? proc_task_getattr+0x240/0x240 [ 662.372464][T26276] ? ksys_write+0x214/0x250 [ 662.374137][T26276] ? __fget_light+0xe6/0x260 [ 662.375828][T26276] __sys_sendmsg+0x117/0x1e0 [ 662.377562][T26276] ? __sys_sendmsg_sock+0x30/0x30 [ 662.379412][T26276] ? rcu_is_watching+0x12/0xb0 [ 662.381202][T26276] __do_fast_syscall_32+0x61/0xe0 [ 662.383056][T26276] do_fast_syscall_32+0x33/0x70 [ 662.384857][T26276] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 662.387194][T26276] RIP: 0023:0xf7f2a579 [ 662.388696][T26276] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 662.395659][T26276] RSP: 002b:00000000f7f255ac EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 662.399021][T26276] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200002c0 [ 662.402519][T26276] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 662.406042][T26276] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 662.409570][T26276] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 662.413090][T26276] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 662.416623][T26276] 13:17:27 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(0x0, r0) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 662.418021][T26278] CPU: 0 PID: 26278 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 662.421990][T26278] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 662.425688][T26278] Call Trace: [ 662.426928][T26278] [ 662.428031][T26278] dump_stack_lvl+0x125/0x1b0 [ 662.429781][T26278] should_fail_ex+0x496/0x5b0 [ 662.431424][T26278] should_failslab+0x9/0x20 [ 662.433117][T26278] kmem_cache_alloc+0x33a/0x3b0 [ 662.434941][T26278] getname_flags.part.0+0x50/0x4d0 [ 662.436847][T26278] getname+0x90/0xe0 [ 662.438497][T26278] do_sys_openat2+0x100/0x1e0 [ 662.440259][T26278] ? build_open_flags+0x690/0x690 [ 662.442124][T26278] __ia32_compat_sys_openat+0x16e/0x200 [ 662.444276][T26278] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 662.446408][T26278] ? ksys_write+0x1a7/0x250 [ 662.448150][T26278] ? rcu_is_watching+0x12/0xb0 [ 662.449910][T26278] __do_fast_syscall_32+0x61/0xe0 [ 662.451761][T26278] do_fast_syscall_32+0x33/0x70 [ 662.453564][T26278] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 662.455862][T26278] RIP: 0023:0xf7fc8579 [ 662.457678][T26278] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 662.464765][T26278] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 662.467819][T26278] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 662.470710][T26278] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 662.473599][T26278] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 662.476646][T26278] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 662.479529][T26278] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 662.482438][T26278] [ 662.483586][T26275] CPU: 1 PID: 26275 Comm: syz-executor.3 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 662.488055][T26275] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 662.492560][T26275] Call Trace: [ 662.494071][T26275] 13:17:28 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 2) 13:17:28 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(0x0, r0) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:28 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) (fail_nth: 3) [ 662.495395][T26275] dump_stack_lvl+0x125/0x1b0 [ 662.497788][T26275] should_fail_ex+0x496/0x5b0 [ 662.499911][T26275] should_failslab+0x9/0x20 [ 662.501976][T26275] kmem_cache_alloc_node+0x389/0x3f0 [ 662.504325][T26275] ? __alloc_skb+0x287/0x330 [ 662.506396][T26275] __alloc_skb+0x287/0x330 [ 662.507628][T26291] FAULT_INJECTION: forcing a failure. [ 662.507628][T26291] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 662.508116][T26275] ? __napi_build_skb+0x50/0x50 [ 662.514394][T26275] ? __netlink_dump_start+0x910/0x9c0 [ 662.516403][T26275] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 662.518841][T26275] ? apparmor_socket_getpeersec_dgram+0x9/0x10 [ 662.521060][T26275] netlink_sendmsg+0x9c6/0xe40 [ 662.522820][T26275] ? netlink_unicast+0x810/0x810 [ 662.524640][T26275] ? __might_fault+0xe5/0x190 [ 662.526382][T26275] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 662.528369][T26275] ? netlink_unicast+0x810/0x810 [ 662.530193][T26275] sock_sendmsg+0xd9/0x180 [ 662.531853][T26275] ____sys_sendmsg+0x6ac/0x940 [ 662.533610][T26275] ? kernel_sendmsg+0x50/0x50 [ 662.535309][T26275] ? get_compat_msghdr+0x11b/0x170 [ 662.537287][T26275] ? rcu_is_watching+0x12/0xb0 [ 662.539026][T26275] ___sys_sendmsg+0x135/0x1d0 [ 662.540767][T26275] ? do_recvmmsg+0x740/0x740 [ 662.542453][T26275] ? rcu_is_watching+0x12/0xb0 [ 662.544207][T26275] ? proc_task_getattr+0x240/0x240 [ 662.546082][T26275] ? ksys_write+0x214/0x250 [ 662.548011][T26275] ? __fget_light+0xe6/0x260 [ 662.549697][T26275] __sys_sendmsg+0x117/0x1e0 [ 662.551395][T26275] ? __sys_sendmsg_sock+0x30/0x30 [ 662.553238][T26275] ? rcu_is_watching+0x12/0xb0 [ 662.554968][T26275] __do_fast_syscall_32+0x61/0xe0 [ 662.556890][T26275] do_fast_syscall_32+0x33/0x70 [ 662.558716][T26275] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 662.561035][T26275] RIP: 0023:0xf7ff5579 [ 662.562527][T26275] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 662.569581][T26275] RSP: 002b:00000000f7ff05ac EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 662.572598][T26275] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200001c0 [ 662.575460][T26275] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 662.578361][T26275] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 662.581243][T26275] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 662.584143][T26275] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 662.587235][T26275] [ 662.588381][T26291] CPU: 3 PID: 26291 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 662.591836][T26291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 662.595464][T26291] Call Trace: [ 662.596677][T26291] [ 662.597706][T26291] dump_stack_lvl+0x125/0x1b0 [ 662.599536][T26291] should_fail_ex+0x496/0x5b0 [ 662.601205][T26291] strncpy_from_user+0x38/0x300 [ 662.602882][T26291] getname_flags.part.0+0x93/0x4d0 [ 662.604675][T26291] getname+0x90/0xe0 [ 662.606041][T26291] do_sys_openat2+0x100/0x1e0 [ 662.607673][T26291] ? build_open_flags+0x690/0x690 [ 662.609409][T26291] __ia32_compat_sys_openat+0x16e/0x200 [ 662.611306][T26291] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 662.613192][T26291] ? ksys_write+0x1a7/0x250 [ 662.614815][T26291] ? rcu_is_watching+0x12/0xb0 [ 662.616670][T26291] __do_fast_syscall_32+0x61/0xe0 [ 662.618411][T26291] do_fast_syscall_32+0x33/0x70 [ 662.620136][T26291] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 662.622329][T26291] RIP: 0023:0xf7fc8579 [ 662.623740][T26291] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 662.630414][T26291] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 13:17:28 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) (fail_nth: 3) 13:17:28 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) (fail_nth: 4) 13:17:28 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(0x0, r0) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 662.633416][T26291] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 662.636443][T26294] FAULT_INJECTION: forcing a failure. [ 662.636443][T26294] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 662.636548][T26291] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 662.643998][T26291] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 662.646773][T26291] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 662.649627][T26291] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 662.652345][T26291] 13:17:28 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 662.653610][T26294] CPU: 0 PID: 26294 Comm: syz-executor.2 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 662.658332][T26294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 662.662828][T26294] Call Trace: [ 662.664098][T26294] [ 662.665419][T26294] dump_stack_lvl+0x125/0x1b0 [ 662.667402][T26294] should_fail_ex+0x496/0x5b0 [ 662.669168][T26294] copyin+0x1b/0xa0 [ 662.670596][T26294] _copy_from_iter+0x1e5/0x1270 [ 662.672419][T26294] ? __build_skb_around+0x278/0x3b0 [ 662.674350][T26294] ? iov_iter_extract_pages+0x1870/0x1870 [ 662.676475][T26294] ? __napi_build_skb+0x50/0x50 [ 662.678277][T26294] ? __netlink_dump_start+0x910/0x9c0 [ 662.680293][T26294] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 662.682488][T26294] ? __virt_addr_valid+0x5e/0x2d0 [ 662.684370][T26294] ? __phys_addr_symbol+0x30/0x70 [ 662.686238][T26294] ? __check_object_size+0x323/0x730 [ 662.688203][T26294] netlink_sendmsg+0x897/0xe40 [ 662.689990][T26294] ? netlink_unicast+0x810/0x810 [ 662.691837][T26294] ? __might_fault+0xe5/0x190 [ 662.693608][T26294] ? bpf_lsm_socket_sendmsg+0x9/0x10 13:17:28 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 3) [ 662.695567][T26294] ? netlink_unicast+0x810/0x810 [ 662.697409][T26302] FAULT_INJECTION: forcing a failure. [ 662.697409][T26302] name failslab, interval 1, probability 0, space 0, times 0 [ 662.697600][T26294] sock_sendmsg+0xd9/0x180 [ 662.703685][T26294] ____sys_sendmsg+0x6ac/0x940 [ 662.705489][T26294] ? kernel_sendmsg+0x50/0x50 [ 662.707248][T26294] ? get_compat_msghdr+0x11b/0x170 [ 662.709157][T26294] ? rcu_is_watching+0x12/0xb0 [ 662.710938][T26294] ___sys_sendmsg+0x135/0x1d0 [ 662.712724][T26294] ? do_recvmmsg+0x740/0x740 [ 662.714448][T26294] ? rcu_is_watching+0x12/0xb0 [ 662.716240][T26294] ? proc_task_getattr+0x240/0x240 [ 662.718156][T26294] ? ksys_write+0x214/0x250 [ 662.719856][T26294] ? __fget_light+0xe6/0x260 [ 662.721591][T26294] __sys_sendmsg+0x117/0x1e0 [ 662.723309][T26294] ? __sys_sendmsg_sock+0x30/0x30 [ 662.725196][T26294] ? rcu_is_watching+0x12/0xb0 [ 662.726971][T26294] __do_fast_syscall_32+0x61/0xe0 [ 662.728848][T26294] do_fast_syscall_32+0x33/0x70 [ 662.730665][T26294] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 662.733000][T26294] RIP: 0023:0xf7f2a579 [ 662.734517][T26294] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 662.741594][T26294] RSP: 002b:00000000f7f255ac EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 662.744641][T26294] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200002c0 [ 662.747552][T26294] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 662.750458][T26294] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 662.753367][T26294] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 662.756277][T26294] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 662.759182][T26294] [ 662.760343][T26302] CPU: 3 PID: 26302 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 662.763794][T26302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 662.767419][T26302] Call Trace: [ 662.768571][T26302] [ 662.769583][T26302] dump_stack_lvl+0x125/0x1b0 [ 662.771197][T26302] should_fail_ex+0x496/0x5b0 [ 662.772819][T26302] should_failslab+0x9/0x20 [ 662.774368][T26302] kmem_cache_alloc+0x33a/0x3b0 [ 662.776234][T26302] alloc_empty_file+0x73/0x1d0 [ 662.777878][T26302] path_openat+0xdc/0x29c0 [ 662.779411][T26302] ? __ia32_compat_sys_openat+0x16e/0x200 [ 662.781368][T26302] ? __do_fast_syscall_32+0x61/0xe0 [ 662.783152][T26302] ? do_fast_syscall_32+0x33/0x70 [ 662.784902][T26302] ? entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 662.787187][T26302] ? path_lookupat+0x770/0x770 [ 662.788849][T26302] do_filp_open+0x1de/0x430 [ 662.790409][T26302] ? may_open_dev+0xf0/0xf0 [ 662.791962][T26302] ? expand_files+0x442/0x910 [ 662.793568][T26302] ? _raw_spin_unlock+0x28/0x40 [ 662.795408][T26302] ? alloc_fd+0x2da/0x6c0 [ 662.796972][T26302] do_sys_openat2+0x176/0x1e0 [ 662.798586][T26302] ? build_open_flags+0x690/0x690 [ 662.800341][T26302] __ia32_compat_sys_openat+0x16e/0x200 [ 662.802225][T26302] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 662.804330][T26302] ? ksys_write+0x1a7/0x250 [ 662.806003][T26302] ? rcu_is_watching+0x12/0xb0 [ 662.807822][T26302] __do_fast_syscall_32+0x61/0xe0 [ 662.809662][T26302] do_fast_syscall_32+0x33/0x70 [ 662.811430][T26302] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 662.813717][T26302] RIP: 0023:0xf7fc8579 [ 662.815306][T26302] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 662.822148][T26302] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 662.825130][T26302] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 662.827980][T26302] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 662.830735][T26302] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 662.833541][T26302] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 662.836323][T26302] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 662.839032][T26302] 13:17:28 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) (fail_nth: 5) 13:17:28 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 4) [ 662.857460][T26306] FAULT_INJECTION: forcing a failure. [ 662.857460][T26306] name failslab, interval 1, probability 0, space 0, times 0 [ 662.861693][T26308] FAULT_INJECTION: forcing a failure. 13:17:28 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 662.861693][T26308] name failslab, interval 1, probability 0, space 0, times 0 13:17:28 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) (fail_nth: 4) [ 662.865328][T26306] CPU: 0 PID: 26306 Comm: syz-executor.2 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 662.870414][T26306] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 662.873870][T26306] Call Trace: [ 662.875026][T26306] [ 662.876100][T26306] dump_stack_lvl+0x125/0x1b0 [ 662.877947][T26306] should_fail_ex+0x496/0x5b0 [ 662.879573][T26306] should_failslab+0x9/0x20 [ 662.881164][T26306] __kmem_cache_alloc_node+0x2fd/0x350 [ 662.883062][T26306] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x280 [ 662.885616][T26306] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x280 [ 662.888552][T26306] __kmalloc+0x4f/0x100 [ 662.890323][T26306] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x280 [ 662.893303][T26306] genl_family_rcv_msg_doit+0xbf/0x2e0 [ 662.895555][T26306] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 662.898669][T26306] ? security_capable+0x92/0xc0 [ 662.900380][T26306] genl_rcv_msg+0x55c/0x800 [ 662.901935][T26306] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 662.903962][T26306] ? nl802154_wpan_phy_netns+0x2c0/0x2c0 [ 662.905825][T26306] ? nl802154_set_lbt_mode+0x4e0/0x4e0 [ 662.907736][T26306] ? nl802154_pre_doit+0xd20/0xd20 [ 662.909521][T26306] netlink_rcv_skb+0x16b/0x440 [ 662.911390][T26306] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 662.913461][T26306] ? netlink_ack+0x1370/0x1370 [ 662.915136][T26306] ? rcu_is_watching+0x12/0xb0 [ 662.916952][T26306] ? down_write+0x200/0x200 [ 662.918629][T26306] ? netlink_deliver_tap+0x1b1/0xd10 [ 662.920481][T26306] genl_rcv+0x28/0x40 [ 662.921895][T26306] netlink_unicast+0x536/0x810 [ 662.923567][T26306] ? netlink_attachskb+0x870/0x870 [ 662.925351][T26306] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 662.927666][T26306] ? __phys_addr_symbol+0x30/0x70 [ 662.929456][T26306] ? __check_object_size+0x323/0x730 [ 662.931274][T26306] netlink_sendmsg+0x93c/0xe40 [ 662.933064][T26306] ? netlink_unicast+0x810/0x810 [ 662.934923][T26306] ? __might_fault+0xe5/0x190 [ 662.936745][T26306] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 662.938606][T26306] ? netlink_unicast+0x810/0x810 [ 662.940362][T26306] sock_sendmsg+0xd9/0x180 [ 662.941915][T26306] ____sys_sendmsg+0x6ac/0x940 [ 662.943580][T26306] ? kernel_sendmsg+0x50/0x50 [ 662.945220][T26306] ? get_compat_msghdr+0x11b/0x170 [ 662.947163][T26306] ? rcu_is_watching+0x12/0xb0 [ 662.949002][T26306] ___sys_sendmsg+0x135/0x1d0 [ 662.950626][T26306] ? do_recvmmsg+0x740/0x740 [ 662.952231][T26306] ? rcu_is_watching+0x12/0xb0 [ 662.953886][T26306] ? proc_task_getattr+0x240/0x240 [ 662.955636][T26306] ? ksys_write+0x214/0x250 [ 662.957471][T26306] ? __fget_light+0xe6/0x260 [ 662.959460][T26306] __sys_sendmsg+0x117/0x1e0 [ 662.961498][T26306] ? __sys_sendmsg_sock+0x30/0x30 [ 662.963583][T26306] ? rcu_is_watching+0x12/0xb0 [ 662.965602][T26306] __do_fast_syscall_32+0x61/0xe0 [ 662.967798][T26306] do_fast_syscall_32+0x33/0x70 [ 662.969863][T26306] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 662.972048][T26306] RIP: 0023:0xf7f2a579 [ 662.973448][T26306] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 662.980124][T26306] RSP: 002b:00000000f7f255ac EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 662.982962][T26306] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200002c0 [ 662.985677][T26306] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 662.986866][T26315] FAULT_INJECTION: forcing a failure. [ 662.986866][T26315] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 662.988925][T26306] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 662.988935][T26306] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 662.988941][T26306] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 662.988951][T26306] [ 662.988975][T26308] CPU: 2 PID: 26308 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 663.011188][T26308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 663.015834][T26308] Call Trace: [ 663.017411][T26308] [ 663.018806][T26308] dump_stack_lvl+0x125/0x1b0 [ 663.021080][T26308] should_fail_ex+0x496/0x5b0 [ 663.023296][T26308] should_failslab+0x9/0x20 [ 663.025458][T26308] kmem_cache_alloc+0x33a/0x3b0 [ 663.027741][T26308] security_file_alloc+0x41/0x250 [ 663.030113][T26308] ? kmem_cache_alloc+0x34e/0x3b0 [ 663.032482][T26308] init_file+0xb9/0x2d0 [ 663.034529][T26308] alloc_empty_file+0x91/0x1d0 [ 663.036772][T26308] path_openat+0xdc/0x29c0 [ 663.038815][T26308] ? __ia32_compat_sys_openat+0x16e/0x200 [ 663.041499][T26308] ? __do_fast_syscall_32+0x61/0xe0 [ 663.043904][T26308] ? do_fast_syscall_32+0x33/0x70 [ 663.046273][T26308] ? entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 663.049246][T26308] ? path_lookupat+0x770/0x770 [ 663.051470][T26308] do_filp_open+0x1de/0x430 [ 663.053714][T26308] ? may_open_dev+0xf0/0xf0 [ 663.055858][T26308] ? expand_files+0x442/0x910 [ 663.058108][T26308] ? _raw_spin_unlock+0x28/0x40 [ 663.060422][T26308] ? alloc_fd+0x2da/0x6c0 [ 663.062474][T26308] do_sys_openat2+0x176/0x1e0 [ 663.064826][T26308] ? build_open_flags+0x690/0x690 [ 663.067161][T26308] __ia32_compat_sys_openat+0x16e/0x200 [ 663.069661][T26308] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 663.072194][T26308] ? ksys_write+0x1a7/0x250 [ 663.074323][T26308] ? rcu_is_watching+0x12/0xb0 [ 663.076578][T26308] __do_fast_syscall_32+0x61/0xe0 [ 663.078913][T26308] do_fast_syscall_32+0x33/0x70 [ 663.081153][T26308] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 663.084087][T26308] RIP: 0023:0xf7fc8579 [ 663.085982][T26308] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 663.094862][T26308] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 663.098689][T26308] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 663.102352][T26308] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 663.105970][T26308] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 663.109700][T26308] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 663.113578][T26308] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 663.117167][T26308] [ 663.118595][T26315] CPU: 3 PID: 26315 Comm: syz-executor.3 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 663.122995][T26315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 663.127333][T26315] Call Trace: [ 663.128786][T26315] [ 663.130078][T26315] dump_stack_lvl+0x125/0x1b0 [ 663.132129][T26315] should_fail_ex+0x496/0x5b0 [ 663.134179][T26315] copyin+0x1b/0xa0 13:17:28 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 5) [ 663.135858][T26315] _copy_from_iter+0x1e5/0x1270 13:17:28 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 663.138140][T26315] ? __build_skb_around+0x278/0x3b0 [ 663.140490][T26315] ? iov_iter_extract_pages+0x1870/0x1870 [ 663.142960][T26315] ? __napi_build_skb+0x50/0x50 [ 663.145078][T26315] ? __netlink_dump_start+0x910/0x9c0 [ 663.145359][T26319] FAULT_INJECTION: forcing a failure. [ 663.145359][T26319] name failslab, interval 1, probability 0, space 0, times 0 [ 663.147398][T26315] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 663.147427][T26315] ? __virt_addr_valid+0x5e/0x2d0 [ 663.147448][T26315] ? __phys_addr_symbol+0x30/0x70 [ 663.159940][T26315] ? __check_object_size+0x323/0x730 [ 663.162202][T26315] netlink_sendmsg+0x897/0xe40 [ 663.164298][T26315] ? netlink_unicast+0x810/0x810 [ 663.166429][T26315] ? __might_fault+0xe5/0x190 [ 663.168482][T26315] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 663.170697][T26315] ? netlink_unicast+0x810/0x810 [ 663.172852][T26315] sock_sendmsg+0xd9/0x180 [ 663.174773][T26315] ____sys_sendmsg+0x6ac/0x940 [ 663.176806][T26315] ? kernel_sendmsg+0x50/0x50 [ 663.178852][T26315] ? get_compat_msghdr+0x11b/0x170 [ 663.181034][T26315] ? rcu_is_watching+0x12/0xb0 [ 663.183110][T26315] ___sys_sendmsg+0x135/0x1d0 [ 663.185167][T26315] ? do_recvmmsg+0x740/0x740 [ 663.187192][T26315] ? rcu_is_watching+0x12/0xb0 [ 663.189282][T26315] ? proc_task_getattr+0x240/0x240 [ 663.191514][T26315] ? ksys_write+0x214/0x250 [ 663.193502][T26315] ? __fget_light+0xe6/0x260 [ 663.195546][T26315] __sys_sendmsg+0x117/0x1e0 [ 663.197595][T26315] ? __sys_sendmsg_sock+0x30/0x30 [ 663.199816][T26315] ? rcu_is_watching+0x12/0xb0 [ 663.201899][T26315] __do_fast_syscall_32+0x61/0xe0 [ 663.204113][T26315] do_fast_syscall_32+0x33/0x70 [ 663.206237][T26315] entry_SYSENTER_compat_after_hwframe+0x70/0x82 13:17:28 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) (fail_nth: 6) 13:17:28 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:28 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00'}) syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, 0x0, 0x0) 13:17:28 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00'}) syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, 0x0, 0x0) [ 663.208988][T26315] RIP: 0023:0xf7ff5579 [ 663.210895][T26315] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 663.219172][T26315] RSP: 002b:00000000f7fae5ac EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 663.222780][T26315] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200001c0 [ 663.226193][T26315] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 663.229598][T26315] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 663.233000][T26315] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 663.236409][T26315] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 663.239698][T26315] 13:17:28 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00'}) syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, 0x0, 0x0) [ 663.243169][T26319] CPU: 1 PID: 26319 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 663.247009][T26319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 663.250559][T26319] Call Trace: [ 663.251720][T26319] [ 663.252753][T26319] dump_stack_lvl+0x125/0x1b0 [ 663.254635][T26319] should_fail_ex+0x496/0x5b0 [ 663.256291][T26319] should_failslab+0x9/0x20 [ 663.257894][T26319] __kmem_cache_alloc_node+0x2fd/0x350 [ 663.259797][T26319] ? tomoyo_realpath_from_path+0xb9/0x710 [ 663.261781][T26319] ? tomoyo_realpath_from_path+0xb9/0x710 [ 663.263774][T26319] __kmalloc+0x4f/0x100 [ 663.265266][T26319] tomoyo_realpath_from_path+0xb9/0x710 [ 663.267170][T26319] tomoyo_check_open_permission+0x2aa/0x3b0 [ 663.269204][T26319] ? tomoyo_path_number_perm+0x590/0x590 [ 663.271134][T26319] ? rcu_is_watching+0x12/0xb0 [ 663.272796][T26319] ? make_vfsuid+0x108/0x160 [ 663.274388][T26319] ? hook_path_mknod+0x670/0x670 [ 663.276179][T26319] ? reacquire_held_locks+0x4b0/0x4b0 [ 663.278077][T26319] ? spin_bug+0x1d0/0x1d0 [ 663.279650][T26319] ? make_vfsgid+0x108/0x160 [ 663.281262][T26319] tomoyo_file_open+0xa8/0xd0 [ 663.282885][T26319] security_file_open+0x6a/0xe0 [ 663.284559][T26319] do_dentry_open+0x538/0x1730 [ 663.286217][T26319] ? may_open+0x1f2/0x400 [ 663.287704][T26319] path_openat+0x19af/0x29c0 [ 663.289351][T26319] ? path_lookupat+0x770/0x770 [ 663.291056][T26319] do_filp_open+0x1de/0x430 [ 663.292686][T26319] ? may_open_dev+0xf0/0xf0 [ 663.294390][T26319] ? expand_files+0x442/0x910 [ 663.296094][T26319] ? _raw_spin_unlock+0x28/0x40 [ 663.297793][T26319] ? alloc_fd+0x2da/0x6c0 [ 663.299302][T26319] do_sys_openat2+0x176/0x1e0 [ 663.300975][T26319] ? build_open_flags+0x690/0x690 [ 663.302722][T26319] __ia32_compat_sys_openat+0x16e/0x200 [ 663.304635][T26319] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 663.306584][T26319] ? ksys_write+0x1a7/0x250 [ 663.308172][T26319] ? rcu_is_watching+0x12/0xb0 [ 663.309817][T26319] __do_fast_syscall_32+0x61/0xe0 [ 663.311564][T26319] do_fast_syscall_32+0x33/0x70 [ 663.313252][T26319] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 663.315417][T26319] RIP: 0023:0xf7fc8579 [ 663.316874][T26319] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 663.323519][T26319] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 663.326386][T26319] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 663.329096][T26319] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 663.331799][T26319] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 663.334516][T26319] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 663.337239][T26319] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 663.340072][T26319] [ 663.342212][T26319] ERROR: Out of memory at tomoyo_realpath_from_path. 13:17:28 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) (fail_nth: 5) 13:17:28 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 6) 13:17:28 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:28 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00'}) syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:28 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00'}) syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 663.367291][T26341] FAULT_INJECTION: forcing a failure. [ 663.367291][T26341] name failslab, interval 1, probability 0, space 0, times 0 [ 663.371013][T26339] FAULT_INJECTION: forcing a failure. [ 663.371013][T26339] name failslab, interval 1, probability 0, space 0, times 0 13:17:28 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 663.377254][T26339] CPU: 2 PID: 26339 Comm: syz-executor.3 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 663.381087][T26339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 663.384783][T26339] Call Trace: [ 663.386011][T26339] [ 663.387095][T26339] dump_stack_lvl+0x125/0x1b0 [ 663.388828][T26339] should_fail_ex+0x496/0x5b0 [ 663.390544][T26339] should_failslab+0x9/0x20 [ 663.392225][T26339] kmem_cache_alloc+0x69/0x3b0 [ 663.393998][T26339] skb_clone+0x171/0x3c0 [ 663.395767][T26339] netlink_deliver_tap+0xb3c/0xd10 [ 663.397909][T26339] netlink_unicast+0x5f0/0x810 13:17:28 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00'}) syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 663.399704][T26339] ? netlink_attachskb+0x870/0x870 [ 663.402063][T26339] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 663.404401][T26339] ? __phys_addr_symbol+0x30/0x70 [ 663.406233][T26339] ? __check_object_size+0x323/0x730 13:17:28 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x2, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 663.408175][T26339] netlink_sendmsg+0x93c/0xe40 [ 663.410096][T26339] ? netlink_unicast+0x810/0x810 [ 663.411946][T26339] ? __might_fault+0xe5/0x190 [ 663.413683][T26339] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 663.415940][T26339] ? netlink_unicast+0x810/0x810 [ 663.417901][T26339] sock_sendmsg+0xd9/0x180 [ 663.419553][T26339] ____sys_sendmsg+0x6ac/0x940 [ 663.421312][T26339] ? kernel_sendmsg+0x50/0x50 [ 663.423056][T26339] ? get_compat_msghdr+0x11b/0x170 [ 663.424936][T26339] ? rcu_is_watching+0x12/0xb0 [ 663.426684][T26339] ___sys_sendmsg+0x135/0x1d0 [ 663.428423][T26339] ? do_recvmmsg+0x740/0x740 [ 663.430107][T26339] ? rcu_is_watching+0x12/0xb0 [ 663.431847][T26339] ? proc_task_getattr+0x240/0x240 [ 663.433736][T26339] ? ksys_write+0x214/0x250 [ 663.435488][T26339] ? __fget_light+0xe6/0x260 [ 663.437183][T26339] __sys_sendmsg+0x117/0x1e0 [ 663.438865][T26339] ? __sys_sendmsg_sock+0x30/0x30 [ 663.440725][T26339] ? rcu_is_watching+0x12/0xb0 [ 663.442480][T26339] __do_fast_syscall_32+0x61/0xe0 [ 663.444344][T26339] do_fast_syscall_32+0x33/0x70 [ 663.446130][T26339] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 663.448596][T26339] RIP: 0023:0xf7ff5579 [ 663.450245][T26339] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 663.457275][T26339] RSP: 002b:00000000f7ff05ac EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 663.460330][T26339] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200001c0 [ 663.463197][T26339] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 663.466163][T26339] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 663.469048][T26339] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 663.471895][T26339] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 663.474789][T26339] [ 663.475947][T26341] CPU: 0 PID: 26341 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 13:17:29 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00'}) syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 663.480628][T26341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 663.484773][T26341] Call Trace: [ 663.486239][T26341] [ 663.487358][T26341] dump_stack_lvl+0x125/0x1b0 [ 663.489190][T26341] should_fail_ex+0x496/0x5b0 [ 663.490962][T26341] should_failslab+0x9/0x20 [ 663.492673][T26341] __kmem_cache_alloc_node+0x2fd/0x350 [ 663.494685][T26341] ? tomoyo_encode2+0x100/0x3d0 [ 663.496505][T26341] ? tomoyo_encode2+0x100/0x3d0 [ 663.498311][T26341] __kmalloc+0x4f/0x100 [ 663.500098][T26341] tomoyo_encode2+0x100/0x3d0 [ 663.501850][T26341] ? rcu_is_watching+0x12/0xb0 [ 663.503619][T26341] tomoyo_encode+0x29/0x50 [ 663.505301][T26341] tomoyo_realpath_from_path+0x196/0x710 [ 663.507391][T26341] tomoyo_check_open_permission+0x2aa/0x3b0 [ 663.509598][T26341] ? tomoyo_path_number_perm+0x590/0x590 [ 663.511699][T26341] ? rcu_is_watching+0x12/0xb0 [ 663.513510][T26341] ? make_vfsuid+0x108/0x160 [ 663.515226][T26341] ? hook_path_mknod+0x670/0x670 [ 663.517091][T26341] ? reacquire_held_locks+0x4b0/0x4b0 [ 663.519117][T26341] ? spin_bug+0x1d0/0x1d0 [ 663.520930][T26341] ? make_vfsgid+0x108/0x160 [ 663.522658][T26341] tomoyo_file_open+0xa8/0xd0 [ 663.524411][T26341] security_file_open+0x6a/0xe0 [ 663.526221][T26341] do_dentry_open+0x538/0x1730 [ 663.528022][T26341] ? may_open+0x1f2/0x400 [ 663.529712][T26341] path_openat+0x19af/0x29c0 [ 663.531417][T26341] ? path_lookupat+0x770/0x770 [ 663.533219][T26341] do_filp_open+0x1de/0x430 [ 663.534904][T26341] ? may_open_dev+0xf0/0xf0 [ 663.536602][T26341] ? expand_files+0x442/0x910 [ 663.538346][T26341] ? _raw_spin_unlock+0x28/0x40 [ 663.540348][T26341] ? alloc_fd+0x2da/0x6c0 [ 663.541944][T26341] do_sys_openat2+0x176/0x1e0 [ 663.543684][T26341] ? build_open_flags+0x690/0x690 [ 663.545569][T26341] __ia32_compat_sys_openat+0x16e/0x200 [ 663.547616][T26341] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 663.549840][T26341] ? ksys_write+0x1a7/0x250 [ 663.551748][T26341] ? rcu_is_watching+0x12/0xb0 [ 663.553565][T26341] __do_fast_syscall_32+0x61/0xe0 [ 663.555466][T26341] do_fast_syscall_32+0x33/0x70 [ 663.557317][T26341] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 663.559711][T26341] RIP: 0023:0xf7fc8579 [ 663.561296][T26341] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 663.568714][T26341] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 663.571872][T26341] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 663.574867][T26341] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 663.577866][T26341] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 663.580842][T26341] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 663.583821][T26341] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 663.586807][T26341] [ 663.589392][T26341] ERROR: Out of memory at tomoyo_realpath_from_path. 13:17:29 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 7) 13:17:29 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) (fail_nth: 6) 13:17:29 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00'}) syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:29 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x3, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 663.615410][T26361] FAULT_INJECTION: forcing a failure. [ 663.615410][T26361] name failslab, interval 1, probability 0, space 0, times 0 13:17:29 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00'}) syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 663.620068][T26359] FAULT_INJECTION: forcing a failure. 13:17:29 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x4, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 663.620068][T26359] name failslab, interval 1, probability 0, space 0, times 0 [ 663.620314][T26361] CPU: 0 PID: 26361 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 663.629341][T26361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 663.633094][T26361] Call Trace: [ 663.634365][T26361] [ 663.635492][T26361] dump_stack_lvl+0x125/0x1b0 13:17:29 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, 0x0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 663.637339][T26361] should_fail_ex+0x496/0x5b0 [ 663.639295][T26361] should_failslab+0x9/0x20 13:17:29 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x5, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 663.640984][T26361] __kmem_cache_alloc_node+0x2fd/0x350 [ 663.643162][T26361] ? virtual_ncidev_open+0x49/0x220 [ 663.645073][T26361] kmalloc_trace+0x25/0xe0 [ 663.646711][T26361] virtual_ncidev_open+0x49/0x220 [ 663.648560][T26361] ? virtual_ncidev_read+0x4e0/0x4e0 [ 663.650490][T26361] misc_open+0x3da/0x4c0 [ 663.652052][T26361] ? misc_devnode+0x120/0x120 [ 663.653767][T26361] chrdev_open+0x277/0x700 [ 663.655406][T26361] ? __unregister_chrdev+0x100/0x100 [ 663.657342][T26361] ? fsnotify_perm.part.0+0x25d/0x630 [ 663.659332][T26361] ? fsnotify_perm.part.0+0x268/0x630 [ 663.661323][T26361] do_dentry_open+0x88b/0x1730 [ 663.663082][T26361] ? __unregister_chrdev+0x100/0x100 [ 663.665028][T26361] ? may_open+0x1f2/0x400 [ 663.666622][T26361] path_openat+0x19af/0x29c0 [ 663.668338][T26361] ? path_lookupat+0x770/0x770 [ 663.670103][T26361] do_filp_open+0x1de/0x430 [ 663.671775][T26361] ? may_open_dev+0xf0/0xf0 [ 663.673443][T26361] ? expand_files+0x442/0x910 [ 663.675167][T26361] ? _raw_spin_unlock+0x28/0x40 [ 663.676958][T26361] ? alloc_fd+0x2da/0x6c0 [ 663.678583][T26361] do_sys_openat2+0x176/0x1e0 [ 663.680317][T26361] ? build_open_flags+0x690/0x690 [ 663.682152][T26361] __ia32_compat_sys_openat+0x16e/0x200 [ 663.684173][T26361] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 663.686156][T26361] ? ksys_write+0x1a7/0x250 [ 663.687826][T26361] ? rcu_is_watching+0x12/0xb0 [ 663.689597][T26361] __do_fast_syscall_32+0x61/0xe0 [ 663.691443][T26361] do_fast_syscall_32+0x33/0x70 [ 663.693242][T26361] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 663.695540][T26361] RIP: 0023:0xf7fc8579 [ 663.697045][T26361] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 663.704078][T26361] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 663.707126][T26361] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 663.710020][T26361] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 663.712906][T26361] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 663.715787][T26361] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 663.718701][T26361] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 663.721599][T26361] [ 663.722741][T26359] CPU: 2 PID: 26359 Comm: syz-executor.3 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 13:17:29 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 8) [ 663.726608][T26359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 663.730620][T26359] Call Trace: [ 663.731840][T26359] [ 663.732952][T26359] dump_stack_lvl+0x125/0x1b0 [ 663.734675][T26359] should_fail_ex+0x496/0x5b0 [ 663.736463][T26359] should_failslab+0x9/0x20 [ 663.738236][T26359] __kmem_cache_alloc_node+0x2fd/0x350 [ 663.739303][T26372] FAULT_INJECTION: forcing a failure. [ 663.739303][T26372] name failslab, interval 1, probability 0, space 0, times 0 [ 663.740227][T26359] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x280 [ 663.740244][T26359] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x280 [ 663.740254][T26359] __kmalloc+0x4f/0x100 [ 663.740264][T26359] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x280 [ 663.754136][T26359] genl_family_rcv_msg_doit+0xbf/0x2e0 [ 663.756121][T26359] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 663.758981][T26359] ? ns_capable+0xd5/0x110 [ 663.760646][T26359] genl_rcv_msg+0x55c/0x800 [ 663.762283][T26359] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 663.764417][T26359] ? __dev_queue_xmit+0xa8f/0x3d80 [ 663.766285][T26359] ? nl80211_post_doit+0x2f0/0x2f0 [ 663.768166][T26359] ? nl80211_parse_connkeys+0xc30/0xc30 [ 663.770161][T26359] ? nl80211_parse_sta_wme+0x3d0/0x3d0 [ 663.772145][T26359] netlink_rcv_skb+0x16b/0x440 [ 663.773875][T26359] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 663.776015][T26359] ? netlink_ack+0x1370/0x1370 [ 663.778086][T26359] ? down_write+0x200/0x200 [ 663.779722][T26359] ? netlink_deliver_tap+0x1b1/0xd10 [ 663.781677][T26359] genl_rcv+0x28/0x40 [ 663.783129][T26359] netlink_unicast+0x536/0x810 [ 663.784882][T26359] ? netlink_attachskb+0x870/0x870 [ 663.786796][T26359] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 663.788928][T26359] ? __phys_addr_symbol+0x30/0x70 [ 663.790744][T26359] ? __check_object_size+0x33c/0x730 [ 663.792583][T26359] netlink_sendmsg+0x93c/0xe40 [ 663.794299][T26359] ? netlink_unicast+0x810/0x810 [ 663.796021][T26359] ? __might_fault+0xe5/0x190 [ 663.797747][T26359] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 663.799645][T26359] ? netlink_unicast+0x810/0x810 [ 663.801468][T26359] sock_sendmsg+0xd9/0x180 [ 663.803084][T26359] ____sys_sendmsg+0x6ac/0x940 [ 663.804836][T26359] ? kernel_sendmsg+0x50/0x50 [ 663.806611][T26359] ? get_compat_msghdr+0x11b/0x170 [ 663.808514][T26359] ? rcu_is_watching+0x12/0xb0 [ 663.810296][T26359] ___sys_sendmsg+0x135/0x1d0 [ 663.812082][T26359] ? do_recvmmsg+0x740/0x740 [ 663.813908][T26359] ? rcu_is_watching+0x12/0xb0 [ 663.815784][T26359] ? proc_task_getattr+0x240/0x240 [ 663.817959][T26359] ? ksys_write+0x214/0x250 [ 663.819602][T26359] ? __fget_light+0xe6/0x260 [ 663.821308][T26359] __sys_sendmsg+0x117/0x1e0 [ 663.822976][T26359] ? __sys_sendmsg_sock+0x30/0x30 [ 663.824805][T26359] ? rcu_is_watching+0x12/0xb0 [ 663.826614][T26359] __do_fast_syscall_32+0x61/0xe0 [ 663.828646][T26359] do_fast_syscall_32+0x33/0x70 [ 663.830409][T26359] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 663.832689][T26359] RIP: 0023:0xf7ff5579 [ 663.834131][T26359] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 663.841325][T26359] RSP: 002b:00000000f7ff05ac EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 663.844363][T26359] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200001c0 [ 663.847433][T26359] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 663.850325][T26359] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 663.853288][T26359] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 663.856472][T26359] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 663.859500][T26359] [ 663.860674][T26372] CPU: 0 PID: 26372 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 663.864366][T26372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 663.868050][T26372] Call Trace: [ 663.869288][T26372] [ 663.870373][T26372] dump_stack_lvl+0x125/0x1b0 [ 663.872124][T26372] should_fail_ex+0x496/0x5b0 [ 663.873921][T26372] should_failslab+0x9/0x20 [ 663.875631][T26372] __kmem_cache_alloc_node+0x2fd/0x350 [ 663.877667][T26372] ? nci_allocate_device+0x105/0x430 [ 663.879637][T26372] kmalloc_trace+0x25/0xe0 [ 663.881311][T26372] nci_allocate_device+0x105/0x430 [ 663.883200][T26372] virtual_ncidev_open+0x6f/0x220 13:17:29 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) (fail_nth: 7) 13:17:29 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, 0x0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:29 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x6, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 663.885067][T26372] ? virtual_ncidev_read+0x4e0/0x4e0 [ 663.887278][T26372] misc_open+0x3da/0x4c0 [ 663.888846][T26372] ? misc_devnode+0x120/0x120 [ 663.890579][T26372] chrdev_open+0x277/0x700 [ 663.892237][T26372] ? __unregister_chrdev+0x100/0x100 [ 663.894185][T26372] ? fsnotify_perm.part.0+0x25d/0x630 [ 663.896162][T26372] ? fsnotify_perm.part.0+0x268/0x630 [ 663.898163][T26372] do_dentry_open+0x88b/0x1730 [ 663.899932][T26372] ? __unregister_chrdev+0x100/0x100 [ 663.901871][T26372] ? may_open+0x1f2/0x400 [ 663.903455][T26372] path_openat+0x19af/0x29c0 [ 663.905171][T26372] ? path_lookupat+0x770/0x770 [ 663.906966][T26372] do_filp_open+0x1de/0x430 [ 663.908647][T26372] ? may_open_dev+0xf0/0xf0 [ 663.910317][T26372] ? expand_files+0x442/0x910 [ 663.912052][T26372] ? _raw_spin_unlock+0x28/0x40 [ 663.913851][T26372] ? alloc_fd+0x2da/0x6c0 [ 663.915444][T26372] do_sys_openat2+0x176/0x1e0 [ 663.917196][T26372] ? build_open_flags+0x690/0x690 [ 663.919066][T26372] __ia32_compat_sys_openat+0x16e/0x200 [ 663.921109][T26372] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 663.923091][T26372] ? ksys_write+0x1a7/0x250 [ 663.924761][T26372] ? rcu_is_watching+0x12/0xb0 [ 663.926529][T26372] __do_fast_syscall_32+0x61/0xe0 [ 663.928381][T26372] do_fast_syscall_32+0x33/0x70 [ 663.930175][T26372] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 663.932504][T26372] RIP: 0023:0xf7fc8579 [ 663.934008][T26372] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 663.941064][T26372] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 663.944104][T26372] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 663.946976][T26372] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 663.949844][T26372] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 663.952721][T26372] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 663.955586][T26372] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 663.958484][T26372] 13:17:29 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 9) [ 663.974336][T26377] FAULT_INJECTION: forcing a failure. 13:17:29 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, 0x0, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 663.974336][T26377] name failslab, interval 1, probability 0, space 0, times 0 13:17:29 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x7, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 663.978494][T26382] FAULT_INJECTION: forcing a failure. [ 663.978494][T26382] name failslab, interval 1, probability 0, space 0, times 0 [ 663.979895][T26377] CPU: 1 PID: 26377 Comm: syz-executor.3 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 663.988625][T26377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 663.993143][T26377] Call Trace: [ 663.994376][T26377] [ 663.995485][T26377] dump_stack_lvl+0x125/0x1b0 [ 663.997241][T26377] should_fail_ex+0x496/0x5b0 13:17:29 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r2, 0x0, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 663.999000][T26377] should_failslab+0x9/0x20 [ 664.001172][T26377] kmem_cache_alloc_node+0x389/0x3f0 [ 664.003524][T26377] ? __alloc_skb+0x287/0x330 [ 664.005674][T26377] __alloc_skb+0x287/0x330 [ 664.007841][T26377] ? __napi_build_skb+0x50/0x50 13:17:29 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x9, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 664.010125][T26377] ? ns_capable+0xd5/0x110 [ 664.011935][T26377] netlink_ack+0x3bb/0x1370 [ 664.013715][T26377] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 664.015897][T26377] ? netlink_sendmsg+0xe40/0xe40 [ 664.017757][T26377] netlink_rcv_skb+0x345/0x440 [ 664.019693][T26377] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 664.022090][T26377] ? netlink_ack+0x1370/0x1370 [ 664.023877][T26377] ? down_write+0x200/0x200 [ 664.025645][T26377] ? netlink_deliver_tap+0x1b1/0xd10 [ 664.027624][T26377] genl_rcv+0x28/0x40 [ 664.029155][T26377] netlink_unicast+0x536/0x810 [ 664.030963][T26377] ? netlink_attachskb+0x870/0x870 [ 664.032936][T26377] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 664.035263][T26377] ? __phys_addr_symbol+0x30/0x70 [ 664.037068][T26377] ? __check_object_size+0x323/0x730 [ 664.038988][T26377] netlink_sendmsg+0x93c/0xe40 [ 664.040841][T26377] ? netlink_unicast+0x810/0x810 [ 664.042816][T26377] ? __might_fault+0xe5/0x190 [ 664.044605][T26377] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 664.046596][T26377] ? netlink_unicast+0x810/0x810 [ 664.048513][T26377] sock_sendmsg+0xd9/0x180 [ 664.050391][T26377] ____sys_sendmsg+0x6ac/0x940 [ 664.052167][T26377] ? kernel_sendmsg+0x50/0x50 [ 664.053893][T26377] ? get_compat_msghdr+0x11b/0x170 [ 664.055767][T26377] ? rcu_is_watching+0x12/0xb0 [ 664.057529][T26377] ___sys_sendmsg+0x135/0x1d0 [ 664.059335][T26377] ? do_recvmmsg+0x740/0x740 [ 664.061236][T26377] ? rcu_is_watching+0x12/0xb0 [ 664.063008][T26377] ? proc_task_getattr+0x240/0x240 [ 664.064903][T26377] ? ksys_write+0x214/0x250 [ 664.066585][T26377] ? __fget_light+0xe6/0x260 [ 664.068288][T26377] __sys_sendmsg+0x117/0x1e0 [ 664.070016][T26377] ? __sys_sendmsg_sock+0x30/0x30 [ 664.071867][T26377] ? rcu_is_watching+0x12/0xb0 [ 664.073648][T26377] __do_fast_syscall_32+0x61/0xe0 [ 664.075505][T26377] do_fast_syscall_32+0x33/0x70 [ 664.077318][T26377] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 664.079634][T26377] RIP: 0023:0xf7ff5579 [ 664.081239][T26377] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 664.088224][T26377] RSP: 002b:00000000f7ff05ac EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 664.091343][T26377] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200001c0 [ 664.094230][T26377] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 664.097118][T26377] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 664.100040][T26377] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 664.102914][T26377] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 664.105799][T26377] [ 664.106941][T26382] CPU: 0 PID: 26382 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 664.111478][T26382] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 664.115995][T26382] Call Trace: 13:17:29 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xf, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:29 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r2, 0x0, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 664.117503][T26382] 13:17:29 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) (fail_nth: 8) [ 664.119160][T26382] dump_stack_lvl+0x125/0x1b0 [ 664.121346][T26382] should_fail_ex+0x496/0x5b0 [ 664.123520][T26382] should_failslab+0x9/0x20 [ 664.125578][T26382] __kmem_cache_alloc_node+0x2fd/0x350 [ 664.128039][T26382] ? nfc_allocate_device+0x15b/0x5e0 [ 664.130411][T26382] kmalloc_trace+0x25/0xe0 [ 664.132442][T26382] nfc_allocate_device+0x15b/0x5e0 [ 664.134753][T26382] ? __init_swait_queue_head+0xca/0x150 [ 664.137246][T26382] nci_allocate_device+0x23b/0x430 [ 664.139241][T26382] virtual_ncidev_open+0x6f/0x220 [ 664.141126][T26382] ? virtual_ncidev_read+0x4e0/0x4e0 [ 664.143069][T26382] misc_open+0x3da/0x4c0 [ 664.144642][T26382] ? misc_devnode+0x120/0x120 [ 664.146382][T26382] chrdev_open+0x277/0x700 [ 664.148046][T26382] ? __unregister_chrdev+0x100/0x100 [ 664.149981][T26382] ? fsnotify_perm.part.0+0x25d/0x630 [ 664.151961][T26382] ? fsnotify_perm.part.0+0x268/0x630 [ 664.153927][T26382] do_dentry_open+0x88b/0x1730 [ 664.155695][T26382] ? __unregister_chrdev+0x100/0x100 [ 664.157672][T26382] ? may_open+0x1f2/0x400 [ 664.159305][T26382] path_openat+0x19af/0x29c0 [ 664.161053][T26382] ? path_lookupat+0x770/0x770 [ 664.162832][T26382] do_filp_open+0x1de/0x430 [ 664.164526][T26382] ? may_open_dev+0xf0/0xf0 [ 664.166203][T26382] ? expand_files+0x442/0x910 [ 664.167952][T26382] ? _raw_spin_unlock+0x28/0x40 [ 664.169759][T26382] ? alloc_fd+0x2da/0x6c0 [ 664.171382][T26382] do_sys_openat2+0x176/0x1e0 [ 664.173129][T26382] ? build_open_flags+0x690/0x690 [ 664.174992][T26382] __ia32_compat_sys_openat+0x16e/0x200 [ 664.177037][T26382] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 664.179067][T26382] ? ksys_write+0x1a7/0x250 [ 664.180769][T26382] ? rcu_is_watching+0x12/0xb0 [ 664.182539][T26382] __do_fast_syscall_32+0x61/0xe0 [ 664.184409][T26382] do_fast_syscall_32+0x33/0x70 [ 664.186208][T26382] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 664.188537][T26382] RIP: 0023:0xf7fc8579 [ 664.190039][T26382] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 664.197096][T26382] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 664.200185][T26382] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 664.203060][T26382] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 664.205989][T26382] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 664.208961][T26382] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 664.212166][T26382] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 664.215056][T26382] 13:17:29 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 10) 13:17:29 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xf0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:29 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x2c, r2, 0x0, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:29 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:29 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x115, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 664.238447][T26403] FAULT_INJECTION: forcing a failure. [ 664.238447][T26403] name failslab, interval 1, probability 0, space 0, times 0 [ 664.244104][T26403] CPU: 0 PID: 26403 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 664.247781][T26403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 664.251492][T26403] Call Trace: [ 664.252744][T26403] 13:17:29 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x300, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 664.253953][T26403] dump_stack_lvl+0x125/0x1b0 [ 664.255760][T26403] should_fail_ex+0x496/0x5b0 [ 664.257525][T26403] should_failslab+0x9/0x20 13:17:29 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x1c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 664.259244][T26403] __kmem_cache_alloc_node+0x2fd/0x350 [ 664.261469][T26403] ? nfc_allocate_device+0x15b/0x5e0 [ 664.263440][T26403] kmalloc_trace+0x25/0xe0 [ 664.265100][T26403] nfc_allocate_device+0x15b/0x5e0 [ 664.267014][T26403] ? __init_swait_queue_head+0xca/0x150 [ 664.269058][T26403] nci_allocate_device+0x23b/0x430 [ 664.270946][T26403] virtual_ncidev_open+0x6f/0x220 [ 664.272821][T26403] ? virtual_ncidev_read+0x4e0/0x4e0 [ 664.274764][T26403] misc_open+0x3da/0x4c0 [ 664.276348][T26403] ? misc_devnode+0x120/0x120 [ 664.278107][T26403] chrdev_open+0x277/0x700 [ 664.279766][T26403] ? __unregister_chrdev+0x100/0x100 [ 664.281731][T26403] ? fsnotify_perm.part.0+0x25d/0x630 [ 664.283753][T26403] ? fsnotify_perm.part.0+0x268/0x630 [ 664.285723][T26403] do_dentry_open+0x88b/0x1730 [ 664.287495][T26403] ? __unregister_chrdev+0x100/0x100 [ 664.289450][T26403] ? may_open+0x1f2/0x400 [ 664.290999][T26403] path_openat+0x19af/0x29c0 [ 664.292705][T26403] ? path_lookupat+0x770/0x770 [ 664.294467][T26403] do_filp_open+0x1de/0x430 [ 664.296133][T26403] ? may_open_dev+0xf0/0xf0 [ 664.297830][T26403] ? expand_files+0x442/0x910 [ 664.299568][T26403] ? _raw_spin_unlock+0x28/0x40 [ 664.301391][T26403] ? alloc_fd+0x2da/0x6c0 [ 664.302994][T26403] do_sys_openat2+0x176/0x1e0 [ 664.304767][T26403] ? build_open_flags+0x690/0x690 [ 664.306624][T26403] __ia32_compat_sys_openat+0x16e/0x200 [ 664.308629][T26403] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 664.310633][T26403] ? ksys_write+0x1a7/0x250 [ 664.312325][T26403] ? rcu_is_watching+0x12/0xb0 [ 664.314087][T26403] __do_fast_syscall_32+0x61/0xe0 [ 664.315953][T26403] do_fast_syscall_32+0x33/0x70 [ 664.317779][T26403] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 664.320127][T26403] RIP: 0023:0xf7fc8579 [ 664.321637][T26403] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 664.328612][T26403] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 664.331643][T26403] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 664.334529][T26403] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 664.337415][T26403] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 664.340336][T26403] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 664.343190][T26403] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 664.346085][T26403] 13:17:29 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) (fail_nth: 9) 13:17:29 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 11) 13:17:29 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x500, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:29 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x1c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:29 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x1c, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 664.373390][T26415] FAULT_INJECTION: forcing a failure. [ 664.373390][T26415] name failslab, interval 1, probability 0, space 0, times 0 [ 664.374407][T26419] FAULT_INJECTION: forcing a failure. 13:17:29 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x600, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 664.374407][T26419] name failslab, interval 1, probability 0, space 0, times 0 [ 664.378009][T26415] CPU: 0 PID: 26415 Comm: syz-executor.3 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 664.378023][T26415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 664.378029][T26415] Call Trace: 13:17:29 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00'}) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 664.378033][T26415] [ 664.378037][T26415] dump_stack_lvl+0x125/0x1b0 [ 664.378055][T26415] should_fail_ex+0x496/0x5b0 [ 664.396129][T26415] should_failslab+0x9/0x20 [ 664.397844][T26415] kmem_cache_alloc+0x69/0x3b0 [ 664.399614][T26415] skb_clone+0x171/0x3c0 [ 664.401205][T26415] netlink_deliver_tap+0xb3c/0xd10 13:17:29 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x700, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 664.403091][T26415] netlink_unicast+0x6a5/0x810 [ 664.405034][T26415] ? netlink_attachskb+0x870/0x870 [ 664.406920][T26415] ? ns_capable+0xd5/0x110 [ 664.408583][T26415] netlink_ack+0x870/0x1370 [ 664.410268][T26415] ? netlink_sendmsg+0xe40/0xe40 [ 664.412126][T26415] netlink_rcv_skb+0x345/0x440 [ 664.413897][T26415] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 664.416094][T26415] ? netlink_ack+0x1370/0x1370 [ 664.417903][T26415] ? down_write+0x200/0x200 [ 664.419569][T26415] ? netlink_deliver_tap+0x1b1/0xd10 [ 664.421532][T26415] genl_rcv+0x28/0x40 [ 664.423007][T26415] netlink_unicast+0x536/0x810 [ 664.424778][T26415] ? netlink_attachskb+0x870/0x870 [ 664.426668][T26415] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 664.428859][T26415] ? __phys_addr_symbol+0x30/0x70 [ 664.430701][T26415] ? __check_object_size+0x323/0x730 [ 664.432636][T26415] netlink_sendmsg+0x93c/0xe40 [ 664.434391][T26415] ? netlink_unicast+0x810/0x810 [ 664.436218][T26415] ? __might_fault+0xe5/0x190 [ 664.437971][T26415] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 664.439930][T26415] ? netlink_unicast+0x810/0x810 [ 664.441751][T26415] sock_sendmsg+0xd9/0x180 [ 664.443386][T26415] ____sys_sendmsg+0x6ac/0x940 [ 664.445151][T26415] ? kernel_sendmsg+0x50/0x50 [ 664.446887][T26415] ? get_compat_msghdr+0x11b/0x170 [ 664.448770][T26415] ? rcu_is_watching+0x12/0xb0 [ 664.450432][T26415] ___sys_sendmsg+0x135/0x1d0 [ 664.452175][T26415] ? do_recvmmsg+0x740/0x740 [ 664.453867][T26415] ? rcu_is_watching+0x12/0xb0 [ 664.455628][T26415] ? proc_task_getattr+0x240/0x240 [ 664.457522][T26415] ? ksys_write+0x214/0x250 [ 664.459206][T26415] ? __fget_light+0xe6/0x260 [ 664.460941][T26415] __sys_sendmsg+0x117/0x1e0 [ 664.462640][T26415] ? __sys_sendmsg_sock+0x30/0x30 [ 664.464486][T26415] ? rcu_is_watching+0x12/0xb0 [ 664.466217][T26415] __do_fast_syscall_32+0x61/0xe0 [ 664.468045][T26415] do_fast_syscall_32+0x33/0x70 [ 664.469821][T26415] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 664.472136][T26415] RIP: 0023:0xf7ff5579 [ 664.473623][T26415] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 664.480536][T26415] RSP: 002b:00000000f7ff05ac EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 664.483569][T26415] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200001c0 [ 664.486458][T26415] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 664.489357][T26415] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 664.492250][T26415] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 664.495087][T26415] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 664.498035][T26415] [ 664.499180][T26419] CPU: 1 PID: 26419 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 13:17:30 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) (fail_nth: 10) [ 664.502966][T26419] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 664.506912][T26419] Call Trace: [ 664.508190][T26419] [ 664.509300][T26419] dump_stack_lvl+0x125/0x1b0 [ 664.511042][T26419] should_fail_ex+0x496/0x5b0 [ 664.512777][T26419] should_failslab+0x9/0x20 [ 664.514454][T26419] __kmem_cache_alloc_node+0x2fd/0x350 [ 664.516442][T26419] ? nci_hci_allocate+0x45/0x330 [ 664.518303][T26419] kmalloc_trace+0x25/0xe0 [ 664.519981][T26419] nci_hci_allocate+0x45/0x330 [ 664.521753][T26419] nci_allocate_device+0x26f/0x430 [ 664.523610][T26419] virtual_ncidev_open+0x6f/0x220 [ 664.525456][T26419] ? virtual_ncidev_read+0x4e0/0x4e0 [ 664.527408][T26419] misc_open+0x3da/0x4c0 [ 664.529025][T26419] ? misc_devnode+0x120/0x120 [ 664.530783][T26419] chrdev_open+0x277/0x700 [ 664.532284][T26419] ? __unregister_chrdev+0x100/0x100 [ 664.534224][T26419] ? fsnotify_perm.part.0+0x25d/0x630 [ 664.536217][T26419] ? fsnotify_perm.part.0+0x268/0x630 [ 664.538248][T26419] do_dentry_open+0x88b/0x1730 [ 664.540074][T26419] ? __unregister_chrdev+0x100/0x100 [ 664.542046][T26419] ? may_open+0x1f2/0x400 [ 664.543645][T26419] path_openat+0x19af/0x29c0 [ 664.545381][T26419] ? path_lookupat+0x770/0x770 [ 664.547167][T26419] do_filp_open+0x1de/0x430 [ 664.548900][T26419] ? may_open_dev+0xf0/0xf0 [ 664.550593][T26419] ? expand_files+0x442/0x910 [ 664.552391][T26419] ? _raw_spin_unlock+0x28/0x40 [ 664.554219][T26419] ? alloc_fd+0x2da/0x6c0 [ 664.555821][T26419] do_sys_openat2+0x176/0x1e0 [ 664.557598][T26419] ? build_open_flags+0x690/0x690 [ 664.559487][T26419] __ia32_compat_sys_openat+0x16e/0x200 [ 664.561563][T26419] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 664.563623][T26419] ? ksys_write+0x1a7/0x250 [ 664.565325][T26419] ? rcu_is_watching+0x12/0xb0 [ 664.567224][T26419] __do_fast_syscall_32+0x61/0xe0 [ 664.569411][T26419] do_fast_syscall_32+0x33/0x70 [ 664.571488][T26419] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 664.574204][T26419] RIP: 0023:0xf7fc8579 [ 664.576059][T26419] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 664.584794][T26419] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 664.588580][T26419] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 664.591781][T26419] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 664.594842][T26419] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 664.597782][T26419] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 664.601080][T26419] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 664.604637][T26419] 13:17:30 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 12) 13:17:30 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00'}) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 13:17:30 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x900, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 664.623283][T26430] FAULT_INJECTION: forcing a failure. [ 664.623283][T26430] name fail_usercopy, interval 1, probability 0, space 0, times 0 13:17:30 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00'}) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 664.628734][T26430] CPU: 2 PID: 26430 Comm: syz-executor.3 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 13:17:30 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xf00, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 664.632547][T26430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 664.632689][T26436] FAULT_INJECTION: forcing a failure. [ 664.632689][T26436] name failslab, interval 1, probability 0, space 0, times 0 [ 664.636257][T26430] Call Trace: [ 664.636265][T26430] [ 664.636270][T26430] dump_stack_lvl+0x125/0x1b0 13:17:30 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00'}) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 664.636290][T26430] should_fail_ex+0x496/0x5b0 [ 664.636315][T26430] _copy_to_user+0x30/0xb0 [ 664.636333][T26430] simple_read_from_buffer+0xd0/0x150 [ 664.636354][T26430] proc_fail_nth_read+0x1b0/0x290 [ 664.636379][T26430] ? proc_sessionid_read+0x290/0x290 13:17:30 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x1501, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 664.636402][T26430] ? security_file_permission+0xdc/0x100 [ 664.636430][T26430] ? proc_sessionid_read+0x290/0x290 [ 664.636456][T26430] vfs_read+0x1ce/0x930 [ 664.636476][T26430] ? kernel_read+0x1b0/0x1b0 [ 664.636520][T26430] ? __fget_files+0x279/0x410 [ 664.636545][T26430] ksys_read+0x12f/0x250 [ 664.636565][T26430] ? vfs_write+0xe40/0xe40 [ 664.636584][T26430] ? rcu_is_watching+0x12/0xb0 [ 664.636604][T26430] __do_fast_syscall_32+0x61/0xe0 [ 664.636631][T26430] do_fast_syscall_32+0x33/0x70 [ 664.636656][T26430] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 664.636677][T26430] RIP: 0023:0xf7ff5579 [ 664.636691][T26430] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 664.636708][T26430] RSP: 002b:00000000f7fcf5e0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 664.636727][T26430] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f7fcf670 [ 664.696641][T26430] RDX: 000000000000000f RSI: 00000000f7353ff4 RDI: 0000000000000000 [ 664.700088][T26430] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 664.703551][T26430] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 664.706835][T26430] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 664.709850][T26430] [ 664.710954][T26436] CPU: 3 PID: 26436 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 664.714635][T26436] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 664.718328][T26436] Call Trace: [ 664.719546][T26436] [ 664.720646][T26436] dump_stack_lvl+0x125/0x1b0 [ 664.722334][T26436] should_fail_ex+0x496/0x5b0 [ 664.724057][T26436] should_failslab+0x9/0x20 [ 664.725717][T26436] __kmem_cache_alloc_node+0x2fd/0x350 [ 664.727700][T26436] ? alloc_workqueue+0x16f/0x1490 [ 664.729546][T26436] kmalloc_trace+0x25/0xe0 [ 664.731173][T26436] alloc_workqueue+0x16f/0x1490 [ 664.732955][T26436] ? lock_sync+0x190/0x190 [ 664.734597][T26436] ? workqueue_sysfs_register+0x400/0x400 [ 664.736725][T26436] ? rcu_is_watching+0x12/0xb0 [ 664.738468][T26436] nci_register_device+0x221/0xb80 [ 664.740351][T26436] ? nci_init_complete_req+0x410/0x410 [ 664.742308][T26436] ? lockdep_init_map_type+0x16d/0x7c0 [ 664.744280][T26436] virtual_ncidev_open+0x147/0x220 [ 664.746150][T26436] ? virtual_ncidev_read+0x4e0/0x4e0 [ 664.748104][T26436] misc_open+0x3da/0x4c0 [ 664.749738][T26436] ? misc_devnode+0x120/0x120 [ 664.751450][T26436] chrdev_open+0x277/0x700 [ 664.753099][T26436] ? __unregister_chrdev+0x100/0x100 [ 664.755012][T26436] ? fsnotify_perm.part.0+0x25d/0x630 [ 664.756970][T26436] ? fsnotify_perm.part.0+0x268/0x630 [ 664.758915][T26436] do_dentry_open+0x88b/0x1730 [ 664.760667][T26436] ? __unregister_chrdev+0x100/0x100 [ 664.762586][T26436] ? may_open+0x1f2/0x400 [ 664.764170][T26436] path_openat+0x19af/0x29c0 [ 664.765890][T26436] ? path_lookupat+0x770/0x770 [ 664.767640][T26436] do_filp_open+0x1de/0x430 [ 664.769294][T26436] ? may_open_dev+0xf0/0xf0 [ 664.770930][T26436] ? expand_files+0x442/0x910 [ 664.772645][T26436] ? _raw_spin_unlock+0x28/0x40 [ 664.774414][T26436] ? alloc_fd+0x2da/0x6c0 [ 664.775974][T26436] do_sys_openat2+0x176/0x1e0 [ 664.777679][T26436] ? build_open_flags+0x690/0x690 [ 664.779511][T26436] __ia32_compat_sys_openat+0x16e/0x200 [ 664.781530][T26436] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 664.783503][T26436] ? ksys_write+0x1a7/0x250 [ 664.785236][T26436] ? rcu_is_watching+0x12/0xb0 [ 664.786956][T26436] __do_fast_syscall_32+0x61/0xe0 [ 664.788690][T26436] do_fast_syscall_32+0x33/0x70 [ 664.790470][T26436] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 664.792759][T26436] RIP: 0023:0xf7fc8579 [ 664.794231][T26436] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 664.801596][T26436] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 664.804618][T26436] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 664.807489][T26436] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 664.810347][T26436] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 664.813234][T26436] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 664.816245][T26436] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 664.819248][T26436] 13:17:30 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:30 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 13) 13:17:30 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x3f00, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:30 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00'}) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 664.840769][T26452] FAULT_INJECTION: forcing a failure. [ 664.840769][T26452] name failslab, interval 1, probability 0, space 0, times 0 13:17:30 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xf000, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 664.845228][T26450] nla_validate_range_unsigned: 15 callbacks suppressed [ 664.845238][T26450] netlink: 'syz-executor.3': attribute type 11 has an invalid length. 13:17:30 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00'}) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 664.845493][T26452] CPU: 2 PID: 26452 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 664.854915][T26452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 13:17:30 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x34000, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 664.858589][T26452] Call Trace: [ 664.859990][T26452] [ 664.861094][T26452] dump_stack_lvl+0x125/0x1b0 [ 664.862833][T26452] should_fail_ex+0x496/0x5b0 [ 664.864597][T26452] should_failslab+0x9/0x20 13:17:30 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 664.866294][T26452] __kmem_cache_alloc_node+0x2fd/0x350 [ 664.868498][T26452] ? alloc_workqueue+0x1d4/0x1490 [ 664.870373][T26452] kmalloc_trace+0x25/0xe0 [ 664.872027][T26452] alloc_workqueue+0x1d4/0x1490 [ 664.873867][T26452] ? lock_sync+0x190/0x190 13:17:30 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 664.875532][T26452] ? workqueue_sysfs_register+0x400/0x400 [ 664.877802][T26452] ? rcu_is_watching+0x12/0xb0 [ 664.879566][T26452] nci_register_device+0x221/0xb80 [ 664.881482][T26452] ? nci_init_complete_req+0x410/0x410 [ 664.883482][T26452] ? lockdep_init_map_type+0x16d/0x7c0 [ 664.885524][T26452] virtual_ncidev_open+0x147/0x220 [ 664.887516][T26452] ? virtual_ncidev_read+0x4e0/0x4e0 [ 664.889470][T26452] misc_open+0x3da/0x4c0 [ 664.891296][T26452] ? misc_devnode+0x120/0x120 [ 664.893276][T26452] chrdev_open+0x277/0x700 [ 664.893809][T26462] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 664.894948][T26452] ? __unregister_chrdev+0x100/0x100 [ 664.900128][T26452] ? fsnotify_perm.part.0+0x25d/0x630 [ 664.902084][T26452] ? fsnotify_perm.part.0+0x268/0x630 [ 664.904039][T26452] do_dentry_open+0x88b/0x1730 [ 664.905810][T26452] ? __unregister_chrdev+0x100/0x100 [ 664.907765][T26452] ? may_open+0x1f2/0x400 [ 664.909402][T26452] path_openat+0x19af/0x29c0 [ 664.911090][T26452] ? path_lookupat+0x770/0x770 [ 664.912914][T26452] do_filp_open+0x1de/0x430 [ 664.914586][T26452] ? may_open_dev+0xf0/0xf0 [ 664.916295][T26452] ? expand_files+0x442/0x910 [ 664.918189][T26452] ? _raw_spin_unlock+0x28/0x40 [ 664.919982][T26452] ? alloc_fd+0x2da/0x6c0 [ 664.921558][T26452] do_sys_openat2+0x176/0x1e0 [ 664.923258][T26452] ? build_open_flags+0x690/0x690 [ 664.925095][T26452] __ia32_compat_sys_openat+0x16e/0x200 [ 664.927105][T26452] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 664.929073][T26452] ? ksys_write+0x1a7/0x250 [ 664.930715][T26452] ? rcu_is_watching+0x12/0xb0 [ 664.932428][T26452] __do_fast_syscall_32+0x61/0xe0 [ 664.934256][T26452] do_fast_syscall_32+0x33/0x70 [ 664.936020][T26452] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 664.938504][T26452] RIP: 0023:0xf7fc8579 [ 664.940009][T26452] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 664.946916][T26452] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 664.949892][T26452] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 664.952816][T26452] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 664.955790][T26452] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 664.958702][T26452] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 664.961625][T26452] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 664.964542][T26452] 13:17:30 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 14) 13:17:30 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x400300, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:30 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x34000, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 664.986918][T26469] FAULT_INJECTION: forcing a failure. [ 664.986918][T26469] name failslab, interval 1, probability 0, space 0, times 0 13:17:30 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xf0ffff, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:30 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 664.992746][T26469] CPU: 1 PID: 26469 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 664.997545][T26469] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 665.002250][T26469] Call Trace: [ 665.003830][T26469] [ 665.005244][T26469] dump_stack_lvl+0x125/0x1b0 [ 665.007466][T26469] should_fail_ex+0x496/0x5b0 [ 665.009697][T26469] should_failslab+0x9/0x20 13:17:30 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x1000000, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 665.011824][T26469] __kmem_cache_alloc_node+0x2fd/0x350 [ 665.014214][T26469] ? kasprintf+0xc8/0x100 [ 665.015797][T26469] ? kasprintf+0xc8/0x100 [ 665.017379][T26469] __kmalloc_node_track_caller+0x50/0x100 13:17:30 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00'}) syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 665.019452][T26469] kvasprintf+0xbd/0x150 [ 665.021494][T26469] ? bust_spinlocks+0xe0/0xe0 [ 665.023270][T26469] ? ip6_addr_string_sa+0x820/0x820 [ 665.025187][T26469] ? preempt_count_add+0x72/0x140 [ 665.027019][T26469] kasprintf+0xc8/0x100 [ 665.028542][T26469] ? kvasprintf_const+0x190/0x190 [ 665.030409][T26469] ? free_zapped_rcu+0x290/0x290 [ 665.032222][T26469] ? lockdep_init_map_type+0x16d/0x7c0 [ 665.034208][T26469] alloc_workqueue+0x590/0x1490 [ 665.036003][T26469] ? lock_sync+0x190/0x190 [ 665.037645][T26469] ? workqueue_sysfs_register+0x400/0x400 [ 665.039724][T26469] ? rcu_is_watching+0x12/0xb0 [ 665.041523][T26469] nci_register_device+0x221/0xb80 [ 665.043390][T26469] ? nci_init_complete_req+0x410/0x410 [ 665.045374][T26469] ? lockdep_init_map_type+0x16d/0x7c0 [ 665.047358][T26469] virtual_ncidev_open+0x147/0x220 [ 665.049258][T26469] ? virtual_ncidev_read+0x4e0/0x4e0 [ 665.051216][T26469] misc_open+0x3da/0x4c0 [ 665.052817][T26469] ? misc_devnode+0x120/0x120 [ 665.054669][T26469] chrdev_open+0x277/0x700 [ 665.056318][T26469] ? __unregister_chrdev+0x100/0x100 [ 665.058308][T26469] ? fsnotify_perm.part.0+0x25d/0x630 [ 665.060312][T26469] ? fsnotify_perm.part.0+0x268/0x630 [ 665.062272][T26469] do_dentry_open+0x88b/0x1730 [ 665.064059][T26469] ? __unregister_chrdev+0x100/0x100 [ 665.065986][T26469] ? may_open+0x1f2/0x400 [ 665.067583][T26469] path_openat+0x19af/0x29c0 [ 665.069339][T26469] ? path_lookupat+0x770/0x770 [ 665.071312][T26469] do_filp_open+0x1de/0x430 [ 665.073015][T26469] ? may_open_dev+0xf0/0xf0 [ 665.074735][T26469] ? expand_files+0x442/0x910 [ 665.076584][T26469] ? _raw_spin_unlock+0x28/0x40 [ 665.078459][T26469] ? alloc_fd+0x2da/0x6c0 [ 665.080147][T26469] do_sys_openat2+0x176/0x1e0 [ 665.082321][T26469] ? build_open_flags+0x690/0x690 [ 665.084214][T26469] __ia32_compat_sys_openat+0x16e/0x200 [ 665.086289][T26469] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 665.088325][T26469] ? ksys_write+0x1a7/0x250 [ 665.090012][T26469] ? rcu_is_watching+0x12/0xb0 [ 665.091814][T26469] __do_fast_syscall_32+0x61/0xe0 [ 665.093695][T26469] do_fast_syscall_32+0x33/0x70 [ 665.095496][T26469] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 665.097840][T26469] RIP: 0023:0xf7fc8579 [ 665.099348][T26469] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 665.106685][T26469] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 665.109788][T26469] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 665.112808][T26469] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 665.115712][T26469] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 665.118627][T26469] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 665.121550][T26469] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 665.124457][T26469] 13:17:30 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x1150000, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:30 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) (fail_nth: 1) 13:17:30 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x2, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:30 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 15) [ 665.178385][T26484] FAULT_INJECTION: forcing a failure. [ 665.178385][T26484] name fail_usercopy, interval 1, probability 0, space 0, times 0 13:17:30 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x2000000, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 665.178764][T26487] FAULT_INJECTION: forcing a failure. [ 665.178764][T26487] name failslab, interval 1, probability 0, space 0, times 0 [ 665.180287][T26488] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 665.183157][T26484] CPU: 0 PID: 26484 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 13:17:30 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x3, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 665.183171][T26484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 665.183177][T26484] Call Trace: [ 665.183181][T26484] 13:17:30 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x3000000, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 665.183185][T26484] dump_stack_lvl+0x125/0x1b0 [ 665.183204][T26484] should_fail_ex+0x496/0x5b0 [ 665.183219][T26484] _copy_from_user+0x30/0xf0 [ 665.183230][T26484] get_compat_msghdr+0xa8/0x170 [ 665.183241][T26484] ? __get_compat_msghdr+0x4d0/0x4d0 [ 665.183251][T26484] ? kstrtouint+0xde/0x130 [ 665.183263][T26484] ? rcu_is_watching+0x12/0xb0 [ 665.183274][T26484] ___sys_sendmsg+0x1ac/0x1d0 [ 665.183289][T26484] ? do_recvmmsg+0x740/0x740 [ 665.183302][T26484] ? rcu_is_watching+0x12/0xb0 [ 665.205694][T26492] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 665.205912][T26484] ? proc_task_getattr+0x240/0x240 [ 665.223361][T26484] ? ksys_write+0x214/0x250 [ 665.225038][T26484] ? __fget_light+0xe6/0x260 [ 665.226673][T26484] __sys_sendmsg+0x117/0x1e0 [ 665.228360][T26484] ? __sys_sendmsg_sock+0x30/0x30 [ 665.230145][T26484] ? rcu_is_watching+0x12/0xb0 [ 665.231863][T26484] __do_fast_syscall_32+0x61/0xe0 [ 665.233656][T26484] do_fast_syscall_32+0x33/0x70 [ 665.235403][T26484] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 665.237630][T26484] RIP: 0023:0xf7f17579 [ 665.239095][T26484] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 665.246007][T26484] RSP: 002b:00000000f7f125ac EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 665.248986][T26484] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200002c0 [ 665.252011][T26484] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 665.254735][T26484] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 665.257508][T26484] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 665.260296][T26484] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 665.263060][T26484] [ 665.264163][T26487] CPU: 1 PID: 26487 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 13:17:30 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) (fail_nth: 2) [ 665.268301][T26487] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 665.272605][T26487] Call Trace: [ 665.273829][T26487] [ 665.274927][T26487] dump_stack_lvl+0x125/0x1b0 [ 665.276696][T26487] should_fail_ex+0x496/0x5b0 [ 665.278438][T26487] should_failslab+0x9/0x20 [ 665.280137][T26487] __kmem_cache_alloc_node+0x2fd/0x350 [ 665.282145][T26487] ? apply_wqattrs_prepare+0xff/0xa90 [ 665.284131][T26487] ? apply_wqattrs_prepare+0xff/0xa90 [ 665.286431][T26487] __kmalloc+0x4f/0x100 [ 665.287959][T26487] apply_wqattrs_prepare+0xff/0xa90 [ 665.289852][T26487] ? preempt_count_sub+0x150/0x150 [ 665.291738][T26487] apply_workqueue_attrs_locked+0xcb/0x150 [ 665.293872][T26487] alloc_workqueue+0xc8b/0x1490 [ 665.295689][T26487] ? workqueue_sysfs_register+0x400/0x400 [ 665.297802][T26487] ? rcu_is_watching+0x12/0xb0 [ 665.299557][T26487] nci_register_device+0x221/0xb80 [ 665.301518][T26487] ? nci_init_complete_req+0x410/0x410 [ 665.303514][T26487] ? lockdep_init_map_type+0x16d/0x7c0 [ 665.305733][T26487] virtual_ncidev_open+0x147/0x220 [ 665.307626][T26487] ? virtual_ncidev_read+0x4e0/0x4e0 [ 665.309596][T26487] misc_open+0x3da/0x4c0 [ 665.311190][T26487] ? misc_devnode+0x120/0x120 [ 665.312974][T26487] chrdev_open+0x277/0x700 [ 665.314736][T26487] ? __unregister_chrdev+0x100/0x100 [ 665.316696][T26487] ? fsnotify_perm.part.0+0x25d/0x630 [ 665.318642][T26487] ? fsnotify_perm.part.0+0x268/0x630 [ 665.320778][T26487] do_dentry_open+0x88b/0x1730 [ 665.322567][T26487] ? __unregister_chrdev+0x100/0x100 [ 665.324506][T26487] ? may_open+0x1f2/0x400 [ 665.326129][T26487] path_openat+0x19af/0x29c0 [ 665.327836][T26487] ? path_lookupat+0x770/0x770 [ 665.329609][T26487] do_filp_open+0x1de/0x430 [ 665.331286][T26487] ? may_open_dev+0xf0/0xf0 [ 665.332968][T26487] ? expand_files+0x442/0x910 [ 665.334692][T26487] ? _raw_spin_unlock+0x28/0x40 [ 665.336573][T26487] ? alloc_fd+0x2da/0x6c0 [ 665.337953][T26499] FAULT_INJECTION: forcing a failure. [ 665.337953][T26499] name failslab, interval 1, probability 0, space 0, times 0 [ 665.338147][T26487] do_sys_openat2+0x176/0x1e0 [ 665.338165][T26487] ? build_open_flags+0x690/0x690 [ 665.338176][T26487] __ia32_compat_sys_openat+0x16e/0x200 [ 665.348449][T26487] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 665.350501][T26487] ? ksys_write+0x1a7/0x250 [ 665.352202][T26487] ? rcu_is_watching+0x12/0xb0 [ 665.353968][T26487] __do_fast_syscall_32+0x61/0xe0 [ 665.355925][T26487] do_fast_syscall_32+0x33/0x70 [ 665.357734][T26487] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 665.360074][T26487] RIP: 0023:0xf7fc8579 [ 665.361588][T26487] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 665.368705][T26487] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 665.371745][T26487] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 665.374687][T26487] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 665.377663][T26487] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 665.381177][T26487] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 665.384709][T26487] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 665.387610][T26487] [ 665.388780][T26499] CPU: 3 PID: 26499 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 665.392480][T26499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 665.396230][T26499] Call Trace: [ 665.397474][T26499] [ 665.398579][T26499] dump_stack_lvl+0x125/0x1b0 [ 665.400393][T26499] should_fail_ex+0x496/0x5b0 [ 665.402120][T26499] should_failslab+0x9/0x20 [ 665.403781][T26499] kmem_cache_alloc_node+0x389/0x3f0 [ 665.405802][T26499] ? __alloc_skb+0x287/0x330 [ 665.407592][T26499] __alloc_skb+0x287/0x330 [ 665.409351][T26499] ? __napi_build_skb+0x50/0x50 [ 665.411145][T26499] ? __netlink_dump_start+0x910/0x9c0 [ 665.413130][T26499] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 665.415224][T26499] ? apparmor_socket_getpeersec_dgram+0x9/0x10 [ 665.417526][T26499] netlink_sendmsg+0x9c6/0xe40 [ 665.419343][T26499] ? netlink_unicast+0x810/0x810 [ 665.421203][T26499] ? __might_fault+0xe5/0x190 [ 665.423017][T26499] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 665.424998][T26499] ? netlink_unicast+0x810/0x810 [ 665.426817][T26499] sock_sendmsg+0xd9/0x180 [ 665.428491][T26499] ____sys_sendmsg+0x6ac/0x940 [ 665.430283][T26499] ? kernel_sendmsg+0x50/0x50 [ 665.432081][T26499] ? get_compat_msghdr+0x11b/0x170 [ 665.433974][T26499] ? rcu_is_watching+0x12/0xb0 [ 665.435745][T26499] ___sys_sendmsg+0x135/0x1d0 [ 665.437510][T26499] ? do_recvmmsg+0x740/0x740 [ 665.439273][T26499] ? rcu_is_watching+0x12/0xb0 [ 665.441141][T26499] ? proc_task_getattr+0x240/0x240 [ 665.443025][T26499] ? ksys_write+0x214/0x250 [ 665.444734][T26499] ? __fget_light+0xe6/0x260 [ 665.446436][T26499] __sys_sendmsg+0x117/0x1e0 [ 665.448151][T26499] ? __sys_sendmsg_sock+0x30/0x30 [ 665.450281][T26499] ? rcu_is_watching+0x12/0xb0 [ 665.452136][T26499] __do_fast_syscall_32+0x61/0xe0 [ 665.453952][T26499] do_fast_syscall_32+0x33/0x70 [ 665.455741][T26499] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 665.458055][T26499] RIP: 0023:0xf7f17579 [ 665.459525][T26499] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 665.466562][T26499] RSP: 002b:00000000f7ef15ac EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 665.469674][T26499] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200002c0 [ 665.472623][T26499] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 665.475750][T26499] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 665.478645][T26499] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 665.481601][T26499] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 665.484656][T26499] 13:17:31 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 16) 13:17:31 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x4000000, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:31 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) (fail_nth: 3) [ 665.510952][T26501] FAULT_INJECTION: forcing a failure. [ 665.510952][T26501] name failslab, interval 1, probability 0, space 0, times 0 [ 665.515747][T26501] CPU: 3 PID: 26501 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 13:17:31 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) (fail_nth: 4) [ 665.519485][T26501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 665.523516][T26501] Call Trace: [ 665.524819][T26501] [ 665.525966][T26501] dump_stack_lvl+0x125/0x1b0 [ 665.527806][T26501] should_fail_ex+0x496/0x5b0 [ 665.529663][T26501] should_failslab+0x9/0x20 [ 665.531433][T26501] __kmem_cache_alloc_node+0x2fd/0x350 [ 665.533546][T26501] ? apply_wqattrs_prepare+0x137/0xa90 [ 665.534767][T26508] FAULT_INJECTION: forcing a failure. [ 665.534767][T26508] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 665.535650][T26501] kmalloc_trace+0x25/0xe0 [ 665.535664][T26501] apply_wqattrs_prepare+0x137/0xa90 [ 665.535681][T26501] ? preempt_count_sub+0x150/0x150 [ 665.546116][T26501] apply_workqueue_attrs_locked+0xcb/0x150 [ 665.548364][T26501] alloc_workqueue+0xc8b/0x1490 [ 665.550297][T26501] ? workqueue_sysfs_register+0x400/0x400 [ 665.552471][T26501] ? rcu_is_watching+0x12/0xb0 [ 665.554274][T26501] nci_register_device+0x221/0xb80 [ 665.556244][T26501] ? nci_init_complete_req+0x410/0x410 [ 665.558320][T26501] ? lockdep_init_map_type+0x16d/0x7c0 [ 665.560756][T26501] virtual_ncidev_open+0x147/0x220 [ 665.562739][T26501] ? virtual_ncidev_read+0x4e0/0x4e0 [ 665.564759][T26501] misc_open+0x3da/0x4c0 [ 665.566345][T26501] ? misc_devnode+0x120/0x120 [ 665.568121][T26501] chrdev_open+0x277/0x700 [ 665.569846][T26501] ? __unregister_chrdev+0x100/0x100 [ 665.571805][T26501] ? fsnotify_perm.part.0+0x25d/0x630 [ 665.573804][T26501] ? fsnotify_perm.part.0+0x268/0x630 [ 665.575794][T26501] do_dentry_open+0x88b/0x1730 [ 665.577665][T26501] ? __unregister_chrdev+0x100/0x100 [ 665.579613][T26501] ? may_open+0x1f2/0x400 [ 665.581254][T26501] path_openat+0x19af/0x29c0 [ 665.582991][T26501] ? path_lookupat+0x770/0x770 [ 665.584797][T26501] do_filp_open+0x1de/0x430 [ 665.586515][T26501] ? may_open_dev+0xf0/0xf0 [ 665.588230][T26501] ? expand_files+0x442/0x910 [ 665.590021][T26501] ? _raw_spin_unlock+0x28/0x40 [ 665.591837][T26501] ? alloc_fd+0x2da/0x6c0 [ 665.593450][T26501] do_sys_openat2+0x176/0x1e0 [ 665.595202][T26501] ? build_open_flags+0x690/0x690 [ 665.597140][T26501] __ia32_compat_sys_openat+0x16e/0x200 [ 665.599707][T26501] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 665.601815][T26501] ? ksys_write+0x1a7/0x250 [ 665.603518][T26501] ? rcu_is_watching+0x12/0xb0 [ 665.605369][T26501] __do_fast_syscall_32+0x61/0xe0 [ 665.607263][T26501] do_fast_syscall_32+0x33/0x70 [ 665.609124][T26501] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 665.611495][T26501] RIP: 0023:0xf7fc8579 [ 665.613084][T26501] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 665.620316][T26501] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 665.623466][T26501] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 665.626440][T26501] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 665.629454][T26501] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 665.632462][T26501] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 665.635456][T26501] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 665.638446][T26501] 13:17:31 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x5000000, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 665.639654][T26508] CPU: 0 PID: 26508 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 665.643362][T26508] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 665.646836][T26508] Call Trace: [ 665.648012][T26508] [ 665.649042][T26508] dump_stack_lvl+0x125/0x1b0 [ 665.650680][T26508] should_fail_ex+0x496/0x5b0 [ 665.652344][T26508] copyin+0x1b/0xa0 [ 665.653746][T26508] _copy_from_iter+0x1e5/0x1270 [ 665.655911][T26508] ? __build_skb_around+0x278/0x3b0 [ 665.658059][T26508] ? iov_iter_extract_pages+0x1870/0x1870 [ 665.660578][T26508] ? __napi_build_skb+0x50/0x50 [ 665.662472][T26508] ? __netlink_dump_start+0x910/0x9c0 [ 665.664562][T26508] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 665.667049][T26508] ? __virt_addr_valid+0x5e/0x2d0 [ 665.669449][T26508] ? __phys_addr_symbol+0x30/0x70 [ 665.671822][T26508] ? __check_object_size+0x323/0x730 [ 665.674312][T26508] netlink_sendmsg+0x897/0xe40 [ 665.676286][T26512] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 665.676610][T26508] ? netlink_unicast+0x810/0x810 [ 665.676639][T26508] ? __might_fault+0xe5/0x190 [ 665.676659][T26508] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 665.686972][T26508] ? netlink_unicast+0x810/0x810 [ 665.689225][T26508] sock_sendmsg+0xd9/0x180 [ 665.691343][T26508] ____sys_sendmsg+0x6ac/0x940 [ 665.693622][T26508] ? kernel_sendmsg+0x50/0x50 [ 665.695669][T26508] ? get_compat_msghdr+0x11b/0x170 [ 665.697784][T26508] ? rcu_is_watching+0x12/0xb0 [ 665.699700][T26508] ___sys_sendmsg+0x135/0x1d0 [ 665.701487][T26508] ? do_recvmmsg+0x740/0x740 [ 665.703205][T26508] ? rcu_is_watching+0x12/0xb0 [ 665.705036][T26508] ? proc_task_getattr+0x240/0x240 [ 665.706957][T26508] ? ksys_write+0x214/0x250 [ 665.708760][T26508] ? __fget_light+0xe6/0x260 [ 665.710809][T26508] __sys_sendmsg+0x117/0x1e0 [ 665.712579][T26508] ? __sys_sendmsg_sock+0x30/0x30 [ 665.714497][T26508] ? rcu_is_watching+0x12/0xb0 [ 665.716341][T26508] __do_fast_syscall_32+0x61/0xe0 [ 665.718237][T26508] do_fast_syscall_32+0x33/0x70 [ 665.720172][T26508] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 665.722547][T26508] RIP: 0023:0xf7f17579 [ 665.724135][T26508] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 665.731802][T26508] RSP: 002b:00000000f7f125ac EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 665.735261][T26508] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200002c0 [ 665.738439][T26508] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 665.741620][T26508] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 665.744920][T26508] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 665.748002][T26508] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 665.751137][T26508] 13:17:31 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x4, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:31 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x6000000, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:31 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) (fail_nth: 5) 13:17:31 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 17) 13:17:31 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x7000000, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:31 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x5, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 665.780212][T26516] FAULT_INJECTION: forcing a failure. [ 665.780212][T26516] name failslab, interval 1, probability 0, space 0, times 0 [ 665.785376][T26516] CPU: 1 PID: 26516 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 665.787248][T26520] FAULT_INJECTION: forcing a failure. [ 665.787248][T26520] name failslab, interval 1, probability 0, space 0, times 0 [ 665.789183][T26516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 665.789192][T26516] Call Trace: [ 665.789196][T26516] [ 665.789201][T26516] dump_stack_lvl+0x125/0x1b0 [ 665.789221][T26516] should_fail_ex+0x496/0x5b0 [ 665.803835][T26516] should_failslab+0x9/0x20 [ 665.805517][T26516] kmem_cache_alloc_node+0x389/0x3f0 [ 665.807490][T26516] ? alloc_unbound_pwq+0x41e/0xd00 [ 665.809382][T26516] alloc_unbound_pwq+0x41e/0xd00 [ 665.811206][T26516] ? kasan_set_track+0x25/0x30 [ 665.812974][T26516] apply_wqattrs_prepare+0x3be/0xa90 [ 665.814910][T26516] apply_workqueue_attrs_locked+0xcb/0x150 [ 665.817232][T26516] alloc_workqueue+0xc8b/0x1490 [ 665.819477][T26516] ? workqueue_sysfs_register+0x400/0x400 [ 665.821589][T26516] ? rcu_is_watching+0x12/0xb0 [ 665.823367][T26516] nci_register_device+0x221/0xb80 [ 665.825250][T26516] ? nci_init_complete_req+0x410/0x410 [ 665.827266][T26516] ? lockdep_init_map_type+0x16d/0x7c0 [ 665.829305][T26516] virtual_ncidev_open+0x147/0x220 [ 665.831176][T26516] ? virtual_ncidev_read+0x4e0/0x4e0 [ 665.833111][T26516] misc_open+0x3da/0x4c0 [ 665.834669][T26516] ? misc_devnode+0x120/0x120 [ 665.836445][T26516] chrdev_open+0x277/0x700 [ 665.838476][T26516] ? __unregister_chrdev+0x100/0x100 [ 665.840464][T26516] ? fsnotify_perm.part.0+0x25d/0x630 [ 665.842465][T26516] ? fsnotify_perm.part.0+0x268/0x630 [ 665.844485][T26516] do_dentry_open+0x88b/0x1730 [ 665.846317][T26516] ? __unregister_chrdev+0x100/0x100 [ 665.848337][T26516] ? may_open+0x1f2/0x400 [ 665.849959][T26516] path_openat+0x19af/0x29c0 [ 665.851711][T26516] ? path_lookupat+0x770/0x770 [ 665.853535][T26516] do_filp_open+0x1de/0x430 [ 665.855239][T26516] ? may_open_dev+0xf0/0xf0 [ 665.856989][T26516] ? expand_files+0x442/0x910 [ 665.858753][T26516] ? _raw_spin_unlock+0x28/0x40 [ 665.860597][T26516] ? alloc_fd+0x2da/0x6c0 [ 665.862219][T26516] do_sys_openat2+0x176/0x1e0 [ 665.863950][T26516] ? build_open_flags+0x690/0x690 [ 665.865824][T26516] __ia32_compat_sys_openat+0x16e/0x200 [ 665.868306][T26516] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 665.870847][T26516] ? ksys_write+0x1a7/0x250 [ 665.872981][T26516] ? rcu_is_watching+0x12/0xb0 [ 665.875220][T26516] __do_fast_syscall_32+0x61/0xe0 [ 665.877142][T26516] do_fast_syscall_32+0x33/0x70 [ 665.878956][T26516] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 665.881716][T26516] RIP: 0023:0xf7fc8579 [ 665.883623][T26516] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 665.892531][T26516] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 665.895653][T26516] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 665.899139][T26516] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 665.902812][T26516] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 665.906382][T26516] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 665.910044][T26516] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 665.913675][T26516] [ 665.915084][T26520] CPU: 0 PID: 26520 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 665.919695][T26520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 665.924012][T26520] Call Trace: [ 665.925549][T26520] [ 665.926944][T26520] dump_stack_lvl+0x125/0x1b0 [ 665.929143][T26520] should_fail_ex+0x496/0x5b0 [ 665.931334][T26520] should_failslab+0x9/0x20 [ 665.933262][T26520] __kmem_cache_alloc_node+0x2fd/0x350 [ 665.935278][T26520] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x280 [ 665.938014][T26520] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x280 [ 665.940742][T26520] __kmalloc+0x4f/0x100 [ 665.942298][T26520] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x280 [ 665.944937][T26520] genl_family_rcv_msg_doit+0xbf/0x2e0 [ 665.946971][T26520] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 665.949704][T26520] ? security_capable+0x92/0xc0 [ 665.951511][T26520] genl_rcv_msg+0x55c/0x800 [ 665.953242][T26520] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 665.955575][T26520] ? nl802154_wpan_phy_netns+0x2c0/0x2c0 [ 665.957672][T26520] ? nl802154_set_lbt_mode+0x4e0/0x4e0 [ 665.959712][T26520] ? nl802154_pre_doit+0xd20/0xd20 [ 665.961659][T26520] netlink_rcv_skb+0x16b/0x440 [ 665.963620][T26520] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 665.965807][T26520] ? netlink_ack+0x1370/0x1370 [ 665.967596][T26520] ? rcu_is_watching+0x12/0xb0 [ 665.969420][T26520] ? down_write+0x200/0x200 [ 665.971130][T26520] ? netlink_deliver_tap+0x1b1/0xd10 [ 665.973289][T26520] genl_rcv+0x28/0x40 [ 665.975140][T26520] netlink_unicast+0x536/0x810 [ 665.977380][T26520] ? netlink_attachskb+0x870/0x870 [ 665.979326][T26520] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 665.981544][T26520] ? __phys_addr_symbol+0x30/0x70 [ 665.983410][T26520] ? __check_object_size+0x323/0x730 [ 665.985379][T26520] netlink_sendmsg+0x93c/0xe40 [ 665.987173][T26520] ? netlink_unicast+0x810/0x810 [ 665.989040][T26520] ? __might_fault+0xe5/0x190 [ 665.990788][T26520] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 665.992759][T26520] ? netlink_unicast+0x810/0x810 [ 665.994602][T26520] sock_sendmsg+0xd9/0x180 [ 665.996307][T26520] ____sys_sendmsg+0x6ac/0x940 [ 665.998096][T26520] ? kernel_sendmsg+0x50/0x50 [ 665.999858][T26520] ? get_compat_msghdr+0x11b/0x170 [ 666.001765][T26520] ? rcu_is_watching+0x12/0xb0 [ 666.003539][T26520] ___sys_sendmsg+0x135/0x1d0 [ 666.005303][T26520] ? do_recvmmsg+0x740/0x740 [ 666.007020][T26520] ? rcu_is_watching+0x12/0xb0 [ 666.009152][T26520] ? proc_task_getattr+0x240/0x240 [ 666.011540][T26520] ? ksys_write+0x214/0x250 [ 666.013469][T26520] ? __fget_light+0xe6/0x260 [ 666.015181][T26520] __sys_sendmsg+0x117/0x1e0 [ 666.016925][T26520] ? __sys_sendmsg_sock+0x30/0x30 [ 666.018791][T26520] ? rcu_is_watching+0x12/0xb0 [ 666.020619][T26520] __do_fast_syscall_32+0x61/0xe0 [ 666.022576][T26520] do_fast_syscall_32+0x33/0x70 [ 666.024397][T26520] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 666.026891][T26520] RIP: 0023:0xf7f17579 [ 666.028779][T26520] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 666.036559][T26520] RSP: 002b:00000000f7f125ac EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 666.039711][T26520] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200002c0 [ 666.042661][T26520] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 666.045580][T26520] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 666.048501][T26520] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 666.051414][T26520] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 666.054394][T26520] 13:17:31 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x9000000, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:31 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 18) 13:17:31 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) (fail_nth: 6) 13:17:31 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x6, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 666.082596][T26527] FAULT_INJECTION: forcing a failure. [ 666.082596][T26527] name failslab, interval 1, probability 0, space 0, times 0 [ 666.084327][T26531] netlink: 'syz-executor.3': attribute type 11 has an invalid length. 13:17:31 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xf000000, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 666.084931][T26532] FAULT_INJECTION: forcing a failure. [ 666.084931][T26532] name failslab, interval 1, probability 0, space 0, times 0 13:17:31 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 19) [ 666.084952][T26532] CPU: 1 PID: 26532 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 666.084970][T26532] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 666.084979][T26532] Call Trace: [ 666.084984][T26532] [ 666.084990][T26532] dump_stack_lvl+0x125/0x1b0 [ 666.085015][T26532] should_fail_ex+0x496/0x5b0 [ 666.085044][T26532] should_failslab+0x9/0x20 13:17:31 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x7, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 666.085061][T26532] __kmem_cache_alloc_node+0x2fd/0x350 [ 666.085086][T26532] ? alloc_worker+0x40/0x1a0 [ 666.085105][T26532] ? alloc_workqueue+0xeaf/0x1490 13:17:31 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x3f000000, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 666.085121][T26532] ? reacquire_held_locks+0x4b0/0x4b0 [ 666.085146][T26532] kmalloc_node_trace+0x22/0xd0 [ 666.085162][T26532] alloc_worker+0x40/0x1a0 [ 666.085181][T26532] init_rescuer+0x6f/0x1f0 [ 666.085224][T26532] alloc_workqueue+0xd35/0x1490 [ 666.085250][T26532] ? workqueue_sysfs_register+0x400/0x400 [ 666.085284][T26532] ? rcu_is_watching+0x12/0xb0 [ 666.085306][T26532] nci_register_device+0x221/0xb80 [ 666.085330][T26532] ? nci_init_complete_req+0x410/0x410 [ 666.085344][T26532] ? lockdep_init_map_type+0x16d/0x7c0 [ 666.085370][T26532] virtual_ncidev_open+0x147/0x220 [ 666.085396][T26532] ? virtual_ncidev_read+0x4e0/0x4e0 [ 666.085421][T26532] misc_open+0x3da/0x4c0 [ 666.085440][T26532] ? misc_devnode+0x120/0x120 [ 666.085458][T26532] chrdev_open+0x277/0x700 [ 666.085478][T26532] ? __unregister_chrdev+0x100/0x100 [ 666.085499][T26532] ? fsnotify_perm.part.0+0x25d/0x630 [ 666.085518][T26532] ? fsnotify_perm.part.0+0x268/0x630 [ 666.085540][T26532] do_dentry_open+0x88b/0x1730 [ 666.085563][T26532] ? __unregister_chrdev+0x100/0x100 [ 666.085587][T26532] ? may_open+0x1f2/0x400 [ 666.085601][T26532] path_openat+0x19af/0x29c0 [ 666.085628][T26532] ? path_lookupat+0x770/0x770 [ 666.085653][T26532] do_filp_open+0x1de/0x430 [ 666.085676][T26532] ? may_open_dev+0xf0/0xf0 [ 666.085691][T26532] ? expand_files+0x442/0x910 [ 666.085719][T26532] ? _raw_spin_unlock+0x28/0x40 [ 666.085741][T26532] ? alloc_fd+0x2da/0x6c0 [ 666.085761][T26532] do_sys_openat2+0x176/0x1e0 [ 666.085778][T26532] ? build_open_flags+0x690/0x690 [ 666.085796][T26532] __ia32_compat_sys_openat+0x16e/0x200 [ 666.085812][T26532] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 666.085829][T26532] ? ksys_write+0x1a7/0x250 [ 666.085849][T26532] ? rcu_is_watching+0x12/0xb0 [ 666.085866][T26532] __do_fast_syscall_32+0x61/0xe0 [ 666.085883][T26532] do_fast_syscall_32+0x33/0x70 [ 666.085897][T26532] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 666.085909][T26532] RIP: 0023:0xf7fc8579 [ 666.085917][T26532] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 666.085927][T26532] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 666.085937][T26532] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 666.085944][T26532] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 666.085949][T26532] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 666.085955][T26532] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 666.085961][T26532] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 666.085970][T26532] [ 666.086025][T26532] workqueue: Failed to allocate a rescuer for wq "nfc2_nci_cmd_wq" [ 666.087074][T26527] CPU: 2 PID: 26527 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 666.087088][T26527] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 666.087093][T26527] Call Trace: [ 666.087097][T26527] [ 666.087100][T26527] dump_stack_lvl+0x125/0x1b0 [ 666.087117][T26527] should_fail_ex+0x496/0x5b0 [ 666.087132][T26527] should_failslab+0x9/0x20 [ 666.087142][T26527] kmem_cache_alloc_node+0x389/0x3f0 [ 666.118439][T26536] FAULT_INJECTION: forcing a failure. [ 666.118439][T26536] name failslab, interval 1, probability 0, space 0, times 0 [ 666.119395][T26527] ? __alloc_skb+0x287/0x330 [ 666.119415][T26527] __alloc_skb+0x287/0x330 [ 666.119429][T26527] ? __napi_build_skb+0x50/0x50 [ 666.123793][T26538] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 666.124520][T26527] ? security_capable+0x92/0xc0 [ 666.124540][T26527] netlink_ack+0x3bb/0x1370 [ 666.124556][T26527] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 666.124567][T26527] ? netlink_sendmsg+0xe40/0xe40 [ 666.247562][T26527] netlink_rcv_skb+0x345/0x440 [ 666.249307][T26527] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 666.251433][T26527] ? netlink_ack+0x1370/0x1370 [ 666.253177][T26527] ? rcu_is_watching+0x12/0xb0 [ 666.254969][T26527] ? down_write+0x200/0x200 [ 666.256818][T26527] ? netlink_deliver_tap+0x1b1/0xd10 [ 666.258725][T26527] genl_rcv+0x28/0x40 [ 666.260205][T26527] netlink_unicast+0x536/0x810 [ 666.261920][T26527] ? netlink_attachskb+0x870/0x870 [ 666.263761][T26527] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 666.265904][T26527] ? __phys_addr_symbol+0x30/0x70 [ 666.267735][T26527] ? __check_object_size+0x323/0x730 [ 666.269657][T26527] netlink_sendmsg+0x93c/0xe40 [ 666.271391][T26527] ? netlink_unicast+0x810/0x810 [ 666.273224][T26527] ? __might_fault+0xe5/0x190 [ 666.275190][T26527] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 666.277181][T26527] ? netlink_unicast+0x810/0x810 [ 666.278962][T26527] sock_sendmsg+0xd9/0x180 [ 666.280597][T26527] ____sys_sendmsg+0x6ac/0x940 [ 666.282329][T26527] ? kernel_sendmsg+0x50/0x50 [ 666.284128][T26527] ? get_compat_msghdr+0x11b/0x170 [ 666.286104][T26527] ? rcu_is_watching+0x12/0xb0 [ 666.287827][T26527] ___sys_sendmsg+0x135/0x1d0 [ 666.289897][T26527] ? do_recvmmsg+0x740/0x740 [ 666.291710][T26527] ? rcu_is_watching+0x12/0xb0 [ 666.293498][T26527] ? proc_task_getattr+0x240/0x240 [ 666.295596][T26527] ? ksys_write+0x214/0x250 [ 666.297262][T26527] ? __fget_light+0xe6/0x260 [ 666.298932][T26527] __sys_sendmsg+0x117/0x1e0 [ 666.300643][T26527] ? __sys_sendmsg_sock+0x30/0x30 [ 666.302477][T26527] ? rcu_is_watching+0x12/0xb0 [ 666.304224][T26527] __do_fast_syscall_32+0x61/0xe0 [ 666.306086][T26527] do_fast_syscall_32+0x33/0x70 [ 666.307847][T26527] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 666.310129][T26527] RIP: 0023:0xf7f17579 [ 666.311601][T26527] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 666.318688][T26527] RSP: 002b:00000000f7f125ac EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 666.321684][T26527] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200002c0 [ 666.324519][T26527] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 666.327558][T26527] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 666.330417][T26527] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 666.333259][T26527] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 666.336292][T26527] [ 666.337411][T26536] CPU: 1 PID: 26536 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 666.341851][T26536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 666.346360][T26536] Call Trace: [ 666.347748][T26536] [ 666.348857][T26536] dump_stack_lvl+0x125/0x1b0 [ 666.350598][T26536] should_fail_ex+0x496/0x5b0 [ 666.352347][T26536] should_failslab+0x9/0x20 [ 666.354023][T26536] __kmem_cache_alloc_node+0x2fd/0x350 13:17:31 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) (fail_nth: 7) [ 666.356044][T26536] ? __kthread_create_on_node+0xcb/0x400 [ 666.358320][T26536] ? lockdep_init_map_type+0x16d/0x7c0 [ 666.360350][T26536] ? worker_thread+0x1290/0x1290 [ 666.362189][T26536] kmalloc_trace+0x25/0xe0 [ 666.363845][T26536] __kthread_create_on_node+0xcb/0x400 [ 666.365859][T26536] ? entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 666.368284][T26536] ? kthread_parkme+0xa0/0xa0 [ 666.370015][T26536] ? worker_thread+0x1290/0x1290 [ 666.371833][T26536] kthread_create_on_node+0xc8/0x100 [ 666.373775][T26536] ? __kthread_create_on_node+0x400/0x400 [ 666.375860][T26536] ? kasan_set_track+0x25/0x30 [ 666.377742][T26536] init_rescuer+0xce/0x1f0 [ 666.379395][T26536] alloc_workqueue+0xd35/0x1490 [ 666.381212][T26536] ? workqueue_sysfs_register+0x400/0x400 [ 666.383281][T26536] ? rcu_is_watching+0x12/0xb0 [ 666.385051][T26536] nci_register_device+0x221/0xb80 [ 666.386964][T26536] ? nci_init_complete_req+0x410/0x410 [ 666.389054][T26536] ? lockdep_init_map_type+0x16d/0x7c0 [ 666.391017][T26536] virtual_ncidev_open+0x147/0x220 [ 666.392910][T26536] ? virtual_ncidev_read+0x4e0/0x4e0 [ 666.394834][T26536] misc_open+0x3da/0x4c0 [ 666.396447][T26536] ? misc_devnode+0x120/0x120 [ 666.398447][T26536] chrdev_open+0x277/0x700 [ 666.400110][T26536] ? __unregister_chrdev+0x100/0x100 [ 666.401972][T26536] ? fsnotify_perm.part.0+0x25d/0x630 [ 666.403931][T26536] ? fsnotify_perm.part.0+0x268/0x630 [ 666.405871][T26536] do_dentry_open+0x88b/0x1730 [ 666.407671][T26536] ? __unregister_chrdev+0x100/0x100 [ 666.409608][T26536] ? may_open+0x1f2/0x400 [ 666.411176][T26536] path_openat+0x19af/0x29c0 [ 666.412901][T26536] ? path_lookupat+0x770/0x770 [ 666.414664][T26536] do_filp_open+0x1de/0x430 [ 666.416338][T26536] ? may_open_dev+0xf0/0xf0 [ 666.417991][T26536] ? expand_files+0x442/0x910 [ 666.419715][T26536] ? _raw_spin_unlock+0x28/0x40 [ 666.421511][T26536] ? alloc_fd+0x2da/0x6c0 [ 666.423088][T26536] do_sys_openat2+0x176/0x1e0 [ 666.424819][T26536] ? build_open_flags+0x690/0x690 [ 666.426754][T26536] __ia32_compat_sys_openat+0x16e/0x200 [ 666.428870][T26536] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 666.430905][T26536] ? ksys_write+0x1a7/0x250 [ 666.432648][T26536] ? rcu_is_watching+0x12/0xb0 [ 666.434436][T26536] __do_fast_syscall_32+0x61/0xe0 [ 666.436361][T26536] do_fast_syscall_32+0x33/0x70 [ 666.438194][T26536] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 666.440575][T26536] RIP: 0023:0xf7fc8579 [ 666.442099][T26536] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 666.449398][T26536] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 666.452440][T26536] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 666.455281][T26536] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 666.458123][T26536] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 666.460959][T26536] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 666.463776][T26536] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 666.466634][T26536] 13:17:32 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 20) 13:17:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x79a5f2f7, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:32 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 666.469805][T26536] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -ENOMEM [ 666.488616][T26548] FAULT_INJECTION: forcing a failure. [ 666.488616][T26548] name failslab, interval 1, probability 0, space 0, times 0 [ 666.497259][T26548] CPU: 1 PID: 26548 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 666.501130][T26548] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 666.505373][T26548] Call Trace: [ 666.506816][T26548] [ 666.507957][T26548] dump_stack_lvl+0x125/0x1b0 [ 666.509869][T26548] should_fail_ex+0x496/0x5b0 [ 666.511603][T26548] should_failslab+0x9/0x20 [ 666.513279][T26548] __kmem_cache_alloc_node+0x2fd/0x350 [ 666.515268][T26548] ? __kthread_create_on_node+0xcb/0x400 [ 666.517630][T26548] ? lockdep_init_map_type+0x16d/0x7c0 [ 666.520183][T26548] ? worker_thread+0x1290/0x1290 [ 666.522434][T26548] kmalloc_trace+0x25/0xe0 [ 666.524459][T26548] __kthread_create_on_node+0xcb/0x400 [ 666.526900][T26548] ? entry_SYSENTER_compat_after_hwframe+0x70/0x82 13:17:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x9effffff, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:32 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 666.529830][T26548] ? kthread_parkme+0xa0/0xa0 [ 666.532123][T26548] ? worker_thread+0x1290/0x1290 [ 666.534355][T26548] kthread_create_on_node+0xc8/0x100 [ 666.536737][T26548] ? __kthread_create_on_node+0x400/0x400 [ 666.539263][T26548] ? kasan_set_track+0x25/0x30 [ 666.541338][T26548] init_rescuer+0xce/0x1f0 [ 666.543255][T26548] alloc_workqueue+0xd35/0x1490 [ 666.545432][T26548] ? workqueue_sysfs_register+0x400/0x400 [ 666.548004][T26548] ? rcu_is_watching+0x12/0xb0 [ 666.550063][T26548] nci_register_device+0x221/0xb80 [ 666.552279][T26548] ? nci_init_complete_req+0x410/0x410 [ 666.554615][T26548] ? lockdep_init_map_type+0x16d/0x7c0 [ 666.556771][T26548] virtual_ncidev_open+0x147/0x220 [ 666.558619][T26548] ? virtual_ncidev_read+0x4e0/0x4e0 [ 666.560556][T26548] misc_open+0x3da/0x4c0 [ 666.562083][T26548] ? misc_devnode+0x120/0x120 [ 666.563811][T26548] chrdev_open+0x277/0x700 [ 666.565467][T26548] ? __unregister_chrdev+0x100/0x100 [ 666.567494][T26548] ? fsnotify_perm.part.0+0x25d/0x630 [ 666.569453][T26548] ? fsnotify_perm.part.0+0x268/0x630 [ 666.571405][T26548] do_dentry_open+0x88b/0x1730 [ 666.573168][T26548] ? __unregister_chrdev+0x100/0x100 [ 666.575103][T26548] ? may_open+0x1f2/0x400 [ 666.576702][T26548] path_openat+0x19af/0x29c0 [ 666.578398][T26548] ? path_lookupat+0x770/0x770 [ 666.580184][T26548] do_filp_open+0x1de/0x430 [ 666.581855][T26548] ? may_open_dev+0xf0/0xf0 [ 666.583514][T26548] ? expand_files+0x442/0x910 [ 666.585242][T26548] ? _raw_spin_unlock+0x28/0x40 [ 666.587255][T26548] ? alloc_fd+0x2da/0x6c0 [ 666.588970][T26548] do_sys_openat2+0x176/0x1e0 [ 666.590712][T26548] ? build_open_flags+0x690/0x690 [ 666.592660][T26548] __ia32_compat_sys_openat+0x16e/0x200 [ 666.594738][T26548] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 666.596789][T26548] ? ksys_write+0x1a7/0x250 [ 666.598467][T26548] ? rcu_is_watching+0x12/0xb0 [ 666.600262][T26548] __do_fast_syscall_32+0x61/0xe0 [ 666.602115][T26548] do_fast_syscall_32+0x33/0x70 [ 666.603900][T26548] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 666.606192][T26548] RIP: 0023:0xf7fc8579 [ 666.607858][T26548] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 666.614816][T26548] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 666.617843][T26548] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 666.620738][T26548] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 666.623613][T26548] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 666.626570][T26548] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 666.629933][T26548] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 666.632821][T26548] 13:17:32 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x2, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:32 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 21) 13:17:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xf0ffffff, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:32 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x8, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 666.635983][T26548] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -ENOMEM 13:17:32 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x3, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 666.654885][T26560] FAULT_INJECTION: forcing a failure. [ 666.654885][T26560] name failslab, interval 1, probability 0, space 0, times 0 [ 666.663312][T26565] netlink: 'syz-executor.3': attribute type 11 has an invalid length. 13:17:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xf7f2a579, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 666.665078][T26560] CPU: 2 PID: 26560 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 666.671190][T26560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 666.674855][T26560] Call Trace: [ 666.676106][T26560] 13:17:32 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x9, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 666.677208][T26560] dump_stack_lvl+0x125/0x1b0 13:17:32 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x4, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 666.679123][T26560] should_fail_ex+0x496/0x5b0 13:17:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xfffff000, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 666.681018][T26560] should_failslab+0x9/0x20 [ 666.682807][T26560] __kmem_cache_alloc_node+0x2fd/0x350 [ 666.684814][T26560] ? alloc_workqueue+0x16f/0x1490 [ 666.686678][T26560] kmalloc_trace+0x25/0xe0 [ 666.688335][T26560] alloc_workqueue+0x16f/0x1490 [ 666.690129][T26560] ? lock_sync+0x190/0x190 [ 666.691773][T26560] ? workqueue_sysfs_register+0x400/0x400 [ 666.693865][T26560] ? rcu_is_watching+0x12/0xb0 [ 666.693995][T26572] netlink: 'syz-executor.3': attribute type 11 has an invalid length. 13:17:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xffffff7f, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 666.695620][T26560] nci_register_device+0x397/0xb80 [ 666.695637][T26560] ? nci_init_complete_req+0x410/0x410 [ 666.695649][T26560] ? lockdep_init_map_type+0x16d/0x7c0 [ 666.695665][T26560] virtual_ncidev_open+0x147/0x220 [ 666.708103][T26560] ? virtual_ncidev_read+0x4e0/0x4e0 [ 666.710060][T26560] misc_open+0x3da/0x4c0 [ 666.711658][T26560] ? misc_devnode+0x120/0x120 [ 666.713398][T26560] chrdev_open+0x277/0x700 [ 666.715042][T26560] ? __unregister_chrdev+0x100/0x100 [ 666.717005][T26560] ? fsnotify_perm.part.0+0x25d/0x630 [ 666.719016][T26560] ? fsnotify_perm.part.0+0x268/0x630 [ 666.721000][T26560] do_dentry_open+0x88b/0x1730 [ 666.723175][T26560] ? __unregister_chrdev+0x100/0x100 [ 666.725279][T26560] ? may_open+0x1f2/0x400 [ 666.726876][T26560] path_openat+0x19af/0x29c0 [ 666.728586][T26560] ? path_lookupat+0x770/0x770 [ 666.730340][T26560] do_filp_open+0x1de/0x430 [ 666.732018][T26560] ? may_open_dev+0xf0/0xf0 [ 666.733702][T26560] ? expand_files+0x442/0x910 [ 666.735418][T26560] ? _raw_spin_unlock+0x28/0x40 [ 666.737206][T26560] ? alloc_fd+0x2da/0x6c0 [ 666.738773][T26560] do_sys_openat2+0x176/0x1e0 [ 666.740510][T26560] ? build_open_flags+0x690/0x690 [ 666.742376][T26560] __ia32_compat_sys_openat+0x16e/0x200 [ 666.744395][T26560] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 666.746371][T26560] ? ksys_write+0x1a7/0x250 [ 666.748019][T26560] ? rcu_is_watching+0x12/0xb0 [ 666.749757][T26560] __do_fast_syscall_32+0x61/0xe0 [ 666.751566][T26560] do_fast_syscall_32+0x33/0x70 [ 666.753374][T26560] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 666.755663][T26560] RIP: 0023:0xf7fc8579 [ 666.757164][T26560] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 666.764158][T26560] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 666.767177][T26560] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 666.770046][T26560] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 666.772919][T26560] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 666.776256][T26560] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 666.779186][T26560] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 666.782092][T26560] 13:17:32 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 22) 13:17:32 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x5, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xffffff9e, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 666.803716][T26582] FAULT_INJECTION: forcing a failure. [ 666.803716][T26582] name failslab, interval 1, probability 0, space 0, times 0 13:17:32 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x6, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 666.809433][T26582] CPU: 1 PID: 26582 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 666.813207][T26582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 666.817030][T26582] Call Trace: [ 666.818320][T26582] [ 666.819425][T26582] dump_stack_lvl+0x125/0x1b0 [ 666.821203][T26582] should_fail_ex+0x496/0x5b0 [ 666.822974][T26582] should_failslab+0x9/0x20 [ 666.824779][T26582] __kmem_cache_alloc_node+0x2fd/0x350 [ 666.826740][T26582] ? alloc_workqueue+0x1d4/0x1490 [ 666.828594][T26582] kmalloc_trace+0x25/0xe0 [ 666.830243][T26582] alloc_workqueue+0x1d4/0x1490 [ 666.832240][T26582] ? do_raw_spin_unlock+0x173/0x230 [ 666.834189][T26582] ? workqueue_sysfs_register+0x400/0x400 [ 666.836350][T26582] ? rcu_is_watching+0x12/0xb0 [ 666.838126][T26582] nci_register_device+0x397/0xb80 [ 666.840037][T26582] ? nci_init_complete_req+0x410/0x410 [ 666.842058][T26582] ? lockdep_init_map_type+0x16d/0x7c0 [ 666.844130][T26582] virtual_ncidev_open+0x147/0x220 [ 666.846013][T26582] ? virtual_ncidev_read+0x4e0/0x4e0 [ 666.847958][T26582] misc_open+0x3da/0x4c0 [ 666.849516][T26582] ? misc_devnode+0x120/0x120 [ 666.851249][T26582] chrdev_open+0x277/0x700 [ 666.852918][T26582] ? __unregister_chrdev+0x100/0x100 [ 666.854899][T26582] ? fsnotify_perm.part.0+0x25d/0x630 [ 666.856950][T26582] ? fsnotify_perm.part.0+0x268/0x630 [ 666.858931][T26582] do_dentry_open+0x88b/0x1730 [ 666.860741][T26582] ? __unregister_chrdev+0x100/0x100 [ 666.862741][T26582] ? may_open+0x1f2/0x400 [ 666.864363][T26582] path_openat+0x19af/0x29c0 [ 666.866321][T26582] ? path_lookupat+0x770/0x770 [ 666.868173][T26582] do_filp_open+0x1de/0x430 [ 666.869882][T26582] ? may_open_dev+0xf0/0xf0 [ 666.871563][T26582] ? expand_files+0x442/0x910 [ 666.873325][T26582] ? _raw_spin_unlock+0x28/0x40 [ 666.875161][T26582] ? alloc_fd+0x2da/0x6c0 [ 666.876790][T26582] do_sys_openat2+0x176/0x1e0 [ 666.878513][T26582] ? build_open_flags+0x690/0x690 [ 666.880345][T26582] __ia32_compat_sys_openat+0x16e/0x200 [ 666.882425][T26582] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 666.884413][T26582] ? ksys_write+0x1a7/0x250 [ 666.886077][T26582] ? rcu_is_watching+0x12/0xb0 [ 666.887827][T26582] __do_fast_syscall_32+0x61/0xe0 [ 666.889687][T26582] do_fast_syscall_32+0x33/0x70 [ 666.891512][T26582] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 666.893825][T26582] RIP: 0023:0xf7fc8579 [ 666.895339][T26582] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 666.902556][T26582] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 666.905611][T26582] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 666.908513][T26582] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 666.911526][T26582] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 666.914397][T26582] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 666.917350][T26582] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 666.920253][T26582] 13:17:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xfffffff0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:32 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x7, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:32 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0xe, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:32 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 23) [ 666.946252][T26592] FAULT_INJECTION: forcing a failure. [ 666.946252][T26592] name failslab, interval 1, probability 0, space 0, times 0 13:17:32 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x9, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 666.950904][T26592] CPU: 2 PID: 26592 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 666.954804][T26592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 666.958517][T26592] Call Trace: 13:17:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xffffffff, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 666.959731][T26596] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 666.959926][T26592] [ 666.959932][T26592] dump_stack_lvl+0x125/0x1b0 [ 666.966628][T26592] should_fail_ex+0x496/0x5b0 [ 666.968417][T26592] should_failslab+0x9/0x20 13:17:32 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xf, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 666.970123][T26592] __kmem_cache_alloc_node+0x2fd/0x350 [ 666.972356][T26592] ? kasprintf+0xc8/0x100 [ 666.973971][T26592] ? kasprintf+0xc8/0x100 13:17:32 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0xf, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 666.975661][T26592] __kmalloc_node_track_caller+0x50/0x100 [ 666.977826][T26592] kvasprintf+0xbd/0x150 [ 666.979397][T26592] ? bust_spinlocks+0xe0/0xe0 13:17:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0xf, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 666.981186][T26592] ? ip6_addr_string_sa+0x820/0x820 [ 666.983232][T26592] ? preempt_count_add+0x72/0x140 [ 666.985110][T26592] kasprintf+0xc8/0x100 [ 666.986664][T26592] ? kvasprintf_const+0x190/0x190 13:17:32 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xf0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 666.988548][T26592] ? free_zapped_rcu+0x290/0x290 [ 666.990503][T26592] ? lockdep_init_map_type+0x16d/0x7c0 [ 666.992592][T26592] alloc_workqueue+0x590/0x1490 [ 666.994413][T26592] ? lock_sync+0x190/0x190 13:17:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 666.996073][T26592] ? workqueue_sysfs_register+0x400/0x400 [ 666.998513][T26592] ? rcu_is_watching+0x12/0xb0 [ 667.000311][T26592] nci_register_device+0x397/0xb80 [ 667.002239][T26592] ? nci_init_complete_req+0x410/0x410 [ 667.004257][T26592] ? lockdep_init_map_type+0x16d/0x7c0 [ 667.006280][T26592] virtual_ncidev_open+0x147/0x220 [ 667.008182][T26592] ? virtual_ncidev_read+0x4e0/0x4e0 [ 667.010151][T26592] misc_open+0x3da/0x4c0 [ 667.011823][T26592] ? misc_devnode+0x120/0x120 [ 667.013714][T26592] chrdev_open+0x277/0x700 [ 667.015345][T26592] ? __unregister_chrdev+0x100/0x100 [ 667.017270][T26592] ? fsnotify_perm.part.0+0x25d/0x630 [ 667.019221][T26592] ? fsnotify_perm.part.0+0x268/0x630 [ 667.021188][T26592] do_dentry_open+0x88b/0x1730 [ 667.022949][T26592] ? __unregister_chrdev+0x100/0x100 [ 667.024873][T26592] ? may_open+0x1f2/0x400 [ 667.026455][T26592] path_openat+0x19af/0x29c0 [ 667.028149][T26592] ? path_lookupat+0x770/0x770 [ 667.029894][T26592] do_filp_open+0x1de/0x430 [ 667.031702][T26592] ? may_open_dev+0xf0/0xf0 [ 667.033409][T26592] ? expand_files+0x442/0x910 [ 667.035142][T26592] ? _raw_spin_unlock+0x28/0x40 [ 667.036938][T26592] ? alloc_fd+0x2da/0x6c0 [ 667.038732][T26592] do_sys_openat2+0x176/0x1e0 [ 667.040634][T26592] ? build_open_flags+0x690/0x690 [ 667.042500][T26592] __ia32_compat_sys_openat+0x16e/0x200 [ 667.044491][T26592] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 667.046448][T26592] ? ksys_write+0x1a7/0x250 [ 667.048112][T26592] ? rcu_is_watching+0x12/0xb0 [ 667.049825][T26592] __do_fast_syscall_32+0x61/0xe0 [ 667.051639][T26592] do_fast_syscall_32+0x33/0x70 [ 667.053418][T26592] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 667.055688][T26592] RIP: 0023:0xf7fc8579 [ 667.057171][T26592] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 667.064094][T26592] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 667.067086][T26592] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 667.069937][T26592] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 667.072801][T26592] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 667.075636][T26592] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 667.078471][T26592] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 667.081311][T26592] 13:17:32 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 24) 13:17:32 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x300, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x140, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 667.103664][T26616] FAULT_INJECTION: forcing a failure. [ 667.103664][T26616] name failslab, interval 1, probability 0, space 0, times 0 [ 667.108348][T26616] CPU: 1 PID: 26616 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 667.112029][T26616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 667.116178][T26616] Call Trace: [ 667.117684][T26616] 13:17:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0xec0, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 667.119022][T26616] dump_stack_lvl+0x125/0x1b0 [ 667.121374][T26616] should_fail_ex+0x496/0x5b0 [ 667.123513][T26616] should_failslab+0x9/0x20 [ 667.125576][T26616] __kmem_cache_alloc_node+0x2fd/0x350 [ 667.128054][T26616] ? apply_wqattrs_prepare+0xff/0xa90 [ 667.130487][T26616] ? apply_wqattrs_prepare+0xff/0xa90 [ 667.132889][T26616] __kmalloc+0x4f/0x100 [ 667.134752][T26616] apply_wqattrs_prepare+0xff/0xa90 [ 667.137060][T26616] ? preempt_count_sub+0x150/0x150 [ 667.139037][T26616] apply_workqueue_attrs_locked+0xcb/0x150 [ 667.141520][T26616] alloc_workqueue+0xc8b/0x1490 [ 667.143728][T26616] ? workqueue_sysfs_register+0x400/0x400 [ 667.146294][T26616] ? rcu_is_watching+0x12/0xb0 [ 667.148465][T26616] nci_register_device+0x397/0xb80 [ 667.150767][T26616] ? nci_init_complete_req+0x410/0x410 [ 667.153234][T26616] ? lockdep_init_map_type+0x16d/0x7c0 [ 667.155698][T26616] virtual_ncidev_open+0x147/0x220 [ 667.158025][T26616] ? virtual_ncidev_read+0x4e0/0x4e0 [ 667.160424][T26616] misc_open+0x3da/0x4c0 [ 667.162418][T26616] ? misc_devnode+0x120/0x120 [ 667.164687][T26616] chrdev_open+0x277/0x700 [ 667.166724][T26616] ? __unregister_chrdev+0x100/0x100 [ 667.169122][T26616] ? fsnotify_perm.part.0+0x25d/0x630 [ 667.171536][T26616] ? fsnotify_perm.part.0+0x268/0x630 [ 667.173945][T26616] do_dentry_open+0x88b/0x1730 [ 667.176110][T26616] ? __unregister_chrdev+0x100/0x100 [ 667.178486][T26616] ? may_open+0x1f2/0x400 [ 667.180457][T26616] path_openat+0x19af/0x29c0 [ 667.182554][T26616] ? path_lookupat+0x770/0x770 [ 667.184731][T26616] do_filp_open+0x1de/0x430 [ 667.186802][T26616] ? may_open_dev+0xf0/0xf0 [ 667.188895][T26616] ? expand_files+0x442/0x910 [ 667.191043][T26616] ? _raw_spin_unlock+0x28/0x40 [ 667.193272][T26616] ? alloc_fd+0x2da/0x6c0 [ 667.195234][T26616] do_sys_openat2+0x176/0x1e0 [ 667.197405][T26616] ? build_open_flags+0x690/0x690 [ 667.199688][T26616] __ia32_compat_sys_openat+0x16e/0x200 [ 667.202193][T26616] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 667.204774][T26616] ? ksys_write+0x1a7/0x250 [ 667.206867][T26616] ? rcu_is_watching+0x12/0xb0 [ 667.209041][T26616] __do_fast_syscall_32+0x61/0xe0 [ 667.211321][T26616] do_fast_syscall_32+0x33/0x70 [ 667.213528][T26616] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 667.216421][T26616] RIP: 0023:0xf7fc8579 [ 667.218229][T26616] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 667.226614][T26616] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 667.230340][T26616] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 667.233861][T26616] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 667.237385][T26616] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 667.240921][T26616] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 667.244446][T26616] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 667.248004][T26616] 13:17:32 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x44, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:32 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x500, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x33fe0, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:32 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 25) [ 667.316212][T26629] FAULT_INJECTION: forcing a failure. 13:17:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0xfffffdef, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 667.316212][T26629] name failslab, interval 1, probability 0, space 0, times 0 13:17:32 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x600, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 667.321893][T26629] CPU: 1 PID: 26629 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 667.325702][T26629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 667.329378][T26629] Call Trace: [ 667.330616][T26629] [ 667.331722][T26629] dump_stack_lvl+0x125/0x1b0 [ 667.333475][T26629] should_fail_ex+0x496/0x5b0 13:17:32 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x58, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 667.335220][T26629] should_failslab+0x9/0x20 13:17:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 667.337153][T26629] __kmem_cache_alloc_node+0x2fd/0x350 [ 667.339347][T26629] ? apply_wqattrs_prepare+0x137/0xa90 13:17:32 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x700, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 667.341447][T26629] kmalloc_trace+0x25/0xe0 [ 667.343230][T26629] apply_wqattrs_prepare+0x137/0xa90 [ 667.345209][T26629] ? preempt_count_sub+0x150/0x150 [ 667.347094][T26629] apply_workqueue_attrs_locked+0xcb/0x150 [ 667.349243][T26629] alloc_workqueue+0xc8b/0x1490 [ 667.351047][T26629] ? workqueue_sysfs_register+0x400/0x400 [ 667.353164][T26629] ? rcu_is_watching+0x12/0xb0 [ 667.354945][T26629] nci_register_device+0x397/0xb80 [ 667.356858][T26629] ? nci_init_complete_req+0x410/0x410 [ 667.359138][T26629] ? lockdep_init_map_type+0x16d/0x7c0 [ 667.361327][T26629] virtual_ncidev_open+0x147/0x220 [ 667.363184][T26629] ? virtual_ncidev_read+0x4e0/0x4e0 [ 667.365123][T26629] misc_open+0x3da/0x4c0 [ 667.366683][T26629] ? misc_devnode+0x120/0x120 [ 667.368378][T26629] chrdev_open+0x277/0x700 [ 667.370027][T26629] ? __unregister_chrdev+0x100/0x100 [ 667.371981][T26629] ? fsnotify_perm.part.0+0x25d/0x630 [ 667.373938][T26629] ? fsnotify_perm.part.0+0x268/0x630 [ 667.375906][T26629] do_dentry_open+0x88b/0x1730 [ 667.377752][T26629] ? __unregister_chrdev+0x100/0x100 [ 667.379691][T26629] ? may_open+0x1f2/0x400 [ 667.381305][T26629] path_openat+0x19af/0x29c0 [ 667.383036][T26629] ? path_lookupat+0x770/0x770 [ 667.384783][T26629] do_filp_open+0x1de/0x430 [ 667.386411][T26629] ? may_open_dev+0xf0/0xf0 [ 667.388165][T26629] ? expand_files+0x442/0x910 [ 667.389909][T26629] ? _raw_spin_unlock+0x28/0x40 [ 667.391700][T26629] ? alloc_fd+0x2da/0x6c0 [ 667.393343][T26629] do_sys_openat2+0x176/0x1e0 [ 667.395094][T26629] ? build_open_flags+0x690/0x690 [ 667.396960][T26629] __ia32_compat_sys_openat+0x16e/0x200 [ 667.398986][T26629] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 667.401008][T26629] ? ksys_write+0x1a7/0x250 [ 667.402692][T26629] ? rcu_is_watching+0x12/0xb0 [ 667.404558][T26629] __do_fast_syscall_32+0x61/0xe0 [ 667.406422][T26629] do_fast_syscall_32+0x33/0x70 [ 667.408226][T26629] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 667.410530][T26629] RIP: 0023:0xf7fc8579 [ 667.412074][T26629] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 667.419160][T26629] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 667.422214][T26629] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 667.425091][T26629] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 667.427972][T26629] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 667.430851][T26629] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 667.433745][T26629] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 667.436637][T26629] 13:17:33 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 26) 13:17:33 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x2, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:33 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x900, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 667.458340][T26646] FAULT_INJECTION: forcing a failure. [ 667.458340][T26646] name failslab, interval 1, probability 0, space 0, times 0 [ 667.463844][T26646] CPU: 0 PID: 26646 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 667.467564][T26646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 667.471221][T26646] Call Trace: [ 667.472506][T26646] 13:17:33 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x3, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 667.473627][T26646] dump_stack_lvl+0x125/0x1b0 [ 667.475518][T26646] should_fail_ex+0x496/0x5b0 13:17:33 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xf00, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 667.477326][T26646] should_failslab+0x9/0x20 [ 667.479118][T26646] kmem_cache_alloc_node+0x389/0x3f0 [ 667.481107][T26646] ? alloc_unbound_pwq+0x41e/0xd00 [ 667.483178][T26646] alloc_unbound_pwq+0x41e/0xd00 [ 667.485013][T26646] ? kasan_set_track+0x25/0x30 [ 667.486803][T26646] apply_wqattrs_prepare+0x3be/0xa90 [ 667.488782][T26646] apply_workqueue_attrs_locked+0xcb/0x150 [ 667.490951][T26646] alloc_workqueue+0xc8b/0x1490 [ 667.492885][T26646] ? workqueue_sysfs_register+0x400/0x400 [ 667.494990][T26646] ? rcu_is_watching+0x12/0xb0 [ 667.496797][T26646] nci_register_device+0x397/0xb80 [ 667.498707][T26646] ? nci_init_complete_req+0x410/0x410 [ 667.500735][T26646] ? lockdep_init_map_type+0x16d/0x7c0 [ 667.502779][T26646] virtual_ncidev_open+0x147/0x220 [ 667.504695][T26646] ? virtual_ncidev_read+0x4e0/0x4e0 [ 667.506664][T26646] misc_open+0x3da/0x4c0 [ 667.508249][T26646] ? misc_devnode+0x120/0x120 [ 667.510013][T26646] chrdev_open+0x277/0x700 [ 667.511694][T26646] ? __unregister_chrdev+0x100/0x100 [ 667.513675][T26646] ? fsnotify_perm.part.0+0x25d/0x630 [ 667.515675][T26646] ? fsnotify_perm.part.0+0x268/0x630 [ 667.517690][T26646] do_dentry_open+0x88b/0x1730 [ 667.519471][T26646] ? __unregister_chrdev+0x100/0x100 [ 667.521489][T26646] ? may_open+0x1f2/0x400 [ 667.523121][T26646] path_openat+0x19af/0x29c0 [ 667.525012][T26646] ? path_lookupat+0x770/0x770 [ 667.526825][T26646] do_filp_open+0x1de/0x430 [ 667.528551][T26646] ? may_open_dev+0xf0/0xf0 [ 667.530252][T26646] ? expand_files+0x442/0x910 [ 667.532051][T26646] ? _raw_spin_unlock+0x28/0x40 [ 667.533844][T26646] ? alloc_fd+0x2da/0x6c0 [ 667.535464][T26646] do_sys_openat2+0x176/0x1e0 [ 667.537217][T26646] ? build_open_flags+0x690/0x690 [ 667.539105][T26646] __ia32_compat_sys_openat+0x16e/0x200 [ 667.541194][T26646] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 667.543235][T26646] ? ksys_write+0x1a7/0x250 [ 667.544923][T26646] ? rcu_is_watching+0x12/0xb0 [ 667.546713][T26646] __do_fast_syscall_32+0x61/0xe0 [ 667.548600][T26646] do_fast_syscall_32+0x33/0x70 [ 667.550405][T26646] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 667.552782][T26646] RIP: 0023:0xf7fc8579 [ 667.554328][T26646] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 667.561472][T26646] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 667.564674][T26646] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 667.567664][T26646] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 667.570621][T26646] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 667.573639][T26646] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 667.576578][T26646] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 667.579535][T26646] 13:17:33 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x60, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:33 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x4, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:33 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x121f, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:33 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 27) [ 667.603633][T26659] FAULT_INJECTION: forcing a failure. [ 667.603633][T26659] name failslab, interval 1, probability 0, space 0, times 0 13:17:33 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x5, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 667.608361][T26659] CPU: 0 PID: 26659 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 667.612284][T26659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 667.616033][T26659] Call Trace: 13:17:33 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x1f12, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 667.617289][T26659] [ 667.618561][T26659] dump_stack_lvl+0x125/0x1b0 13:17:33 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0xf0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 667.620391][T26659] should_fail_ex+0x496/0x5b0 [ 667.622307][T26659] should_failslab+0x9/0x20 13:17:33 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x3f00, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 667.624003][T26659] __kmem_cache_alloc_node+0x2fd/0x350 [ 667.626136][T26659] ? apply_wqattrs_prepare+0x137/0xa90 [ 667.628355][T26659] kmalloc_trace+0x25/0xe0 [ 667.630075][T26659] apply_wqattrs_prepare+0x137/0xa90 13:17:33 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x6, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 667.632080][T26659] ? preempt_count_sub+0x150/0x150 [ 667.634079][T26659] apply_workqueue_attrs_locked+0xcb/0x150 [ 667.636276][T26659] alloc_workqueue+0xc8b/0x1490 [ 667.638129][T26659] ? workqueue_sysfs_register+0x400/0x400 [ 667.640299][T26659] ? rcu_is_watching+0x12/0xb0 [ 667.642136][T26659] nci_register_device+0x397/0xb80 [ 667.644045][T26659] ? nci_init_complete_req+0x410/0x410 [ 667.646092][T26659] ? lockdep_init_map_type+0x16d/0x7c0 [ 667.648164][T26659] virtual_ncidev_open+0x147/0x220 [ 667.650090][T26659] ? virtual_ncidev_read+0x4e0/0x4e0 [ 667.652058][T26659] misc_open+0x3da/0x4c0 [ 667.653677][T26659] ? misc_devnode+0x120/0x120 [ 667.655429][T26659] chrdev_open+0x277/0x700 [ 667.657147][T26659] ? __unregister_chrdev+0x100/0x100 [ 667.659133][T26659] ? fsnotify_perm.part.0+0x25d/0x630 [ 667.661156][T26659] ? fsnotify_perm.part.0+0x268/0x630 [ 667.663172][T26659] do_dentry_open+0x88b/0x1730 [ 667.664983][T26659] ? __unregister_chrdev+0x100/0x100 [ 667.666940][T26659] ? may_open+0x1f2/0x400 [ 667.668585][T26659] path_openat+0x19af/0x29c0 [ 667.670323][T26659] ? path_lookupat+0x770/0x770 [ 667.672156][T26659] do_filp_open+0x1de/0x430 [ 667.673869][T26659] ? may_open_dev+0xf0/0xf0 [ 667.675572][T26659] ? expand_files+0x442/0x910 [ 667.677362][T26659] ? _raw_spin_unlock+0x28/0x40 [ 667.679161][T26659] ? alloc_fd+0x2da/0x6c0 [ 667.680808][T26659] do_sys_openat2+0x176/0x1e0 [ 667.682674][T26659] ? build_open_flags+0x690/0x690 [ 667.684593][T26659] __ia32_compat_sys_openat+0x16e/0x200 [ 667.686691][T26659] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 667.688768][T26659] ? ksys_write+0x1a7/0x250 [ 667.690487][T26659] ? rcu_is_watching+0x12/0xb0 [ 667.692340][T26659] __do_fast_syscall_32+0x61/0xe0 [ 667.694276][T26659] do_fast_syscall_32+0x33/0x70 [ 667.696175][T26659] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 667.698556][T26659] RIP: 0023:0xf7fc8579 [ 667.700116][T26659] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 667.707318][T26659] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 667.710402][T26659] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 667.713370][T26659] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 667.716341][T26659] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 667.719253][T26659] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 667.722244][T26659] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 667.725197][T26659] 13:17:33 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 28) 13:17:33 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xf000, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:33 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x7, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 667.750838][T26679] FAULT_INJECTION: forcing a failure. [ 667.750838][T26679] name failslab, interval 1, probability 0, space 0, times 0 [ 667.755634][T26679] CPU: 0 PID: 26679 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 13:17:33 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x34000, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 667.759386][T26679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 667.763310][T26679] Call Trace: [ 667.764599][T26679] 13:17:33 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x9, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 667.765704][T26679] dump_stack_lvl+0x125/0x1b0 [ 667.767602][T26679] should_fail_ex+0x496/0x5b0 [ 667.769390][T26679] should_failslab+0x9/0x20 [ 667.771065][T26679] __kmem_cache_alloc_node+0x2fd/0x350 [ 667.773117][T26679] ? __kthread_create_on_node+0xcb/0x400 [ 667.775216][T26679] ? lockdep_init_map_type+0x16d/0x7c0 [ 667.777270][T26679] ? worker_thread+0x1290/0x1290 [ 667.779099][T26679] kmalloc_trace+0x25/0xe0 [ 667.780812][T26679] __kthread_create_on_node+0xcb/0x400 [ 667.782836][T26679] ? entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 667.785232][T26679] ? kthread_parkme+0xa0/0xa0 [ 667.787003][T26679] ? worker_thread+0x1290/0x1290 [ 667.788852][T26679] kthread_create_on_node+0xc8/0x100 [ 667.790813][T26679] ? __kthread_create_on_node+0x400/0x400 [ 667.793036][T26679] ? kasan_set_track+0x25/0x30 [ 667.794840][T26679] init_rescuer+0xce/0x1f0 [ 667.796526][T26679] alloc_workqueue+0xd35/0x1490 [ 667.798366][T26679] ? workqueue_sysfs_register+0x400/0x400 [ 667.800520][T26679] ? rcu_is_watching+0x12/0xb0 [ 667.802295][T26679] nci_register_device+0x397/0xb80 [ 667.804215][T26679] ? nci_init_complete_req+0x410/0x410 [ 667.806235][T26679] ? lockdep_init_map_type+0x16d/0x7c0 [ 667.808283][T26679] virtual_ncidev_open+0x147/0x220 [ 667.810165][T26679] ? virtual_ncidev_read+0x4e0/0x4e0 [ 667.812161][T26679] misc_open+0x3da/0x4c0 [ 667.813757][T26679] ? misc_devnode+0x120/0x120 [ 667.815485][T26679] chrdev_open+0x277/0x700 [ 667.817170][T26679] ? __unregister_chrdev+0x100/0x100 [ 667.819111][T26679] ? fsnotify_perm.part.0+0x25d/0x630 [ 667.821201][T26679] ? fsnotify_perm.part.0+0x268/0x630 [ 667.823202][T26679] do_dentry_open+0x88b/0x1730 [ 667.825255][T26679] ? __unregister_chrdev+0x100/0x100 [ 667.827238][T26679] ? may_open+0x1f2/0x400 [ 667.828855][T26679] path_openat+0x19af/0x29c0 [ 667.830603][T26679] ? path_lookupat+0x770/0x770 [ 667.832531][T26679] do_filp_open+0x1de/0x430 [ 667.834261][T26679] ? may_open_dev+0xf0/0xf0 [ 667.835984][T26679] ? expand_files+0x442/0x910 [ 667.837783][T26679] ? _raw_spin_unlock+0x28/0x40 [ 667.839599][T26679] ? alloc_fd+0x2da/0x6c0 [ 667.841270][T26679] do_sys_openat2+0x176/0x1e0 [ 667.843033][T26679] ? build_open_flags+0x690/0x690 [ 667.844955][T26679] __ia32_compat_sys_openat+0x16e/0x200 [ 667.847031][T26679] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 667.849094][T26679] ? ksys_write+0x1a7/0x250 [ 667.850791][T26679] ? rcu_is_watching+0x12/0xb0 [ 667.852603][T26679] __do_fast_syscall_32+0x61/0xe0 [ 667.854477][T26679] do_fast_syscall_32+0x33/0x70 [ 667.856325][T26679] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 667.858680][T26679] RIP: 0023:0xf7fc8579 [ 667.860238][T26679] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 667.867372][T26679] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 667.870473][T26679] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 667.873431][T26679] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 667.876352][T26679] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 667.879296][T26679] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 667.882262][T26679] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 667.885188][T26679] 13:17:33 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x300, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:33 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x400300, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:33 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0xf, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:33 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 29) [ 667.887146][T26679] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -ENOMEM 13:17:33 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0xf0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 667.951170][T26694] FAULT_INJECTION: forcing a failure. [ 667.951170][T26694] name failslab, interval 1, probability 0, space 0, times 0 13:17:33 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xf0ffff, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 667.960198][T26694] CPU: 3 PID: 26694 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 667.964319][T26694] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 13:17:33 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x500, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 667.967969][T26694] Call Trace: [ 667.969244][T26694] [ 667.970325][T26694] dump_stack_lvl+0x125/0x1b0 [ 667.972085][T26694] should_fail_ex+0x496/0x5b0 [ 667.973809][T26694] should_failslab+0x9/0x20 [ 667.975461][T26694] __kmem_cache_alloc_node+0x2fd/0x350 [ 667.977738][T26694] ? __kthread_create_on_node+0x189/0x400 [ 667.980006][T26694] ? pointer+0xbf0/0xbf0 [ 667.981606][T26694] ? __kthread_create_on_node+0x189/0x400 [ 667.983690][T26694] __kmalloc_node_track_caller+0x50/0x100 [ 667.985800][T26694] kvasprintf+0xbd/0x150 [ 667.987364][T26694] ? bust_spinlocks+0xe0/0xe0 [ 667.989102][T26694] ? worker_thread+0x1290/0x1290 [ 667.991217][T26694] __kthread_create_on_node+0x189/0x400 [ 667.993379][T26694] ? kthread_parkme+0xa0/0xa0 [ 667.995113][T26694] ? worker_thread+0x1290/0x1290 [ 667.996941][T26694] kthread_create_on_node+0xc8/0x100 [ 667.998861][T26694] ? __kthread_create_on_node+0x400/0x400 [ 668.000994][T26694] ? kasan_set_track+0x25/0x30 [ 668.002795][T26694] init_rescuer+0xce/0x1f0 [ 668.004566][T26694] alloc_workqueue+0xd35/0x1490 [ 668.006375][T26694] ? workqueue_sysfs_register+0x400/0x400 [ 668.008475][T26694] ? rcu_is_watching+0x12/0xb0 [ 668.010232][T26694] nci_register_device+0x397/0xb80 [ 668.012124][T26694] ? nci_init_complete_req+0x410/0x410 [ 668.014113][T26694] ? lockdep_init_map_type+0x16d/0x7c0 [ 668.016130][T26694] virtual_ncidev_open+0x147/0x220 [ 668.018015][T26694] ? virtual_ncidev_read+0x4e0/0x4e0 [ 668.019974][T26694] misc_open+0x3da/0x4c0 [ 668.021764][T26694] ? misc_devnode+0x120/0x120 [ 668.023731][T26694] chrdev_open+0x277/0x700 [ 668.025389][T26694] ? __unregister_chrdev+0x100/0x100 [ 668.027325][T26694] ? fsnotify_perm.part.0+0x25d/0x630 [ 668.029295][T26694] ? fsnotify_perm.part.0+0x268/0x630 [ 668.031300][T26694] do_dentry_open+0x88b/0x1730 [ 668.033062][T26694] ? __unregister_chrdev+0x100/0x100 [ 668.035213][T26694] ? may_open+0x1f2/0x400 [ 668.037157][T26694] path_openat+0x19af/0x29c0 [ 668.039253][T26694] ? path_lookupat+0x770/0x770 [ 668.041368][T26694] do_filp_open+0x1de/0x430 [ 668.043411][T26694] ? may_open_dev+0xf0/0xf0 [ 668.045572][T26694] ? expand_files+0x442/0x910 [ 668.047770][T26694] ? _raw_spin_unlock+0x28/0x40 [ 668.050024][T26694] ? alloc_fd+0x2da/0x6c0 [ 668.052001][T26694] do_sys_openat2+0x176/0x1e0 [ 668.054108][T26694] ? build_open_flags+0x690/0x690 [ 668.056019][T26694] __ia32_compat_sys_openat+0x16e/0x200 [ 668.058104][T26694] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 668.060161][T26694] ? ksys_write+0x1a7/0x250 [ 668.061854][T26694] ? rcu_is_watching+0x12/0xb0 [ 668.063613][T26694] __do_fast_syscall_32+0x61/0xe0 [ 668.065475][T26694] do_fast_syscall_32+0x33/0x70 [ 668.067421][T26694] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 668.070253][T26694] RIP: 0023:0xf7fc8579 [ 668.072112][T26694] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 668.080713][T26694] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 668.084356][T26694] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 668.087239][T26694] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 668.090141][T26694] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 668.093240][T26694] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 668.096400][T26694] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 668.099282][T26694] 13:17:33 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x115, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:33 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x1000000, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:33 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 30) 13:17:33 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x300, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:33 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x2000000, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 668.101171][T26694] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -ENOMEM [ 668.120941][T26712] FAULT_INJECTION: forcing a failure. [ 668.120941][T26712] name failslab, interval 1, probability 0, space 0, times 0 13:17:33 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x500, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 668.129532][T26712] CPU: 3 PID: 26712 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 13:17:33 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x3000000, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 668.133534][T26712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 668.137294][T26712] Call Trace: [ 668.138529][T26712] [ 668.139626][T26712] dump_stack_lvl+0x125/0x1b0 [ 668.141403][T26712] should_fail_ex+0x496/0x5b0 [ 668.143141][T26712] should_failslab+0x9/0x20 [ 668.144843][T26712] __kmem_cache_alloc_node+0x2fd/0x350 [ 668.146844][T26712] ? __kthread_create_on_node+0x189/0x400 [ 668.148968][T26712] ? pointer+0xbf0/0xbf0 [ 668.150536][T26712] ? __kthread_create_on_node+0x189/0x400 [ 668.152636][T26712] __kmalloc_node_track_caller+0x50/0x100 [ 668.154719][T26712] kvasprintf+0xbd/0x150 [ 668.156305][T26712] ? bust_spinlocks+0xe0/0xe0 [ 668.158022][T26712] ? worker_thread+0x1290/0x1290 [ 668.159881][T26712] __kthread_create_on_node+0x189/0x400 [ 668.161950][T26712] ? kthread_parkme+0xa0/0xa0 [ 668.163685][T26712] ? worker_thread+0x1290/0x1290 [ 668.165531][T26712] kthread_create_on_node+0xc8/0x100 [ 668.167475][T26712] ? __kthread_create_on_node+0x400/0x400 [ 668.169572][T26712] ? kasan_set_track+0x25/0x30 [ 668.171413][T26712] init_rescuer+0xce/0x1f0 [ 668.173075][T26712] alloc_workqueue+0xd35/0x1490 [ 668.174876][T26712] ? workqueue_sysfs_register+0x400/0x400 [ 668.176989][T26712] ? rcu_is_watching+0x12/0xb0 [ 668.178756][T26712] nci_register_device+0x397/0xb80 [ 668.180683][T26712] ? nci_init_complete_req+0x410/0x410 [ 668.182703][T26712] ? lockdep_init_map_type+0x16d/0x7c0 [ 668.184851][T26712] virtual_ncidev_open+0x147/0x220 [ 668.186742][T26712] ? virtual_ncidev_read+0x4e0/0x4e0 [ 668.188673][T26712] misc_open+0x3da/0x4c0 [ 668.190240][T26712] ? misc_devnode+0x120/0x120 [ 668.191960][T26712] chrdev_open+0x277/0x700 [ 668.193588][T26712] ? __unregister_chrdev+0x100/0x100 [ 668.195530][T26712] ? fsnotify_perm.part.0+0x25d/0x630 [ 668.197471][T26712] ? fsnotify_perm.part.0+0x268/0x630 [ 668.199451][T26712] do_dentry_open+0x88b/0x1730 [ 668.201269][T26712] ? __unregister_chrdev+0x100/0x100 [ 668.203211][T26712] ? may_open+0x1f2/0x400 [ 668.204810][T26712] path_openat+0x19af/0x29c0 [ 668.206518][T26712] ? path_lookupat+0x770/0x770 [ 668.208282][T26712] do_filp_open+0x1de/0x430 [ 668.209956][T26712] ? may_open_dev+0xf0/0xf0 [ 668.211673][T26712] ? expand_files+0x442/0x910 [ 668.213423][T26712] ? _raw_spin_unlock+0x28/0x40 [ 668.215217][T26712] ? alloc_fd+0x2da/0x6c0 [ 668.216822][T26712] do_sys_openat2+0x176/0x1e0 [ 668.218557][T26712] ? build_open_flags+0x690/0x690 [ 668.220459][T26712] __ia32_compat_sys_openat+0x16e/0x200 [ 668.222479][T26712] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 668.224476][T26712] ? ksys_write+0x1a7/0x250 [ 668.226161][T26712] ? rcu_is_watching+0x12/0xb0 [ 668.227940][T26712] __do_fast_syscall_32+0x61/0xe0 [ 668.229807][T26712] do_fast_syscall_32+0x33/0x70 [ 668.231610][T26712] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 668.233936][T26712] RIP: 0023:0xf7fc8579 [ 668.235462][T26712] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 668.242539][T26712] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 668.245603][T26712] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 668.248514][T26712] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 668.251450][T26712] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 668.254373][T26712] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 668.257292][T26712] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 668.260241][T26712] 13:17:33 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x600, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:33 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x600, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:33 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x4000000, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:33 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 31) [ 668.262429][T26712] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -ENOMEM 13:17:33 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x700, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:33 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x5000000, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 668.347192][T26727] FAULT_INJECTION: forcing a failure. [ 668.347192][T26727] name failslab, interval 1, probability 0, space 0, times 0 [ 668.355781][T26727] CPU: 3 PID: 26727 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 668.359475][T26727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 668.363121][T26727] Call Trace: 13:17:33 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x700, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 668.364357][T26727] [ 668.365712][T26727] dump_stack_lvl+0x125/0x1b0 [ 668.367417][T26727] should_fail_ex+0x496/0x5b0 [ 668.369142][T26727] should_failslab+0x9/0x20 [ 668.370839][T26727] __kmem_cache_alloc_node+0x2fd/0x350 [ 668.372857][T26727] ? alloc_workqueue+0x1d4/0x1490 [ 668.374721][T26727] kmalloc_trace+0x25/0xe0 [ 668.376366][T26727] alloc_workqueue+0x1d4/0x1490 [ 668.378149][T26727] ? lock_sync+0x190/0x190 [ 668.379884][T26727] ? workqueue_sysfs_register+0x400/0x400 [ 668.381967][T26727] ? rcu_is_watching+0x12/0xb0 [ 668.383721][T26727] nci_register_device+0x514/0xb80 [ 668.385778][T26727] ? nci_init_complete_req+0x410/0x410 [ 668.387765][T26727] ? lockdep_init_map_type+0x16d/0x7c0 [ 668.389756][T26727] virtual_ncidev_open+0x147/0x220 [ 668.391628][T26727] ? virtual_ncidev_read+0x4e0/0x4e0 [ 668.393557][T26727] misc_open+0x3da/0x4c0 [ 668.395141][T26727] ? misc_devnode+0x120/0x120 [ 668.396856][T26727] chrdev_open+0x277/0x700 13:17:33 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x6000000, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:33 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x900, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:33 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0xf00, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 668.398514][T26727] ? __unregister_chrdev+0x100/0x100 [ 668.400528][T26727] ? fsnotify_perm.part.0+0x25d/0x630 [ 668.402519][T26727] ? fsnotify_perm.part.0+0x268/0x630 [ 668.404657][T26727] do_dentry_open+0x88b/0x1730 [ 668.406610][T26727] ? __unregister_chrdev+0x100/0x100 [ 668.408559][T26727] ? may_open+0x1f2/0x400 [ 668.410156][T26727] path_openat+0x19af/0x29c0 [ 668.411850][T26727] ? path_lookupat+0x770/0x770 [ 668.413626][T26727] do_filp_open+0x1de/0x430 [ 668.415285][T26727] ? may_open_dev+0xf0/0xf0 [ 668.416955][T26727] ? expand_files+0x442/0x910 [ 668.418672][T26727] ? _raw_spin_unlock+0x28/0x40 [ 668.420487][T26727] ? alloc_fd+0x2da/0x6c0 [ 668.422080][T26727] do_sys_openat2+0x176/0x1e0 [ 668.423796][T26727] ? build_open_flags+0x690/0x690 [ 668.425881][T26727] __ia32_compat_sys_openat+0x16e/0x200 [ 668.427904][T26727] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 668.429888][T26727] ? ksys_write+0x1a7/0x250 [ 668.431549][T26727] ? rcu_is_watching+0x12/0xb0 [ 668.433317][T26727] __do_fast_syscall_32+0x61/0xe0 [ 668.435252][T26727] do_fast_syscall_32+0x33/0x70 [ 668.437054][T26727] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 668.439337][T26727] RIP: 0023:0xf7fc8579 [ 668.440856][T26727] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 668.448051][T26727] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 668.451056][T26727] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 668.453932][T26727] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 668.456865][T26727] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 668.459745][T26727] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 668.462632][T26727] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 668.465705][T26727] 13:17:33 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x7000000, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:34 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x9000000, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:34 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x1501, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:34 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 32) [ 668.500499][T26751] FAULT_INJECTION: forcing a failure. [ 668.500499][T26751] name failslab, interval 1, probability 0, space 0, times 0 [ 668.505692][T26751] CPU: 1 PID: 26751 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 668.509376][T26751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 668.513091][T26751] Call Trace: [ 668.514317][T26751] [ 668.515412][T26751] dump_stack_lvl+0x125/0x1b0 [ 668.517156][T26751] should_fail_ex+0x496/0x5b0 [ 668.518885][T26751] should_failslab+0x9/0x20 [ 668.520602][T26751] __kmem_cache_alloc_node+0x2fd/0x350 [ 668.522598][T26751] ? kasprintf+0xc8/0x100 [ 668.524204][T26751] ? kasprintf+0xc8/0x100 [ 668.525695][T26751] __kmalloc_node_track_caller+0x50/0x100 [ 668.527774][T26751] kvasprintf+0xbd/0x150 [ 668.529355][T26751] ? bust_spinlocks+0xe0/0xe0 [ 668.531078][T26751] ? ip6_addr_string_sa+0x820/0x820 [ 668.532987][T26751] ? preempt_count_add+0x72/0x140 [ 668.534845][T26751] kasprintf+0xc8/0x100 [ 668.536399][T26751] ? kvasprintf_const+0x190/0x190 [ 668.538240][T26751] ? free_zapped_rcu+0x290/0x290 [ 668.540084][T26751] ? lockdep_init_map_type+0x16d/0x7c0 [ 668.542070][T26751] alloc_workqueue+0x590/0x1490 [ 668.543855][T26751] ? lock_sync+0x190/0x190 [ 668.545531][T26751] ? workqueue_sysfs_register+0x400/0x400 [ 668.547615][T26751] ? rcu_is_watching+0x12/0xb0 [ 668.549584][T26751] nci_register_device+0x514/0xb80 [ 668.551478][T26751] ? nci_init_complete_req+0x410/0x410 [ 668.553514][T26751] ? lockdep_init_map_type+0x16d/0x7c0 [ 668.555521][T26751] virtual_ncidev_open+0x147/0x220 [ 668.557431][T26751] ? virtual_ncidev_read+0x4e0/0x4e0 [ 668.559373][T26751] misc_open+0x3da/0x4c0 [ 668.560973][T26751] ? misc_devnode+0x120/0x120 [ 668.562750][T26751] chrdev_open+0x277/0x700 [ 668.564434][T26751] ? __unregister_chrdev+0x100/0x100 [ 668.566384][T26751] ? fsnotify_perm.part.0+0x25d/0x630 [ 668.568367][T26751] ? fsnotify_perm.part.0+0x268/0x630 [ 668.570478][T26751] do_dentry_open+0x88b/0x1730 [ 668.572244][T26751] ? __unregister_chrdev+0x100/0x100 [ 668.574183][T26751] ? may_open+0x1f2/0x400 [ 668.575767][T26751] path_openat+0x19af/0x29c0 [ 668.577473][T26751] ? path_lookupat+0x770/0x770 [ 668.579226][T26751] do_filp_open+0x1de/0x430 [ 668.580909][T26751] ? may_open_dev+0xf0/0xf0 [ 668.582910][T26751] ? expand_files+0x442/0x910 [ 668.584753][T26751] ? _raw_spin_unlock+0x28/0x40 [ 668.586546][T26751] ? alloc_fd+0x2da/0x6c0 [ 668.588134][T26751] do_sys_openat2+0x176/0x1e0 [ 668.589850][T26751] ? build_open_flags+0x690/0x690 [ 668.591694][T26751] __ia32_compat_sys_openat+0x16e/0x200 [ 668.593720][T26751] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 668.595688][T26751] ? ksys_write+0x1a7/0x250 [ 668.597357][T26751] ? rcu_is_watching+0x12/0xb0 [ 668.599107][T26751] __do_fast_syscall_32+0x61/0xe0 [ 668.600967][T26751] do_fast_syscall_32+0x33/0x70 [ 668.602765][T26751] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 668.605081][T26751] RIP: 0023:0xf7fc8579 [ 668.606571][T26751] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 668.613515][T26751] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 668.616546][T26751] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 668.619422][T26751] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 668.622315][T26751] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 668.625167][T26751] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 668.627990][T26751] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 668.630857][T26751] 13:17:34 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xf000000, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:34 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 33) 13:17:34 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x900, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:34 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x3f00, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 668.684468][T26757] FAULT_INJECTION: forcing a failure. [ 668.684468][T26757] name failslab, interval 1, probability 0, space 0, times 0 [ 668.689133][T26757] CPU: 1 PID: 26757 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 13:17:34 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0xf000, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 668.692914][T26757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 668.696824][T26757] Call Trace: [ 668.698079][T26757] [ 668.699172][T26757] dump_stack_lvl+0x125/0x1b0 [ 668.700963][T26757] should_fail_ex+0x496/0x5b0 [ 668.703096][T26757] should_failslab+0x9/0x20 [ 668.704875][T26757] __kmem_cache_alloc_node+0x2fd/0x350 13:17:34 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0xe00, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 668.706929][T26757] ? apply_wqattrs_prepare+0xff/0xa90 [ 668.709093][T26757] ? apply_wqattrs_prepare+0xff/0xa90 13:17:34 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x34000, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 668.711056][T26757] __kmalloc+0x4f/0x100 [ 668.712766][T26757] apply_wqattrs_prepare+0xff/0xa90 [ 668.714704][T26757] ? preempt_count_sub+0x150/0x150 [ 668.716610][T26757] apply_workqueue_attrs_locked+0xcb/0x150 [ 668.718781][T26757] alloc_workqueue+0xc8b/0x1490 [ 668.720647][T26757] ? workqueue_sysfs_register+0x400/0x400 [ 668.722767][T26757] ? rcu_is_watching+0x12/0xb0 [ 668.724567][T26757] nci_register_device+0x514/0xb80 [ 668.726505][T26757] ? nci_init_complete_req+0x410/0x410 [ 668.728573][T26757] ? lockdep_init_map_type+0x16d/0x7c0 [ 668.730629][T26757] virtual_ncidev_open+0x147/0x220 [ 668.732554][T26757] ? virtual_ncidev_read+0x4e0/0x4e0 [ 668.734551][T26757] misc_open+0x3da/0x4c0 [ 668.736158][T26757] ? misc_devnode+0x120/0x120 [ 668.737920][T26757] chrdev_open+0x277/0x700 [ 668.739563][T26757] ? __unregister_chrdev+0x100/0x100 [ 668.741578][T26757] ? fsnotify_perm.part.0+0x25d/0x630 [ 668.743559][T26757] ? fsnotify_perm.part.0+0x268/0x630 [ 668.745557][T26757] do_dentry_open+0x88b/0x1730 [ 668.747317][T26757] ? __unregister_chrdev+0x100/0x100 [ 668.749288][T26757] ? may_open+0x1f2/0x400 [ 668.750876][T26757] path_openat+0x19af/0x29c0 [ 668.752644][T26757] ? path_lookupat+0x770/0x770 [ 668.754557][T26757] do_filp_open+0x1de/0x430 [ 668.756245][T26757] ? may_open_dev+0xf0/0xf0 [ 668.757946][T26757] ? expand_files+0x442/0x910 [ 668.759684][T26757] ? _raw_spin_unlock+0x28/0x40 [ 668.761521][T26757] ? alloc_fd+0x2da/0x6c0 [ 668.763100][T26757] do_sys_openat2+0x176/0x1e0 [ 668.764868][T26757] ? build_open_flags+0x690/0x690 [ 668.766729][T26757] __ia32_compat_sys_openat+0x16e/0x200 [ 668.768798][T26757] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 668.770843][T26757] ? ksys_write+0x1a7/0x250 [ 668.772571][T26757] ? rcu_is_watching+0x12/0xb0 [ 668.774355][T26757] __do_fast_syscall_32+0x61/0xe0 [ 668.776277][T26757] do_fast_syscall_32+0x33/0x70 [ 668.778072][T26757] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 668.780434][T26757] RIP: 0023:0xf7fc8579 [ 668.781992][T26757] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 668.789113][T26757] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 668.792200][T26757] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 668.795087][T26757] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 668.798020][T26757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 668.800891][T26757] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 668.803694][T26757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 668.806570][T26757] 13:17:34 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x1f120000, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:34 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 34) 13:17:34 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x400300, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:34 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x3f000000, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 668.831637][T26776] FAULT_INJECTION: forcing a failure. [ 668.831637][T26776] name failslab, interval 1, probability 0, space 0, times 0 [ 668.836250][T26776] CPU: 1 PID: 26776 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 668.839914][T26776] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 668.843450][T26776] Call Trace: [ 668.844646][T26776] [ 668.845707][T26776] dump_stack_lvl+0x125/0x1b0 [ 668.847402][T26776] should_fail_ex+0x496/0x5b0 13:17:34 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x9effffff, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:34 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0xf0ffff, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 668.849100][T26776] should_failslab+0x9/0x20 [ 668.851185][T26776] __kmem_cache_alloc_node+0x2fd/0x350 [ 668.853213][T26776] ? apply_wqattrs_prepare+0x137/0xa90 [ 668.855212][T26776] kmalloc_trace+0x25/0xe0 [ 668.857059][T26776] apply_wqattrs_prepare+0x137/0xa90 [ 668.858993][T26776] ? preempt_count_sub+0x150/0x150 [ 668.860912][T26776] apply_workqueue_attrs_locked+0xcb/0x150 [ 668.863435][T26776] alloc_workqueue+0xc8b/0x1490 [ 668.865244][T26776] ? workqueue_sysfs_register+0x400/0x400 [ 668.867333][T26776] ? rcu_is_watching+0x12/0xb0 [ 668.869111][T26776] nci_register_device+0x514/0xb80 [ 668.871001][T26776] ? nci_init_complete_req+0x410/0x410 [ 668.873046][T26776] ? lockdep_init_map_type+0x16d/0x7c0 [ 668.874947][T26776] virtual_ncidev_open+0x147/0x220 [ 668.876832][T26776] ? virtual_ncidev_read+0x4e0/0x4e0 [ 668.878788][T26776] misc_open+0x3da/0x4c0 [ 668.880373][T26776] ? misc_devnode+0x120/0x120 [ 668.882118][T26776] chrdev_open+0x277/0x700 [ 668.883796][T26776] ? __unregister_chrdev+0x100/0x100 [ 668.885740][T26776] ? fsnotify_perm.part.0+0x25d/0x630 [ 668.887710][T26776] ? fsnotify_perm.part.0+0x268/0x630 [ 668.889688][T26776] do_dentry_open+0x88b/0x1730 [ 668.891466][T26776] ? __unregister_chrdev+0x100/0x100 [ 668.893441][T26776] ? may_open+0x1f2/0x400 [ 668.895163][T26776] path_openat+0x19af/0x29c0 [ 668.896882][T26776] ? path_lookupat+0x770/0x770 [ 668.898636][T26776] do_filp_open+0x1de/0x430 [ 668.900331][T26776] ? may_open_dev+0xf0/0xf0 [ 668.902002][T26776] ? expand_files+0x442/0x910 [ 668.903687][T26776] ? _raw_spin_unlock+0x28/0x40 [ 668.905460][T26776] ? alloc_fd+0x2da/0x6c0 [ 668.907025][T26776] do_sys_openat2+0x176/0x1e0 [ 668.908786][T26776] ? build_open_flags+0x690/0x690 [ 668.910605][T26776] __ia32_compat_sys_openat+0x16e/0x200 [ 668.912615][T26776] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 668.914610][T26776] ? ksys_write+0x1a7/0x250 [ 668.916301][T26776] ? rcu_is_watching+0x12/0xb0 [ 668.918060][T26776] __do_fast_syscall_32+0x61/0xe0 [ 668.919928][T26776] do_fast_syscall_32+0x33/0x70 [ 668.921788][T26776] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 668.924307][T26776] RIP: 0023:0xf7fc8579 [ 668.925788][T26776] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 668.932785][T26776] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 668.935802][T26776] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 668.938654][T26776] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 668.941539][T26776] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 668.944409][T26776] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 668.947285][T26776] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 668.950172][T26776] 13:17:34 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x1000000, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:34 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xf0ffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:34 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0xf00, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:34 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 35) [ 669.006951][T26791] FAULT_INJECTION: forcing a failure. [ 669.006951][T26791] name failslab, interval 1, probability 0, space 0, times 0 13:17:34 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x1150000, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:34 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xfffff000, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 669.011804][T26791] CPU: 1 PID: 26791 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 669.015691][T26791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 669.019409][T26791] Call Trace: [ 669.020675][T26791] [ 669.021792][T26791] dump_stack_lvl+0x125/0x1b0 [ 669.023544][T26791] should_fail_ex+0x496/0x5b0 [ 669.025298][T26791] should_failslab+0x9/0x20 13:17:34 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x3f00, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:34 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x2000000, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 669.026991][T26791] kmem_cache_alloc_node+0x389/0x3f0 13:17:34 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xffffff7f, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 669.029344][T26791] ? alloc_unbound_pwq+0x41e/0xd00 [ 669.031309][T26791] alloc_unbound_pwq+0x41e/0xd00 [ 669.033599][T26791] ? kasan_set_track+0x25/0x30 [ 669.035400][T26791] apply_wqattrs_prepare+0x3be/0xa90 [ 669.037405][T26791] apply_workqueue_attrs_locked+0xcb/0x150 [ 669.039602][T26791] alloc_workqueue+0xc8b/0x1490 [ 669.041484][T26791] ? workqueue_sysfs_register+0x400/0x400 [ 669.043617][T26791] ? rcu_is_watching+0x12/0xb0 [ 669.045415][T26791] nci_register_device+0x514/0xb80 [ 669.047346][T26791] ? nci_init_complete_req+0x410/0x410 [ 669.049406][T26791] ? lockdep_init_map_type+0x16d/0x7c0 [ 669.051438][T26791] virtual_ncidev_open+0x147/0x220 [ 669.053362][T26791] ? virtual_ncidev_read+0x4e0/0x4e0 [ 669.055343][T26791] misc_open+0x3da/0x4c0 [ 669.056963][T26791] ? misc_devnode+0x120/0x120 [ 669.058721][T26791] chrdev_open+0x277/0x700 [ 669.060489][T26791] ? __unregister_chrdev+0x100/0x100 [ 669.062600][T26791] ? fsnotify_perm.part.0+0x25d/0x630 [ 669.064592][T26791] ? fsnotify_perm.part.0+0x268/0x630 [ 669.066571][T26791] do_dentry_open+0x88b/0x1730 [ 669.068355][T26791] ? __unregister_chrdev+0x100/0x100 [ 669.070295][T26791] ? may_open+0x1f2/0x400 [ 669.071906][T26791] path_openat+0x19af/0x29c0 [ 669.073615][T26791] ? path_lookupat+0x770/0x770 [ 669.075384][T26791] do_filp_open+0x1de/0x430 [ 669.077069][T26791] ? may_open_dev+0xf0/0xf0 [ 669.078746][T26791] ? expand_files+0x442/0x910 [ 669.080531][T26791] ? _raw_spin_unlock+0x28/0x40 [ 669.082321][T26791] ? alloc_fd+0x2da/0x6c0 [ 669.083909][T26791] do_sys_openat2+0x176/0x1e0 [ 669.085640][T26791] ? build_open_flags+0x690/0x690 [ 669.087486][T26791] __ia32_compat_sys_openat+0x16e/0x200 [ 669.089511][T26791] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 669.091503][T26791] ? ksys_write+0x1a7/0x250 [ 669.093182][T26791] ? rcu_is_watching+0x12/0xb0 [ 669.094937][T26791] __do_fast_syscall_32+0x61/0xe0 [ 669.096805][T26791] do_fast_syscall_32+0x33/0x70 [ 669.098591][T26791] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 669.100908][T26791] RIP: 0023:0xf7fc8579 [ 669.102404][T26791] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 669.109394][T26791] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 669.112422][T26791] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 669.115293][T26791] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 669.118162][T26791] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 669.121062][T26791] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 669.123976][T26791] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 669.126858][T26791] 13:17:34 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 36) 13:17:34 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xffffff9e, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:34 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x3000000, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 669.148040][T26810] FAULT_INJECTION: forcing a failure. [ 669.148040][T26810] name failslab, interval 1, probability 0, space 0, times 0 [ 669.152638][T26810] CPU: 1 PID: 26810 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 669.156330][T26810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 669.159909][T26810] Call Trace: [ 669.161161][T26810] [ 669.162279][T26810] dump_stack_lvl+0x125/0x1b0 [ 669.164029][T26810] should_fail_ex+0x496/0x5b0 13:17:34 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x4000000, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 669.165781][T26810] should_failslab+0x9/0x20 [ 669.167669][T26810] __kmem_cache_alloc_node+0x2fd/0x350 [ 669.169730][T26810] ? alloc_worker+0x40/0x1a0 13:17:34 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xfffffff0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 669.171440][T26810] ? alloc_workqueue+0xeaf/0x1490 [ 669.173464][T26810] ? reacquire_held_locks+0x4b0/0x4b0 [ 669.175455][T26810] kmalloc_node_trace+0x22/0xd0 [ 669.177257][T26810] alloc_worker+0x40/0x1a0 [ 669.178907][T26810] init_rescuer+0x6f/0x1f0 [ 669.180569][T26810] alloc_workqueue+0xd35/0x1490 [ 669.182372][T26810] ? workqueue_sysfs_register+0x400/0x400 [ 669.184475][T26810] ? rcu_is_watching+0x12/0xb0 [ 669.186251][T26810] nci_register_device+0x514/0xb80 [ 669.188157][T26810] ? nci_init_complete_req+0x410/0x410 [ 669.190162][T26810] ? lockdep_init_map_type+0x16d/0x7c0 [ 669.192168][T26810] virtual_ncidev_open+0x147/0x220 [ 669.194048][T26810] ? virtual_ncidev_read+0x4e0/0x4e0 [ 669.196080][T26810] misc_open+0x3da/0x4c0 [ 669.197650][T26810] ? misc_devnode+0x120/0x120 [ 669.199402][T26810] chrdev_open+0x277/0x700 [ 669.201075][T26810] ? __unregister_chrdev+0x100/0x100 [ 669.203015][T26810] ? fsnotify_perm.part.0+0x25d/0x630 [ 669.204983][T26810] ? fsnotify_perm.part.0+0x268/0x630 [ 669.206922][T26810] do_dentry_open+0x88b/0x1730 [ 669.208691][T26810] ? __unregister_chrdev+0x100/0x100 [ 669.210634][T26810] ? may_open+0x1f2/0x400 [ 669.212278][T26810] path_openat+0x19af/0x29c0 [ 669.213986][T26810] ? path_lookupat+0x770/0x770 [ 669.215748][T26810] do_filp_open+0x1de/0x430 [ 669.217430][T26810] ? may_open_dev+0xf0/0xf0 [ 669.219100][T26810] ? expand_files+0x442/0x910 [ 669.220862][T26810] ? _raw_spin_unlock+0x28/0x40 [ 669.222656][T26810] ? alloc_fd+0x2da/0x6c0 [ 669.224254][T26810] do_sys_openat2+0x176/0x1e0 [ 669.225984][T26810] ? build_open_flags+0x690/0x690 [ 669.227836][T26810] __ia32_compat_sys_openat+0x16e/0x200 [ 669.229872][T26810] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 669.231868][T26810] ? ksys_write+0x1a7/0x250 [ 669.233537][T26810] ? rcu_is_watching+0x12/0xb0 [ 669.235292][T26810] __do_fast_syscall_32+0x61/0xe0 [ 669.237144][T26810] do_fast_syscall_32+0x33/0x70 [ 669.238935][T26810] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 669.241251][T26810] RIP: 0023:0xf7fc8579 [ 669.242737][T26810] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 669.249700][T26810] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 669.252721][T26810] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 669.255589][T26810] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 669.258450][T26810] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 669.261329][T26810] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 669.264317][T26810] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 669.267277][T26810] [ 669.269323][T26810] workqueue: Failed to allocate a rescuer for wq "nfc2_nci_tx_wq" 13:17:34 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0xffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:34 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x5000000, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:34 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 37) 13:17:34 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x4400, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 669.295394][T26825] FAULT_INJECTION: forcing a failure. [ 669.295394][T26825] name failslab, interval 1, probability 0, space 0, times 0 [ 669.300104][T26825] CPU: 1 PID: 26825 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 13:17:34 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0xf, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 669.303798][T26825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 13:17:34 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x6000000, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 669.307685][T26825] Call Trace: [ 669.308995][T26825] [ 669.310098][T26825] dump_stack_lvl+0x125/0x1b0 [ 669.311846][T26825] should_fail_ex+0x496/0x5b0 13:17:34 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x5800, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 669.313620][T26825] should_failslab+0x9/0x20 [ 669.315459][T26825] __kmem_cache_alloc_node+0x2fd/0x350 13:17:34 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x14, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 669.317472][T26825] ? __kthread_create_on_node+0xcb/0x400 [ 669.319638][T26825] ? lockdep_init_map_type+0x16d/0x7c0 [ 669.321658][T26825] ? worker_thread+0x1290/0x1290 13:17:34 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x7000000, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 669.323491][T26825] kmalloc_trace+0x25/0xe0 [ 669.325247][T26825] __kthread_create_on_node+0xcb/0x400 [ 669.327244][T26825] ? entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 669.329631][T26825] ? kthread_parkme+0xa0/0xa0 [ 669.331370][T26825] ? worker_thread+0x1290/0x1290 [ 669.333199][T26825] kthread_create_on_node+0xc8/0x100 [ 669.335157][T26825] ? __kthread_create_on_node+0x400/0x400 [ 669.337255][T26825] ? kasan_set_track+0x25/0x30 [ 669.339020][T26825] init_rescuer+0xce/0x1f0 [ 669.340692][T26825] alloc_workqueue+0xd35/0x1490 [ 669.342512][T26825] ? workqueue_sysfs_register+0x400/0x400 [ 669.344713][T26825] ? rcu_is_watching+0x12/0xb0 [ 669.346484][T26825] nci_register_device+0x514/0xb80 [ 669.348372][T26825] ? nci_init_complete_req+0x410/0x410 [ 669.350372][T26825] ? lockdep_init_map_type+0x16d/0x7c0 [ 669.352387][T26825] virtual_ncidev_open+0x147/0x220 [ 669.354267][T26825] ? virtual_ncidev_read+0x4e0/0x4e0 [ 669.356210][T26825] misc_open+0x3da/0x4c0 [ 669.357772][T26825] ? misc_devnode+0x120/0x120 [ 669.359502][T26825] chrdev_open+0x277/0x700 [ 669.361150][T26825] ? __unregister_chrdev+0x100/0x100 [ 669.363087][T26825] ? fsnotify_perm.part.0+0x25d/0x630 [ 669.365070][T26825] ? fsnotify_perm.part.0+0x268/0x630 [ 669.367048][T26825] do_dentry_open+0x88b/0x1730 [ 669.368832][T26825] ? __unregister_chrdev+0x100/0x100 [ 669.370788][T26825] ? may_open+0x1f2/0x400 [ 669.372397][T26825] path_openat+0x19af/0x29c0 [ 669.374104][T26825] ? path_lookupat+0x770/0x770 [ 669.375876][T26825] do_filp_open+0x1de/0x430 [ 669.377560][T26825] ? may_open_dev+0xf0/0xf0 [ 669.379237][T26825] ? expand_files+0x442/0x910 [ 669.380969][T26825] ? _raw_spin_unlock+0x28/0x40 [ 669.382759][T26825] ? alloc_fd+0x2da/0x6c0 [ 669.384355][T26825] do_sys_openat2+0x176/0x1e0 [ 669.386082][T26825] ? build_open_flags+0x690/0x690 [ 669.387928][T26825] __ia32_compat_sys_openat+0x16e/0x200 [ 669.389956][T26825] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 669.391946][T26825] ? ksys_write+0x1a7/0x250 [ 669.393623][T26825] ? rcu_is_watching+0x12/0xb0 [ 669.395378][T26825] __do_fast_syscall_32+0x61/0xe0 [ 669.397233][T26825] do_fast_syscall_32+0x33/0x70 [ 669.399015][T26825] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 669.401345][T26825] RIP: 0023:0xf7fc8579 [ 669.402843][T26825] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 669.409836][T26825] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 669.412866][T26825] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 669.415740][T26825] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 669.418626][T26825] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 669.421512][T26825] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 669.424373][T26825] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 669.427232][T26825] 13:17:34 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 38) 13:17:35 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x140, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x9000000, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 669.429558][T26825] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -ENOMEM [ 669.448102][T26845] FAULT_INJECTION: forcing a failure. [ 669.448102][T26845] name failslab, interval 1, probability 0, space 0, times 0 [ 669.456505][T26845] CPU: 0 PID: 26845 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 669.460242][T26845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 669.463947][T26845] Call Trace: [ 669.465187][T26845] 13:17:35 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0xec0, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 669.466292][T26845] dump_stack_lvl+0x125/0x1b0 13:17:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0xf000000, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 669.468230][T26845] should_fail_ex+0x496/0x5b0 [ 669.470312][T26845] should_failslab+0x9/0x20 [ 669.472033][T26845] __kmem_cache_alloc_node+0x2fd/0x350 [ 669.474030][T26845] ? __kthread_create_on_node+0x189/0x400 [ 669.476095][T26845] ? pointer+0xbf0/0xbf0 [ 669.477623][T26845] ? __kthread_create_on_node+0x189/0x400 [ 669.480074][T26845] __kmalloc_node_track_caller+0x50/0x100 [ 669.482212][T26845] kvasprintf+0xbd/0x150 [ 669.483760][T26845] ? bust_spinlocks+0xe0/0xe0 [ 669.485501][T26845] ? worker_thread+0x1290/0x1290 [ 669.487336][T26845] __kthread_create_on_node+0x189/0x400 [ 669.489378][T26845] ? kthread_parkme+0xa0/0xa0 [ 669.491109][T26845] ? worker_thread+0x1290/0x1290 [ 669.492940][T26845] kthread_create_on_node+0xc8/0x100 [ 669.494896][T26845] ? __kthread_create_on_node+0x400/0x400 [ 669.497046][T26845] ? kasan_set_track+0x25/0x30 [ 669.498836][T26845] init_rescuer+0xce/0x1f0 [ 669.500532][T26845] alloc_workqueue+0xd35/0x1490 [ 669.502327][T26845] ? workqueue_sysfs_register+0x400/0x400 [ 669.504406][T26845] ? rcu_is_watching+0x12/0xb0 [ 669.506163][T26845] nci_register_device+0x514/0xb80 [ 669.508409][T26845] ? nci_init_complete_req+0x410/0x410 [ 669.510809][T26845] ? lockdep_init_map_type+0x16d/0x7c0 [ 669.513221][T26845] virtual_ncidev_open+0x147/0x220 [ 669.515470][T26845] ? virtual_ncidev_read+0x4e0/0x4e0 [ 669.517862][T26845] misc_open+0x3da/0x4c0 [ 669.519803][T26845] ? misc_devnode+0x120/0x120 [ 669.521913][T26845] chrdev_open+0x277/0x700 [ 669.523581][T26845] ? __unregister_chrdev+0x100/0x100 [ 669.525573][T26845] ? fsnotify_perm.part.0+0x25d/0x630 [ 669.527565][T26845] ? fsnotify_perm.part.0+0x268/0x630 [ 669.529571][T26845] do_dentry_open+0x88b/0x1730 [ 669.531364][T26845] ? __unregister_chrdev+0x100/0x100 [ 669.533711][T26845] ? may_open+0x1f2/0x400 [ 669.535664][T26845] path_openat+0x19af/0x29c0 [ 669.537763][T26845] ? path_lookupat+0x770/0x770 [ 669.539943][T26845] do_filp_open+0x1de/0x430 [ 669.541690][T26845] ? may_open_dev+0xf0/0xf0 [ 669.543693][T26845] ? expand_files+0x442/0x910 [ 669.545823][T26845] ? _raw_spin_unlock+0x28/0x40 [ 669.548039][T26845] ? alloc_fd+0x2da/0x6c0 [ 669.549994][T26845] do_sys_openat2+0x176/0x1e0 [ 669.552132][T26845] ? build_open_flags+0x690/0x690 [ 669.554412][T26845] __ia32_compat_sys_openat+0x16e/0x200 [ 669.556900][T26845] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 669.559350][T26845] ? ksys_write+0x1a7/0x250 [ 669.561429][T26845] ? rcu_is_watching+0x12/0xb0 [ 669.563586][T26845] __do_fast_syscall_32+0x61/0xe0 [ 669.565873][T26845] do_fast_syscall_32+0x33/0x70 [ 669.568084][T26845] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 669.570845][T26845] RIP: 0023:0xf7fc8579 [ 669.572382][T26845] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 669.579499][T26845] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 669.582641][T26845] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 669.585601][T26845] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 669.588546][T26845] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 669.591489][T26845] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 669.594437][T26845] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 669.597399][T26845] 13:17:35 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x6000, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:35 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 39) 13:17:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x3f000000, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:35 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x33fe0, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:35 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0xfffffdef, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 669.599228][T26845] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -ENOMEM 13:17:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x79a5f2f7, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 669.658990][T26861] FAULT_INJECTION: forcing a failure. [ 669.658990][T26861] name failslab, interval 1, probability 0, space 0, times 0 [ 669.669357][T26861] CPU: 1 PID: 26861 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 13:17:35 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0xf000, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 669.673584][T26861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 669.677441][T26861] Call Trace: 13:17:35 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 669.678674][T26861] [ 669.679881][T26861] dump_stack_lvl+0x125/0x1b0 [ 669.681619][T26861] should_fail_ex+0x496/0x5b0 13:17:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x9effffff, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 669.683735][T26861] should_failslab+0x9/0x20 [ 669.685737][T26861] __kmem_cache_alloc_node+0x2fd/0x350 [ 669.687932][T26861] ? device_add+0xd18/0x1ac0 [ 669.689627][T26861] ? lock_acquire+0x464/0x510 [ 669.691375][T26861] ? nfc_register_device+0x32/0x3c0 [ 669.693318][T26861] kmalloc_trace+0x25/0xe0 [ 669.695176][T26861] device_add+0xd18/0x1ac0 [ 669.696964][T26861] ? reacquire_held_locks+0x4b0/0x4b0 [ 669.698936][T26861] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 669.701583][T26861] ? lockdep_init_map_type+0x16d/0x7c0 [ 669.704034][T26861] nfc_register_device+0x41/0x3c0 [ 669.706247][T26861] nci_register_device+0x7f4/0xb80 [ 669.708571][T26861] ? nci_init_complete_req+0x410/0x410 [ 669.710979][T26861] ? lockdep_init_map_type+0x16d/0x7c0 [ 669.712999][T26861] virtual_ncidev_open+0x147/0x220 [ 669.714891][T26861] ? virtual_ncidev_read+0x4e0/0x4e0 [ 669.716853][T26861] misc_open+0x3da/0x4c0 [ 669.718419][T26861] ? misc_devnode+0x120/0x120 [ 669.720175][T26861] chrdev_open+0x277/0x700 [ 669.721839][T26861] ? __unregister_chrdev+0x100/0x100 [ 669.723800][T26861] ? fsnotify_perm.part.0+0x25d/0x630 [ 669.725782][T26861] ? fsnotify_perm.part.0+0x268/0x630 [ 669.727779][T26861] do_dentry_open+0x88b/0x1730 [ 669.729583][T26861] ? __unregister_chrdev+0x100/0x100 [ 669.731534][T26861] ? may_open+0x1f2/0x400 [ 669.733137][T26861] path_openat+0x19af/0x29c0 [ 669.734844][T26861] ? path_lookupat+0x770/0x770 [ 669.736656][T26861] do_filp_open+0x1de/0x430 [ 669.738342][T26861] ? may_open_dev+0xf0/0xf0 [ 669.740055][T26861] ? expand_files+0x442/0x910 [ 669.742176][T26861] ? _raw_spin_unlock+0x28/0x40 [ 669.744013][T26861] ? alloc_fd+0x2da/0x6c0 [ 669.745612][T26861] do_sys_openat2+0x176/0x1e0 [ 669.747674][T26861] ? build_open_flags+0x690/0x690 [ 669.749648][T26861] __ia32_compat_sys_openat+0x16e/0x200 [ 669.751675][T26861] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 669.753698][T26861] ? ksys_write+0x1a7/0x250 [ 669.755389][T26861] ? rcu_is_watching+0x12/0xb0 [ 669.757259][T26861] __do_fast_syscall_32+0x61/0xe0 [ 669.759449][T26861] do_fast_syscall_32+0x33/0x70 [ 669.761278][T26861] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 669.763595][T26861] RIP: 0023:0xf7fc8579 [ 669.765101][T26861] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 669.772522][T26861] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 669.775580][T26861] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 669.778897][T26861] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 669.782223][T26861] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 669.785910][T26861] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 669.789458][T26861] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 669.793022][T26861] 13:17:35 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 40) 13:17:35 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x2, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0xf0ffffff, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 669.815190][T26885] FAULT_INJECTION: forcing a failure. [ 669.815190][T26885] name failslab, interval 1, probability 0, space 0, times 0 [ 669.819997][T26885] CPU: 2 PID: 26885 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 669.823785][T26885] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 669.827657][T26885] Call Trace: [ 669.828944][T26885] [ 669.830073][T26885] dump_stack_lvl+0x125/0x1b0 13:17:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0xf7f2a579, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:35 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x3, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 669.831897][T26885] should_fail_ex+0x496/0x5b0 [ 669.833873][T26885] should_failslab+0x9/0x20 [ 669.835588][T26885] __kmem_cache_alloc_node+0x2fd/0x350 [ 669.837951][T26885] ? kstrdup_const+0x5f/0x70 [ 669.840165][T26885] ? kstrdup_const+0x5f/0x70 [ 669.842378][T26885] __kmalloc_node_track_caller+0x50/0x100 [ 669.845052][T26885] kstrdup+0x3c/0x70 [ 669.846880][T26885] kstrdup_const+0x5f/0x70 [ 669.848527][T26885] __kernfs_new_node+0x9c/0x8a0 [ 669.850275][T26885] ? kernfs_path_from_node+0x60/0x60 [ 669.852211][T26885] ? stack_trace_save+0x96/0xd0 [ 669.853992][T26885] ? rcu_is_watching+0x12/0xb0 [ 669.855736][T26885] ? lock_acquire+0x464/0x510 [ 669.857733][T26885] ? lock_sync+0x190/0x190 [ 669.859381][T26885] kernfs_create_dir_ns+0x9a/0x210 [ 669.861301][T26885] sysfs_create_dir_ns+0x13b/0x2a0 [ 669.863215][T26885] ? sysfs_create_mount_point+0xb0/0xb0 [ 669.865278][T26885] ? spin_bug+0x1d0/0x1d0 [ 669.866963][T26885] ? get_device_parent+0x10a/0x4e0 [ 669.868888][T26885] ? class_dir_child_ns_type+0xd/0x60 [ 669.871012][T26885] kobject_add_internal+0x2c8/0x960 [ 669.872947][T26885] kobject_add+0x16f/0x240 [ 669.874576][T26885] ? kset_create_and_add+0x190/0x190 [ 669.876525][T26885] ? do_raw_spin_unlock+0x173/0x230 [ 669.878433][T26885] ? kobject_put+0xbe/0x440 [ 669.880129][T26885] device_add+0x290/0x1ac0 [ 669.881765][T26885] ? reacquire_held_locks+0x4b0/0x4b0 [ 669.883709][T26885] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 669.886199][T26885] ? lockdep_init_map_type+0x16d/0x7c0 [ 669.888422][T26885] nfc_register_device+0x41/0x3c0 [ 669.890291][T26885] nci_register_device+0x7f4/0xb80 [ 669.892233][T26885] ? nci_init_complete_req+0x410/0x410 [ 669.894287][T26885] ? lockdep_init_map_type+0x16d/0x7c0 [ 669.896341][T26885] virtual_ncidev_open+0x147/0x220 [ 669.898226][T26885] ? virtual_ncidev_read+0x4e0/0x4e0 [ 669.900206][T26885] misc_open+0x3da/0x4c0 [ 669.901772][T26885] ? misc_devnode+0x120/0x120 [ 669.903505][T26885] chrdev_open+0x277/0x700 [ 669.905166][T26885] ? __unregister_chrdev+0x100/0x100 [ 669.907120][T26885] ? fsnotify_perm.part.0+0x25d/0x630 [ 669.909095][T26885] ? fsnotify_perm.part.0+0x268/0x630 [ 669.911062][T26885] do_dentry_open+0x88b/0x1730 [ 669.912831][T26885] ? __unregister_chrdev+0x100/0x100 [ 669.914774][T26885] ? may_open+0x1f2/0x400 [ 669.916385][T26885] path_openat+0x19af/0x29c0 [ 669.918163][T26885] ? path_lookupat+0x770/0x770 [ 669.919945][T26885] do_filp_open+0x1de/0x430 [ 669.921622][T26885] ? may_open_dev+0xf0/0xf0 [ 669.923292][T26885] ? expand_files+0x442/0x910 [ 669.925034][T26885] ? _raw_spin_unlock+0x28/0x40 [ 669.926825][T26885] ? alloc_fd+0x2da/0x6c0 [ 669.928420][T26885] do_sys_openat2+0x176/0x1e0 [ 669.930153][T26885] ? build_open_flags+0x690/0x690 [ 669.932020][T26885] __ia32_compat_sys_openat+0x16e/0x200 [ 669.934035][T26885] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 669.936034][T26885] ? ksys_write+0x1a7/0x250 [ 669.937716][T26885] ? rcu_is_watching+0x12/0xb0 [ 669.939485][T26885] __do_fast_syscall_32+0x61/0xe0 [ 669.941358][T26885] do_fast_syscall_32+0x33/0x70 [ 669.943149][T26885] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 669.945461][T26885] RIP: 0023:0xf7fc8579 [ 669.946968][T26885] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 669.953981][T26885] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 669.957056][T26885] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 669.959945][T26885] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 669.962830][T26885] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 669.965708][T26885] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 669.968582][T26885] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 669.971462][T26885] [ 669.973066][T26885] kobject: kobject_add_internal failed for nfc2 (error: -12 parent: nfc) 13:17:35 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x30000, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:35 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x4, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0xfffff000, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:35 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 41) [ 670.017487][T26900] FAULT_INJECTION: forcing a failure. [ 670.017487][T26900] name failslab, interval 1, probability 0, space 0, times 0 [ 670.022331][T26900] CPU: 3 PID: 26900 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 670.026076][T26900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 670.028748][T26908] nla_validate_range_unsigned: 17 callbacks suppressed [ 670.028761][T26908] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 670.029978][T26900] Call Trace: [ 670.029984][T26900] [ 670.037985][T26900] dump_stack_lvl+0x125/0x1b0 13:17:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0xffffff7f, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:35 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x5, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 670.039786][T26900] should_fail_ex+0x496/0x5b0 [ 670.041694][T26900] should_failslab+0x9/0x20 [ 670.043409][T26900] kmem_cache_alloc+0x33a/0x3b0 [ 670.045276][T26900] ? kstrdup+0x5c/0x70 [ 670.046893][T26900] __kernfs_new_node+0xd3/0x8a0 [ 670.048907][T26900] ? kernfs_path_from_node+0x60/0x60 [ 670.050922][T26900] ? stack_trace_save+0x96/0xd0 [ 670.052811][T26900] ? rcu_is_watching+0x12/0xb0 13:17:35 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x34000, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 670.054768][T26900] ? lock_acquire+0x464/0x510 [ 670.056644][T26900] ? lock_sync+0x190/0x190 [ 670.058350][T26900] kernfs_create_dir_ns+0x9a/0x210 [ 670.060342][T26900] sysfs_create_dir_ns+0x13b/0x2a0 [ 670.062170][T26900] ? sysfs_create_mount_point+0xb0/0xb0 [ 670.064203][T26900] ? spin_bug+0x1d0/0x1d0 [ 670.065797][T26900] ? get_device_parent+0x10a/0x4e0 [ 670.067681][T26900] ? class_dir_child_ns_type+0xd/0x60 [ 670.068813][T26914] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 670.069648][T26900] kobject_add_internal+0x2c8/0x960 [ 670.069664][T26900] kobject_add+0x16f/0x240 [ 670.069674][T26900] ? kset_create_and_add+0x190/0x190 [ 670.069685][T26900] ? do_raw_spin_unlock+0x173/0x230 [ 670.080105][T26900] ? kobject_put+0xbe/0x440 [ 670.081793][T26900] device_add+0x290/0x1ac0 [ 670.083443][T26900] ? reacquire_held_locks+0x4b0/0x4b0 [ 670.085423][T26900] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 670.087932][T26900] ? lockdep_init_map_type+0x16d/0x7c0 [ 670.089932][T26900] nfc_register_device+0x41/0x3c0 [ 670.091791][T26900] nci_register_device+0x7f4/0xb80 [ 670.093683][T26900] ? nci_init_complete_req+0x410/0x410 [ 670.095685][T26900] ? lockdep_init_map_type+0x16d/0x7c0 [ 670.097701][T26900] virtual_ncidev_open+0x147/0x220 [ 670.099586][T26900] ? virtual_ncidev_read+0x4e0/0x4e0 [ 670.101545][T26900] misc_open+0x3da/0x4c0 [ 670.103112][T26900] ? misc_devnode+0x120/0x120 [ 670.104847][T26900] chrdev_open+0x277/0x700 [ 670.106494][T26900] ? __unregister_chrdev+0x100/0x100 [ 670.108434][T26900] ? fsnotify_perm.part.0+0x25d/0x630 [ 670.110398][T26900] ? fsnotify_perm.part.0+0x268/0x630 [ 670.112369][T26900] do_dentry_open+0x88b/0x1730 [ 670.114125][T26900] ? __unregister_chrdev+0x100/0x100 [ 670.116067][T26900] ? may_open+0x1f2/0x400 [ 670.117668][T26900] path_openat+0x19af/0x29c0 [ 670.119380][T26900] ? path_lookupat+0x770/0x770 [ 670.121173][T26900] do_filp_open+0x1de/0x430 [ 670.122865][T26900] ? may_open_dev+0xf0/0xf0 [ 670.124551][T26900] ? expand_files+0x442/0x910 [ 670.126307][T26900] ? _raw_spin_unlock+0x28/0x40 [ 670.128112][T26900] ? alloc_fd+0x2da/0x6c0 [ 670.129702][T26900] do_sys_openat2+0x176/0x1e0 [ 670.131443][T26900] ? build_open_flags+0x690/0x690 [ 670.133305][T26900] __ia32_compat_sys_openat+0x16e/0x200 [ 670.135242][T26900] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 670.137244][T26900] ? ksys_write+0x1a7/0x250 [ 670.138922][T26900] ? rcu_is_watching+0x12/0xb0 [ 670.140688][T26900] __do_fast_syscall_32+0x61/0xe0 [ 670.142494][T26900] do_fast_syscall_32+0x33/0x70 [ 670.144265][T26900] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 670.146586][T26900] RIP: 0023:0xf7fc8579 [ 670.148098][T26900] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 670.155119][T26900] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 670.158177][T26900] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 670.161076][T26900] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 670.163972][T26900] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 670.166870][T26900] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 670.169789][T26900] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 670.172703][T26900] 13:17:35 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x6, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0xffffff9e, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 670.175780][T26900] kobject: kobject_add_internal failed for nfc2 (error: -12 parent: nfc) 13:17:35 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 42) 13:17:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0xfffffff0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:35 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x7, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 670.205458][T26928] FAULT_INJECTION: forcing a failure. [ 670.205458][T26928] name failslab, interval 1, probability 0, space 0, times 0 13:17:35 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x9, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0xffffffff, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 670.210050][T26928] CPU: 1 PID: 26928 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 670.214099][T26928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 670.217808][T26928] Call Trace: [ 670.219043][T26928] [ 670.220156][T26928] dump_stack_lvl+0x125/0x1b0 [ 670.221901][T26928] should_fail_ex+0x496/0x5b0 [ 670.223639][T26928] should_failslab+0x9/0x20 [ 670.225394][T26928] kmem_cache_alloc+0x33a/0x3b0 [ 670.227282][T26928] ? reacquire_held_locks+0x4b0/0x4b0 [ 670.229279][T26928] __kernfs_new_node+0xd3/0x8a0 [ 670.231074][T26928] ? kernfs_path_from_node+0x60/0x60 [ 670.232992][T26928] ? up_write+0x1b3/0x510 [ 670.234565][T26928] ? kernfs_add_one+0x17f/0x510 [ 670.236337][T26928] ? kernfs_create_dir_ns+0x195/0x210 [ 670.238281][T26928] kernfs_new_node+0x94/0x110 [ 670.240032][T26928] __kernfs_create_file+0x53/0x340 [ 670.241941][T26928] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 670.243923][T26928] sysfs_create_file_ns+0x13e/0x1d0 [ 670.245827][T26928] ? sysfs_add_file_mode_ns+0x3b0/0x3b0 [ 670.247823][T26928] ? down_read+0x13e/0x470 [ 670.249477][T26928] ? _down_write_nest_lock+0x200/0x200 [ 670.251474][T26928] ? kobject_put+0xbe/0x440 [ 670.253161][T26928] device_create_file+0xee/0x1d0 [ 670.254992][T26928] device_add+0x2e2/0x1ac0 [ 670.256671][T26928] ? reacquire_held_locks+0x4b0/0x4b0 [ 670.258647][T26928] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 670.261174][T26928] ? lockdep_init_map_type+0x16d/0x7c0 [ 670.263203][T26928] nfc_register_device+0x41/0x3c0 [ 670.265255][T26928] nci_register_device+0x7f4/0xb80 [ 670.267154][T26928] ? nci_init_complete_req+0x410/0x410 [ 670.269179][T26928] ? lockdep_init_map_type+0x16d/0x7c0 [ 670.271223][T26928] virtual_ncidev_open+0x147/0x220 [ 670.273135][T26928] ? virtual_ncidev_read+0x4e0/0x4e0 [ 670.275080][T26928] misc_open+0x3da/0x4c0 [ 670.276666][T26928] ? misc_devnode+0x120/0x120 [ 670.278417][T26928] chrdev_open+0x277/0x700 [ 670.280102][T26928] ? __unregister_chrdev+0x100/0x100 [ 670.282050][T26928] ? fsnotify_perm.part.0+0x25d/0x630 [ 670.284088][T26928] ? fsnotify_perm.part.0+0x268/0x630 [ 670.286070][T26928] do_dentry_open+0x88b/0x1730 [ 670.287881][T26928] ? __unregister_chrdev+0x100/0x100 [ 670.289848][T26928] ? may_open+0x1f2/0x400 [ 670.291466][T26928] path_openat+0x19af/0x29c0 [ 670.293194][T26928] ? path_lookupat+0x770/0x770 [ 670.294966][T26928] do_filp_open+0x1de/0x430 [ 670.296672][T26928] ? may_open_dev+0xf0/0xf0 [ 670.298365][T26928] ? expand_files+0x442/0x910 [ 670.300136][T26928] ? _raw_spin_unlock+0x28/0x40 [ 670.301931][T26928] ? alloc_fd+0x2da/0x6c0 [ 670.303529][T26928] do_sys_openat2+0x176/0x1e0 [ 670.305313][T26928] ? build_open_flags+0x690/0x690 [ 670.307238][T26928] __ia32_compat_sys_openat+0x16e/0x200 [ 670.309307][T26928] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 670.311400][T26928] ? ksys_write+0x1a7/0x250 [ 670.313097][T26928] ? rcu_is_watching+0x12/0xb0 [ 670.314896][T26928] __do_fast_syscall_32+0x61/0xe0 [ 670.316969][T26928] do_fast_syscall_32+0x33/0x70 [ 670.318916][T26928] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 670.321290][T26928] RIP: 0023:0xf7fc8579 [ 670.322785][T26928] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 670.329787][T26928] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 670.332894][T26928] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 670.335862][T26928] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 670.338776][T26928] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 670.341689][T26928] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 670.344608][T26928] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 670.347484][T26928] 13:17:35 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x400300, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:35 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0xf, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:35 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 43) 13:17:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x2, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:35 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0xf0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:35 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 44) [ 670.428133][T26946] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 670.442246][T26948] FAULT_INJECTION: forcing a failure. [ 670.442246][T26948] name failslab, interval 1, probability 0, space 0, times 0 13:17:36 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0xf0ffff, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:36 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x3, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:36 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x300, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 670.449192][T26948] CPU: 3 PID: 26948 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 670.453849][T26948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 670.455820][T26957] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 670.458483][T26948] Call Trace: 13:17:36 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x4, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 670.463206][T26948] [ 670.464736][T26948] dump_stack_lvl+0x125/0x1b0 [ 670.466984][T26948] should_fail_ex+0x496/0x5b0 [ 670.469219][T26948] should_failslab+0x9/0x20 [ 670.471364][T26948] __kmem_cache_alloc_node+0x2fd/0x350 [ 670.473929][T26948] ? kstrdup_const+0x5f/0x70 [ 670.476131][T26948] ? kstrdup_const+0x5f/0x70 [ 670.478321][T26948] __kmalloc_node_track_caller+0x50/0x100 [ 670.480925][T26948] kstrdup+0x3c/0x70 [ 670.482746][T26948] kstrdup_const+0x5f/0x70 [ 670.484878][T26948] __kernfs_new_node+0x9c/0x8a0 [ 670.487071][T26948] ? kernfs_add_one+0x3ca/0x510 [ 670.488883][T26948] ? kernfs_path_from_node+0x60/0x60 [ 670.491253][T26948] ? down_write+0x14f/0x200 [ 670.493399][T26948] ? rcu_is_watching+0x12/0xb0 [ 670.495660][T26948] ? rcu_is_watching+0x12/0xb0 [ 670.497994][T26948] ? lock_release+0x4bf/0x680 [ 670.500253][T26948] ? sysfs_do_create_link_sd+0x82/0x140 [ 670.502826][T26948] kernfs_new_node+0x94/0x110 [ 670.505049][T26948] kernfs_create_link+0xcc/0x230 [ 670.507369][T26948] sysfs_do_create_link_sd+0x90/0x140 [ 670.509864][T26948] sysfs_create_link+0x61/0xc0 [ 670.512128][T26948] device_add+0x669/0x1ac0 [ 670.514237][T26948] ? reacquire_held_locks+0x4b0/0x4b0 [ 670.516744][T26948] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 670.519817][T26948] ? lockdep_init_map_type+0x16d/0x7c0 [ 670.522265][T26948] nfc_register_device+0x41/0x3c0 [ 670.524617][T26948] nci_register_device+0x7f4/0xb80 [ 670.526637][T26948] ? nci_init_complete_req+0x410/0x410 [ 670.528775][T26948] ? lockdep_init_map_type+0x16d/0x7c0 [ 670.531135][T26948] virtual_ncidev_open+0x147/0x220 [ 670.533392][T26948] ? virtual_ncidev_read+0x4e0/0x4e0 [ 670.535878][T26948] misc_open+0x3da/0x4c0 [ 670.537874][T26948] ? misc_devnode+0x120/0x120 [ 670.539972][T26948] chrdev_open+0x277/0x700 [ 670.541618][T26948] ? __unregister_chrdev+0x100/0x100 [ 670.543775][T26948] ? fsnotify_perm.part.0+0x25d/0x630 [ 670.545750][T26948] ? fsnotify_perm.part.0+0x268/0x630 [ 670.547712][T26948] do_dentry_open+0x88b/0x1730 [ 670.549538][T26948] ? __unregister_chrdev+0x100/0x100 [ 670.552009][T26948] ? may_open+0x1f2/0x400 [ 670.554024][T26948] path_openat+0x19af/0x29c0 [ 670.556191][T26948] ? path_lookupat+0x770/0x770 [ 670.558442][T26948] do_filp_open+0x1de/0x430 [ 670.560534][T26948] ? may_open_dev+0xf0/0xf0 [ 670.562613][T26948] ? expand_files+0x442/0x910 [ 670.564831][T26948] ? _raw_spin_unlock+0x28/0x40 [ 670.567113][T26948] ? alloc_fd+0x2da/0x6c0 [ 670.568889][T26948] do_sys_openat2+0x176/0x1e0 [ 670.570611][T26948] ? build_open_flags+0x690/0x690 [ 670.572458][T26948] __ia32_compat_sys_openat+0x16e/0x200 [ 670.574479][T26948] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 670.576466][T26948] ? ksys_write+0x1a7/0x250 [ 670.578131][T26948] ? rcu_is_watching+0x12/0xb0 [ 670.579906][T26948] __do_fast_syscall_32+0x61/0xe0 [ 670.581750][T26948] do_fast_syscall_32+0x33/0x70 [ 670.583537][T26948] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 670.585845][T26948] RIP: 0023:0xf7fc8579 [ 670.587339][T26948] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 670.594281][T26948] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 670.597299][T26948] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 670.600180][T26948] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 670.603171][T26948] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 670.606056][T26948] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 670.608940][T26948] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 670.611791][T26948] 13:17:36 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 45) 13:17:36 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x5, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:36 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x500, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 670.637765][T26970] FAULT_INJECTION: forcing a failure. [ 670.637765][T26970] name failslab, interval 1, probability 0, space 0, times 0 [ 670.643147][T26970] CPU: 3 PID: 26970 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 670.646821][T26970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 670.650552][T26970] Call Trace: [ 670.651789][T26970] [ 670.652892][T26970] dump_stack_lvl+0x125/0x1b0 [ 670.654653][T26970] should_fail_ex+0x496/0x5b0 [ 670.656435][T26970] should_failslab+0x9/0x20 [ 670.658134][T26970] kmem_cache_alloc+0x33a/0x3b0 [ 670.659980][T26970] ? kstrdup+0x5c/0x70 13:17:36 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x600, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 670.661491][T26970] __kernfs_new_node+0xd3/0x8a0 [ 670.663430][T26970] ? kernfs_add_one+0x3ca/0x510 [ 670.665241][T26970] ? kernfs_path_from_node+0x60/0x60 [ 670.667180][T26970] ? down_write+0x14f/0x200 [ 670.668853][T26970] ? rcu_is_watching+0x12/0xb0 [ 670.670601][T26970] ? rcu_is_watching+0x12/0xb0 [ 670.672357][T26970] ? lock_release+0x4bf/0x680 [ 670.674089][T26970] ? sysfs_do_create_link_sd+0x82/0x140 [ 670.676113][T26970] kernfs_new_node+0x94/0x110 [ 670.677837][T26970] kernfs_create_link+0xcc/0x230 [ 670.679647][T26970] sysfs_do_create_link_sd+0x90/0x140 [ 670.681629][T26970] sysfs_create_link+0x61/0xc0 [ 670.683380][T26970] device_add+0x669/0x1ac0 [ 670.685017][T26970] ? reacquire_held_locks+0x4b0/0x4b0 [ 670.686978][T26970] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 670.689465][T26970] ? lockdep_init_map_type+0x16d/0x7c0 [ 670.691447][T26970] nfc_register_device+0x41/0x3c0 [ 670.693296][T26970] nci_register_device+0x7f4/0xb80 [ 670.695156][T26970] ? nci_init_complete_req+0x410/0x410 [ 670.697139][T26970] ? lockdep_init_map_type+0x16d/0x7c0 [ 670.699132][T26970] virtual_ncidev_open+0x147/0x220 [ 670.701023][T26970] ? virtual_ncidev_read+0x4e0/0x4e0 [ 670.702967][T26970] misc_open+0x3da/0x4c0 [ 670.704646][T26970] ? misc_devnode+0x120/0x120 [ 670.706371][T26970] chrdev_open+0x277/0x700 [ 670.708011][T26970] ? __unregister_chrdev+0x100/0x100 [ 670.709934][T26970] ? fsnotify_perm.part.0+0x25d/0x630 [ 670.711908][T26970] ? fsnotify_perm.part.0+0x268/0x630 [ 670.713855][T26970] do_dentry_open+0x88b/0x1730 [ 670.715610][T26970] ? __unregister_chrdev+0x100/0x100 [ 670.717544][T26970] ? may_open+0x1f2/0x400 [ 670.719127][T26970] path_openat+0x19af/0x29c0 [ 670.720856][T26970] ? path_lookupat+0x770/0x770 [ 670.722608][T26970] do_filp_open+0x1de/0x430 [ 670.724281][T26970] ? may_open_dev+0xf0/0xf0 [ 670.725944][T26970] ? expand_files+0x442/0x910 [ 670.727667][T26970] ? _raw_spin_unlock+0x28/0x40 [ 670.729449][T26970] ? alloc_fd+0x2da/0x6c0 [ 670.731019][T26970] do_sys_openat2+0x176/0x1e0 [ 670.732754][T26970] ? build_open_flags+0x690/0x690 [ 670.734597][T26970] __ia32_compat_sys_openat+0x16e/0x200 [ 670.736616][T26970] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 670.738589][T26970] ? ksys_write+0x1a7/0x250 [ 670.740274][T26970] ? rcu_is_watching+0x12/0xb0 [ 670.742028][T26970] __do_fast_syscall_32+0x61/0xe0 [ 670.743883][T26970] do_fast_syscall_32+0x33/0x70 [ 670.745674][T26970] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 670.747976][T26970] RIP: 0023:0xf7fc8579 [ 670.749463][T26970] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 670.756433][T26970] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 670.759446][T26970] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 670.762329][T26970] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 670.765202][T26970] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 670.768081][T26970] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 670.770920][T26970] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 670.773802][T26970] 13:17:36 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x6, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:36 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x700, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:36 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x1000000, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:36 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 46) 13:17:36 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x7, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 670.833405][T26985] FAULT_INJECTION: forcing a failure. [ 670.833405][T26985] name failslab, interval 1, probability 0, space 0, times 0 [ 670.836577][T26990] netlink: 'syz-executor.3': attribute type 11 has an invalid length. 13:17:36 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x900, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 670.838554][T26985] CPU: 3 PID: 26985 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 670.844964][T26985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 670.849082][T26985] Call Trace: [ 670.850319][T26985] [ 670.851413][T26985] dump_stack_lvl+0x125/0x1b0 [ 670.853176][T26985] should_fail_ex+0x496/0x5b0 13:17:36 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x9, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:36 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x2000000, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 670.854947][T26985] should_failslab+0x9/0x20 [ 670.856739][T26985] kmem_cache_alloc+0x33a/0x3b0 [ 670.858567][T26985] ? rcu_is_watching+0x12/0xb0 [ 670.860353][T26985] __kernfs_new_node+0xd3/0x8a0 [ 670.862153][T26985] ? kernfs_path_from_node+0x60/0x60 [ 670.864087][T26985] ? lock_acquire+0x464/0x510 [ 670.865818][T26985] ? kernfs_link_sibling+0x3f5/0x540 [ 670.866488][T26998] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 670.867710][T26985] ? rcu_is_watching+0x12/0xb0 [ 670.867722][T26985] ? lock_release+0x4bf/0x680 [ 670.874199][T26985] ? kernfs_add_one+0x3ca/0x510 [ 670.875934][T26985] ? reacquire_held_locks+0x4b0/0x4b0 [ 670.877872][T26985] ? down_write+0x14f/0x200 [ 670.879513][T26985] kernfs_create_dir_ns+0x9a/0x210 [ 670.881386][T26985] internal_create_group+0x780/0xb40 [ 670.883282][T26985] ? kernfs_add_one+0x17f/0x510 [ 670.885055][T26985] ? sysfs_remove_group+0x170/0x170 [ 670.886921][T26985] ? panel_show+0xf0/0xf0 [ 670.888498][T26985] ? bus_to_subsys+0x129/0x160 [ 670.890248][T26985] dpm_sysfs_add+0x7c/0x280 [ 670.891899][T26985] device_add+0x9e7/0x1ac0 [ 670.893532][T26985] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 670.895976][T26985] ? lockdep_init_map_type+0x16d/0x7c0 [ 670.897933][T26985] nfc_register_device+0x41/0x3c0 [ 670.899753][T26985] nci_register_device+0x7f4/0xb80 [ 670.901628][T26985] ? nci_init_complete_req+0x410/0x410 [ 670.903578][T26985] ? lockdep_init_map_type+0x16d/0x7c0 [ 670.905542][T26985] virtual_ncidev_open+0x147/0x220 [ 670.907417][T26985] ? virtual_ncidev_read+0x4e0/0x4e0 [ 670.909346][T26985] misc_open+0x3da/0x4c0 [ 670.910891][T26985] ? misc_devnode+0x120/0x120 [ 670.912625][T26985] chrdev_open+0x277/0x700 [ 670.914264][T26985] ? __unregister_chrdev+0x100/0x100 [ 670.916134][T26985] ? fsnotify_perm.part.0+0x25d/0x630 [ 670.918110][T26985] ? fsnotify_perm.part.0+0x268/0x630 [ 670.920085][T26985] do_dentry_open+0x88b/0x1730 [ 670.921839][T26985] ? __unregister_chrdev+0x100/0x100 [ 670.923886][T26985] ? may_open+0x1f2/0x400 [ 670.925475][T26985] path_openat+0x19af/0x29c0 [ 670.927178][T26985] ? path_lookupat+0x770/0x770 [ 670.928927][T26985] do_filp_open+0x1de/0x430 [ 670.930593][T26985] ? may_open_dev+0xf0/0xf0 [ 670.932277][T26985] ? expand_files+0x442/0x910 [ 670.934003][T26985] ? _raw_spin_unlock+0x28/0x40 [ 670.935793][T26985] ? alloc_fd+0x2da/0x6c0 [ 670.937472][T26985] do_sys_openat2+0x176/0x1e0 [ 670.939223][T26985] ? build_open_flags+0x690/0x690 [ 670.941102][T26985] __ia32_compat_sys_openat+0x16e/0x200 [ 670.943148][T26985] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 670.945157][T26985] ? ksys_write+0x1a7/0x250 [ 670.946835][T26985] ? rcu_is_watching+0x12/0xb0 [ 670.948625][T26985] __do_fast_syscall_32+0x61/0xe0 [ 670.950462][T26985] do_fast_syscall_32+0x33/0x70 [ 670.952262][T26985] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 670.954566][T26985] RIP: 0023:0xf7fc8579 [ 670.956081][T26985] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 670.963033][T26985] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 670.966049][T26985] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 670.969221][T26985] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 670.972310][T26985] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 670.975200][T26985] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 670.978460][T26985] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 670.982063][T26985] 13:17:36 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0xf00, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:36 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0xf, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:36 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 47) 13:17:36 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x121f, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:36 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0xf0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 671.006289][T27007] FAULT_INJECTION: forcing a failure. [ 671.006289][T27007] name failslab, interval 1, probability 0, space 0, times 0 [ 671.010974][T27007] CPU: 0 PID: 27007 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 671.014694][T27007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 671.018408][T27007] Call Trace: 13:17:36 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x115, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 671.019650][T27007] [ 671.021041][T27007] dump_stack_lvl+0x125/0x1b0 13:17:36 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x1f12, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 671.022800][T27007] should_fail_ex+0x496/0x5b0 [ 671.024897][T27007] should_failslab+0x9/0x20 [ 671.026758][T27007] kmem_cache_alloc+0x33a/0x3b0 [ 671.028581][T27007] ? rcu_is_watching+0x12/0xb0 [ 671.030400][T27007] __kernfs_new_node+0xd3/0x8a0 [ 671.032296][T27007] ? kernfs_path_from_node+0x60/0x60 [ 671.034254][T27007] ? lock_acquire+0x464/0x510 [ 671.036044][T27007] ? kernfs_link_sibling+0x3f5/0x540 [ 671.038016][T27007] ? rcu_is_watching+0x12/0xb0 [ 671.039814][T27007] ? lock_release+0x4bf/0x680 [ 671.041849][T27007] ? kernfs_add_one+0x3ca/0x510 [ 671.043798][T27007] ? reacquire_held_locks+0x4b0/0x4b0 [ 671.045984][T27007] ? down_write+0x14f/0x200 [ 671.047897][T27007] kernfs_create_dir_ns+0x9a/0x210 [ 671.050154][T27007] internal_create_group+0x780/0xb40 [ 671.052131][T27007] ? kernfs_add_one+0x17f/0x510 [ 671.053947][T27007] ? sysfs_remove_group+0x170/0x170 [ 671.055910][T27007] ? panel_show+0xf0/0xf0 [ 671.057678][T27007] ? bus_to_subsys+0x129/0x160 [ 671.059751][T27007] dpm_sysfs_add+0x7c/0x280 [ 671.061458][T27007] device_add+0x9e7/0x1ac0 [ 671.063119][T27007] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 671.065964][T27007] ? lockdep_init_map_type+0x16d/0x7c0 [ 671.068002][T27007] nfc_register_device+0x41/0x3c0 [ 671.069875][T27007] nci_register_device+0x7f4/0xb80 [ 671.071771][T27007] ? nci_init_complete_req+0x410/0x410 [ 671.073806][T27007] ? lockdep_init_map_type+0x16d/0x7c0 [ 671.075882][T27007] virtual_ncidev_open+0x147/0x220 [ 671.077781][T27007] ? virtual_ncidev_read+0x4e0/0x4e0 [ 671.079756][T27007] misc_open+0x3da/0x4c0 [ 671.081340][T27007] ? misc_devnode+0x120/0x120 [ 671.083094][T27007] chrdev_open+0x277/0x700 [ 671.084813][T27007] ? __unregister_chrdev+0x100/0x100 [ 671.086916][T27007] ? fsnotify_perm.part.0+0x25d/0x630 [ 671.088934][T27007] ? fsnotify_perm.part.0+0x268/0x630 [ 671.090918][T27007] do_dentry_open+0x88b/0x1730 [ 671.092708][T27007] ? __unregister_chrdev+0x100/0x100 [ 671.094662][T27007] ? may_open+0x1f2/0x400 [ 671.096266][T27007] path_openat+0x19af/0x29c0 [ 671.098071][T27007] ? path_lookupat+0x770/0x770 [ 671.099859][T27007] do_filp_open+0x1de/0x430 [ 671.101543][T27007] ? may_open_dev+0xf0/0xf0 [ 671.103224][T27007] ? expand_files+0x442/0x910 [ 671.105086][T27007] ? _raw_spin_unlock+0x28/0x40 [ 671.106969][T27007] ? alloc_fd+0x2da/0x6c0 [ 671.108581][T27007] do_sys_openat2+0x176/0x1e0 [ 671.110327][T27007] ? build_open_flags+0x690/0x690 [ 671.112195][T27007] __ia32_compat_sys_openat+0x16e/0x200 [ 671.114231][T27007] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 671.116346][T27007] ? ksys_write+0x1a7/0x250 [ 671.118031][T27007] ? rcu_is_watching+0x12/0xb0 [ 671.119810][T27007] __do_fast_syscall_32+0x61/0xe0 [ 671.121691][T27007] do_fast_syscall_32+0x33/0x70 [ 671.123491][T27007] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 671.126030][T27007] RIP: 0023:0xf7fc8579 [ 671.127540][T27007] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 671.134611][T27007] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 671.137749][T27007] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 671.140666][T27007] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 671.143558][T27007] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 671.146647][T27007] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 671.149566][T27007] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 671.152484][T27007] 13:17:36 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x3000000, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:36 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x300, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:36 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x3f00, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:36 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 48) [ 671.179656][T27025] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 671.180974][T27026] FAULT_INJECTION: forcing a failure. [ 671.180974][T27026] name failslab, interval 1, probability 0, space 0, times 0 13:17:36 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0xf000, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:36 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x500, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 671.187908][T27026] CPU: 2 PID: 27026 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 13:17:36 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x4000000, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 671.191716][T27026] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 671.195567][T27026] Call Trace: [ 671.196735][T27026] [ 671.197829][T27026] dump_stack_lvl+0x125/0x1b0 13:17:36 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x600, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 671.199568][T27026] should_fail_ex+0x496/0x5b0 13:17:36 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x34000, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 671.201462][T27026] should_failslab+0x9/0x20 [ 671.203238][T27026] kmem_cache_alloc+0x33a/0x3b0 [ 671.205011][T27026] ? rcu_is_watching+0x12/0xb0 [ 671.206747][T27026] __kernfs_new_node+0xd3/0x8a0 [ 671.207585][T27035] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 671.208528][T27026] ? kernfs_path_from_node+0x60/0x60 [ 671.213475][T27026] ? lock_acquire+0x464/0x510 [ 671.215195][T27026] ? kernfs_link_sibling+0x3f5/0x540 [ 671.217126][T27026] ? rcu_is_watching+0x12/0xb0 [ 671.218866][T27026] ? lock_release+0x4bf/0x680 [ 671.220590][T27026] ? kernfs_add_one+0x3ca/0x510 [ 671.222379][T27026] ? reacquire_held_locks+0x4b0/0x4b0 [ 671.224330][T27026] ? down_write+0x14f/0x200 [ 671.225981][T27026] kernfs_create_dir_ns+0x9a/0x210 [ 671.227859][T27026] internal_create_group+0x780/0xb40 [ 671.229782][T27026] ? kernfs_add_one+0x17f/0x510 [ 671.231573][T27026] ? sysfs_remove_group+0x170/0x170 [ 671.233470][T27026] ? panel_show+0xf0/0xf0 [ 671.235060][T27026] ? bus_to_subsys+0x129/0x160 [ 671.236816][T27026] dpm_sysfs_add+0x7c/0x280 [ 671.238485][T27026] device_add+0x9e7/0x1ac0 [ 671.240141][T27026] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 671.242621][T27026] ? lockdep_init_map_type+0x16d/0x7c0 [ 671.244590][T27026] nfc_register_device+0x41/0x3c0 [ 671.246480][T27026] nci_register_device+0x7f4/0xb80 [ 671.248356][T27026] ? nci_init_complete_req+0x410/0x410 [ 671.250344][T27026] ? lockdep_init_map_type+0x16d/0x7c0 [ 671.252298][T27026] virtual_ncidev_open+0x147/0x220 [ 671.254155][T27026] ? virtual_ncidev_read+0x4e0/0x4e0 [ 671.256081][T27026] misc_open+0x3da/0x4c0 [ 671.257629][T27026] ? misc_devnode+0x120/0x120 [ 671.259339][T27026] chrdev_open+0x277/0x700 [ 671.260992][T27026] ? __unregister_chrdev+0x100/0x100 [ 671.262919][T27026] ? fsnotify_perm.part.0+0x25d/0x630 [ 671.264884][T27026] ? fsnotify_perm.part.0+0x268/0x630 [ 671.266837][T27026] do_dentry_open+0x88b/0x1730 [ 671.268588][T27026] ? __unregister_chrdev+0x100/0x100 [ 671.270517][T27026] ? may_open+0x1f2/0x400 [ 671.272099][T27026] path_openat+0x19af/0x29c0 [ 671.273788][T27026] ? path_lookupat+0x770/0x770 [ 671.275531][T27026] do_filp_open+0x1de/0x430 [ 671.277195][T27026] ? may_open_dev+0xf0/0xf0 [ 671.278841][T27026] ? expand_files+0x442/0x910 [ 671.280566][T27026] ? _raw_spin_unlock+0x28/0x40 [ 671.282334][T27026] ? alloc_fd+0x2da/0x6c0 [ 671.283911][T27026] do_sys_openat2+0x176/0x1e0 [ 671.285621][T27026] ? build_open_flags+0x690/0x690 [ 671.287446][T27026] __ia32_compat_sys_openat+0x16e/0x200 [ 671.289512][T27026] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 671.291483][T27026] ? ksys_write+0x1a7/0x250 [ 671.293161][T27026] ? rcu_is_watching+0x12/0xb0 [ 671.294973][T27026] __do_fast_syscall_32+0x61/0xe0 [ 671.296912][T27026] do_fast_syscall_32+0x33/0x70 [ 671.298673][T27026] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 671.300951][T27026] RIP: 0023:0xf7fc8579 [ 671.302433][T27026] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 671.309493][T27026] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 671.312771][T27026] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 671.315633][T27026] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 671.318500][T27026] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 671.321369][T27026] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 671.324249][T27026] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 671.327116][T27026] 13:17:36 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 49) 13:17:36 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x700, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 671.348990][T27044] FAULT_INJECTION: forcing a failure. 13:17:36 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x400300, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 671.348990][T27044] name failslab, interval 1, probability 0, space 0, times 0 [ 671.353998][T27044] CPU: 1 PID: 27044 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 671.357896][T27044] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 671.361631][T27044] Call Trace: [ 671.362868][T27044] [ 671.363972][T27044] dump_stack_lvl+0x125/0x1b0 13:17:36 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x900, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 671.365906][T27044] should_fail_ex+0x496/0x5b0 [ 671.367856][T27044] should_failslab+0x9/0x20 13:17:36 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0xf0ffff, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 671.369549][T27044] kmem_cache_alloc+0x33a/0x3b0 [ 671.371551][T27044] ? lock_acquire+0x464/0x510 [ 671.373303][T27044] __kernfs_new_node+0xd3/0x8a0 [ 671.375100][T27044] ? kernfs_add_one+0x3ca/0x510 [ 671.376897][T27044] ? kernfs_path_from_node+0x60/0x60 [ 671.378845][T27044] ? down_write+0x14f/0x200 [ 671.380564][T27044] ? down_write+0x14f/0x200 [ 671.382261][T27044] ? up_write+0x1b3/0x510 [ 671.383870][T27044] kernfs_new_node+0x94/0x110 [ 671.385816][T27044] __kernfs_create_file+0x53/0x340 [ 671.387711][T27044] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 671.389706][T27044] sysfs_merge_group+0x1b1/0x330 [ 671.391534][T27044] ? sysfs_update_groups+0x30/0x30 [ 671.393437][T27044] ? panel_show+0xf0/0xf0 [ 671.395038][T27044] ? bus_to_subsys+0x129/0x160 [ 671.396814][T27044] dpm_sysfs_add+0x22f/0x280 [ 671.398526][T27044] device_add+0x9e7/0x1ac0 [ 671.400202][T27044] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 671.402696][T27044] ? lockdep_init_map_type+0x16d/0x7c0 [ 671.404864][T27044] nfc_register_device+0x41/0x3c0 [ 671.406859][T27044] nci_register_device+0x7f4/0xb80 [ 671.408771][T27044] ? nci_init_complete_req+0x410/0x410 [ 671.410788][T27044] ? lockdep_init_map_type+0x16d/0x7c0 [ 671.412951][T27044] virtual_ncidev_open+0x147/0x220 [ 671.415062][T27044] ? virtual_ncidev_read+0x4e0/0x4e0 [ 671.417031][T27044] misc_open+0x3da/0x4c0 [ 671.418607][T27044] ? misc_devnode+0x120/0x120 [ 671.420372][T27044] chrdev_open+0x277/0x700 [ 671.422033][T27044] ? __unregister_chrdev+0x100/0x100 [ 671.424000][T27044] ? fsnotify_perm.part.0+0x25d/0x630 [ 671.426170][T27044] ? fsnotify_perm.part.0+0x268/0x630 [ 671.428168][T27044] do_dentry_open+0x88b/0x1730 [ 671.429949][T27044] ? __unregister_chrdev+0x100/0x100 [ 671.431907][T27044] ? may_open+0x1f2/0x400 [ 671.433510][T27044] path_openat+0x19af/0x29c0 [ 671.435407][T27044] ? path_lookupat+0x770/0x770 [ 671.437362][T27044] do_filp_open+0x1de/0x430 [ 671.439049][T27044] ? may_open_dev+0xf0/0xf0 [ 671.440758][T27044] ? expand_files+0x442/0x910 [ 671.442493][T27044] ? _raw_spin_unlock+0x28/0x40 [ 671.444308][T27044] ? alloc_fd+0x2da/0x6c0 [ 671.446090][T27044] do_sys_openat2+0x176/0x1e0 [ 671.447851][T27044] ? build_open_flags+0x690/0x690 [ 671.449711][T27044] __ia32_compat_sys_openat+0x16e/0x200 [ 671.451754][T27044] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 671.453777][T27044] ? ksys_write+0x1a7/0x250 [ 671.455468][T27044] ? rcu_is_watching+0x12/0xb0 [ 671.457256][T27044] __do_fast_syscall_32+0x61/0xe0 [ 671.459125][T27044] do_fast_syscall_32+0x33/0x70 [ 671.460952][T27044] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 671.463282][T27044] RIP: 0023:0xf7fc8579 [ 671.464865][T27044] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 671.472045][T27044] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 671.475087][T27044] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 671.477991][T27044] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 671.480906][T27044] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 671.483796][T27044] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 671.486881][T27044] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 671.489775][T27044] 13:17:37 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x5000000, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:37 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0xf00, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:37 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x1000000, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:37 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 50) [ 671.519013][T27057] FAULT_INJECTION: forcing a failure. [ 671.519013][T27057] name failslab, interval 1, probability 0, space 0, times 0 [ 671.523877][T27057] CPU: 1 PID: 27057 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 671.524795][T27066] netlink: 'syz-executor.3': attribute type 11 has an invalid length. 13:17:37 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x1501, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:37 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x2000000, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 671.527667][T27057] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 671.527677][T27057] Call Trace: [ 671.527681][T27057] [ 671.527685][T27057] dump_stack_lvl+0x125/0x1b0 [ 671.527706][T27057] should_fail_ex+0x496/0x5b0 [ 671.540461][T27057] should_failslab+0x9/0x20 [ 671.542141][T27057] kmem_cache_alloc+0x33a/0x3b0 13:17:37 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x3000000, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 671.543923][T27057] ? lock_acquire+0x464/0x510 [ 671.546208][T27057] __kernfs_new_node+0xd3/0x8a0 [ 671.548056][T27057] ? kernfs_add_one+0x3ca/0x510 13:17:37 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x6000000, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 671.549895][T27057] ? kernfs_path_from_node+0x60/0x60 13:17:37 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x3f00, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 671.552086][T27057] ? down_write+0x14f/0x200 [ 671.554006][T27057] ? down_write+0x14f/0x200 [ 671.555727][T27057] ? up_write+0x1b3/0x510 [ 671.557355][T27057] kernfs_new_node+0x94/0x110 [ 671.558862][T27073] netlink: 'syz-executor.3': attribute type 11 has an invalid length. 13:17:37 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x4000000, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 671.559129][T27057] __kernfs_create_file+0x53/0x340 [ 671.565248][T27057] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 671.567635][T27057] sysfs_merge_group+0x1b1/0x330 [ 671.569834][T27057] ? sysfs_update_groups+0x30/0x30 [ 671.572161][T27057] ? panel_show+0xf0/0xf0 [ 671.574100][T27057] ? bus_to_subsys+0x129/0x160 [ 671.576268][T27057] dpm_sysfs_add+0x22f/0x280 [ 671.578129][T27057] device_add+0x9e7/0x1ac0 [ 671.579778][T27057] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 671.582280][T27057] ? lockdep_init_map_type+0x16d/0x7c0 [ 671.584534][T27057] nfc_register_device+0x41/0x3c0 [ 671.586806][T27057] nci_register_device+0x7f4/0xb80 [ 671.588740][T27057] ? nci_init_complete_req+0x410/0x410 [ 671.590737][T27057] ? lockdep_init_map_type+0x16d/0x7c0 [ 671.592754][T27057] virtual_ncidev_open+0x147/0x220 [ 671.594624][T27057] ? virtual_ncidev_read+0x4e0/0x4e0 [ 671.596619][T27057] misc_open+0x3da/0x4c0 [ 671.598322][T27057] ? misc_devnode+0x120/0x120 [ 671.600099][T27057] chrdev_open+0x277/0x700 [ 671.601759][T27057] ? __unregister_chrdev+0x100/0x100 [ 671.603745][T27057] ? fsnotify_perm.part.0+0x25d/0x630 [ 671.605734][T27057] ? fsnotify_perm.part.0+0x268/0x630 [ 671.607854][T27057] do_dentry_open+0x88b/0x1730 [ 671.609557][T27057] ? __unregister_chrdev+0x100/0x100 [ 671.611657][T27057] ? may_open+0x1f2/0x400 [ 671.613304][T27057] path_openat+0x19af/0x29c0 [ 671.615058][T27057] ? path_lookupat+0x770/0x770 [ 671.616904][T27057] do_filp_open+0x1de/0x430 [ 671.618581][T27057] ? may_open_dev+0xf0/0xf0 [ 671.620345][T27057] ? expand_files+0x442/0x910 [ 671.622116][T27057] ? _raw_spin_unlock+0x28/0x40 [ 671.623956][T27057] ? alloc_fd+0x2da/0x6c0 [ 671.625587][T27057] do_sys_openat2+0x176/0x1e0 [ 671.627395][T27057] ? build_open_flags+0x690/0x690 [ 671.629319][T27057] __ia32_compat_sys_openat+0x16e/0x200 [ 671.631389][T27057] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 671.633512][T27057] ? ksys_write+0x1a7/0x250 [ 671.635421][T27057] ? rcu_is_watching+0x12/0xb0 [ 671.637426][T27057] __do_fast_syscall_32+0x61/0xe0 [ 671.639360][T27057] do_fast_syscall_32+0x33/0x70 [ 671.641255][T27057] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 671.643652][T27057] RIP: 0023:0xf7fc8579 [ 671.645224][T27057] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 671.652566][T27057] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 671.655678][T27057] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 671.658720][T27057] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 671.661919][T27057] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 671.665446][T27057] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 671.668517][T27057] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 671.671481][T27057] 13:17:37 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 51) 13:17:37 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0xf000, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:37 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x5000000, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 671.695631][T27084] FAULT_INJECTION: forcing a failure. [ 671.695631][T27084] name failslab, interval 1, probability 0, space 0, times 0 [ 671.700927][T27084] CPU: 0 PID: 27084 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 671.704631][T27084] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 671.708401][T27084] Call Trace: [ 671.709642][T27084] [ 671.710738][T27084] dump_stack_lvl+0x125/0x1b0 [ 671.712503][T27084] should_fail_ex+0x496/0x5b0 13:17:37 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x34000, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:37 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x6000000, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 671.714246][T27084] should_failslab+0x9/0x20 [ 671.716281][T27084] kmem_cache_alloc+0x33a/0x3b0 [ 671.718118][T27084] ? lock_acquire+0x464/0x510 [ 671.719882][T27084] __kernfs_new_node+0xd3/0x8a0 [ 671.721687][T27084] ? kernfs_add_one+0x3ca/0x510 [ 671.723479][T27084] ? kernfs_path_from_node+0x60/0x60 [ 671.725428][T27084] ? down_write+0x14f/0x200 [ 671.727135][T27084] ? down_write+0x14f/0x200 [ 671.728845][T27084] ? up_write+0x1b3/0x510 [ 671.730433][T27084] kernfs_new_node+0x94/0x110 [ 671.732168][T27084] __kernfs_create_file+0x53/0x340 [ 671.734042][T27084] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 671.736220][T27084] sysfs_merge_group+0x1b1/0x330 [ 671.738066][T27084] ? sysfs_update_groups+0x30/0x30 [ 671.739959][T27084] ? panel_show+0xf0/0xf0 [ 671.741548][T27084] ? bus_to_subsys+0x129/0x160 [ 671.743309][T27084] dpm_sysfs_add+0x22f/0x280 [ 671.745020][T27084] device_add+0x9e7/0x1ac0 [ 671.746695][T27084] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 671.749180][T27084] ? lockdep_init_map_type+0x16d/0x7c0 [ 671.751180][T27084] nfc_register_device+0x41/0x3c0 [ 671.753046][T27084] nci_register_device+0x7f4/0xb80 [ 671.755025][T27084] ? nci_init_complete_req+0x410/0x410 [ 671.757213][T27084] ? lockdep_init_map_type+0x16d/0x7c0 [ 671.759229][T27084] virtual_ncidev_open+0x147/0x220 [ 671.761133][T27084] ? virtual_ncidev_read+0x4e0/0x4e0 [ 671.763053][T27084] misc_open+0x3da/0x4c0 [ 671.764631][T27084] ? misc_devnode+0x120/0x120 [ 671.766391][T27084] chrdev_open+0x277/0x700 [ 671.768046][T27084] ? __unregister_chrdev+0x100/0x100 [ 671.769981][T27084] ? fsnotify_perm.part.0+0x25d/0x630 [ 671.771931][T27084] ? fsnotify_perm.part.0+0x268/0x630 [ 671.773920][T27084] do_dentry_open+0x88b/0x1730 [ 671.775701][T27084] ? __unregister_chrdev+0x100/0x100 [ 671.777660][T27084] ? may_open+0x1f2/0x400 [ 671.779266][T27084] path_openat+0x19af/0x29c0 [ 671.781002][T27084] ? path_lookupat+0x770/0x770 [ 671.782779][T27084] do_filp_open+0x1de/0x430 [ 671.784462][T27084] ? may_open_dev+0xf0/0xf0 [ 671.786152][T27084] ? expand_files+0x442/0x910 [ 671.787925][T27084] ? _raw_spin_unlock+0x28/0x40 [ 671.789719][T27084] ? alloc_fd+0x2da/0x6c0 [ 671.791320][T27084] do_sys_openat2+0x176/0x1e0 [ 671.793066][T27084] ? build_open_flags+0x690/0x690 [ 671.794976][T27084] __ia32_compat_sys_openat+0x16e/0x200 [ 671.797042][T27084] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 671.799056][T27084] ? ksys_write+0x1a7/0x250 [ 671.800758][T27084] ? rcu_is_watching+0x12/0xb0 [ 671.802517][T27084] __do_fast_syscall_32+0x61/0xe0 [ 671.804367][T27084] do_fast_syscall_32+0x33/0x70 [ 671.806167][T27084] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 671.808524][T27084] RIP: 0023:0xf7fc8579 [ 671.810024][T27084] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 671.817003][T27084] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 671.820067][T27084] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 671.822938][T27084] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 671.825834][T27084] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 671.828739][T27084] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 671.831604][T27084] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 671.834479][T27084] 13:17:37 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x7000000, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:37 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x7000000, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:37 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 52) 13:17:37 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x400300, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 671.887264][T27100] FAULT_INJECTION: forcing a failure. 13:17:37 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0xf0ffff, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 671.887264][T27100] name failslab, interval 1, probability 0, space 0, times 0 [ 671.893041][T27100] CPU: 1 PID: 27100 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 671.896834][T27100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 13:17:37 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x9000000, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 671.900569][T27100] Call Trace: 13:17:37 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x8000000, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 671.902051][T27100] [ 671.903260][T27100] dump_stack_lvl+0x125/0x1b0 [ 671.905057][T27100] should_fail_ex+0x496/0x5b0 [ 671.906818][T27100] should_failslab+0x9/0x20 13:17:37 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x1000000, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 671.908524][T27100] kmem_cache_alloc+0x33a/0x3b0 [ 671.910406][T27100] ? lock_acquire+0x464/0x510 [ 671.912162][T27100] __kernfs_new_node+0xd3/0x8a0 13:17:37 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0xf000000, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 671.913968][T27100] ? kernfs_add_one+0x3ca/0x510 [ 671.915929][T27100] ? kernfs_path_from_node+0x60/0x60 [ 671.917894][T27100] ? down_write+0x14f/0x200 [ 671.919570][T27100] ? down_write+0x14f/0x200 [ 671.921276][T27100] ? up_write+0x1b3/0x510 [ 671.922877][T27100] kernfs_new_node+0x94/0x110 [ 671.924633][T27100] __kernfs_create_file+0x53/0x340 [ 671.926526][T27100] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 671.928514][T27100] sysfs_merge_group+0x1b1/0x330 [ 671.930355][T27100] ? sysfs_update_groups+0x30/0x30 [ 671.932265][T27100] ? panel_show+0xf0/0xf0 [ 671.933869][T27100] ? bus_to_subsys+0x129/0x160 [ 671.935640][T27100] dpm_sysfs_add+0x22f/0x280 [ 671.937394][T27100] device_add+0x9e7/0x1ac0 [ 671.939053][T27100] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 671.941600][T27100] ? lockdep_init_map_type+0x16d/0x7c0 [ 671.943616][T27100] nfc_register_device+0x41/0x3c0 [ 671.945498][T27100] nci_register_device+0x7f4/0xb80 [ 671.947394][T27100] ? nci_init_complete_req+0x410/0x410 [ 671.949414][T27100] ? lockdep_init_map_type+0x16d/0x7c0 [ 671.951440][T27100] virtual_ncidev_open+0x147/0x220 [ 671.953359][T27100] ? virtual_ncidev_read+0x4e0/0x4e0 [ 671.955314][T27100] misc_open+0x3da/0x4c0 [ 671.956899][T27100] ? misc_devnode+0x120/0x120 [ 671.958653][T27100] chrdev_open+0x277/0x700 [ 671.960340][T27100] ? __unregister_chrdev+0x100/0x100 [ 671.962302][T27100] ? fsnotify_perm.part.0+0x25d/0x630 [ 671.964294][T27100] ? fsnotify_perm.part.0+0x268/0x630 [ 671.966287][T27100] do_dentry_open+0x88b/0x1730 [ 671.968092][T27100] ? __unregister_chrdev+0x100/0x100 [ 671.970040][T27100] ? may_open+0x1f2/0x400 [ 671.971648][T27100] path_openat+0x19af/0x29c0 [ 671.973384][T27100] ? path_lookupat+0x770/0x770 [ 671.975173][T27100] do_filp_open+0x1de/0x430 [ 671.976914][T27100] ? may_open_dev+0xf0/0xf0 [ 671.978591][T27100] ? expand_files+0x442/0x910 [ 671.980373][T27100] ? _raw_spin_unlock+0x28/0x40 [ 671.982166][T27100] ? alloc_fd+0x2da/0x6c0 [ 671.983763][T27100] do_sys_openat2+0x176/0x1e0 [ 671.985521][T27100] ? build_open_flags+0x690/0x690 [ 671.987383][T27100] __ia32_compat_sys_openat+0x16e/0x200 [ 671.989435][T27100] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 671.991427][T27100] ? ksys_write+0x1a7/0x250 [ 671.993129][T27100] ? rcu_is_watching+0x12/0xb0 [ 671.994892][T27100] __do_fast_syscall_32+0x61/0xe0 [ 671.996775][T27100] do_fast_syscall_32+0x33/0x70 [ 671.998581][T27100] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 672.000924][T27100] RIP: 0023:0xf7fc8579 [ 672.002445][T27100] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 672.009509][T27100] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 672.012562][T27100] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 672.015454][T27100] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 672.018379][T27100] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 672.021314][T27100] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 672.024224][T27100] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 672.027181][T27100] 13:17:37 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 53) 13:17:37 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x1150000, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:37 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x1f120000, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 672.049289][T27121] FAULT_INJECTION: forcing a failure. [ 672.049289][T27121] name failslab, interval 1, probability 0, space 0, times 0 [ 672.054547][T27121] CPU: 2 PID: 27121 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 672.058298][T27121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 672.062039][T27121] Call Trace: [ 672.063281][T27121] [ 672.064391][T27121] dump_stack_lvl+0x125/0x1b0 13:17:37 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x2000000, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:37 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x3f000000, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 672.066167][T27121] should_fail_ex+0x496/0x5b0 [ 672.068213][T27121] should_failslab+0x9/0x20 [ 672.069897][T27121] __kmem_cache_alloc_node+0x2fd/0x350 [ 672.071910][T27121] ? kobject_get_path+0xce/0x2b0 [ 672.073729][T27121] ? kobject_get_path+0xce/0x2b0 [ 672.075559][T27121] __kmalloc+0x4f/0x100 [ 672.077215][T27121] kobject_get_path+0xce/0x2b0 [ 672.078961][T27121] kobject_uevent_env+0x26b/0x1800 [ 672.080877][T27121] ? bus_to_subsys+0x129/0x160 [ 672.082679][T27121] device_add+0x1117/0x1ac0 [ 672.084392][T27121] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 672.086905][T27121] ? lockdep_init_map_type+0x16d/0x7c0 [ 672.088946][T27121] nfc_register_device+0x41/0x3c0 [ 672.090823][T27121] nci_register_device+0x7f4/0xb80 [ 672.092757][T27121] ? nci_init_complete_req+0x410/0x410 [ 672.094861][T27121] ? lockdep_init_map_type+0x16d/0x7c0 [ 672.096908][T27121] virtual_ncidev_open+0x147/0x220 [ 672.098817][T27121] ? virtual_ncidev_read+0x4e0/0x4e0 [ 672.100803][T27121] misc_open+0x3da/0x4c0 [ 672.102365][T27121] ? misc_devnode+0x120/0x120 [ 672.104129][T27121] chrdev_open+0x277/0x700 [ 672.105774][T27121] ? __unregister_chrdev+0x100/0x100 [ 672.107774][T27121] ? fsnotify_perm.part.0+0x25d/0x630 [ 672.109762][T27121] ? fsnotify_perm.part.0+0x268/0x630 [ 672.111719][T27121] do_dentry_open+0x88b/0x1730 [ 672.113508][T27121] ? __unregister_chrdev+0x100/0x100 [ 672.115465][T27121] ? may_open+0x1f2/0x400 [ 672.117076][T27121] path_openat+0x19af/0x29c0 [ 672.118800][T27121] ? path_lookupat+0x770/0x770 [ 672.120595][T27121] do_filp_open+0x1de/0x430 [ 672.122311][T27121] ? may_open_dev+0xf0/0xf0 [ 672.124006][T27121] ? expand_files+0x442/0x910 [ 672.125770][T27121] ? _raw_spin_unlock+0x28/0x40 [ 672.127572][T27121] ? alloc_fd+0x2da/0x6c0 [ 672.129204][T27121] do_sys_openat2+0x176/0x1e0 [ 672.130951][T27121] ? build_open_flags+0x690/0x690 [ 672.132983][T27121] __ia32_compat_sys_openat+0x16e/0x200 [ 672.135067][T27121] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 672.137089][T27121] ? ksys_write+0x1a7/0x250 [ 672.138751][T27121] ? rcu_is_watching+0x12/0xb0 [ 672.140571][T27121] __do_fast_syscall_32+0x61/0xe0 [ 672.142445][T27121] do_fast_syscall_32+0x33/0x70 [ 672.144241][T27121] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 672.146569][T27121] RIP: 0023:0xf7fc8579 [ 672.148112][T27121] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 672.155134][T27121] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 672.158189][T27121] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 672.161072][T27121] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 672.164015][T27121] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 672.166888][T27121] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 672.169768][T27121] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 672.173012][T27121] 13:17:37 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x9000000, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:37 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x9effffff, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:37 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x3000000, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:37 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 54) [ 672.208315][T27137] FAULT_INJECTION: forcing a failure. [ 672.208315][T27137] name failslab, interval 1, probability 0, space 0, times 0 13:17:37 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0xf0ffffff, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 672.213846][T27137] CPU: 1 PID: 27137 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 672.217775][T27137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 13:17:37 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x4000000, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 672.221473][T27137] Call Trace: [ 672.222887][T27137] [ 672.224005][T27137] dump_stack_lvl+0x125/0x1b0 [ 672.225752][T27137] should_fail_ex+0x496/0x5b0 [ 672.227536][T27137] should_failslab+0x9/0x20 13:17:37 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0xfffff000, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 672.229320][T27137] __kmem_cache_alloc_node+0x2fd/0x350 [ 672.231506][T27137] ? kobject_uevent_env+0x24c/0x1800 13:17:37 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x5000000, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 672.233468][T27137] ? bit_wait_timeout+0x160/0x160 [ 672.235440][T27137] ? dev_uevent_filter+0xc0/0xc0 [ 672.237355][T27137] kmalloc_trace+0x25/0xe0 [ 672.239006][T27137] kobject_uevent_env+0x24c/0x1800 [ 672.240927][T27137] ? bus_to_subsys+0x129/0x160 [ 672.242708][T27137] device_add+0x1117/0x1ac0 [ 672.244422][T27137] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 672.246995][T27137] ? lockdep_init_map_type+0x16d/0x7c0 [ 672.249056][T27137] nfc_register_device+0x41/0x3c0 [ 672.250927][T27137] nci_register_device+0x7f4/0xb80 [ 672.252843][T27137] ? nci_init_complete_req+0x410/0x410 [ 672.254845][T27137] ? lockdep_init_map_type+0x16d/0x7c0 [ 672.257036][T27137] virtual_ncidev_open+0x147/0x220 [ 672.258961][T27137] ? virtual_ncidev_read+0x4e0/0x4e0 [ 672.260925][T27137] misc_open+0x3da/0x4c0 [ 672.262495][T27137] ? misc_devnode+0x120/0x120 [ 672.264263][T27137] chrdev_open+0x277/0x700 [ 672.265918][T27137] ? __unregister_chrdev+0x100/0x100 [ 672.268009][T27137] ? fsnotify_perm.part.0+0x25d/0x630 [ 672.270003][T27137] ? fsnotify_perm.part.0+0x268/0x630 [ 672.272022][T27137] do_dentry_open+0x88b/0x1730 [ 672.273819][T27137] ? __unregister_chrdev+0x100/0x100 [ 672.275781][T27137] ? may_open+0x1f2/0x400 [ 672.277478][T27137] path_openat+0x19af/0x29c0 [ 672.279192][T27137] ? path_lookupat+0x770/0x770 [ 672.280999][T27137] do_filp_open+0x1de/0x430 [ 672.282709][T27137] ? may_open_dev+0xf0/0xf0 [ 672.284401][T27137] ? expand_files+0x442/0x910 [ 672.286153][T27137] ? _raw_spin_unlock+0x28/0x40 [ 672.288007][T27137] ? alloc_fd+0x2da/0x6c0 [ 672.289608][T27137] do_sys_openat2+0x176/0x1e0 [ 672.291355][T27137] ? build_open_flags+0x690/0x690 [ 672.293234][T27137] __ia32_compat_sys_openat+0x16e/0x200 [ 672.295265][T27137] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 672.297301][T27137] ? ksys_write+0x1a7/0x250 [ 672.298980][T27137] ? rcu_is_watching+0x12/0xb0 [ 672.300783][T27137] __do_fast_syscall_32+0x61/0xe0 [ 672.302649][T27137] do_fast_syscall_32+0x33/0x70 [ 672.304478][T27137] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 672.306835][T27137] RIP: 0023:0xf7fc8579 [ 672.308357][T27137] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 672.315441][T27137] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 672.318666][T27137] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 672.321603][T27137] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 672.324507][T27137] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 672.327418][T27137] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 672.330312][T27137] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 672.333284][T27137] 13:17:37 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0xffffff7f, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:37 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x6000000, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:37 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0xe000000, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:37 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 55) 13:17:37 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x7000000, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:37 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0xffffff9e, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:37 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0xf000000, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:37 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 56) 13:17:37 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0xfffffff0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:37 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x9000000, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 672.378621][T27173] FAULT_INJECTION: forcing a failure. [ 672.378621][T27173] name failslab, interval 1, probability 0, space 0, times 0 [ 672.383807][T27173] CPU: 2 PID: 27173 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 672.387506][T27173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 672.391148][T27173] Call Trace: [ 672.392685][T27173] [ 672.393932][T27173] dump_stack_lvl+0x125/0x1b0 [ 672.395660][T27173] should_fail_ex+0x496/0x5b0 [ 672.397433][T27173] should_failslab+0x9/0x20 [ 672.399093][T27173] kmem_cache_alloc+0x33a/0x3b0 [ 672.400908][T27173] skb_clone+0x171/0x3c0 [ 672.402469][T27173] netlink_broadcast_filtered+0xaf9/0xf00 [ 672.404549][T27173] ? sprintf+0xcd/0x100 [ 672.406072][T27173] ? netlink_connect+0x550/0x550 [ 672.407896][T27173] ? __kmalloc+0xe5/0x100 [ 672.409477][T27173] netlink_broadcast+0x39/0x50 [ 672.411473][T27173] kobject_uevent_env+0xbd2/0x1800 [ 672.413771][T27173] ? bus_to_subsys+0x129/0x160 [ 672.415909][T27173] device_add+0x1117/0x1ac0 [ 672.417945][T27173] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 672.420985][T27173] ? lockdep_init_map_type+0x16d/0x7c0 [ 672.423532][T27173] nfc_register_device+0x41/0x3c0 [ 672.425806][T27173] nci_register_device+0x7f4/0xb80 [ 672.428102][T27173] ? nci_init_complete_req+0x410/0x410 [ 672.430520][T27173] ? lockdep_init_map_type+0x16d/0x7c0 [ 672.432968][T27173] virtual_ncidev_open+0x147/0x220 [ 672.435249][T27173] ? virtual_ncidev_read+0x4e0/0x4e0 [ 672.437599][T27173] misc_open+0x3da/0x4c0 [ 672.439495][T27173] ? misc_devnode+0x120/0x120 [ 672.441483][T27173] chrdev_open+0x277/0x700 [ 672.443161][T27173] ? __unregister_chrdev+0x100/0x100 [ 672.445155][T27173] ? fsnotify_perm.part.0+0x25d/0x630 [ 672.447165][T27173] ? fsnotify_perm.part.0+0x268/0x630 [ 672.449197][T27173] do_dentry_open+0x88b/0x1730 [ 672.450988][T27173] ? __unregister_chrdev+0x100/0x100 [ 672.452989][T27173] ? may_open+0x1f2/0x400 [ 672.454598][T27173] path_openat+0x19af/0x29c0 [ 672.456366][T27173] ? path_lookupat+0x770/0x770 [ 672.458166][T27173] do_filp_open+0x1de/0x430 [ 672.459920][T27173] ? may_open_dev+0xf0/0xf0 [ 672.461653][T27173] ? expand_files+0x442/0x910 [ 672.463416][T27173] ? _raw_spin_unlock+0x28/0x40 [ 672.465261][T27173] ? alloc_fd+0x2da/0x6c0 [ 672.466868][T27173] do_sys_openat2+0x176/0x1e0 [ 672.468650][T27173] ? build_open_flags+0x690/0x690 [ 672.470510][T27173] __ia32_compat_sys_openat+0x16e/0x200 [ 672.472575][T27173] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 672.474598][T27173] ? ksys_write+0x1a7/0x250 [ 672.476292][T27173] ? rcu_is_watching+0x12/0xb0 [ 672.478092][T27173] __do_fast_syscall_32+0x61/0xe0 [ 672.480010][T27173] do_fast_syscall_32+0x33/0x70 [ 672.481816][T27173] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 672.484183][T27173] RIP: 0023:0xf7fc8579 [ 672.485728][T27173] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 672.492835][T27173] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 672.495905][T27173] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 672.498803][T27173] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 672.501844][T27173] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 672.505058][T27173] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 672.508525][T27173] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 672.512083][T27173] 13:17:38 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0xffffffff, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:38 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0xf000000, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:38 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 57) 13:17:38 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x3f000000, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 672.548712][T27189] FAULT_INJECTION: forcing a failure. [ 672.548712][T27189] name failslab, interval 1, probability 0, space 0, times 0 [ 672.553779][T27189] CPU: 0 PID: 27189 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 672.557456][T27189] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 672.561275][T27189] Call Trace: [ 672.562556][T27189] [ 672.563655][T27189] dump_stack_lvl+0x125/0x1b0 [ 672.565475][T27189] should_fail_ex+0x496/0x5b0 [ 672.567268][T27189] should_failslab+0x9/0x20 [ 672.568960][T27189] __kmem_cache_alloc_node+0x2fd/0x350 [ 672.570958][T27189] ? nfc_llcp_register_device+0x47/0x9d0 [ 672.573022][T27189] kmalloc_trace+0x25/0xe0 [ 672.574658][T27189] nfc_llcp_register_device+0x47/0x9d0 [ 672.576651][T27189] nfc_register_device+0x6d/0x3c0 [ 672.578532][T27189] nci_register_device+0x7f4/0xb80 [ 672.580441][T27189] ? nci_init_complete_req+0x410/0x410 [ 672.582466][T27189] ? lockdep_init_map_type+0x16d/0x7c0 [ 672.584480][T27189] virtual_ncidev_open+0x147/0x220 [ 672.586396][T27189] ? virtual_ncidev_read+0x4e0/0x4e0 [ 672.588363][T27189] misc_open+0x3da/0x4c0 [ 672.589924][T27189] ? misc_devnode+0x120/0x120 [ 672.591652][T27189] chrdev_open+0x277/0x700 [ 672.593308][T27189] ? __unregister_chrdev+0x100/0x100 [ 672.595258][T27189] ? fsnotify_perm.part.0+0x25d/0x630 [ 672.597258][T27189] ? fsnotify_perm.part.0+0x268/0x630 [ 672.599259][T27189] do_dentry_open+0x88b/0x1730 [ 672.601055][T27189] ? __unregister_chrdev+0x100/0x100 [ 672.603023][T27189] ? may_open+0x1f2/0x400 [ 672.604635][T27189] path_openat+0x19af/0x29c0 [ 672.606374][T27189] ? path_lookupat+0x770/0x770 [ 672.608181][T27189] do_filp_open+0x1de/0x430 [ 672.609852][T27189] ? may_open_dev+0xf0/0xf0 [ 672.611525][T27189] ? expand_files+0x442/0x910 [ 672.613308][T27189] ? _raw_spin_unlock+0x28/0x40 [ 672.615248][T27189] ? alloc_fd+0x2da/0x6c0 [ 672.616959][T27189] do_sys_openat2+0x176/0x1e0 [ 672.618721][T27189] ? build_open_flags+0x690/0x690 [ 672.620782][T27189] __ia32_compat_sys_openat+0x16e/0x200 [ 672.622869][T27189] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 672.624926][T27189] ? ksys_write+0x1a7/0x250 [ 672.626651][T27189] ? rcu_is_watching+0x12/0xb0 [ 672.628473][T27189] __do_fast_syscall_32+0x61/0xe0 [ 672.630374][T27189] do_fast_syscall_32+0x33/0x70 [ 672.632213][T27189] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 672.634582][T27189] RIP: 0023:0xf7fc8579 [ 672.636276][T27189] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 672.643853][T27189] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 672.647715][T27189] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 672.651373][T27189] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 672.654910][T27189] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 672.658042][T27189] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 672.661017][T27189] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 672.664086][T27189] [ 672.666801][T27189] nfc: nfc_register_device: Could not register llcp device [ 672.678134][T27188] llcp: nfc_llcp_remove_local: Shutting down device not found 13:17:38 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:38 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 58) 13:17:38 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x79a5f2f7, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:38 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x3f000000, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:38 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x2, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 672.702786][T27202] FAULT_INJECTION: forcing a failure. [ 672.702786][T27202] name failslab, interval 1, probability 0, space 0, times 0 [ 672.707479][T27202] CPU: 1 PID: 27202 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 13:17:38 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x9effffff, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 672.711140][T27202] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 672.714984][T27202] Call Trace: [ 672.716235][T27202] [ 672.717315][T27202] dump_stack_lvl+0x125/0x1b0 [ 672.719052][T27202] should_fail_ex+0x496/0x5b0 [ 672.720808][T27202] should_failslab+0x9/0x20 [ 672.722495][T27202] __kmem_cache_alloc_node+0x2fd/0x350 13:17:38 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x3, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 672.724486][T27202] ? nfc_llcp_register_device+0x47/0x9d0 [ 672.726682][T27202] kmalloc_trace+0x25/0xe0 [ 672.728333][T27202] nfc_llcp_register_device+0x47/0x9d0 [ 672.730306][T27202] nfc_register_device+0x6d/0x3c0 [ 672.732135][T27202] nci_register_device+0x7f4/0xb80 [ 672.733989][T27202] ? nci_init_complete_req+0x410/0x410 13:17:38 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0xf0ffffff, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 672.736001][T27202] ? lockdep_init_map_type+0x16d/0x7c0 [ 672.738156][T27202] virtual_ncidev_open+0x147/0x220 [ 672.740047][T27202] ? virtual_ncidev_read+0x4e0/0x4e0 [ 672.741974][T27202] misc_open+0x3da/0x4c0 [ 672.743521][T27202] ? misc_devnode+0x120/0x120 [ 672.745286][T27202] chrdev_open+0x277/0x700 13:17:38 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0xf7f2a579, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 672.746939][T27202] ? __unregister_chrdev+0x100/0x100 [ 672.748981][T27202] ? fsnotify_perm.part.0+0x25d/0x630 [ 672.751036][T27202] ? fsnotify_perm.part.0+0x268/0x630 [ 672.753034][T27202] do_dentry_open+0x88b/0x1730 [ 672.754809][T27202] ? __unregister_chrdev+0x100/0x100 [ 672.756771][T27202] ? may_open+0x1f2/0x400 [ 672.758375][T27202] path_openat+0x19af/0x29c0 [ 672.760095][T27202] ? path_lookupat+0x770/0x770 [ 672.761841][T27202] do_filp_open+0x1de/0x430 [ 672.763508][T27202] ? may_open_dev+0xf0/0xf0 [ 672.765172][T27202] ? expand_files+0x442/0x910 [ 672.766902][T27202] ? _raw_spin_unlock+0x28/0x40 [ 672.768737][T27202] ? alloc_fd+0x2da/0x6c0 [ 672.770336][T27202] do_sys_openat2+0x176/0x1e0 [ 672.772093][T27202] ? build_open_flags+0x690/0x690 [ 672.773953][T27202] __ia32_compat_sys_openat+0x16e/0x200 [ 672.776013][T27202] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 672.778024][T27202] ? ksys_write+0x1a7/0x250 [ 672.779716][T27202] ? rcu_is_watching+0x12/0xb0 [ 672.781502][T27202] __do_fast_syscall_32+0x61/0xe0 [ 672.783364][T27202] do_fast_syscall_32+0x33/0x70 [ 672.785179][T27202] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 672.787505][T27202] RIP: 0023:0xf7fc8579 [ 672.789032][T27202] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 672.796075][T27202] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 672.799111][T27202] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 672.802043][T27202] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 672.805110][T27202] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 672.808043][T27202] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 672.810924][T27202] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 672.813837][T27202] [ 672.821506][T27202] nfc: nfc_register_device: Could not register llcp device [ 672.828426][T27196] llcp: nfc_llcp_remove_local: Shutting down device not found 13:17:38 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 59) 13:17:38 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x4, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:38 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0xfffff000, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:38 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x44000000, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 672.849895][T27221] FAULT_INJECTION: forcing a failure. [ 672.849895][T27221] name failslab, interval 1, probability 0, space 0, times 0 [ 672.854596][T27221] CPU: 0 PID: 27221 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 672.858298][T27221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 13:17:38 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x5, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 672.861983][T27221] Call Trace: [ 672.863402][T27221] [ 672.864675][T27221] dump_stack_lvl+0x125/0x1b0 [ 672.866880][T27221] should_fail_ex+0x496/0x5b0 [ 672.869086][T27221] should_failslab+0x9/0x20 [ 672.871233][T27221] kmem_cache_alloc+0x33a/0x3b0 [ 672.873525][T27221] skb_clone+0x171/0x3c0 [ 672.875535][T27221] netlink_broadcast_filtered+0xaf9/0xf00 [ 672.878202][T27221] ? sprintf+0xcd/0x100 [ 672.880142][T27221] ? netlink_connect+0x550/0x550 [ 672.882436][T27221] ? __kmalloc+0xe5/0x100 [ 672.884458][T27221] netlink_broadcast+0x39/0x50 [ 672.886693][T27221] kobject_uevent_env+0xbd2/0x1800 [ 672.889079][T27221] ? bus_to_subsys+0x129/0x160 [ 672.891284][T27221] device_add+0x1117/0x1ac0 [ 672.893426][T27221] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 672.896614][T27221] ? lockdep_init_map_type+0x16d/0x7c0 [ 672.899151][T27221] nfc_register_device+0x41/0x3c0 [ 672.901552][T27221] nci_register_device+0x7f4/0xb80 [ 672.903855][T27221] ? nci_init_complete_req+0x410/0x410 [ 672.906008][T27221] ? lockdep_init_map_type+0x16d/0x7c0 [ 672.908557][T27221] virtual_ncidev_open+0x147/0x220 [ 672.910937][T27221] ? virtual_ncidev_read+0x4e0/0x4e0 [ 672.913408][T27221] misc_open+0x3da/0x4c0 [ 672.915375][T27221] ? misc_devnode+0x120/0x120 [ 672.917552][T27221] chrdev_open+0x277/0x700 [ 672.919622][T27221] ? __unregister_chrdev+0x100/0x100 [ 672.922055][T27221] ? fsnotify_perm.part.0+0x25d/0x630 [ 672.924522][T27221] ? fsnotify_perm.part.0+0x268/0x630 [ 672.926969][T27221] do_dentry_open+0x88b/0x1730 [ 672.929174][T27221] ? __unregister_chrdev+0x100/0x100 [ 672.931594][T27221] ? may_open+0x1f2/0x400 [ 672.933622][T27221] path_openat+0x19af/0x29c0 [ 672.935740][T27221] ? path_lookupat+0x770/0x770 [ 672.937976][T27221] do_filp_open+0x1de/0x430 [ 672.940114][T27221] ? may_open_dev+0xf0/0xf0 [ 672.942214][T27221] ? expand_files+0x442/0x910 [ 672.944379][T27221] ? _raw_spin_unlock+0x28/0x40 [ 672.946598][T27221] ? alloc_fd+0x2da/0x6c0 [ 672.948520][T27221] do_sys_openat2+0x176/0x1e0 [ 672.950633][T27221] ? build_open_flags+0x690/0x690 [ 672.952962][T27221] __ia32_compat_sys_openat+0x16e/0x200 [ 672.955383][T27221] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 672.957821][T27221] ? ksys_write+0x1a7/0x250 [ 672.959940][T27221] ? rcu_is_watching+0x12/0xb0 [ 672.962118][T27221] __do_fast_syscall_32+0x61/0xe0 [ 672.964350][T27221] do_fast_syscall_32+0x33/0x70 [ 672.966520][T27221] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 672.969312][T27221] RIP: 0023:0xf7fc8579 [ 672.971075][T27221] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 672.978445][T27221] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 672.981484][T27221] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 672.984343][T27221] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 672.987215][T27221] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 672.990086][T27221] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 672.993036][T27221] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 672.995920][T27221] 13:17:38 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0xffffff7f, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:38 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x551dec8b, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:38 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 60) 13:17:38 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x6, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:38 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0xffffff9e, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:38 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x7, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:38 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x58000000, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 673.060557][T27239] FAULT_INJECTION: forcing a failure. [ 673.060557][T27239] name failslab, interval 1, probability 0, space 0, times 0 [ 673.066856][T27239] CPU: 1 PID: 27239 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 673.070629][T27239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 673.074383][T27239] Call Trace: [ 673.075646][T27239] 13:17:38 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x9, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 673.076883][T27239] dump_stack_lvl+0x125/0x1b0 [ 673.078744][T27239] should_fail_ex+0x496/0x5b0 [ 673.080561][T27239] should_failslab+0x9/0x20 [ 673.082263][T27239] __kmem_cache_alloc_node+0x2fd/0x350 [ 673.084330][T27239] ? nfc_llcp_build_tlv+0xfd/0x230 [ 673.086538][T27239] ? kasan_set_track+0x25/0x30 [ 673.088403][T27239] ? nfc_llcp_build_tlv+0xfd/0x230 [ 673.090310][T27239] __kmalloc+0x4f/0x100 [ 673.091877][T27239] nfc_llcp_build_tlv+0xfd/0x230 [ 673.093704][T27239] nfc_llcp_build_gb.isra.0+0x165/0x410 [ 673.095755][T27239] ? rcu_is_watching+0x12/0xb0 [ 673.097785][T27239] ? lock_release+0x4bf/0x680 [ 673.099986][T27239] ? nfc_llcp_reserve_sdp_ssap+0x120/0x120 [ 673.102647][T27239] ? reacquire_held_locks+0x4b0/0x4b0 [ 673.105141][T27239] ? lockdep_init_map_type+0x16d/0x7c0 [ 673.107624][T27239] nfc_llcp_register_device+0x5c5/0x9d0 [ 673.110179][T27239] nfc_register_device+0x6d/0x3c0 [ 673.112239][T27239] nci_register_device+0x7f4/0xb80 [ 673.114611][T27239] ? nci_init_complete_req+0x410/0x410 [ 673.117122][T27239] ? lockdep_init_map_type+0x16d/0x7c0 [ 673.119669][T27239] virtual_ncidev_open+0x147/0x220 [ 673.121735][T27239] ? virtual_ncidev_read+0x4e0/0x4e0 [ 673.123686][T27239] misc_open+0x3da/0x4c0 [ 673.125410][T27239] ? misc_devnode+0x120/0x120 [ 673.127480][T27239] chrdev_open+0x277/0x700 [ 673.129540][T27239] ? __unregister_chrdev+0x100/0x100 [ 673.131869][T27239] ? fsnotify_perm.part.0+0x25d/0x630 [ 673.133853][T27239] ? fsnotify_perm.part.0+0x268/0x630 [ 673.135848][T27239] do_dentry_open+0x88b/0x1730 [ 673.137631][T27239] ? __unregister_chrdev+0x100/0x100 [ 673.139581][T27239] ? may_open+0x1f2/0x400 [ 673.141219][T27239] path_openat+0x19af/0x29c0 [ 673.142910][T27239] ? path_lookupat+0x770/0x770 [ 673.144688][T27239] do_filp_open+0x1de/0x430 [ 673.146377][T27239] ? may_open_dev+0xf0/0xf0 [ 673.148071][T27239] ? expand_files+0x442/0x910 [ 673.149807][T27239] ? _raw_spin_unlock+0x28/0x40 [ 673.151608][T27239] ? alloc_fd+0x2da/0x6c0 [ 673.153235][T27239] do_sys_openat2+0x176/0x1e0 [ 673.154953][T27239] ? build_open_flags+0x690/0x690 [ 673.156850][T27239] __ia32_compat_sys_openat+0x16e/0x200 [ 673.158873][T27239] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 673.160931][T27239] ? ksys_write+0x1a7/0x250 [ 673.162596][T27239] ? rcu_is_watching+0x12/0xb0 [ 673.164368][T27239] __do_fast_syscall_32+0x61/0xe0 [ 673.166236][T27239] do_fast_syscall_32+0x33/0x70 [ 673.168040][T27239] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 673.170352][T27239] RIP: 0023:0xf7fc8579 [ 673.171866][T27239] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 673.178884][T27239] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 673.181968][T27239] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 673.184874][T27239] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 673.187775][T27239] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 673.190690][T27239] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 673.193609][T27239] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 673.196544][T27239] 13:17:38 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0xfffffff0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:38 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 61) 13:17:38 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0xffffffff, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:38 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0xf, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 673.237281][T27260] FAULT_INJECTION: forcing a failure. 13:17:38 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0xf0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:38 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {0x5}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 673.237281][T27260] name failslab, interval 1, probability 0, space 0, times 0 [ 673.245641][T27260] CPU: 2 PID: 27260 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 673.249241][T27260] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 673.252939][T27260] Call Trace: [ 673.254167][T27260] [ 673.255423][T27260] dump_stack_lvl+0x125/0x1b0 [ 673.257165][T27260] should_fail_ex+0x496/0x5b0 [ 673.258892][T27260] should_failslab+0x9/0x20 [ 673.260600][T27260] __kmem_cache_alloc_node+0x2fd/0x350 [ 673.262573][T27260] ? nfc_llcp_build_tlv+0xfd/0x230 [ 673.264467][T27260] ? kasan_set_track+0x25/0x30 [ 673.266230][T27260] ? nfc_llcp_build_tlv+0xfd/0x230 [ 673.268118][T27260] __kmalloc+0x4f/0x100 [ 673.269656][T27260] nfc_llcp_build_tlv+0xfd/0x230 [ 673.271482][T27260] nfc_llcp_build_gb.isra.0+0x19d/0x410 [ 673.273525][T27260] ? rcu_is_watching+0x12/0xb0 [ 673.275287][T27260] ? lock_release+0x4bf/0x680 [ 673.277038][T27260] ? nfc_llcp_reserve_sdp_ssap+0x120/0x120 [ 673.279151][T27260] ? reacquire_held_locks+0x4b0/0x4b0 [ 673.281146][T27260] ? lockdep_init_map_type+0x16d/0x7c0 [ 673.283150][T27260] nfc_llcp_register_device+0x5c5/0x9d0 [ 673.285190][T27260] nfc_register_device+0x6d/0x3c0 [ 673.287057][T27260] nci_register_device+0x7f4/0xb80 [ 673.288950][T27260] ? nci_init_complete_req+0x410/0x410 13:17:38 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x60000000, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:38 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x300, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:38 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {0x7}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 673.290962][T27260] ? lockdep_init_map_type+0x16d/0x7c0 [ 673.292859][T27260] virtual_ncidev_open+0x147/0x220 [ 673.294526][T27260] ? virtual_ncidev_read+0x4e0/0x4e0 [ 673.296530][T27260] misc_open+0x3da/0x4c0 [ 673.298114][T27260] ? misc_devnode+0x120/0x120 [ 673.299875][T27260] chrdev_open+0x277/0x700 [ 673.301533][T27260] ? __unregister_chrdev+0x100/0x100 [ 673.303488][T27260] ? fsnotify_perm.part.0+0x25d/0x630 [ 673.305477][T27260] ? fsnotify_perm.part.0+0x268/0x630 [ 673.307461][T27260] do_dentry_open+0x88b/0x1730 [ 673.309250][T27260] ? __unregister_chrdev+0x100/0x100 [ 673.311209][T27260] ? may_open+0x1f2/0x400 [ 673.312829][T27260] path_openat+0x19af/0x29c0 [ 673.314554][T27260] ? path_lookupat+0x770/0x770 [ 673.316344][T27260] do_filp_open+0x1de/0x430 [ 673.318039][T27260] ? may_open_dev+0xf0/0xf0 [ 673.319744][T27260] ? expand_files+0x442/0x910 [ 673.321508][T27260] ? _raw_spin_unlock+0x28/0x40 [ 673.323316][T27260] ? alloc_fd+0x2da/0x6c0 [ 673.324929][T27260] do_sys_openat2+0x176/0x1e0 [ 673.326677][T27260] ? build_open_flags+0x690/0x690 [ 673.328542][T27260] __ia32_compat_sys_openat+0x16e/0x200 [ 673.330581][T27260] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 673.332600][T27260] ? ksys_write+0x1a7/0x250 [ 673.334278][T27260] ? rcu_is_watching+0x12/0xb0 [ 673.336059][T27260] __do_fast_syscall_32+0x61/0xe0 [ 673.337931][T27260] do_fast_syscall_32+0x33/0x70 [ 673.339752][T27260] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 673.342079][T27260] RIP: 0023:0xf7fc8579 [ 673.343596][T27260] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 673.350645][T27260] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 673.353718][T27260] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 673.356635][T27260] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 673.359502][T27260] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 673.362411][T27260] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 673.365303][T27260] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 673.368211][T27260] 13:17:38 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 62) 13:17:38 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {0x8}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 673.389643][T27277] FAULT_INJECTION: forcing a failure. [ 673.389643][T27277] name failslab, interval 1, probability 0, space 0, times 0 13:17:38 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x8bec1d55, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) 13:17:38 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x500, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 673.401633][T27277] CPU: 1 PID: 27277 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 13:17:38 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {0xc}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 673.405949][T27277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 673.410731][T27277] Call Trace: [ 673.412311][T27277] [ 673.413709][T27277] dump_stack_lvl+0x125/0x1b0 [ 673.416091][T27277] should_fail_ex+0x496/0x5b0 [ 673.418178][T27277] should_failslab+0x9/0x20 [ 673.420048][T27277] __kmem_cache_alloc_node+0x2fd/0x350 [ 673.422196][T27277] ? nfc_llcp_build_tlv+0xfd/0x230 [ 673.424613][T27277] ? kasan_set_track+0x25/0x30 [ 673.426868][T27277] ? nfc_llcp_build_tlv+0xfd/0x230 [ 673.429272][T27277] __kmalloc+0x4f/0x100 [ 673.431217][T27277] nfc_llcp_build_tlv+0xfd/0x230 [ 673.433291][T27277] nfc_llcp_build_gb.isra.0+0x165/0x410 13:17:38 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {0x22}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 673.435315][T27277] ? rcu_is_watching+0x12/0xb0 [ 673.437252][T27277] ? lock_release+0x4bf/0x680 [ 673.439018][T27277] ? nfc_llcp_reserve_sdp_ssap+0x120/0x120 [ 673.441706][T27277] ? reacquire_held_locks+0x4b0/0x4b0 13:17:39 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x600, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 673.444270][T27277] ? lockdep_init_map_type+0x16d/0x7c0 13:17:39 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x9effffff, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 673.447020][T27277] nfc_llcp_register_device+0x5c5/0x9d0 [ 673.449740][T27277] nfc_register_device+0x6d/0x3c0 [ 673.452162][T27277] nci_register_device+0x7f4/0xb80 [ 673.454559][T27277] ? nci_init_complete_req+0x410/0x410 [ 673.456879][T27277] ? lockdep_init_map_type+0x16d/0x7c0 [ 673.459594][T27277] virtual_ncidev_open+0x147/0x220 [ 673.462067][T27277] ? virtual_ncidev_read+0x4e0/0x4e0 [ 673.464625][T27277] misc_open+0x3da/0x4c0 [ 673.466703][T27277] ? misc_devnode+0x120/0x120 [ 673.468926][T27277] chrdev_open+0x277/0x700 [ 673.471032][T27277] ? __unregister_chrdev+0x100/0x100 [ 673.473473][T27277] ? fsnotify_perm.part.0+0x25d/0x630 [ 673.476038][T27277] ? fsnotify_perm.part.0+0x268/0x630 [ 673.478306][T27277] do_dentry_open+0x88b/0x1730 [ 673.480355][T27277] ? __unregister_chrdev+0x100/0x100 [ 673.482872][T27277] ? may_open+0x1f2/0x400 [ 673.484931][T27277] path_openat+0x19af/0x29c0 [ 673.487093][T27277] ? path_lookupat+0x770/0x770 [ 673.489370][T27277] do_filp_open+0x1de/0x430 [ 673.491509][T27277] ? may_open_dev+0xf0/0xf0 [ 673.493575][T27277] ? expand_files+0x442/0x910 [ 673.495786][T27277] ? _raw_spin_unlock+0x28/0x40 [ 673.498099][T27277] ? alloc_fd+0x2da/0x6c0 [ 673.500145][T27277] do_sys_openat2+0x176/0x1e0 [ 673.502307][T27277] ? build_open_flags+0x690/0x690 [ 673.504640][T27277] __ia32_compat_sys_openat+0x16e/0x200 [ 673.507230][T27277] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 673.509775][T27277] ? ksys_write+0x1a7/0x250 [ 673.511908][T27277] ? rcu_is_watching+0x12/0xb0 [ 673.514184][T27277] __do_fast_syscall_32+0x61/0xe0 [ 673.516563][T27277] do_fast_syscall_32+0x33/0x70 [ 673.518887][T27277] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 673.521707][T27277] RIP: 0023:0xf7fc8579 [ 673.523590][T27277] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 673.531966][T27277] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 673.535835][T27277] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 673.539508][T27277] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 673.543216][T27277] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 673.546908][T27277] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 673.550575][T27277] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 673.554233][T27277] 13:17:39 executing program 0: openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 63) 13:17:39 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:39 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x700, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) 13:17:39 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {0x9, 0x2}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:39 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {0x9, 0x3}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) 13:17:39 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r2, 0x631, 0x0, 0x900, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) [ 673.633008][T27300] FAULT_INJECTION: forcing a failure. [ 673.633008][T27300] name failslab, interval 1, probability 0, space 0, times 0 [ 673.638811][T27300] CPU: 1 PID: 27300 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 13:17:39 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x631, 0x0, 0x0, {0x9, 0x4}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 673.643460][T27300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 673.648306][T27300] Call Trace: [ 673.649877][T27300] [ 673.651274][T27300] dump_stack_lvl+0x125/0x1b0 [ 673.653496][T27300] should_fail_ex+0x496/0x5b0 [ 673.655735][T27300] should_failslab+0x9/0x20 [ 673.657901][T27300] __kmem_cache_alloc_node+0x2fd/0x350 [ 673.660484][T27300] ? kvasprintf_const+0x66/0x190 [ 673.662707][T27300] ? pointer+0xbf0/0xbf0 [ 673.664502][T27300] ? kvasprintf_const+0x66/0x190 [ 673.666541][T27300] __kmalloc_node_track_caller+0x50/0x100 [ 673.668786][T27300] kvasprintf+0xbd/0x150 [ 673.670552][T27300] ? bust_spinlocks+0xe0/0xe0 [ 673.672349][T27300] ? trace_contention_end+0xd6/0x100 [ 673.674714][T27300] ? __mutex_lock+0x25b/0x1340 [ 673.676733][T27300] kvasprintf_const+0x66/0x190 [ 673.678486][T27300] kobject_set_name_vargs+0x5a/0x130 [ 673.680433][T27300] dev_set_name+0xc8/0x100 [ 673.682097][T27300] ? device_initialize+0x510/0x510 [ 673.683991][T27300] ? __init_waitqueue_head+0xca/0x150 [ 673.685961][T27300] rfkill_register+0xeb/0xb00 [ 673.687706][T27300] nfc_register_device+0x11f/0x3c0 [ 673.689606][T27300] nci_register_device+0x7f4/0xb80 [ 673.691490][T27300] ? nci_init_complete_req+0x410/0x410 [ 673.693495][T27300] ? lockdep_init_map_type+0x16d/0x7c0 [ 673.695499][T27300] virtual_ncidev_open+0x147/0x220 [ 673.697374][T27300] ? virtual_ncidev_read+0x4e0/0x4e0 [ 673.699306][T27300] misc_open+0x3da/0x4c0 [ 673.700898][T27300] ? misc_devnode+0x120/0x120 [ 673.702626][T27300] chrdev_open+0x277/0x700 [ 673.704285][T27300] ? __unregister_chrdev+0x100/0x100 [ 673.706226][T27300] ? fsnotify_perm.part.0+0x25d/0x630 [ 673.708209][T27300] ? fsnotify_perm.part.0+0x268/0x630 [ 673.710190][T27300] do_dentry_open+0x88b/0x1730 [ 673.711975][T27300] ? __unregister_chrdev+0x100/0x100 [ 673.713931][T27300] ? may_open+0x1f2/0x400 [ 673.715540][T27300] path_openat+0x19af/0x29c0 [ 673.717279][T27300] ? path_lookupat+0x770/0x770 [ 673.719059][T27300] do_filp_open+0x1de/0x430 [ 673.720767][T27300] ? may_open_dev+0xf0/0xf0 [ 673.722448][T27300] ? expand_files+0x442/0x910 [ 673.724188][T27300] ? _raw_spin_unlock+0x28/0x40 [ 673.725966][T27300] ? alloc_fd+0x2da/0x6c0 [ 673.727556][T27300] do_sys_openat2+0x176/0x1e0 [ 673.729302][T27300] ? build_open_flags+0x690/0x690 [ 673.731130][T27300] __ia32_compat_sys_openat+0x16e/0x200 [ 673.733166][T27300] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 673.735286][T27300] ? ksys_write+0x1a7/0x250 [ 673.736975][T27300] ? rcu_is_watching+0x12/0xb0 [ 673.738719][T27300] __do_fast_syscall_32+0x61/0xe0 [ 673.740572][T27300] do_fast_syscall_32+0x33/0x70 [ 673.742350][T27300] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 673.744652][T27300] RIP: 0023:0xf7fc8579 [ 673.746099][T27300] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 673.753060][T27300] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 13:17:39 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0xf0ffffff, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) [ 673.756442][T27300] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 673.759823][T27300] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 673.762752][T27300] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 673.765686][T27300] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 673.768626][T27300] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 673.771539][T27300] [ 673.775152][T27300] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN [ 673.779447][T27300] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 673.782540][T27300] CPU: 1 PID: 27300 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11938-g65d6e954e378 #0 [ 673.786953][T27300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 673.791226][T27300] RIP: 0010:strchr+0x1b/0xb0 [ 673.793061][T27300] Code: f6 ad f7 48 8b 74 24 08 48 8b 14 24 eb 89 90 f3 0f 1e fa 48 b8 00 00 00 00 00 fc ff df 48 89 fa 55 48 c1 ea 03 53 48 83 ec 10 <0f> b6 04 02 48 89 fa 83 e2 07 38 d0 7f 04 84 c0 75 51 0f b6 07 89 [ 673.800697][T27300] RSP: 0018:ffffc9002810f5d0 EFLAGS: 00010282 [ 673.802927][T27300] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90004dda000 [ 673.805827][T27300] RDX: 0000000000000000 RSI: 0000000000000025 RDI: 0000000000000000 [ 673.808737][T27300] RBP: ffffc9002810f660 R08: 0000000000000001 R09: 0000000000000000 [ 673.811625][T27300] R10: 0000000000000001 R11: 3030303030302052 R12: ffffc9002810f660 [ 673.814518][T27300] R13: 0000000000000cc0 R14: ffff8880269f7018 R15: 0000000000000001 [ 673.817410][T27300] FS: 0000000000000000(0000) GS:ffff88802c700000(0063) knlGS:00000000f7fc3b40 [ 673.820690][T27300] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 673.823117][T27300] CR2: 00000000f737c0c4 CR3: 0000000023e03000 CR4: 0000000000350ee0 [ 673.826030][T27300] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 673.828911][T27300] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 673.831822][T27300] Call Trace: [ 673.833061][T27300] [ 673.834150][T27300] ? show_regs+0x8f/0xa0 [ 673.835717][T27300] ? die_addr+0x4f/0xd0 [ 673.837273][T27300] ? exc_general_protection+0x154/0x230 [ 673.839302][T27300] ? asm_exc_general_protection+0x26/0x30 [ 673.841426][T27300] ? strchr+0x1b/0xb0 [ 673.842898][T27300] ? lock_release+0x4bf/0x680 [ 673.844642][T27300] kvasprintf_const+0x25/0x190 [ 673.846403][T27300] kobject_set_name_vargs+0x5a/0x130 [ 673.848350][T27300] kobject_add+0x12a/0x240 [ 673.849989][T27300] ? kset_create_and_add+0x190/0x190 [ 673.852276][T27300] ? do_raw_spin_unlock+0x173/0x230 [ 673.854386][T27300] ? kobject_put+0xbe/0x440 [ 673.856226][T27300] device_add+0x290/0x1ac0 [ 673.857919][T27300] ? device_initialize+0x510/0x510 [ 673.859825][T27300] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 673.862410][T27300] ? __init_waitqueue_head+0xca/0x150 [ 673.864380][T27300] rfkill_register+0x1a9/0xb00 [ 673.866137][T27300] nfc_register_device+0x11f/0x3c0 [ 673.868024][T27300] nci_register_device+0x7f4/0xb80 [ 673.869897][T27300] ? nci_init_complete_req+0x410/0x410 [ 673.871920][T27300] ? lockdep_init_map_type+0x16d/0x7c0 [ 673.874025][T27300] virtual_ncidev_open+0x147/0x220 [ 673.876093][T27300] ? virtual_ncidev_read+0x4e0/0x4e0 [ 673.878308][T27300] misc_open+0x3da/0x4c0 [ 673.880069][T27300] ? misc_devnode+0x120/0x120 [ 673.881859][T27300] chrdev_open+0x277/0x700 [ 673.883492][T27300] ? __unregister_chrdev+0x100/0x100 [ 673.885437][T27300] ? fsnotify_perm.part.0+0x25d/0x630 [ 673.887404][T27300] ? fsnotify_perm.part.0+0x268/0x630 [ 673.889371][T27300] do_dentry_open+0x88b/0x1730 [ 673.891133][T27300] ? __unregister_chrdev+0x100/0x100 [ 673.893088][T27300] ? may_open+0x1f2/0x400 [ 673.894674][T27300] path_openat+0x19af/0x29c0 [ 673.896414][T27300] ? path_lookupat+0x770/0x770 [ 673.898182][T27300] do_filp_open+0x1de/0x430 [ 673.899880][T27300] ? may_open_dev+0xf0/0xf0 [ 673.901554][T27300] ? expand_files+0x442/0x910 [ 673.903297][T27300] ? _raw_spin_unlock+0x28/0x40 [ 673.905089][T27300] ? alloc_fd+0x2da/0x6c0 [ 673.906788][T27300] do_sys_openat2+0x176/0x1e0 [ 673.908637][T27300] ? build_open_flags+0x690/0x690 [ 673.910486][T27300] __ia32_compat_sys_openat+0x16e/0x200 [ 673.912515][T27300] ? __x64_compat_sys_open+0x1d0/0x1d0 [ 673.914507][T27300] ? ksys_write+0x1a7/0x250 [ 673.916266][T27300] ? rcu_is_watching+0x12/0xb0 [ 673.918064][T27300] __do_fast_syscall_32+0x61/0xe0 [ 673.919949][T27300] do_fast_syscall_32+0x33/0x70 [ 673.921734][T27300] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 673.924170][T27300] RIP: 0023:0xf7fc8579 [ 673.925844][T27300] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 673.933173][T27300] RSP: 002b:00000000f7fc35ac EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 673.936253][T27300] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000080 [ 673.939241][T27300] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 673.942162][T27300] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 673.945054][T27300] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 673.947961][T27300] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 673.950840][T27300] [ 673.951995][T27300] Modules linked in: [ 673.956253][T27300] ---[ end trace 0000000000000000 ]--- [ 673.958517][T27300] RIP: 0010:strchr+0x1b/0xb0 [ 673.960439][T27300] Code: f6 ad f7 48 8b 74 24 08 48 8b 14 24 eb 89 90 f3 0f 1e fa 48 b8 00 00 00 00 00 fc ff df 48 89 fa 55 48 c1 ea 03 53 48 83 ec 10 <0f> b6 04 02 48 89 fa 83 e2 07 38 d0 7f 04 84 c0 75 51 0f b6 07 89 [ 673.968161][T27300] RSP: 0018:ffffc9002810f5d0 EFLAGS: 00010282 [ 673.970512][T27300] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90004dda000 [ 673.973673][T27300] RDX: 0000000000000000 RSI: 0000000000000025 RDI: 0000000000000000 [ 673.976835][T27300] RBP: ffffc9002810f660 R08: 0000000000000001 R09: 0000000000000000 [ 673.979858][T27300] R10: 0000000000000001 R11: 3030303030302052 R12: ffffc9002810f660 [ 673.983373][T27300] R13: 0000000000000cc0 R14: ffff8880269f7018 R15: 0000000000000001 [ 673.986303][T27300] FS: 0000000000000000(0000) GS:ffff88802c800000(0063) knlGS:00000000f7fc3b40 [ 673.989615][T27300] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 673.992124][T27300] CR2: 000000002fc25000 CR3: 0000000023e03000 CR4: 0000000000350ee0 [ 673.995046][T27300] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 673.997952][T27300] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 674.000875][T27300] Kernel panic - not syncing: Fatal exception [ 674.003870][T27300] Kernel Offset: disabled [ 674.005484][T27300] Rebooting in 86400 seconds.. VM DIAGNOSIS: 13:17:39 Registers: info registers vcpu 0 CPU#0 RAX=0000000080000001 RBX=ffffffff8f4c1fc8 RCX=0000000000000000 RDX=ffff8880235da400 RSI=ffffffff813a0f20 RDI=0000000000000006 RBP=ffffffff8f4c1fc4 RSP=ffffc90002d4f870 R8 =0000000000000006 R9 =ffffffff8a60008a R10=ffffffff8a600041 R11=0000000000000000 R12=ffffffff8a60008a R13=ffffffff8a600041 R14=dffffc0000000000 R15=ffffffff8f4c1fc4 RIP=ffffffff8187a40b RFL=00000297 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fa25e8cd280 ffffffff 00c00000 GS =0000 ffff88802c600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f737c0c4 CR3=0000000019a7b000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000004080 Opmask01=0000000000000000 Opmask02=000000000000ffdf Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc92d62ec0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000ff0000 00ff000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffff0000000000ff ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73730cd12dd4c8a3 73730cd12dd4c8a3 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737392 737326044b50ea73 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 44455a494c414954 494e495f43455355 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6f742079617272 6120656c75722079 7261726f706d6574 002a3f005b3f2a00 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a4a51055c445757 440540495057055c 5744574a55484051 000f1a005b1a0f00 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000031 003538336c6c696b 66722f3263666e2f 63666e2f6c617574 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00004e4f49544341 0000000000000021 000000307968702f ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 647e65387673716a 6576647e65345653 595a54571054455c 52465e45661e4355 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7f7f777f7e7b7f7f 7f7f777f77777f7f 7f7f7c7f777f7f7f 777f7e7f7f7f7b77 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2c30302c302c3030 2c302c30302c302c 30302c302c30302c 3000313030302c37 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2c302c2c2c2c302c 2c2c2c302c2c2c2c 302c2c2c2c302c2c 2c00302c302c2c30 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000035 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff849aa015 RDI=ffffffff92551140 RBP=ffffffff92551100 RSP=ffffc9002810ef90 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=502031203a555043 R12=0000000000000000 R13=0000000000000035 R14=ffffffff849a9fb0 R15=0000000000000000 RIP=ffffffff849aa03f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c700000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f737c0c4 CR3=0000000023e03000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffff88802c83d840 RCX=0000000000000000 RDX=ffff88801b5c4800 RSI=ffffffff817c363d RDI=0000000000000005 RBP=ffffc90003befbd0 RSP=ffffc90003befac0 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=ffffffff8cbb63e8 R12=1ffff9200077df5c R13=0000000000000001 R14=0000000000000003 R15=ffffed1005907b09 RIP=ffffffff817c3643 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002fc25000 CR3=000000001cf59000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008000000 Opmask01=00000000fffffff8 Opmask02=0000000000000001 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffec43d8e50 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6565656565656565 6565656565656565 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffff0000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f6e3a6d5e007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f4b1f485e005600 0b56000041000b56 000040494a564b4a 460a5340410a000a ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000a3030 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=0000000000000004 RCX=ffffffff842de781 RDX=ffff888016fb4800 RSI=0000000000000000 RDI=0000000000000006 RBP=ffffc90003517fb0 RSP=ffffc900010fee50 R8 =0000000000000006 R9 =0000000000000000 R10=0000084000000000 R11=0000000000000001 R12=dffffc0000000000 R13=0000084000000000 R14=0000084000000000 R15=0000000000000000 RIP=ffffffff842de781 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7ea5ea0 CR3=000000007102b000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000